template_vars['404_error']; die ( $sError ); } @header('Status: 500 Server Error'); if (function_exists('debug_backtrace')){ $db = debug_backtrace(); $db_text = ''; for ($i=sizeof($db); $i>0; $i--) $db_text .= ' on line '.( (isset($db[$i-1]['line']))?($db[$i-1]['line']):('?') ).' of file '.( (isset($db[$i-1]['file']))?($db[$i-1]['file']):('?') ).''.BR; } else $db_text = ' - debug backtrace is not available'; if (func_num_args() > 0){ $text = htmlspecialchars(strval(func_get_arg(0))); if (func_num_args()> 1) $text = '' . htmlspecialchars(strval(func_get_arg(1))) . ': '.$text; } else $text = 'Unnamed system error'; echo '

System error: '.$text.BR.BR.$db_text.'

'; $GLOBALS['GlobalDebugInfo']->OutPut(); die(); } function regexp_escape($str) { return preg_quote($str, '/'); } /* function get_url([page_url[, acc_arr[, keep_old_arg[, https[, always_add]]]]]) string page_url - url of the page in form /root path/sub_path/name.ext or NULL to the current page array acc_ar - map of GET method attributes bool keep_old_arg - set to keep old GET attributes bool https - create url with https protocol bool always_add - always create full path info */ function get_url($page_url=null, $acc_arr = array(), $keep_old_arg = true, $https = false, $always_add = false){ global $SiteUrl, $HTTPSSiteUrl; global $HttpName, $HttpPort, $SHttpName, $SHttpPort; global $RootPath, $ssl_root; if (is_null($page_url)) $page_url = $_SERVER['PHP_SELF']; if (preg_match('/^http/', $page_url)) return $page_url; if (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on')) $page_url = preg_replace('/^'.regexp_escape($ssl_root).'/', '', $page_url); else $page_url = preg_replace('/^'.regexp_escape($RootPath).'/', '', $page_url); $page_url = preg_replace('/^'.regexp_escape('/').'/', '', $page_url); $url = ''; if ($https) $url .= $SHttpName . ':' . '//' . $HTTPSSiteUrl . ':' . $SHttpPort; elseif (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on') || $always_add) $url .= $HttpName . ':' . '//' . $SiteUrl . ':' . $HttpPort; if ($https) $url .= $ssl_root; else $url .= $RootPath; $url .= $page_url; if (!is_array($acc_arr)) system_die(); if ($keep_old_arg) $acc_arr = array_merge($_GET, $acc_arr); if (sizeof($acc_arr)> 0){ $c = '?'; foreach ($acc_arr as $key => $val){ $url .= $c . $key . '=' . urlencode($val); $c = '&'; } } return $url; } function in_post($name){for ($i=0; $i>6)+192).chr(($num&63)+128); if ($num<65536) return chr(($num>>12)+224).chr((($num>>6)&63)+128).chr(($num&63)+128); if ($num<2097152) return chr(($num>>18)+240).chr((($num>>12)&63)+128).chr((($num>>6)&63)+128).chr(($num&63)+128); return ''; } function utf16parse($t) { $t = preg_replace('/\&\#([0-9]+)\;/me', "((\\1>255)?(utf8_decode(code2utf(\\1))):('&#\\1;'))", $t); return $t; } require_once(((get_magic_quotes_gpc())?(dirName(__FILE__).'/_in.quote.php'):('_in.php'))); function SetCacheVar($VarName, $Value, $CachId = 'common') { if (!strlen($CachId)){ return; } if (is_array($Value)) $_SESSION['cache'][$CachId] = array_merge($_SESSION['cache'][$CachId], $Value); else $_SESSION['cache'][$CachId][$VarName] = $Value; } // set variables in template_vars ($tv) to values from array or CRecordSet(current row) or CRecordSetRow function row_to_vars(&$row, &$tv, $create_array = false, $prefix=''){ if ($create_array) $tv = array(); if (is_array($row)) foreach ($row as $k => $v) $tv[$prefix.$k] = $v; if (strcasecmp(get_class($row), 'CRecordSet')==0) foreach ($row->Fields as $v) $tv[$prefix.$v] = $row->get_field($v); if (strcasecmp(get_class($row), 'CRecordSetRow')==0) foreach ($row->Fields as $k => $v) $tv[$prefix.$k] = $v; } // set variables in template_vars ($tv) to values from CRecordSet function recordset_to_vars(&$rs, &$tv, $counter_varname, $prefix='', $ovewrite_tv = true){ if ($rs === false) {$tv[$counter_varname] = 0;return false;} if ( ($ovewrite_tv) || (!isset($tv[$counter_varname])) ) $tv[$counter_varname] = 0; $tv[$counter_varname] += $rs->get_record_count(); $rs->first(); foreach ($rs->Fields as $v) if ( ($ovewrite_tv) || ((isset($tv[$prefix.$v])) && (!is_array($tv[$prefix.$v]))) ) $tv[$prefix.$v] = array(); while (!$rs->eof()) { foreach ($rs->Fields as $v) $tv[$prefix.$v][] = $rs->get_field($v); $rs->next(); } } function recordset_to_vars_callback(&$rs, &$tv, $counter_varname, $cb = '', $prefix='', $data=null, $ovewrite_tv = true){ if ( $rs === false ) {$tv[$counter_varname]=0;return false;} if ( ($ovewrite_tv) || (!isset($tv[$counter_varname])) ) $tv[$counter_varname] = 0; $tv[$counter_varname] += $rs->get_record_count(); $rs->first(); foreach ($rs->Fields as $v) {if ($ovewrite_tv || !isset($tv[$prefix.$v])) $tv[$prefix.$v] = array();} while (!$rs->eof()) { foreach ($rs->Fields as $v) $tv[$prefix.$v][] = $rs->get_field($v); call_user_func($cb, $tv, $rs->get_row(), $prefix, $rs->current_row, $data); $rs->next(); } } function arr_val($arr, $key_val, $def_val = '') { if (is_array($arr) && isset($arr[$key_val])) return $arr[$key_val]; else return $def_val; } // should be used instead of print_r function print_arr() { $arg_list = func_get_args();echo '
';
foreach ($arg_list as $v) {
print_r($v); echo "\n";}
echo '
';} // more convinient output function echox ($text = ''){echo $text.BR."\n";} function is_index(){ for ($i=0; $i0);} function save_file_to_folder($post_var_name, $folder) { $p = $GLOBALS['FilePath']; if ( (substr($folder, -1) != '/') && (substr($folder, -1) != '\\') ) $folder .= '/'; $folder = str_replace('\\', '/', $folder); $a = explode('/', $folder); if (!is_dir($p)) { @mkdir($p, 0777); @chmod($p, 0777); } foreach ($a as $v) if (strlen($v)) { $p .= ($v .'/'); if (!@is_dir($p)) { @mkdir($p, 0777); @chmod($p, 0777); } } $folder = $GLOBALS['FilePath'] . $folder; if (@file_exists($folder . $_FILES[$post_var_name]['name'])) { @chmod($folder . $_FILES[$post_var_name]['name'], 0777); @unlink($folder . $_FILES[$post_var_name]['name']); } if (@move_uploaded_file($_FILES[$post_var_name]['tmp_name'], $folder . $_FILES[$post_var_name]['name'])) return $_FILES[$post_var_name]['name']; else return false; } function compare($str1, $str2){ if ( strcasecmp($str1, $str2)===0) return true; else return false; } if ( !function_exists( 'mime_content_type' ) ) { function mime_content_type( $sFileName ) { $aMimeTypes = array ( 'js' => 'application/x-javascript', 'pdf' => 'application/pdf', 'rtf' => 'application/rtf', 'tar' => 'application/x-tar', 'zip' => 'application/zip', 'wav' => 'application/x-wav', 'src' => 'application/x-wais-source', 'bin' => 'application/octet-stream', 'rdf' => 'application/rdf+xml', 'mif' => 'application/vnd.mif', 'xls' => 'application/vnd.ms-excel', 'doc' => 'application/vnd.ms-word', 'ppt' => 'application/vnd.ms-powerpoint', 'vcd' => 'application/x-cdlink', 'csh' => 'application/x-csh', 'dvi' => 'application/x-dvi', 'swf' => 'application/x-shockwave-flash', 'xslt' => 'application/xslt+xml', 'xml' => 'application/xml', 'xsl' => 'application/xml', 'dtd' => 'application/xml-dtd', 'rm' => 'application/vnd.rn-realmedia', 'bmp' => 'image/bmp', 'cgm' => 'image/cgm', 'png' => 'image/png', 'wbmp' => 'image/vnd.wap.wbmp', 'ico' => 'image/x-icon', 'ief' => 'image/ief', 'jpeg' => 'image/jpeg', 'jpg' => 'image/jpeg', 'jpe' => 'image/jpeg', 'gif' => 'image/gif', 'tif' => 'image/tiff', 'tiff' => 'image/tiff', 'pbm' => 'image/x-portable-bitmap', 'pgm' => 'image/x-portable-graymap', 'ppm' => 'image/x-portable-pixmap', 'rgb' => 'image/x-rgb', 'xbm' => 'image/x-xbitmap', 'xpm' => 'imaqe/x-xpixrnap', 'xwd' => 'image/x-xwindowdump', 'midi' => 'audio/midi', 'mid' => 'audio/midi', 'kar' => 'audio/midi', 'mp3' => 'audio/mpeg', 'mp2' => 'audio/mpeg', 'mpga' => 'audio/mpeg', 'm3u' => 'audio/x-mpegurl', 'aif' => 'audio/x-aiff', 'aiff' => 'audio/x-aiff', 'aifc' => 'audio/x-aiff', 'ram' => 'audio/x-pn-realaudio', 'rm' => 'audio/x-pn-realaudio', 'css' => 'text/css', 'asc' => 'text/plain', 'htm' => 'text/html', 'html' => 'text/html', 'txt' => 'text/plain', 'rtx' => 'text/richtext', 'tsv' => 'text/tab-separated-values', 'ext' => 'text/x-setext', 'avi' => 'video/x-msvideo', 'mpg' => 'video/mpeg', 'mpeg' => 'video/mpeg', 'mpe' => 'video/mpeg', 'qt' => 'video/quicktime', 'mov' => 'video/quicktime', 'qvi' => 'video/x-msvideo', 'movie' => 'video/x-sgi-movie', ); $aPath = pathInfo( $sFileName ); $sExt = strToLower( $aPath['extension'] ); return isset( $aMimeTypes[$sExt] ) ? $aMimeTypes[$sExt] : 'application/octet-stream'; } } ?>Application = &$GLOBALS['app']; $GLOBALS['pt_template_factory']->register(strtolower($name), (!is_null($object_id))?strtolower($object_id):null, $this); $this->object_name = $name; $this->object_id = $object_id; $this->input_vars = array(); $this->html_page = &$this->Application->CurrentPage; $this->html_page->m_Controls[] = &$this; } function parse_vars($vars_str) { $this->input_vars = array(); $matches = array(); preg_match_all(PT_CONTROL_VARS, $vars_str, $matches); foreach($matches[1] as $key => $val) if (!isset($this->input_vars[strtolower($val)])) $this->input_vars[strtolower($val)] = CUtils::entitiesToString($matches[2][$key]); else if (is_array($this->input_vars[strtolower($val)])) $this->input_vars[strtolower($val)][] = CUtils::entitiesToString($matches[2][$key]); else { $a = array($this->input_vars[strtolower($val)]); $this->input_vars[strtolower($val)] = $a; $this->input_vars[strtolower($val)][] = CUtils::entitiesToString($matches[2][$key]); } } function in_input_vars($name) { return array_key_exists($name, $this->input_vars); } function get_input_var($name, $default = '') { $name = strtolower($name); return ( (isset($this->input_vars[$name]))?($this->input_vars[$name]):($default) ); } function add_comments(&$var) { return "\n\n\n" . $var . "\n\n\n\n"; } function mark_var($var_name) { $result = $this->object_name . '_'; if (!is_null($this->object_id)) $result .= $this->object_id . '_'; return $result . $var_name; } function on_page_init() {} function process() { system_die('pure virtual function call in ' . $this->control_name); } function input_vars_to_array(&$tv) { foreach ($this->input_vars as $k => $v) $tv[$k] = $v; } } /* -------------------------------------------------------------------------------- Class CTemplate v 1.9.15 History: v 1.9.15 - js escaping fixed (LA) v 1.9.14 - bug with for-process counters output fixed (ANDY) v 1.9.13 - on_page_init for controls added (LA) v 1.9.12 - < %^var% > now works as ' js escaping (LA, PERSON) v 1.9.11 - huge ugly bug fixed (LA, ANDY) v 1.9.10 - support for url encoding (LA) < %+var% > v 1.9.9 - for-process counters output added - use "< %$% >" (ANDY) v 1.9.8 - array parsing optimized (ANDY) array symbol replaced with "@" (ANDY) v 1.9.7 - parse array, variable name like "array.key" (PERSON) v 1.9.6 - error message contains filename of the template now (ANDY) small bug in errors output fixed (ANDY) v 1.9.5 - name of controls now are in lower case (LA) v 1.9.4 - parse_string static method added (LA) v 1.9.3 - invalid nesting shows notice now (ANDY) v 1.9.2 - ternary conditional tags support added (ANDY) v 1.9.1 - ":" symbol in variable names not allowed any more. use '.' or '_' instead v 1.9.0 - multiple controls parsing in line with variables (ANDY) "@" sign in comments replaced with "*" (ANDY) show_notice metod changed (ANDY) v 1.8.6 - control can be anywhere in line (LA) v 1.8.5 - negation processing in IF statements (ANDY) v 1.8.4 - CObject as parent added, DebugInfo support (LA) v 1.0.0 - 1.8.3 losted in time ;) v 1.0.0 - created (ANDY) ------------------------------------------------------------------------------- 1st sample of using: define('PT_DEBUG_MODE', true); define('PT_COMPRESSED_MODE', true); $tpl = & new CTemplate(); $tpl->set_var('your_var1', 2); $tpl->vars['your_var1'] = array(); $tpl->vars['your_var2'][0] = 'sample1'; $tpl->vars['your_var2'][1] = 'sample2'; $tpl->set_var('your_var2', 'sample3', 2); $tpl->load_file('templates/your_template.tpl'); $tpl->show_parsed(); 2nd sample of using: echo CTemplate::parse_string("template string", array of template vars); echo CTemplate::parse_file("file name to custom template", array of template vars); -------------------------------------------------------------------------------- */ // template syntax definition (in regular expressions) define('PT_START_TAGS', '/^[ \t]*<% *(IF|FOR) +(!)?([a-z\_]+[a-z\_0-9\.]*) *%>/i'); define('PT_END_TAGS', '/^[ \t]*<%\/ *(IF|FOR) *%>/i'); define('PT_MIDDLE_TAGS', '/^[ \t]*<% *(ELSE) *%>/i'); define('PT_VARIABLE_TAGS', '/<%([=#\^\+]+) *([a-z\_]+[a-z\_0-9\/\.]*)(@([a-z\_]+[a-z\_0-9\.]*))? *%>/i'); define('PT_TERNARY_TAGS', '/<% *(!)?([a-z\_]+[a-z\_0-9\.]*) *\? *(#?)([a-z\_]+[a-z\_0-9\.@]*) *: *(#?)([a-z\_]+[a-z\_0-9\.@]*) *%>/i'); define('PT_CONTROL_TAGS', '/<% *IT *: *([a-z\_]+[a-z\_0-9]*)(\. *([a-z\_0-9]*) *)?( +((.(?!%>))*))? *\/%>/i'); define('PT_COMMENT_TAGS', '/<%\* *([^>]*) *\/%>/i'); define('PT_COUNTER_TAGS', '/<% *\$ *%>/i'); // process types definition - DO NOT CHANGE! define('PT_ROOT', 0); define('PT_IF', 1); define('PT_FOR', 2); define('PT_SILENT_IF', 3); define('PT_SILENT_FOR', 4); define('PT_FALSE_IF', 5); /** * @package LLA.Base */ class CTemplate { var $vars; // template vars (array) var $template; // template (array) var $result; // the result of template parsing (string) var $debug_mode; // debug mode - define PT_DEBUG_MODE to "true" before creating Template for debug mode var $compressed_mode; // compressed mode - define PT_COMPRESSED_MODE to "true" before creating Template for compressed output var $filename;// filename of the var $system_vars; var $Registry; /* -------------------------------------------------------------------------------- Template(void) - Object constructor Define PT_DEBUG_MODE constant to "true" before creating Template for debug mode. Define PT_COMPRESSED_MODE constant to "true" before creating Template for compressed output. -------------------------------------------------------------------------------- */ function CTemplate(){ $this->vars = array(); $this->template = array(); $this->debug_mode = true; if (defined('PT_COMPRESSED_MODE') && PT_COMPRESSED_MODE) $this->compressed_mode = true; else $this->compressed_mode = false; if ($GLOBALS['app']->is_module('Registry')) $this->Registry = &$GLOBALS['app']->get_module('Registry'); $this->system_vars = array('cycle_nesting' => -1, 'cycle_counters' => array()); } /* -------------------------------------------------------------------------------- load_file(string _path) - loading template from file Where _path is a valid path to the template file (like "templates/your_template.tpl"). -------------------------------------------------------------------------------- */ function load_file($path){ if (!file_exists($path)) system_die('File reading error - "' . $path . '"', 'Template->load_file'); $this->template = @file($path); unset($this->result); $this->filename = $path; } /* -------------------------------------------------------------------------------- load_array(array _template) - loading template from array Where _template is a valid array variable with template. -------------------------------------------------------------------------------- */ function load_array(&$array){ // loading template from array if (!is_array($array)) system_die('Invalid variable set (must be array)', 'Template->load_array'); $this->template = $array; unset($this->result); unset($this->filename); } /* -------------------------------------------------------------------------------- load_string(string _template) - loading template from array Where _template is a valid string variable with template. -------------------------------------------------------------------------------- */ function load_string(&$string){ // loading template from string $this->template = array(); foreach (preg_split('/\r?\n/', $string) as $tmp) array_push($this->template, $tmp."\n"); unset($this->result); unset($this->filename); } /* -------------------------------------------------------------------------------- show_parsed(void) - parsing template (if needed) and showing the result of parsing -------------------------------------------------------------------------------- */ function show_parsed(){ // parsing template (if needed) and showing the result of parsing if (isset($this->result)) echo $this->result; else { $this->parse(); echo $this->result; } } /* -------------------------------------------------------------------------------- show_notice(string _msg) - system method for message output in debug mode -------------------------------------------------------------------------------- */ function show_notice($msg, $type = 0){ if ($this->debug_mode) { switch ($type) { case 1: $msg = 'unknown template variable ' . $msg . ''; break; case 2: $msg = 'unknown template control ' . $msg . ''; break; case 3: $msg = 'invalid nesting - ' . $msg . ''; break; case 4: $msg = 'invalid array variable - ' . $msg . ''; break; } $GLOBALS['GlobalDebugInfo']->Write('Template Notice: ' . $msg); } } /* -------------------------------------------------------------------------------- set_var(string _name, mixed _value[, int _nesting]) - easy way to set up template variables Where _name is the name of template variable and _value is variables's value. Use _nesting in case of your template variable is array. The following strings are the same: $tpl->set_var('your_var1', 2, 1); $tpl->vars['your_var1'][1] = 2; -------------------------------------------------------------------------------- */ function set_var($name, $value){ // set the template variable if (func_num_args()> 2){ if (!$this->in_vars($name)) $this->vars[$name] = array(); $this->vars[$name][func_get_arg(2)] = $value; } else $this->vars[$name] = $value; } /* -------------------------------------------------------------------------------- unset_var(string _name) - unset the template variable where _name is the name of template variable -------------------------------------------------------------------------------- */ function unset_var($name){ // unset the template variable if (isset($this->vars[$name])) unset($this->vars[$name]); } /* -------------------------------------------------------------------------------- bool in_vars(string _name) - determine whether a variable is set where _name is the name of template variable returns TRUE if _name exists and FALSE otherwise. -------------------------------------------------------------------------------- */ function in_vars($name){ // check the template variable return array_key_exists($name, $this->vars); } /* -------------------------------------------------------------------------------- bool is_nested_var(string _name) - system method -------------------------------------------------------------------------------- */ function is_nested_var($name){ // SYSTEM FUNCTION - DO NOT USE! $curr_var = $this->vars[$name]; for($c = 0; $c <= $this->system_vars['cycle_nesting']; $c++){ if (!is_array($curr_var) || !isset($curr_var[$this->system_vars['cycle_counters'][$c]])) return false; $curr_var = $curr_var[$this->system_vars['cycle_counters'][$c]]; } return true; } /* -------------------------------------------------------------------------------- mixed get_nested_var(string _name) - system method -------------------------------------------------------------------------------- */ function get_nested_val($name){ // SYSTEM FUNCTION - DO NOT USE! $curr_var = $this->vars[$name]; for($c = 0; $c <= $this->system_vars['cycle_nesting']; $c++) $curr_var = $curr_var[$this->system_vars['cycle_counters'][$c]]; if (is_array($curr_var)){ $this->show_notice($name, 3); $curr_var = 'INVALID'; } return $curr_var; } /* -------------------------------------------------------------------------------- mixed get_var_val(string _name) - system method -------------------------------------------------------------------------------- */ function get_var_val($name){ // SYSTEM FUNCTION - DO NOT USE! if (!$this->in_vars($name)) system_die('Invalid variable name - "' . $name . '"', 'Template->get_var_val'); if (!is_array($this->vars[$name])) return $this->vars[$name]; // common variable elseif ($this->is_nested_var($name)) return $this->get_nested_val($name); // array with valid nesting else { // array with invalid nesting $keys = array_keys($this->vars[$name]); return $this->vars[$name][$keys[0]]; } } /* -------------------------------------------------------------------------------- parse(void) - template parsing (without output) -------------------------------------------------------------------------------- */ function parse(){ // parsing template $loop_count = -1; if (func_num_args()>= 1){ $proc_type = func_get_arg(0); //if (!in_array($proc_type, array(PT_ROOT, PT_IF, PT_FOR, PT_SILENT_IF, PT_SILENT_FOR, PT_FALSE_IF))) system_die('Invalid process type', 'Template->parse'); } else { $proc_type = PT_ROOT; unset($this->result); } if (func_num_args()> 1){ $curr_pos = intval(func_get_arg(1)); if (($proc_type == PT_FOR) && (func_num_args() < 3)) system_die('Undefined loop count (FOR process)', 'Template->parse'); if (func_num_args()> 2) $loop_count = intval(func_get_arg(2)); } else $curr_pos = 0; $succ_mode = false; while ($curr_pos < sizeof($this->template)){ $line = $this->template[$curr_pos]; // current line $line = preg_replace(PT_COMMENT_TAGS, '', $line); // Remove comments if (preg_match(PT_START_TAGS, $line, $result)){ // this line contains one of the START tags $result[1] = strtoupper($result[1]); if ($result[1] == 'FOR'){ if (!$this->in_vars($result[3]) && ($proc_type < PT_SILENT_IF)){ // invalid FOR variable $error_msg = 'Invalid FOR statement counter named "'.$result[3].'"'; break; } else { if ($proc_type <= PT_FOR) $count = intval($this->get_var_val($result[3])); $this->system_vars['cycle_nesting']++; $nesting_saver = $this->system_vars['cycle_nesting']; if ($proc_type> PT_FOR) $last_pos = $this->parse(PT_SILENT_FOR, $curr_pos + 1, 0); // create invisible FOR process else { if ($count == 0) $last_pos = $this->parse(PT_SILENT_FOR, $curr_pos + 1, 0); // create invisible FOR process else { for ($c = 0; $c < $count; $c++){ $this->system_vars['cycle_counters'][$nesting_saver] = $c; $this->system_vars['cycle_nesting'] = $nesting_saver; $last_pos = $this->parse(PT_FOR, $curr_pos + 1, $c); // create visible FOR process in loop } } } $curr_pos = $last_pos; } } else { // this line is IF opening tag if (!$this->in_vars($result[3]) && ($proc_type < PT_SILENT_IF)){ $error_msg = 'Invalid IF statement variable named "'.$result[3].'"'; break; } else { if ($proc_type>PT_FOR) $curr_type = PT_SILENT_IF; else { $var = (bool)$this->get_var_val($result[3]); if (strlen($result[2])> 0) $var = !$var; $curr_type = ($var)?PT_IF:PT_FALSE_IF; } if ($loop_count!=-1) $curr_pos = $this->parse($curr_type, $curr_pos+1, $loop_count); // create new IF process inside the loop else $curr_pos = $this->parse($curr_type, $curr_pos+1); // create new IF process } } } elseif(preg_match(PT_END_TAGS, $line, $result)){ $result[1] = strtoupper($result[1]); if (((($proc_type == PT_FOR) || ($proc_type == PT_SILENT_FOR)) && ($result[1] == 'FOR')) || ((($proc_type == PT_IF) || ($proc_type == PT_SILENT_IF) || ($proc_type == PT_FALSE_IF)) && ($result[1] == 'IF'))) { if (($proc_type == PT_FOR) || ($proc_type == PT_SILENT_FOR)) $this->system_vars['cycle_nesting']--; // this one was the end of loop block $succ_mode = true; break; } else { $error_msg = 'Unexpected end of '.$result[1].' statement'; break; } } elseif(preg_match(PT_MIDDLE_TAGS, $line, $result)){ // this line contains one of the MIDDLE tags (ELSE probably) $result[1] = strtoupper($result[1]); if (($proc_type == PT_FALSE_IF) && ($result[1] == 'ELSE')) { $proc_type = PT_IF; } elseif (($proc_type == PT_IF) && ($result[1] == 'ELSE')) { $proc_type = PT_FALSE_IF; } elseif($proc_type != PT_SILENT_IF) { // ELSE inside non IF process or so $error_msg = 'Unexpected '.$result[1].' statement '.$proc_type; break; } } elseif ($proc_type <= PT_FOR){ // processing of visible contents if (!isset($this->result)) $this->result = ''; $matches = array(); $line_is_control = false; if (preg_match_all(PT_COUNTER_TAGS, $line, $matches)){ // We have counter tags inside $replace = array(); foreach ($matches[0] as $key => $val){ // process counters if ($loop_count >= 0) $replace[$key] = $loop_count + 1; else $replace[$key] = ''; } $line = str_replace($matches[0], $replace, $line); // replace'em all } // processing variables if (preg_match_all(PT_VARIABLE_TAGS, $line, $matches)){ // Yes! We have some tags inside $replace = array(); foreach ($matches[2] as $key => $val){ // go thru the matches if (strlen($matches[4][$key])> 0){ // process array variables if (isset($this->vars[$val]) && is_array($this->vars[$val]) && array_key_exists($matches[4][$key], $this->vars[$val])){ $replace[$key] = $this->vars[$val][$matches[4][$key]]; if ($matches[1][$key] == '#') $replace[$key] = htmlspecialchars($replace[$key]); // escape html entries for # tag if ($matches[1][$key] == '+') $replace[$key] = str_replace('+', '%20', urlencode($replace[$key])); // url escape for + tag if ($matches[1][$key] == '^') { $replace[$key] = str_replace("\\", "\\\\", $replace[$key]); $replace[$key] = str_replace("'", "\\'", $replace[$key]); $replace[$key] = str_replace("\r", "\\r", $replace[$key]); $replace[$key] = str_replace("\n", "\\n", $replace[$key]); $replace[$key] = str_replace("", "", $replace[$key]); } } elseif (isset($this->vars[$val]) && is_object($this->vars[$val])) { $_obj = &$this->vars[$val]; $_name = $matches[4][$key]; $replace[$key] = $_obj->$_name; if ($matches[1][$key] == '#') $replace[$key] = htmlspecialchars($replace[$key]); // escape html entries for # tag if ($matches[1][$key] == '+') $replace[$key] = str_replace('+', '%20', urlencode($replace[$key])); // url escape for + tag if ($matches[1][$key] == '^') { $replace[$key] = str_replace("\\", "\\\\", $replace[$key]); $replace[$key] = str_replace("'", "\\'", $replace[$key]); $replace[$key] = str_replace("\r", "\\r", $replace[$key]); $replace[$key] = str_replace("\n", "\\n", $replace[$key]); $replace[$key] = str_replace("", "", $replace[$key]); } } else { if ($this->debug_mode) $this->show_notice($val.$matches[3][$key], 4); // show stupid notice $replace[$key] = ''; // and insert complete emptyness } } else{ // process common variables if (isset($this->vars[$val])) $replace[$key] = $this->get_var_val($val); elseif (preg_match('/\\//', $val)) { $v_row = $this->Registry->_internal_get_value($val); if ( ($v_row !== false) && (!$v_row->eof()) ) { $out = $v_row->Rows[0]->Fields['value']; if ($v_row->Rows[0]->Fields['key_type'] == KEY_TYPE_IMAGE) $out = $GLOBALS['app']->template_vars['REGISTRY_WEB'] . $v_row->Rows[0]->Fields['id_path'] . '/' . $out; $replace[$key] = $out; } else $replace[$key] = ''; } else $replace[$key] = ''; if ($matches[1][$key] == '#') $replace[$key] = htmlspecialchars($replace[$key]); // escape html entries for # tag if ($matches[1][$key] == '+') $replace[$key] = str_replace('+', '%20', urlencode($replace[$key])); // url escape for + tag if ($matches[1][$key] == '^') { $replace[$key] = str_replace("\\", "\\\\", $replace[$key]); $replace[$key] = str_replace("'", "\\'", $replace[$key]); $replace[$key] = str_replace("\r", "\\r", $replace[$key]); $replace[$key] = str_replace("\n", "\\n", $replace[$key]); $replace[$key] = str_replace("", "", $replace[$key]); } } } $line = str_replace($matches[0], $replace, $line); // replace'em all } // processing ternary operators if (preg_match_all(PT_TERNARY_TAGS, $line, $matches)){ // Yes! We have some tags inside foreach ($matches[2] as $key => $val){ // go thru the matches if (isset($this->vars[$val])){ $var = (bool)$this->get_var_val($val); if (strlen($matches[1][$key])> 0) $var = !$var; $res_num = ($var)?4:6; if (isset($this->vars[$matches[$res_num][$key]])) { $replace[$key] = $this->get_var_val($matches[$res_num][$key]); if (strlen($matches[$res_num - 1][$key])> 0) $replace[$key] = htmlspecialchars($replace[$key]); // escape html entries } else { if ($this->debug_mode) $this->show_notice($res_var, 1); $result[$key] = ''; } } else { // we have tag but haven't got variable if ($this->debug_mode) $this->show_notice($val, 1); // curse them out in debug mode $replace[$key] = ''; // and insert pretty nothing } } $line = str_replace($matches[0], $replace, $line); // replace'em all } // processing controls if (preg_match_all(PT_CONTROL_TAGS, $line, $matches)){ // Yes! This line contains control definition $replace = array(); foreach ($matches[1] as $key => $name){ // go through the matches if (strlen($matches[3][$key])> 0) $tcontrol = &$GLOBALS['pt_template_factory']->get_object(strtolower($name), strtolower($matches[3][$key])); // here is control with id else $tcontrol = &$GLOBALS['pt_template_factory']->get_object(strtolower($name)); // here is control without id if (!is_null($tcontrol)){ $tcontrol->parse_vars($matches[5][$key]); $tcontrol->on_page_init(); $replace[$key] = $tcontrol->process($loop_count); } else $replace[$key] = ''; } $line = str_replace($matches[0], $replace, $line); // replace control statements with control results } // compress and delete blank lines $line = preg_replace('/[\r\n]*$/', '', trim($line)); if (strlen($line)> 0) $this->result .= $line . "\n"; } $curr_pos++; } // And what we have here? if (!isset($error_msg) && ($proc_type != PT_ROOT) && !$succ_mode) $error_msg = 'Unexpected end of file'; // invalid template - show error if (isset($error_msg)){ $error_txt = 'Template parsing error on line '.($curr_pos + 1); if (isset($this->filename)) $error_txt .= ' of file "'.$this->filename.'"'; $error_txt .= ' - '.$error_msg; system_die($error_txt, 'Template->parse'); // invalid template - show error } if ($proc_type == PT_ROOT) if (!isset($this->result)) $this->result = ''; // probably there were one big false IF? return $curr_pos; // HURRA! HURRA! This one is successfully completed! } function parse_string($string, $tv = null){ // fast access (LA) $tmp = &new CTemplate(); $tmp->load_string($string); if (is_null($tv)) $tmp->vars = &$GLOBALS['app']->template_vars; else $tmp->vars = $tv; $tmp->parse(); return $tmp->result; } function parse_file($file_name, $tv = null){ // fast access (LA) $tmp = &new CTemplate(); $tmp->load_file($file_name); if (is_null($tv)) $tmp->vars = &$GLOBALS['app']->template_vars; else $tmp->vars = $tv; $tmp->parse(); return $tmp->result; } function parse_array($array, $tv = null){ // fast access (LA) $tmp = &new CTemplate(); $tmp->load_array($array); if (is_null($tv)) $tmp->vars = &$GLOBALS['app']->template_vars; else $tmp->vars = $tv; $tmp->parse(); return $tmp->result; } } ?>m_oApplication->User->is_logged() - to check if user logged $this->m_oApplication->User->UserData['id_member'] - to retreive id of current user $this->m_oApplication->User->UserData['id_level'] - to retreive access level of logged user (see constants below) $this->m_oApplication->User->UserData['first_name'] - to retreive first name of logged user ... all fields in %prefix%me_members table 2. Maintains administrative suite for creating/editing/deleting of members history: v 1.1.6 - important security update (ALEKS) v 1.1.5 - get_by_id($user_id) added (PERSON) v 1.1.4 - multiple cc support added (AHA) v 1.1.3 - multiple address support added (AHA) v 1.1.2 - user status added (AHA) v 1.1.1 - synchronize method added (LA) v 1.1.0 - refactored (LA) v 1.0.0 - created (LA) -------------------------------------------------------------------------------- */ define( 'USER_LEVEL_GUEST', 0 ); define( 'USER_LEVEL_USER', 10 ); define( 'USER_LEVEL_MANAGER', 20 ); define( 'USER_LEVEL_ADMIN', 100 ); define( 'USER_LEVEL_GLOBAL_ADMIN', 255 ); define( 'TYPE_STRING', 0 ); define( 'TYPE_TEXT', 1 ); define( 'TYPE_HTMLTEXT', 2 ); define( 'TYPE_INT', 3 ); define( 'TYPE_FLOAT', 4 ); define( 'TYPE_DATETIME', 5 ); define( 'TYPE_BOOLEAN', 6 ); define( 'TYPE_IMAGE', 7 ); define( 'TYPE_FILE', 8 ); define( 'STATUS_ACTIVE', 1 ); define( 'STATUS_INACTIVE', 2 ); define( 'STATUS_OBSOLETE', 3 ); class CUser { /** * @var CApplication object */ var $m_oApplication = NULL; /** * @var CDataBase object */ var $m_oDataBase = NULL; /** * @var CRole object */ var $m_oRole = NULL; /** * @var CField object */ var $m_oField = NULL; /** * @var CGroup object */ var $m_oGroup = NULL; /** * @var array */ var $m_aTemplateVars = array(); /** * @var array of database tables using by class */ var $m_aTables = array(); /** * @var array of user data */ var $m_aUserData = array(); /** * @var int */ var $m_iRoleID = 0; /** * @var int */ var $m_iGroupID = 0; /** * @var array of user data for previous compatibility */ var $UserData = array(); /** * @var string containing last error message */ var $m_sLastError = ''; /** * @access public * @param CApplication &$app * @desc CUser class Constructor */ function CUser( &$oApp ) { $this->m_oApplication =&$oApp; $this->m_aTemplateVars =&$oApp->template_vars; $this->m_aTemplateVars['the_u_days_unlim']=true; $this->m_aTemplateVars['the_u_quota_unlim']=true; $this->m_aTemplateVars['the_u_quota_reached']=false; $this->m_aTemplateVars['the_u_days_reached']=false; $this->m_aTemplateVars['filesPath'] = '/contest-files/'; $this->m_oDataBase =&$oApp->DataBase; $this->m_oRole =&new CRole( $oApp ); $this->m_oField =&new CField( $oApp ); $this->m_oGroup =&new CGroup( $oApp ); $this->m_aTables = array( 'users' => 'me_members', 'groups' => 'me_groups', 'fields' => 'me_fields', 'field2group' => 'me_field2group', 'field2user' => 'me_field2member', 'roles' => 'me_roles', 'user2role' => 'me_member2role', 'statuses' => 'statuses', ); if ( !array_key_exists( 'UserData', $_SESSION ) ){ $_SESSION['UserData'] = array(); } $this->m_aUserData =&$_SESSION['UserData']; $this->UserData =&$this->m_aUserData; if (InCache('usd_id') != '' && time()-InCache('auth_time')<6000) { $bf = &$this->m_oApplication->get_module('BF'); $this->UserData['id_member'] = intval(@$bf->getbyid(InCache('usd_id')), 10); if (!is_numeric($this->UserData['id_member'])){ $this->UserData['id_member'] = -1; }else{ SetCacheVar('auth_time',time()); } }else{ $this->UserData['id_member'] = -1; } global $dont_synchronize; if(!$dont_synchronize){ $this->synchronize(); } $this->m_iRoleID = intVal( inPostGetCache( 'filter_role', 0, 'User' ) ); $this->m_iGroupID = intVal( inPostGetCache( 'filter_group', 0, 'User' ) ); $this->m_aTemplateVars['filter_role'] = $this->m_iRoleID; $this->m_aTemplateVars['filter_group'] = $this->m_iGroupID; } /** * @access public * @desc Get available statuses. * @return CRecordSet object containing statuses on success, otherwise FALSE. */ function getStatuses() { if ( !isset( $this->m_oStatuses ) ) { $sQuery = 'SELECT id_status AS id, name FROM %prefix%'.$this->m_aTables['statuses']; $this->m_oStatuses = $this->m_oDataBase->select_custom_sql( $sQuery ); } return $this->m_oStatuses; } /** * @access public * @desc return last error message * @return string last error message */ function getLastError() { return $this->m_sLastError; } /** * @access public * @desc get user information by id * @param int $iID user id * @return CRecordSet object on success or FALSE on failure */ function getByID( $iID ) { $iID = intval( $iID ); if ( $iID < 1 ) { $this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'invalid_input_data' ); return FALSE; } $oRS = $this->m_oDataBase->select_sql( $this->m_aTables['users'], array( 'id_member' => $iID ) ); if ( $oRS === FALSE ) { $this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'database_error' ); return FALSE; } $this->m_sLastError = ''; return $oRS; } /** * @access private * @desc sets user variables * @param array $aVars array to set user variables * @return bool TRUE */ function setLoggedVars( &$aVars ) { if ( $this->isLogged() ) { $aVars['is_logged'] = TRUE; foreach( $this->m_aUserData as $sKey => $sValue ) $aVars['logged_user_'.$sKey] = $sValue; $aVars['logged_user_formatted_login'] = strLen( $this->m_aUserData['login'] ) > 17 ? subStr( $this->m_aUserData['login'], 0, 17 ) . '...' : $this->m_aUserData['login']; $aVars['logged_user_formatted_email'] = strLen( $this->m_aUserData['email'] ) > 17 ? subStr( $this->m_aUserData['email'], 0, 17 ) . '...' : $this->m_aUserData['email']; $oRS = $this->m_oRole->getRoles(); if ( $oRS !== FALSE ) { while ( !$oRS->eof() ) { $aVars['logged_user_role_'.$oRS->get_field( 'code' )] = FALSE; $oRS->next(); } } $oRS = $this->getRoles(); if ( $oRS !== FALSE ) { while ( !$oRS->eof() ) { $aVars['logged_user_role_'.$oRS->get_field( 'code' )] = TRUE; $oRS->next(); } } $aVars['is_global_admin'] = ( $this->isInRoles( array( 'ADMIN_RIGHTS', 'CONTENT_RIGHTS' ) ) ); } else { $aVars['is_logged'] = FALSE; $aVars['logged_user_id_member'] = -1; } return TRUE; } /** * @access public * @desc check if user is logged into system under role * @param int $iRoleID role id * @return bool TRUE if user if logged in, otherwise FALSE */ function isLogged( $iRoleID = 0 ) { if ( !$iRoleID ) return ( ( isset( $this->m_aUserData['id_member'] ) ) && ( $this->m_aUserData['id_member'] > 0 ) ); else return ( ( isset( $this->m_aUserData['id_member'] ) ) && ( $this->m_aUserData['id_member'] > 0 ) && $this->isInRole( 'ADMIN_RIGHTS' ) ); } /** * @access public * @desc try to login user into system * @param string $sLogin user login * @param string $sPassword user password * @param bool $bStore define if to store user id in cookie * @return bool TRUE if user logged, otherwise FALSE */ function login( $sLogin, $sPassword, $bStore = TRUE ) { $this->m_sLastError = ''; $oRS = $this->m_oDataBase->select_custom_sql("SELECT u.id_status as id_status, u.id_member as id_member from %prefix%me_members u, %prefix%me_member2role r where login='".$this->m_oDataBase->internalEscape($sLogin)."' and password='".base64_encode($sPassword)."' and u.id_member=r.id_member and id_role=1"); // ('me_members', array('login'=>$sLogin, 'password'=>base64_encode($sPassword))); if ( ( is_object( $oRS ) ) && ( !$oRS->eof() ) ) { if ( $oRS->get_field( 'id_status' ) == STATUS_ACTIVE ) { $this->set_user_from_db( $oRS ); $bf = &$this->m_oApplication->get_module('BF'); if ( $bStore ) SetCacheVar('usd_id', $bf->makeid($oRS->get_field('id_member'))); else SetCacheVar('usd_id', $bf->makeid($oRS->get_field('id_member'))); SetCacheVar('auth_time',time()); $this->set_logged_vars( $this->m_aTemplateVars ); return TRUE; } elseif ( $oRS->get_field( 'id_status' ) == STATUS_INACTIVE ) $this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'login_inactive_user' ); else $this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'login_obsolete_user' ); } else $this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'login_no_such_user' ); return FALSE; } /** * @access public * @desc logout user from system */ function logout() { $this->m_aUserData = array(); SetCacheVar( 'usd_id', ''); SetCacheVar('auth_time',0); } /** * @access public * @desc get user information * @param int $iUserID user id * @return CRecordSet object containing user information or FALSE if user isn't present in database */ function getUser( $iUserID = 0 ) { if ( $iUserID == 0 ) $iUserID = $this->m_aUserData['id_member']; $iUserID = intval( $iUserID ); if ( !$iUserID ) return FALSE; if ( !isset( $this->m_aUserInfo[$iUserID] ) ) { //, (-unix_timestamp(NOW())+unix_timestamp(date_start)+days_limit*3600*24 )/(3600*24) as days_left, -sum(filesize)/(1024*1024)+quota as size_left //LEFT JOIN %prefix%cms_files f $sQuery = 'SELECT u.id_member AS id, u.id_group AS `group`, u.id_status AS status, login, password, email, DATE_FORMAT( FROM_UNIXTIME( reg_time ), "%d.%m.%Y %H:%i" ) AS reg_time, theme FROM %prefix%'.$this->m_aTables['users'].' u WHERE id_member = '.$iUserID;//' GROUP BY user_id'; $this->m_aUserInfo[$iUserID] = $this->m_oDataBase->select_custom_sql( $sQuery ); //print $this->m_aUserInfo[$iUserID]->get_field('days_left'); } return $this->m_aUserInfo[$iUserID]; } /** * @access public * @desc get user fields * @param int $iUserID user id * @return CRecordSet object containing user fields or FALSE if user isn't present in database */ function getFields( $iUserID = 0 ) { if ( $iUserID == 0 ) $iUserID = $this->m_aUserData['id_member']; $iUserID = intval( $iUserID ); if ( !$iUserID ) return FALSE; if ( !isset( $this->m_oUserFields[$iUserID] ) ) { $sQuery = 'SELECT ftu.id_field AS id, f.name, ftu.value FROM %prefix%'.$this->m_aTables['fields'].' f INNER JOIN %prefix%'.$this->m_aTables['field2group'].' ftg ON ( ftg.id_field = f.id_field ) INNER JOIN %prefix%'.$this->m_aTables['groups'].' g ON ( g.id_group = ftg.id_group ) LEFT JOIN %prefix%'.$this->m_aTables['field2user'].' ftu ON ( ftu.id_field = f.id_field ) WHERE f.status = 1 AND ftu.id_member = '.$iUserID; $this->m_oUserFields[$iUserID] = $this->m_oDataBase->select_custom_sql( $sQuery ); } return $this->m_oUserFields[$iUserID]; } /** * @access public * @desc get user roles * @param int $iUserID user id * @return CRecordSet object containing user roles or FALSE if user isn't present in database */ function getRoles( $iUserID = 0 ) { if ( $iUserID == 0 ) $iUserID = $this->m_aUserData['id_member']; $iUserID = intval( $iUserID ); if ( !$iUserID ) return FALSE; if ( !isset( $this->m_oRoles[$iUserID] ) ) { $sQuery = 'SELECT r.id_role AS id, r.code FROM %prefix%'.$this->m_aTables['users'].' u INNER JOIN %prefix%'.$this->m_aTables['user2role'].' utr ON ( utr.id_member = u.id_member ) INNER JOIN %prefix%'.$this->m_aTables['roles'].' r ON ( r.id_role = utr.id_role ) WHERE u.id_member = '.$iUserID; $this->m_oRoles[$iUserID] = $this->m_oDataBase->select_custom_sql( $sQuery ); } return $this->m_oRoles[$iUserID]; } /** * @access public * @desc check if user consist in role * @param int $iRoleID role id * @param int $iUserID user id * @return bool TRUE if user consist in role, otherwise FALSE */ function isInRole( $iRoleID, $iUserID = 0 ) { if ( is_integer( $iRoleID ) ) return in_array( $iRoleID, $this->getRolesIDs( $iUserID ) ); else return in_array( $iRoleID, $this->getRolesCodes( $iUserID ) ); } /** * @access public * @desc check if user consist at least in on of roles * @param array $aRolesIDs roles ids * @param int $iUserID user id * @return bool TRUE if user consist at least in one of roles, otherwise FALSE */ function isInRoles( $aRolesIDs, $iUserID = 0 ) { if ( !is_array( $aRolesIDs ) ) return FALSE; $iSize = sizeOf ( $aRolesIDs ); for ( $i = 0; $i < $iSize; $i++ ) { if ( !$this->isInRole( $aRolesIDs[$i], $iUserID ) ) return FALSE; } return TRUE; } /** * @access public * @desc get user roles ids * @param int $iUserID user id * @return array of user roles ids or FALSE if user isn't present in database */ function getRolesIDs( $iUserID = 0 ) { if ( $iUserID == 0 ) $iUserID = $this->m_aUserData['id_member']; $iUserID = intval( $iUserID ); if ( !$iUserID ) return FALSE; if ( !isset( $this->m_aRolesIDs[$iUserID] ) ) { $this->m_aRolesIDs[$iUserID] = array(); $oRS = $this->getRoles( $iUserID ); recordset_to_vars( $oRS, $aRoles, FALSE ); $iSize = sizeOf ( $aRoles['id'] ); for ( $i = 0; $i < $iSize; $i++ ) $this->m_aRolesIDs[$iUserID][] = $aRoles['id'][$i]; } return $this->m_aRolesIDs[$iUserID]; } /** * @access public * @desc get user roles ids * @param int $iUserID user id * @return array of user roles codes or FALSE if user isn't present in database */ function getRolesCodes( $iUserID = 0 ) { if ( $iUserID == 0 ) $iUserID = !empty($this->m_aUserData['id_member'])?$this->m_aUserData['id_member']:''; $iUserID = intval( $iUserID ); if ( !$iUserID ){ return array(); } if ( !isset( $this->m_aRolesCodes[$iUserID] ) ) { $this->m_aRolesCodes[$iUserID] = array(); $oRS = $this->getRoles( $iUserID ); recordset_to_vars( $oRS, $aRoles, FALSE ); $iSize = sizeOf ( $aRoles['code'] ); for ( $i = 0; $i < $iSize; $i++ ) $this->m_aRolesCodes[$iUserID][] = $aRoles['code'][$i]; } return $this->m_aRolesCodes[$iUserID]; } function createUser( $aInfo, $aFields = array(), $aRoles = array() ) { $sQuery = 'SELECT login FROM %prefix%'.$this->m_aTables['users'].' WHERE login = "'. $this->m_oDataBase->internalEscape( $aInfo['login'] ) .'"'; $oRS = $this->m_oDataBase->select_custom_sql( $sQuery ); if ( is_object( $oRS ) && !$oRS->eof() ) { if ( $oRS->get_field( 'login' ) ) $this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'login_already_exists' ); return FALSE; } else { $sQuery = 'SELECT email FROM %prefix%'.$this->m_aTables['users'].' WHERE email = "'. $this->m_oDataBase->internalEscape( $aInfo['email'] ) .'"'; $oRS = $this->m_oDataBase->select_custom_sql( $sQuery ); if ( is_object( $oRS ) && !$oRS->eof() ) { if ( $oRS->get_field( 'email' ) ) $this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'email_already_exists' ); return FALSE; } } $aInfo['group'] = empty( $aInfo['group'] ) ? 1 : $aInfo['group']; $aInsert = array( 'id_group' => $aInfo['group'], 'id_status' => empty( $aInfo['status'] ) ? STATUS_INACTIVE : $aInfo['status'], 'email' => $aInfo['email'], 'login' => $aInfo['login'], 'password' => base64_encode( $aInfo['password'] ), 'reg_time' => time(), 'theme' => $aInfo['theme'] ); if( !empty( $aInfo['lang_id'] ) ) $aInsert['lang_id'] = $aInfo['lang_id']; $iUserID = $this->m_oDataBase->insert_sql( $this->m_aTables['users'], $aInsert ); $oFields = $this->m_oGroup->getFields( $aInfo['group'] ); while ( !$oFields->eof() ) { $iID = $oFields->get_field( 'id' ); if ( isset( $aFields[$iID] ) ) { $aUserField = array( 'id_field' => $iID, 'id_member' => $iUserID, 'value' => $aFields[$iID] ); } else { $aUserField = array( 'id_field' => $iID, 'id_member' => $iUserID, 'value' => '' ); } $this->m_oDataBase->insert_sql( $this->m_aTables['field2user'], $aUserField ); $oFields->next(); } $iSize = sizeOf( $aRoles ); for ( $i = 0; $i < $iSize; $i++ ) $this->m_oRole->addUser( $iUserID, $aRoles[$i] ); return $iUserID; } function updateUserCustomData( $aData, $iUserID = null ) { if ( is_null( $iUserID ) ) if ( $this->is_logged() ) $iUserID = $this->m_aUserData['id_member']; else return FALSE; if ( $this->m_oDataBase->update_sql( $this->m_aTables['users'], $aData, array( 'id_member' => $iUserID ) ) !== FALSE ) { if ( ( $this->is_logged() ) && ( $iUserID == $this->m_aUserData['id_member'] ) ) $this->synchronize(); return TRUE; } else return FALSE; } function updateUser( $iUserID, $aInfo, $aFields = array(), $aRoles = array() ) { if(is_null($aRoles)){ $the_roles=$this->getRolesIDs( $iUserID ); }else{ $the_roles=$aRoles; } $sQuery = 'SELECT login FROM %prefix%'.$this->m_aTables['users'].' WHERE login = "'.$this->m_oDataBase->internalEscape( $aInfo['login'] ).'" AND id_member <> '.$iUserID; $oRS = $this->m_oDataBase->select_custom_sql( $sQuery ); if ( is_object( $oRS ) && !$oRS->eof() ) { if ( $oRS->get_field( 'login' ) ) $this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'login_already_exists' ); return FALSE; }else { $sQuery = 'SELECT email FROM %prefix%'.$this->m_aTables['users'].' WHERE email = "'. $this->m_oDataBase->internalEscape( $aInfo['email'] ) .'" AND id_member <> '.$iUserID; $oRS = $this->m_oDataBase->select_custom_sql( $sQuery ); if ( is_object( $oRS ) && !$oRS->eof() ) { if ( $oRS->get_field( 'email' ) ) $this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'email_already_exists' ); return FALSE; } } if( empty( $aInfo['password'] ) ) { $oRS = $this->m_oDataBase->select_custom_sql( 'SELECT password FROM %prefix%'.$this->m_aTables['users'].' WHERE id_member = '.$iUserID ); $aInfo['password'] = base64_decode( $oRS->get_field( 'password' ) ); } if ( $iUserID != $this->m_aUserData['id_member'] && $iUserID!= 1 ) { $aUpdate = array( 'login' => $aInfo['login'], 'password' => base64_encode( $aInfo['password'] ), 'email' => $aInfo['email'], 'theme' => $aInfo['theme'] ); }else{ $aUpdate = array( 'login' => $aInfo['login'], 'password' => base64_encode( $aInfo['password'] ), 'email' => $aInfo['email'], ); } if ( isset( $aInfo['status'] ) ) $aUpdate['id_status'] = $aInfo['status']; $this->updateUserCustomData( $aUpdate, $iUserID ); $oFields = $this->getFields( $iUserID ); while ( !$oFields->eof() ) { $iID = $oFields->get_field( 'id' ); $aCond = array( 'id_field' => $iID, 'id_member' => $iUserID, ); if ( isset( $aFields[$iID] ) ) { $aUserField = array( 'value' => $aFields[$iID] ); $this->m_oDataBase->update_sql( $this->m_aTables['field2user'], $aUserField, $aCond ); } else { $aUserField = array( 'id_field' => $iID, 'id_member' => $iUserID, 'value' => '' ); $this->m_oDataBase->insert_sql( $this->m_aTables['field2user'], $aUserField ); } $oFields->next(); } if ( !is_null( $aRoles ) ) { $this->m_oDataBase->delete_sql( $this->m_aTables['user2role'], array( 'id_member' => $iUserID ) ); $iSize = sizeOf( $aRoles ); for ( $i = 0; $i < $iSize; $i++ ) $this->m_oRole->addUser( $iUserID, $aRoles[$i] ); } return TRUE; } function deleteUsers( $aUsersID ) { if ( !$iSize = sizeOf( $aUsersID ) ){ $this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User&no_user_selected' ); return FALSE; } if ( !is_array( $aUsersID ) ) $aUsersID = array( $aUsersID ); $sSet = join( ', ', $aUsersID ); $this->m_oDataBase->custom_sql( 'DELETE FROM %prefix%'.$this->m_aTables['field2user'].' WHERE id_member IN ( '.$sSet.' )' ); $this->m_oDataBase->custom_sql( 'DELETE FROM %prefix%'.$this->m_aTables['user2role'].' WHERE id_member IN ( '.$sSet.' )' ); return $this->m_oDataBase->custom_sql( 'DELETE FROM %prefix%'.$this->m_aTables['users'].' WHERE id_member IN ( '.$sSet.' )' ); } function get_admin_names() { if ( $this->isInRole( 'ADMIN_RIGHTS' ) ) return 'Пользователи'; else return ''; } function synchronize() { if ( isset( $this->m_aUserData['id_member'] ) ) { $oRS = $this->m_oDataBase->select_sql( $this->m_aTables['users'], array( 'id_member' => $this->m_aUserData['id_member'], 'id_status' => STATUS_ACTIVE ) ); if ( ( $oRS !== FALSE ) && ( !$oRS->eof() ) ) $this->set_user_from_db( $oRS ); else $this->m_aUserData = array(); } else $this->m_aUserData = array(); } function setUserFromDB( $oRS ) { $this->m_aUserData = array(); $iUserID = $oRS->get_field( 'id_member' ); $aRoles = $this->getRolesIDs( $iUserID ); if ( !empty( $aRoles ) && ( $this->isInRole( 'ADMIN_RIGHTS', $iUserID ) || $this->isInRole( 'CMS_RIGHTS', $iUserID ) ) ) $oRS->Rows[0]->Fields['id_level'] = USER_LEVEL_GLOBAL_ADMIN; else $oRS->Rows[0]->Fields['id_level'] = USER_LEVEL_USER; foreach( $oRS->Rows[0]->Fields as $sKey => $sValue ) if ( strcmp( $sKey, 'password' ) != 0 ) $this->m_aUserData[$sKey] = $sValue; } function run_admin_interface( $sModule, $sSubModule ) { if ( !$this->isInRole( 'ADMIN_RIGHTS' ) ) { $this->m_aTemplateVars['has_access'] = FALSE; $this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( 'module_access_denied' ); } else { require_once( CUSTOM_CONTROLS_PATH . 'sub.php' ); new CSubModule( $this ); $this->contest =&$this->m_oApplication->get_module('Contest'); // Set base template variables $this->m_aTemplateVars['firstAdmin']=false; $this->m_aTemplateVars['has_access'] = TRUE; $this->m_aTemplateVars['action'] = FALSE; $this->m_aTemplateVars['action_edit_user'] = FALSE; $this->m_aTemplateVars['action_add_user'] = FALSE; $this->m_aTemplateVars['users_deleted'] = in_get('deleted')?true:false; $this->m_aTemplateVars['nobody_deleted'] = in_get('no_user_selected')?true:false; $this->m_aTemplateVars['disable_options'] = false; $oLocalizer =&$this->m_oApplication->Localizer; $oGroups = $this->m_oGroup->getGroups(); $aGroups = array( '0' => 'All' ); while ( !$oGroups->eof() ) { $aGroups[$oGroups->get_field( 'id' )] = $oGroups->get_field( 'name' ); $oGroups->next(); } CInput::set_select_data( 'filter_group', $aGroups ); $oRoles = $this->m_oRole->getRoles(); $aRoles = array( '0' => 'All' ); while ( !$oRoles->eof() ) { $aRoles[$oRoles->get_field( 'id' )] = $oRoles->get_field( 'name' ); $oRoles->next(); } CInput::set_select_data( 'filter_role', $aRoles ); // Display Users List require_once( BASE_CLASSES_PATH . 'controls/navigator.php' ); $sQuery = 'SELECT m.id_member as id, m.login as login, m.email as email, s.name AS status FROM %prefix%'.$this->m_aTables['users'].' m '; $sQuery .=' INNER JOIN %prefix%'.$this->m_aTables['statuses'].' s ON ( s.id_status = m.id_status )'; if ( $this->m_iRoleID ) $sQuery .= ' INNER JOIN %prefix%'. $this->m_aTables['user2role'] .' utr ON ( utr.id_member = m.id_member AND utr.id_role = '. $this->m_iRoleID .' )'; if ( $this->m_iGroupID ) $sQuery .= ' WHERE m.id_group = '. $this->m_iGroupID; $sQuery .= " GROUP BY m.id_member"; $aFields = array( 'login' => 'login', 'email' => 'email', 'status' => 'status' ); $aDisabled = array( 1, $this->m_aUserData['id_member'] ); $oUsersNavigator = &new Navigator( 'UsersList', $sQuery, $aFields, 'login' ); $header_num=$oUsersNavigator->add_header( $oLocalizer->get_string( 'title_login' ), 'login'); $oUsersNavigator->add_header( $oLocalizer->get_string( 'title_email' ), 'email' ); $oUsersNavigator->add_header( $oLocalizer->get_string( 'title_status' ), 'status' ); $oUsersNavigator->set_disabled_list( $aDisabled ); $oUsersNavigator->set_width( 0, '50%' ); $oUsersNavigator->set_width( 1, '50%' ); $iUserID = intval( inGet( 'id_member', 0 ) ); $iUserID = $iUserID >= 0 ? $iUserID : 0; if ( $iUserID ) { if($iUserID=='1'){ $this->m_aTemplateVars['firstAdmin']=true; }else{ $this->m_aTemplateVars['firstAdmin']=false; } $this->m_aTemplateVars['action'] = TRUE; $this->m_aTemplateVars['action_edit_user'] = TRUE; $this->m_aTemplateVars['action_add_user'] = FALSE; CValidator::add( 'user_login', VRT_TEXT, 6, 64 ); CValidator::add( 'user_email', VRT_EMAIL ); CValidator::add_nr( 'user_password', VRT_PASSWORD, '', 6, 64 ); CValidator::add_nr( 'user_confirm_password',VRT_PASSWORD, '', 6, 64 ); $oUserRS = $this->getUser( $iUserID ); if ( !is_object( $oUserRS ) || $oUserRS->eof() ) { $this->m_aTemplateVars['action'] = FALSE; $this->m_aTemplateVars['action_edit_user'] = FALSE; $this->m_aTemplateVars['action_add_user'] = FALSE; $this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User' ); } else { if ( in_get( 'created' ) ) $this->m_aTemplateVars['module_messages'][] = $oLocalizer->get_string( 'message_user_created' ); elseif ( in_get( 'modified' ) ) $this->m_aTemplateVars['module_messages'][] = $oLocalizer->get_string( 'message_user_modified' ); $this->m_aTemplateVars['user_theme']=$oUserRS->get_field('theme'); CInput::set_select_data('user_theme',$this->contest->themeArray); $iGroupID = $oUserRS->get_field( 'group' ); $oUserFields = $this->getFields( $iUserID ); $oGroupFields = $this->m_oGroup->getFields( $iGroupID ); while ( !$oUserFields->eof() ) { $this->m_aTemplateVars['field_'.$oUserFields->get_field( 'name' )] = stripslashes( str_replace( array( '\r', '\n' ), array( "\r", "\n" ), $oUserFields->get_field( 'value' ) ) ); $oUserFields->next(); } row_to_vars( $oUserRS->Rows[0], $this->m_aTemplateVars, '', 'user_' ); recordset_to_vars( $oGroupFields, $this->m_aTemplateVars, 'fields', 'field_' ); foreach ( $this->m_aTemplateVars['field_type'] as $sKey => $sValue ) { $this->m_aTemplateVars['field_name'][$sKey] = 'field_'.$this->m_aTemplateVars['field_name'][$sKey]; $this->m_aTemplateVars['field_STRING'][$sKey] = $this->m_aTemplateVars['field_TEXT'][$sKey] = $this->m_aTemplateVars['field_HTMLTEXT'][$sKey] = $this->m_aTemplateVars['field_INT'][$sKey] = $this->m_aTemplateVars['field_FLOAT'][$sKey] = $this->m_aTemplateVars['field_DATETIME'][$sKey] = $this->m_aTemplateVars['field_BOOLEAN'][$sKey] = $this->m_aTemplateVars['field_IMAGE'][$sKey] = $this->m_aTemplateVars['field_FILE'][$sKey] = FALSE; switch ( $sValue ) { case TYPE_STRING: $this->m_aTemplateVars['field_STRING'][$sKey] = TRUE; if ( $this->m_aTemplateVars['field_required'][$sKey] ) CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, 1, 255 ); else CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, '', 1, 255 ); break; case TYPE_TEXT: $this->m_aTemplateVars['field_TEXT'][$sKey] = TRUE; if ( $this->m_aTemplateVars['field_required'][$sKey] ) CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, 1 ); else CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, '' ); break; case TYPE_HTMLTEXT: $this->m_aTemplateVars['field_HTMLTEXT'][$sKey] = TRUE; if ( $this->m_aTemplateVars['field_required'][$sKey] ) CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, 1 ); else CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, '' ); break; case TYPE_INT: $this->m_aTemplateVars['field_INT'][$sKey] = TRUE; if ( $this->m_aTemplateVars['field_required'][$sKey] ) CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_NUMBER ); else CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_NUMBER, '' ); break; case TYPE_FLOAT: $this->m_aTemplateVars['field_FLOAT'][$sKey] = TRUE; if ( $this->m_aTemplateVars['field_required'][$sKey] ) CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_FLOAT ); else CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_FLOAT, '' ); break; case TYPE_DATETIME: $this->m_aTemplateVars['field_DATETIME'][$sKey] = TRUE; if ( $this->m_aTemplateVars['field_required'][$sKey] ) CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_ODBCDATE ); else CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_ODBCDATE, date( 'Y-m-d' ) ); break; case TYPE_BOOLEAN: $this->m_aTemplateVars['field_BOOLEAN'][$sKey] = TRUE; break; case TYPE_IMAGE: $this->m_aTemplateVars['field_IMAGE'][$sKey] = TRUE; if ( $this->m_aTemplateVars['field_required'][$sKey] ) CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_IMAGE_FILE ); else CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_IMAGE_FILE, '' ); break; case TYPE_FILE: $this->m_aTemplateVars['field_FILE'][$sKey] = TRUE; $this->m_aTemplateVars[$this->m_aTemplateVars['field_name'][$sKey]] = isset( $aUserFields[$this->m_aTemplateVars['field_id'][$sKey]] ) ? $aUserFields[$this->m_aTemplateVars['field_id'][$sKey]] : ''; if ( $this->m_aTemplateVars['field_required'][$sKey] ) CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_CUSTOM_FILE ); else CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_CUSTOM_FILE, '' ); break; } } } // Set statuses $oStatuses = $this->getStatuses(); $aStatuses = array(); $oStatuses->first(); if ( $oStatuses !== FALSE ) { while ( !$oStatuses->eof() ) { $aStatuses[$oStatuses->get_field( 'id' )] = $oStatuses->get_field( 'name' ); $aStatusesIDS[] = $oStatuses->get_field( 'id' ); $oStatuses->next(); } } $themes=array_flip($this->contest->themeArray); CValidator::add( 'user_theme', VRT_ENUMERATION, $themes ); CValidator::add( 'user_status', VRT_ENUMERATION, $aStatusesIDS ); CInput::set_select_data( 'user_status', $aStatuses ); if ( $iUserID == $this->m_aUserData['id_member'] || $iUserID==1){ CInput::disable( 'user_status' ); $this->m_aTemplateVars['disable_options']=true; } $oRoles = $this->m_oRole->getRoles(); recordset_to_vars( $oRoles, $this->m_aTemplateVars, 'roles', 'role_' ); if(CForm::is_submit('UserEdit') && $iUserID != $this->m_aUserData['id_member'] && $iUserID!=1 && is_object($oRoles)){ $oRoles->first(); for($x=0;$x<$oRoles->get_record_count();$x++){ $this->m_aTemplateVars['role_'.$oRoles->get_field('id')]=inpost('role_'.$oRoles->get_field('id')); $oRoles->next(); } }else{ $aRoles = $this->getRolesIDs( $iUserID ); $iSize = sizeOf( $aRoles ); for ( $i = 0; $i < $iSize; $i++ ){ $this->m_aTemplateVars['role_'.$aRoles[$i]] = 1; if($iUserID == $this->m_aUserData['id_member'] || $iUserID == 1 ){ CInput::disable( 'role_'.$aRoles[$i] ); } } } $oUsersNavigator->set_highlight( 'id', $iUserID ); } elseif ( in_get( 'add_user' ) ) { $this->m_aTemplateVars['action'] = TRUE; $this->m_aTemplateVars['action_edit_user'] = FALSE; $this->m_aTemplateVars['action_add_user'] = TRUE; CInput::set_select_data('user_theme',$this->contest->themeArray); CValidator::add( 'user_login', VRT_TEXT, 6, 64 ); CValidator::add( 'user_email', VRT_EMAIL ); CValidator::add( 'user_password', VRT_PASSWORD, 6, 64 ); CValidator::add( 'user_confirm_password', VRT_PASSWORD, 6, 64 ); if(!CForm::is_submit('UserAdd')) $this->m_aTemplateVars['role_2']=1; // Set statuses $oStatuses = $this->getStatuses(); $aStatuses = array(); $aStatusesIDS=array(); $oStatuses->first(); if ( $oStatuses !== FALSE ) { while ( !$oStatuses->eof() ) { $aStatuses[$oStatuses->get_field( 'id' )] = $oStatuses->get_field( 'name' ); $aStatusesIDS[] = $oStatuses->get_field( 'id' ); $oStatuses->next(); } } $oGroups = $this->m_oGroup->getGroups(); $aUserGroups = array(); if ( $oGroups !== FALSE ) { while ( !$oGroups->eof() ) { $aUserGroups[$oGroups->get_field( 'id' )] = $oGroups->get_field( 'name' ); $aUserGroupsIDS[] = $oGroups->get_field( 'id' ); $oGroups->next(); } } CValidator::add( 'user_group', VRT_ENUMERATION, $aUserGroupsIDS ); CInput::set_select_data( 'user_group', $aUserGroups ); CValidator::add( 'user_status', VRT_ENUMERATION, $aStatusesIDS ); CInput::set_select_data( 'user_status', $aStatuses ); // Get group roles $oRoles = $this->m_oRole->getRoles(); recordset_to_vars( $oRoles, $this->m_aTemplateVars, 'roles', 'role_' ); } } $this->m_aTemplateVars['with_messages'] = empty( $this->m_aTemplateVars['module_messages'] ) ? FALSE : TRUE; $this->m_aTemplateVars['with_errors'] = empty( $this->m_aTemplateVars['module_errors'] ) ? FALSE : TRUE; if ( !empty( $this->m_aTemplateVars['module_errors'] ) || !empty( $this->m_aTemplateVars['module_messages'] ) ) { require_once( BASE_CONTROLS_PATH.'simplearrayoutput.php' ); new CSimpleArrayOutput(); } return CTemplate::parse_file( CUSTOM_TEMPLATE_PATH.'admin/user/main.tpl' ); } function on_UserList_submit( $sAction ) { if ( !$this->isInRole( 'ADMIN_RIGHTS' ) ) { return true; } if ( $sAction == 'delete' ) { $aChecked = InPost( 'ch', array() ); if($this->deleteUsers( $aChecked )) $this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User&deleted' ); } elseif ( $sAction == 'add' ) { $this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User&add_user' ); } return TRUE; } function on_UserAdd_submit( $sAction ) { if ( !$this->isInRole( 'ADMIN_RIGHTS' ) ) { return true; } if ( $sAction == 'cancel' ) { $this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User' ); return TRUE; } $this->contest= &$this->m_oApplication->get_module('Contest'); $oGroups = $this->m_oGroup->getGroups(); $aUserGroups = array(); if ( $oGroups !== FALSE ) { while ( !$oGroups->eof() ) { $aUserGroups[] = $oGroups->get_field( 'id' ); $oGroups->next(); } } CValidator::add( 'user_login', VRT_TEXT, 6, 64 ); CValidator::add( 'user_email', VRT_EMAIL ); CValidator::add( 'user_password', VRT_PASSWORD, 6, 64 ); CValidator::add( 'user_confirm_password', VRT_PASSWORD, 6, 64 ); $oStatuses = $this->getStatuses(); $aStatusesIDs = array(); if ( $oStatuses !== FALSE ) { while ( !$oStatuses->eof() ) { $aStatusesIDS[] = $oStatuses->get_field( 'id' ); $oStatuses->next(); } } CValidator::add( 'user_group', VRT_ENUMERATION, $aUserGroups ); if(inpost('role_2')){ $themes=array_flip($this->contest->themeArray); CValidator::add( 'user_theme', VRT_ENUMERATION, $themes ); } CValidator::add( 'user_status', VRT_ENUMERATION, $aStatusesIDS ); if ( CValidator::validate_input() ) { if ( strcmp( $this->m_aTemplateVars['user_password'], $this->m_aTemplateVars['user_confirm_password'] ) ) { $this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( 'passwords_doesnt_match' ); } else { $aUserInfo = array( 'login' => $this->m_aTemplateVars['user_login'], 'password' => $this->m_aTemplateVars['user_password'], 'email' => $this->m_aTemplateVars['user_email'], 'status' => $this->m_aTemplateVars['user_status'], ); if(inpost('role_2')){ $aUserInfo['theme']=$this->m_aTemplateVars['user_theme']; }else{ $aUserInfo['theme']=0; } $aUserFields = array(); $aUserRoles = array(); $oRoles = $this->m_oRole->getRoles(); if ( is_object( $oRoles ) ) { while ( !$oRoles->eof() ) { if ( in_post( 'role_'.$oRoles->get_field( 'id' ) ) ) $aUserRoles[] = $oRoles->get_field( 'id' ); $oRoles->next(); } } if ( !( $iUserID = $this->createUser( $aUserInfo, $aUserFields, $aUserRoles ) ) ){ $this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( $this->getLastError() ); } else{ $this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User&id_member='.$iUserID.'&created' ); } } } else $this->m_aTemplateVars['module_errors'] = CValidator::get_errors(); return TRUE; } function on_UserEdit_submit( $sAction ) { if ( !$this->isInRole( 'ADMIN_RIGHTS' ) ) { return true; } if ( $sAction == 'cancel' ) { $this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User' ); return TRUE; } $this->contest= &$this->m_oApplication->get_module('Contest'); CValidator::add( 'user_login', VRT_TEXT, 6, 64 ); CValidator::add( 'user_email', VRT_EMAIL ); CValidator::add_nr( 'user_password', VRT_PASSWORD, '', 6, 64 ); CValidator::add_nr( 'user_confirm_password', VRT_PASSWORD, '', 6, 64 ); $iUserID = intval( inGetPost( 'id_member', 0 ) ); if ( $iUserID != $this->m_aUserData['id_member'] && $iUserID!= 1 ) { $oStatuses = $this->getStatuses(); $aStatusesIDs = array(); if ( $oStatuses !== FALSE ) { while ( !$oStatuses->eof() ) { $aStatusesIDS[] = $oStatuses->get_field( 'id' ); $oStatuses->next(); } } $themes=array_flip($this->contest->themeArray); if(inpost('role_2')){ CValidator::add( 'user_theme', VRT_ENUMERATION, $themes ); } CValidator::add( 'user_status', VRT_ENUMERATION, $aStatusesIDS ); } $oUser = $this->getUser( $iUserID ); if ( $oUser === FALSE || $oUser->eof() ) { $this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User' ); return TRUE; } else $iGroupID = $oUser->get_field( 'group' ); $oFields = $this->m_oGroup->getFields( $iGroupID ); while ( is_object( $oFields ) && !$oFields->eof() ) { switch ( $oFields->get_field( 'type' ) ) { case TYPE_STRING: if ( $oFields->get_field( 'required' ) ) CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, 1, 255 ); else CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, '', 1, 255 ); break; case TYPE_TEXT: if ( $oFields->get_field( 'required' ) ) CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, 1 ); else CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, '', 1 ); break; case TYPE_HTMLTEXT: if ( $oFields->get_field( 'required' ) ) CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, 1 ); else CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, '', 1 ); break; case TYPE_INT: if ( $oFields->get_field( 'required' ) ) CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_NUMBER ); else CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_NUMBER, 0 ); break; case TYPE_FLOAT: if ( $oFields->get_field( 'required' ) ) CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_FLOAT ); else CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_FLOAT, 0.0 ); break; case TYPE_DATETIME: if ( $oFields->get_field( 'required' ) ) CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_ODBCDATE ); else CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_ODBCDATE, date( 'Y-m-d' ) ); break; case TYPE_IMAGE: if ( $oFields->get_field( 'required' ) ) CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_IMAGE_FILE ); else CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_IMAGE_FILE, '' ); break; case TYPE_FILE: if ( $oFields->get_field( 'required' ) ) CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_CUSTOM_FILE ); else CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_CUSTOM_FILE, '' ); break; } $oFields->next(); } if ( CValidator::validate_input() ) { if ( strcmp( $this->m_aTemplateVars['user_password'], $this->m_aTemplateVars['user_confirm_password'] ) ) $this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( 'passwords_doesnt_match' ); //elseif ( !strcmp( $this->m_aTemplateVars['user_login'], $this->m_aTemplateVars['user_email'] ) ) // $this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( 'the_same_emails' ); else { if ( $iUserID != $this->m_aUserData['id_member'] && $iUserID!= 1 ) { $aUserInfo = array( 'login' => $this->m_aTemplateVars['user_login'], 'password' => $this->m_aTemplateVars['user_password'], 'email' => $this->m_aTemplateVars['user_email'], ); if(inpost('role_2')){ $aUserInfo['theme']=$this->m_aTemplateVars['user_theme']; }else{ $aUserInfo['theme']=0; } }else{ $aUserInfo = array( 'login' => $this->m_aTemplateVars['user_login'], 'password' => $this->m_aTemplateVars['user_password'], 'email' => $this->m_aTemplateVars['user_email'], ); } if ( $iUserID != $this->m_aUserData['id_member'] && $iUserID!=1) $aUserInfo['status'] = $this->m_aTemplateVars['user_status']; $aUserFields = array(); $aUserRoles = array(); if ( is_object( $oFields ) ) { $oFields->first(); while ( !$oFields->eof() ) { $aUserFields[$oFields->get_field( 'id' )] = $this->m_aTemplateVars['field_'.$oFields->get_field( 'name' )]; $oFields->next(); } } $oRoles = $this->m_oRole->getRoles(); if ( is_object( $oRoles ) ) { while ( !$oRoles->eof() ) { if ( in_post( 'role_'.$oRoles->get_field( 'id' ) ) ) $aUserRoles[] = $oRoles->get_field( 'id' ); $oRoles->next(); } } //print_r($aUserRoles); if ( $iUserID == $this->m_aUserData['id_member'] || $iUserID == 1){ $aUserRoles=null; } if ( !$this->updateUser( $iUserID, $aUserInfo, $aUserFields, $aUserRoles ) ) $this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( $this->get_last_error() ); else $this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User&id_member='.$iUserID.'&modified' ); } } else $this->m_aTemplateVars['module_errors'] = CValidator::get_errors(); return TRUE; } function check_install() { foreach ( $this->m_aTables as $sKey => $sValue ) { $sQuery = 'SHOW TABLES LIKE "%prefix%'.$sValue.'"'; $oRS = $this->m_oDataBase->select_custom_sql( $sQuery ); if ( !is_object( $oRS ) || $oRS->eof() ) return FALSE; } return TRUE; } function install() { foreach ( $this->m_aTables as $sKey => $sValue ) $this->m_oDataBase->internalQuery( 'DROP TABLE IF EXISTS %prefix%'.$sValue ); $this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['statuses'].' ( id_status int AUTO_INCREMENT NOT NULL, name varchar(64) NOT NULL, PRIMARY KEY ( id_status ) ) ' ); $this->m_oDataBase->internalQuery( 'INSERT INTO %prefix%'.$this->m_aTables['statuses'].' ( id_status, name ) VALUES ( 1, "Current" ), ( 2, "Inactive" )' ); $this->m_oDataBase->internalQuery( "CREATE TABLE %prefix%".$this->m_aTables['users']." ( `id_member` int(11) NOT NULL auto_increment, `id_group` int(10) unsigned NOT NULL, `id_status` int(10) unsigned NOT NULL, `login` varchar(64) NOT NULL, `password` varchar(100) NOT NULL, `email` varchar(255) NOT NULL, `reg_time` int(10) unsigned NOT NULL, `lang_id` int(10) unsigned NOT NULL default '1', `theme` int(10) unsigned NOT NULL default '0', PRIMARY KEY (`id_member`), KEY `id_status` (`id_status`,`id_group`,`lang_id`) ) ENGINE=MyISAM DEFAULT CHARSET=cp1251 "); $this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['roles'].' ( id_role int AUTO_INCREMENT NOT NULL, name varchar(64) NOT NULL, code varchar(64) NOT NULL, description text, status smallint(5) UNSIGNED NOT NULL, PRIMARY KEY ( id_role ), UNIQUE INDEX ( code ), KEY ( status ) ) ENGINE=MyISAM DEFAULT CHARSET=cp1251 ' ); $this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['groups'].' ( id_group int AUTO_INCREMENT NOT NULL, name varchar(64), description text, status smallint(5) UNSIGNED NOT NULL, PRIMARY KEY ( id_group ), KEY ( status ) ) ENGINE=MyISAM DEFAULT CHARSET=cp1251 ' ); $this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['fields'].' ( id_field int AUTO_INCREMENT NOT NULL, name varchar(64) NOT NULL, type smallint(5) UNSIGNED NOT NULL, status smallint(5) UNSIGNED NOT NULL, PRIMARY KEY ( id_field ), KEY ( status ) ) ENGINE=MyISAM DEFAULT CHARSET=cp1251 ' ); $this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['field2group'].' ( id_group int NOT NULL, id_field int NOT NULL, required smallint(5) UNSIGNED NOT NULL, visible smallint(5) UNSIGNED NOT NULL, PRIMARY KEY ( id_group, id_field ), KEY ( visible ) ) ENGINE=MyISAM DEFAULT CHARSET=cp1251 ' ); $this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['field2user'].' ( id_member int NOT NULL, id_field int NOT NULL, value TEXT NOT NULL, PRIMARY KEY ( id_member, id_field ) ) ENGINE=MyISAM DEFAULT CHARSET=cp1251 ' ); $this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['user2role'].' ( id_role int NOT NULL, id_member int NOT NULL, PRIMARY KEY ( id_role, id_member ) ) ENGINE=MyISAM DEFAULT CHARSET=cp1251 ' ); return TRUE; } // Old functions for compatibility with old LLA version function is_logged( $iRoleID = 0 ) { return $this->isLogged( $iRoleID ); } function get_last_error() { return $this->getLastError(); } function get_by_id( $iID ) { return $this->getByID( $iID ); } function set_logged_vars( &$tv ) { return $this->setLoggedVars( $tv ); } function set_user_from_db( $rs ) { return $this->setUserFromDB( $rs ); } function fetch_( $query, $param, $what = 1 ) { $param = trim( $param ); $par_expl = explode( ',', $param ); $row_set = $this->m_oDataBase->select_custom_sql( $query ); if ( !is_object($row_set) || !$row_set->get_record_count() ) { return; } if ( $what == '1' ) { if ( count( $par_expl ) > 1 ) { while ( list( , $val ) = each( $par_expl ) ) { $ret_array[$val] = $row_set->get_field( $val ); } return $ret_array; } else { return $row_set->get_field( $param ); } } elseif ( $what == 'all' ) { for( $x = 0;$x < $row_set->get_record_count();$x++ ) { if ( count( $par_expl ) > 1 ) { for($i=0;$iget_field( $par_expl[$i] ); } //return $array; } else { $array[] = $row_set->get_field( $param ); } $row_set->next(); } } else { return; } return $array; } } class CGroup { var $m_oApplication = NULL; var $m_oDataBase = NULL; var $m_aTemplateVars = array(); var $sLastError = ''; var $m_aTables = array(); var $m_iGroupID = 0; function CGroup( &$oApp, $iGroupID = 0 ) { $this->m_oApplication =&$oApp; $this->m_aTemplateVars =&$oApp->template_vars; $this->m_oDataBase =&$oApp->DataBase; $this->m_aTables = array( 'users' => 'me_members', 'groups' => 'me_groups', 'fields' => 'me_fields', 'roles' => 'me_roles', 'field2group' => 'me_field2group', ); $this->m_iGroupID = intval( $iGroupID ); } function createGroup( $aInfo, $aFieldsID = array(), $aRequiredFieldsID = array(), $aVisibleFieldsID = array() ) { $aInsert = array( 'name' => $aInfo['name'], 'description' => $aInfo['description'], 'status' => isset( $aInfo['status'] ) ? 1 : 0, ); $iGroupID = $this->m_oDataBase->insert_sql( $this->m_aTables['groups'], $aInsert ); if ( $iSize = sizeOf( $aFieldsID ) ) { for ( $i = 0; $i < $iSize; $i++ ) $this->addField( $aFieldsID[$i], in_array( $aFieldsID[$i], $aRequiredFieldsID ), in_array( $aFieldsID[$i], $aVisibleFieldsID ), $iGroupID ); } return $iGroupID; } function deleteGroup( $iGroupID = 0 ) { if ( !intval( $iGroupID ) ) { $iGroupID = $this->m_iGroupID; $this->m_iGroupID = 0; } if ( !$iGroupID ) return FALSE; $this->m_oDataBase->delete_sql( $this->m_aTables['field2group'], array( 'id_group' => $iGroupID ) ); return $this->m_oDataBase->delete_sql( $this->m_aTables['groups'], array( 'id_group' => $iGroupID ) ); } function addField( $iFieldID, $bRequired = TRUE, $bVisible = TRUE, $iGroupID = 0 ) { if ( !intval( $iGroupID ) ) $iGroupID = $this->m_iGroupID; if ( !$iGroupID ) return FALSE; if ( !( $iFieldID = intval( $iFieldID ) ) ) return FALSE; return $this->m_oDataBase->insert_sql( $this->m_aTables['field2group'], array( 'id_group' => $iGroupID, 'id_field' => $iFieldID, 'required' => $bRequired, 'visible' => $bVisible ) ); } function deleteField( $iFieldID, $iGroupID = 0 ) { if ( !intval( $iGroupID ) ) $iGroupID = $this->m_iGroupID; if ( !$iGroupID ) return FALSE; if ( !( $iFieldID = intval( $iFieldID ) ) ) return FALSE; return $this->m_oDataBase->delete_sql( $this->m_aTables['field2group'], array( 'id_field' => $iFieldID, 'id_group' => $iGroupID ) ); } function getFields( $iGroupID = 0, $bVisible = FALSE ) { if ( !intval( $iGroupID ) ) $iGroupID = $this->m_iGroupID; if ( !$iGroupID ) return FALSE; if ( !isset( $this->m_aFields[$iGroupID] ) ) { $sQuery = 'SELECT f.id_field AS id, f.name, f.type, ftg.required, ftg.visible FROM %prefix%'.$this->m_aTables['fields'].' f INNER JOIN %prefix%'.$this->m_aTables['field2group'].' ftg ON ( f.id_field = ftg.id_field ) INNER JOIN %prefix%'.$this->m_aTables['groups'].' g ON ( ftg.id_group = g.id_group ) WHERE f.status = 1 AND g.id_group = '.$iGroupID; if ( $bVisible ) $sQuery .= ' AND ftg.visible = 1'; $this->m_aFields[$iGroupID] = $this->m_oDataBase->select_custom_sql( $sQuery ); } return $this->m_aFields[$iGroupID]; } function getGroups() { if ( !isset( $this->m_aGroups ) ) $this->m_aGroups = $this->m_oDataBase->select_custom_sql( 'SELECT id_group AS id, name, description, status FROM %prefix%'.$this->m_aTables['groups'] ); $this->m_aGroups->first(); return $this->m_aGroups; } function getGroup( $iGroupID = 0 ) { if ( !intval( $iGroupID ) ) $iGroupID = $this->m_iGroupID; if ( !$iGroupID ) return FALSE; if ( !isset( $this->m_aGroup[$iGroupID] ) ) $this->m_aGroup[$iGroupID] = $this->m_oDataBase->select_custom_sql( 'SELECT * FROM %prefix%'.$this->m_aTables['groups'].' WHERE id_group = '.$iGroupID ); return $this->m_aGroup[$iGroupID]; } } class CField { var $m_oApplication = NULL; var $m_oDataBase = NULL; var $m_aTemplateVars = array(); var $sLastError = ''; var $m_aTables = array(); var $m_iFieldID = 0; function CField( &$oApp, $iFieldID = 0 ) { $this->m_oApplication =&$oApp; $this->m_aTemplateVars =&$oApp->template_vars; $this->m_oDataBase =&$oApp->DataBase; $this->m_aTables = array( 'groups' => 'me_groups', 'fields' => 'me_fields', 'field2group' => 'me_field2group', ); $this->m_iFieldID = intval( $iFieldID ); } function createField( $aInfo ) { $this->m_oDataBase->insert_sql( $this->m_aTables['fields'], $aInfo ); return $this->m_oDataBase->get_last_id(); } function deleteField( $iFieldID = 0 ) { if ( !intval( $iFieldID ) ) { $iFieldID = $this->m_iFieldID; $this->m_iFieldID = 0; } if ( !$iFieldID ) return FALSE; $this->m_oDataBase->delete_sql( $this->m_aTables['field2group'], array( 'id_field' => $iFieldID ) ); return $this->m_oDataBase->delete_sql( $this->m_aTables['fields'], array( 'id_field' => $iFieldID ) ); } } class CRole { var $m_oApplication = NULL; var $m_oDataBase = NULL; var $m_aTemplateVars = array(); var $sLastError = ''; var $m_aTables = array(); var $m_iRoleID = 0; function CRole( &$oApp, $iRoleID = 0 ) { $this->m_oApplication =&$oApp; $this->m_aTemplateVars =&$oApp->template_vars; $this->m_oDataBase =&$oApp->DataBase; $this->m_aTables = array( 'users' => 'me_members', 'roles' => 'me_roles', 'user2role' => 'me_member2role', ); $this->m_iRoleID = intval( $iRoleID ); } function createRole( $aInfo ) { $aInsert = array( 'name' => $aInfo['name'], 'code' => $aInfo['code'], 'description' => $aInfo['description'], 'status' => isset( $aInfo['status'] ) ? 1 : 0, ); $this->m_oDataBase->insert_sql( $this->m_aTables['roles'], $aInsert ); return $this->m_oDataBase->get_last_id(); } function deleteRole( $iRoleID = 0 ) { if ( !intval( $iRoleID ) ) { $iRoleID = $this->m_iRoleID; $this->m_iRoleID = 0; } if ( !$iRoleID ) return FALSE; $this->m_oDataBase->delete_sql( $this->m_aTables['user2role'], array( 'id_role' => $iRoleID ) ); return $this->m_oDataBase->delete_sql( $this->m_aTables['groups'], array( 'id_role' => $iRoleID ) ); } function addUser( $iUserID, $iRoleID = 0 ) { if ( !intval( $iRoleID ) ) $iRoleID = $this->m_iRoleID; if ( !$iRoleID ) return FALSE; if ( !( $iUserID = intval( $iUserID ) ) ) return FALSE; return $this->m_oDataBase->insert_sql( $this->m_aTables['user2role'], array( 'id_role' => $iRoleID, 'id_member' => $iUserID ) ); } function deleteUser( $iUserID, $iRoleID = 0 ) { if ( !intval( $iRoleID ) ) $iRoleID = $this->m_iRoleID; if ( !$iRoleID ) return FALSE; if ( !( $iUserID = intval( $iUserID ) ) ) return FALSE; return $this->m_oDataBase->delete_sql( $this->m_aTables['user2role'], array( 'id_member' => $iGroupID, 'id_role' => $iRoleID ) ); } function getRoles() { if ( !isset( $this->m_oRoles ) ) $this->m_oRoles = $this->m_oDataBase->select_custom_sql( 'SELECT id_role AS id, name, code, description FROM %prefix%'.$this->m_aTables['roles'] ); $this->m_oRoles->first(); return $this->m_oRoles; } } ?>