function applet_users() { $inCore = cmsCore::getInstance(); cmsCore::loadClass('actions'); cmsCore::loadModel('users'); $model = new cms_model_users(); // подключаем язык компонента регистрации cmsCore::loadLanguage('components/registration'); global $_LANG; global $adminAccess; if (!cmsUser::isAdminCan('admin/users', $adminAccess)) { cpAccessDenied(); } cmsCore::c('page')->setTitle($_LANG['AD_USERS']); cpAddPathway($_LANG['AD_USERS'], 'index.php?view=users'); $do = cmsCore::request('do', 'str', 'list'); $id = cmsCore::request('id', 'int', 0); if ($do == 'list') { $toolmenu = array( array( 'icon' => 'useradd.gif', 'title' => $_LANG['AD_USER_ADD'], 'link' => '?view=users&do=add' ), array( 'icon' => 'useredit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=users&do=edit&multiple=1');" ), array( 'icon' => 'userdelete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:if(confirm('". $_LANG['AD_IF_USERS_SELECT_REMOVE'] ."')) { checkSel('?view=users&do=delete&multiple=1'); }" ), array( 'icon' => 'usergroup.gif', 'title' => $_LANG['AD_USERS_GROUP'], 'link' => '?view=usergroups' ), array( 'icon' => 'userbanlist.gif', 'title' => $_LANG['AD_BANLIST'], 'link' => '?view=userbanlist' ), array( 'icon' => 'user_go.png', 'title' => $_LANG['AD_USERS_SELECT_ACTIVATE'], 'link' => "javascript:if(confirm('". $_LANG['AD_IF_USERS_SELECT_ACTIVATE'] ."')) { checkSel('?view=users&do=activate&multiple=1'); }" ), array( 'icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=users' ) ); cpToolMenu($toolmenu); $fields = array( array( 'title' => 'id', 'field' => 'id', 'width' => '40' ), array( 'title' => $_LANG['LOGIN'], 'field' => 'login', 'width' => '100', 'link' => '?view=users&do=edit&id=%id%', 'filter' => 12 ), array( 'title' => $_LANG['NICKNAME'], 'field' => 'nickname', 'width' => '', 'link' => '?view=users&do=edit&id=%id%', 'filter' => 12 ), array( 'title' => $_LANG['AD_RATING'], 'field' => array( 'rating', 'id' ), 'width' => '70', 'prc' => 'setRating' ), array( 'title' => $_LANG['AD_GROUP'], 'field' => 'group_id', 'width' => '110', 'prc' => 'cpGroupById', 'filter' => 1, 'filterlist' => cpGetList('cms_user_groups') ), array( 'title' => $_LANG['EMAIL'], 'field' => 'email', 'width' => '120' ), array( 'title' => $_LANG['AD_REGISTRATION_DATE'], 'field' => 'regdate', 'width' => '100' ), array( 'title' => $_LANG['AD_LAST_LOGIN'], 'field' => 'logdate', 'width' => '100' ), array( 'title' => $_LANG['AD_LAST_IP'], 'field' => 'last_ip', 'width' => '90', 'prc' => 'getIpLink' ), array( 'title' => $_LANG['AD_IS_LOCKED'], 'field' => 'is_locked', 'width' => '110', 'prc' => 'viewAct' ), array( 'title' => $_LANG['AD_IS_DELETED'], 'field' => 'is_deleted', 'width' => '80', 'prc' => 'viewDel' ) ); $actions = array( array( 'title' => $_LANG['AD_PROFILE'], 'icon' => 'profile.gif', 'link' => '/users/%login%' ), array( 'title' => $_LANG['AD_BANNED'], 'icon' => 'ban.gif', 'link' => '?view=userbanlist&do=add&to=%id%' ), array( 'title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_IS_USER_DELETE'], 'link' => '?view=users&do=delete&id=%id%' ), array( 'title' => $_LANG['AD_FOREVER_USER_DELETE'], 'icon' => 'off.gif', 'confirm' => $_LANG['AD_IF_FOREVER_USER_DELETE'], 'link' => '?view=users&do=delete_full&id=%id%' ) ); cpListTable('cms_users', $fields, $actions, '1=1', 'regdate DESC'); } if ($do == 'rerating') { $user_id = cmsCore::request('user_id', 'int'); if (!$user_id) { cmsCore::redirectBack(); } $rating = cmsUser::getRating($user_id); $user_sql = "UPDATE cms_users SET rating = ". $rating ." WHERE id = '". $user_id ."'"; cmsCore::c('db')->query($user_sql); cmsCore::redirectBack(); } if ($do == 'activate') { $user_ids = cmsCore::request('item', 'array_int'); if (!$user_ids) { cmsCore::redirectBack(); } foreach ($user_ids as $user_id) { $code = cmsCore::c('db')->get_field('cms_users_activate', "user_id = '". $user_id ."'", 'code'); $sql = "UPDATE cms_users SET is_locked = 0 WHERE id = '". $user_id ."'"; cmsCore::c('db')->query($sql); $sql = "DELETE FROM cms_users_activate WHERE code = '". $code ."'"; cmsCore::c('db')->query($sql); cmsCore::callEvent('USER_ACTIVATED', $user_id); // Регистрируем событие cmsActions::log( 'add_user', array( 'object' => '', 'user_id' => $user_id, 'object_url' => '', 'object_id' => $user_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => '' ) ); } cmsCore::redirectBack(); } if ($do == 'delete') { if (!cmsCore::inRequest('item')) { if ($id >= 0) { $model->deleteUser($id); } } else { $model->deleteUsers(cmsCore::request('item', 'array_int', array())); } cmsCore::redirectBack(); } if ($do == 'delete_full') { $model->deleteUser($id, true); cmsCore::redirectBack(); } if ($do == 'submit' || $do == 'update') { if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $types = array( 'login' => array( 'login', 'str', '' ), 'nickname' => array( 'nickname', 'str', '', 'htmlspecialchars' ), 'email' => array( 'email', 'email', '' ), 'group_id' => array( 'group_id', 'int', 1 ), 'is_locked' => array( 'is_locked', 'int', 0 ), 'password' => array( 'pass', 'str', '', 'stripslashes' ), 'pass2' => array( 'pass2', 'str', '', 'stripslashes' ) ); $items = cmsCore::getArrayFromRequest($types); $errors = false; // проверяем логин if (mb_strlen($items['login']) < 2 || mb_strlen($items['login']) > 15 || is_numeric($items['login']) || !preg_match("/^([a-zA-Z0-9])+$/ui", $items['login'])) { cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error'); $errors = true; } // проверяем пароль if ($do == 'submit') { if (!$items['password']) { cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error'); $errors = true; } } if ($items['password'] && !$items['pass2']) { cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error'); $errors = true; } if ($items['password'] && $items['pass2'] && mb_strlen($items['password']) < 6) { cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error'); $errors = true; } if ($items['password'] && $items['pass2'] && $items['password'] != $items['pass2']) { cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error'); $errors = true; } // никнейм if (mb_strlen($items['nickname']) < 2) { cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error'); $errors = true; } // Проверяем email if (!$items['email']) { cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error'); $errors = true; } // проверяем есть ли такой пользователь if ($do == 'submit') { $user_exist = cmsCore::c('db')->get_fields('cms_users', "(login LIKE '". $items['login'] ."' OR email LIKE '". $items['email'] ."') AND is_deleted = 0", 'login'); if ($user_exist) { if ($user_exist['login'] == $items['login']) { cmsCore::addSessionMessage($_LANG['LOGIN'] .' "'. $items['login'] .'" '. $_LANG['IS_BUSY'], 'error'); $errors = true; } else { cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error'); $errors = true; } } } if ($errors) { if ($do == 'submit') { cmsUser::sessionPut('items', $items); } cmsCore::redirectBack(); } if ($do == 'submit') { $items['regdate'] = date('Y-m-d H:i:s'); $items['logdate'] = date('Y-m-d H:i:s'); $items['password'] = md5($items['password']); $items['user_id'] = cmsCore::c('db')->insert('cms_users', $items); if (!$items['user_id']) { cmsCore::error404(); } cmsCore::c('db')->insert('cms_user_profiles', $items); cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success'); cmsCore::redirect('?view=users'); } else { // главного админа может редактировать только он сам if ($id == 1 && cmsCore::c('user')->id != $id) { cmsCore::error404(); } if ($id == 1) { unset($items['group_id']); unset($items['is_locked']); } if (!$items['password']) { unset($items['password']); } else { $items['password'] = md5($items['password']); } cmsCore::c('db')->update('cms_users', $items, $id); cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success'); if (empty($_SESSION['editlist'])) { cmsCore::redirect('index.php?view=users'); } else { cmsCore::redirect('index.php?view=users&do=edit'); } } } if ($do == 'edit' || $do == 'add') { $toolmenu = array( array( 'icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();' ), array( 'icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);' ) ); cpToolMenu($toolmenu); if ($do == 'edit') { if (cmsCore::inRequest('multiple')){ if (cmsCore::inRequest('item')){ $_SESSION['editlist'] = cmsCore::request('item', 'array_int', array()); } else { cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error'); cmsCore::redirectBack(); } } $ostatok = ''; if (isset($_SESSION['editlist'])) { $item_id = array_shift($_SESSION['editlist']); if (count($_SESSION['editlist']) == 0) { unset($_SESSION['editlist']); } else { $ostatok = '('. $_LANG['AD_NEXT_IN'] . count($_SESSION['editlist']) .')'; } } else { $item_id = cmsCore::request('id', 'int', 0); } $mod = cmsCore::c('db')->get_fields('cms_users', "id = '". $item_id ."'", '*'); if (!$mod) { cmsCore::error404(); } echo '<h3>'. $_LANG['AD_USER_EDIT'] .' '. $ostatok .'</h3>'; cpAddPathway($mod['nickname']); } else { $mod = cmsUser::sessionGet('items'); if ($mod) { cmsUser::sessionDel('items'); } cpAddPathway($_LANG['AD_USER_ADD']); } cmsCore::c('page')->addHeadJS('components/registration/js/check.js'); ?> <form action="index.php?view=users" method="post" enctype="multipart/form-data" name="addform" id="addform"> <input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" /> <div style="width:500px;"> <div class="form-group"> <label><?php echo $_LANG['LOGIN']; ?>:</label> <input type="text" id="logininput" class="form-control" name="login" value="<?php echo cmsCore::getArrVal($mod, 'login', ''); ?>" onchange="checkLogin()" /> <?php if ($do == 'edit') { echo '<div class="help-block" style="text-align:right;"><a target="_blank" href="/users/'. $mod['login'] .'" title="'. $_LANG['AD_USER_PROFILE'] .'">'. $_LANG['AD_USER_PROFILE'] .'</a></div>'; } ?> </div> <div class="form-group"> <label><?php echo $_LANG['NICKNAME']; ?>:</label> <input type="text" id="login" class="form-control" name="nickname" value="<?php echo htmlspecialchars(cmsCore::getArrVal($mod, 'nickname', '')); ?>" /> </div> <div class="form-group"> <label><?php echo $_LANG['EMAIL']; ?>:</label> <input type="text" id="nickname" class="form-control" name="email" value="<?php echo cmsCore::getArrVal($mod, 'email', ''); ?>" /> </div> <div class="form-group"> <label><?php if ($do == 'edit') { echo $_LANG['AD_NEW_PASS']; } else { echo $_LANG['PASS']; } ?></label> <input type="password" id="pass" class="form-control" name="pass" /> </div> <div class="form-group"> <label><?php echo $_LANG['REPEAT_PASS']; ?>:</label> <input type="password" id="pass2" class="form-control" name="pass2" /> </div> <div class="form-group"> <label><?php echo $_LANG['AD_GROUP']; ?>:</label> <select id="group_id" class="form-control" name="group_id"> <?php echo $inCore->getListItems('cms_user_groups', cmsCore::getArrVal($mod, 'group_id', 0)); ?> </select> <?php if ($do == 'edit') { echo '<div class="help-block" style="text-align:right;"><a target="_blank" href="?view=usergroups&do=edit&id='. $mod['group_id'] .'">'. $_LANG['EDIT'] .'</a></div>'; } ?> </div> <div class="form-group"> <label><?php echo $_LANG['AD_IF_ACCAUNT_LOCK']; ?></label> <div class="btn-group" data-toggle="buttons" style="float:right;"> <label class="btn btn-default <?php if ($mod['is_locked']) { echo 'active'; } ?>"> <input type="radio" name="is_locked" <?php if ($mod['is_locked']) { echo 'checked="checked"'; } ?> value="1" /> <?php echo $_LANG['YES']; ?> </label> <label class="btn btn-default <?php if (!$mod['is_locked']) { echo 'active'; } ?>"> <input type="radio" name="is_locked" <?php if (!$mod['is_locked']) { echo 'checked="checked"'; } ?> value="0" /> <?php echo $_LANG['NO']; ?> </label> </div> </div> </div> <div> <?php if ($do == 'edit') { ?> <input type="hidden" name="do" value="update" /> <input type="submit" class="btn btn-primary" name="add_mod" value="<?php echo $_LANG['SAVE']; ?>" /> <?php } else { ?> <input type="hidden" name="do" value="submit" /> <input type="submit" class="btn btn-primary" name="add_mod" value="<?php echo $_LANG['AD_USER_ADD']; ?>" /> <?php } ?> <input type="button" class="btn btn-default" name="back2" value="<?php echo $_LANG['CANCEL']; ?>" onclick="window.history.back();" /> <?php if ($do == 'edit') { echo '<input type="hidden" name="id" value="'. $mod['id'] .'" />'; } ?> </div> </form> <?php } }