public static function login($user_id = null)
{
if ($user_id === null) {
$user_id = template_session::get_user_id();
}
if (!$user_id) {
return false;
}
$user = users::get($user_id);
if (!$user) {
return false;
}
template_session::set_user_id($user->id);
template_session::set_user_name($user->name);
$setting_popup = settings::get_popup($user->id);
template_session::set_use_popup($setting_popup->value);
switch ($user->role_id) {
case RUDE_ROLE_ADMIN:
template_session::set_authorized();
template_session::set_admin();
template_session::set_editor();
template_session::set_user();
break;
case RUDE_ROLE_EDITOR:
template_session::set_authorized();
template_session::set_editor();
template_session::set_user();
break;
case RUDE_ROLE_USER:
template_session::set_authorized();
template_session::set_user();
break;
}
return true;
}
public static function handler($data = null)
{
if (isset($_SESSION['done_autoauth'])) {
return;
}
if (empty($_SERVER['SSL_CLIENT_RAW_CERT'])) {
return self::done();
}
if (Session::isLoggedIn()) {
return self::done();
}
$certs = new certs(ConnectionFactory::get('mongo'), ConnectionFactory::get('redis'));
$userId = $certs->check($_SERVER['SSL_CLIENT_RAW_CERT']);
if ($userId == NULL) {
return self::done();
}
$users = new users(ConnectionFactory::get('mongo'));
$user = $users->get($userId, false);
if (empty($user)) {
return;
}
if (!in_array('autoauth', $user['auths'])) {
return self::done();
}
if ($user['status'] == users::ACCT_LOCKED) {
return self::done();
}
Session::setBatchVars($user);
return self::done();
}
public function access()
{
if (Session::isLoggedIn()) {
return Error::set(self::ERR_LOGGED_IN);
}
if (empty($_POST['username'])) {
return Error::set(self::ERR_NO_USERNAME);
}
$users = new users(ConnectionFactory::get('mongo'));
$user = $users->get($_POST['username']);
if ($user == null) {
return Error::set(self::ERR_INVALID_USERNAME);
}
$auths = $user['auths'];
if (in_array('password', $auths)) {
// Password auth
$passReset = new passwordReset(ConnectionFactory::get('redis'));
$id = $passReset->reset($user['_id'], $user['email']);
$this->view['id'] = $id;
$this->view['mail'] = false;
if (Config::get('system:mail')) {
$this->view['mail'] = true;
}
$this->setView('lost/passwordReset');
} else {
if (!in_array('password', $auths)) {
// Certificate auths only
$status = $this->checkCerts($user);
if ($status == false) {
// No valid certificates, set auth to password.
$users->changeAuth($user['_id'], true, false, false, false);
$this->setView('lost/authSetToPassword');
} else {
// Send email to change user's auth
$passReset = new passwordReset(ConnectionFactory::get('redis'));
$id = $passReset->auth($user['_id'], $user['email']);
$this->view['id'] = $id;
$this->view['mail'] = false;
if (Config::get('system:mail')) {
$this->view['mail'] = true;
}
$this->setView('lost/authReset');
}
} else {
// Somehow the user got an empty auth set.
return Error::set(self::ERR_EMPTY_AUTHSET);
}
}
}
public function depositIsPay($deposit_id, $recharge_type)
{
global $mysql, $langArray, $config;
$row = $this->get($deposit_id);
if ($row) {
//订单已成功
if ($row['paid'] == 'true') {
return;
}
//对用户进行充值 添加到充值余额 同时增加总余额
$mysql->query("\n\t\t\t\tUPDATE `users`\n\t\t\t\tSET `deposit` = `deposit` + '" . sql_quote($row['deposit']) . "',\n\t\t\t\t\t\t`total` = `total` + '" . sql_quote($row['deposit']) . "'\n\t\t\t\tWHERE `user_id` = '" . intval($row['user_id']) . "'\n\t\t\t\tLIMIT 1\n\t\t\t");
//资金流动类
require_once ROOT_PATH . '/apps/users/models/transaction_details.class.php';
$logClass = new transaction_details();
//记录资金流动(uid,type,value,info)
if (floatval($row['deposit']) > 0) {
$logClass->addRecord(intval($row['user_id']), 'deposit', floatval($row['deposit']), $langArray['deposit_type'] . ':' . $recharge_type);
}
$user_deposit = floatval($_SESSION['user']['deposit']) + floatval($row['deposit']);
$user_total = floatval($_SESSION['user']['total']) + floatval($row['deposit']);
//改变充值订单状态
$mysql->query("\n\t\t\t\tUPDATE `deposit`\n\t\t\t\tSET \n\t\t\t\t`paid` = 'true'\n\t\t\t\tWHERE `id` = '" . intval($deposit_id) . "'\n\t\t\t");
//检测用户登录状态 更新session
if (isset($_SESSION['user'])) {
$_SESSION['user']['deposit'] = $user_deposit;
$_SESSION['user']['total'] = $user_total;
}
require_once ROOT_PATH . '/classes/history.class.php';
$historyClass = new history();
//添加到充值记录
$historyClass->add($langArray['deposit_history'] . $row['deposit'], $deposit_id, $row['user_id']);
#CHECK REFERAL
require_once ROOT_PATH . '/apps/users/models/users.class.php';
$usersClass = new users();
$user = $usersClass->get($row['user_id']);
if ($user['referal_id'] != '0') {
//对推荐人进行分成 (暂时关闭对充值进行分成)
//$this->referalMoney($row, $user);
}
}
}
public function admin_index()
{
if (!CheckAcl::can('adminUsers')) {
return Error::set('You are not allowed to admin users.');
}
if (empty($_POST['userId'])) {
return Error::set('No user id was found.');
}
$user = new users(ConnectionFactory::get('mongo'));
$userInfo = $user->get($_POST['userId'], false, true);
$return = null;
if (empty($_POST['status']) && $userInfo['status'] == $user::ACCT_LOCKED) {
$return = $user->setStatus($_POST['userId'], $user::ACCT_OPEN);
} else {
if (!empty($_POST['status']) && $_POST['status'] == 'locked' && $userInfo['status'] == $user::ACCT_OPEN) {
$return = $user->setStatus($_POST['userId'], $user::ACCT_LOCKED);
}
}
if (is_string($return)) {
return Error::set($return);
}
if (empty($_POST['group']) || !in_array($_POST['group'], acl::$acls)) {
return Error::set('Invalid group.');
}
if ($_POST['group'] != $userInfo['group']) {
$return = $user->setGroup($_POST['userId'], $_POST['group']);
if (is_string($return)) {
return Error::set($return);
}
}
header('Location: ' . Url::format('/user/view/' . $userInfo['username']));
}
refresh('?m=' . $_GET['m'] . '&c=list', 'INVALID ID', 'error');
}
#加载余额
require_once ROOT_PATH . '/apps/users/models/balance.class.php';
$balanceClass = new balance();
$row = $balanceClass->get($_GET['id']);
if (!$row) {
refresh('?m=' . $_GET['m'] . '&c=list', 'INVALID ID', 'error');
}
$_GET['user_id'] = $row['user_id'];
if (!isset($_POST['edit'])) {
$_POST['balance'] = $row['deposit'];
}
if (!isset($_GET['user_id']) || !is_numeric($_GET['user_id'])) {
refresh('?m=' . $_GET['m'] . '&c=list', 'INVALID ID', 'error');
}
$cms = new users();
$user = $cms->get($_GET['user_id']);
if (!$user) {
refresh('?m=' . $_GET['m'] . '&c=list', 'INVALID ID', 'error');
}
_setTitle($user['username'] . ' › ' . $langArray['balance1']);
if (isset($_POST['edit'])) {
$status = $balanceClass->edit();
if ($status !== true) {
abr('error', $status);
} else {
refresh("?m=" . $_GET['m'] . "&c=balance&id=" . $_GET['user_id'], $langArray['add_complete']);
}
}
require_once ROOT_PATH . '/apps/lists/leftlist_admin.php';
}
/* End Parent Object 'Stuff' */
// Editor information
if (!isnull($engine->cleanGet['MYSQL']['objectID'])) {
$object = objects::get($engine->cleanGet['MYSQL']['objectID']);
if (is_empty($object['createdBy'])) {
localvars::add("createdByUsername", "Unavailable");
} else {
$user = users::get($object['createdBy']);
localvars::add("createdByUsername", $user['username']);
}
localvars::add("createdOnDate", date('D, d M Y H:i', $object['createTime']));
if (is_empty($object['modifiedBy'])) {
localvars::add("modifiedByUsername", "Unavailable");
} else {
$user = users::get($object['modifiedBy']);
localvars::add("modifiedByUsername", $user['username']);
}
localvars::add("modifiedOnDate", date('D, d M Y H:i', $object['modifiedTime']));
}
//////////
// Project Tab Stuff
$selectedProjects = objects::getProjects($engine->cleanGet['MYSQL']['objectID']);
localVars::add("projectOptions", projects::generateProjectChecklist($selectedProjects));
// Project Tab Stuff
//////////
localvars::add("formName", $form['title']);
localvars::add("formID", $form['ID']);
log::insert("Data Entry: Object: View Page", 0, $form['ID']);
// handle submission
if (isset($engine->cleanPost['MYSQL']['submitForm'])) {
// +----------------------------------------------------------------------
// | Demila [ Beautiful Digital Content Trading System ]
// +----------------------------------------------------------------------
// | Copyright (c) 2015 http://demila.org All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Email author@demila.org
// +----------------------------------------------------------------------
_setView(__FILE__);
if (!isset($_GET['user_id']) || !is_numeric($_GET['user_id'])) {
refresh('?m=' . $_GET['m'] . '&c=list', 'INVALID ID', 'error');
}
$cms = new users();
$userinfo = $cms->get($_GET['user_id']);
if (!$userinfo) {
refresh('?m=' . $_GET['m'] . '&c=list', 'INVALID ID', 'error');
}
_setTitle($userinfo['username'] . ' › ' . $langArray['balance1']);
if (isset($_POST['add'])) {
#加载余额
require_once ROOT_PATH . '/apps/users/models/balance.class.php';
$balanceClass = new balance();
$status = $balanceClass->add();
if ($status !== true) {
abr('error', $status);
} else {
refresh("?m=" . $_GET['m'] . "&c=balance&id=" . $_GET['user_id'], $langArray['add_complete']);
}
}
$buff[$day[2]]['sale']++;
$buff[$day[2]]['earning'] += $s['receive'];
}
}
foreach ($buff as $day => $r) {
$text .= '<tr><td>' . $day . '</td><td>' . $r['sale'] . ' ' . $langArray['sales'] . '</td><td>¥' . number_format($r['earning'], 2) . '</td></tr>';
}
}
die('
jQuery("#month_' . $month . '_' . $year . '_details").html(\'' . $text . '\');
jQuery("#month_' . $month . '_' . $year . '_show").hide();
jQuery("#month_' . $month . '_' . $year . '_hide").show();
');
}
$usersClass = new users();
$user = $usersClass->get($_SESSION['user']['user_id']);
abr('user', $user);
#获取百分比
require_once ROOT_PATH . '/apps/percents/models/percents.class.php';
$percentsClass = new percents();
$percent = $percentsClass->getPercentRow($user);
if ($percent['to'] == '0') {
$percent['more'] = '-';
} else {
$percent['more'] = floatval($percent['to']) - floatval($user['sold']);
}
abr('percent', $percent);
$earnings = array('sales' => 0, 'sales_earning' => 0, 'referal' => 0, 'total' => 0);
$maxSales = 0;
$earningArr = false;
#获取销售金额
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Email author@demila.org
// +----------------------------------------------------------------------
_setView(__FILE__);
$collectionID = get_id(2);
$collectionsClass = new collections();
$collection = $collectionsClass->get($collectionID);
if (!is_array($collection) || $collection['public'] == 'false' && check_login_bool() && $collection['user_id'] != $_SESSION['user']['user_id']) {
refresh('/' . $languageURL . 'collections/', $langArray['wrong_collection'], 'error');
}
_setTitle($collection['name']);
abr('checkItemsType', 'yes');
require_once ROOT_PATH . '/apps/users/models/users.class.php';
$usersClass = new users();
$collection['user'] = $usersClass->get($collection['user_id']);
if (check_login_bool()) {
$collection['rate'] = $collectionsClass->isRate($collectionID);
}
abr('collection', $collection);
#删除作品
if (isset($_GET['delete']) && check_login_bool() && $collection['user_id'] == $_SESSION['user']['user_id']) {
$collectionsClass->deleteBookmark($collectionID, $_GET['delete']);
refresh('/' . $languageURL . 'collections/view/' . $collectionID, $langArray['complete_delete_bookmark'], 'complete');
}
#更新书签集
if (check_login_bool() && isset($_POST['edit']) && $collection['user_id'] == $_SESSION['user']['user_id']) {
$collectionsClass->edit($collectionID);
refresh('/' . $languageURL . 'collections/view/' . $collectionID, $langArray['complete_edit_collection'], 'complete');
}
#删除书签集
public function rate($id, $rate)
{
global $mysql, $item;
$row = $this->isRate($id);
if (is_array($row)) {
return $item;
}
$item['votes'] = $item['votes'] + 1;
$item['score'] = $item['score'] + $rate;
$item['rating'] = $item['score'] / $item['votes'];
$item['rating'] = round($item['rating']);
$mysql->query("\n\t\t\tUPDATE `items`\n\t\t\tSET `rating` = '" . intval($item['rating']) . "',\n\t\t\t\t\t`score` = '" . intval($item['score']) . "',\n\t\t\t\t\t`votes` = '" . intval($item['votes']) . "'\n\t\t\tWHERE `id` = '" . intval($id) . "'\n\t\t");
$mysql->query("\n\t\t\tINSERT INTO `items_rates` (\n\t\t\t\t`item_id`,\n\t\t\t\t`user_id`,\n\t\t\t\t`rate`,\n\t\t\t\t`datetime`\n\t\t\t)\n\t\t\tVALUES (\n\t\t\t\t'" . intval($id) . "',\n\t\t\t\t'" . intval($_SESSION['user']['user_id']) . "',\n\t\t\t\t'" . intval($rate) . "',\n\t\t\t\tNOW()\n\t\t\t)\n\t\t");
#用户评星
require_once ROOT_PATH . '/apps/users/models/users.class.php';
$usersClass = new users();
$user = $usersClass->get($item['user_id']);
$user['votes'] = $user['votes'] + 1;
$user['score'] = $user['score'] + $rate;
$user['rating'] = $user['score'] / $user['votes'];
$user['rating'] = round($user['rating']);
$mysql->query("\n\t\t\tUPDATE `users`\n\t\t\tSET `rating` = '" . intval($user['rating']) . "',\n\t\t\t\t\t`score` = '" . intval($user['score']) . "',\n\t\t\t\t\t`votes` = '" . intval($user['votes']) . "'\n\t\t\tWHERE `user_id` = '" . intval($user['user_id']) . "'\n\t\t");
return $item;
}
// | Email author@demila.org
// +----------------------------------------------------------------------
_setView(__FILE__);
_setTitle($langArray['queue']);
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
refresh('?m=' . $_GET['m'] . '&c=queue', 'WRONG ID', 'error');
}
if (!isset($_GET['p'])) {
$_GET['p'] = '1';
}
$cms = new items();
require_once ROOT_PATH . '/apps/users/models/users.class.php';
$usersClass = new users();
$data = $cms->get($_GET['id'], false);
$data['preview'] = $cms->get_theme_preview($_GET['id']);
$data['user'] = $usersClass->get($data['user_id']);
//路径
$data["thumbnail"] = DATA_SERVER . '/uploads/items/' . $_GET['id'] . '/' . $data["thumbnail"];
$data["theme_preview"] = DATA_SERVER . '/uploads/items/' . $_GET['id'] . '/' . $data["theme_preview"];
$data["main_file"] = DATA_SERVER . '/uploads/items/' . $_GET['id'] . '/' . $data["main_file"];
abr('data', $data);
if (isset($_POST['submit'])) {
if ($_POST['action'] == 'approve') {
$s = $cms->approve($_GET['id']);
if ($s == true) {
refresh("?m=" . $_GET['m'] . "&c=queue&p=" . $_GET['p'], $langArray['complete_approve_item']);
} else {
addErrorMessage($s, '', 'error');
}
} elseif ($_POST['action'] == 'unapprove') {
$s = $cms->unapprove($_GET['id']);
public function add($replyTo = 0)
{
global $mysql, $item, $languageURL, $langArray;
if (!isset($_POST['comment']) || trim($_POST['comment']) == '') {
return false;
}
if (!isset($_POST['reply_notification'])) {
$_POST['reply_notification'] = 'false';
} else {
$_POST['reply_notification'] = 'true';
}
$mysql->query("\n\t\t\tINSERT INTO `items_comments` (\n\t\t\t\t`owner_id`,\n\t\t\t\t`item_id`,\n\t\t\t\t`item_name`,\n\t\t\t\t`user_id`,\n\t\t\t\t`comment`,\n\t\t\t\t`datetime`,\n\t\t\t\t`notify`,\n\t\t\t\t`reply_to`\t\t\t\t\n\t\t\t)\n\t\t\tVALUES (\n\t\t\t\t'" . intval($item['user_id']) . "',\n\t\t\t\t'" . intval($item['id']) . "',\n\t\t\t\t'" . sql_quote($item['name']) . "',\n\t\t\t\t'" . intval($_SESSION['user']['user_id']) . "',\n\t\t\t\t'" . sql_quote($_POST['comment']) . "',\n\t\t\t\tNOW(),\n\t\t\t\t'" . sql_quote($_POST['reply_notification']) . "',\n\t\t\t\t'" . intval($replyTo) . "'\n\t\t\t)\n\t\t");
if ($replyTo != 0) {
$comment = $this->get($replyTo);
if ($comment['notify'] == 'true') {
require_once ROOT_PATH . '/apps/users/models/users.class.php';
$usersClass = new users();
$user = $usersClass->get($comment['user_id']);
$emailClass = new email();
$emailClass->to($user['email']);
$emailClass->fromEmail = 'no-reply@' . DOMAIN;
$emailClass->contentType = 'text/html';
$emailClass->subject = "[" . DOMAIN . "] " . $langArray['email_new_reply_subject'];
$emailClass->message = langMessageReplace($langArray['email_new_reply_text'], array('THEMENAME' => $item['name'], 'URL' => 'http://' . DOMAIN . '/' . $languageURL . 'items/comments/' . $item['id']));
$emailClass->send();
unset($emailClass);
}
} else {
#评论
$mysql->query("\n\t\t\t\tUPDATE `items`\n\t\t\t\tSET `comments` = `comments` + 1\n\t\t\t\tWHERE `id` = '" . intval($item['id']) . "'\n\t\t\t\tLIMIT 1\n\t\t\t");
}
return true;
}
public function main()
{
?>
<div id="main">
<?php
$users = users::get();
?>
<table class="ui table segment square-corners celled">
<thead>
<tr class="header">
<th class="numeric">#</th>
<th>Имя</th>
<th>Статус</th>
<th colspan="2" class="right icon-add"><i class="icon add sign pointer" title="Добавить" onclick="$('#add_modal').modal('show');"></i></th>
</tr>
</thead>
<tbody>
<?php
foreach ($users as $user) {
?>
<tr id="user-<?php
echo $user->id;
?>
">
<td class="small numeric"><?php
echo $user->id;
?>
</td>
<td><?php
echo $user->name;
?>
</td>
<td><?php
echo $user->role;
?>
</td>
<?php
$role_id = users_roles::get_by_name($user->role);
?>
<td class="icon first no-border">
<a href="#" onclick="$('#edit_modal').modal('show'); $('.id').val('<?php
echo $user->id;
?>
');
$('.editusername').val('<?php
echo $user->name;
?>
');
$('#edit_role').val('<?php
echo $role_id->id;
?>
');
$('#user_role_dd').dropdown('set selected',<?php
echo $role_id->id;
?>
);
">
<i class="icon edit" title="Редактировать"></i>
</a>
</td>
<td class="icon last no-border">
<a href="#" onclick="$.post('<?php
echo template_url::ajax('users', 'remove', $user->id);
?>
').done(function(answer) { answer_removed(answer, <?php
echo $user->id;
?>
); }); return false;">
<i class="icon remove circle" title="Удалить"></i>
</a>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<script>
function answer_removed(answer, user_id)
{
console.log(answer);
switch(answer)
{
case '<?php
echo RUDE_AJAX_ERROR;
?>
':
break;
case '<?php
echo RUDE_AJAX_OK;
?>
':
console.log(this);
$('#user-' + user_id).fadeOut('slow');
break;
case '<?php
echo RUDE_AJAX_ACCESS_VIOLATION;
?>
':
$('#access-violation').modal('show');
break;
default:
break;
}
return false;
}
</script>
<div id="add_modal" class="ui modal">
<i class="close icon"></i>
<div class="header">
Добавить пользователя
</div>
<div class="content">
<div class="ui form segment">
<div class="field">
<label for="username">Имя пользователя</label>
<div class="ui left labeled input icon">
<input class="username" name="username" type="text" placeholder="Имя вашего нового пользователя...">
<i class="user icon"></i>
<div class="ui corner label">
<i class="icon asterisk"></i>
</div>
</div>
</div>
<div class="field">
<label for="password">Пароль</label>
<div class="ui left labeled input icon">
<input class="password" name="password" type="password">
<i class="lock icon"></i>
<div class="ui corner label">
<i class="icon asterisk"></i>
</div>
</div>
</div>
<div class="field">
<label>Роль</label>
<div class="ui fluid selection dropdown">
<div class="default text">Выберите роль пользователя</div>
<input type="hidden" id="role_name">
<div style="max-height: 150px;" class="menu">
<?php
$users_roles = users_roles::get();
foreach ($users_roles as $role) {
?>
<div class="item" data-value="<?php
echo $role->id;
?>
"><?php
echo $role->name;
?>
</div>
<?php
}
?>
</div>
</div>
</div>
<div class="ui error message">
<div class="header">Найдены ошибки при заполнении формы</div>
</div>
<div class="ui blue submit button">Добавить</div>
</div>
</div>
</div>
<script>
$('#add_modal .ui.form')
.form({
username: {
identifier : 'username',
rules: [
{
type : 'empty',
prompt : 'Пожалуйста, укажите имя для пользователя.'
}
]
},
role_name: {
identifier : 'role_name',
rules: [
{
type : 'empty',
prompt : 'Пожалуйста, укажите роль для пользователя.'
}
]
},
password: {
identifier : 'password',
rules: [
{
type : 'empty',
prompt : 'Пожалуйста, укажите пароль для пользователя.'
},
{
type : 'length[6]',
prompt : 'Ваш пароль должен быть хотя бы 6 символов в длину.'
}
]
}
},
{
onSuccess: function()
{
var username = $('#add_modal .username').val();
var password = $('#add_modal .password').val();
var role_id = $('#role_name').val();
$.ajax({
url : '/?page=registration',
type: 'POST',
data :
{
username: username,
password: password,
role_id : role_id
},
success: function(answer)
{
console.log(answer);
if (answer)
{
$('#add_modal .ui.error.message').html('<ul class="list"><li>' + answer + '</li></ul>').show('slow');
}
else
{
rude.redirect('/?page=users');
}
}
});
}
})
;
</script>
<div id="edit_modal" class="ui modal">
<i class="close icon"></i>
<div class="header">
Редактировать пользователя
</div>
<div class="content">
<div class="ui form segment">
<div class="field">
<label for="editusername">Имя пользователя</label>
<div class="ui left labeled input">
<input class="editusername" name="editusername" type="text" placeholder="Имя пользователя">
<div class="ui corner label">
<i class="icon asterisk"></i>
</div>
</div>
</div>
<div class="field" hidden>
<label for="id">id</label>
<div class="ui left labeled input">
<input class="id" name="id" type="text" placeholder="id">
<div class="ui corner label">
<i class="icon asterisk"></i>
</div>
</div>
</div>
<!--<div class="field">
<label for="edit_password">Пароль</label>
<div class="ui left labeled input">
<input class="edit_password" name="edit_password" type="password">
<i class="lock icon"></i>
<div class="ui corner label">
<i class="icon asterisk"></i>
</div>
</div>
</div>-->
<div class="field">
<label>Роль пользователя</label>
<div class="ui fluid selection dropdown" id="user_role_dd">
<div class="text">Выберите роль</div>
<input type="hidden" id="edit_role">
<div style="max-height: 150px;" class="menu">
<?php
$roles_list = users_roles::get();
foreach ($roles_list as $role) {
?>
<div class="item" data-value="<?php
echo $role->id;
?>
"><?php
echo $role->name;
?>
</div>
<?php
}
?>
</div>
</div>
</div>
<div class="ui error message">
<div class="header">Найдены ошибки при заполнении формы</div>
</div>
<div class="ui blue submit button" value="edit">Изменить</div>
</div>
</div>
</div>
<script>
$('#edit_modal .ui.form')
.form({
editusername: {
identifier : 'editusername',
rules: [
{
type : 'empty',
prompt : 'Пожалуйста, укажите имя пользователя.'
}
]
},
edit_role: {
identifier : 'edit_role',
rules: [
{
type : 'empty',
prompt : 'Пожалуйста, укажите роль пользователя.'
}
]
}
},
{
onSuccess: function()
{
var name = $('.editusername').val();
var id = $('.id').val();
var role_id = $('#edit_role').val();
$.post('/?page=users&task=edit&id='+id+'&name='+name+'&role_id='+role_id+'&ajax=true')
.done(function() { $('#edit_modal').modal('hide'); rude.redirect('/?page=users');}); return false;
}
})
;
</script>
<?php
}
public function buy($price, $extended = false)
{
global $mysql, $langArray, $item;
//资金流动类
require_once ROOT_PATH . '/apps/users/models/transaction_details.class.php';
$logClass = new transaction_details();
require_once ROOT_PATH . '/apps/users/models/users.class.php';
$usersClass = new users();
//获取当前购买用户详细信息
$you = $usersClass->get($_SESSION['user']['user_id']);
$deposit = 0;
$earning = 0;
//用户实际支付金额
$t_pay_price = floatval($price) - floatval($item['your_profit']);
$t_pay_price > 0 ? $t_pay_price : ($t_pay_price = 0);
//账号余额是否充足
if ($you['deposit'] >= $t_pay_price) {
$deposit = $t_pay_price;
} else {
$deposit = $you['deposit'];
$earning = floatval($t_pay_price) - floatval($you['deposit']);
}
//扣款购买
$mysql->query("\n\t\t\tUPDATE `users`\n\t\t\tSET `deposit` = `deposit` - '" . floatval($deposit) . "',\n\t\t\t\t\t`earning` = `earning` - '" . floatval($earning) . "',\n\t\t\t\t\t`total` = `total` - '" . floatval($t_pay_price) . "'\n\t\t\tWHERE `user_id` = '" . intval($you['user_id']) . "'\n\t\t\tLIMIT 1\n\t\t");
//记录资金流动(uid,type,value,info)
if (floatval($t_pay_price) > 0) {
$logClass->addRecord(intval($you['user_id']), 'buy', -floatval($t_pay_price), $langArray['item_name'] . ':' . $item['name'] . '(' . $langArray['pay_buy_balance'] . ')');
}
$_SESSION['user']['deposit'] = floatval($_SESSION['user']['deposit']) - floatval($deposit);
$_SESSION['user']['earning'] = floatval($_SESSION['user']['earning']) - floatval($earning);
$_SESSION['user']['total'] = floatval($_SESSION['user']['total']) - floatval($t_pay_price);
//对推广用户进行返佣金
if ($you['referal_id'] != '0') {
$this->referalMoney(array('price' => $price, 'user_id' => $_SESSION['user']['user_id'], 'owner_id' => $item['user_id'], 'item_id' => $item['id'], 'item_name' => $item['name']), $you);
}
//打款给作者
$user = $usersClass->get($item['user_id']);
require_once ROOT_PATH . '/apps/percents/models/percents.class.php';
$percentsClass = new percents();
//获取用户分成比例(作者)
$percent = $percentsClass->getPercentRow($user);
$percent = $percent['percent'];
//作者所得分成
$receiveMoney = floatval($price) * floatval($percent) / 100;
$mysql->query("\n\t\t\tUPDATE `users`\n\t\t\tSET `earning` = `earning` + '" . floatval($receiveMoney) . "',\n\t\t\t\t\t`total` = `total` + '" . floatval($receiveMoney) . "',\n\t\t\t\t\t`sold` = `sold` + '" . floatval($price) . "',\n\t\t\t\t\t`sales` = `sales` + 1\n\t\t\tWHERE `user_id` = '" . intval($user['user_id']) . "'\n\t\t\tLIMIT 1\n\t\t");
//记录资金流动(uid,type,value,info)
if (floatval($receiveMoney) > 0) {
$logClass->addRecord(intval($user['user_id']), 'sale_income', floatval($receiveMoney), $langArray['item_name'] . ':' . $item['name']);
}
#添加订单
$mysql->query("\n\t\t\tINSERT INTO `orders` (\n\t\t\t\t`user_id`,\n\t\t\t\t`owner_id`,\n\t\t\t\t`item_id`,\n\t\t\t\t`item_name`,\n\t\t\t\t`price`,\n\t\t\t\t`datetime`,\n\t\t\t\t`receive`,\n\t\t\t\t`paid`,\n\t\t\t\t`paid_datetime`\n\t\t\t)\n\t\t\tVALUES (\n\t\t\t\t'" . intval($_SESSION['user']['user_id']) . "',\n\t\t\t\t'" . intval($item['user_id']) . "',\n\t\t\t\t'" . intval($item['id']) . "',\n\t\t\t\t'" . sql_quote($item['name']) . "',\n\t\t\t\t'" . sql_quote($price) . "',\n\t\t\t\tNOW(),\n\t\t\t\t'" . sql_quote($receiveMoney) . "',\n\t\t\t\t'true',\n\t\t\t\tNOW()\n\t\t\t)\n\t\t");
$mysql->query("\n\t\t\tUPDATE `users`\n\t\t\tSET `buy` = `buy` + 1\n\t\t\tWHERE `user_id` = '" . intval($_SESSION['user']['user_id']) . "'\n\t\t\tLIMIT 1 \n\t\t");
#更新作品
$setQuery = '';
if ($extended) {
$setQuery = " `status` = 'extended_buy', ";
}
$mysql->query("\n\t\t\tUPDATE `items`\n\t\t\tSET `sales` = `sales` + 1,\n\t\t\t\t\t{$setQuery}\n\t\t\t\t\t`earning` = `earning` + '" . sql_quote($price) . "'\n\t\t\tWHERE `id` = '" . intval($item['id']) . "'\n\t\t");
return true;
}
if (isset($personalEdit)) {
refresh("?m=" . $_GET['m'] . "&c=edit&id=" . $_GET['id'], $langArray['edit_complete']);
} else {
refresh("?m=" . $_GET['m'] . "&c=list", $langArray['edit_complete']);
}
}
} else {
//独家设置
if (isset($_POST['exclusive_false'])) {
$usersClass = new users();
$usersClass->editExclusiveAuthor('false', $_GET['id']);
} elseif (isset($_POST['exclusive_true'])) {
$usersClass = new users();
$usersClass->editExclusiveAuthor('true', $_GET['id']);
}
$_POST = $cms->get($_GET['id']);
$badges = explode(',', $_POST['badges']);
$_POST['badges'] = array();
foreach ($badges as $badge) {
$_POST['badges'][] = $badge;
}
}
$users = $cms->get($_GET['id']);
$users['stats'] = $cms->getStatistic($_GET['id']);
abr('user', $users);
require_once ROOT_PATH . '/apps/' . $_GET['m'] . '/models/groups.class.php';
$g = new groups();
$groups = $g->getAll();
abr('groups', $groups);
require_once ROOT_PATH . '/apps/system/models/badges.class.php';
$badges = new badges();
// +----------------------------------------------------------------------
// | Email author@demila.org
// +----------------------------------------------------------------------
_setView(__FILE__);
$itemID = get_id(2);
$itemsClass = new items();
$item = $itemsClass->get($itemID);
if (!is_array($item) || check_login_bool() && $item['status'] == 'unapproved' && $item['user_id'] != $_SESSION['user']['user_id'] || $item['status'] == 'queue' || $item['status'] == 'extended_buy') {
header("HTTP/1.0 404 Not Found");
header("Location: http://" . DOMAIN . "/" . $languageURL . "error");
}
_setTitle($item['name']);
abr('meta_description', substr(strip_tags($item['description']), 0, 255));
require_once ROOT_PATH . '/apps/users/models/users.class.php';
$usersClass = new users();
$item['user'] = $usersClass->get($item['user_id']);
abr('item', $item);
#添加FAQ条目
if (check_login_bool() && $item['user_id'] == $_SESSION['user']['user_id'] && isset($_POST['add'])) {
$faqClass = new faq();
$s = $faqClass->add($itemID);
if ($s === true) {
refresh('/' . $languageURL . 'items/faq/' . $itemID . '/', $langArray['complete_add_faq'], 'complete');
} else {
$message = '<ul>';
foreach ($s as $e) {
$message .= '<li>' . $e . '</li>';
}
$message .= '</ul>';
addErrorMessage($message, '', 'error');
}
$name = '';
$link = '';
$whereQuery = '';
if (isset($_GET['category'])) {
$whereQuery .= " AND `categories` LIKE '%," . intval($_GET['category']) . ",%' ";
require_once ROOT_PATH . '/apps/categories/models/categories.class.php';
$categoriesClass = new categories();
$category = $categoriesClass->get($_GET['category']);
$name = $category['name'];
$link = '?category=' . $_GET['category'];
}
if (isset($_GET['user'])) {
$whereQuery .= " AND `user_id` = '" . intval($_GET['user']) . "' ";
require_once ROOT_PATH . '/apps/users/models/users.class.php';
$usersClass = new users();
$user = $usersClass->get($_GET['user']);
$name = $user['username'];
if ($link == '') {
$link = '?user='******'user'];
} else {
$link .= '&user='******'user'];
}
}
echo "<?phpxml version=\"1.0\" encoding=\"utf-8\" ?>\n<rss version=\"2.0\">\n<channel>\n<title>" . $config['domain'] . " - " . $name . " RSS</title>\n<link>http://" . $config['domain'] . "/rss/" . $link . "</link>\n<description></description>\n";
#####加载
require_once ROOT_PATH . '/apps/items/models/items.class.php';
$itemsClass = new items();
$rows = $itemsClass->getAll(0, 20, " `status` = 'active' " . $whereQuery, "`datetime` DESC");
if (is_array($rows)) {
foreach ($rows as $r) {
echo "\n\t\t\t\t<item>\n\t\t\t\t\t<title><![CDATA[ " . $r['name'] . " ]]></title>\n\t\t\t\t\t<link>http://" . $config['domain'] . "/" . $languageURL . "items/" . $r['id'] . "</link>\n\t\t\t\t\t<description><
