function getUser()
{
include_once "users.php";
$user = new users();
$userid = $_REQUEST['userid'];
$row = $user->getUser($userid);
if ($row) {
echo '{"result":1,';
echo json_encode($row);
echo '}';
}
echo '{"result":0,"message":"User Not Found"}';
}
static function auth($login, $password)
{
$login = functions::check($login);
$password = functions::check($password);
$error = "";
if (!empty($login) && !empty($password)) {
$user = users::getUser(1, $login, $password);
if ($user->id > 0) {
$_SESSION["s_user"] = $user->toArray();
} else {
$error = "Вы ввели не верные логин или пароль";
}
} else {
$error = "Необходимо заполнить все поля";
}
return $error;
}
function get_user()
{
$name = $_REQUEST['name'];
$pwd = $_REQUEST['pwd'];
$obj = new users();
$row = $obj->getUser($name, $pwd);
if (!$row) {
echo '{"res":"error"}';
return;
}
$_SESSION['name'] = $row['username'];
$_SESSION['user_type'] = $row['user_type'];
if ($_SESSION['user_type'] != "Admin") {
echo '{"res":"error"}';
return;
}
// header('location: index.php');
echo '{"res":"success"}';
}
public function run()
{
$tpl = new template();
// Messages
$msg = '';
$id = NULL;
// Compose
if (isset($_POST['send'])) {
if (isset($_POST['username']) && isset($_POST['subject']) && isset($_POST['content'])) {
$values = array('from_id' => $_SESSION['userdata']['id'], 'to_id' => $_POST['username'], 'subject' => $_POST['subject'], 'content' => $_POST['content']);
$this->sendMessage($values);
$tpl->setNotification('MESSAGE_SENT', 'success');
} else {
$tpl->setNotification('MISSING_FIELDS', 'error');
}
}
if (isset($_POST['reply'])) {
if (isset($_POST['message'])) {
$values = array('content' => $_POST['message'], 'to_id' => $_POST['to_id'], 'from_id' => $_SESSION['userdata']['id']);
$this->reply($values, $_POST['parent_id']);
}
}
$myMessages = $this->getMessages($_SESSION['userdata']['id']);
$users = new users();
$user = $users->getUser($_SESSION['userdata']['id']);
if (!isset($_GET['id'])) {
$messages = $this->getMessages($_SESSION['userdata']['id'], 1);
foreach ($messages as $message) {
$id = $message['id'];
}
} else {
$id = $_GET['id'];
$this->markAsRead($id);
}
$tpl->assign('info', $msg);
$tpl->assign('displayId', $id);
$tpl->assign('userEmail', $user['username']);
$tpl->assign('messages', $myMessages);
$tpl->assign('friends', $this->getPeople());
$tpl->display('messages.showAll');
}
/**
*
* @access public
* @param id
*
*/
public function sendAlert($id)
{
$mail = new mailer();
$user = new users();
// send alert email !
$row = $user->getUser($id);
$emailTo = $row['user'];
$to[] = $emailTo;
$subject = "Alert: Hours spent have exceeded planned hours";
$mail->setSubject($subject);
$text = "Hello " . $emailTo . ",\n\t\t\t\t\t\t\t\t\n\t\t\tThis is a friendly reminder that you have surpassed\n\t\t\t\t\t\t\t\t\n\t\t\tthe estimated hours for this project. While we \n\t\t\t\t\t\t\t\t\t\n\t\t\tunderstand it is impossible to meet every deadline\n\t\t\t\t\t\t\t\t\t\n\t\t\twe encourage you to be as diligent as possible with\n\t\t\t\t\t\t\t\t\t\n\t\t\tyour workload.";
$mail->setText($text);
$mail->sendMail($to);
}
/**
* функция получения данных пользователя
*
* @param (string) $strWhere - строка, условие для запроса
*
* @return (array or false)
*/
public function getUser($strWhere)
{
return parent::getUser($strWhere);
}
}
header('Location: ' . $_SERVER['HTTP_REFERER']);
exit;
break;
case 'decline':
if (!hasPermissions('articles') || !$_POST['task']) {
exit;
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/articles.php';
$id = __paramInit('int', null, 'id');
if (articles::setDecline($id, $uid)) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/users.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/messages.php';
$article = articles::getArticle($id);
$adm = new users();
$adm->getUser('admin');
$text = "Здравствуйте, {$article['uname']}. \r\n\r\n";
$text .= "Ваша статья «{$article['title']}» поступила на модерацию в раздел «Статьи и интервью» сайта Free-lance.ru. ";
$text .= "К сожалению, ее формат не подходит для публикации в этом разделе. \r\n\r\n";
$text .= "Вы можете опубликовать свою работу в блогах для ознакомления или в своем портфолио по инструкции http://feedback.free-lance.ru/article/details/id/204 . \r\n";
$text .= "Команда Free-lance.ru благодарит вас за участие в жизни нашего портала. \r\n\r\n";
$text .= "С уважением, \r\n";
$text .= 'Алена, редактор Free-lance.ru';
messages::Add($adm->uid, $article['login'], addslashes($text));
$q = array();
parse_str(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY), $q);
if (isset($q['id'])) {
unset($q['id']);
}
if ($q['p']) {
$count = $q['page'] == 'unpublished' ? articles::ArticlesCount(false) : articles::ArticlesCount();
/**
* Проверяем пользователя верифицирован ли он через Тинькова, если да возвращаем true
*
* @param boolean $exact Проверять заного. либо взять из сессии пользователя
* @param integer $uid Проверять значение для пользователя c uid = $uid а не для текущего
* @return type
*/
function is_verify($login = false)
{
static $verify;
if (!$login) {
return $_SESSION['is_verify'] == 't';
}
if (empty($verify[$login])) {
require_once ABS_PATH . "/classes/users.php";
$user = new users();
$user->getUser($login == false ? $_SESSION['login'] : $login);
$verify[$login] = $user->is_verify == 't';
return $verify[$login];
} else {
return $verify[$login];
}
}
<?php require_once 'src/common/verifSession.php'; require_once '_config/config.php'; require_once '_config/configDB.php'; require_once 'src/classes/users.php'; $idSession = $_SESSION['id']; $users = new users(); $userConnect = $users->getUser($idSession); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-15" /> <?php include "src/common/title.php"; include "src/common/src-css.php"; include "src/common/src-js.php"; ?> <script type="text/javascript" src="js/abonnement.js"></script> </head> <body> <div id="wrap"> <div id="top"> <?php include "src/common/top.php"; ?> </div> <div id="header"> <?php include "src/common/header.php";
function disable($val)
{
$xml = new xml($this->e);
$nocache_xml = new xml($xml->documentURI(), $xml->de()->tagName, false);
$users = new users($nocache_xml, $this->e->tagName);
if ($usr = $users->getUser($this->getLogin())) {
$val = $val ? 'disabled' : null;
$usr->setDisabled($val);
$nocache_xml->save();
$this->setDisabled($val);
}
}
<div id="main">
<div class="col">
<h2>Mon Compte</h2>
<?php
$users = new users();
if (isset($_POST['submit'])) {
$prenom = ucfirst(strtolower($_POST['prenom']));
$nom = strtoupper($_POST['nom']);
$mail = strtolower($_POST['mail']);
$login = strtolower($_POST['login']);
$password = $_POST['password'];
$users->updateUser($idSession, $nom, $prenom, $mail, $login, $password);
echo "Compte modifié<br>";
}
$user = $users->getUser($idSession);
?>
<form method="post">
<table>
<tr><td colspan="2">Nouveau utilisateur</td></tr>
<tr>
<td>Mail : </td>
<td><input type="text" name="mail" value="<?php
echo $user->getMail();
?>
"/></td>
</tr>
<tr>
<td>Prénom : </td>
<td><input type="text" name="prenom" value="<?php
echo $user->getPrenom();
/**
* run - display template and edit data
*
* @access public
*
*/
public function run()
{
$tpl = new template();
$msgKey = '';
if (isset($_GET['id']) === true) {
$id = (int) $_GET['id'];
$ticket = $this->getTicket($id);
$editable = true;
if (!empty($ticket)) {
$helper = new helper();
$file = new files();
$user = new users();
$comment = new comments();
// Has the user seen this ticket already
$read = new read();
if (!$read->isRead('ticket', $id, $_SESSION['userdata']['id'])) {
$read->markAsRead('ticket', $id, $_SESSION['userdata']['id']);
}
//TODO New access right management...This is dumb
if ($ticket['userId'] == $_SESSION['userdata']['id'] || $ticket['editorId'] == $_SESSION['userdata']['id'] || $ticket['editorId'] == '') {
$editable = true;
}
//Punch times
if (isset($_POST['punchIn']) && $this->isClocked($_SESSION['userdata']['id']) != true) {
$this->punchIn($ticket['id']);
} else {
if (isset($_POST['punchOut']) && $this->isClocked($_SESSION['userdata']['id']) == true) {
$this->punchOut($ticket['id']);
}
}
//Upload File
if (isset($_POST['upload'])) {
if (isset($_FILES['file'])) {
if ($file->upload($_FILES, 'ticket', $id) !== false) {
$tpl->setNotification('FILE_UPLOADED', 'success');
} else {
$tpl->setNotification('ERROR_WHILE_UPLOADING', 'error');
}
} else {
$tpl->setNotification('NO_FILE', 'error');
}
}
//Add comment
if (isset($_POST['comment']) === true) {
$mail = new mailer();
$values = array('text' => $_POST['text'], 'date' => date("Y-m-d H:i:s"), 'userId' => $_SESSION['userdata']['id'], 'moduleId' => $id, 'commentParent' => $_POST['father']);
$comment->addComment($values, 'ticket');
$tpl->setNotification('COMMENT_ADDED', 'success');
}
//Only admins
if ($_SESSION['userdata']['role'] == 'admin') {
$editable = true;
//Delete file
if (isset($_GET['delFile']) === true) {
$file = $_GET['delFile'];
$upload = new fileupload();
$upload->initFile($file);
//Delete file from server
$upload->deleteFile($file);
//Delete file from db
$this->deleteFile($file);
$msgKey = 'FILE_DELETED';
}
//Delete comment
if (isset($_GET['delComment']) === true) {
$commentId = (int) $_GET['delComment'];
$comment->deleteComment($commentId);
$msgKey = 'COMMENT_DELETED';
}
}
$allHours = 0;
$values = array('userId' => $_SESSION['userdata']['id'], 'ticket' => $id, 'date' => '', 'kind' => '', 'hours' => '', 'description' => '', 'invoicedEmpl' => '', 'invoicedComp' => '', 'invoicedEmplDate' => '', 'invoicedCompDate' => '');
$timesheets = new timesheets();
$ticketHours = $timesheets->getTicketHours($id);
$tpl->assign('ticketHours', $ticketHours);
$tpl->assign('userHours', $timesheets->getUsersTicketHours($id, $_SESSION['userdata']['id']));
$userinfo = $user->getUser($values['userId']);
$tpl->assign('kind', $timesheets->kind);
$tpl->assign('userInfo', $userinfo);
if (isset($_POST['saveTimes']) === true) {
if (isset($_POST['kind']) && $_POST['kind'] != '') {
$values['kind'] = $_POST['kind'];
}
if (isset($_POST['date']) && $_POST['date'] != '') {
$date = $helper->date2timestamp($_POST['date']);
//die($date);
//$values['date'] = ($helper->timestamp2date($date, 4));
$values['date'] = $date;
}
$values['rate'] = $userinfo['wage'];
if (isset($_POST['hours']) && $_POST['hours'] != '') {
$values['hours'] = $_POST['hours'];
}
if (isset($_POST['description']) && $_POST['description'] != '') {
$values['description'] = $_POST['description'];
}
if ($values['kind'] != '') {
if ($values['date'] != '') {
if ($values['hours'] != '' && $values['hours'] > 0) {
$timesheets->addTime($values);
$tpl->setNotification('TIME_SAVED', 'success');
} else {
$tpl->setNotification('NO_HOURS', 'success');
}
} else {
$tpl->setNotification('NO_DATE', 'error');
}
} else {
$tpl->setNotification('NO_KIND', 'success');
}
$tpl->assign('userId', $values['userId']);
}
$timesheets = new timesheets();
$language = new language();
$language->setModule('tickets');
$lang = $language->readIni();
$data = array();
$data2 = array();
$months = array();
$results = $timesheets->getTicketHours($id);
$allHours = 0;
foreach ($results as $row) {
if ($row['summe']) {
$allHours += $row['summe'];
}
}
$tpl->assign('timesheetsAllHours', $allHours);
$remainingHours = $ticket['planHours'] - $allHours;
$comments = $comment->getComments('ticket', $ticket['id']);
$files = $file->getFilesByModule('ticket', $id);
$unreadCount = count($this->getUnreadTickets($_SESSION['userdata']['id']));
$tpl->assign('unreadCount', $unreadCount);
$tpl->assign('imgExtensions', array('jpg', 'jpeg', 'png', 'gif', 'psd', 'bmp', 'tif', 'thm', 'yuv'));
$tpl->assign('ticketHistory', $this->getTicketHistory((int) $_GET['id']));
$tpl->assign('remainingHours', $remainingHours);
$tpl->assign('ticketPrice', $this->getTicketCost($_GET['id']));
$tpl->assign('info', $msgKey);
$tpl->assign('role', $_SESSION['userdata']['role']);
$tpl->assign('ticket', $ticket);
$tpl->assign('objTicket', $this);
$tpl->assign('state', $this->state);
$tpl->assign('statePlain', $this->statePlain);
$tpl->assign('numComments', $comment->countComments('ticket', $ticket['id']));
$tpl->assign('comments', $comments);
$tpl->assign('editable', $editable);
$tpl->assign('files', $files);
$tpl->assign('numFiles', count($files));
$tpl->assign('helper', $helper);
$tpl->display('tickets.showTicket');
} else {
$tpl->display('general.error');
}
} else {
$tpl->display('general.error');
}
}
function run()
{
global $_out;
if (ap::isCurrentModule($this)) {
ap::addMessage($this->getMessage());
$action = param('action');
$users = new users();
$form = $this->getForm($action);
$row = $this->getRow();
switch ($action) {
case 'active':
if ($row && $users->userExists($row)) {
$usr = $users->getUser($row);
$usr->disable(param('active') == 'on');
if (param('ajax')) {
ap::ajaxResponse($usr->getDisabled() ? 'off' : 'on');
} else {
$this->redirect('active_ok');
}
}
break;
case 'move':
if ($row && $users->userExists($row) && ($pos = param('pos')) > 0) {
$users->moveUser($users->getUser($row), $pos);
$this->redirect('move_ok');
} else {
$this->redirect('move_fail');
}
break;
case 'delete':
if ($row && $users->userExists($row)) {
$users->removeUser(param('row'));
$this->redirect('delete_ok');
} else {
$this->redirect('delete_fail');
}
break;
case 'update':
case 'apply_update':
if ($row && $users->userExists($row)) {
$pos = $users->getPos($users->getUser($row)) + 1;
$form->replaceURI(array('POSITION' => $pos));
$form->save($_REQUEST);
$this->redirect('update_ok');
} else {
$this->redirect('update_fail');
}
break;
case 'add':
case 'apply_add':
if ($row && !$users->userExists($row)) {
$form->save($_REQUEST);
$this->redirect('add_ok');
} else {
$this->redirect('add_fail');
}
break;
case 'edit':
$pos = $users->getPos($users->getUser($row)) + 1;
$form->replaceURI(array('POSITION' => $pos));
$form->load();
case 'new':
$_out->elementIncludeTo($form->getRootElement(), '/page/section');
break;
default:
if ($rl = $this->getList($users)) {
$_out->elementIncludeTo($rl->getRootElement(), '/page/section');
}
}
}
}
function onPageReady($param = null)
{
global $_out, $_struct, $_sec;
//Страница авторизации
$users = new users();
if (!$users->getUser()) {
$_out->de()->setAttribute('url', $_SERVER['REQUEST_URI']);
$_tpl = new template($_struct->getTemplatePath() . 'auth.xsl');
echo $_tpl->transform($_out);
die;
}
//Автоматическое подключение шаблонов
if ($_out->evaluate('count(/page/section//form)')) {
$_sec->getTemplate()->addTemplate('form.xsl');
}
if ($_out->evaluate('count(/page/section//rowlist)')) {
$_sec->getTemplate()->addTemplate('rowlist.xsl');
}
}