/**
  * แสดงผล
  */
 public function render()
 {
     // สมาชิก
     if ($login = Login::isMember()) {
         // id ที่ต้องการ ถ้าไม่มีใช้คนที่ login
         $id = self::$request->get('id', $login['id'])->toInt();
         // อ่านข้อมูลสมาชิก
         $user = \Index\Editprofile\Model::getUser($id);
         if ($user && ($login['status'] == 1 || $login['id'] == $user->id)) {
             $template = Template::create('', '', 'editprofile');
             $contents = array();
             foreach ($user as $key => $value) {
                 if ($key === 'provinceID' || $key === 'country' || $key === 'sex' || $key === 'status') {
                     // select
                     if ($key == 'provinceID') {
                         $source = Province::all();
                     } elseif ($key == 'country') {
                         $source = Country::all();
                     } elseif ($key == 'sex') {
                         $source = Language::get('SEXES');
                     } elseif ($key == 'status') {
                         $source = self::$cfg->member_status;
                     }
                     $datas = array();
                     foreach ($source as $k => $v) {
                         $sel = $k == $value ? ' selected' : '';
                         $datas[] = '<option value="' . $k . '"' . $sel . '>' . $v . '</option>';
                     }
                     $contents['/{' . strtoupper($key) . '}/'] = implode('', $datas);
                 } elseif ($key === 'admin_access' || $key === 'subscrib') {
                     $contents['/{' . strtoupper($key) . '}/'] = $value == 1 ? 'checked' : '';
                 } elseif ($key === 'icon') {
                     if (is_file(ROOT_PATH . self::$cfg->usericon_folder . $value)) {
                         $icon = WEB_URL . self::$cfg->usericon_folder . $value;
                     } else {
                         $icon = WEB_URL . 'skin/img/noicon.jpg';
                     }
                     $contents['/{ICON}/'] = $icon;
                 } else {
                     $contents['/{' . strtoupper($key) . '}/'] = $value;
                 }
             }
             $contents['/{ADMIN}/'] = Login::isAdmin() && $user->fb == 0 ? '' : 'readonly';
             $contents['/{HIDDEN}/'] = implode("\n", Form::get2Input());
             $contents['/{ACCEPT}/'] = Mime::getEccept(self::$cfg->user_icon_typies);
             $template->add($contents);
             Gcms::$view->setContents(array('/:type/' => implode(', ', self::$cfg->user_icon_typies)), false);
             return $template->render();
         } else {
             // 404.html
             return \Index\Error\Controller::page404();
         }
     } else {
         // 404.html
         return \Index\Error\Controller::page404();
     }
 }
예제 #2
0
 /**
  * ฟังก์ชั่น แปลงเป็นรายการเมนู
  *
  * @param array $item แอเรย์ข้อมูลเมนู
  * @param string $select (optional) เมนูที่ถูกเลือก
  * @param boolean $arrow (optional) true=แสดงลูกศรสำหรับเมนูที่มีเมนูย่อย (default false)
  * @return string คืนค่า HTML ของเมนู
  */
 public function getItem($item, $select = null, $arrow = false)
 {
     $c = array();
     if ($item->alias != '') {
         $c[] = $item->alias;
         if ($select === $item->alias) {
             $c[] = 'select';
         }
     } elseif ($item->module != '') {
         $c[] = $item->module;
         if ($select === $item->module) {
             $c[] = 'select';
         }
     }
     if (isset($item->published)) {
         if ($item->published != 1) {
             if (Login::isMember()) {
                 if ($item->published == '3') {
                     $c[] = 'hidden';
                 }
             } else {
                 if ($item->published == '2') {
                     $c[] = 'hidden';
                 }
             }
         }
     }
     $c = sizeof($c) == 0 ? '' : ' class="' . implode(' ', $c) . '"';
     if ($item->index_id > 0 || $item->menu_url != '') {
         $a = $item->menu_target == '' ? '' : ' target=' . $item->menu_target;
         $a .= $item->accesskey == '' ? '' : ' accesskey=' . $item->accesskey;
         if ($item->index_id > 0) {
             $a .= ' href="' . Gcms::createUrl($item->module) . '"';
         } elseif ($item->menu_url != '') {
             $a .= ' href="' . $item->menu_url . '"';
         } else {
             $a .= ' tabindex=0';
         }
     } else {
         $a = ' tabindex=0';
     }
     $menu_text = $item->menu_text;
     $b = $item->menu_tooltip == '' ? $menu_text : $item->menu_tooltip;
     if ($b != '') {
         $a .= ' title="' . $b . '"';
     }
     if ($arrow) {
         return '<li' . $c . '><a class=menu-arrow' . $a . '><span>' . (empty($menu_text) ? '&nbsp;' : htmlspecialchars_decode($menu_text)) . '</span></a>';
     } else {
         return '<li' . $c . '><a' . $a . '><span>' . (empty($menu_text) ? '&nbsp;' : htmlspecialchars_decode($menu_text)) . '</span></a>';
     }
 }
 /**
  * Useronline
  *
  * @param array $query_string
  */
 public function index(Request $request)
 {
     // ตรวจสอบ Referer
     if ($request->initSession() && $request->isReferer()) {
         // ตัวแปรป้องกันการเรียกหน้าเพจโดยตรง
         define('MAIN_INIT', __FILE__);
         // เวลาปัจจุบัน
         $time = time();
         // sesssion ปัจจุบัน
         $session_id = session_id();
         // เวลาหมดอายุ
         $validtime = $time - self::$cfg->counter_gap;
         // ตาราง useronline
         $useronline = $this->getFullTableName('useronline');
         // ลบคนที่หมดเวลาและตัวเอง
         $this->db()->delete($useronline, array(array('time', '<', $validtime), array('session', $session_id)), 0, 'OR');
         // เพิ่มตัวเอง
         $save = array('time' => $time, 'session' => $session_id, 'ip' => $request->getClientIp());
         $login = Login::isMember();
         if ($login) {
             $save['member_id'] = (int) $login['id'];
             $save['displayname'] = $login['displayname'] == '' ? $login['email'] : $login['displayname'];
         }
         $this->db()->insert($useronline, $save);
         // คืนค่า user online
         $ret = array('time' => $time);
         // โหลด useronline ของ module
         $dir = ROOT_PATH . 'modules/';
         $f = @opendir($dir);
         if ($f) {
             while (false !== ($text = readdir($f))) {
                 if ($text != "." && $text != "..") {
                     if (is_dir($dir . $text)) {
                         if (is_file($dir . $text . '/controllers/useronline.php')) {
                             include $dir . $text . '/controllers/useronline.php';
                             $class = ucfirst($text) . '\\Useronline\\Controller';
                             if (method_exists($class, 'index')) {
                                 $ret = createClass($class)->index($ret);
                             }
                         }
                     }
                 }
             }
             closedir($f);
         }
         // คืนค่า JSON
         echo json_encode($ret);
     }
 }
 /**
  * หน้าแก้ไขข้อมูลส่วนตัว
  *
  * @param Request $request
  * @return object
  */
 public function render(Request $request)
 {
     if ($login = Login::isMember()) {
         // tab ที่เลือก
         $tab = $request->request('tab')->toString();
         $member_tabs = array_keys(Gcms::$member_tabs);
         $tab = in_array($tab, $member_tabs) ? $tab : reset($member_tabs);
         $index = (object) array('description' => self::$cfg->web_description);
         // รายการ tabs
         $tabs = array();
         if (!empty($login['fb'])) {
             unset(Gcms::$member_tabs['password']);
         }
         foreach (Gcms::$member_tabs as $key => $values) {
             if ($values[0] != '') {
                 if ($key == $tab) {
                     $class = "tab select {$key}";
                     $index->topic = Language::get($values[0]);
                     $className = $values[1];
                 } else {
                     $class = "tab {$key}";
                 }
                 if (preg_match('/^http:\\/\\/.*/', $values[1])) {
                     $tabs[] = '<li class="' . $class . '"><a href="' . $values[1] . '">' . Language::get($values[0]) . '</a></li>';
                 } else {
                     $tabs[] = '<li class="' . $class . '"><a href="{WEBURL}index.php?module=editprofile&amp;tab=' . $key . '">' . Language::get($values[0]) . '</a></li>';
                 }
             }
         }
         if (empty($className)) {
             // FB และแก้ไขรหัสผ่าน
             return createClass('Index\\PageNotFound\\Controller')->init($request, 'index');
         } else {
             $template = Template::create('member', 'member', 'main');
             $template->add(array('/{TAB}/' => implode('', $tabs), '/{DETAIL}/' => createClass($className)->render($request)));
             $index->detail = $template->render();
             $index->keywords = $index->topic;
             // menu
             $index->menu = 'member';
             return $index;
         }
     } else {
         // ไม่ได้ login
         return createClass('Index\\PageNotFound\\Controller')->init($request, 'index');
     }
 }
예제 #5
0
파일: index.php 프로젝트: goragod/kotchasan
 /**
  * แสดงผล
  *
  * @param Request $request
  */
 public function index(Request $request)
 {
     // session cookie
     $request->initSession();
     // ตรวจสอบการ login
     Login::create();
     if (Login::isMember()) {
         echo '<a href="?action=logout">Logout</a><br>';
         var_dump($_SESSION);
     } else {
         // forgot or login
         if ($request->get('action')->toString() == 'forgot') {
             $main = new \Index\Forgot\View();
         } else {
             $main = new \Index\Login\View();
         }
         echo $main->render();
     }
 }
예제 #6
0
 /**
  * หน้าส่งอีเมล์
  * สมาชิกส่งจดหมายถึงสมาชิก และ แอดมิน
  *
  * @param Request $request
  * @return object
  */
 public function render(Request $request)
 {
     // สมาชิก
     if ($login = Login::isMember()) {
         // ค่าที่ส่งมา
         $to = strtolower($request->get('to')->filter('0-9a-zA-Z'));
         if (preg_match('/^[0-9]+$/', $to)) {
             $reciever = \Index\Sendmail\Model::getUser($to);
             $to = '';
             foreach ($reciever as $id => $item) {
                 $to_msg = empty($item['name']) ? $item['email'] : $item['name'];
                 $to = $id;
             }
         } elseif ($to == 'admin') {
             $to_msg = self::$cfg->member_status[1];
         } else {
             $to = '';
         }
         if ($to != '') {
             // antispam
             $antispam = new Antispam();
             // ข้อมูลส่งกลับ
             $index = (object) array('topic' => Language::replace('Send a message to the :name', array(':name' => $to_msg)), 'keywords' => self::$cfg->web_title, 'description' => self::$cfg->web_description, 'module' => 'sendmail');
             $template = Template::create('member', 'member', 'sendmail');
             $template->add(array('/{TOPIC}/' => $index->topic, '/{ANTISPAM}/' => $antispam->getId(), '/{ANTISPAMVAL}/' => Login::isAdmin() ? $antispam->getValue() : '', '/{RECIEVER}/' => $to_msg, '/{SENDER}/' => $login['email'], '/{RECIEVERID}/' => $to));
             $index->detail = $template->render();
             // breadcrumbs
             $index->canonical = WEB_URL . 'index.php?module=sendmail&to=' . $to;
             Gcms::$view->addBreadcrumb($index->canonical, $index->topic);
             return $index;
         }
     }
     // ไม่สามารถส่งอีเมล์ได้
     $message = Language::get('Unable to send e-mail, Because you can not send e-mail to yourself or can not find the email address of the recipient.');
     return createClass('Index\\PageNotFound\\Controller')->init($request, 'member', $message);
 }
 /**
  * บันทึก
  */
 public function save(Request $request)
 {
     $ret = array();
     // referer, session, member
     if ($request->initSession() && $request->isReferer() && ($login = Login::isMember())) {
         if ($login['email'] == 'demo') {
             $ret['alert'] = Language::get('Unable to complete the transaction');
         } else {
             // รับค่าจากการ POST
             $save = array();
             foreach ($request->getParsedBody() as $key => $value) {
                 $k = str_replace('register_', '', $key);
                 switch ($k) {
                     case 'phone1':
                     case 'phone2':
                     case 'provinceID':
                     case 'zipcode':
                         $save[$k] = $request->post($key)->number();
                         break;
                     case 'sex':
                         $save['sex'] = $request->post('register_sex')->topic();
                         $save['subscrib'] = $request->post('register_subscrib')->toBoolean();
                         break;
                     case 'displayname':
                     case 'fname':
                     case 'lname':
                     case 'address1':
                     case 'address2':
                     case 'province':
                     case 'country':
                         $save[$k] = $request->post($key)->topic();
                         break;
                     case 'website':
                         $save[$k] = str_replace(array('http://', 'https://', 'ftp://'), array('', '', ''), $request->post($key)->url());
                         break;
                     case 'subscrib':
                         $save[$k] = $request->post($key)->toBoolean();
                         break;
                     case 'birthday':
                         $save[$k] = $request->post($key)->date();
                         break;
                     case 'password':
                     case 'repassword':
                         ${$k} = $request->post($key)->text();
                         break;
                 }
             }
             // ชื่อตาราง user
             $user_table = $this->getFullTableName('user');
             // database connection
             $db = $this->db();
             // ตรวจสอบค่าที่ส่งมา
             $user = $db->first($user_table, $request->post('register_id')->toInt());
             if (!$user) {
                 // ไม่พบสมาชิกที่แก้ไข
                 $ret['alert'] = Language::get('not a registered user');
             } else {
                 $input = false;
                 // ชื่อเล่น
                 if (isset($save['displayname'])) {
                     if (mb_strlen($save['displayname']) < 2) {
                         $ret['ret_register_displayname'] = Language::get('Name for the show on the site at least 2 characters');
                         $input = !$input ? 'register_displayname' : $input;
                     } elseif (in_array($save['displayname'], self::$cfg->member_reserv)) {
                         $ret['ret_register_displayname'] = Language::get('Invalid name');
                         $input = !$input ? 'register_displayname' : $input;
                     } else {
                         // ตรวจสอบ displayname ซ้ำ
                         $search = $db->first($user_table, array('displayname', $save['displayname']));
                         if ($search !== false && $user->id != $search->id) {
                             $ret['ret_register_displayname'] = str_replace(':name', Language::get('Name'), Language::get('This :name is already registered'));
                             $input = !$input ? 'register_displayname' : $input;
                         } else {
                             $ret['ret_register_displayname'] = '';
                         }
                     }
                 }
                 // ชื่อ นามสกุล
                 if (!empty($save['fname']) || !empty($save['lname'])) {
                     $search = $db->first($user_table, array(array('fname', $save['fname']), array('lname', $save['lname'])));
                     if ($search !== false && $user->id != $search->id) {
                         $ret['ret_register_fname'] = str_replace(':name', Language::get('Name') . ' ' . Language::get('Surname'), Language::get('This :name is already registered'));
                         $input = !$input ? 'register_fname' : $input;
                     } else {
                         $ret['ret_register_fname'] = '';
                     }
                 }
                 // โทรศัพท์
                 if (!empty($save['phone1'])) {
                     if (!preg_match('/[0-9]{9,10}/', $save['phone1'])) {
                         $ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('Invalid :name'));
                         $input = !$input ? 'register_phone1' : $input;
                     } else {
                         // ตรวจสอบโทรศัพท์
                         $search = $db->first($user_table, array('phone1', $save['phone1']));
                         if ($search !== false && $user->id != $search->id) {
                             $ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('This :name is already registered'));
                             $input = !$input ? 'register_phone1' : $input;
                         } else {
                             $ret['ret_register_phone1'] = '';
                         }
                     }
                 }
                 // แก้ไขรหัสผ่าน
                 if ($user->fb == 0 && (!empty($password) || !empty($repassword))) {
                     if (mb_strlen($password) < 4) {
                         // รหัสผ่านต้องไม่น้อยกว่า 4 ตัวอักษร
                         $ret['ret_register_password'] = Language::get('Passwords must be at least four characters');
                         $input = !$input ? 'register_password' : $input;
                     } elseif ($repassword != $password) {
                         // ถ้าต้องการเปลี่ยนรหัสผ่าน กรุณากรอกรหัสผ่านสองช่องให้ตรงกัน
                         $ret['ret_register_repassword'] = Language::get('To change your password, enter your password to match the two inputs');
                         $input = !$input ? 'register_repassword' : $input;
                     } else {
                         // password ใหม่ถูกต้อง
                         $save['password'] = md5($password . $user->email);
                         $ret['ret_register_password'] = '';
                         $ret['ret_register_repassword'] = '';
                     }
                 }
                 // อัปโหลดไฟล์
                 foreach ($request->getUploadedFiles() as $item => $file) {
                     if ($file->hasUploadFile()) {
                         $item = str_replace('register_', '', $item);
                         if (!File::makeDirectory(ROOT_PATH . self::$cfg->usericon_folder)) {
                             // ไดเรคทอรี่ไม่สามารถสร้างได้
                             $ret['ret_register_' . $item] = sprintf(Language::get('Directory %s cannot be created or is read-only.'), self::$cfg->usericon_folder);
                             $input = !$input ? 'ret_register_' . $item : $input;
                         } else {
                             if (!empty($user->icon)) {
                                 // ลบไฟล์เดิม
                                 @unlink(ROOT_PATH . self::$cfg->usericon_folder . $user->icon);
                             }
                             try {
                                 // อัปโหลด thumbnail
                                 $save['icon'] = $user->id . '.jpg';
                                 $file->cropImage(self::$cfg->user_icon_typies, ROOT_PATH . self::$cfg->usericon_folder . $save['icon'], self::$cfg->user_icon_w, self::$cfg->user_icon_h);
                             } catch (\Exception $exc) {
                                 // ไม่สามารถอัปโหลดได้
                                 $ret['ret_register_' . $item] = Language::get($exc->getMessage());
                                 $input = !$input ? 'ret_register_' . $item : $input;
                             }
                         }
                     }
                 }
                 if (!empty($save)) {
                     if (!$input) {
                         // save
                         $db->update($user_table, $user->id, $save);
                         // เปลี่ยน password ที่ login ใหม่
                         if (!empty($save['password'])) {
                             $_SESSION['login']['password'] = $password;
                         }
                         // คืนค่า
                         $ret['alert'] = Language::get('Saved successfully');
                         $ret['location'] = 'index.php?module=editprofile&tab=' . $request->post('tab')->toString();
                     } else {
                         // error
                         $ret['input'] = $input;
                     }
                 }
             }
         }
     } else {
         $ret['alert'] = Language::get('Unable to complete the transaction');
     }
     // คืนค่าเป็น JSON
     if (!empty($ret)) {
         echo json_encode($ret);
     }
 }
 /**
  * บันทึก
  */
 public function save(Request $request)
 {
     $ret = array();
     // referer, session, member
     if ($request->initSession() && $request->isReferer() && ($login = Login::isMember())) {
         if ($login['email'] == 'demo' || !empty($login['fb'])) {
             $ret['alert'] = Language::get('Unable to complete the transaction');
         } else {
             // รับค่าจากการ POST
             $save = array('email' => $request->post('register_email')->url(), 'displayname' => $request->post('register_displayname')->topic(), 'sex' => $request->post('register_sex')->topic(), 'website' => str_replace(array('http://', 'https://', 'ftp://'), array('', '', ''), $request->post('register_website')->url()), 'pname' => $request->post('register_pname')->topic(), 'fname' => $request->post('register_fname')->topic(), 'lname' => $request->post('register_lname')->topic(), 'company' => $request->post('register_company')->topic(), 'phone1' => $request->post('register_phone1')->number(), 'phone2' => $request->post('register_phone2')->number(), 'subscrib' => $request->post('register_subscrib')->toBoolean(), 'address1' => $request->post('register_address1')->topic(), 'address2' => $request->post('register_address2')->topic(), 'provinceID' => $request->post('register_provinceID')->number(), 'province' => $request->post('register_province')->topic(), 'zipcode' => $request->post('register_zipcode')->number(), 'country' => $request->post('register_country')->topic(), 'status' => $request->post('register_status')->toInt(), 'birthday' => $request->post('register_birthday')->date(), 'admin_access' => $request->post('register_admin_access')->toBoolean());
             // ชื่อตาราง user
             $user_table = $this->getFullTableName('user');
             // database connection
             $db = $this->db();
             // ตรวจสอบค่าที่ส่งมา
             $id = $request->post('register_id')->toInt();
             if ($id == 0) {
                 // ใหม่
                 $user = (object) array('id' => 0, 'email' => '', 'fb' => 0);
             } else {
                 // แก้ไข
                 $user = $db->first($user_table, $id);
             }
             if (!$user) {
                 // ไม่พบสมาชิกที่แก้ไข
                 $ret['alert'] = Language::get('not a registered user');
             } else {
                 $isAdmin = Login::isAdmin();
                 // ไม่ใช่แอดมิน ใช้อีเมล์เดิมจากฐานข้อมูล
                 if (!$isAdmin && $user->id > 0) {
                     $save['email'] = $user->email;
                 }
                 // ตรวจสอบค่าที่ส่งมา
                 $input = false;
                 $requirePassword = false;
                 // อีเมล์
                 if (empty($save['email'])) {
                     $ret['ret_register_email'] = 'this';
                     $input = !$input ? 'register_email' : $input;
                 } else {
                     // ตรวจสอบอีเมล์ซ้ำ
                     $search = $db->first($user_table, array('email', $save['email']));
                     if ($search !== false && $user->id != $search->id) {
                         $ret['ret_register_email'] = str_replace(':name', Language::get('Email'), Language::get('This :name is already registered'));
                         $input = !$input ? 'register_email' : $input;
                     } else {
                         $requirePassword = $user->email !== $save['email'];
                         $ret['ret_register_email'] = '';
                     }
                 }
                 // ชื่อเรียก
                 if (!empty($save['displayname'])) {
                     // ตรวจสอบ ชื่อเรียก
                     $search = $db->first($user_table, array('displayname', $save['displayname']));
                     if ($search !== false && $user->id != $search->id) {
                         $ret['ret_register_displayname'] = str_replace(':name', Language::get('Name'), Language::get('This :name is already registered'));
                         $input = !$input ? 'register_displayname' : $input;
                     } else {
                         $ret['ret_register_displayname'] = '';
                     }
                 }
                 // โทรศัพท์
                 if (!empty($save['phone1'])) {
                     if (!preg_match('/[0-9]{9,10}/', $save['phone1'])) {
                         $ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('Invalid :name'));
                         $input = !$input ? 'register_phone1' : $input;
                     } else {
                         // ตรวจสอบโทรศัพท์
                         $search = $db->first($user_table, array('phone1', $save['phone1']));
                         if ($search !== false && $user->id != $search->id) {
                             $ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('This :name is already registered'));
                             $input = !$input ? 'register_phone1' : $input;
                         } else {
                             $ret['ret_register_phone1'] = '';
                         }
                     }
                 }
                 // password
                 $password = $request->post('register_password')->topic();
                 $repassword = $request->post('register_repassword')->topic();
                 if (!empty($password) || !empty($repassword)) {
                     if (mb_strlen($password) < 4) {
                         // รหัสผ่านต้องไม่น้อยกว่า 4 ตัวอักษร
                         $ret['ret_register_password'] = '******';
                         $input = !$input ? 'register_password' : $input;
                     } elseif ($repassword != $password) {
                         // ถ้าต้องการเปลี่ยนรหัสผ่าน กรุณากรอกรหัสผ่านสองช่องให้ตรงกัน
                         $ret['ret_register_repassword'] = '******';
                         $input = !$input ? 'register_repassword' : $input;
                     } else {
                         $ret['ret_register_password'] = '';
                         $ret['ret_register_repassword'] = '';
                         $save['password'] = md5($password . $save['email']);
                         $requirePassword = false;
                     }
                 }
                 // มีการเปลี่ยน email ต้องการรหัสผ่าน
                 if (!$input && $requirePassword) {
                     $ret['ret_register_password'] = '******';
                     $input = !$input ? 'register_password' : $input;
                 }
                 // อัปโหลดไฟล์
                 foreach ($request->getUploadedFiles() as $item => $file) {
                     if ($file->hasUploadFile()) {
                         if (!File::makeDirectory(ROOT_PATH . self::$cfg->usericon_folder)) {
                             // ไดเรคทอรี่ไม่สามารถสร้างได้
                             $ret['ret_' . $item] = sprintf(Language::get('Directory %s cannot be created or is read-only.'), self::$cfg->usericon_folder);
                             $input = !$input ? $item : $input;
                         } else {
                             if (!empty($user->icon)) {
                                 // ลบไฟล์เดิม
                                 @unlink(ROOT_PATH . self::$cfg->usericon_folder . $user->icon);
                             }
                             try {
                                 // อัปโหลด thumbnail
                                 $save['icon'] = $user->id . '.jpg';
                                 $file->cropImage(self::$cfg->user_icon_typies, ROOT_PATH . self::$cfg->usericon_folder . $save['icon'], self::$cfg->user_icon_w, self::$cfg->user_icon_h);
                             } catch (\Exception $exc) {
                                 // ไม่สามารถอัปโหลดได้
                                 $ret['ret_' . $item] = Language::get($exc->getMessage());
                                 $input = !$input ? $item : $input;
                             }
                         }
                     }
                 }
                 if (!$input) {
                     // ไม่ใช่แอดมิน
                     if (!$isAdmin) {
                         unset($save['status']);
                         unset($save['point']);
                         unset($save['admin_access']);
                     }
                     // social ห้ามแก้ไข
                     if (!empty($user->fb)) {
                         unset($save['email']);
                         unset($save['password']);
                     }
                     if ($login['id'] == $id || $id == 1) {
                         unset($save['admin_access']);
                     }
                     // บันทึก
                     if ($id == 0) {
                         // ใหม่
                         $id = $db->insert($user_table, $save);
                         // ไปหน้ารายการสมาชิก
                         $ret['location'] = $request->getUri()->postBack('index.php', array('module' => 'member', 'id' => null, 'page' => null));
                     } else {
                         // แก้ไข
                         $db->update($user_table, $id, $save);
                         if ($login['id'] == $id) {
                             // ตัวเอง
                             if (isset($save['password'])) {
                                 if (isset($save['email'])) {
                                     $_SESSION['login']['email'] = $save['email'];
                                 }
                                 $_SESSION['login']['password'] = $password;
                             }
                             // reload หน้าเว็บ
                             $ret['location'] = 'reload';
                         } else {
                             // กลับไปหน้าก่อนหน้า
                             $ret['location'] = $request->getUri()->postBack('index.php', array('id' => null));
                         }
                     }
                     // คืนค่า
                     $ret['alert'] = Language::get('Saved successfully');
                 } else {
                     // error
                     $ret['input'] = $input;
                 }
             }
         }
     } else {
         $ret['alert'] = Language::get('Unable to complete the transaction');
     }
     // คืนค่าเป็น JSON
     if (!empty($ret)) {
         echo json_encode($ret);
     }
 }
예제 #9
0
 /**
  * ฟังก์ชั่นตรวจสอบความสามารถในการอัปโหลดของ CKEDITOR
  *
  * @return bool
  */
 public static function enabledUpload()
 {
     if (Login::isAdmin()) {
         return true;
     } elseif ($login = Login::isMember()) {
         return !empty($_SESSION['CKEDITOR']) && $_SESSION['CKEDITOR'] == $login['id'];
     }
     return false;
 }
예제 #10
0
 /**
  * อ่านข้อมูลสมาชิก สำหรับผู้รับจดหมาย
  * ไม่สามารถอ่านอีเมล์ตัวเองได้
  *
  * @param Request $request
  * @param string|int $id ข้อความ "admin" หรือ ID สมาชิกผู้รับ
  * @return array ถ้าไม่พบคืนค่าแอเรย์ว่าง
  */
 public static function getUser($id)
 {
     $result = array();
     // สมาชิกเท่านั้น
     if (!empty($id) && ($login = Login::isMember())) {
         $model = new static();
         $db = $model->db();
         $where = array();
         if ($id == 'admin') {
             $where[] = array('id', 'IN', $db->createQuery()->select('id')->from('user')->where(array('status', 1)));
         } else {
             $where[] = array('id', (int) $id);
         }
         $query = $db->createQuery()->select('id', 'email', 'displayname')->from('user')->where($where)->toArray()->cacheOn();
         foreach ($query->execute() as $item) {
             if ($login['email'] != $item['email']) {
                 $result[$item['id']] = array('email' => $item['email'], 'name' => $item['displayname']);
             }
         }
     }
     return $result;
 }