public function _help_edit() { global $user, $cache; $error = array(); $sub = $this->control->get_var('sub', ''); $id = $this->control->get_var('id', 0); $submit = _button(); switch ($sub) { case 'cat': $sql = 'SELECT c.*, m.* FROM _help_cat c, _help_modules m WHERE c.help_id = ? AND c.help_module = m.module_id'; if (!$cat_data = sql_fieldrow(sql_filter($sql, $id))) { fatal_error(); } $order = $this->control->get_var('order', ''); if (!empty($order)) { if (preg_match('/_(\d+)/', $order)) { $sig = '-'; $order = str_replace('_', '', $order); } else { $sig = '+'; } $sql = 'UPDATE _help_cat SET help_order = help_order ?? ?? WHERE help_id = ?'; sql_query(sql_filter($sql, $sig, $order, $id)); $this->_help_edit_move(); $cache->delete('help_cat'); redirect(s_link_control('comments', array('mode' => $this->mode))); } // IF order $module_id = $cat_data['help_module']; $help_es = $cat_data['help_es']; $help_en = $cat_data['help_en']; break; case 'faq': $sql = 'SELECT * FROM _help_faq WHERE faq_id = ?'; if (!$faq_data = sql_fieldrow(sql_filter($sql, $id))) { fatal_error(); } $question_es = $faq_data['faq_question_es']; $question_en = $faq_data['faq_question_en']; $answer_es = $faq_data['faq_answer_es']; $answer_en = $faq_data['faq_answer_en']; $help_id = $faq_data['help_id']; break; default: redirect(s_link_control('comments', array('mode' => $this->mode))); break; } // IF submit if ($submit) { switch ($sub) { case 'cat': $module_id = $this->control->get_var('module_id', 0); $help_es = $this->control->get_var('help_es', ''); $help_en = $this->control->get_var('help_en', ''); if (empty($help_es) || empty($help_en)) { $error[] = 'CONTROL_COMMENTS_HELP_EMPTY'; } // Update if (!sizeof($error)) { $sql_update = array( 'help_es' => $help_es, 'help_en' => $help_en, 'help_module' => (int) $module_id ); $sql = 'UPDATE _help_cat SET ?? WHERE help_id = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $id)); $cache->delete('help_cat'); redirect(s_link_control('comments', array('mode' => $this->mode))); } break; case 'faq': $question_es = $this->control->get_var('question_es', ''); $question_en = $this->control->get_var('question_en', ''); $answer_es = $this->control->get_var('answer_es', ''); $answer_en = $this->control->get_var('answer_en', ''); $help_id = $this->control->get_var('help_id', 0); if (empty($question_es) || empty($question_en) || empty($answer_es) || empty($answer_en)) { $error[] = 'CONTROL_COMMENTS_HELP_EMPTY'; } if (!sizeof($error)) { $sql = 'SELECT * FROM _help_cat WHERE help_id = ?'; if (!$cat_data = sql_fieldrow(sql_filter($sql, $help_id))) { $error[] = 'CONTROL_COMMENTS_HELP_NOCAT'; } } // Update if (!sizeof($error)) { $sql_update = array( 'help_id' => (int) $help_id, 'faq_question_es' => $question_es, 'faq_question_en' => $question_en, 'faq_answer_es' => $answer_es, 'faq_answer_en' => $answer_en ); $sql = 'UPDATE _help_faq SET ?? WHERE faq_id = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $id)); $cache->delete('help_faq'); redirect(s_link_control('comments', array('mode' => $this->mode))); } break; } // switch if (sizeof($error)) { _style('error', array( 'MESSAGE' => parse_error($error)) ); } } $this->nav(); $this->control->set_nav(array('mode' => $this->mode, 'manage' => $this->manage, 'sub' => $sub, 'id' => $id), 'CONTROL_EDIT'); $layout_vars = array( 'SUB' => $sub, 'S_HIDDEN' => s_hidden(array('module' => $this->control->module, 'mode' => $this->mode, 'manage' => $this->manage, 'sub' => $sub, 'id' => $id)) ); switch ($sub) { case 'cat': $sql = 'SELECT * FROM _help_modules ORDER BY module_id'; $result = sql_rowset($sql); $select_mod = ''; foreach ($result as $row) { $selected = ($row['module_id'] == $module_id); $select_mod .= '<option' . (($selected) ? ' class="bold"' : '') . ' value="' . $row['module_id'] . '"' . (($selected) ? ' selected' : '') . '>' . $row['module_name'] . '</option>'; } $layout_vars += array( 'MODULE' => $select_mod, 'HELP_ES' => $help_es, 'HELP_EN' => $help_en ); break; case 'faq': $sql = 'SELECT * FROM _help_cat ORDER BY help_id'; $result = sql_rowset($sql); $select_cat = ''; foreach ($result as $row) { $selected = ($row['help_id'] == $help_id); $select_cat .= '<option' . (($selected) ? ' class="bold"' : '') . ' value="' . $row['help_id'] . '"' . (($selected) ? ' selected' : '') . '>' . $row['help_es'] . ' | ' . $row['help_en'] . '</option>'; } $layout_vars += array( 'CATEGORY' => $select_cat, 'QUESTION_ES' => $question_es, 'QUESTION_EN' => $question_en, 'ANSWER_ES' => $answer_es, 'ANSWER_EN' => $answer_en ); break; } _style($layout_vars); return; }
function layout($where = 1, $error = array(), $params = array()) { global $db, $user, $config, $userdata; page_header(); echo '<div class="vsep-pre"><div class="vsep1"> </div></div>'; switch ($where) { case 1: if (!sizeof($params)) { $params = $userdata; } ?> <div class="vsep-pre"><div class="vsep1"> </div></div> <form action="<?php echo s_link('ranks'); ?> " method="post"> <div class="colorbox darkborder pad10"> <div align="center" class="h2"><?php echo $userdata['username']; ?> </div> <div class="ie-widthfix"> <?php show_error($error); ?> <br /> <table cellpadding="5" cellspacing="0" border="1" bordercolor="#999999" class="table-collapse" align="center"> <tr> <td>Rango Mínimo</td> <td><input type="text" name="user_rank_min" value="<?php echo $params['user_rank_min']; ?> " /></td> </tr> <tr> <td>Rango Máximo</td> <td><input type="text" name="user_rank_max" value="<?php echo $params['user_rank_max']; ?> " /></td> </tr> </table> <div align="center"> <?php echo s_hidden(array('userid' => $userdata['user_id'])); ?> <br /> <input type="submit" class="submitdata" name="submit" value="Realizar consulta" /> </div> </div> </div> </form> <?php break; case 2: $sql = 'SELECT * FROM _users WHERE user_id <> 1 AND user_adm = 0 ORDER BY username'; if ($result = sql_rowset($sql)) { echo '<div class="tdisb pad10 red colorbox dsm ie-widthfix">'; foreach ($result as $row) { echo '<div class="pad4">• <a href="' . s_link('ranks', $row['user_id']) . '">' . $row['username'] . '</a></div>'; } } break; } echo '</div>'; page_footer(); }
function print_layout($error = array()) { global $_submenu, $print_auth, $db, $user, $config, $screen; page_header(); $page_e = explode('/', requested_url()); $folder = array_splice($page_e, 1, 1); $folder = !empty($screen) ? $screen : $folder[0]; $_buildmenu = array(); foreach ($_submenu as $k => $v) { if (!$print_auth[$k]) { continue; } $_buildmenu[] = $k == $folder ? '<strong class="gray">' . $v . '</strong>' : '<a href="' . s_link('print', $k) . '">' . $v . '</a>'; } ?> <div class="vsep-pre"><div class="vsep1"> </div></div> <div class="subtitle-link-container"><div><?php echo implode(' <span class="soft">|</span> ', $_buildmenu); ?> </div></div> <?php // Show requested screen $call_func = 's_print_' . $screen; if (function_exists($call_func)) { ?> <div class="vsep-pre"><div class="vsep1"> </div></div> <form action="<?php echo s_link('print'); ?> " method="post"> <div class="colorbox darkborder pad10"> <div align="center" class="h2"><?php echo $_submenu[$screen]; ?> </div> <div class="ie-widthfix"> <?php show_error($error); ?> <br /> <table cellpadding="5" cellspacing="0" border="1" bordercolor="#999999" class="table-collapse" align="center"> <?php $call_func(); ?> </table> <div align="center"> <?php echo s_hidden(array('screen' => $screen)); ?> <br /> <input type="submit" class="submitdata" name="submit" value="Realizar consulta" /> </div> </div> </div> </form> <?php } page_footer(); }
private function conversations_delete() { global $comments, $user; $mark = request_var('mark', array(0)); if (_button('delete') && $mark) { if (_button('confirm')) { $comments->dc_delete($mark); } else { $s_hidden = array('delete' => true); $i = 0; foreach ($mark as $item) { $s_hidden += array('mark[' . $i++ . ']' => $item); } // Output to template // $layout_vars = array( 'MESSAGE_TEXT' => (sizeof($mark) == 1) ? lang('confirm_delete_pm') : lang('confirm_delete_pms'), 'S_CONFIRM_ACTION' => s_link('my dc'), 'S_HIDDEN_FIELDS' => s_hidden($s_hidden) ); page_layout('DCONVS', 'confirm', $layout_vars); } redirect(s_link('my dc')); } return; }
function do_login($box_text = '', $need_admin = false, $extra_vars = false) { global $config, $user; $error = w(); $action = request_var('mode', ''); if (empty($user->data)) { $user->init(false); } if (empty($user->lang)) { $user->setup(); } if ($user->is('bot')) { redirect(s_link()); } $code_invite = request_var('invite', ''); $admin = _button('admin'); $login = _button('login'); $submit = _button(); $need_auth = false; if ($admin) { $need_auth = true; } $v_fields = array( 'username' => '', 'email' => '', 'email_confirm' => '', 'key' => '', 'key_confirm' => '', 'gender' => 0, 'birthday_month' => 0, 'birthday_day' => 0, 'birthday_year' => 0, 'tos' => 0, 'ref' => 0 ); if (!empty($code_invite)) { $sql = 'SELECT i.invite_email, m.user_email FROM _members_ref_invite i, _members m WHERE i.invite_code = ? AND i.invite_uid = m.user_id'; if (!$invite_row = sql_fieldrow(sql_filter($sql, $code_invite))) { fatal_error(); } $v_fields['ref'] = $invite_row['user_email']; $v_fields['email'] = $invite_row['invite_email']; unset($invite_row); } switch ($action) { case 'in': if ($user->is('member') && !$admin) { redirect(s_link()); } if ($login && (!$user->is('member') || $admin)) { $username = request_var('username', ''); $password = request_var('password', ''); $ref = request_var('ref', ''); if (!empty($username) && !empty($password)) { $username_base = get_username_base($username); $sql = 'SELECT user_id, username, user_password, user_type, user_country, user_avatar, user_location, user_gender, user_birthday FROM _members WHERE username_base = ?'; if ($row = sql_fieldrow(sql_filter($sql, $username_base))) { $exclude_type = array(USER_INACTIVE); if (ValidatePassword($password, $row['user_password']) && (!in_array($row['user_type'], $exclude_type))) { $user->session_create($row['user_id'], $admin); if (!$row['user_country'] || !$row['user_location'] || !$row['user_gender'] || !$row['user_birthday'] || !$row['user_avatar']) { $ref = s_link('my', 'profile'); } else { $ref = (empty($ref) || (preg_match('#' . preg_quote($config['server_name']) . '/$#', $ref))) ? s_link('today') : $ref; } redirect($ref); } } } } break; case 'out': if ($user->is('member')) { $user->session_kill(); } redirect(s_link()); break; case 'up': if ($user->is('member')) { redirect(s_link('my profile')); } else if ($user->is('bot')) { redirect(s_link()); } $code = request_var('code', ''); if (!empty($code)) { if (!preg_match('#([a-z0-9]+)#is', $code)) { fatal_error(); } $sql = 'SELECT c.*, m.user_id, m.username, m.username_base, m.user_email FROM _crypt_confirm c, _members m WHERE c.crypt_code = ? AND c.crypt_userid = m.user_id'; if (!$crypt_data = sql_fieldrow(sql_filter($sql, $code))) { fatal_error(); } $user_id = $crypt_data['user_id']; $sql = 'UPDATE _members SET user_type = ? WHERE user_id = ?'; sql_query(sql_filter($sql, USER_NORMAL, $user_id)); $sql = 'DELETE FROM _crypt_confirm WHERE crypt_code = ? AND crypt_userid = ?'; sql_query(sql_filter($sql, $code, $user_id)); $emailer = new emailer(); $emailer->from('info'); $emailer->use_template('user_welcome_confirm'); $emailer->email_address($crypt_data['user_email']); $emailer->assign_vars(array( 'USERNAME' => $crypt_data['username']) ); $emailer->send(); $emailer->reset(); $user->session_create($user_id, 0); // if (empty($user->data)) { $user->init(); } if (empty($user->lang)) { $user->setup(); } $custom_vars = array( 'S_REDIRECT' => '', 'MESSAGE_TITLE' => lang('information'), 'MESSAGE_TEXT' => lang('membership_added_confirm') ); page_layout('INFORMATION', 'message', $custom_vars); } // /*$sql = 'SELECT * FROM _members_ref_assoc WHERE ref_uid = ?'; if ($ref_assoc = sql_fieldrow(sql_filter($sql, $user_id))) { if ($user_id != $ref_assoc['ref_orig']) { $user->points_add(3, $ref_assoc['ref_orig']); $sql_insert = array( 'user_id' => $user_id, 'buddy_id' => $ref_assoc['ref_orig'], 'friend_time' => time() ); sql_insert('members_friends', $sql_insert); $sql_insert = array( 'user_id' => $ref_assoc['ref_orig'], 'buddy_id' => $user_id, 'friend_time' => time() ); sql_insert('members_friends', $sql_insert); $user->save_unread(UH_FRIEND, $user_id, 0, $ref_assoc['ref_orig']); } $sql = 'DELETE FROM _members_ref_assoc WHERE ref_id = ?'; sql_query(sql_filter($sql, $ref_assoc['ref_id'])); } // $sql = 'SELECT * FROM _members_ref_invite WHERE invite_email = ?'; if ($row = sql_fieldrow(sql_filter($sql, $crypt_data['user_email']))) { $sql = 'DELETE FROM _members_ref_invite WHERE invite_code = ?'; sql_query(sql_filter($sql, $row['invite_code'])); } // $emailer = new emailer(); $emailer->from('info'); $emailer->use_template('user_welcome_confirm'); $emailer->email_address($crypt_data['user_email']); $emailer->assign_vars(array( 'USERNAME' => $crypt_data['username']) ); $emailer->send(); $emailer->reset(); // if (empty($user->data)) { $user->init(); } if (empty($user->lang)) { $user->setup(); } $custom_vars = array( 'S_REDIRECT' => '', 'MESSAGE_TITLE' => lang('information'), 'MESSAGE_TEXT' => lang('membership_added_confirm') ); page_layout('INFORMATION', 'message', $custom_vars); * */ if ($submit) { foreach ($v_fields as $k => $v) { $v_fields[$k] = request_var($k, $v); } if (empty($v_fields['username'])) { $error['username'] = '******'; } else { $len_username = strlen($v_fields['username']); if (($len_username < 2) || ($len_username > 20) || !get_username_base($v_fields['username'], true)) { $error['username'] = '******'; } if (!sizeof($error)) { $result = validate_username($v_fields['username']); if ($result['error']) { $error['username'] = $result['error_msg']; } } if (!sizeof($error)) { $v_fields['username_base'] = get_username_base($v_fields['username']); $sql = 'SELECT user_id FROM _members WHERE username_base = ?'; if (sql_field(sql_filter($sql, $v_fields['username_base']), 'user_id', 0)) { $error['username'] = '******'; } } if (!sizeof($error)) { $sql = 'SELECT ub FROM _artists WHERE subdomain = ?'; if (sql_field(sql_filter($sql, $v_fields['username_base']), 'ub', 0)) { $error['username'] = '******'; } } } if (empty($v_fields['email']) || empty($v_fields['email_confirm'])) { if (empty($v_fields['email'])) { $error['email'] = 'EMPTY_EMAIL'; } if (empty($v_fields['email_confirm'])) { $error['email_confirm'] = 'EMPTY_EMAIL_CONFIRM'; } } else { if ($v_fields['email'] == $v_fields['email_confirm']) { $result = validate_email($v_fields['email']); if ($result['error']) { $error['email'] = $result['error_msg']; } } else { $error['email'] = 'EMAIL_MISMATCH'; $error['email_confirm'] = 'EMAIL_MISMATCH'; } } if (!empty($v_fields['key']) && !empty($v_fields['key_confirm'])) { if ($v_fields['key'] != $v_fields['key_confirm']) { $error['key'] = 'PASSWORD_MISMATCH'; } else if (strlen($v_fields['key']) > 32) { $error['key'] = 'PASSWORD_LONG'; } } else { if (empty($v_fields['key'])) { $error['key'] = 'EMPTY_PASSWORD'; } elseif (empty($v_fields['key_confirm'])) { $error['key_confirm'] = 'EMPTY_PASSWORD_CONFIRM'; } } if (!$v_fields['birthday_month'] || !$v_fields['birthday_day'] || !$v_fields['birthday_year']) { $error['birthday'] = 'EMPTY_BIRTH_MONTH'; } if (!$v_fields['tos']) { $error['tos'] = 'AGREETOS_ERROR'; } if (!sizeof($error)) { //$v_fields['country'] = strtolower(geoip_country_code_by_name($user->ip)); $v_fields['country'] = 90; $v_fields['birthday'] = leading_zero($v_fields['birthday_year']) . leading_zero($v_fields['birthday_month']) . leading_zero($v_fields['birthday_day']); $member_data = array( 'user_type' => USER_INACTIVE, 'user_active' => 1, 'username' => $v_fields['username'], 'username_base' => $v_fields['username_base'], 'user_password' => HashPassword($v_fields['key']), 'user_regip' => $user->ip, 'user_session_time' => 0, 'user_lastpage' => '', 'user_lastvisit' => time(), 'user_regdate' => time(), 'user_level' => 0, 'user_posts' => 0, 'userpage_posts' => 0, 'user_points' => 0, 'user_timezone' => $config['board_timezone'], 'user_dst' => $config['board_dst'], 'user_lang' => $config['default_lang'], 'user_dateformat' => $config['default_dateformat'], 'user_country' => (int) $v_fields['country'], 'user_rank' => 0, 'user_avatar' => '', 'user_avatar_type' => 0, 'user_email' => $v_fields['email'], 'user_lastlogon' => 0, 'user_totaltime' => 0, 'user_totallogon' => 0, 'user_totalpages' => 0, 'user_gender' => $v_fields['gender'], 'user_birthday' => (string) $v_fields['birthday'], 'user_mark_items' => 0, 'user_topic_order' => 0, 'user_email_dc' => 1, 'user_refop' => 0, 'user_refby' => $v_fields['ref'] ); $user_id = sql_insert('members', $member_data); set_config('max_users', $config['max_users'] + 1); // Confirmation code $verification_code = md5(unique_id()); $insert = array( 'crypt_userid' => $user_id, 'crypt_code' => $verification_code, 'crypt_time' => $user->time ); sql_insert('crypt_confirm', $insert); // Emailer $emailer = new emailer(); if (!empty($v_fields['ref'])) { $valid_ref = email_format($v_fields['ref']); if ($valid_ref) { $sql = 'SELECT user_id FROM _members WHERE user_email = ?'; if ($ref_friend = sql_field(sql_filter($sql, $v_fields['ref']), 'user_id', 0)) { $sql_insert = array( 'ref_uid' => $user_id, 'ref_orig' => $ref_friend ); sql_insert('members_ref_assoc', $sql_insert); $sql_insert = array( 'user_id' => $user_id, 'buddy_id' => $ref_friend, 'friend_time' => time() ); sql_insert('members_friends', $sql_insert); } else { $invite_user = explode('@', $v_fields['ref']); $invite_code = substr(md5(unique_id()), 0, 6); $sql_insert = array( 'invite_code' => $invite_code, 'invite_email' => $v_fields['ref'], 'invite_uid' => $user_id ); sql_insert('members_ref_invite', $sql_insert); $emailer->from('info'); $emailer->use_template('user_invite'); $emailer->email_address($v_fields['ref']); $emailer->assign_vars(array( 'INVITED' => $invite_user[0], 'USERNAME' => $v_fields['username'], 'U_REGISTER' => s_link('my register a', $invite_code)) ); $emailer->send(); $emailer->reset(); } } } // Send confirm email $emailer->from('info'); $emailer->use_template('user_welcome'); $emailer->email_address($v_fields['email']); $emailer->assign_vars(array( 'USERNAME' => $v_fields['username'], 'U_ACTIVATE' => 'http:' . s_link('signup', $verification_code)) ); $emailer->send(); $emailer->reset(); $custom_vars = array( 'MESSAGE_TITLE' => lang('information'), 'MESSAGE_TEXT' => lang('membership_added') ); page_layout('INFORMATION', 'message', $custom_vars); /* $user->session_create($user_id, 0); redirect(s_link()); */ } } break; case 'r': if ($user->is('member')) { redirect(s_link('my profile')); } else if ($user->is('bot')) { redirect(s_link()); } $code = request_var('code', ''); if (request_var('r', 0)) { redirect(s_link()); } if (!empty($code)) { if (!preg_match('#([a-z0-9]+)#is', $code)) { fatal_error(); } $sql = 'SELECT c.*, m.user_id, m.username, m.username_base, m.user_email FROM _crypt_confirm c, _members m WHERE c.crypt_code = ? AND c.crypt_userid = m.user_id'; if (!$crypt_data = sql_fieldrow(sql_filter($sql, $code))) { fatal_error(); } if (_button()) { $password = request_var('newkey', ''); $password2 = request_var('newkey2', ''); if (!empty($password)) { if ($password === $password2) { $crypt_password = HashPassword($password); $sql = 'UPDATE _members SET user_password = ? WHERE user_id = ?'; sql_query(sql_filter($sql, $crypt_password, $crypt_data['user_id'])); $sql = 'DELETE FROM _crypt_confirm WHERE crypt_userid = ?'; sql_query(sql_filter($sql, $crypt_data['user_id'])); // Send email $emailer = new emailer(); $emailer->from('info'); $emailer->use_template('user_confirm_passwd', $config['default_lang']); $emailer->email_address($crypt_data['user_email']); $emailer->assign_vars(array( 'USERNAME' => $crypt_data['username'], 'PASSWORD' => $password, 'U_PROFILE' => s_link('m', $crypt_data['username_base'])) ); $emailer->send(); $emailer->reset(); // v_style(array( 'PAGE_MODE' => 'updated' )); } else { v_style(array( 'PAGE_MODE' => 'nomatch', 'S_CODE' => $code) ); } } else { v_style(array( 'PAGE_MODE' => 'nokey', 'S_CODE' => $code) ); } } else { v_style(array( 'PAGE_MODE' => 'verify', 'S_CODE' => $code) ); } } else if (_button()) { $email = request_var('address', ''); if (empty($email) || !email_format($email)) { fatal_error(); } $sql = 'SELECT * FROM _members WHERE user_email = ? AND user_active = 1 AND user_type NOT IN (??, ??) AND user_id NOT IN ( SELECT ban_userid FROM _banlist )'; if (!$userdata = sql_fieldrow(sql_filter($sql, $email, USER_INACTIVE, USER_FOUNDER))) { fatal_error(); } $emailer = new emailer(); $verification_code = md5(unique_id()); $sql = 'DELETE FROM _crypt_confirm WHERE crypt_userid = ?'; sql_query(sql_filter($sql, $userdata['user_id'])); $insert = array( 'crypt_userid' => $userdata['user_id'], 'crypt_code' => $verification_code, 'crypt_time' => $user->time ); sql_insert('crypt_confirm', $insert); // Send email $emailer->from('info'); $emailer->use_template('user_activate_passwd', $config['default_lang']); $emailer->email_address($userdata['user_email']); $emailer->assign_vars(array( 'USERNAME' => $userdata['username'], 'U_ACTIVATE' => s_link('signr', $verification_code)) ); $emailer->send(); $emailer->reset(); _style('reset_complete'); } break; default: break; } // // Signup data // if (sizeof($error)) { _style('error', array( 'MESSAGE' => parse_error($error)) ); } $s_genres_select = ''; $genres = array(1 => 'MALE', 2 => 'FEMALE'); foreach ($genres as $id => $value) { $s_genres_select .= '<option value="' . $id . '"' . (($v_fields['gender'] == $id) ? ' selected="true"' : '') . '>' . lang($value) . '</option>'; } $s_bday_select = ''; for ($i = 1; $i < 32; $i++) { $s_bday_select .= '<option value="' . $i . '"' . (($v_fields['birthday_day'] == $i) ? 'selected="true"' : '') . '>' . $i . '</option>'; } $s_bmonth_select = ''; $months = array(1 => 'January', 2 => 'February', 3 => 'March', 4 => 'April', 5 => 'May', 6 => 'June', 7 => 'July', 8 => 'August', 9 => 'September', 10 => 'October', 11 => 'November', 12 => 'December'); foreach ($months as $id => $value) { $s_bmonth_select .= '<option value="' . $id . '"' . (($v_fields['birthday_month'] == $id) ? ' selected="true"' : '') . '>' . $user->lang['datetime'][$value] . '</option>'; } $s_byear_select = ''; $current_year = date('Y'); for ($i = ($current_year - 1); $i > $current_year - 102; $i--) { $s_byear_select .= '<option value="' . $i . '"' . (($v_fields['birthday_year'] == $i) ? ' selected="true"' : '') . '>' . $i . '</option>'; } $v_fields['birthday'] = false; if (isset($error['birthday'])) { $v_fields['birthday'] = true; } $s_hidden = w(); if ($need_auth) { $s_hidden = array('admin' => 1); } if (!isset($v_fields['refby'])) { $v_fields['refby'] = ''; } $layout_vars = array( 'IS_NEED_AUTH' => $need_auth, 'IS_LOGIN' => $login, 'CUSTOM_MESSAGE' => $box_text, 'S_HIDDEN_FIELDS' => s_hidden($s_hidden), 'U_SIGNIN' => s_link('signin'), 'U_SIGNUP' => s_link('signup'), 'U_SIGNOUT' => s_link('signout'), 'U_PASSWORD' => s_link('signr'), 'V_USERNAME' => $v_fields['username'], 'V_KEY' => $v_fields['key'], 'V_KEY_CONFIRM' => $v_fields['key_confirm'], 'V_EMAIL' => $v_fields['email'], 'V_REFBY' => $v_fields['refby'], 'V_GENDER' => $s_genres_select, 'V_BIRTHDAY_DAY' => $s_bday_select, 'V_BIRTHDAY_MONTH' => $s_bmonth_select, 'V_BIRTHDAY_YEAR' => $s_byear_select, 'V_TOS' => ($v_fields['tos']) ? ' checked="true"' : '', 'PAGE_MODE' => '' ); foreach ($v_fields as $k => $v) { $layout_vars['E_' . strtoupper($k)] = (isset($error[$k])) ? true : false; } if ($login) { $ref = request_var('ref', ''); _style('error', array( 'LASTPAGE' => ($ref != '') ? $ref : s_link()) ); } $box_text = (!empty($box_text)) ? lang($box_text, $box_text) : ''; page_layout('LOGIN2', 'login', $layout_vars); }
?> </div> <div class="ie-widthfix"> <?php show_error($error); ?> <br /> <table cellpadding="5" cellspacing="0" border="1" bordercolor="#999999" class="table-collapse" align="center"> <?php $call_func(); ?> </table> <div align="center"> <?php echo s_hidden(array('screen' => $screen)); ?> <br /><br /> <?php if ($screen == 'f') { ?> Luego de guardar información regresar a: <input type="radio" onClick="hideb('cw');" name="return_this" value="0"<?php if (!$user->data['user_return_insert']) { echo ' checked'; } ?> /> Exenciones <input type="radio" onClick="showb('cw');" name="return_this" value="1"<?php if ($user->data['user_return_insert']) { echo ' checked'; } ?>
private function remove() { global $config, $user; $auth_url = s_link('acp', array('artist_auth', 'a' => $this->object['subdomain'])); if (_button('cancel')) { redirect($auth_url); } $submit = _button('remove'); $confirm = _button('confirm'); if ($submit || $confirm) { $result = request_var('s_members', array(0)); if (sizeof($result)) { $sql = 'SELECT m.user_id, m.username, m.user_rank FROM _artists_auth a, _members m WHERE a.ub = ? AND m.user_id IN (??) AND m.user_id <> ? AND m.user_type <> ?? AND a.user_id = m.user_id ORDER BY m.user_id'; $result = sql_rowset(sql_filter($sql, $this->object['ub'], implode(',', $result), $user->data['user_id'], USER_INACTIVE), 'user_id'); } if (!$result) { redirect($auth_url); } /* If Confirm button is pressed. */ if ($confirm) { foreach ($result as $row) { $update = w(); $user_type = USER_ARTIST; $sql = 'SELECT COUNT(ub) AS total FROM _artists_auth WHERE user_id = ?'; $total = sql_field(sql_filter($sql, $row['user_id']), 'total', 0); if ($total == 1) { $update['user_auth_control'] = 0; $user_type = USER_NORMAL; if ($item['user_rank'] == $config['default_a_rank']) { $update['user_rank'] = 0; } $sql = 'SELECT * FROM _artists_fav WHERE user_id = ?'; if (sql_fieldrow(sql_filter($sql, $row['user_id']))) { $user_type = USER_FAN; } $update['user_type'] = $user_type; $sql = 'UPDATE _members SET ?? WHERE user_id = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $update), $row['user_id'])); } $sql = 'DELETE FROM _artists_auth WHERE ub = ? AND user_id = ?'; sql_query(sql_filter($sql, $this->object['ub'], $row['user_id'])); } return redirect($auth_url); } /* Display confirm dialog */ $result_list = ''; foreach ($result as $row) { $result_list .= (($result_list != '') ? ', ' : '') . $row['username']; $result_hidden .= s_hidden(array('s_members[]' => $row['user_id'])); } $message = count($result) == 1 ? '2' : ''; $layout_vars = array( 'MESSAGE_TEXT' => sprintf(lang('acp_artist_auth_delete' . $message), $this->object['name'], $result_list), 'S_CONFIRM_ACTION' => s_link('acp', array('artist_auth', 'a' => $this->object['subdomain'])), 'S_HIDDEN_FIELDS' => $result_hidden ); page_layout('ACP_ARTIST_AUTH', 'confirm', $layout_vars); } redirect($auth_url); return; }
function layout($where = 1, $error = array(), $params = array()) { global $db, $user, $config, $userdata; page_header(); echo '<div class="vsep-pre"><div class="vsep1"> </div></div>'; switch ($where) { case 1: if (!sizeof($params)) { $params = $userdata; } ?> <div class="vsep-pre"><div class="vsep1"> </div></div> <form action="<?php echo s_link('users'); ?> " method="post"> <div class="colorbox darkborder pad10"> <div align="center" class="h2"><?php echo $userdata['username']; ?> </div> <div class="ie-widthfix"> <?php show_error($error); ?> <br /> <table cellpadding="5" cellspacing="0" border="1" bordercolor="#999999" class="table-collapse" align="center"> <tr> <td>Administrador</td> <td><input type="radio" name="user_adm" value="0"<?php echo !$params['user_adm'] ? ' checked' : ''; ?> /> No <input type="radio" name="user_adm" value="1"<?php echo $params['user_adm'] ? ' checked' : ''; ?> /> Si</td> </tr> <tr> <td>Nombre de Usuario</td> <td><input type="text" name="username" value="<?php echo $params['username']; ?> " /></td> </tr> <tr> <td>Contraseña</td> <td><input type="text" name="user_password1" value="" /></td> </tr> <tr> <td>Confirmación de contraseña</td> <td><input type="text" name="user_password2" value="" /></td> </tr> <tr> <td>Correo electrónico</td> <td><input type="text" name="user_email" value="<?php echo $params['user_email']; ?> " /></td> </tr> <tr> <td>Rango mínimo</td> <td><input type="text" name="user_rank_min" value="<?php echo $params['user_rank_min']; ?> " /></td> </tr> <tr> <td>Rango máximo</td> <td><input type="text" name="user_rank_max" value="<?php echo $params['user_rank_max']; ?> " /></td> </tr> <tr> <td>Copias de impresión</td> <td><input type="text" name="user_print_copies" value="<?php echo $params['user_print_copies']; ?> " /></td> </tr> <tr> <td class="red" colspan="2" align="center"><strong><h3>Autorización</h3></strong></td> </tr> <tr> <td>Acceso al sistema</td> <td><input type="radio" name="auth_access" value="0"<?php echo !$params['auth_access'] ? ' checked' : ''; ?> /> No <input type="radio" name="auth_access" value="1"<?php echo $params['auth_access'] ? ' checked' : ''; ?> /> Si</td> </tr> <tr> <td>Ingresar</td> <td><input type="radio" name="auth_insert" value="0"<?php echo !$params['auth_insert'] ? ' checked' : ''; ?> /> No <input type="radio" name="auth_insert" value="1"<?php echo $params['auth_insert'] ? ' checked' : ''; ?> /> Si</td> </tr> <tr> <td>Editar</td> <td><input type="radio" name="auth_edit" value="0"<?php echo !$params['auth_edit'] ? ' checked' : ''; ?> /> No <input type="radio" name="auth_edit" value="1"<?php echo $params['auth_edit'] ? ' checked' : ''; ?> /> Si</td> </tr> <tr> <td>Anular</td> <td><input type="radio" name="auth_null" value="0"<?php echo !$params['auth_null'] ? ' checked' : ''; ?> /> No <input type="radio" name="auth_null" value="1"<?php echo $params['auth_null'] ? ' checked' : ''; ?> /> Si</td> </tr> <tr> <td>Eliminar</td> <td><input type="radio" name="auth_delete" value="0"<?php echo !$params['auth_delete'] ? ' checked' : ''; ?> /> No <input type="radio" name="auth_delete" value="1"<?php echo $params['auth_delete'] ? ' checked' : ''; ?> /> Si</td> </tr> <tr> <td>Búsqueda</td> <td><input type="radio" name="auth_search" value="0"<?php echo !$params['auth_search'] ? ' checked' : ''; ?> /> No <input type="radio" name="auth_search" value="1"<?php echo $params['auth_search'] ? ' checked' : ''; ?> /> Si</td> </tr> <tr> <td>Asignar rangos de ingreso</td> <td><input type="radio" name="auth_ranks" value="0"<?php echo !$params['auth_ranks'] ? ' checked' : ''; ?> /> No <input type="radio" name="auth_ranks" value="1"<?php echo $params['auth_ranks'] ? ' checked' : ''; ?> /> Si</td> </tr> <tr> <td>Imprimir</td> <td><input type="radio" name="auth_print" value="0"<?php echo !$params['auth_print'] ? ' checked' : ''; ?> /> No <input type="radio" name="auth_print" value="1"<?php echo (int) $params['auth_print'] === 1 ? ' checked' : ''; ?> /> Exenciones y revisión <input type="radio" name="auth_print" value="2"<?php echo (int) $params['auth_print'] === 2 ? ' checked' : ''; ?> /> Todo (SAT)</td> </tr> <tr> <td>Ver registro de cambios</td> <td><input type="radio" name="auth_log" value="0"<?php echo !$params['auth_log'] ? ' checked' : ''; ?> /> No <input type="radio" name="auth_log" value="1"<?php echo $params['auth_log'] ? ' checked' : ''; ?> /> Si</td> </tr> </table> <div align="center"> <?php echo s_hidden(array('userid' => $userdata['user_id'])); ?> <br /> <input type="submit" class="submitdata" name="submit" value="Realizar consulta" /> </div> </div> </div> </form> <?php break; case 2: $sql = 'SELECT * FROM _users WHERE user_id <> 1 ORDER BY username'; if ($result = sql_rowset($sql)) { echo '<div class="tdisb pad10 red colorbox dsm ie-widthfix">'; foreach ($result as $row) { echo '<div class="pad4">• <a href="' . s_link('users', $row['user_id']) . '">' . $row['username'] . '</a></div>'; } } if ($user->data['user_adm']) { ?> </div> <div class="vsep-pre"><div class="vsep1"> </div></div> <form action="<?php echo s_link('users'); ?> " method="post"> <div class="colorbox darkborder pad10"> <div align="center" class="h2"><?php echo $userdata['username']; ?> </div> <div class="ie-widthfix"> <?php show_error($error); ?> <br /> <table cellpadding="5" cellspacing="0" border="1" bordercolor="#999999" class="table-collapse" align="center"> <tr> <td>Nombre de Usuario</td> <td><input type="text" name="u_username" value="" /></td> </tr> <tr> <td>Contraseña</td> <td><input type="text" name="u_password" value="" /></td> </tr> <tr> <td>Correo electrónico</td> <td><input type="text" name="u_email" value="" /></td> </tr> <tr> <td class="red" colspan="2" align="center"><strong><h3>Autorización</h3></strong></td> </tr> <tr> <td>Acceso al sistema</td> <td><input type="radio" name="auth_access" value="0" checked="checked" /> No <input type="radio" name="auth_access" value="1" checked="checked" /> Si</td> </tr> <tr> <td>Ingresar</td> <td><input type="radio" name="auth_insert" value="0" /> No <input type="radio" name="auth_insert" value="1" checked="checked" /> Si</td> </tr> <tr> <td>Editar</td> <td><input type="radio" name="auth_edit" value="0" /> No <input type="radio" name="auth_edit" value="1" checked="checked" /> Si</td> </tr> <tr> <td>Anular</td> <td><input type="radio" name="auth_null" value="0" /> No <input type="radio" name="auth_null" value="1" checked="checked" /> Si</td> </tr> <tr> <td>Eliminar</td> <td><input type="radio" name="auth_delete" value="0" /> No <input type="radio" name="auth_delete" value="1" checked="checked" /> Si</td> </tr> <tr> <td>Búsqueda</td> <td><input type="radio" name="auth_search" value="0" /> No <input type="radio" name="auth_search" value="1" checked="checked" /> Si</td> </tr> <tr> <td>Asignar rangos de ingreso</td> <td><input type="radio" name="auth_ranks" value="0" /> No <input type="radio" name="auth_ranks" value="1" checked="checked" /> Si</td> </tr> <tr> <td>Imprimir</td> <td><input type="radio" name="auth_print" value="0" /> No <input type="radio" name="auth_print" value="1" checked="checked" /> Exenciones y revisión <input type="radio" name="auth_print" value="2" /> Todo (SAT)</td> </tr> <tr> <td>Ver registro de cambios</td> <td><input type="radio" name="auth_log" value="0" /> No <input type="radio" name="auth_log" value="1" checked="checked" /> Si</td> </tr> </table> <div align="center"><br /><input type="submit" class="submitdata" name="create" value="Crear usuario" /></div> </div> </div> </form> <?php } break; } echo '</div>'; page_footer(); }
function edit_layout($error = false) { global $_submenu, $db, $config, $screen; page_header(); submenu(); // Show requested screen $call_func = 'e_print_' . $screen; if (function_exists($call_func)) { ?> <div class="vsep-pre"><div class="vsep1"> </div></div> <form action="<?php echo s_link('edit'); ?> " method="post"> <div class="colorbox darkborder pad10"> <div align="center" class="h2"><?php echo $_submenu[$screen]; ?> </div> <div class="ie-widthfix"> <?php if ($error !== false && sizeof($error)) { ?> <a name="error"></a><br /> <div align="center"> <div align="center" class="pad10 red colorbox dsm box ie-widthfix"> <strong>Búsqueda</strong><br /><br /><?php echo implode('<br />', $error); ?> </div> </div> <?php } ?> <br /> <table cellpadding="5" cellspacing="0" border="1" bordercolor="#999999" class="table-collapse" align="center"> <?php $call_func(); ?> </table> <div align="center"> <?php echo s_hidden(array('screen' => $screen)); ?> <br /> <input type="submit" class="submitdata" name="submit1" value="Realizar consulta" /> </div> </div> </div> </form> <?php } page_footer(); }