function user() { $inputSource = bff::$isAjax ? 'postm' : 'getm'; $filter = $this->input->{$inputSource}(array('id' => TYPE_UINT, 'c' => TYPE_UINT, 'pp' => TYPE_UINT, 'page' => TYPE_UINT)); if (!$filter['pp'] || !in_array($filter['pp'], array(10, 20, 30))) { $filter['pp'] = 10; } if (!$filter['page']) { $filter['page'] = 1; } if (!$filter['id']) { func::JSRedirect('/'); } $aUserData = $this->db->one_array('SELECT blocked, blocked_reason FROM ' . TABLE_USERS . ' WHERE user_id = ' . $filter['id']); if (empty($aUserData)) { func::JSRedirect('/'); } if ($aUserData['blocked']) { return $this->showForbidden('Аккаунт пользователя заблокирован.' . (!empty($aUserData['blocked_reason']) ? ' <br/><b>Причина:</b><i>' . nl2br($aUserData['blocked_reason']) . '</i>' : ''), 'Аккаунт пользователя заблокирован'); } $sql = array(); $sql[] = 'I.user_id = ' . $filter['id']; $sql[] = 'I.status = ' . BBS_STATUS_PUBLICATED; $aData = array(); $aData['f'] =& $filter; extract($filter); if ($c > 0) { $sql[] = 'I.cat1_id = ' . $c; } $aData['total_items'] = $this->db->one_data('SELECT COUNT(I.id) FROM ' . TABLE_BBS_ITEMS . ' I ' . (!empty($sql) ? 'WHERE ' . join(' AND ', $sql) : '')); $aData['pagenation'] = $this->generatePagenation_Paginator3000($page, $aData['total_items'], 15, '?' . http_build_query($filter) . '&page=%number%', 'bbsUserList.onPage', $sqlLimit); $aData['items'] = $this->db->select('SELECT I.id, I.status, I.svc, (I.svc = ' . Services::typePremium . ') as premium, I.press, I.user_id, I.cat1_id, CAT1.title as cat1_title, I.cat2_id, CAT2.title as cat2_title, I.cat_id, C.regions as cat_regions, C.prices as cat_prices, C.prices_sett as cat_prices_sett, I.cat_type, CT.title as cat_type_title, I.cat_subtype, CST.title as cat_subtype_title, I.imgfav, I.imgcnt, I.price, I.descr, I.descr_regions, I.price, I.price_torg, I.price_bart, I.publicated FROM ' . TABLE_BBS_ITEMS . ' I LEFT JOIN ' . TABLE_BBS_CATEGORIES . ' CAT2 ON I.cat2_id = CAT2.id LEFT JOIN ' . TABLE_BBS_CATEGORIES_TYPES . ' CT ON I.cat_type = CT.id LEFT JOIN ' . TABLE_BBS_CATEGORIES_SUBTYPES . ' CST ON I.cat_subtype = CST.id LEFT JOIN ' . TABLE_BBS_ITEMS_VIEWS . ' IV ON I.id = IV.item_id AND IV.views_date, ' . TABLE_BBS_CATEGORIES . ' CAT1, ' . TABLE_BBS_CATEGORIES . ' C WHERE ' . (!empty($sql) ? join(' AND ', $sql) . ' AND ' : '') . ' C.id = I.cat_id AND CAT1.id = I.cat1_id GROUP BY I.id ORDER BY premium DESC, I.premium_order DESC, I.publicated_order DESC ' . $sqlLimit); if (bff::$isAjax) { $list = $this->tplFetchPHP($aData, 'search.results.list.php'); $this->ajaxResponse(array('list' => $list, 'res' => $this->errors->no())); } $aData['cats'] = $this->db->select('SELECT CAT1.id, CAT1.title, COUNT(I.cat1_id) as items FROM ' . TABLE_BBS_ITEMS . ' I LEFT JOIN ' . TABLE_BBS_CATEGORIES . ' CAT2 ON I.cat2_id = CAT2.id LEFT JOIN ' . TABLE_BBS_CATEGORIES_TYPES . ' CT ON I.cat_type = CT.id, ' . TABLE_BBS_CATEGORIES . ' CAT1, ' . TABLE_BBS_CATEGORIES . ' C WHERE ' . (!empty($sql) ? join(' AND ', $sql) . ' AND ' : '') . ' C.id = I.cat_id AND CAT1.id = I.cat1_id GROUP BY CAT1.id ORDER BY CAT1.title '); $this->includeJS(array('jquery.paginator')); return $this->tplFetchPHP($aData, 'items.user.php'); }
function forgot() { $nUserID = $this->security->getUserID(); if ($nUserID) { func::JSRedirect('/user/profile'); } if (bff::$isAjax) { switch (func::POST('act')) { case 'reg': $aData = $this->input->postm(array('email' => TYPE_STR, 'pass' => TYPE_STR)); if (empty($aData['pass']) || strlen($aData['pass']) < 3) { $this->errors->set('password_short'); break; //пароль слишком короткий } if ($this->security->checkBan(false, func::getRemoteAddress(), $aData['email'], true)) { $this->errors->set(Errors::ACCESSDENIED); break; //не прошли бан-фильтр } $aData['email_hash'] = func::getEmailHash($aData['email']); if ($this->isEmailExists($aData['email_hash'])) { $this->errors->set('email_exist'); break; //email уже занят } $this->getActivationInfo($sCode, $sLink); $nUserID = $this->userCreate(array('login' => $aData['email'], 'email' => $aData['email'], 'email_hash' => $aData['email_hash'], 'password' => $aData['pass'], 'ip_reg' => Func::getRemoteAddress(true), 'activatekey' => $sCode, 'activated' => 0), self::GROUPID_MEMBER); if ($nUserID) { $res = bff::sendMailTemplate(array('password' => $aData['pass'], 'email' => $aData['email'], 'activate_link' => "<a href=\"{$sLink}\">{$sLink}</a>"), 'member_registration', $aData['email']); $this->ajaxResponse(Errors::SUCCESS); } break; case 'forgot': $sEmail = $this->input->post('email', TYPE_STR); if (!func::IsEmailAddress($aData['email'])) { $this->errors->set('wrong:email'); break; //email не корректный } $nEmailHash = func::getEmailHash($sEmail); if (!$this->isEmailExists($nEmailHash)) { $this->errors->set('email_not_found'); break; //email не корректный (не нашли) } $aData = $this->db->one_array('SELECT user_id, email, name FROM ' . TABLE_USERS . ' WHERE email_hash=' . $nEmailHash . ' AND member=1 AND activated = 1 AND blocked = 0'); if (empty($aData)) { $this->errors->set('email_not_found'); break; //email не корректный (не нашли) } $this->getPassRecoverInfo($sCode, $sLink); $this->db->execute('UPDATE ' . TABLE_USERS . ' SET activatekey = ' . $this->db->str2sql($sCode) . ' WHERE user_id = ' . $aData['user_id']); $aData['password_link'] = "<a href=\"{$sLink}\">{$sLink}</a>"; $res = bff::sendMailTemplate($aData, 'member_passforgot', $sEmail); $this->ajaxResponse(Errors::SUCCESS); break; } $this->ajaxResponse(null); } return $this->tplFetch('forgot.tpl'); }
function logout($sRedirectURL = SITEURL, $bResetSessionID = true, $sessionKey = '', $sessionPath = '/', $sessionDomain = false) { $nUserID = $this->getUserID(); if ($nUserID) { $this->clearRememberMe($sessionKey); if ($bResetSessionID) { global $oDb; $oDb->execute('UPDATE ' . TABLE_USERS . ' SET session_id=' . $oDb->str2sql('') . ' WHERE user_id=' . $nUserID); } } //clear session data $this->sessionData = array(); $this->saveSession(); setcookie(session_name(), FALSE, -1, $sessionPath, '.' . str_replace('http://', '', !empty($sessionDomain) ? $sessionDomain : SITEURL)); session_destroy(); if ($sRedirectURL != -1) { if (empty($sRedirectURL)) { $sRedirectURL = SITEURL; } func::JSRedirect($sRedirectURL); } }
<?php require '../general.config.php'; bff::sessionStart('a'); if (FORDEV) { func::tt_start($tt, $tt_mem); } require PATH_CORE . 'init.php'; $oBff = bff::i()->init(false); if (bff::$class) { $htmlCenterArea = $oBff->callModule(bff::$class . '_' . bff::$event, array()); Errors::i()->assign(); } if (!$oSecurity->haveAccessToAdminPanel()) { func::JSRedirect('index.php?s=users&ev=login'); } # Формируем меню require PATH_CORE . 'menu.php'; $oMenu = new CMenu(array('Объявления', 'Пользователи', 'Счета', 'Баннеры', 'Страницы', 'FAQ', 'Работа с почтой', 'Регионы', 'Связь с редактором', 'Меню сайта', 'Настройка сайта')); $firstUrl = $oMenu->build('declareadminmenu', true); if (!bff::$class) { func::JSRedirect($firstUrl); } $oSm->assign('user_login', $oSecurity->getUserLogin()); $oSm->assign_by_ref('center_area', $htmlCenterArea); $oSm->display('template.tpl', __FILE__, __FILE__); if (FORDEV) { func::tt_finish($tt, $tt_mem); echo $oDb->getStatistic(); } exit;