function create() { if (!FORDEV) { return $this->showAccessDenied(); } $aData = $this->input->postm(array('title' => TYPE_STR, 'type' => TYPE_UINT, 'keyword' => TYPE_STR)); if (bff::$isPost) { if (empty($aData['title'])) { $this->errors->set(_t('services', 'Название услуги указано некорректно')); } if (empty($aData['keyword'])) { $this->errors->set(_t('services', 'Keyword услуги указан некорректно')); } else { $aKeywordExists = $this->db->one_array('SELECT id, title FROM ' . TABLE_SERVICES . ' WHERE keyword = ' . $this->db->str2sql($aData['keyword'])); if (!empty($aKeywordExists)) { $this->errors->set(_t('services', 'Указанный keyword уже используется услугой "[title]"', array('title' => $aKeywordExists['title']))); } } if ($this->errors->no()) { $aSettings = array(); $aSettings = serialize($aSettings); $res = $this->db->execute('INSERT INTO ' . TABLE_SERVICES . ' (type, keyword, title, settings, enabled) VALUES(' . $aData['type'] . ', :keyword, :title, :settings, 1)', array(':keyword' => $aData['keyword'], ':title' => $aData['title'], ':settings' => $aSettings)); $this->adminRedirect(!empty($res) ? Errors::SUCCESS : Errors::IMPOSSIBLE, 'settings'); } $aData = func::array_2_htmlspecialchars($aData, array('title', 'keyword')); } return $this->tplFetchPHP($aData, 'admin.create.php'); }
function cities_edit() { if (!$this->haveAccessTo('cities')) { return $this->showAccessDenied(); } if (!($nRecordID = $this->input->id())) { $this->adminRedirect(Errors::UNKNOWNRECORD, 'cities_listing_main'); } $aData = $this->db->one_array('SELECT C.*, C.city_id as id, COUNT(U.user_id) as users FROM ' . TABLE_CITY . ' C LEFT JOIN ' . TABLE_USERS . ' U ON U.city_id = C.city_id WHERE C.city_id=' . $nRecordID . ' GROUP BY C.city_id LIMIT 1'); if (empty($aData)) { $this->adminRedirect(Errors::IMPOSSIBLE, 'cities_listing_main'); } if (func::isPostMethod()) { $this->input->postm(array('region_id' => TYPE_UINT, 'ycoords' => TYPE_STR, 'enabled' => TYPE_BOOL, 'main' => TYPE_BOOL, 'title' => TYPE_STR, 'keyword' => TYPE_STR), $aData, array('title', 'keyword', 'region_id')); if ($this->errors->no()) { $this->db->execute('UPDATE ' . TABLE_CITY . ' SET region_id = ' . $aData['region_id'] . ', ycoords = ' . $this->db->str2sql($aData['ycoords']) . ', title = ' . $this->db->str2sql($aData['title']) . ', keyword = ' . $this->db->str2sql($aData['keyword']) . ', main = ' . $aData['main'] . ', enabled = ' . $aData['enabled'] . ' WHERE city_id = ' . $nRecordID . ' LIMIT 1'); $this->adminRedirect(Errors::SUCCESS, 'cities_listing_main'); } func::array_2_htmlspecialchars($aData); } $aData['regions_options'] = $this->geoOblastOptions($aData['region_id']); $aData['cregions'] = $this->db->select('SELECT R.*, COUNT(U.user_id) as users FROM ' . TABLE_REGION . ' R LEFT JOIN ' . TABLE_USERS . ' U ON R.region_id=U.region_id WHERE R.city_id = ' . $nRecordID . ' GROUP BY R.region_id ORDER BY R.title'); $aData['edit'] = true; $this->tplAssign('aData', $aData); $this->adminCustomCenterArea(); $this->includeJS(array(GEO_YMAPS_JS . '&loadByRequire=1'), false, false); return $this->tplFetch('admin.cities.form.tpl'); }
function edit() { if (!$this->haveAccessTo('edit')) { return $this->showAccessDenied(); } if (($nRecordID = Func::POSTGET('rec', false, true)) <= 0) { $this->adminRedirect(Errors::IMPOSSIBLE); } $aData = array('pid_options' => ''); if (Func::isPostMethod()) { $sMenuTitle = Func::POST('menu_title', true); $sKeyword = Func::POST('keyword', true); $sMetaKeywords = Func::POST('mkeywords', true); $sMetaDescription = Func::POST('mdescription', true); $sMenuTarget = Func::POST('menu_target'); if (!in_array($sMenuTarget, array('_self', '_blank'))) { $sMenuTarget = '_self'; } $sMenuLink = Func::POST('menu_link', true); if (!$sMenuTitle || !trim($sMenuTitle)) { $this->errors->set('empty:title'); } if ($this->errors->no()) { $sQuery = 'UPDATE ' . TABLE_SITEMAP . ' SET menu_title = ' . $this->db->str2sql($sMenuTitle) . ', ' . (FORDEV ? 'keyword = ' . $this->db->str2sql($sKeyword) . ', ' : '') . ' menu_link = ' . $this->db->str2sql($sMenuLink) . ', menu_target=' . $this->db->str2sql($sMenuTarget) . ', mkeywords = ' . $this->db->str2sql($sMetaKeywords) . ', mdescription = ' . $this->db->str2sql($sMetaDescription) . ' WHERE node_id=' . $nRecordID; $this->db->execute($sQuery); $this->adminRedirect(Errors::SUCCESSFULL); } $aData = $_POST; $aData['id'] = $nRecordID; } else { $sQuery = 'SELECT * FROM ' . TABLE_SITEMAP_TREE . ' T, ' . TABLE_SITEMAP . ' I WHERE T.id=' . $nRecordID . ' AND I.node_id = T.id'; $aData = $this->db->one_array($sQuery); $aData = func::array_2_htmlspecialchars($aData); } $aParentsID = $this->tree_getNodeParentsID($aData['id']); if (!empty($aParentsID)) { $sQuery = 'SELECT menu_title FROM ' . TABLE_SITEMAP_TREE . ' T, ' . TABLE_SITEMAP . ' I WHERE id IN (' . implode(',', $aParentsID) . ') AND I.node_id = T.id ORDER BY T.id'; $aData['pid_options'] = '' . ucwords(implode(' > ', $this->db->select_one_column($sQuery))) . ''; } $this->tplAssign('aData', $aData); $this->tplAssign('target_options', $this->getTargetsOptions($this->aTargets, $aData['menu_target'])); $this->tplAssign('rec', $nRecordID); return $this->tplFetch('admin.edit.tpl'); }
function mod_edit() { if (!$this->haveAccessTo('users-edit')) { return $this->showAccessDenied(); } if (!($nRecordID = $this->input->id())) { $this->adminRedirect(Errors::IMPOSSIBLE, 'listing'); } $sTUID = func::GET('tuid'); if (!$this->checkTUID($sTUID, $nRecordID)) { return $this->showAccessDenied(); } $aData = array('admin' => 0); #анализируем группы, в которые входит пользователь $bUserSuperadmin = 0; $aUserGroups = $this->getUserGroups($nRecordID); foreach ($aUserGroups as $v) { if ($v['group_id'] == self::GROUPID_SUPERADMIN) { $bUserSuperadmin = 1; } if ($v['adminpanel'] == 1) { $aData['admin'] = 1; } } if (bff::$isPost) { $this->input->postm(array('name' => TYPE_STR, 'email' => TYPE_STR, 'changepass' => TYPE_BOOL, 'password' => TYPE_STR, 'balance' => TYPE_NUM, 'skype' => TYPE_STR, 'email2' => TYPE_STR, 'phone' => TYPE_STR, 'group_id' => TYPE_ARRAY_INT, 'cat' => TYPE_ARRAY_UINT), $aData); if (!$aData['admin']) { //удаляем настройки предназначенные для админов unset($aData['im_noreply']); } if (empty($aData['email'])) { $this->errors->set('empty:email'); } elseif (!func::IsEmailAddress($aData['email'])) { $this->errors->set('wrong:email'); } if ($aData['changepass']) { if (empty($aData['password'])) { $this->errors->set('empty:password'); } else { $aData['password'] = $this->security->getUserPasswordMD5($aData['password']); } } else { unset($aData['password']); } // if($aData['city_id']<=0) // $this->errors->set('wrong:city'); $aGroupID = $aData['group_id']; $aData['email_hash'] = func::getEmailHash($aData['email']); if ($this->isEmailExists($aData['email_hash'], $nRecordID)) { $this->errors->set('email_exist'); } if ($this->errors->no()) { #update user data unset($aData['changepass'], $aData['group_id']); $aData['member'] = in_array(self::GROUPID_MEMBER, $aGroupID) ? 1 : 0; $aData['cat'] = join(',', $aData['cat']); $this->userUpdate($nRecordID, $aData); $avatar = new CAvatar(TABLE_USERS, USERS_AVATAR_PATH, 'avatar', 'user_id'); $avatar->update($nRecordID, true, true); #set user groups if ($bUserSuperadmin && !in_array(self::GROUPID_SUPERADMIN, $aGroupID)) { $aGroupID = array_merge($aGroupID, array(self::GROUPID_SUPERADMIN)); } $this->assignUser2Groups($nRecordID, $aGroupID); #обновляем, является ли юзер администратором $bIsAdmin = 0; if ($this->errors->no()) { if ($bUserSuperadmin || in_array(self::GROUPID_MODERATOR, $aGroupID)) { $bIsAdmin = 1; } elseif (count($aGroupID) == 1 && current($aGroupID) == self::GROUPID_MEMBER) { $bIsAdmin = 0; } else { $aUserGroups = $this->getUserGroups($nRecordID); foreach ($aUserGroups as $v) { if ($v['adminpanel'] == 1) { $bIsAdmin = 1; break; } } } if ($aData['admin'] != $bIsAdmin) { $sQuery = ', im_noreply = 0'; $this->db->execute('UPDATE ' . TABLE_USERS . ' SET admin=' . $bIsAdmin . (!$bIsAdmin ? $sQuery : '') . ' WHERE user_id=' . $nRecordID); } } #если пользователь редактирует собственные настройки if ($this->security->isCurrentUser($nRecordID)) { $this->security->expire(); } $this->adminRedirect(Errors::SUCCESSFULL, (!func::GET('members') ? 'admin_' : '') . 'listing'); } $aActiveGroupsID = $aGroupID; } else { $aActiveGroupsID = array(); for ($j = 0; $j < count($aUserGroups); $j++) { $aActiveGroupsID[] = $aUserGroups[$j]['group_id']; } } $aUserInfo = $this->db->one_array('SELECT U.*, C.title as city, R.region_id, R.title as region FROM ' . TABLE_USERS . ' U LEFT JOIN ' . TABLE_CITY . ' C ON U.city_id=C.city_id LEFT JOIN ' . TABLE_REGION . ' R ON C.region_id=R.region_id WHERE U.user_id=' . $nRecordID . ' LIMIT 1'); $aData = func::array_2_htmlspecialchars(array_merge($aUserInfo, $aData), null, true); $aData['social_link'] = ''; if ($aData['social']) { switch ($aData['social']) { case 'vk': $aData['social_link'] = 'http://vkontakte.ru/id' . $aData['vk_id']; } } //assign groups $exists_options = $active_options = ''; $aGroupsExlude = array(USERS_GROUPS_MEMBER); if (!$bUserSuperadmin) { $aGroupsExlude[] = USERS_GROUPS_SUPERADMIN; } $aGroups = $this->getGroups($aGroupsExlude); for ($i = 0; $i < count($aGroups); $i++) { if (in_array($aGroups[$i]['group_id'], $aActiveGroupsID)) { $active_options .= '<option value="' . $aGroups[$i]['group_id'] . '" style="color:' . $aGroups[$i]['color'] . ';">' . $aGroups[$i]['title'] . '</option>'; } else { $exists_options .= '<option value="' . $aGroups[$i]['group_id'] . '" style="color:' . $aGroups[$i]['color'] . ';">' . $aGroups[$i]['title'] . '</option>'; } } $this->tplAssignByRef('exists_options', $exists_options); $this->tplAssignByRef('active_options', $active_options); //$aData['city_options'] = bff::i()->Sites_geoCityOptions($aData['city_id'], 'edit'); $aData['cat'] = explode(',', $aData['cat']); $this->tplAssign('aCategories', $this->getBBSCategories($aData['cat'])); $aData['superadmin'] = $bUserSuperadmin; $aData['tuid'] = $sTUID; $aData['edit'] = true; $this->tplAssignByRef('aData', $aData); return $this->tplFetch('admin.mod.form.tpl'); }
function categories_edit() { if (!$this->haveAccessTo('categories-edit')) { return $this->showAccessDenied(); } if (($nRecordID = func::GETPOST('rec', false, true)) <= 0) { $this->adminRedirect(Errors::IMPOSSIBLE, 'categories_listing'); } $aData = $this->db->one_array('SELECT id, title FROM ' . TABLE_FAQ_CATEGORIES . ' WHERE id=' . $nRecordID . ' LIMIT 1'); if (!$aData) { $this->adminRedirect(Errors::IMPOSSIBLE, 'categories_listing'); } if (func::isPostMethod()) { $aData['title'] = func::POST('title', true); if (empty($aData['title'])) { $this->errors->set('empty:title'); } if ($this->errors->no()) { $this->db->execute('UPDATE ' . TABLE_FAQ_CATEGORIES . ' SET title=' . $this->db->str2sql($aData['title']) . ' WHERE id=' . $nRecordID); $this->adminRedirect(Errors::SUCCESSFULL, 'categories_listing'); } } $this->tplAssign('aData', func::array_2_htmlspecialchars($aData, array('title'))); return $this->tplFetch('admin.categories.form.tpl'); }