$in_groups[] = $_group_id;
}
}
$in_groups = array_intersect($in_groups, array_keys($groups_list));
$in_groups_hiden = array_diff($array_old_groups, array_keys($groups_list));
$in_groups = array_unique(array_merge($in_groups, $in_groups_hiden));
$in_groups_del = array_diff($array_old_groups, $in_groups);
if (!empty($in_groups_del)) {
foreach ($in_groups_del as $gid) {
nv_groups_del_user($gid, $userid);
}
}
$in_groups_add = array_diff($in_groups, $array_old_groups);
if (!empty($in_groups_add)) {
foreach ($in_groups_add as $gid) {
nv_groups_add_user($gid, $userid);
}
}
$db->query("UPDATE " . NV_USERS_GLOBALTABLE . " SET\n\t\t\t\tusername="******",\n\t\t\t\tmd5username='******'username']) . "',\n\t\t\t\tpassword="******",\n\t\t\t\temail=" . $db->quote($_user['email']) . ",\n\t\t\t\tfirst_name=" . $db->quote($_user['first_name']) . ",\n\t\t\t\tlast_name=" . $db->quote($_user['last_name']) . ",\n\t\t\t\tgender=" . $db->quote($_user['gender']) . ",\n\t\t\t\tphoto=" . $db->quote(nv_unhtmlspecialchars($_user['photo'])) . ",\n\t\t\t\tbirthday=" . $_user['birthday'] . ",\n\t\t\t\tsig=" . $db->quote($_user['sig']) . ",\n\t\t\t\tquestion=" . $db->quote($_user['question']) . ",\n\t\t\t\tanswer=" . $db->quote($_user['answer']) . ",\n\t\t\t\tview_mail=" . $_user['view_mail'] . ",\n\t\t\t\tin_groups='" . implode(',', $in_groups) . "'\n\t\t\t\tWHERE userid=" . $userid);
if (!empty($array_field_config)) {
$db->query('UPDATE ' . NV_USERS_GLOBALTABLE . '_info SET ' . implode(', ', $query_field) . ' WHERE userid=' . $userid);
}
nv_insert_logs(NV_LANG_DATA, $module_name, 'log_edit_user', 'userid ' . $userid, $admin_info['userid']);
Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name);
exit;
}
}
} else {
$_user = $row;
$_user['password1'] = $_user['password2'] = '';
$_user['birthday'] = !empty($_user['birthday']) ? date('d/m/Y', $_user['birthday']) : '';
$array_old_groups[] = $row_gru['group_id'];
}
$in_groups = $nv_Request->get_typed_array('in_groups', 'post', 'int');
$in_groups = array_intersect($in_groups, array_keys($groups_list));
$in_groups_hiden = array_diff($array_old_groups, array_keys($groups_list));
$in_groups = array_unique(array_merge($in_groups, $in_groups_hiden));
$in_groups_del = array_diff($array_old_groups, $in_groups);
if (!empty($in_groups_del)) {
foreach ($in_groups_del as $gid) {
nv_groups_del_user($gid, $user_info['userid']);
}
}
$in_groups_add = array_diff($in_groups, $array_old_groups);
if (!empty($in_groups_add)) {
foreach ($in_groups_add as $gid) {
nv_groups_add_user($gid, $user_info['userid']);
}
}
$db->query("UPDATE " . NV_USERS_GLOBALTABLE . " SET in_groups='" . implode(',', $in_groups) . "' WHERE userid=" . $user_info['userid']);
die(json_encode(array('status' => 'ok', 'input' => nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=editinfo/group', true), 'mess' => $lang_module['in_group_ok'])));
} elseif ($checkss == $array_data['checkss'] and $array_data['type'] == 'others') {
$query_field = array();
$userid = $user_info['userid'];
$custom_fields = $nv_Request->get_array('custom_fields', 'post');
require NV_ROOTDIR . '/modules/users/fields.check.php';
$db->query('UPDATE ' . NV_USERS_GLOBALTABLE . '_info SET ' . implode(', ', $query_field) . ' WHERE userid=' . $user_info['userid']);
die(json_encode(array('status' => 'ok', 'input' => nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=editinfo/others', true), 'mess' => $lang_module['editinfo_ok'])));
} elseif ($checkss == $array_data['checkss'] and $array_data['type'] == 'safemode') {
$nv_password = $nv_Request->get_title('nv_password', 'post', '');
if (empty($nv_password) or !$crypt->validate_password($nv_password, $row['password'])) {
die(json_encode(array('status' => 'error', 'input' => 'nv_password', 'mess' => $lang_global['incorrect_password'])));
$gid = $nv_Request->get_int('gid', 'post', 0);
$uid = $nv_Request->get_int('uid', 'post', 0);
if (!isset($groupsList[$gid]) or $gid < 10) {
die($lang_module['error_group_not_found']);
}
if ($groupsList[$gid]['idsite'] != $global_config['idsite'] and $groupsList[$gid]['idsite'] == 0) {
$row = $db->query('SELECT idsite FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid=' . $uid)->fetch();
if (!empty($row)) {
if ($row['idsite'] != $global_config['idsite']) {
die($lang_module['error_group_in_site']);
}
} else {
die($lang_module['search_not_result']);
}
}
if (!nv_groups_add_user($gid, $uid)) {
die($lang_module['search_not_result']);
}
// Update for table users
$in_groups = array();
$result_gru = $db->query('SELECT group_id FROM ' . NV_GROUPS_GLOBALTABLE . '_users WHERE userid=' . $uid);
while ($row_gru = $result_gru->fetch()) {
$in_groups[] = $row_gru['group_id'];
}
$db->exec("UPDATE " . NV_USERS_GLOBALTABLE . " SET in_groups='" . implode(',', $in_groups) . "' WHERE userid=" . $uid);
nv_del_moduleCache($module_name);
nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['addMemberToGroup'], 'Member Id: ' . $uid . ' group ID: ' . $gid, $admin_info['userid']);
die('OK');
}
//Loai thanh vien khoi nhom
if ($nv_Request->isset_request('gid,exclude', 'post')) {
$_user['photo'] = substr($new_photo, strlen(NV_ROOTDIR . '/'));
} else {
$_user['photo'] = '';
}
nv_deletefile(NV_DOCUMENT_ROOT . $tmp_photo);
}
if (!empty($_user['photo'])) {
$stmt = $db->prepare('UPDATE ' . NV_MOD_TABLE . ' SET photo= :file_name WHERE userid=' . $userid);
$stmt->bindParam(':file_name', $_user['photo'], PDO::PARAM_STR, strlen($file_name));
$stmt->execute();
}
}
if (!empty($_user['in_groups'])) {
foreach ($_user['in_groups'] as $group_id) {
if ($group_id != 7) {
nv_groups_add_user($group_id, $userid, 1, $module_data);
}
}
}
$db->query('UPDATE ' . NV_MOD_TABLE . '_groups SET numbers = numbers+1 WHERE group_id=' . ($_user['is_official'] ? 4 : 7));
die(json_encode(array('status' => 'ok', 'input' => '', 'username' => $_user['username'], 'admin_add' => (isset($admin_mods['authors']) and defined('NV_IS_GODADMIN') or defined('NV_IS_SPADMIN') and ($global_config['spadmin_add_admin'] == 1 or $global_config['idsite'] > 0)) ? 'yes' : 'no', 'mess' => sprintf($lang_module['admin_add'], $_user['username']))));
}
$_user['username'] = $_user['email'] = $_user['password1'] = $_user['password2'] = $_user['question'] = $_user['answer'] = '';
$_user['first_name'] = $_user['last_name'] = $_user['gender'] = $_user['sig'] = $_user['birthday'] = '';
$_user['view_mail'] = 0;
$_user['in_groups'] = array();
$_user['is_official'] = ' checked="checked"';
$genders = array('N' => array('key' => 'N', 'title' => $lang_module['NA'], 'selected' => ''), 'M' => array('key' => 'M', 'title' => $lang_module['male'], 'selected' => ''), 'F' => array('key' => 'F', 'title' => $lang_module['female'], 'selected' => ''));
$_user['view_mail'] = '';
$groups = array();
if (!empty($groups_list)) {
$sth->bindParam(':mod', $mod, PDO::PARAM_STR);
$sth->execute();
}
}
if (!empty($add_modules) or !empty($del_modules)) {
$nv_Cache->delMod('modules');
}
$allow_files_type = array_values(array_intersect($global_config['file_allowed_ext'], $allow_files_type));
$files_level = (!empty($allow_files_type) ? implode(',', $allow_files_type) : '') . '|' . $allow_modify_files . '|' . $allow_create_subdirectories . '|' . $allow_modify_subdirectories;
$sth = $db->prepare('UPDATE ' . NV_AUTHORS_GLOBALTABLE . ' SET editor = :editor, lev=' . $lev . ', files_level= :files_level, position= :position WHERE admin_id=' . $admin_id);
$sth->bindParam(':editor', $editor, PDO::PARAM_STR);
$sth->bindParam(':files_level', $files_level, PDO::PARAM_STR);
$sth->bindParam(':position', $position, PDO::PARAM_STR);
$sth->execute();
if ($lev != $row['lev']) {
nv_groups_add_user($lev, $admin_id);
nv_groups_del_user($row['lev'], $admin_id);
}
$result = array();
$result['admin_id'] = $admin_id;
$result['login'] = $row_user['username'];
$result['change'] = array();
if ($editor != $row['editor']) {
$result['change']['editor'] = array($lang_module['editor'], !empty($row['editor']) ? $row['editor'] : $lang_module['not_use'], !empty($editor) ? $editor : $lang_module['not_use']);
}
if ($allow_files_type != $old_allow_files_type) {
$result['change']['allow_files_type'] = array($lang_module['allow_files_type'], !empty($old_allow_files_type) ? implode(', ', $old_allow_files_type) : $lang_global['no'], !empty($allow_files_type) ? implode(', ', $allow_files_type) : $lang_global['no']);
}
if ($allow_modify_files != $old_allow_modify_files) {
$result['change']['allow_modify_files'] = array($lang_module['allow_modify_files'], !empty($old_allow_modify_files) ? $lang_global['yes'] : $lang_global['no'], !empty($allow_modify_files) ? $lang_global['yes'] : $lang_global['no']);
}
}
}
if (!empty($titles)) {
$update .= 'END WHERE title IN (' . implode(',', $titles) . ')';
$db->query($update);
$nv_Cache->delMod('modules');
}
}
$allow_files_type = array_values(array_intersect($global_config['file_allowed_ext'], $allow_files_type));
$files_level = (!empty($allow_files_type) ? implode(',', $allow_files_type) : '') . '|' . $allow_modify_files . '|' . $allow_create_subdirectories . '|' . $allow_modify_subdirectories;
$sth = $db->prepare("INSERT INTO " . NV_AUTHORS_GLOBALTABLE . "\n\t\t(admin_id, editor, lev, files_level, position, is_suspend, susp_reason, check_num, last_login, last_ip, last_agent) VALUES\n\t\t( " . $userid . ", :editor, " . $lev . ", :files_level, :position, 0,'', '', 0, '', ''\t)");
$sth->bindParam(':editor', $editor, PDO::PARAM_STR);
$sth->bindParam(':files_level', $files_level, PDO::PARAM_STR);
$sth->bindParam(':position', $position, PDO::PARAM_STR);
if ($sth->execute()) {
nv_groups_add_user($lev, $userid);
$result = array('admin_id' => $userid, 'editor' => $editor, 'lev' => $lev, 'allow_files_type' => $allow_files_type, 'allow_modify_files' => $allow_modify_files, 'allow_create_subdirectories' => $allow_create_subdirectories, 'allow_modify_subdirectories' => $allow_modify_subdirectories, 'position' => $position, 'modules' => !empty($mds) ? implode(', ', $mds) : '');
$session_files = serialize($result);
$nv_Request->set_Session('nv_admin_profile', $session_files);
nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['menuadd'], 'Username: '******'userid']);
die('OK');
} else {
die($lang_module['add_error_diff']);
}
} else {
$position = '';
$userid = $nv_Request->get_title('userid', 'get');
$editor = 'ckeditor';
$lev = 3;
$modules = array();
$allow_files_type = explode(',', 'adobe,application,archives,audio,documents,flash,images,real,video');
$gid = $nv_Request->get_int('gid', 'post', 0);
$uid = $nv_Request->get_int('uid', 'post', 0);
if (!isset($groupsList[$gid]) or $gid < 10) {
die($lang_module['error_group_not_found']);
}
if ($groupsList[$gid]['idsite'] != $global_config['idsite'] and $groupsList[$gid]['idsite'] == 0) {
$row = $db->query('SELECT idsite FROM ' . NV_MOD_TABLE . ' WHERE userid=' . $uid)->fetch();
if (!empty($row)) {
if ($row['idsite'] != $global_config['idsite']) {
die($lang_module['error_group_in_site']);
}
} else {
die($lang_module['search_not_result']);
}
}
if (!nv_groups_add_user($gid, $uid, 1, $module_data)) {
die($lang_module['search_not_result']);
}
// Update for table users
$in_groups = array();
$result_gru = $db->query('SELECT group_id FROM ' . NV_MOD_TABLE . '_groups_users WHERE userid=' . $uid);
while ($row_gru = $result_gru->fetch()) {
$in_groups[] = $row_gru['group_id'];
}
$db->exec("UPDATE " . NV_MOD_TABLE . " SET in_groups='" . implode(',', $in_groups) . "' WHERE userid=" . $uid);
$nv_Cache->delMod($module_name);
nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['addMemberToGroup'], 'Member Id: ' . $uid . ' group ID: ' . $gid, $admin_info['userid']);
die('OK');
}
// Loai thanh vien khoi nhom
if ($nv_Request->isset_request('gid,exclude', 'post')) {
}
$in_groups = $nv_Request->get_typed_array('in_groups', 'post', 'int');
$in_groups = array_intersect($in_groups, array_keys($groups_list));
$in_groups_hiden = array_diff($array_old_groups, array_keys($groups_list));
$in_groups = array_unique(array_merge($in_groups, $in_groups_hiden));
$in_groups_del = array_diff($array_old_groups, $in_groups);
if (!empty($in_groups_del)) {
foreach ($in_groups_del as $gid) {
nv_groups_del_user($gid, $edit_userid, $module_data);
}
}
$in_groups_add = array_diff($in_groups, $array_old_groups);
if (!empty($in_groups_add)) {
foreach ($in_groups_add as $gid) {
$approved = $groups_list[$gid]['group_type'] == 1 ? 0 : 1;
if (nv_groups_add_user($gid, $edit_userid, $approved, $module_data)) {
// Gửi thư thông báo kiểm duyệt
if ($groups_list[$gid]['group_type'] == 1) {
// Danh sách email trưởng nhóm
$array_leader = array();
$result = $db->query('SELECT t2.email FROM ' . NV_MOD_TABLE . '_groups_users t1 INNER JOIN ' . NV_MOD_TABLE . ' t2 ON t1.userid=t2.userid WHERE t1.is_leader=1 AND t1.group_id=' . $gid);
while (list($email) = $result->fetch(3)) {
$array_leader[] = $email;
}
if (!empty($array_leader)) {
$array_leader = array_unique($array_leader);
foreach ($array_leader as $email) {
$mail_from = array($global_config['site_name'], $global_config['site_email']);
$url_group = nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=groups/' . $gid, true);
if (strpos($url_group, NV_MY_DOMAIN) !== 0) {
$url_group = NV_MY_DOMAIN . $url_group;
