/**
* ส่งอีเมล์ ตาม ID
*
* @param Request $request
*/
public function save(Request $request)
{
if ($request->initSession() && $request->isReferer() && ($login = Login::isMember())) {
// ค่าที่ส่งมา
$subject = $request->post('mail_subject')->topic();
$detail = nl2br($request->post('mail_detail')->textarea());
// ตรวจสอบ ค่าที่ส่งมา
$ret = array();
$antispam = new Antispam($request->post('mail_antispamid')->toString());
if (!$antispam->valid($request->post('mail_antispam')->toString())) {
// Antispam ไม่ถูกต้อง
$ret['ret_mail_antispam'] = 'this';
$ret['input'] = 'mail_antispam';
} else {
// ตรวจสอบผู้รับ
$reciever = array();
foreach (self::getUser($request->post('mail_reciever')->filter('0-9a-z')) as $item) {
$reciever[] = $item['email'] . (empty($item['name']) ? '' : '<' . $item['name'] . '>');
}
$reciever = implode(',', $reciever);
// ตรวจสอบค่าที่ส่งมา
if ($reciever == '') {
$ret['alert'] = Language::get('Unable to send e-mail, Because you can not send e-mail to yourself or can not find the email address of the recipient.');
$ret['location'] = WEB_URL . 'index.php';
} elseif ($subject == '') {
$ret['ret_mail_subject'] = 'this';
$ret['input'] = 'mail_subject';
} elseif ($detail == '') {
$ret['ret_mail_detail'] = 'this';
$ret['input'] = 'mail_detail';
} else {
// ส่งอีเมล์
$err = Email::send($reciever, $login['email'] . (empty($login['displayname']) ? '' : '<' . $login['displayname'] . '>'), $subject, $detail);
if (empty($err)) {
// เคลียร์ Antispam
$antispam->delete();
// ส่งอีเมล์สำเร็จ
$ret['alert'] = Language::get('Your message was sent successfully');
$ret['location'] = WEB_URL . 'index.php';
} else {
// ข้อผิดพลาดการส่งอีเมล์
echo $err;
}
}
}
if (!empty($ret)) {
// คืนค่าเป็น JSON
echo json_encode($ret);
}
}
}
/**
* ส่งออกเป็น PDF
*
* @param Request $request
*/
public function index(Request $request)
{
$pdf = new \Kotchasan\Pdf();
$pdf->AddPage();
$pdf->WriteHTML($request->post('content')->toString());
$pdf->Output();
}
/**
* บันทึก
*/
public function save(Request $request)
{
// referer, session
if ($request->initSession() && $request->isReferer()) {
$ret = array();
// ค่าที่ส่งมา
$email = $request->post('forgot_email')->url();
if ($email === '') {
$ret['ret_forgot_email'] = Language::get('Please fill out this form');
} else {
$search = $this->db()->createQuery()->from('user')->where(array(array('email', $email), array('fb', '0')))->toArray()->first('id', 'email');
if ($search === false) {
$ret['ret_forgot_email'] = Language::get('not a registered user');
}
}
if (empty($ret)) {
// รหัสผ่านใหม่
$password = Text::rndname(6);
// ข้อมูลอีเมล์
$replace = array('/%PASSWORD%/' => $password, '/%EMAIL%/' => $search['email']);
// send mail
$err = Email::send(3, 'member', $replace, $search['email']);
if (empty($err)) {
// อัปเดทรหัสผ่านใหม่
$save = array('password' => md5($password . $search['email']));
$this->db()->createQuery()->update('user')->set($save)->where($search['id'])->execute();
// คืนค่า
$ret['alert'] = Language::get('Your message was sent successfully');
$ret['ret_forgot_email'] = '';
$location = $request->post('modal')->url();
$ret['location'] = $location === 'true' ? 'close' : $location;
} else {
$ret['ret_forgot_email'] = $err;
}
} else {
$ret['input'] = 'forgot_email';
}
// คืนค่าเป็น JSON
echo json_encode($ret);
}
}
/**
* แสดงผลฟอร์ม ที่เรียกมาจาก GModal
*
* @param Request $request
*/
public function modal(Request $request)
{
$action = $request->post('action')->toString();
if ($action === 'register') {
$page = createClass('Index\\Register\\View')->render($request, true);
} elseif ($action === 'forgot') {
$page = createClass('Index\\Forgot\\View')->render($request, true);
} else {
// 404
$page = createClass('Index\\PageNotFound\\Controller')->init($request, 'index');
}
echo json_encode($page);
}
/**
* บันทึก
*/
public function save(Request $request)
{
$ret = array();
// referer, session, member
if ($request->initSession() && $request->isReferer() && ($login = Login::isMember())) {
if ($login['email'] == 'demo') {
$ret['alert'] = Language::get('Unable to complete the transaction');
} else {
// รับค่าจากการ POST
$save = array();
foreach ($request->getParsedBody() as $key => $value) {
$k = str_replace('register_', '', $key);
switch ($k) {
case 'phone1':
case 'phone2':
case 'provinceID':
case 'zipcode':
$save[$k] = $request->post($key)->number();
break;
case 'sex':
$save['sex'] = $request->post('register_sex')->topic();
$save['subscrib'] = $request->post('register_subscrib')->toBoolean();
break;
case 'displayname':
case 'fname':
case 'lname':
case 'address1':
case 'address2':
case 'province':
case 'country':
$save[$k] = $request->post($key)->topic();
break;
case 'website':
$save[$k] = str_replace(array('http://', 'https://', 'ftp://'), array('', '', ''), $request->post($key)->url());
break;
case 'subscrib':
$save[$k] = $request->post($key)->toBoolean();
break;
case 'birthday':
$save[$k] = $request->post($key)->date();
break;
case 'password':
case 'repassword':
${$k} = $request->post($key)->text();
break;
}
}
// ชื่อตาราง user
$user_table = $this->getFullTableName('user');
// database connection
$db = $this->db();
// ตรวจสอบค่าที่ส่งมา
$user = $db->first($user_table, $request->post('register_id')->toInt());
if (!$user) {
// ไม่พบสมาชิกที่แก้ไข
$ret['alert'] = Language::get('not a registered user');
} else {
$input = false;
// ชื่อเล่น
if (isset($save['displayname'])) {
if (mb_strlen($save['displayname']) < 2) {
$ret['ret_register_displayname'] = Language::get('Name for the show on the site at least 2 characters');
$input = !$input ? 'register_displayname' : $input;
} elseif (in_array($save['displayname'], self::$cfg->member_reserv)) {
$ret['ret_register_displayname'] = Language::get('Invalid name');
$input = !$input ? 'register_displayname' : $input;
} else {
// ตรวจสอบ displayname ซ้ำ
$search = $db->first($user_table, array('displayname', $save['displayname']));
if ($search !== false && $user->id != $search->id) {
$ret['ret_register_displayname'] = str_replace(':name', Language::get('Name'), Language::get('This :name is already registered'));
$input = !$input ? 'register_displayname' : $input;
} else {
$ret['ret_register_displayname'] = '';
}
}
}
// ชื่อ นามสกุล
if (!empty($save['fname']) || !empty($save['lname'])) {
$search = $db->first($user_table, array(array('fname', $save['fname']), array('lname', $save['lname'])));
if ($search !== false && $user->id != $search->id) {
$ret['ret_register_fname'] = str_replace(':name', Language::get('Name') . ' ' . Language::get('Surname'), Language::get('This :name is already registered'));
$input = !$input ? 'register_fname' : $input;
} else {
$ret['ret_register_fname'] = '';
}
}
// โทรศัพท์
if (!empty($save['phone1'])) {
if (!preg_match('/[0-9]{9,10}/', $save['phone1'])) {
$ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('Invalid :name'));
$input = !$input ? 'register_phone1' : $input;
} else {
// ตรวจสอบโทรศัพท์
$search = $db->first($user_table, array('phone1', $save['phone1']));
if ($search !== false && $user->id != $search->id) {
$ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('This :name is already registered'));
$input = !$input ? 'register_phone1' : $input;
} else {
$ret['ret_register_phone1'] = '';
}
}
}
// แก้ไขรหัสผ่าน
if ($user->fb == 0 && (!empty($password) || !empty($repassword))) {
if (mb_strlen($password) < 4) {
// รหัสผ่านต้องไม่น้อยกว่า 4 ตัวอักษร
$ret['ret_register_password'] = Language::get('Passwords must be at least four characters');
$input = !$input ? 'register_password' : $input;
} elseif ($repassword != $password) {
// ถ้าต้องการเปลี่ยนรหัสผ่าน กรุณากรอกรหัสผ่านสองช่องให้ตรงกัน
$ret['ret_register_repassword'] = Language::get('To change your password, enter your password to match the two inputs');
$input = !$input ? 'register_repassword' : $input;
} else {
// password ใหม่ถูกต้อง
$save['password'] = md5($password . $user->email);
$ret['ret_register_password'] = '';
$ret['ret_register_repassword'] = '';
}
}
// อัปโหลดไฟล์
foreach ($request->getUploadedFiles() as $item => $file) {
if ($file->hasUploadFile()) {
$item = str_replace('register_', '', $item);
if (!File::makeDirectory(ROOT_PATH . self::$cfg->usericon_folder)) {
// ไดเรคทอรี่ไม่สามารถสร้างได้
$ret['ret_register_' . $item] = sprintf(Language::get('Directory %s cannot be created or is read-only.'), self::$cfg->usericon_folder);
$input = !$input ? 'ret_register_' . $item : $input;
} else {
if (!empty($user->icon)) {
// ลบไฟล์เดิม
@unlink(ROOT_PATH . self::$cfg->usericon_folder . $user->icon);
}
try {
// อัปโหลด thumbnail
$save['icon'] = $user->id . '.jpg';
$file->cropImage(self::$cfg->user_icon_typies, ROOT_PATH . self::$cfg->usericon_folder . $save['icon'], self::$cfg->user_icon_w, self::$cfg->user_icon_h);
} catch (\Exception $exc) {
// ไม่สามารถอัปโหลดได้
$ret['ret_register_' . $item] = Language::get($exc->getMessage());
$input = !$input ? 'ret_register_' . $item : $input;
}
}
}
}
if (!empty($save)) {
if (!$input) {
// save
$db->update($user_table, $user->id, $save);
// เปลี่ยน password ที่ login ใหม่
if (!empty($save['password'])) {
$_SESSION['login']['password'] = $password;
}
// คืนค่า
$ret['alert'] = Language::get('Saved successfully');
$ret['location'] = 'index.php?module=editprofile&tab=' . $request->post('tab')->toString();
} else {
// error
$ret['input'] = $input;
}
}
}
}
} else {
$ret['alert'] = Language::get('Unable to complete the transaction');
}
// คืนค่าเป็น JSON
if (!empty($ret)) {
echo json_encode($ret);
}
}
public function chklogin(Request $request)
{
$data = $request->post('data')->toString();
if (!empty($data) && $request->initSession() && $request->isSafe()) {
// สุ่มรหัสผ่านใหม่
$login_password = Text::rndname(6);
// ข้อมูลที่ส่งมา
$facebook_data = array();
foreach (explode('&', $data) as $item) {
list($k, $v) = explode('=', $item);
if ($k === 'gender') {
$facebook_data['sex'] = $v === 'male' ? 'm' : 'f';
} elseif ($k === 'link') {
$facebook_data['website'] = str_replace(array('http://', 'https://', 'www.'), '', $v);
} elseif ($k === 'first_name') {
$facebook_data['fname'] = $v;
$facebook_data['displayname'] = $v;
} elseif ($k === 'last_name') {
$facebook_data['lname'] = $v;
} elseif ($k === 'email') {
$facebook_data['email'] = $v;
} elseif ($k === 'id') {
$fb_id = $v;
} elseif ($k === 'birthday' && preg_match('/^([0-9]+)[\\/\\-]([0-9]+)[\\/\\-]([0-9]+)$/', $v, $match)) {
$facebook_data['birthday'] = "{$match['3']}-{$match['1']}-{$match['2']}";
}
}
// ไม่มีอีเมล์ ใช้ id ของ Facebook
if (empty($facebook_data['email'])) {
$facebook_data['email'] = $fb_id;
}
// db
$db = $this->db();
// table
$user_table = $this->getFullTableName('user');
// ตรวจสอบสมาชิกกับ db
$search = $db->createQuery()->from('user')->where(array('email', $facebook_data['email']), array('displayname', $facebook_data['displayname']), 'OR')->toArray()->first('id', 'email', 'visited', 'fb', 'website');
if ($search === false) {
// ยังไม่เคยลงทะเบียน, ลงทะเบียนใหม่
$facebook_data['id'] = $db->getNextId($this->getTableName('user'));
$facebook_data['fb'] = 1;
$facebook_data['subscrib'] = 1;
$facebook_data['visited'] = 0;
$facebook_data['ip'] = $request->getClientIp();
$facebook_data['password'] = md5($login_password . $facebook_data['email']);
$facebook_data['lastvisited'] = time();
$facebook_data['create_date'] = $facebook_data['lastvisited'];
$facebook_data['icon'] = $facebook_data['id'] . '.jpg';
$facebook_data['country'] = 'TH';
$db->insert($user_table, $facebook_data);
} elseif ($search['fb'] == 1) {
// facebook เคยเยี่ยมชมแล้ว อัปเดทการเยี่ยมชม
$facebook_data['visited'] = $search['visited'] + 1;
$facebook_data['lastvisited'] = time();
$facebook_data['ip'] = $request->getClientIp();
$facebook_data['password'] = md5($login_password . $search['email']);
$db->update($user_table, $search['id'], $facebook_data);
} else {
// ไม่สามารถ login ได้ เนื่องจากมี email อยู่ก่อนแล้ว
$facebook_data = false;
$ret['alert'] = str_replace(':name', Language::get('User'), Language::get('This :name is already registered'));
$ret['isMember'] = 0;
}
if (is_array($facebook_data)) {
// อัปเดท icon สมาชิก
$data = @file_get_contents('https://graph.facebook.com/' . $fb_id . '/picture');
if ($data) {
$f = @fopen(ROOT_PATH . self::$cfg->usericon_folder . $facebook_data['icon'], 'wb');
if ($f) {
fwrite($f, $data);
fclose($f);
}
}
// login
$facebook_data['password'] = $login_password;
$_SESSION['login'] = $facebook_data;
// clear
$request->removeToken();
// reload
$ret['isMember'] = 1;
$u = $request->post('u')->toString();
if (preg_match('/module=(do)?login/', $u) || preg_match('/(do)?login\\.html/', $u)) {
$ret['location'] = 'back';
} else {
$ret['location'] = 'reload';
}
}
// คืนค่าเป็น json
echo json_encode($ret);
}
}
/**
* รับค่าจาก action
*/
public function action(Request $request)
{
if ($request->initSession() && $request->isReferer() && ($login = Login::isAdmin())) {
if ($login['email'] == 'demo' || !empty($login['fb'])) {
echo Language::get('Unable to complete the transaction');
} else {
// รับค่าจากการ POST
$action = $request->post('action')->toString();
// id ที่ส่งมา
if (preg_match_all('/,?([0-9]+),?/', $request->post('id')->toString(), $match)) {
// Model
$model = new \Kotchasan\Model();
// ตาราง user
$user_table = $model->getFullTableName('user');
if ($action === 'delete') {
// ลบไอคอนสมาชิก
$query = $model->db()->createQuery()->select('icon')->from('user')->where(array(array('id', $match[1]), array('id', '!=', 1), array('icon', '!=', '')));
foreach ($query->toArray()->execute() as $item) {
@unlink(ROOT_PATH . self::$cfg->usericon_folder . $item['icon']);
}
// ลบสมาชิก
$model->db()->delete($user_table, array(array('id', $match[1]), array('id', '!=', 1)), 0);
} elseif ($action === 'accept') {
// ยอมรับสมาชิกที่เลือก
$model->db()->update($user_table, array(array('id', $match[1]), array('fb', '0')), array('activatecode' => ''));
} elseif ($action === 'ban' || $action === 'unban') {
// ระงับ/ยกเลิก การใช้งานสมาชิก
$model->db()->update($user_table, array(array('id', $match[1]), array('id', '!=', 1)), array('ban' => $action == 'ban' ? 1 : 0));
} elseif ($action === 'activate' || $action === 'sendpassword') {
// ส่งอีเมล์ยืนยันสมาชิก
$query = $model->db()->createQuery()->select('id', 'email', 'activatecode')->from('user')->where(array(array('id', $match[1]), array('id', '!=', 1), array('fb', '0')));
$msgs = array();
foreach ($query->toArray()->execute() as $item) {
// รหัสผ่านใหม่
$password = Text::rndname(6);
// ข้อมูลอีเมล์
$replace = array('/%PASSWORD%/' => $password, '/%EMAIL%/' => $item['email']);
$save = array('password' => md5($password . $item['email']));
if ($action === 'activate' || !empty($item['activatecode'])) {
// activate หรือ ยังไม่ได้ activate
$save['activatecode'] = empty($item['activatecode']) ? Text::rndname(32) : $item['activatecode'];
$replace['/%ID%/'] = $save['activatecode'];
// send mail
$err = Email::send(1, 'member', $replace, $item['email']);
} else {
// send mail
$err = Email::send(3, 'member', $replace, $item['email']);
}
$msgs = array();
if (empty($err)) {
// อัปเดทรหัสผ่านใหม่
$model->db()->update($user_table, $item['id'], $save);
} else {
$msgs[] = $err;
}
if (empty($msgs)) {
// ส่งอีเมล์ สำเร็จ
echo Language::get('Your message was sent successfully');
} else {
// มีข้อผิดพลาด
echo implode("\n", $msgs);
}
}
} elseif ($request->post('module')->toString() === 'status') {
// เปลี่ยนสถานะสมาชิก
$model->db()->update($user_table, array(array('id', $match[1]), array('id', '!=', 1), array('fb', '0')), array('status' => (int) $action));
}
}
}
}
}
/**
* บันทึก
*/
public function save(Request $request)
{
$ret = array();
// referer, session, member
if ($request->initSession() && $request->isReferer() && ($login = Login::isMember())) {
if ($login['email'] == 'demo' || !empty($login['fb'])) {
$ret['alert'] = Language::get('Unable to complete the transaction');
} else {
// รับค่าจากการ POST
$save = array('email' => $request->post('register_email')->url(), 'displayname' => $request->post('register_displayname')->topic(), 'sex' => $request->post('register_sex')->topic(), 'website' => str_replace(array('http://', 'https://', 'ftp://'), array('', '', ''), $request->post('register_website')->url()), 'pname' => $request->post('register_pname')->topic(), 'fname' => $request->post('register_fname')->topic(), 'lname' => $request->post('register_lname')->topic(), 'company' => $request->post('register_company')->topic(), 'phone1' => $request->post('register_phone1')->number(), 'phone2' => $request->post('register_phone2')->number(), 'subscrib' => $request->post('register_subscrib')->toBoolean(), 'address1' => $request->post('register_address1')->topic(), 'address2' => $request->post('register_address2')->topic(), 'provinceID' => $request->post('register_provinceID')->number(), 'province' => $request->post('register_province')->topic(), 'zipcode' => $request->post('register_zipcode')->number(), 'country' => $request->post('register_country')->topic(), 'status' => $request->post('register_status')->toInt(), 'birthday' => $request->post('register_birthday')->date(), 'admin_access' => $request->post('register_admin_access')->toBoolean());
// ชื่อตาราง user
$user_table = $this->getFullTableName('user');
// database connection
$db = $this->db();
// ตรวจสอบค่าที่ส่งมา
$id = $request->post('register_id')->toInt();
if ($id == 0) {
// ใหม่
$user = (object) array('id' => 0, 'email' => '', 'fb' => 0);
} else {
// แก้ไข
$user = $db->first($user_table, $id);
}
if (!$user) {
// ไม่พบสมาชิกที่แก้ไข
$ret['alert'] = Language::get('not a registered user');
} else {
$isAdmin = Login::isAdmin();
// ไม่ใช่แอดมิน ใช้อีเมล์เดิมจากฐานข้อมูล
if (!$isAdmin && $user->id > 0) {
$save['email'] = $user->email;
}
// ตรวจสอบค่าที่ส่งมา
$input = false;
$requirePassword = false;
// อีเมล์
if (empty($save['email'])) {
$ret['ret_register_email'] = 'this';
$input = !$input ? 'register_email' : $input;
} else {
// ตรวจสอบอีเมล์ซ้ำ
$search = $db->first($user_table, array('email', $save['email']));
if ($search !== false && $user->id != $search->id) {
$ret['ret_register_email'] = str_replace(':name', Language::get('Email'), Language::get('This :name is already registered'));
$input = !$input ? 'register_email' : $input;
} else {
$requirePassword = $user->email !== $save['email'];
$ret['ret_register_email'] = '';
}
}
// ชื่อเรียก
if (!empty($save['displayname'])) {
// ตรวจสอบ ชื่อเรียก
$search = $db->first($user_table, array('displayname', $save['displayname']));
if ($search !== false && $user->id != $search->id) {
$ret['ret_register_displayname'] = str_replace(':name', Language::get('Name'), Language::get('This :name is already registered'));
$input = !$input ? 'register_displayname' : $input;
} else {
$ret['ret_register_displayname'] = '';
}
}
// โทรศัพท์
if (!empty($save['phone1'])) {
if (!preg_match('/[0-9]{9,10}/', $save['phone1'])) {
$ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('Invalid :name'));
$input = !$input ? 'register_phone1' : $input;
} else {
// ตรวจสอบโทรศัพท์
$search = $db->first($user_table, array('phone1', $save['phone1']));
if ($search !== false && $user->id != $search->id) {
$ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('This :name is already registered'));
$input = !$input ? 'register_phone1' : $input;
} else {
$ret['ret_register_phone1'] = '';
}
}
}
// password
$password = $request->post('register_password')->topic();
$repassword = $request->post('register_repassword')->topic();
if (!empty($password) || !empty($repassword)) {
if (mb_strlen($password) < 4) {
// รหัสผ่านต้องไม่น้อยกว่า 4 ตัวอักษร
$ret['ret_register_password'] = '******';
$input = !$input ? 'register_password' : $input;
} elseif ($repassword != $password) {
// ถ้าต้องการเปลี่ยนรหัสผ่าน กรุณากรอกรหัสผ่านสองช่องให้ตรงกัน
$ret['ret_register_repassword'] = '******';
$input = !$input ? 'register_repassword' : $input;
} else {
$ret['ret_register_password'] = '';
$ret['ret_register_repassword'] = '';
$save['password'] = md5($password . $save['email']);
$requirePassword = false;
}
}
// มีการเปลี่ยน email ต้องการรหัสผ่าน
if (!$input && $requirePassword) {
$ret['ret_register_password'] = '******';
$input = !$input ? 'register_password' : $input;
}
// อัปโหลดไฟล์
foreach ($request->getUploadedFiles() as $item => $file) {
if ($file->hasUploadFile()) {
if (!File::makeDirectory(ROOT_PATH . self::$cfg->usericon_folder)) {
// ไดเรคทอรี่ไม่สามารถสร้างได้
$ret['ret_' . $item] = sprintf(Language::get('Directory %s cannot be created or is read-only.'), self::$cfg->usericon_folder);
$input = !$input ? $item : $input;
} else {
if (!empty($user->icon)) {
// ลบไฟล์เดิม
@unlink(ROOT_PATH . self::$cfg->usericon_folder . $user->icon);
}
try {
// อัปโหลด thumbnail
$save['icon'] = $user->id . '.jpg';
$file->cropImage(self::$cfg->user_icon_typies, ROOT_PATH . self::$cfg->usericon_folder . $save['icon'], self::$cfg->user_icon_w, self::$cfg->user_icon_h);
} catch (\Exception $exc) {
// ไม่สามารถอัปโหลดได้
$ret['ret_' . $item] = Language::get($exc->getMessage());
$input = !$input ? $item : $input;
}
}
}
}
if (!$input) {
// ไม่ใช่แอดมิน
if (!$isAdmin) {
unset($save['status']);
unset($save['point']);
unset($save['admin_access']);
}
// social ห้ามแก้ไข
if (!empty($user->fb)) {
unset($save['email']);
unset($save['password']);
}
if ($login['id'] == $id || $id == 1) {
unset($save['admin_access']);
}
// บันทึก
if ($id == 0) {
// ใหม่
$id = $db->insert($user_table, $save);
// ไปหน้ารายการสมาชิก
$ret['location'] = $request->getUri()->postBack('index.php', array('module' => 'member', 'id' => null, 'page' => null));
} else {
// แก้ไข
$db->update($user_table, $id, $save);
if ($login['id'] == $id) {
// ตัวเอง
if (isset($save['password'])) {
if (isset($save['email'])) {
$_SESSION['login']['email'] = $save['email'];
}
$_SESSION['login']['password'] = $password;
}
// reload หน้าเว็บ
$ret['location'] = 'reload';
} else {
// กลับไปหน้าก่อนหน้า
$ret['location'] = $request->getUri()->postBack('index.php', array('id' => null));
}
}
// คืนค่า
$ret['alert'] = Language::get('Saved successfully');
} else {
// error
$ret['input'] = $input;
}
}
}
} else {
$ret['alert'] = Language::get('Unable to complete the transaction');
}
// คืนค่าเป็น JSON
if (!empty($ret)) {
echo json_encode($ret);
}
}
/**
* ฟังก์ชั่นส่งอีเมล์ลืมรหัสผ่าน
*/
public function forgot(Request $request)
{
// ค่าที่ส่งมา
$email = $request->post('login_username')->url();
if (empty($email)) {
if ($request->post('action')->toString() === 'forgot') {
self::$login_message = Language::get('Please fill out this form');
}
} else {
self::$text_username = $email;
// ค้นหาอีเมล์หรือโทรศัพท์
$model = new Model();
$user_table = $model->getFullTableName('user');
$search = $model->db()->first($user_table, array(array('email', $email), array('fb', '0')));
if ($search === false) {
self::$login_message = Language::get('not a registered user');
} else {
// รหัสผ่านใหม่
$password = Text::rndname(6);
// ข้อมูลอีเมล์
$replace = array('/%PASSWORD%/' => $password, '/%EMAIL%/' => $search->email);
// send mail
$err = Email::send(3, 'member', $replace, $search->email);
if (empty($err)) {
// อัปเดทรหัสผ่านใหม่
$model->db()->update($user_table, (int) $search->id, array('password' => md5($password . $search->email)));
// คืนค่า
self::$login_message = Language::get('Your message was sent successfully');
self::$request = $request->withParsedBody(array('action' => 'login'));
} else {
self::$login_message = $err;
}
}
}
}
/**
* บันทึก
*/
public function save(Request $request)
{
$ret = array();
// referer, session
if ($request->initSession() && $request->isReferer()) {
$antispam = new Antispam($request->post('register_antispamid')->toString());
if (!$antispam->valid($request->post('register_antispam')->toString())) {
// Antispam ไม่ถูกต้อง
$ret['ret_register_antispam'] = 'this';
$ret['input'] = 'register_antispam';
} else {
// รับค่าจากการ POST
$save = array();
foreach ($request->getParsedBody() as $key => $value) {
$k = str_replace('register_', '', $key);
switch ($k) {
case 'email':
$save['email'] = $request->post($key)->username();
break;
case 'phone1':
case 'idcard':
$save[$k] = $request->post($key)->number();
break;
case 'invite':
$save[$k] = $request->post($key)->toInt();
break;
case 'password':
case 'repassword':
case 'accept':
case 'next':
${$k} = $request->post($key)->toString();
break;
}
}
if ($accept === '1') {
// ชื่อตาราง user
$user_table = $this->getFullTableName('user');
// database connection
$db = $this->db();
// ตรวจสอบค่าที่ส่งมา
$input = false;
// อีเมล์
if (empty($save['email'])) {
$ret['ret_register_email'] = 'this';
$input = !$input ? 'register_email' : $input;
} elseif (!Validator::email($save['email'])) {
$ret['ret_register_email'] = str_replace(':name', Language::get('Email'), Language::get('Invalid :name'));
$input = !$input ? 'register_email' : $input;
} else {
// ตรวจสอบอีเมล์ซ้ำ
$search = $db->first($user_table, array('email', $save['email']));
if ($search !== false) {
$ret['ret_register_email'] = str_replace(':name', Language::get('Email'), Language::get('This :name is already registered'));
$input = !$input ? 'register_email' : $input;
} else {
$ret['ret_register_email'] = '';
}
}
// password
if (mb_strlen($password) < 4) {
// รหัสผ่านต้องไม่น้อยกว่า 4 ตัวอักษร
$ret['ret_register_password'] = '******';
$input = !$input ? 'register_password' : $input;
} elseif ($repassword != $password) {
// ถ้าต้องการเปลี่ยนรหัสผ่าน กรุณากรอกรหัสผ่านสองช่องให้ตรงกัน
$ret['ret_register_repassword'] = '******';
$input = !$input ? 'register_repassword' : $input;
} else {
$save['password'] = md5($password . $save['email']);
$ret['ret_register_password'] = '';
$ret['ret_register_repassword'] = '';
}
// phone1
if (!empty($save['phone1'])) {
if (!preg_match('/[0-9]{9,10}/', $save['phone1'])) {
$ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('Invalid :name'));
$input = !$input ? 'register_phone1' : $input;
} else {
// ตรวจสอบโทรศัพท์
$search = $db->first($user_table, array('phone1', $save['phone1']));
if ($search !== false) {
$ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('This :name is already registered'));
$input = !$input ? 'register_phone1' : $input;
} else {
$ret['ret_register_phone1'] = '';
}
}
} elseif (self::$cfg->member_phone == 2) {
$ret['ret_register_phone1'] = 'this';
$input = !$input ? 'register_phone1' : $input;
}
// idcard
if (!empty($save['idcard'])) {
if (!Validator::idCard($save['idcard'])) {
$ret['ret_register_idcard'] = str_replace(':name', Language::get('Identification number'), Language::get('Invalid :name'));
$input = !$input ? 'register_idcard' : $input;
} else {
// ตรวจสอบ idcard ซ้ำ
$search = $db->first($user_table, array('idcard', $save['idcard']));
if ($search !== false) {
$ret['ret_register_idcard'] = str_replace(':name', Language::get('Identification number'), Language::get('This :name is already registered'));
$input = !$input ? 'register_idcard' : $input;
} else {
$ret['ret_register_idcard'] = '';
}
}
} elseif (self::$cfg->member_idcard == 2) {
$ret['ret_idcard'] = 'this';
$input = !$input ? 'idcard' : $input;
}
// invite
if (isset($save['invite'])) {
$ret['ret_invite'] = '';
if (!empty($save['invite'])) {
$search = $db->first($user_table, $save['invite']);
if ($search === false) {
$ret['ret_register_invite'] = str_replace(':name', Language::get('Invitation code'), Language::get('Invalid :name'));
$input = !$input ? 'register_invite' : $input;
}
}
}
if (!$input) {
$save['create_date'] = time();
$save['subscrib'] = 1;
$save['status'] = 0;
list($displayname, $domain) = explode('@', $save['email']);
$save['displayname'] = $displayname;
$a = 1;
while (true) {
if (false === $db->first($user_table, array('displayname', $save['displayname']))) {
break;
} else {
$a++;
$save['displayname'] = $displayname . $a;
}
}
// รหัสยืนยัน
$save['activatecode'] = empty(self::$cfg->user_activate) ? '' : Text::rndname(32);
// บันทึกลงฐานข้อมูล
$save['id'] = $db->insert($user_table, $save);
// ส่งอีเมล์
$replace = array('/%EMAIL%/' => $save['email'], '/%PASSWORD%/' => $password, '/%ID%/' => $save['activatecode']);
Email::send(empty(self::$cfg->user_activate) ? 2 : 1, 'member', $replace, $save['email']);
if (empty(self::$cfg->user_activate)) {
// login
$save['password'] = $password;
$_SESSION['login'] = $save;
// แสดงข้อความตอบรับการสมัครสมาชิก
$ret['alert'] = str_replace(':email', $save['email'], Language::get('Registration information sent to :email complete. We will take you to edit your profile'));
// ถ้าไม่มีการกำหนดหน้าถัดไปมา ไปแก้ไขข้อมูลส่วนตัว
$ret['location'] = isset($next) ? $next : WEB_URL . 'index.php?module=editprofile';
} else {
// แสดงข้อความตอบรับการสมัครสมาชิก
$ret['alert'] = str_replace(':email', $save['email'], Language::get('Register successfully, We have sent complete registration information to :email'));
// ถ้าไม่มีการกำหนดหน้าถัดไปมา กลับไปหน้าหลักเว็บไซต์
$ret['location'] = isset($next) ? $next : WEB_URL . 'index.php';
}
// clear antispam
$antispam->delete();
} else {
$ret['input'] = $input;
}
}
}
}
// คืนค่าเป็น JSON
if (!empty($ret)) {
echo json_encode($ret);
}
}
