public function editAction() { $id = (int) $this->registry->router->getArg('id'); $myUser = new \Model\User($id); $redirectUrl = $this->getRedirectUrl(); if ($myUser->id > 0) { //check priviledge priority //Yeu cau de edit: // 1. Hoac la admin if ($this->registry->me->groupid == GROUPID_ADMIN || $this->registry->me->groupid == GROUPID_MODERATOR) { $error = array(); $success = array(); $contents = ''; $formData = array(); $formData['fgroupid'] = $myUser->groupid; $formData['femail'] = $myUser->email; $formData['ffullname'] = $myUser->fullname; $formData['fgender'] = $myUser->gender; $formData['fbirthday'] = $myUser->birthday; $formData['fphone'] = $myUser->phone; $formData['faddress'] = $myUser->address; $formData['fregion'] = $myUser->region; $formData['fcountry'] = $myUser->country; $formData['fwebsite'] = $myUser->website; $formData['fbio'] = $myUser->bio; $formData['foauthpartner'] = $myUser->oauthPartner; $formData['foauthuid'] = $myUser->oauthUid; if ($this->postBag->has('fsubmit')) { if ($this->registry->session->get('userEditToken') == $this->postBag->get('ftoken')) { $formData = array_merge($formData, $this->postBag->all()); if ($this->editActionValidator($formData, $error)) { //kiem tra du lieu nhap $myUser->birthday = Helper::plaintext($formData['fbirthday']); $myUser->phone = Helper::plaintext($formData['fphone']); $myUser->address = Helper::plaintext($formData['faddress']); $myUser->country = Helper::plaintext($formData['fcountry']); $myUser->website = Helper::plaintext($formData['fwebsite']); $myUser->bio = Helper::plaintext($formData['fbio']); $myUser->oauthPartner = (int) $formData['foauthpartner']; $myUser->oauthUid = Helper::plaintext($formData['foauthuid']); if ($this->postBag->get('deleteimage') == '1') { $myUser->deleteImage(); } if ($myUser->updateData(array('fullname' => Helper::plaintext($formData['ffullname']), 'groupid' => (int) $formData['fgroupid'], 'region' => (int) $formData['fregion'], 'gender' => (int) $formData['fgender']))) { $success[] = str_replace('###email###', $myUser->email, $this->registry->lang['controller']['succUpdate']); } else { $error[] = $this->registry->lang['controller']['errUpdate']; } } } } $this->registry->session->set('userEditToken', Helper::getSecurityToken()); //Tao token moi $this->registry->smarty->assign(array('formData' => $formData, 'myUser' => $myUser, 'redirectUrl' => $redirectUrl, 'encoderedirectUrl' => base64_encode($redirectUrl), 'userGroups' => \Model\User::getGroupnameList(), 'error' => $error, 'success' => $success)); $contents .= $this->registry->smarty->fetch($this->registry->smartyController . 'edit.tpl'); $this->registry->smarty->assign(array('menu' => 'userlist', 'pageTitle' => $this->registry->lang['controller']['pageTitle_edit'], 'contents' => $contents)); $contents = $this->registry->smarty->fetch($this->registry->smartyModule . 'index.tpl'); $this->registry->response->setContent($contents); } else { $this->notfound(); } } else { $this->notfound(); } }
public static function getUsers($formData, $sortby = 'id', $sorttype = 'DESC', $limit = '', $countOnly = false, $getUserDetail = true) { $whereString = ''; $joinString = ''; $bindParams = array(); if ($getUserDetail) { $joinString = ' INNER JOIN ' . TABLE_PREFIX . 'ac_user_profile up ON u.u_id = up.u_id '; } if ($formData['fid'] > 0) { $whereString .= ($whereString != '' ? ' AND ' : '') . 'u.u_id = ? '; $bindParams[] = (int) $formData['fid']; } if (strlen($formData['fscreenname']) > 0) { $whereString .= ($whereString != '' ? ' AND ' : '') . 'u.u_screenname = ? '; $bindParams[] = Helper::plaintext($formData['fscreenname']); } if ($formData['fgroupid'] > 0) { $whereString .= ($whereString != '' ? ' AND ' : '') . 'u.u_groupid = ? '; $bindParams[] = (int) $formData['fgroupid']; } if ($formData['fgender'] > 0) { $whereString .= ($whereString != '' ? ' AND ' : '') . 'u.u_gender = ? '; $bindParams[] = (int) $formData['fgender']; } if ($formData['fregion'] > 0) { $whereString .= ($whereString != '' ? ' AND ' : '') . 'u.u_region = ? '; $bindParams[] = (int) $formData['fregion']; } if (isset($formData['fauthoauthpartner'])) { $whereString .= ($whereString != '' ? ' AND ' : '') . 'up.up_oauth_partner = ? '; $bindParams[] = (int) $formData['foauthpartner']; } if (isset($formData['femail'])) { $whereString .= ($whereString != '' ? ' AND ' : '') . 'up.up_email = ? '; $bindParams[] = Helper::plaintext($formData['femail']); } if (isset($formData['foauthUid'])) { $whereString .= ($whereString != '' ? ' AND ' : '') . 'up.up_oauth_uid = ? '; $bindParams[] = $formData['foauthUid']; } if (strlen($formData['fkeywordFilter']) > 0) { $formData['fkeywordFilter'] = Helper::plaintext($formData['fkeywordFilter']); if ($formData['fsearchKeywordIn'] == 'email') { $whereString .= ($whereString != '' ? ' AND ' : '') . 'up.up_email LIKE ? '; $bindParams[] = '%' . $formData['fkeywordFilter'] . '%'; } elseif ($formData['fsearchKeywordIn'] == 'screenname') { $whereString .= ($whereString != '' ? ' AND ' : '') . 'u.u_screenname LIKE ? '; $bindParams[] = '%' . $formData['fkeywordFilter'] . '%'; } elseif ($formData['fsearchKeywordIn'] == 'fullname') { $whereString .= ($whereString != '' ? ' AND ' : '') . 'u.u_fullname LIKE ?'; $bindParams[] = '%' . $formData['fkeywordFilter'] . '%'; } else { $whereString .= ($whereString != '' ? ' AND ' : '') . '( (up.up_email LIKE ?) OR (u.u_screenname LIKE ?) ' . 'OR (u.u_fullname LIKE ?) OR (up.up_oauth_uid LIKE ?) )'; $bindParams[] = '%' . $formData['fkeywordFilter'] . '%'; $bindParams[] = '%' . $formData['fkeywordFilter'] . '%'; $bindParams[] = '%' . $formData['fkeywordFilter'] . '%'; $bindParams[] = '%' . $formData['fkeywordFilter'] . '%'; } } //checking sort by & sort type if ($sorttype != 'DESC' && $sorttype != 'ASC') { $sorttype = 'DESC'; } if ($sortby == 'email') { $orderString = ' up.up_email ' . $sorttype; } elseif ($sortby == 'group') { $orderString = ' u.u_groupid ' . $sorttype; } elseif ($sortby == 'datelastaction') { $orderString = ' u.u_datelastaction ' . $sorttype; } else { $orderString = ' u.u_id ' . $sorttype; } if ($countOnly) { return self::countList($whereString, $joinString, $bindParams); } else { return self::getList($whereString, $joinString, $orderString, $limit, $bindParams); } }