$in_groups[] = $_group_id; } } $in_groups = array_intersect($in_groups, array_keys($groups_list)); $in_groups_hiden = array_diff($array_old_groups, array_keys($groups_list)); $in_groups = array_unique(array_merge($in_groups, $in_groups_hiden)); $in_groups_del = array_diff($array_old_groups, $in_groups); if (!empty($in_groups_del)) { foreach ($in_groups_del as $gid) { nv_groups_del_user($gid, $userid); } } $in_groups_add = array_diff($in_groups, $array_old_groups); if (!empty($in_groups_add)) { foreach ($in_groups_add as $gid) { nv_groups_add_user($gid, $userid); } } $db->query("UPDATE " . NV_USERS_GLOBALTABLE . " SET\n\t\t\t\tusername="******",\n\t\t\t\tmd5username='******'username']) . "',\n\t\t\t\tpassword="******",\n\t\t\t\temail=" . $db->quote($_user['email']) . ",\n\t\t\t\tfirst_name=" . $db->quote($_user['first_name']) . ",\n\t\t\t\tlast_name=" . $db->quote($_user['last_name']) . ",\n\t\t\t\tgender=" . $db->quote($_user['gender']) . ",\n\t\t\t\tphoto=" . $db->quote(nv_unhtmlspecialchars($_user['photo'])) . ",\n\t\t\t\tbirthday=" . $_user['birthday'] . ",\n\t\t\t\tsig=" . $db->quote($_user['sig']) . ",\n\t\t\t\tquestion=" . $db->quote($_user['question']) . ",\n\t\t\t\tanswer=" . $db->quote($_user['answer']) . ",\n\t\t\t\tview_mail=" . $_user['view_mail'] . ",\n\t\t\t\tin_groups='" . implode(',', $in_groups) . "'\n\t\t\t\tWHERE userid=" . $userid); if (!empty($array_field_config)) { $db->query('UPDATE ' . NV_USERS_GLOBALTABLE . '_info SET ' . implode(', ', $query_field) . ' WHERE userid=' . $userid); } nv_insert_logs(NV_LANG_DATA, $module_name, 'log_edit_user', 'userid ' . $userid, $admin_info['userid']); Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name); exit; } } } else { $_user = $row; $_user['password1'] = $_user['password2'] = ''; $_user['birthday'] = !empty($_user['birthday']) ? date('d/m/Y', $_user['birthday']) : '';
$array_old_groups[] = $row_gru['group_id']; } $in_groups = $nv_Request->get_typed_array('in_groups', 'post', 'int'); $in_groups = array_intersect($in_groups, array_keys($groups_list)); $in_groups_hiden = array_diff($array_old_groups, array_keys($groups_list)); $in_groups = array_unique(array_merge($in_groups, $in_groups_hiden)); $in_groups_del = array_diff($array_old_groups, $in_groups); if (!empty($in_groups_del)) { foreach ($in_groups_del as $gid) { nv_groups_del_user($gid, $user_info['userid']); } } $in_groups_add = array_diff($in_groups, $array_old_groups); if (!empty($in_groups_add)) { foreach ($in_groups_add as $gid) { nv_groups_add_user($gid, $user_info['userid']); } } $db->query("UPDATE " . NV_USERS_GLOBALTABLE . " SET in_groups='" . implode(',', $in_groups) . "' WHERE userid=" . $user_info['userid']); die(json_encode(array('status' => 'ok', 'input' => nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=editinfo/group', true), 'mess' => $lang_module['in_group_ok']))); } elseif ($checkss == $array_data['checkss'] and $array_data['type'] == 'others') { $query_field = array(); $userid = $user_info['userid']; $custom_fields = $nv_Request->get_array('custom_fields', 'post'); require NV_ROOTDIR . '/modules/users/fields.check.php'; $db->query('UPDATE ' . NV_USERS_GLOBALTABLE . '_info SET ' . implode(', ', $query_field) . ' WHERE userid=' . $user_info['userid']); die(json_encode(array('status' => 'ok', 'input' => nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=editinfo/others', true), 'mess' => $lang_module['editinfo_ok']))); } elseif ($checkss == $array_data['checkss'] and $array_data['type'] == 'safemode') { $nv_password = $nv_Request->get_title('nv_password', 'post', ''); if (empty($nv_password) or !$crypt->validate_password($nv_password, $row['password'])) { die(json_encode(array('status' => 'error', 'input' => 'nv_password', 'mess' => $lang_global['incorrect_password'])));
$gid = $nv_Request->get_int('gid', 'post', 0); $uid = $nv_Request->get_int('uid', 'post', 0); if (!isset($groupsList[$gid]) or $gid < 10) { die($lang_module['error_group_not_found']); } if ($groupsList[$gid]['idsite'] != $global_config['idsite'] and $groupsList[$gid]['idsite'] == 0) { $row = $db->query('SELECT idsite FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid=' . $uid)->fetch(); if (!empty($row)) { if ($row['idsite'] != $global_config['idsite']) { die($lang_module['error_group_in_site']); } } else { die($lang_module['search_not_result']); } } if (!nv_groups_add_user($gid, $uid)) { die($lang_module['search_not_result']); } // Update for table users $in_groups = array(); $result_gru = $db->query('SELECT group_id FROM ' . NV_GROUPS_GLOBALTABLE . '_users WHERE userid=' . $uid); while ($row_gru = $result_gru->fetch()) { $in_groups[] = $row_gru['group_id']; } $db->exec("UPDATE " . NV_USERS_GLOBALTABLE . " SET in_groups='" . implode(',', $in_groups) . "' WHERE userid=" . $uid); nv_del_moduleCache($module_name); nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['addMemberToGroup'], 'Member Id: ' . $uid . ' group ID: ' . $gid, $admin_info['userid']); die('OK'); } //Loai thanh vien khoi nhom if ($nv_Request->isset_request('gid,exclude', 'post')) {
$_user['photo'] = substr($new_photo, strlen(NV_ROOTDIR . '/')); } else { $_user['photo'] = ''; } nv_deletefile(NV_DOCUMENT_ROOT . $tmp_photo); } if (!empty($_user['photo'])) { $stmt = $db->prepare('UPDATE ' . NV_MOD_TABLE . ' SET photo= :file_name WHERE userid=' . $userid); $stmt->bindParam(':file_name', $_user['photo'], PDO::PARAM_STR, strlen($file_name)); $stmt->execute(); } } if (!empty($_user['in_groups'])) { foreach ($_user['in_groups'] as $group_id) { if ($group_id != 7) { nv_groups_add_user($group_id, $userid, 1, $module_data); } } } $db->query('UPDATE ' . NV_MOD_TABLE . '_groups SET numbers = numbers+1 WHERE group_id=' . ($_user['is_official'] ? 4 : 7)); die(json_encode(array('status' => 'ok', 'input' => '', 'username' => $_user['username'], 'admin_add' => (isset($admin_mods['authors']) and defined('NV_IS_GODADMIN') or defined('NV_IS_SPADMIN') and ($global_config['spadmin_add_admin'] == 1 or $global_config['idsite'] > 0)) ? 'yes' : 'no', 'mess' => sprintf($lang_module['admin_add'], $_user['username'])))); } $_user['username'] = $_user['email'] = $_user['password1'] = $_user['password2'] = $_user['question'] = $_user['answer'] = ''; $_user['first_name'] = $_user['last_name'] = $_user['gender'] = $_user['sig'] = $_user['birthday'] = ''; $_user['view_mail'] = 0; $_user['in_groups'] = array(); $_user['is_official'] = ' checked="checked"'; $genders = array('N' => array('key' => 'N', 'title' => $lang_module['NA'], 'selected' => ''), 'M' => array('key' => 'M', 'title' => $lang_module['male'], 'selected' => ''), 'F' => array('key' => 'F', 'title' => $lang_module['female'], 'selected' => '')); $_user['view_mail'] = ''; $groups = array(); if (!empty($groups_list)) {
$sth->bindParam(':mod', $mod, PDO::PARAM_STR); $sth->execute(); } } if (!empty($add_modules) or !empty($del_modules)) { $nv_Cache->delMod('modules'); } $allow_files_type = array_values(array_intersect($global_config['file_allowed_ext'], $allow_files_type)); $files_level = (!empty($allow_files_type) ? implode(',', $allow_files_type) : '') . '|' . $allow_modify_files . '|' . $allow_create_subdirectories . '|' . $allow_modify_subdirectories; $sth = $db->prepare('UPDATE ' . NV_AUTHORS_GLOBALTABLE . ' SET editor = :editor, lev=' . $lev . ', files_level= :files_level, position= :position WHERE admin_id=' . $admin_id); $sth->bindParam(':editor', $editor, PDO::PARAM_STR); $sth->bindParam(':files_level', $files_level, PDO::PARAM_STR); $sth->bindParam(':position', $position, PDO::PARAM_STR); $sth->execute(); if ($lev != $row['lev']) { nv_groups_add_user($lev, $admin_id); nv_groups_del_user($row['lev'], $admin_id); } $result = array(); $result['admin_id'] = $admin_id; $result['login'] = $row_user['username']; $result['change'] = array(); if ($editor != $row['editor']) { $result['change']['editor'] = array($lang_module['editor'], !empty($row['editor']) ? $row['editor'] : $lang_module['not_use'], !empty($editor) ? $editor : $lang_module['not_use']); } if ($allow_files_type != $old_allow_files_type) { $result['change']['allow_files_type'] = array($lang_module['allow_files_type'], !empty($old_allow_files_type) ? implode(', ', $old_allow_files_type) : $lang_global['no'], !empty($allow_files_type) ? implode(', ', $allow_files_type) : $lang_global['no']); } if ($allow_modify_files != $old_allow_modify_files) { $result['change']['allow_modify_files'] = array($lang_module['allow_modify_files'], !empty($old_allow_modify_files) ? $lang_global['yes'] : $lang_global['no'], !empty($allow_modify_files) ? $lang_global['yes'] : $lang_global['no']); }
} } if (!empty($titles)) { $update .= 'END WHERE title IN (' . implode(',', $titles) . ')'; $db->query($update); $nv_Cache->delMod('modules'); } } $allow_files_type = array_values(array_intersect($global_config['file_allowed_ext'], $allow_files_type)); $files_level = (!empty($allow_files_type) ? implode(',', $allow_files_type) : '') . '|' . $allow_modify_files . '|' . $allow_create_subdirectories . '|' . $allow_modify_subdirectories; $sth = $db->prepare("INSERT INTO " . NV_AUTHORS_GLOBALTABLE . "\n\t\t(admin_id, editor, lev, files_level, position, is_suspend, susp_reason, check_num, last_login, last_ip, last_agent) VALUES\n\t\t( " . $userid . ", :editor, " . $lev . ", :files_level, :position, 0,'', '', 0, '', ''\t)"); $sth->bindParam(':editor', $editor, PDO::PARAM_STR); $sth->bindParam(':files_level', $files_level, PDO::PARAM_STR); $sth->bindParam(':position', $position, PDO::PARAM_STR); if ($sth->execute()) { nv_groups_add_user($lev, $userid); $result = array('admin_id' => $userid, 'editor' => $editor, 'lev' => $lev, 'allow_files_type' => $allow_files_type, 'allow_modify_files' => $allow_modify_files, 'allow_create_subdirectories' => $allow_create_subdirectories, 'allow_modify_subdirectories' => $allow_modify_subdirectories, 'position' => $position, 'modules' => !empty($mds) ? implode(', ', $mds) : ''); $session_files = serialize($result); $nv_Request->set_Session('nv_admin_profile', $session_files); nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['menuadd'], 'Username: '******'userid']); die('OK'); } else { die($lang_module['add_error_diff']); } } else { $position = ''; $userid = $nv_Request->get_title('userid', 'get'); $editor = 'ckeditor'; $lev = 3; $modules = array(); $allow_files_type = explode(',', 'adobe,application,archives,audio,documents,flash,images,real,video');
$gid = $nv_Request->get_int('gid', 'post', 0); $uid = $nv_Request->get_int('uid', 'post', 0); if (!isset($groupsList[$gid]) or $gid < 10) { die($lang_module['error_group_not_found']); } if ($groupsList[$gid]['idsite'] != $global_config['idsite'] and $groupsList[$gid]['idsite'] == 0) { $row = $db->query('SELECT idsite FROM ' . NV_MOD_TABLE . ' WHERE userid=' . $uid)->fetch(); if (!empty($row)) { if ($row['idsite'] != $global_config['idsite']) { die($lang_module['error_group_in_site']); } } else { die($lang_module['search_not_result']); } } if (!nv_groups_add_user($gid, $uid, 1, $module_data)) { die($lang_module['search_not_result']); } // Update for table users $in_groups = array(); $result_gru = $db->query('SELECT group_id FROM ' . NV_MOD_TABLE . '_groups_users WHERE userid=' . $uid); while ($row_gru = $result_gru->fetch()) { $in_groups[] = $row_gru['group_id']; } $db->exec("UPDATE " . NV_MOD_TABLE . " SET in_groups='" . implode(',', $in_groups) . "' WHERE userid=" . $uid); $nv_Cache->delMod($module_name); nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['addMemberToGroup'], 'Member Id: ' . $uid . ' group ID: ' . $gid, $admin_info['userid']); die('OK'); } // Loai thanh vien khoi nhom if ($nv_Request->isset_request('gid,exclude', 'post')) {
} $in_groups = $nv_Request->get_typed_array('in_groups', 'post', 'int'); $in_groups = array_intersect($in_groups, array_keys($groups_list)); $in_groups_hiden = array_diff($array_old_groups, array_keys($groups_list)); $in_groups = array_unique(array_merge($in_groups, $in_groups_hiden)); $in_groups_del = array_diff($array_old_groups, $in_groups); if (!empty($in_groups_del)) { foreach ($in_groups_del as $gid) { nv_groups_del_user($gid, $edit_userid, $module_data); } } $in_groups_add = array_diff($in_groups, $array_old_groups); if (!empty($in_groups_add)) { foreach ($in_groups_add as $gid) { $approved = $groups_list[$gid]['group_type'] == 1 ? 0 : 1; if (nv_groups_add_user($gid, $edit_userid, $approved, $module_data)) { // Gửi thư thông báo kiểm duyệt if ($groups_list[$gid]['group_type'] == 1) { // Danh sách email trưởng nhóm $array_leader = array(); $result = $db->query('SELECT t2.email FROM ' . NV_MOD_TABLE . '_groups_users t1 INNER JOIN ' . NV_MOD_TABLE . ' t2 ON t1.userid=t2.userid WHERE t1.is_leader=1 AND t1.group_id=' . $gid); while (list($email) = $result->fetch(3)) { $array_leader[] = $email; } if (!empty($array_leader)) { $array_leader = array_unique($array_leader); foreach ($array_leader as $email) { $mail_from = array($global_config['site_name'], $global_config['site_email']); $url_group = nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=groups/' . $gid, true); if (strpos($url_group, NV_MY_DOMAIN) !== 0) { $url_group = NV_MY_DOMAIN . $url_group;