function check_permission($perm)
{
global $g, $smarty;
$allow = $perm == "space" ? "allow_space" : $perm . "_allow";
if (!$g[$allow]) {
$message = L("have_no_perm", "msg", L($allow, "tpl"));
$smarty->assign('action_img', "failed.png");
$smarty->assign('url', 'javascript:;');
$smarty->assign('message', $message);
$smarty->assign('title', $message);
$smarty->assign('page_title', strip_tags($message));
vtemplate($smarty->flash_layout);
exit;
}
}
}
if (isset($_POST['is_ajax'])) {
die(L("success"));
}
if (!$updated) {
flash("action_failed");
} else {
flash("success", '', 0);
}
}
if (isset($_GET['do'])) {
$do = trim($_GET['do']);
if (isset($_GET['id'])) {
$id = intval($_GET['id']);
}
if ($do == "edit") {
if (!empty($id)) {
$linkinfo = $spacelink->read("*", $id);
setvar("item", $linkinfo);
}
$tpl_file = "link_edit";
vtemplate($tpl_file);
exit;
}
}
$result = $spacelink->getSpaceLinks($the_memberid, $companyinfo['id']);
if (!empty($result)) {
setvar("Items", $result);
}
vtemplate($tpl_file);
unset($vals['created']);
unset($_POST['memberfield']['created']);
$result = $member->save($vals, "update", $the_memberid);
$memberfield->primaryKey = "member_id";
$result = $memberfield->save($_POST['memberfield'], "update", $the_memberid);
$member->clearCache($the_memberid);
$member->updateMemberCaches($the_memberid);
if (isset($_POST['personal']['resume_status'])) {
$result = $pdb->Execute("REPLACE INTO {$tb_prefix}personals (member_id,resume_status,max_education) VALUE (" . $the_memberid . ",'" . $_POST['personal']['resume_status'] . "','" . $_POST['personal']['max_education'] . "')");
}
if (!$result) {
flash('action_failed');
} else {
flash('success');
}
}
unset($G['typeoption']['gender'][-1]);
setvar("Genders", $G['typeoption']['gender']);
setvar("Educations", $G['typeoption']['education']);
setvar("OfficeRedirects", explode(",", L("office_redirects", "tpl")));
$personal = $pdb->GetRow("SELECT * FROM {$tb_prefix}personals WHERE member_id=" . $the_memberid);
setvar("resume_status", $personal['resume_status']);
setvar("max_education", $personal['max_education']);
if (!empty($memberinfo['photo'])) {
$memberinfo['image'] = pb_get_attachmenturl($memberinfo['photo'], "../", "small");
}
$r2 = $area->disSubOptions($memberinfo['area_id'], "area_");
$memberinfo = am($memberinfo, $r2);
setvar("item", $memberinfo);
vtemplate("personal");
if (isset($_POST['save']) && !empty($_POST['data']['member']['styleid'])) {
$templet_id = intval($_POST['data']['member']['styleid']);
$pdb->Execute("UPDATE {$tb_prefix}members SET templet_id=" . $templet_id . " WHERE id=" . $the_memberid);
$pdb->Execute("REPLACE INTO {$tb_prefix}spacecaches (cache_spacename,company_id,data1,data2) VALUE ('" . $companyinfo['cache_spacename'] . "','" . $companyinfo['id'] . "','" . $templet_id . "','" . $_POST['data']['skin'][$templet_id] . "')");
$member->clearCache($the_memberid);
$member->updateMemberCaches($the_memberid);
flash("success");
}
setvar("templet_id", $memberinfo['templet_id']);
$cache_data = $pdb->GetRow("SELECT data2 AS style FROM {$tb_prefix}spacecaches WHERE company_id='" . $companyinfo['id'] . "'");
/**
* only for 4.2=>4.3 converts
* 2012.9
*/
if (isset($cache_data['style'])) {
setvar("style_id", $cache_data['style']);
}
$result = $templet->getInstalled($memberinfo['membergroup_id'], $memberinfo['membertype_id']);
foreach ($result as $key => $val) {
if (!is_dir(PHPB2B_ROOT . "templates" . DS . $val['directory'])) {
unset($result[$key]);
} elseif (!empty($result[$key]['description'])) {
$_styles = unserialize($result[$key]['description']);
if (is_array($_styles)) {
$result[$key]['styles'] = $_styles;
}
}
}
setvar("Items", $result);
vtemplate("space");
/**
* [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved.
* The contents of this file are subject to the License; you may not use this file except in compliance with the License.
*
* @version $Revision: 2075 $
*/
require "../libraries/common.inc.php";
require "room.share.php";
require PHPB2B_ROOT . './libraries/page.class.php';
uses("order");
$page = new Pages();
$page->displaypg = 25;
$options = cache_read("typeoption");
setvar("pay_status", $options['common_option']);
setvar("order_status", $options['common_status']);
$conditions[] = "member_id=" . $the_memberid;
if (isset($_GET['action'])) {
$action = trim($_GET['action']);
if ($action == "cancel" && !empty($_GET['tradeno'])) {
$pdb->Execute("DELETE FROM " . $tb_prefix . "orders WHERE trade_no='" . $_GET['tradeno'] . "' AND member_id='" . $the_memberid . "' AND pay_status='0'");
}
}
$order = new Orders();
$amount = $order->findCount(null, $conditions);
$page->setPagenav($amount);
$result = $order->findAll("*", null, $conditions, " id desc", $page->firstcount, $page->displaypg);
setvar("ByPages", $page->pagenav);
setvar("datas", $result);
vtemplate("order");
$membergroup_id = $group_info['after_live_time'];
$time_add = $membergroup->getServiceEndtime($group_info['default_live_time']);
$pdb->Execute("UPDATE {$tb_prefix}members SET membergroup_id='" . $group_info['after_live_time'] . "' WHERE id=" . $the_memberid);
}
}
uaAssign(array("LastLogin" => date("Y-m-d H:i", $memberinfo['last_login'])));
$offer_count = $pdb->GetArray("SELECT count(id) AS amount,type_id AS typeid FROM {$tb_prefix}trades WHERE member_id=" . $the_memberid . " GROUP BY type_id");
$offer_stat = array();
$types = $trade->getTradeTypes();
if (!empty($offer_count)) {
foreach ($offer_count as $offer_key => $offer_val) {
$offer_stat[$types[$offer_val['typeid']]] = $offer_val['amount'];
}
setvar("items_offer", $offer_stat);
}
$pm_count = $pdb->GetArray("SELECT count(id) AS amount,type AS typename FROM {$tb_prefix}messages WHERE to_member_id=" . $the_memberid . " GROUP BY type");
if (!empty($pm_count)) {
$pm_result = array();
foreach ($pm_count as $pm_val) {
$pm_result[$pm_val['typename']] = intval($pm_val['amount']);
}
setvar("pm", $pm_result);
}
setvar("ServiceInfo", $service_info);
$group['name'] = $g['name'];
$group['image'] = $g['avatar'];
setvar("group", $group);
vtemplate("index");
} else {
flash('invalid_user');
}
<?php
/**
* [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved.
* The contents of this file are subject to the License; you may not use this file except in compliance with the License.
*
* @version $Revision: 2075 $
*/
require "../libraries/common.inc.php";
require "room.share.php";
$tplname = "invite";
$invitecode = authcode($the_memberid . $time_stamp . pb_radom(6));
setvar("InviteCode", $invitecode);
vtemplate($tplname);
* The contents of this file are subject to the License; you may not use this file except in compliance with the License.
*
* @version $Revision: 2075 $
*/
require "../libraries/common.inc.php";
require "room.share.php";
require LIB_PATH . 'passport.class.php';
$passport = new Passports();
if (isset($_POST['do']) || isset($_POST['action'])) {
$do = trim($_POST['do']);
$action = trim($_POST['action']);
if ($do == "checkpasswd" || $action == "checkpasswd") {
pb_submit_check('oldpass');
$OldPassCheck = $member->checkUserPasswdById($_POST['oldpass'], $the_memberid);
if ($OldPassCheck > 0) {
$vals = array();
$vals['userpass'] = $member->authPasswd(trim($_POST['newpass']));
if (!empty($_POST['question']) && !empty($_POST['answer'])) {
$vals['question'] = $_POST['question'];
$vals['answer'] = $_POST['answer'];
}
$result = $member->save($vals, "update", $the_memberid);
$passport->ucSingleUpdatePwd($the_membername, trim($_POST['newpass']));
flash("success");
} else {
flash('old_pwd_error');
}
}
}
vtemplate("changepass");
<?php
/**
* [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved.
* The contents of this file are subject to the License; you may not use this file except in compliance with the License.
*
* @version $Revision: 2075 $
*/
require "../libraries/common.inc.php";
require "room.share.php";
uses("trade", "product");
check_permission("offer");
$product = new Products();
$trade = new Trades();
$trade_controller = new Trade();
$trade_type_names = $trade_controller->getTradeTypes();
$conditions = "member_id = " . $the_memberid;
$amount = $pdb->GetArray("select Trade.type_id as TradeTypeId,count(Trade.id) as CountTrade from " . $trade->getTable(true) . " where " . $conditions . " group by Trade.type_id");
if (is_array($amount)) {
$stats = array();
foreach ($amount as $val) {
$stats[$val['TradeTypeId']] = array("Amount" => $val['CountTrade'], "name" => $trade_type_names[$val['TradeTypeId']]);
}
}
setvar("UserTradeStat", $stats);
setvar("ProductAmount", $product->findCount(null, $conditions, "Product.id"));
vtemplate("stat");