Пример #1
0
 /**
  * บันทึก
  */
 public function save(Request $request)
 {
     // referer, session
     if ($request->initSession() && $request->isReferer()) {
         $ret = array();
         // ค่าที่ส่งมา
         $email = $request->post('forgot_email')->url();
         if ($email === '') {
             $ret['ret_forgot_email'] = Language::get('Please fill out this form');
         } else {
             $search = $this->db()->createQuery()->from('user')->where(array(array('email', $email), array('fb', '0')))->toArray()->first('id', 'email');
             if ($search === false) {
                 $ret['ret_forgot_email'] = Language::get('not a registered user');
             }
         }
         if (empty($ret)) {
             // รหัสผ่านใหม่
             $password = Text::rndname(6);
             // ข้อมูลอีเมล์
             $replace = array('/%PASSWORD%/' => $password, '/%EMAIL%/' => $search['email']);
             // send mail
             $err = Email::send(3, 'member', $replace, $search['email']);
             if (empty($err)) {
                 // อัปเดทรหัสผ่านใหม่
                 $save = array('password' => md5($password . $search['email']));
                 $this->db()->createQuery()->update('user')->set($save)->where($search['id'])->execute();
                 // คืนค่า
                 $ret['alert'] = Language::get('Your message was sent successfully');
                 $ret['ret_forgot_email'] = '';
                 $location = $request->post('modal')->url();
                 $ret['location'] = $location === 'true' ? 'close' : $location;
             } else {
                 $ret['ret_forgot_email'] = $err;
             }
         } else {
             $ret['input'] = 'forgot_email';
         }
         // คืนค่าเป็น JSON
         echo json_encode($ret);
     }
 }
Пример #2
0
 /**
  * รับค่าจาก action
  */
 public function action(Request $request)
 {
     if ($request->initSession() && $request->isReferer() && ($login = Login::isAdmin())) {
         if ($login['email'] == 'demo' || !empty($login['fb'])) {
             echo Language::get('Unable to complete the transaction');
         } else {
             // รับค่าจากการ POST
             $action = $request->post('action')->toString();
             // id ที่ส่งมา
             if (preg_match_all('/,?([0-9]+),?/', $request->post('id')->toString(), $match)) {
                 // Model
                 $model = new \Kotchasan\Model();
                 // ตาราง user
                 $user_table = $model->getFullTableName('user');
                 if ($action === 'delete') {
                     // ลบไอคอนสมาชิก
                     $query = $model->db()->createQuery()->select('icon')->from('user')->where(array(array('id', $match[1]), array('id', '!=', 1), array('icon', '!=', '')));
                     foreach ($query->toArray()->execute() as $item) {
                         @unlink(ROOT_PATH . self::$cfg->usericon_folder . $item['icon']);
                     }
                     // ลบสมาชิก
                     $model->db()->delete($user_table, array(array('id', $match[1]), array('id', '!=', 1)), 0);
                 } elseif ($action === 'accept') {
                     // ยอมรับสมาชิกที่เลือก
                     $model->db()->update($user_table, array(array('id', $match[1]), array('fb', '0')), array('activatecode' => ''));
                 } elseif ($action === 'ban' || $action === 'unban') {
                     // ระงับ/ยกเลิก การใช้งานสมาชิก
                     $model->db()->update($user_table, array(array('id', $match[1]), array('id', '!=', 1)), array('ban' => $action == 'ban' ? 1 : 0));
                 } elseif ($action === 'activate' || $action === 'sendpassword') {
                     // ส่งอีเมล์ยืนยันสมาชิก
                     $query = $model->db()->createQuery()->select('id', 'email', 'activatecode')->from('user')->where(array(array('id', $match[1]), array('id', '!=', 1), array('fb', '0')));
                     $msgs = array();
                     foreach ($query->toArray()->execute() as $item) {
                         // รหัสผ่านใหม่
                         $password = Text::rndname(6);
                         // ข้อมูลอีเมล์
                         $replace = array('/%PASSWORD%/' => $password, '/%EMAIL%/' => $item['email']);
                         $save = array('password' => md5($password . $item['email']));
                         if ($action === 'activate' || !empty($item['activatecode'])) {
                             // activate หรือ ยังไม่ได้ activate
                             $save['activatecode'] = empty($item['activatecode']) ? Text::rndname(32) : $item['activatecode'];
                             $replace['/%ID%/'] = $save['activatecode'];
                             // send mail
                             $err = Email::send(1, 'member', $replace, $item['email']);
                         } else {
                             // send mail
                             $err = Email::send(3, 'member', $replace, $item['email']);
                         }
                         $msgs = array();
                         if (empty($err)) {
                             // อัปเดทรหัสผ่านใหม่
                             $model->db()->update($user_table, $item['id'], $save);
                         } else {
                             $msgs[] = $err;
                         }
                         if (empty($msgs)) {
                             // ส่งอีเมล์ สำเร็จ
                             echo Language::get('Your message was sent successfully');
                         } else {
                             // มีข้อผิดพลาด
                             echo implode("\n", $msgs);
                         }
                     }
                 } elseif ($request->post('module')->toString() === 'status') {
                     // เปลี่ยนสถานะสมาชิก
                     $model->db()->update($user_table, array(array('id', $match[1]), array('id', '!=', 1), array('fb', '0')), array('status' => (int) $action));
                 }
             }
         }
     }
 }
Пример #3
0
 /**
  * ฟังก์ชั่นส่งอีเมล์ลืมรหัสผ่าน
  */
 public function forgot(Request $request)
 {
     // ค่าที่ส่งมา
     $email = $request->post('login_username')->url();
     if (empty($email)) {
         if ($request->post('action')->toString() === 'forgot') {
             self::$login_message = Language::get('Please fill out this form');
         }
     } else {
         self::$text_username = $email;
         // ค้นหาอีเมล์หรือโทรศัพท์
         $model = new Model();
         $user_table = $model->getFullTableName('user');
         $search = $model->db()->first($user_table, array(array('email', $email), array('fb', '0')));
         if ($search === false) {
             self::$login_message = Language::get('not a registered user');
         } else {
             // รหัสผ่านใหม่
             $password = Text::rndname(6);
             // ข้อมูลอีเมล์
             $replace = array('/%PASSWORD%/' => $password, '/%EMAIL%/' => $search->email);
             // send mail
             $err = Email::send(3, 'member', $replace, $search->email);
             if (empty($err)) {
                 // อัปเดทรหัสผ่านใหม่
                 $model->db()->update($user_table, (int) $search->id, array('password' => md5($password . $search->email)));
                 // คืนค่า
                 self::$login_message = Language::get('Your message was sent successfully');
                 self::$request = $request->withParsedBody(array('action' => 'login'));
             } else {
                 self::$login_message = $err;
             }
         }
     }
 }
Пример #4
0
 /**
  * บันทึก
  */
 public function save(Request $request)
 {
     $ret = array();
     // referer, session
     if ($request->initSession() && $request->isReferer()) {
         $antispam = new Antispam($request->post('register_antispamid')->toString());
         if (!$antispam->valid($request->post('register_antispam')->toString())) {
             // Antispam ไม่ถูกต้อง
             $ret['ret_register_antispam'] = 'this';
             $ret['input'] = 'register_antispam';
         } else {
             // รับค่าจากการ POST
             $save = array();
             foreach ($request->getParsedBody() as $key => $value) {
                 $k = str_replace('register_', '', $key);
                 switch ($k) {
                     case 'email':
                         $save['email'] = $request->post($key)->username();
                         break;
                     case 'phone1':
                     case 'idcard':
                         $save[$k] = $request->post($key)->number();
                         break;
                     case 'invite':
                         $save[$k] = $request->post($key)->toInt();
                         break;
                     case 'password':
                     case 'repassword':
                     case 'accept':
                     case 'next':
                         ${$k} = $request->post($key)->toString();
                         break;
                 }
             }
             if ($accept === '1') {
                 // ชื่อตาราง user
                 $user_table = $this->getFullTableName('user');
                 // database connection
                 $db = $this->db();
                 // ตรวจสอบค่าที่ส่งมา
                 $input = false;
                 // อีเมล์
                 if (empty($save['email'])) {
                     $ret['ret_register_email'] = 'this';
                     $input = !$input ? 'register_email' : $input;
                 } elseif (!Validator::email($save['email'])) {
                     $ret['ret_register_email'] = str_replace(':name', Language::get('Email'), Language::get('Invalid :name'));
                     $input = !$input ? 'register_email' : $input;
                 } else {
                     // ตรวจสอบอีเมล์ซ้ำ
                     $search = $db->first($user_table, array('email', $save['email']));
                     if ($search !== false) {
                         $ret['ret_register_email'] = str_replace(':name', Language::get('Email'), Language::get('This :name is already registered'));
                         $input = !$input ? 'register_email' : $input;
                     } else {
                         $ret['ret_register_email'] = '';
                     }
                 }
                 // password
                 if (mb_strlen($password) < 4) {
                     // รหัสผ่านต้องไม่น้อยกว่า 4 ตัวอักษร
                     $ret['ret_register_password'] = '******';
                     $input = !$input ? 'register_password' : $input;
                 } elseif ($repassword != $password) {
                     // ถ้าต้องการเปลี่ยนรหัสผ่าน กรุณากรอกรหัสผ่านสองช่องให้ตรงกัน
                     $ret['ret_register_repassword'] = '******';
                     $input = !$input ? 'register_repassword' : $input;
                 } else {
                     $save['password'] = md5($password . $save['email']);
                     $ret['ret_register_password'] = '';
                     $ret['ret_register_repassword'] = '';
                 }
                 // phone1
                 if (!empty($save['phone1'])) {
                     if (!preg_match('/[0-9]{9,10}/', $save['phone1'])) {
                         $ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('Invalid :name'));
                         $input = !$input ? 'register_phone1' : $input;
                     } else {
                         // ตรวจสอบโทรศัพท์
                         $search = $db->first($user_table, array('phone1', $save['phone1']));
                         if ($search !== false) {
                             $ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('This :name is already registered'));
                             $input = !$input ? 'register_phone1' : $input;
                         } else {
                             $ret['ret_register_phone1'] = '';
                         }
                     }
                 } elseif (self::$cfg->member_phone == 2) {
                     $ret['ret_register_phone1'] = 'this';
                     $input = !$input ? 'register_phone1' : $input;
                 }
                 // idcard
                 if (!empty($save['idcard'])) {
                     if (!Validator::idCard($save['idcard'])) {
                         $ret['ret_register_idcard'] = str_replace(':name', Language::get('Identification number'), Language::get('Invalid :name'));
                         $input = !$input ? 'register_idcard' : $input;
                     } else {
                         // ตรวจสอบ idcard ซ้ำ
                         $search = $db->first($user_table, array('idcard', $save['idcard']));
                         if ($search !== false) {
                             $ret['ret_register_idcard'] = str_replace(':name', Language::get('Identification number'), Language::get('This :name is already registered'));
                             $input = !$input ? 'register_idcard' : $input;
                         } else {
                             $ret['ret_register_idcard'] = '';
                         }
                     }
                 } elseif (self::$cfg->member_idcard == 2) {
                     $ret['ret_idcard'] = 'this';
                     $input = !$input ? 'idcard' : $input;
                 }
                 // invite
                 if (isset($save['invite'])) {
                     $ret['ret_invite'] = '';
                     if (!empty($save['invite'])) {
                         $search = $db->first($user_table, $save['invite']);
                         if ($search === false) {
                             $ret['ret_register_invite'] = str_replace(':name', Language::get('Invitation code'), Language::get('Invalid :name'));
                             $input = !$input ? 'register_invite' : $input;
                         }
                     }
                 }
                 if (!$input) {
                     $save['create_date'] = time();
                     $save['subscrib'] = 1;
                     $save['status'] = 0;
                     list($displayname, $domain) = explode('@', $save['email']);
                     $save['displayname'] = $displayname;
                     $a = 1;
                     while (true) {
                         if (false === $db->first($user_table, array('displayname', $save['displayname']))) {
                             break;
                         } else {
                             $a++;
                             $save['displayname'] = $displayname . $a;
                         }
                     }
                     // รหัสยืนยัน
                     $save['activatecode'] = empty(self::$cfg->user_activate) ? '' : Text::rndname(32);
                     // บันทึกลงฐานข้อมูล
                     $save['id'] = $db->insert($user_table, $save);
                     // ส่งอีเมล์
                     $replace = array('/%EMAIL%/' => $save['email'], '/%PASSWORD%/' => $password, '/%ID%/' => $save['activatecode']);
                     Email::send(empty(self::$cfg->user_activate) ? 2 : 1, 'member', $replace, $save['email']);
                     if (empty(self::$cfg->user_activate)) {
                         // login
                         $save['password'] = $password;
                         $_SESSION['login'] = $save;
                         // แสดงข้อความตอบรับการสมัครสมาชิก
                         $ret['alert'] = str_replace(':email', $save['email'], Language::get('Registration information sent to :email complete. We will take you to edit your profile'));
                         // ถ้าไม่มีการกำหนดหน้าถัดไปมา ไปแก้ไขข้อมูลส่วนตัว
                         $ret['location'] = isset($next) ? $next : WEB_URL . 'index.php?module=editprofile';
                     } else {
                         // แสดงข้อความตอบรับการสมัครสมาชิก
                         $ret['alert'] = str_replace(':email', $save['email'], Language::get('Register successfully, We have sent complete registration information to :email'));
                         // ถ้าไม่มีการกำหนดหน้าถัดไปมา กลับไปหน้าหลักเว็บไซต์
                         $ret['location'] = isset($next) ? $next : WEB_URL . 'index.php';
                     }
                     // clear antispam
                     $antispam->delete();
                 } else {
                     $ret['input'] = $input;
                 }
             }
         }
     }
     // คืนค่าเป็น JSON
     if (!empty($ret)) {
         echo json_encode($ret);
     }
 }