function verify_user($userArray)
{
if (!(isset($userArray['user_id']) || (isset($userArray['username']) || isset($userArray['email'])) && (isset($userArray['password']) || isset($userArray['token'])))) {
throw new Exception("Must provide (username or email) and password.");
}
//set variables
$user_id = isset($userArray['user_id']) ? $userArray['user_id'] : NULL;
$username = isset($userArray['username']) ? $userArray['username'] : NULL;
$email = isset($userArray['email']) ? $userArray['email'] : NULL;
$password = isset($userArray['password']) ? $userArray['password'] : NULL;
$token = isset($userArray['token']) ? $userArray['token'] : NULL;
if (isset($token)) {
$user_id = VerifyToken($token, $user_id, $username);
if ($user_id === FALSE) {
throw new Exception("Your session has expired. Please log in again.");
}
$token = $token;
}
$dbh = new PDOConnection();
// Could not verify by token, try by username/email and password
if (empty($user_id)) {
$row = GetUserInfo($dbh, $username, $email, $password);
//user verified, return proper landing page content
$user_id = $row['id'];
$token = GenerateToken($username, $password);
StoreToken($username, $token);
}
return array_merge(GetLandingPageContent($dbh, $user_id), array('token' => $token));
}
function AdminAuditLog()
{
AddCenterBox('Лог действий администраторов');
$query = System::database()->Select('audit', '');
$count = count($query);
if ($count > 0) {
if (isset($_GET['page'])) {
$page = SafeEnv($_GET['page'], 10, int);
} else {
$page = 1;
}
SortArray($query, 'date', true);
$num = 25;
if ($count > $num) {
$navigator = new Navigation($page);
$navigator->GenNavigationMenu($query, $num, ADMIN_FILE . '?exe=audit&a=log');
$nav = true;
} else {
$nav = false;
}
$text = '<table cellspacing="0" cellpadding="0" class="cfgtable">';
$text .= Indent('<tr>
<th>Пользователь</th>
<th>Действие</th>
<th>Дата</th>
<th>IP</th>
</tr>');
foreach ($query as $q) {
$user = GetUserInfo(SafeDB($q['user'], 11, int));
$date = TimeRender(SafeDB($q['date'], 11, int));
$action = SafeDB($q['action'], 255, str);
$action = nl2br(str_replace(array(' ', "\t"), array(' ', ' '), $action));
$ip = SafeDB($q['ip'], 255, str);
$text .= '<tr>
<td>' . System::admin()->Link(SafeDB($user['name'], 50, str), ADMIN_FILE . '?exe=admins&a=editadmin&id=' . SafeDB($user['id'], 11, int)) . '</td>
<td style="text-align: left;">' . $action . '</td>
<td>' . $date . '</td>
<td>' . $ip . '</td>
</tr>';
}
$text .= '</table>';
$text .= System::admin()->SpeedConfirm('Очистить лог', ADMIN_FILE . '?exe=audit&a=clear_log', '', 'Очистить лог действий администраторов?', true, true);
AddText($text);
if ($nav) {
AddNavigation();
}
} else {
System::admin()->Highlight('Администраторы не произвели никаких действий.');
}
}
function GetUserRole(&$ldap, &$ldap_connection)
{
global $admin_list, $user_list;
if (count($admin_list) > 0 || count($user_list) > 0) {
$user = GetUserInfo($ldap, $ldap_connection);
$primary_group = GetUserPrimaryGroupName($ldap, $user, $ldap_connection);
if (IsUserInRoleArray($ldap, $admin_list, $user, $primary_group, $ldap_connection)) {
return "admin";
}
if (IsUserInRoleArray($ldap, $user_list, $user, $primary_group, $ldap_connection)) {
return "user";
}
}
return "none";
}
function Pretest()
{
global $qcount;
global $uid;
//chk onlne
if (!is_online()) {
echo ': APPLICATION OFFLINE';
}
//TestEnd();
$loggedInUser = $_SESSION["userCakeUser"];
$_SESSION['mode'] = 'train';
$uid = $loggedInUser->user_id;
$_SESSION['uid'] = $uid;
GetUserInfo();
GetMyBattingside();
ChkStarted();
ChkConnect();
if (!isset($_SESSION['curquest'])) {
$_SESSION['curquest'] = 1;
}
echo '<a href="op/views/index.html" class="btn btn-primary"> START</a>';
}
function IndexForumUserTopics()
{
global $forum_lang;
$forums_tree = ForumTree::Instance();
// Проверка данных
if (isset($_GET['user'])) {
$user_id = SafeEnv($_GET['user'], 11, int);
$user = GetUserInfo($user_id);
if ($user === false) {
// Пользователь не найден
System::site()->AddTextBox($forum_lang['error'], $forum_lang['error_no_user']);
return;
}
} else {
System::site()->AddTextBox($forum_lang['error'], $forum_lang['error_no_data']);
// Нет параметра
return;
}
// Параметры постраничной навигации
if (isset($_GET['page'])) {
$page = SafeEnv($_GET['page'], 11, int);
} else {
$page = 1;
}
$topics_on_page = System::config('forum/topics_on_page');
// Устанавливаем заголовок страницы
$function_title = $forum_lang['allusertopics'] . ' "' . $user['name'] . '"';
System::site()->SetTitle(SafeDB($function_title, 255, str) . ' - ' . ($page > 1 ? $forum_lang['page'] . $page . ' - ' : '') . $forum_lang['forum']);
$forum_nav_url = Ufu('index.php?name=forum&op=usertopics&user='******'forum/usertopics/{user}-{page}/', true);
//$forum_url = Ufu('index.php?name=forum&op=usertopics&user='******'forum/usertopics/{user}/');
// Объекты статистики и онлайн
$statistics = ForumStatistics::Instance();
$online = ForumOnline::Instance('0', '0', true);
// Обновляем статус онлайн
// Инициализируем статистику
$statistics->Initialize($forum_lang['statistics_cat']);
// Хлебные крошки
System::site()->BreadCrumbAdd($function_title);
$auth = System::user()->Auth;
$is_admin = System::user()->isAdmin();
$current_user_id = System::user()->Get('u_id');
// Загружаем данные корзины для видимых топиков
$basket = ForumBasketGetData('forum_basket_topics');
// Загружаем информацию по топикам в $topics_data и считаем статистику (кэшировать статистику)
$topics_data = ForumCacheGetTopics();
// Запрашиваем данные тем (агрегированы по форумам)
$topics = array();
// Сюда будем добавлять топики для вывода
$resolve_cats = $forums_tree->GetAllAccessForumId(0);
// Считаем только в открытых для доступа форумах
foreach ($resolve_cats as $resolve_cat) {
if (!isset($topics_data[$resolve_cat])) {
continue;
}
foreach ($topics_data[$resolve_cat] as $topic) {
// Отсеиваем
if ($topic['starter_id'] == $user_id) {
// Добавляем данные из корзины, если топик удалён в корзину
$topic['status'] = '';
$topic['show_delete'] = $is_admin;
if ($topic['delete'] && isset($basket[$topic['id']]) && $auth && ($is_admin || $topic['starter_id'] == $current_user_id)) {
// Добавляем сообщение - "Удалено в корзину"
$topic['status'] = ForumBasketRender($topic['id'], $topic['title'], $basket, false);
$topic['show_delete'] = false;
} elseif ($topic['delete']) {
continue;
// Удалён топик и корзина не показывается для этого пользователя
}
$statistics->hits += $topic['hits'];
$statistics->AddTopicAuthor($topic['starter_id'], $topic['starter_name']);
$statistics->topics_count += 1;
$statistics->reply_count += $topic['posts'];
$topics[] = $topic;
}
}
}
unset($topics_data);
// Заголовки (Темы, Ответов, Просмотры)
System::site()->AddBlock('statistik', true, false, 'stat');
System::site()->SetVars('statistik', array('count_read' => ''));
// Отключаем некоторые блоки
System::site()->AddBlock('topic_form', false, false, 'form');
System::site()->AddBlock('topic_right', false, false, 'topic');
System::site()->AddBlock('forum', false);
System::site()->AddBlock('forum_guest_message', false);
// Блоки шаблона
// Ссылки, Отметить все как прочитанные и показать все не прочитанные темы.
$vars_is_forum_member = array();
$vars_is_forum_member['url'] = '<a href="' . Ufu('index.php?name=forum&op=markread', 'forum/markread/') . '">' . $forum_lang['mark_all_read'] . '</a>';
$vars_is_forum_member['viewnoreadurl'] = '<a href="' . Ufu('index.php?name=forum&op=viewnoread', 'forum/viewnoread/') . '">' . $forum_lang['viewnoread'] . '</a>';
$vars_is_forum_member['forum_id'] = '0';
if (!System::site()->HasBlock('is_forum_member')) {
System::site()->AddBlock('is_forum_member', AccessIsResolved(2), false, 'mark');
}
System::site()->SetVars('is_forum_member', $vars_is_forum_member);
// Последние темы форума
System::site()->AddBlock('old', true, false, 'mark');
$vars_old = array();
$vars_old['lasttopics'] = '<a href="' . Ufu('index.php?name=forum&op=lasttopics', 'forum/lasttopics/') . '">' . $forum_lang['lasttopics'] . '</a>';
System::site()->SetVars('old', $vars_old);
// Блок списка топиков
System::site()->AddBlock('topics', true, true, 'topic');
// Инициализируем постраничную навигацию
$navigation = new Navigation($page);
$navigation->FrendlyUrl = System::config('general/ufu');
// Выводим топики в шаблон
if (count($topics) == 0) {
// В этом форуме пока нет ни одной темы
System::site()->AddBlock('no_topics', true);
$navigation->DisableNavigation();
} else {
// Вывод постраничной навигации
$navigation->GenNavigationMenu($topics, $topics_on_page, $forum_nav_url);
// Загружаем данные о прочтении тем
$read_data = Forum_Marker_GetReadData();
$visable_topics = false;
// Вывод тем из этой категории с постраничной навигацией
foreach ($topics as $topic) {
$forum_config = $forums_tree->GetForumConfigRecursive($topic['forum_id']);
// Конфигурация просматриваемого форума
// Статус прочитано
$read = true;
// прочитано
if ($auth && (!isset($read_data[$topic['id']]) || $topic['last_post'] > $read_data[$topic['id']]['date'])) {
$read = false;
}
$topic = ForumTopicFilterData($topic);
// Фильтрация данных топика
$topic['on'] = !$read;
$topic['off'] = $read;
if (!$topic['close']) {
$topic['close'] = $forum_config['close'];
$topic['begin'] = !$forum_config['close'];
}
$topic['page'] = $page;
$visable_topics = true;
System::site()->AddSubBlock('topics', true, $topic);
}
System::site()->AddBlock('no_topics', !$visable_topics);
}
// Блоки модерации
ModerationForumTopicsBlocks();
// Подключаем шаблон
System::site()->AddTemplatedBox('', 'module/forum_topics.html');
// Выводм блок онлайн
$online->Render('0', '0', $forum_lang['all_online'], 'forum_topics_online');
// Выводим статистику
$statistics->Render('forum_topics_statistics');
// Выбор периода и быстрый переход
ForumQuickTransitionBox(0, $forum_lang['quick_transition']);
}
function AddPictureToUser($username, $source)
{
$loc = "members_bulkpics.php->AddPIctureToUser";
$userid = GetUserIDFromName($username);
$userinfo = GetUserInfo($userid);
if ($userinfo === false) {
DieWithMsg($loc, 'User with ID=' . $userid . ' not found, but should be there.');
}
// Copy the file into our website.
$target = GetTempDir() . "temppic.jpg";
$result = @copy($source, $target);
if ($result == false) {
log_msg($loc, array('Picture not added. Unable to copy file.', 'External File=' . $source, 'Internal Target=' . $target));
return false;
}
$id = StoreUserPic($target, $userid);
return true;
}
private function RenderPost($ObjectId, &$Posts, $BlockName, $Level)
{
if (count($Posts) == 0) {
return false;
}
foreach ($Posts as $post) {
$post_id = SafeDB($post['id'], 11, int);
$user_id = SafeDB($post['user_id'], 11, int);
$vars = array();
$vars['level_padding'] = Posts::$LevelMargin * $Level;
$vars['post_message'] = HtmlChars($post['post_message']);
SmiliesReplace($vars['post_message']);
$vars['post_message'] = nl2br($vars['post_message']);
$vars['post_message'] = BbCodePrepare($vars['post_message']);
if ($user_id != 0) {
// Зарегистрированный пользователь
$userinfo = GetUserInfo($user_id);
$vars['user_link'] = Ufu("index.php?name=user&op=userinfo&user={$user_id}", 'user/{user}/info/');
$vars['user_name'] = '<a href="' . $vars['user_link'] . '">' . $userinfo['name'] . '</a>';
$vars['post_date'] = SafeDB($post['post_date'], 11, int);
if ($userinfo['hideemail'] == '0') {
$vars['user_email'] = AntispamEmail($userinfo['email']);
} else {
$vars['user_email'] = '';
}
$vars['user_homepage'] = SafeDB($userinfo['url'], 255, str);
$vars['user_homepage_url'] = UrlRender(SafeDB($post['user_homepage'], 255, str));
if ($userinfo['online']) {
$vars['user_status'] = 'Сейчас на сайте.';
} else {
$vars['user_status'] = '';
}
$vars['user_rank_image'] = $userinfo['rank_image'];
$vars['user_rank_name'] = $userinfo['rank_name'];
$vars['user_avatar'] = $userinfo['avatar_file'];
$vars['user_avatar_small'] = $userinfo['avatar_file_small'];
$vars['user_avatar_smallest'] = $userinfo['avatar_file_smallest'];
$vars['user_regdate'] = TimeRender($userinfo['regdate'], false, false);
} else {
$vars['user_name'] = SafeDB($post['user_name'], 255, str);
$vars['post_date'] = SafeDB($post['post_date'], 11, int);
if ($post['user_email'] != '' && $post['user_hideemail'] != 0) {
$vars['user_email'] = AntispamEmail(SafeDB($post['user_email'], 255, str));
} else {
$vars['user_email'] = '';
}
if ($post['user_homepage'] != '') {
$vars['user_homepage'] = SafeDB($post['user_homepage'], 255, str);
$vars['user_homepage_url'] = UrlRender(SafeDB($post['user_homepage'], 255, str));
} else {
$vars['user_homepage'] = '';
$vars['user_homepage_url'] = '';
}
$vars['user_status'] = '';
$vars['user_rank_image'] = '';
$vars['user_rank_name'] = '';
$vars['user_avatar'] = GetPersonalAvatar(0);
$vars['user_avatar_small'] = GetSmallUserAvatar(0, $vars['user_avatar']);
$vars['user_avatar_smallest'] = GetSmallestUserAvatar(0, $vars['user_avatar']);
$vars['user_regdate'] = '';
}
$vars['user_id'] = SafeDB($post['user_id'], 11, int);
$vars['post_id'] = $post_id;
$vars['user_ip'] = SafeDB($post['user_ip'], 19, str);
$vars['object_id'] = $ObjectId;
$vars['parent_id'] = SafeDB($post['post_parent_id'], 11, int);
if ($vars['user_homepage'] != '') {
$vars['user_homepage'] = '<a href="' . $vars['user_homepage_url'] . '" target="_blank">' . $vars['user_homepage'] . '</a>';
} else {
$vars['user_homepage'] = '';
}
$vars['post_date'] = TimeRender($vars['post_date']);
if (System::user()->Auth) {
$vars['editing'] = System::user()->Get('u_id') == $user_id || System::user()->isAdmin();
} else {
$vars['editing'] = $user_id == '0' && $vars['user_ip'] == getip();
}
$vars['answers'] = $this->Answers != '0' || System::user()->isAdmin();
if (!System::user()->Auth && !$this->GuestPost) {
$vars['answers'] = false;
}
if (!$this->AlloyComments) {
$vars['answers'] = false;
}
$vars['no_answers'] = !$vars['answers'];
$back = SaveRefererUrl();
$vars['edit_url'] = $this->EditPageUrl . '&post_id=' . $post_id . '&back=' . $back;
$vars['delete_url'] = $this->DeletePageUrl . '&post_id=' . $post_id . '&back=' . $back;
$vars['parent_post_url'] = $_SERVER['REQUEST_URI'] . '#post_' . SafeDB($post['post_parent_id'], 11, int);
$vars['post_url'] = $_SERVER['REQUEST_URI'] . '#post_' . $post_id;
System::site()->AddSubBlock($BlockName, true, $vars, array(), $this->PostTemplate);
if (isset($this->PostsTree[$post_id])) {
if ($this->MaxTreeLevel > $Level) {
$newLevel = $Level + 1;
} else {
$newLevel = $Level;
}
$this->RenderPost($ObjectId, $this->PostsTree[$post_id], $BlockName, $newLevel);
}
}
return true;
}
$cellId = $_POST['cid'];
$locationAreaCode = $_POST['lac'];
$mobileCountryCode = $_POST['mcc'];
$mobileNetworkCode = $_POST['mnc'];
$imei = $_POST['imei'];
$jsonString = FromGSMGetAddress($cellId, $locationAreaCode, $mobileCountryCode, $mobileNetworkCode);
$arr = json_decode($jsonString, true);
$latitude = empty($arr["location"]["latitude"]) ? 0.0 : $arr["location"]["latitude"];
$longitude = empty($arr["location"]["longitude"]) ? 0.0 : $arr["location"]["longitude"];
echo "{'state':'1002','message':'{$latitude},{$longitude}'}";
$address = GetAddress("http://maps.google.com/maps/api/geocode/json?latlng=" . $latitude . "," . $longitude . "&sensor=true");
GsmLog($DB, $cellId, $locationAreaCode, $mobileCountryCode, $mobileNetworkCode, $imei, $latitude, $longitude, $address);
break;
case 'reg':
$email = $_POST['email'];
$nick = $_POST['nick'];
$pass = $_POST['pass'];
$imei = $_POST['imei'];
break;
case 'getLocalMessage':
$Latitude = $_POST['Latitude'];
$Longitude = $_POST['Longitude'];
$localMessage = GetNearbyMessage($DB, $Latitude, $Longitude);
echo "{'state':'1006','message':'{$localMessage}'}";
break;
case 'getuser':
$imei = $_POST['imei'];
$userinfo = GetUserInfo($DB, $imei);
echo "{'state':'1007','message':'{$userinfo}'}";
break;
}
<?php include '/connection/authenticate.php'; require_once '/connection/config.php'; include 'functions.php'; $sessionuserid = $_SESSION['id']; //get the user id for this session $sessionaccounttype = $_SESSION['accounttype']; //get the user id for this session //get the session id from log history $sessionrec = GetSessionInfo($sessionuserid); $_SESSION['maxsession'] = $sessionrec['maxsession']; $sessionid = $_SESSION['maxsession']; //get the session id //get the name of the user for the current session $sessionuser = GetUserInfo($sessionuserid); $sessionusername = $sessionuser['username']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr"> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"/> <meta name="description" content=""/> <meta name="keywords" content="" /> <meta name="author" content="" /> <link rel="stylesheet" type="text/css" href="style.css" media="screen" /> <title>IDSR GOK</title> <script language="JavaScript" src="scripts/FusionMaps.js"></script> <script language="JavaScript" src="scripts/FusionCharts.js"></script> <script type="text/javascript" src="jquery.min.js"></script>
function merge_workorders($wo1, $wo2)
{
$loc = rmabs(__FILE__ . ".merge_workorders");
$wid1 = $wo1["WID"];
$wid2 = $wo2["WID"];
$wo1["Description"] .= "\n\n" . $wo2["Description"];
UpdateWorkOrder($wid1, $wo1);
$data = GetAppendedData($wid2);
$nd = 0;
foreach ($data as $d) {
if ($d["UserID"] == 0) {
continue;
}
// Skip sys generated msg.
if ($d["Removed"]) {
continue;
}
// Skip deleted data.
AppendWorkOrderData($wid1, $d["UserID"], $d["TextInfo"], $d["PicID"], false);
$nd++;
}
$workers = GetAssignedWorkers($wid2);
$nw = 0;
foreach ($workers as $w) {
MakeAssignment($wid1, $w["UserID"]);
RemoveAssignment($wid2, $w["UserID"]);
$nw++;
}
$userid = GetUserID();
$userinfo = GetUserInfo($userid);
$username = MakeFullName($userinfo);
if (!$wo2["Closed"]) {
ChangeWOStatus($wid2, $username, "Closed", true);
}
$newwostr = WIDStr($wid1, $wo1["Revision"], $wo1["IsApproved"]);
AttachSystemNote($wid2, "This WO Merged into " . $newwostr . " by " . $username . '.');
$oldwostr = WIDStr($wid2, $wo2["Revision"], $wo2["IsApproved"]);
AttachSystemNote($wid1, "Data from " . $oldwostr . " merged into this one by " . $username . '.');
$msg = 'Workorder ' . $oldwostr . ' merged into ' . $newwostr . '. ';
$msg .= 'Number Items Copied=' . $nd . '. ';
$msg .= 'Number of Workers Reassigned=' . $nw . '. ';
log_msg($loc, array($msg, "By " . $username));
return $msg;
}
function IndexFormSendMail($email, $form_name, $time, $user, $ip, $data_rows)
{
if ($user != 0) {
$user_info = GetUserInfo($user);
$user = SafeDB($user_info['name'], 255, str) . ' ( id:' . SafeDB($user_info['id'], 11, int) . ' )';
$from = $user_info['name'];
$from_email = $user_info['email'];
} else {
$user = '******';
$from = System::config('general/site_name');
$from_email = System::config('general/site_email');
}
$subject = 'Веб форма "' . SafeDB($form_name, 255, str) . '"';
$mail = LmEmailExtended::Instance();
$mail->SetSubject(Cp1251ToUtf8($subject));
$mail->SetFrom($from_email, Cp1251ToUtf8($from));
$mail->AddTo($email, Cp1251ToUtf8('Администратор'));
$post_text = '';
foreach ($data_rows as $row) {
if ($row[2] == 'file') {
$mail->AddAttachmentPart(file_get_contents($row[1]), $row[3]);
} else {
$post_text .= '<b>' . SafeDB($row[0], 255, str) . ':</b><br />' . SafeDB($row[1], 0, str) . '<br />';
}
}
$text = Indent('
<html>
<head>
<title>Форма</title>
</head>
<body>
<table cellspacing="2" cellpadding="10" border="1">
<tr>
<th>Дата: ' . TimeRender($time, true, false) . '</th>
<th>Пользователь: ' . $user . '</th>
<th>IP: ' . $ip . '</th>
</tr>
<tr>
<td colspan="3" style="text-align: left;">' . $post_text . '</td>
</tr>
</table>
</body>
</html>
');
$mail->AddHtmlPart(Cp1251ToUtf8($text));
if (!$mail->Send()) {
ErrorHandler(USER_ERROR, 'Проблема при отправке E-mail "' . $subject . '".', __FILE__);
}
}
function AdminForumBasket($table = 'forum_basket_post')
{
global $config, $site;
if (isset($_GET['page'])) {
$page = SafeEnv($_GET['page'], 10, int);
} else {
$page = 1;
}
if ($table == 'forum_basket_post') {
$site->Title .= ' > Удаляемые сообщения';
$caption = 'Удаляемые сообщения';
} else {
$site->Title .= ' > Удаляемые Темы';
$caption = 'Удаляемые Темы';
}
$result = System::database()->Select($table);
if (count($result) > 20) {
$navigator = new Navigation($page);
$navigator->GenNavigationMenu($result, 20, ADMIN_FILE . '?exe=forum&a=' . $table);
$nav = true;
} else {
$nav = false;
}
$mop = 'showtopic&topic=';
if ($table == 'forum_basket_post') {
$table_caption = ' (сообщение)';
if (count($result) > 0) {
$mposts = array();
$where = '';
foreach ($result as $mpost) {
$where .= "`id`='" . $mpost['obj_id'] . "' or ";
}
$where = substr($where, 0, strlen($where) - 3);
$result_posts = System::database()->Select('forum_posts', $where);
if (count($result_posts) > 0) {
foreach ($result_posts as $mpost) {
$mposts[$mpost['id']] = $mpost['object'];
$mpostsm[$mpost['id']] = $mpost['message'];
}
foreach ($result as $mpost) {
$mpost['obj_id2'] = $mposts[$mpost['obj_id']];
$mpost['obj_id'] = $mpost['obj_id'];
$mpost['date'] = $mpost['date'];
$mpost['user'] = $mpost['user'];
$mpost['reason'] = $mpost['reason'];
$mpost['message'] = $mpostsm[$mpost['obj_id']];
$result2[] = $mpost;
}
$result = $result2;
}
}
} else {
$table_caption = ' (название темы)';
if (count($result) > 0) {
$where = '';
foreach ($result as $mpost) {
$where .= "`id`='" . $mpost['obj_id'] . "' or ";
}
$where = substr($where, 0, strlen($where) - 3);
$result_topics = System::database()->Select('forum_topics', $where);
if (count($result_topics) > 0) {
foreach ($result_topics as $mtopic) {
$mtopics[$mtopic['id']] = $mtopic['title'];
}
foreach ($result as $mtopic) {
$mpost['obj_id'] = $mtopic['obj_id'];
$mpost['date'] = $mtopic['date'];
$mpost['user'] = $mtopic['user'];
$mpost['reason'] = $mtopic['reason'];
$mpost['message'] = $mtopics[$mtopic['obj_id']];
$result2[] = $mpost;
}
$result = $result2;
}
}
}
$text = '<table cellspacing="0" cellpadding="0" class="cfgtable">';
$text .= '<tr><th>Кто удалил</th><th>Дата удаления</th><th>Дата окончательного удаления</th><th>Комментарий</th><th>Содержимое удаляемого <BR>' . $table_caption . '</th><th>Функции</th></tr>';
foreach ($result as $basket) {
$mop = 'showtopic&topic=' . ($table == 'forum_basket_post' ? $basket['obj_id2'] : $basket['obj_id']);
$restore_link = ADMIN_FILE . '?exe=forum&a=basket_restore&' . $table . '=' . $basket['obj_id'];
$ainfo = GetUserInfo($basket['user']);
$text .= '<tr>
<td>' . $ainfo['name'] . '</td>
<td>' . TimeRender($basket['date'], false, false) . '</td>
<td>' . TimeRender($basket['date'] + 86400 * $config['forum']['clear_basket_day'], false, false) . '</td>
<td>' . $basket['reason'] . '</td>
<td>' . (isset($basket['message']) ? $basket['message'] : '') . '</td>
<td><a href="' . $restore_link . '">Восстановить</a>
<a href="index.php?name=forum&op=' . $mop . '" target="_blank">Просмотр</a></td>
</tr>';
}
$text .= '</table>';
AddTextBox($caption, $text);
if ($nav) {
AddNavigation();
}
}
function AdminFormsViewPosts($new)
{
$file_save_dir = 'uploads/forms';
if (!isset($_GET['id'])) {
return;
}
$id = SafeEnv($_GET['id'], 11, int);
System::database()->Select('forms', "`id`='{$id}'");
$form = System::database()->FetchRow();
$box_title = $form['hname'];
if ($new) {
$moderated = " and `moderated`='0'";
} else {
$moderated = '';
}
$posts = System::database()->Select('forms_data', "`form_id`='{$id}'" . $moderated);
if (count($posts) == 0) {
System::admin()->AddCenterBox('Новые поcты формы "' . $box_title . '"');
System::admin()->Highlight('Нет новых сообщений');
return;
}
$text = '';
foreach ($posts as $post) {
$time = TimeRender(SafeDB($post['time'], 11, int));
if ($post['user_id'] > 0) {
$user_info = GetUserInfo(SafeDB($post['user_id'], 11, int));
$user_name = '<a href="' . 'index.php?name=user&op=userinfo&user='******'id'] . '">' . $user_info['name'] . '</a>';
} else {
$user_name = '-';
}
$ip = SafeDB($post['user_ip'], 20, str);
$data_rows = unserialize($post['data']);
$post_text = '';
foreach ($data_rows as $row) {
if ($row[2] == 'file') {
$post_text .= '<b>' . SafeDB($row[0], 255, str) . ':</b><br><a href="' . SafeDB($file_save_dir . '/' . $row[1], 0, str) . '">' . SafeDB($row[3], 255, str) . '</a><br>';
} else {
$post_text .= '<b>' . SafeDB($row[0], 255, str) . ':</b><br>' . SafeDB($row[1], 0, str) . '<br>';
}
}
$delfunc = System::admin()->SpeedConfirm('Удалить данные формы', ADMIN_FILE . '?exe=forms&a=delpost&id=' . $id . '&pid=' . SafeDB($post['id'], 11, int) . '&ok=0' . ($new ? '&new=1' : ''), 'images/admin/delete.png', 'Удалить?');
//'<a href="'.ADMIN_FILE.'?exe=forms&a=delpost&id='.$id.'&pid='.SafeDB($post['id'], 11, int).'&ok=0&new=1"><img src="images/admin/delete.png" title="Удалить эти данные" /></a>';
$text .= '<table cellspacing="0" cellpadding="0" border="0" class="cfgtable">';
$text .= '<tr><th>Дата: ' . $time . '</td><th>Пользователь: ' . $user_name . '</td><th>IP: ' . $ip . '</td><th width="30">' . $delfunc . '</td></tr>';
$text .= '<tr><td colspan="4" style="text-align:left;padding-left:10px;">' . $post_text . '</td></tr>';
$text .= '</table>';
}
if ($new) {
$text .= '<div style="text-align: right;">' . System::admin()->SpeedButton('Отметить все как просмотренные', ADMIN_FILE . '?exe=forms&a=checkall&id=' . $id, '', true, true) . '</div>';
}
AddTextBox('Новые поcты формы "' . $box_title . '"', $text);
}
<a href="javascript:void(0);" class="waves-effect waves-button waves-classic" id="showRight">
<i class="fa fa-comments"></i>
</a>
</li>
</ul><!-- Nav -->
</div><!-- Top Menu -->
</div>
</div>
</div><!-- Navbar -->
<div class="page-sidebar sidebar">
<div class="page-sidebar-inner slimscroll">
<div class="sidebar-header">
<div class="sidebar-profile">
<a href="javascript:void(0);" id="profile-menu-link">
<?php
@($userinfo = GetUserInfo());
@($uservalue = $userinfo[0]);
@($confObj = CheckconfigInfo());
//prepare the variables for youtube and viedo and images
if (count($confObj) > 0) {
if (@$confObj['uploaddirectory'] != '') {
@($uploads = $confObj['uploaddirectory']);
} else {
@($uploads = 'uploads/');
}
} else {
@($uploads = 'uploads/');
}
if (preg_match('/___/', $uservalue)) {
@($username = substr($uservalue, 0, strpos($uservalue, '___')));
@($userimage = substr($uservalue, strpos($uservalue, '_') + 3));
function CreateOrderTableHead($MKZ, $UGP)
{
$userinfo = GetUserInfo();
$head = $userinfo;
$head = $head . "<p style=\"font-family: Arial; font-size:18px;\" >Bestellungen aus Magento</p>\n";
$timestamp = strtotime("-1 days");
$head = $head . "<p style=\"font-family: Arial; font-size:12px;\" >ab Datum: \n";
$head = $head . "<input type=\"text\" maxlength=\"10\" width=\"50\" name=\"selDate\" value=\"" . date("d.m.Y", $timestamp) . "\">";
$timestamp = strtotime("16:00:00");
$head = $head . " Uhrzeit:";
$head = $head . "<input type=\"text\" maxlength=\"10\" width=\"50\" name=\"selTime\" value=\"" . date("G:i:s", $timestamp) . "\"></p>\n";
$ahref = "<a href=\"order.php?MKZ=" . $MKZ . "&UPG=" . $UGP . "&function=GetMagOrders\"><button style=\"width:400px\">Bestellungen aus dem Shop holen</button></a>";
$head = $head . "<p style=\"font-family: Arial; font-size:10px;\" >" . $ahref . "</p>";
$ahref = "<a href=\"order.php?MKZ=" . $MKZ . "&UPG=" . $UGP . "&function=PrintAllReservations\"><button style=\"width:400px\">Reservierungen drucken für ALLE NEU importierten</button></a>";
$head = $head . "<p style=\"font-family: Arial; font-size:10px;\" >" . $ahref . "</p>";
$aorder = "";
$ahref = "<a href=\"order.php?MKZ=" . $MKZ . "&UPG=" . $UGP . "&function=PrintChecked\">";
$ahref = $ahref . "<button onClick=\"PrintCheckedOrders()\" style=\"width:400px\">" . $aorder . "Reservierungen drucken für alle angekreuzten Bestellungen</button></a>";
$head = $head . "<p style=\"font-family: Arial; font-size:10px;\" >" . $ahref . "</p>";
$head = $head . "<br>";
return $head;
}
function Forum_Subscription_Get_User($topic = 0, $full = true, $ignore_user_id = 0)
{
global $db;
$users = array();
if ($topic > 0) {
$mdb = $db->Select('forum_subscription', "`topic`='{$topic}'");
if ($db->NumRows() > 0) {
foreach ($mdb as $m_user) {
$usr = SafeDb($m_user['user'], 11, int);
if ($usr != $ignore_user_id) {
if ($full) {
$usr = GetUserInfo(SafeDb($m_user['user'], 11, int));
}
$users[] = $usr;
}
}
}
}
$users = array_unique($users);
return $users;
}
function IndexForumShowTopic($one_post = false)
{
global $forum_lang;
$forums_tree = ForumTree::Instance();
// Вспомогательные переменные
$user_auth = System::user()->Auth;
$user_id = System::user()->Get('u_id');
$user_admin = System::user()->isAdmin();
$time = time();
$max_word_length = System::config('forum/max_word_length');
if (isset($_GET['topic'])) {
$topic_id = SafeEnv($_GET['topic'], 11, int);
} else {
System::site()->AddTextBox($forum_lang['error'], $forum_lang['error_no_topic']);
return;
}
// Берём тему и проверяем на доступ
System::database()->Select('forum_topics', "`id`='" . $topic_id . "'");
if (System::database()->NumRows() == 0) {
System::site()->AddTextBox($forum_lang['error'], $forum_lang['error_no_topic']);
return;
}
$topic = System::database()->FetchRow();
if (!$user_admin && $topic['starter_id'] == $user_id && $topic['delete'] == '1') {
// Тема удалена в корзину (только админы видят корзину и автор темы)
System::site()->AddTextBox($forum_lang['topic_basket_current_post'], '<p align="center">' . $forum_lang['topic_basket_post'] . '.<br><input type="button" value="' . $forum_lang['back'] . '"onclick="history.back();"></p>');
return;
}
// Проверяем доступ к форуму
$forum_id = SafeEnv($topic['forum_id'], 11, int);
$forum_config = $forums_tree->GetForumConfigRecursive($forum_id);
// Параметры доступа на форум
if (!$forum_config['access']) {
System::site()->AddTextBox($forum_lang['error'], $forum_config['access_reason']);
// Нет доступа в этот форум
return;
}
// $forum_config['add_post'] - право добавлять сообщения
// $forum_config['add_post_reason'] - причина запрета добавления сообщений
// $forum_config['no_link_guest'] - скрывать ссылки от гостей
// $forum_config['new_message_email'] - разрешить подписку на новые сообщения
// Определяем следующую и предыдущую темы
$topics_data = ForumCacheGetTopics();
$topics_data = $topics_data[$forum_id];
$prev_topic = null;
$next_topic = null;
$find = false;
foreach ($topics_data as $topic_row) {
if ($topic_row['id'] == $topic_id) {
$find = true;
continue;
}
if ($find) {
$next_topic = $topic_row;
break;
}
$prev_topic = $topic_row;
}
// Параметры постраничной навигации
if (isset($_GET['page'])) {
$page = SafeEnv($_GET['page'], 11, int);
} else {
$page = 1;
}
if (isset($_GET['view']) && $_GET['view'] == 'lastpost') {
$lastpost = true;
} else {
$lastpost = false;
}
$posts_on_page = System::config('forum/posts_on_page');
// Обновляем метку о прочтении темы, если пользователь авторизован
if ($user_auth) {
System::database()->Delete('forum_topics_read', "`tid`='{$topic_id}' and `mid`='{$user_id}'");
System::database()->Insert('forum_topics_read', "'{$user_id}','{$topic_id}','{$time}'");
}
// Объект онлайн
$online = ForumOnline::Instance($forum_id, $topic_id);
// Устанавливаем заголовок страницы
$topic_title = SafeDB($topic['title'], 255, str);
System::site()->SetTitle($topic_title . ($page > 1 ? ' - Страница ' . $page : ''));
// Хлебные крошки
$forums_tree->BreadCrumbsF($forum_id);
System::site()->BreadCrumbAdd(SafeDB($topic['title'], 255, str));
// Добавляем корзину (если тема удалена в корзину)
if ($topic['delete'] == '1') {
$basket_topics = ForumBasketGetData('forum_basket_topics');
if (isset($basket_topics[$topic['id']])) {
System::site()->AddTextBox($forum_lang['topic_basket_red'], ForumBasketRender($topic['id'], $topic['title'], $basket_topics, true));
}
}
// Увеличиваем счётчик просмотров
System::database()->Update('forum_topics', "`hits`='" . (SafeDB($topic['hits'], 11, int) + 1) . "'", "`id`='" . $topic_id . "'");
// Инициализируем постраничную навигацию
$navigation = new Navigation($page);
$navigation->FrendlyUrl = System::config('general/ufu');
// Загружаем сообщения из базы данных
$basket_where = '';
// Администратор (подготавливаем запрос выборки т.к. нужно знать сколько всего сообщений для постр. навигации)
if ($user_auth) {
if (!$user_admin) {
$basket_where = " and (`delete`='0' or `user_id`='{$user_id}')";
// Пользователь
}
} else {
$basket_where = " and `delete`='0'";
// Гость
}
$posts = System::database()->Select('forum_posts', ($one_post !== false ? "`id`='{$one_post}'" : "`object`='{$topic_id}'") . $basket_where);
SortArray($posts, 'public', false);
//Сортируем по дате
// Вывод постраничной навигации
if (count($posts) > $posts_on_page) {
if ($lastpost) {
$page = ceil(count($posts) / $posts_on_page);
}
$navigation->GenNavigationMenu($posts, $posts_on_page, Ufu('index.php?name=forum&op=showtopic&topic=' . $topic_id, 'forum/topic' . $topic_id . '-{page}.html', true), $page);
} else {
$navigation->DisableNavigation();
}
// Загружаем корзину для сообщений
$basket = ForumBasketGetData('forum_basket_post');
// Блок с информацией о теме
System::site()->AddBlock('topic', true, false);
System::site()->SetVars('topic', ForumTopicFilterData($topic));
// Блок шаблонизатора для вывода сообщений
System::site()->AddBlock('forum_posts', true, true, 'post');
$is_forum_member = AccessIsResolved(2);
// Для определения первого и последнего сообщения
$i = 1;
// Выводим сообщения в шаблонизатор
foreach ($posts as $post) {
$post_user_id = SafeDB($post['user_id'], 11, int);
if ($post_user_id == 0) {
continue;
}
$vars = array();
// Обрабатываем текст сообщения
if ($post['delete'] == '1') {
// Сообщение удалено в корзину
$vars['text'] = ForumBasketRender($post['id'], $post['message'], $basket);
} else {
$vars['text'] = HtmlChars($post['message']);
if ($forum_config['no_link_guest']) {
// Скрываем ссылки от гостей
$replace = '<p class="notice">' . $forum_lang['hide_links_for_guests'] . '</p>';
$vars['text'] = preg_replace('/\\<a[^\\>]*?(http|https|ftp|www)(.*?)\\<\\/a\\>/is', $replace, $vars['text']);
$vars['text'] = preg_replace('/(http:\\/\\/|https:\\/\\/|ftp:\\/\\/|www\\.)?([a-zA-Z0-9]+)\\.(ru|su|com|org|net|info|name|ws|cc|tv|tel|kz|biz|mobi|asia|me|tw|ua)+([а-яА-Яa-zA-Z0-9\'~;,@#%&_\\!\\$\\^\\*\\(\\)\\-\\=\\+\\?\\.\\:\\/\\\\]*)?/is', $replace, $vars['text']);
}
SmiliesReplace($vars['text']);
$vars['text'] = nl2br($vars['text']);
$vars['text'] = BbCodePrepare($vars['text']);
if ($max_word_length > 0) {
$vars['text'] = word_wrapped_string($vars['text'], $max_word_length);
}
}
// Обрабатываем данные сообщения
// Пользователь
$user_info = GetUserInfo($post_user_id);
$vars['usertopics'] = '<a href="' . Ufu('index.php?name=forum&op=usertopics&user='******'forum/usertopics/{user}/') . '">' . $forum_lang['allusertopics'] . '</a>';
if ($user_info['rank_name'] != '') {
$vars['author'] = '<a href="' . Ufu('index.php?name=user&op=userinfo&user='******'user/{user}/info/') . '">' . $user_info['name'] . '</a>';
$vars['author_name'] = $user_info['name'];
} else {
$vars['author'] = $post['name'];
$vars['author_name'] = $post['name'];
}
if ($user_info['hideemail'] == '0') {
$vars['email'] = AntispamEmail($user_info['email']);
} else {
$vars['email'] = ' ';
}
if ($user_info['url'] != '') {
$vars['homepage'] = '<a href="http://' . $user_info['url'] . '" target="_blank">' . $user_info['url'] . '</a>';
} else {
$vars['homepage'] = ' ';
}
$vars['icq'] = $user_info['icq'];
if ($user_info['online']) {
$vars['status'] = $forum_lang['user_online'];
} else {
$vars['status'] = '';
}
$vars['rank_image'] = $user_info['rank_image'] != '' ? $user_info['rank_image'] : '';
$vars['rank_name'] = $user_info['rank_name'] != '' ? $user_info['rank_name'] : '';
$vars['avatar'] = $user_info['avatar_file'] != '' ? $user_info['avatar_file'] : GetPersonalAvatar(0);
$vars['regdate'] = TimeRender($user_info['regdate'], false, true);
if (isset($user_info['data']['forum_counters'])) {
$vars['user_posts_count'] = $user_info['data']['forum_counters']['posts'];
$vars['user_topics_count'] = $user_info['data']['forum_counters']['topics'];
} else {
$vars['user_posts_count'] = '0';
$vars['user_topics_count'] = '0';
}
// Сообщение
$vars['public'] = $forum_lang['added'] . TimeRender($post['public']);
$vars['public_date'] = TimeRender($post['public']);
$vars['ip'] = SafeDB($post['user_ip'], 19, str);
$vars['topic_id'] = $topic_id;
$vars['id'] = SafeDB($post['id'], 11, int);
$vars['nodelete'] = SafeDB($post['delete'], 1, int) == 1 ? false : true;
$vars['is_admin_and_nodelete'] = $vars['nodelete'] && $user_admin;
$vars['page'] = $page;
// is_current_user Пользователь является владельцем сообщения (кнопки редактировать и удалить)
if ($post['delete'] == '0') {
$vars['is_current_user'] = $user_id == $post['user_id'] && $topic['close_topics'] == '0' || $user_admin;
} else {
$vars['is_current_user'] = false;
}
if ($one_post === false) {
$vars['num'] = $page > 1 ? $page * $posts_on_page - $posts_on_page + $i : $i;
$vars['url'] = "javascript:link_post('" . GetSiteUrl() . Ufu("index.php?name=forum&op=post&topic=" . $topic_id . "&post=" . $post['id'], 'forum/t{topic}/post{post}.html') . "')";
} else {
$vars['num'] = '';
$vars['url'] = 'javascript:history.go(-1)';
}
$vars['is_forum_member'] = $is_forum_member;
System::site()->AddSubBlock('forum_posts', true, $vars, array(), 'module/forum_post.html');
$i++;
}
// Форма добавления сообщений
System::site()->AddBlock('post_form', $forum_config['add_post'], false);
ForumRenderPostForm(false, $forum_id, $topic_id, 0, '', '', $is_forum_member);
// Подписка на тему
System::site()->AddBlock('subscription', $forum_config['new_message_email'], false, 'subs');
$vars_subs = array();
$vars_subs['topic'] = $topic_id;
$vars_subs['sub_status'] = Forum_Subscription_Status($topic_id);
$vars_subs['status'] = $vars_subs['sub_status'] ? 'Отписаться от этой темы' : 'Подписаться на эту тему';
System::site()->SetVars('subscription', $vars_subs);
System::site()->AddBlock('is_forum_member', $is_forum_member, false, 'marker');
System::site()->SetVars('is_forum_member', array('id' => $topic_id));
// Подключаем шаблон
System::site()->AddTemplatedBox('', 'module/forum_showtopic.html');
// Выводим блок онлайн
$online->Render($forum_id, $topic_id, $forum_lang['current_online'], 'forum_online');
// Предыдущая и следующая тема
System::site()->AddBlock('forum_prev_topic', isset($prev_topic), false, 'topic');
if (isset($prev_topic)) {
System::site()->SetVars('forum_prev_topic', array('url' => Ufu('index.php?name=forum&op=showtopic&topic=' . SafeDB($prev_topic['id'], 11, int), 'forum/topic{topic}.html'), 'title' => SafeDB($prev_topic['title'], 255, str), 'lang_prev_topic' => $forum_lang['prev_topic']));
}
System::site()->AddBlock('forum_next_topic', isset($next_topic), false, 'topic');
if (isset($next_topic)) {
System::site()->SetVars('forum_next_topic', array('url' => Ufu('index.php?name=forum&op=showtopic&topic=' . SafeDB($next_topic['id'], 11, int), 'forum/topic{topic}.html'), 'title' => SafeDB($next_topic['title'], 255, str), 'lang_next_topic' => $forum_lang['next_topic']));
}
// Быстрый переход по форумам
ForumQuickTransitionBox($forum_id, $forum_lang['quick_transition']);
}
log_error($loc, array($error_msg, "Worker Name: " . $_POST["Workers"]));
goto SetupForm;
}
MakeAssignment($wid, $workerid);
$msg = 'New Assigment: "' . $workername . '" assigned by ' . $username;
AttachSystemNote($wid, $msg);
goto SetupForm;
}
if (!empty($_POST["Remove"])) {
if (empty($_POST["Workers"])) {
$error_msg = "No worker found. Cannot assign.";
goto SetupForm;
}
$workername = $_POST["Workers"];
$workerid = FindUser("FullName", $workername);
$workerinfo = GetUserInfo($workerid);
if (!$workerinfo) {
$error_msg = "Worker not in database! Cannot remove.";
log_error($loc, array($error_msg, "Worker Name: " . $_POST["Workers"]));
goto SetupForm;
}
RemoveAssignment($wid, $workerid);
$msg = 'Deleted Assignment: "' . $workername . '" unassigned by ' . $username;
AttachSystemNote($wid, $msg);
goto SetupForm;
}
DieWithMsg($loc, "Incorrect Post.");
}
SetupForm:
$pagetabtitle = "Epic " . $wo["WIDStr"];
$all_workers = GetAllWorkers();
public function LoadData($tn)
{
$this->tn = $tn;
$sql = 'SELECT Distinct ScoutID FROM RawTeamInfo WHERE TeamNumber=' . intval($tn);
$result = SqlQuery($this->loc, $sql);
$this->Scouts = array();
while ($row = $result->fetch_assoc()) {
$id = intval($row["ScoutID"]);
$info = GetUserInfo($id);
$this->Scouts[] = $info;
}
$sql = 'SELECT PicID FROM TeamPics WHERE TeamNumber=' . intval($tn);
$result = SqlQuery($this->loc, $sql);
$this->PicIDs = array();
while ($row = $result->fetch_assoc()) {
$this->PicIDs[] = intval($row["PicID"]);
}
$data = GetTeamInfo($tn);
if (isset($data["BestPicID"])) {
$this->BestPicID = $data["BestPicID"];
}
if (isset($data["NickName"])) {
$this->NickName = $data["NickName"];
}
}
function FindUser($fieldname, $info)
{
$loc = rmabs(__FILE__ . ".FindUser");
if ($fieldname == "UserID") {
$userinfo = GetUserInfo(intval($info));
if (!$userinfo) {
return false;
}
return $userinfo["UserID"];
}
if ($fieldname == "FullName") {
// Very inefficent but can work.
// Must do it this way cause some people have three parts to their name.
$sql = 'SELECT * FROM Users';
$result = SqlQuery($loc, $sql);
while ($row = $result->fetch_assoc()) {
$fullname = $row["FirstName"] . ' ' . $row["LastName"];
if (trim($info) == trim($fullname)) {
return $row["UserID"];
}
}
return false;
}
if ($fieldname == "UserName") {
$sql = 'SELECT * FROM Users WHERE UserName="******"';
$result = SqlQuery($loc, $sql);
if ($result->num_rows != 1) {
return false;
}
$row = $result->fetch_assoc();
return $row["UserID"];
}
if ($fieldname == "LastNameFirst") {
$words = explode(",", $info);
if (count($words) != 2) {
return false;
}
$lastname = trim($words[0]);
$firstname = trim($words[1]);
$sql = 'SELECT * FROM Users WHERE LastName="' . $lastname . '" AND FirstName="' . $firstname . '"';
$result = SqlQuery($loc, $sql);
if ($result->num_rows != 1) {
return false;
}
$row = $result->fetch_assoc();
return $row["UserID"];
}
log_error($loc, "Should be unreachable code. ");
return false;
}
/**
* Удаление ключа индивидуальной настройки пользователя в базе данных.
* @param $Name Имя настройки.
* @param null $UserId Идентификатор пользователя. Если не указан, то используется идентификатор текущего пользователя.
* @return var|null Возвращает значение удаленной настройки, или null, если настройка не найдена.
*/
function UserDataDelete($Name, $UserId = null)
{
$this_user = false;
if (!isset($UserId)) {
if (System::user()->Auth) {
$UserId = SafeEnv($this->Get('u_id'), 11, int);
$this_user = true;
} else {
return null;
}
}
$Data = GetUserInfo($UserId);
$Data = $Data['data'];
if (isset($Data[$Name])) {
$value = $Data[$Name];
unset($Data[$Name]);
$system_users_cache = GetUsers();
$system_users_cache[$UserId]['data'] = $Data;
if ($this_user) {
System::user()->Session('u_data', $Data);
}
System::database()->Update('users', "`data`='" . SafeEnv(serialize($Data), 0, str) . "'", "`id`='{$UserId}'");
return $value;
}
}
}
$param_list = array(array("FieldName" => "User", "FieldType" => "Selection", "Selection" => $names, "Caption" => "User Accout"));
$doform = true;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
DenyGuest();
if (empty($_POST["User"])) {
goto GenerateHtml;
}
$lastnamefirst = $_POST["User"];
$newuserid = FindUser("LastNameFirst", $lastnamefirst);
if (!$newuserid) {
$error_msg = "Unable to find user id. (Two users with same name?)";
$doform = true;
goto GenerateHtml;
}
$newuserinfo = GetUserInfo($newuserid);
$newusername = $newuserinfo["UserName"];
$currentuser = GetUserName();
log_msg($loc, 'User ' . $currentuser . ' is attemping to masquerade as ' . $newusername);
session_unset();
session_destroy();
session_start();
$okay = StartLogin($newusername, "", true);
if ($okay === false) {
log_msg($loc, "Login failure for masquerade. Starting ALL over.");
session_unset();
session_destroy();
JumpToPage("pages/login.php");
}
SetMasquerader($currentuser);
JumpToPage("pages/welcome.php");
}
$textinfo = $_POST["TextInfo"];
$primary = $_POST["MainPic"];
$picid = 0;
if (isset($_FILES["PicFile"])) {
$fileinfo = $_FILES["PicFile"];
if (CheckFileInput($fileinfo)) {
$picid = PicFileUpload($_FILES["PicFile"]);
if (!$picid) {
$error_msg = "Uploaded File does not seem to be a picture.";
goto GenerateHtml;
}
}
}
if ($_POST["IncRevision"]) {
$userinfo = GetUserInfo($userid);
$username = MakeFullName($userinfo);
//MakeAbbrivatedName($userinfo);
IncrementRevision($wid, $username);
}
AppendWorkOrderData($wid, $userid, $textinfo, $picid, $primary);
$success_msg = "Data Added!";
$wo = GetWO($wid);
$doform = false;
goto GenerateHtml;
}
GenerateHtml:
$stylesheet = array("../css/global.css", "../css/nav.css", "../css/wo_head.css", "../css/wo_add_data.css");
include "forms/header.php";
include "forms/nav_form.php";
include "forms/wo_display_menubar.php";
function IndexUserInfo()
{
if (isset($_GET['user'])) {
$user_id = SafeEnv($_GET['user'], 11, int);
} elseif (System::user()->Auth) {
$user_id = System::user()->Get('u_id');
} else {
System::site()->Login();
return;
}
$usr = GetUserInfo($user_id);
if ($usr !== false) {
System::site()->SetTitle('Информация о пользователе ' . SafeDB($usr['name'], 50, str));
System::site()->AddTemplatedBox('', 'module/user_info.html');
System::site()->AddBlock('userinfo', true, false, 'user');
$vars['user_id'] = SafeDB($usr['id'], 11, int);
$vars['name'] = SafeDB($usr['name'], 50, str);
$vars['true_name'] = SafeDB($usr['truename'], 250, str);
$vars['avatar'] = RealPath2(SafeDB($usr['avatar_file'], 255, str));
$vars['rankimage'] = RealPath2(SafeDB($usr['rank_image'], 255, str));
$vars['rank'] = SafeDB($usr['rank_name'], 255, str);
$vars['age'] = SafeDB($usr['age'], 11, str);
$vars['city'] = SafeDB($usr['city'], 100, str);
if ($usr['hideemail'] == '1') {
$vars['email'] = 'Скрывается';
} else {
$vars['email'] = SafeDB($usr['email'], 50, str);
}
$vars['icq'] = SafeDB($usr['icq'], 15, str);
$vars['site'] = Url(SafeDB($usr['url'], 250, str));
$vars['site_url'] = UrlRender(SafeDB($usr['url'], 250, str));
$vars['about'] = SafeDB($usr['about'], 0, str);
$vars['regdate'] = TimeRender($usr['regdate'], false);
$vars['lastdate'] = TimeRender($usr['lastvisit']);
$vars['counter'] = SafeDB($usr['visits'], 11, int);
if ($usr['online']) {
$vars['online'] = 'Сейчас на сайте.';
} else {
$vars['online'] = '';
}
System::site()->BreadCrumbAdd('Личные данные "' . $vars['name'] . '"');
System::site()->Blocks['userinfo']['vars'] = $vars;
} else {
System::site()->AddTextBox('Ошибка', '<p align="center">Пользователь не найден.<p>');
}
}
function GetWO($wid, $override = false)
{
$loc = rmabs(__FILE__ . '.GetWO');
$sql = "SELECT * From WorkOrders WHERE WID=" . intval($wid);
if (!$override) {
$sql .= ' AND Active=1';
}
$result = SqlQuery($loc, $sql);
if ($result->num_rows != 1) {
return false;
}
$data = $result->fetch_assoc();
$data["IsApproved"] = $data["Approved"] || $data["ApprovedByCap"];
$data["WIDStr"] = WIDStr($wid, $data["Revision"], $data["IsApproved"]);
if (empty($data["AuthorID"])) {
$data["AuthorInfo"] = array();
$data["AuthorName"] = "System";
} else {
$data["AuthorInfo"] = GetUserInfo($data["AuthorID"]);
$data["AuthorName"] = "";
if (!empty($data["AuthorInfo"])) {
$ai = $data["AuthorInfo"];
$data["AuthorName"] = MakeAbbrivatedName($ai);
}
}
return $data;
}
$order_db = GetOrder($order);
$orderlines = GetOrderLine($order_db->entity_id, $order);
if ($order_db->entity_id != "") {
echo CreateOrderHead($order_db, $MKZ, $UGP);
echo CreateOrderArticle($orderlines, $MKZ, $UGP, true);
$orderfound = true;
} else {
$orderfound = false;
$link = OpenDatabase();
$sql = "SELECT * FROM `Artikel` where `ean` = " . $eanorder;
$res = mysql_query($sql, $link);
$art = new Article();
$articlefound = false;
if ($art = mysql_fetch_object($res)) {
$articlefound = true;
echo GetUserInfo();
echo "<table border=\"0\" style='width: 1024px; border-collapse: collapse; '>";
echo "<tr>";
echo "<th>EAN-Nummer</th>";
echo "<th>SKU</th>";
echo "<th>Hersteller</th>";
echo "<th>Artikel</th>";
echo "<th>Preis</th>";
echo "<th>Shop</th>";
echo "<th>Menge</th>";
echo "<th>minim</th>";
echo "<th>Lager</th>";
echo "</tr>";
echo "<tr>";
echo "<td width='50px'>" . $art->ean . "</td>";
echo "<td width='50px'>" . $art->sku . "</td>";
$dd[] = "--";
}
}
$tabledata[] = $dd;
$ncount++;
}
if ($ncount >= $nlimit) {
$limittext = "Note: Output limited to " . $nlimit . " records.";
}
goto GenerateHtml;
}
$pagetitle = "In Box";
$pagetext = "<p>Here, you can manange the work that has been assigned to your team.</p>";
$pagetext .= "<p>Use the links above to get started.";
goto GenerateHtml;
$data = GetUserInfo($userid);
if ($data === false) {
DieWithMsg($loc, 'User with ID=' . $userid . ' not found.');
}
PopulateParamList($param_list, $data);
goto GenerateHtml;
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
}
GenerateHtml:
$stylesheet = array("../css/global.css", "../css/nav.css", "../css/inbox.css", "../css/statuskey.css");
include "forms/header.php";
include "forms/nav_form.php";
include "forms/inbox_menubar.php";
include "forms/inbox_form.php";
include "forms/footer.php";
function AdminCommentsMain()
{
System::admin()->AddCenterBox('Глобальная модерация комментариев');
if (isset($_GET['page'])) {
$page = SafeEnv($_GET['page'], 10, int);
} else {
$page = 1;
}
System::admin()->AddJS('
UpdateSelectComment = function(){
$(".comment_check").each(function(){
$("#comment"+$(this).val()).removeClass("commtable_selected");
});
$(".comment_check:checked").each(function(){
$("#comment"+$(this).val()).addClass("commtable_selected");
});
};
SelectAllComments = function(){
$(".comment_check").each(function(){
$(this).attr("checked", true);
});
UpdateSelectComment();
};
DeleteComments = function(){
var del = "";
$(".comment_check:checked").each(function(){
del += "#"+$(this).val();
});
Admin.LoadPagePost("' . ADMIN_FILE . '?exe=comments&a=delete&page=' . $page . '", {delcomments: del}, "Удаление...");
};
');
$commentsOnPage = 50;
// Выбираем комментарии из всех таблиц
$where = '';
$posts = array();
$comments_tables = System::database()->Select('comments');
foreach ($comments_tables as $table) {
$temp_posts = System::database()->Select($table['table'], $where);
AdminConfigMarkPosts($temp_posts, $table);
$posts = array_merge($posts, $temp_posts);
}
// Сортируем комментарии по дате(Новые сверху)
SortArray($posts, 'post_date', true);
// Добавляем постраничную навигацию
if (count($posts) > $commentsOnPage) {
$navigator = new Navigation($page);
$navigator->GenNavigationMenu($posts, $commentsOnPage, ADMIN_FILE . '?exe=comments');
$nav = true;
} else {
$nav = false;
AddText('<br />');
}
// Шапка
if (count($posts) == 0) {
System::admin()->Highlight('На сайте нет комментариев.');
return;
} else {
$text = '';
}
$text .= '<table cellspacing="0" cellpadding="0" width="90%" align="center" class="commtable_header">
<tr>
<th style="width: 160px;">Пользователь</th>
<th style="width: 260px;">E-mail</th>
<th style="width: 260px;">Сайт</th>
<th style="width: 260px;">Дата и время</th>
<th style="width: 70px;">IP</th>
<th>Функции</th>
</tr></table>';
// Выводим комментарии
foreach ($posts as $post) {
$post_id = SafeDB($post['id'], 11, int);
$object_id = SafeDB($post['object_id'], 11, int);
$user_id = SafeDB($post['user_id'], 11, int);
$user_name = SafeDB($post['user_name'], 255, str);
$user_homepage = SafeDB($post['user_homepage'], 255, str);
$user_email = SafeDB($post['user_email'], 255, str);
$user_ip = SafeDB($post['user_ip'], 19, str);
$post_date = TimeRender($post['post_date']);
$post_message = SafeDB($post['post_message'], 0, str, false);
$post_message = nl2br($post_message);
$edit = ADMIN_FILE . '?exe=comments&a=edit&id=' . $post_id . '&table=' . $post['_table'] . '&page=' . $page;
if ($user_id != 0) {
$userinfo = GetUserInfo($user_id);
$user_name = $userinfo['name'];
$user_homepage = $userinfo['url'];
$user_email = PrintEmail($userinfo['email']);
if ($userinfo['online']) {
$online = '<b>Сейчас на сайте.</b>';
} else {
$online = '';
}
$avatar = '<img src="' . $userinfo['avatar_file'] . '" />';
$rank_image = '<img src="' . $userinfo['rank_image'] . '" />';
$rank_name = $userinfo['rank_name'];
$regdate = 'Зарегистрирован: ' . TimeRender($userinfo['regdate'], false);
$ruser = true;
} else {
$user_email = PrintEmail($user_email);
$online = '';
$avatar = '<img src="' . GetPersonalAvatar(0) . '" />';
$rank_image = '';
$rank_name = '';
$regdate = '';
$ruser = false;
}
if ($user_homepage != '') {
$user_homepage = '<a href="http://' . $user_homepage . '" target="_blank">' . $user_homepage . '</a>';
} else {
$user_homepage = ' ';
}
if ($ruser) {
$user_name = '<a href="' . Ufu("index.php?name=user&op=userinfo&user={$user_id}", 'user/{user}/info/') . '" target="_blank">' . $user_name . '</a>';
}
$link_go = ADMIN_FILE . '?exe=comments&a=find&table=' . SafeDB($post['_id'], 11, int) . '&post_id=' . $post_id;
$func = '';
if ($post['_url'] != '') {
$func .= System::admin()->SpeedButton('Найти комментарий', $link_go, 'images/search.png', false, false, 'target="_blank"');
}
$func .= SpeedButton('Редактировать', $edit, 'images/admin/edit.png');
$text .= Indent('
<table cellspacing="0" cellpadding="0" width="90%" align="center" class="commtable" id="comment' . $post_id . '--' . $post['_table'] . '--' . $object_id . '">
<tr>
<th style="width: 160px;"><b>' . $user_name . '</b></th>
<th style="width: 260px;">' . $user_email . '</th>
<th style="width: 260px;">' . $user_homepage . '</th>
<th style="width: 260px;">' . $post_date . '</th>
<th style="width: 70px;">' . $user_ip . '</th>
<th>' . $func . '</th>
<th>' . System::admin()->Check('delcomments[]', $post_id . '--' . $post['_table'] . '--' . $object_id, false, 'class="comment_check" onchange="UpdateSelectComment();"') . '</th>
</tr>
<tr>
<td valign="top" width="140">' . $avatar . '<br>' . $rank_image . '<br>' . $rank_name . '</td>
<td colspan="6" class="commtable_text">' . $post_message . '</td>
</tr>
</table>
');
}
// Подвал
AddText($text);
if ($nav) {
AddNavigation();
}
$text = '';
if (count($posts) > 0) {
$text .= '<div style="text-align: right;">' . System::admin()->SpeedConfirmJs('Выделить все', 'SelectAllComments();', '', '', true) . ' ' . System::admin()->SpeedConfirmJs('Удалить выделенные', 'DeleteComments();', 'images/admin/delete.png', 'Удалить выделенные комментарии?', true) . '</div>';
}
AddText($text);
}
function MakePrintLabels($UserNames, $basefilename)
{
$box_size_x = 1.96875;
// 590 pixels
$box_size_y = 2.375;
// 712 pixels
$page_size_x = 11.0;
$page_size_y = 8.5;
$page_margin_x = 31 / 32;
$page_margin_y = 0.5;
$boxlocs = array(array($page_margin_x, $page_margin_y), array($page_margin_x + $box_size_x, $page_margin_y), array($page_size_x - $page_margin_x - 2 * $box_size_x, $page_size_y - $page_margin_y - $box_size_y), array($page_size_x - $page_margin_x - $box_size_x, $page_size_y - $page_margin_y - $box_size_y));
$sheetnum = 1;
$pos = 0;
$w = intval(11.0 * 300);
$h = intval(8.5 * 300);
$sheet_img = imagecreatetruecolor($w, $h);
$white = ImageColorAllocate($sheet_img, 0xff, 0xff, 0xff);
imagefilledrectangle($sheet_img, 0, 0, $w, $h, $white);
foreach ($UserNames as $u) {
$userid = GetUserIDFromName($u);
if ($userid <= 0) {
continue;
}
$data = GetUserInfo($userid);
if ($data === false) {
continue;
}
$picid = $data["PicID"];
$badgeid = $data["BadgeID"];
$firstname = $data["FirstName"];
$lastname = $data["LastName"];
$title = $data["Title"];
$labelimg = CreateLabelPic($picid, $firstname, $lastname, $title);
$x0 = intval($boxlocs[$pos][0] * 300);
$y0 = intval($boxlocs[$pos][1] * 300);
$result = @imagecopyresampled($sheet_img, $labelimg, $x0, $y0, 0, 0, 590, 712, 590, 712);
$pos += 1;
if ($pos >= count($boxlocs)) {
$fname = 'label_' . $sheetnum . '.jpg';
SaveSheetImg($sheet_img, $fname);
$sheetnum += 1;
$pos = 0;
imagefilledrectangle($sheet_img, 0, 0, $w, $h, $white);
}
}
if ($pos != 0) {
$fname = 'label_' . $sheetnum . '.jpg';
SaveSheetImg($sheet_img, $fname);
}
}
$temp = str_replace("]", "", $temp);
//echo $temp;
$param = json_decode($temp);
$ordr = (int) $param->order;
switch ($ordr) {
case 1:
GetUsers();
break;
case 2:
InsertUser($param);
break;
case 3:
UpdateUser($param);
break;
case 4:
GetUserInfo($param);
break;
case 5:
DelUser($param);
break;
}
function GetUsers()
{
$sql = "SELECT `user_name` FROM `keys` WHERE 1";
$rr = array();
include "db_config.php";
$result = mysqli_query($con, $sql);
$i = 0;
while ($row = $result->fetch_row()) {
$rr[$i] = array("user" => strval($row[0]));
$i++;
