template_vars['404_error'];
die ( $sError );
}
@header('Status: 500 Server Error');
if (function_exists('debug_backtrace')){
$db = debug_backtrace();
$db_text = '';
for ($i=sizeof($db); $i>0; $i--) $db_text .= ' on line '.( (isset($db[$i-1]['line']))?($db[$i-1]['line']):('?') ).' of file '.( (isset($db[$i-1]['file']))?($db[$i-1]['file']):('?') ).''.BR;
} else $db_text = ' - debug backtrace is not available';
if (func_num_args() > 0){
$text = htmlspecialchars(strval(func_get_arg(0)));
if (func_num_args()> 1) $text = '' . htmlspecialchars(strval(func_get_arg(1))) . ': '.$text;
} else $text = 'Unnamed system error';
echo 'System error: '.$text.BR.BR.$db_text.'
';
$GLOBALS['GlobalDebugInfo']->OutPut();
die();
}
function regexp_escape($str)
{
return preg_quote($str, '/');
}
/*
function get_url([page_url[, acc_arr[, keep_old_arg[, https[, always_add]]]]])
string page_url - url of the page in form /root path/sub_path/name.ext or NULL to the current page
array acc_ar - map of GET method attributes
bool keep_old_arg - set to keep old GET attributes
bool https - create url with https protocol
bool always_add - always create full path info
*/
function get_url($page_url=null, $acc_arr = array(), $keep_old_arg = true, $https = false, $always_add = false){
global $SiteUrl, $HTTPSSiteUrl;
global $HttpName, $HttpPort, $SHttpName, $SHttpPort;
global $RootPath, $ssl_root;
if (is_null($page_url)) $page_url = $_SERVER['PHP_SELF'];
if (preg_match('/^http/', $page_url)) return $page_url;
if (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on'))
$page_url = preg_replace('/^'.regexp_escape($ssl_root).'/', '', $page_url);
else
$page_url = preg_replace('/^'.regexp_escape($RootPath).'/', '', $page_url);
$page_url = preg_replace('/^'.regexp_escape('/').'/', '', $page_url);
$url = '';
if ($https) $url .= $SHttpName . ':' . '//' . $HTTPSSiteUrl . ':' . $SHttpPort;
elseif (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on') || $always_add) $url .= $HttpName . ':' . '//' . $SiteUrl . ':' . $HttpPort;
if ($https) $url .= $ssl_root;
else $url .= $RootPath;
$url .= $page_url;
if (!is_array($acc_arr)) system_die();
if ($keep_old_arg) $acc_arr = array_merge($_GET, $acc_arr);
if (sizeof($acc_arr)> 0){
$c = '?';
foreach ($acc_arr as $key => $val){
$url .= $c . $key . '=' . urlencode($val);
$c = '&';
}
}
return $url;
}
function in_post($name){for ($i=0; $i>6)+192).chr(($num&63)+128);
if ($num<65536) return chr(($num>>12)+224).chr((($num>>6)&63)+128).chr(($num&63)+128);
if ($num<2097152) return chr(($num>>18)+240).chr((($num>>12)&63)+128).chr((($num>>6)&63)+128).chr(($num&63)+128);
return '';
}
function utf16parse($t)
{
$t = preg_replace('/\&\#([0-9]+)\;/me', "((\\1>255)?(utf8_decode(code2utf(\\1))):('&#\\1;'))", $t);
return $t;
}
require_once(((get_magic_quotes_gpc())?(dirName(__FILE__).'/_in.quote.php'):('_in.php')));
function SetCacheVar($VarName, $Value, $CachId = 'common') {
if (!strlen($CachId)){ return; }
if (is_array($Value)) $_SESSION['cache'][$CachId] = array_merge($_SESSION['cache'][$CachId], $Value);
else $_SESSION['cache'][$CachId][$VarName] = $Value;
}
// set variables in template_vars ($tv) to values from array or CRecordSet(current row) or CRecordSetRow
function row_to_vars(&$row, &$tv, $create_array = false, $prefix=''){
if ($create_array) $tv = array();
if (is_array($row)) foreach ($row as $k => $v) $tv[$prefix.$k] = $v;
if (strcasecmp(get_class($row), 'CRecordSet')==0) foreach ($row->Fields as $v) $tv[$prefix.$v] = $row->get_field($v);
if (strcasecmp(get_class($row), 'CRecordSetRow')==0) foreach ($row->Fields as $k => $v) $tv[$prefix.$k] = $v;
}
// set variables in template_vars ($tv) to values from CRecordSet
function recordset_to_vars(&$rs, &$tv, $counter_varname, $prefix='', $ovewrite_tv = true){
if ($rs === false) {$tv[$counter_varname] = 0;return false;}
if ( ($ovewrite_tv) || (!isset($tv[$counter_varname])) ) $tv[$counter_varname] = 0;
$tv[$counter_varname] += $rs->get_record_count();
$rs->first();
foreach ($rs->Fields as $v) if ( ($ovewrite_tv) || ((isset($tv[$prefix.$v])) && (!is_array($tv[$prefix.$v]))) ) $tv[$prefix.$v] = array();
while (!$rs->eof()) {
foreach ($rs->Fields as $v) $tv[$prefix.$v][] = $rs->get_field($v);
$rs->next();
}
}
function recordset_to_vars_callback(&$rs, &$tv, $counter_varname, $cb = '', $prefix='', $data=null, $ovewrite_tv = true){
if ( $rs === false ) {$tv[$counter_varname]=0;return false;}
if ( ($ovewrite_tv) || (!isset($tv[$counter_varname])) ) $tv[$counter_varname] = 0;
$tv[$counter_varname] += $rs->get_record_count();
$rs->first();
foreach ($rs->Fields as $v) {if ($ovewrite_tv || !isset($tv[$prefix.$v])) $tv[$prefix.$v] = array();}
while (!$rs->eof()) {
foreach ($rs->Fields as $v) $tv[$prefix.$v][] = $rs->get_field($v);
call_user_func($cb, $tv, $rs->get_row(), $prefix, $rs->current_row, $data);
$rs->next();
}
}
function arr_val($arr, $key_val, $def_val = '') {
if (is_array($arr) && isset($arr[$key_val])) return $arr[$key_val];
else return $def_val;
}
// should be used instead of print_r
function print_arr() {
$arg_list = func_get_args();echo '';
foreach ($arg_list as $v) {
print_r($v); echo "\n";}
echo '';}
// more convinient output
function echox ($text = ''){echo $text.BR."\n";}
function is_index(){
for ($i=0; $i0);}
function save_file_to_folder($post_var_name, $folder)
{
$p = $GLOBALS['FilePath'];
if ( (substr($folder, -1) != '/') && (substr($folder, -1) != '\\') )
$folder .= '/';
$folder = str_replace('\\', '/', $folder);
$a = explode('/', $folder);
if (!is_dir($p)) {
@mkdir($p, 0777);
@chmod($p, 0777);
}
foreach ($a as $v)
if (strlen($v)) {
$p .= ($v .'/');
if (!@is_dir($p)) {
@mkdir($p, 0777);
@chmod($p, 0777);
}
}
$folder = $GLOBALS['FilePath'] . $folder;
if (@file_exists($folder . $_FILES[$post_var_name]['name']))
{
@chmod($folder . $_FILES[$post_var_name]['name'], 0777);
@unlink($folder . $_FILES[$post_var_name]['name']);
}
if (@move_uploaded_file($_FILES[$post_var_name]['tmp_name'], $folder . $_FILES[$post_var_name]['name']))
return $_FILES[$post_var_name]['name'];
else
return false;
}
function compare($str1, $str2){
if ( strcasecmp($str1, $str2)===0) return true; else return false;
}
if ( !function_exists( 'mime_content_type' ) ) {
function mime_content_type( $sFileName ) {
$aMimeTypes = array (
'js' => 'application/x-javascript',
'pdf' => 'application/pdf',
'rtf' => 'application/rtf',
'tar' => 'application/x-tar',
'zip' => 'application/zip',
'wav' => 'application/x-wav',
'src' => 'application/x-wais-source',
'bin' => 'application/octet-stream',
'rdf' => 'application/rdf+xml',
'mif' => 'application/vnd.mif',
'xls' => 'application/vnd.ms-excel',
'doc' => 'application/vnd.ms-word',
'ppt' => 'application/vnd.ms-powerpoint',
'vcd' => 'application/x-cdlink',
'csh' => 'application/x-csh',
'dvi' => 'application/x-dvi',
'swf' => 'application/x-shockwave-flash',
'xslt' => 'application/xslt+xml',
'xml' => 'application/xml',
'xsl' => 'application/xml',
'dtd' => 'application/xml-dtd',
'rm' => 'application/vnd.rn-realmedia',
'bmp' => 'image/bmp',
'cgm' => 'image/cgm',
'png' => 'image/png',
'wbmp' => 'image/vnd.wap.wbmp',
'ico' => 'image/x-icon',
'ief' => 'image/ief',
'jpeg' => 'image/jpeg',
'jpg' => 'image/jpeg',
'jpe' => 'image/jpeg',
'gif' => 'image/gif',
'tif' => 'image/tiff',
'tiff' => 'image/tiff',
'pbm' => 'image/x-portable-bitmap',
'pgm' => 'image/x-portable-graymap',
'ppm' => 'image/x-portable-pixmap',
'rgb' => 'image/x-rgb',
'xbm' => 'image/x-xbitmap',
'xpm' => 'imaqe/x-xpixrnap',
'xwd' => 'image/x-xwindowdump',
'midi' => 'audio/midi',
'mid' => 'audio/midi',
'kar' => 'audio/midi',
'mp3' => 'audio/mpeg',
'mp2' => 'audio/mpeg',
'mpga' => 'audio/mpeg',
'm3u' => 'audio/x-mpegurl',
'aif' => 'audio/x-aiff',
'aiff' => 'audio/x-aiff',
'aifc' => 'audio/x-aiff',
'ram' => 'audio/x-pn-realaudio',
'rm' => 'audio/x-pn-realaudio',
'css' => 'text/css',
'asc' => 'text/plain',
'htm' => 'text/html',
'html' => 'text/html',
'txt' => 'text/plain',
'rtx' => 'text/richtext',
'tsv' => 'text/tab-separated-values',
'ext' => 'text/x-setext',
'avi' => 'video/x-msvideo',
'mpg' => 'video/mpeg',
'mpeg' => 'video/mpeg',
'mpe' => 'video/mpeg',
'qt' => 'video/quicktime',
'mov' => 'video/quicktime',
'qvi' => 'video/x-msvideo',
'movie' => 'video/x-sgi-movie',
);
$aPath = pathInfo( $sFileName );
$sExt = strToLower( $aPath['extension'] );
return isset( $aMimeTypes[$sExt] ) ? $aMimeTypes[$sExt] : 'application/octet-stream';
}
}
?>Application = &$GLOBALS['app'];
$GLOBALS['pt_template_factory']->register(strtolower($name), (!is_null($object_id))?strtolower($object_id):null, $this);
$this->object_name = $name;
$this->object_id = $object_id;
$this->input_vars = array();
$this->html_page = &$this->Application->CurrentPage;
$this->html_page->m_Controls[] = &$this;
}
function parse_vars($vars_str) {
$this->input_vars = array();
$matches = array();
preg_match_all(PT_CONTROL_VARS, $vars_str, $matches);
foreach($matches[1] as $key => $val)
if (!isset($this->input_vars[strtolower($val)]))
$this->input_vars[strtolower($val)] = CUtils::entitiesToString($matches[2][$key]);
else
if (is_array($this->input_vars[strtolower($val)]))
$this->input_vars[strtolower($val)][] = CUtils::entitiesToString($matches[2][$key]);
else
{
$a = array($this->input_vars[strtolower($val)]);
$this->input_vars[strtolower($val)] = $a;
$this->input_vars[strtolower($val)][] = CUtils::entitiesToString($matches[2][$key]);
}
}
function in_input_vars($name) {
return array_key_exists($name, $this->input_vars);
}
function get_input_var($name, $default = '') {
$name = strtolower($name);
return ( (isset($this->input_vars[$name]))?($this->input_vars[$name]):($default) );
}
function add_comments(&$var) {
return "\n\n\n" . $var . "\n\n\n\n";
}
function mark_var($var_name) {
$result = $this->object_name . '_';
if (!is_null($this->object_id))
$result .= $this->object_id . '_';
return $result . $var_name;
}
function on_page_init() {}
function process() {
system_die('pure virtual function call in ' . $this->control_name);
}
function input_vars_to_array(&$tv) {
foreach ($this->input_vars as $k => $v)
$tv[$k] = $v;
}
}
/*
--------------------------------------------------------------------------------
Class CTemplate v 1.9.15
History:
v 1.9.15 - js escaping fixed (LA)
v 1.9.14 - bug with for-process counters output fixed (ANDY)
v 1.9.13 - on_page_init for controls added (LA)
v 1.9.12 - < %^var% > now works as ' js escaping (LA, PERSON)
v 1.9.11 - huge ugly bug fixed (LA, ANDY)
v 1.9.10 - support for url encoding (LA) < %+var% >
v 1.9.9 - for-process counters output added - use "< %$% >" (ANDY)
v 1.9.8 - array parsing optimized (ANDY)
array symbol replaced with "@" (ANDY)
v 1.9.7 - parse array, variable name like "array.key" (PERSON)
v 1.9.6 - error message contains filename of the template now (ANDY)
small bug in errors output fixed (ANDY)
v 1.9.5 - name of controls now are in lower case (LA)
v 1.9.4 - parse_string static method added (LA)
v 1.9.3 - invalid nesting shows notice now (ANDY)
v 1.9.2 - ternary conditional tags support added (ANDY)
v 1.9.1 - ":" symbol in variable names not allowed any more. use '.' or '_' instead
v 1.9.0 - multiple controls parsing in line with variables (ANDY)
"@" sign in comments replaced with "*" (ANDY)
show_notice metod changed (ANDY)
v 1.8.6 - control can be anywhere in line (LA)
v 1.8.5 - negation processing in IF statements (ANDY)
v 1.8.4 - CObject as parent added, DebugInfo support (LA)
v 1.0.0 - 1.8.3 losted in time ;)
v 1.0.0 - created (ANDY)
-------------------------------------------------------------------------------
1st sample of using:
define('PT_DEBUG_MODE', true);
define('PT_COMPRESSED_MODE', true);
$tpl = & new CTemplate();
$tpl->set_var('your_var1', 2);
$tpl->vars['your_var1'] = array();
$tpl->vars['your_var2'][0] = 'sample1';
$tpl->vars['your_var2'][1] = 'sample2';
$tpl->set_var('your_var2', 'sample3', 2);
$tpl->load_file('templates/your_template.tpl');
$tpl->show_parsed();
2nd sample of using:
echo CTemplate::parse_string("template string", array of template vars);
echo CTemplate::parse_file("file name to custom template", array of template vars);
--------------------------------------------------------------------------------
*/
// template syntax definition (in regular expressions)
define('PT_START_TAGS', '/^[ \t]*<% *(IF|FOR) +(!)?([a-z\_]+[a-z\_0-9\.]*) *%>/i');
define('PT_END_TAGS', '/^[ \t]*<%\/ *(IF|FOR) *%>/i');
define('PT_MIDDLE_TAGS', '/^[ \t]*<% *(ELSE) *%>/i');
define('PT_VARIABLE_TAGS', '/<%([=#\^\+]+) *([a-z\_]+[a-z\_0-9\/\.]*)(@([a-z\_]+[a-z\_0-9\.]*))? *%>/i');
define('PT_TERNARY_TAGS', '/<% *(!)?([a-z\_]+[a-z\_0-9\.]*) *\? *(#?)([a-z\_]+[a-z\_0-9\.@]*) *: *(#?)([a-z\_]+[a-z\_0-9\.@]*) *%>/i');
define('PT_CONTROL_TAGS', '/<% *IT *: *([a-z\_]+[a-z\_0-9]*)(\. *([a-z\_0-9]*) *)?( +((.(?!%>))*))? *\/%>/i');
define('PT_COMMENT_TAGS', '/<%\* *([^>]*) *\/%>/i');
define('PT_COUNTER_TAGS', '/<% *\$ *%>/i');
// process types definition - DO NOT CHANGE!
define('PT_ROOT', 0);
define('PT_IF', 1);
define('PT_FOR', 2);
define('PT_SILENT_IF', 3);
define('PT_SILENT_FOR', 4);
define('PT_FALSE_IF', 5);
/**
* @package LLA.Base
*/
class CTemplate {
var $vars; // template vars (array)
var $template; // template (array)
var $result; // the result of template parsing (string)
var $debug_mode; // debug mode - define PT_DEBUG_MODE to "true" before creating Template for debug mode
var $compressed_mode; // compressed mode - define PT_COMPRESSED_MODE to "true" before creating Template for compressed output
var $filename;// filename of the
var $system_vars;
var $Registry;
/*
--------------------------------------------------------------------------------
Template(void) - Object constructor
Define PT_DEBUG_MODE constant to "true" before creating Template for debug mode.
Define PT_COMPRESSED_MODE constant to "true" before creating Template for compressed output.
--------------------------------------------------------------------------------
*/
function CTemplate(){
$this->vars = array();
$this->template = array();
$this->debug_mode = true;
if (defined('PT_COMPRESSED_MODE') && PT_COMPRESSED_MODE) $this->compressed_mode = true;
else $this->compressed_mode = false;
if ($GLOBALS['app']->is_module('Registry'))
$this->Registry = &$GLOBALS['app']->get_module('Registry');
$this->system_vars = array('cycle_nesting' => -1, 'cycle_counters' => array());
}
/*
--------------------------------------------------------------------------------
load_file(string _path) - loading template from file
Where _path is a valid path to the template file (like "templates/your_template.tpl").
--------------------------------------------------------------------------------
*/
function load_file($path){
if (!file_exists($path)) system_die('File reading error - "' . $path . '"', 'Template->load_file');
$this->template = @file($path);
unset($this->result);
$this->filename = $path;
}
/*
--------------------------------------------------------------------------------
load_array(array _template) - loading template from array
Where _template is a valid array variable with template.
--------------------------------------------------------------------------------
*/
function load_array(&$array){ // loading template from array
if (!is_array($array)) system_die('Invalid variable set (must be array)', 'Template->load_array');
$this->template = $array;
unset($this->result);
unset($this->filename);
}
/*
--------------------------------------------------------------------------------
load_string(string _template) - loading template from array
Where _template is a valid string variable with template.
--------------------------------------------------------------------------------
*/
function load_string(&$string){ // loading template from string
$this->template = array();
foreach (preg_split('/\r?\n/', $string) as $tmp) array_push($this->template, $tmp."\n");
unset($this->result);
unset($this->filename);
}
/*
--------------------------------------------------------------------------------
show_parsed(void) - parsing template (if needed) and showing the result of parsing
--------------------------------------------------------------------------------
*/
function show_parsed(){ // parsing template (if needed) and showing the result of parsing
if (isset($this->result)) echo $this->result;
else {
$this->parse();
echo $this->result;
}
}
/*
--------------------------------------------------------------------------------
show_notice(string _msg) - system method for message output in debug mode
--------------------------------------------------------------------------------
*/
function show_notice($msg, $type = 0){
if ($this->debug_mode) {
switch ($type) {
case 1: $msg = 'unknown template variable ' . $msg . ''; break;
case 2: $msg = 'unknown template control ' . $msg . ''; break;
case 3: $msg = 'invalid nesting - ' . $msg . ''; break;
case 4: $msg = 'invalid array variable - ' . $msg . ''; break;
}
$GLOBALS['GlobalDebugInfo']->Write('Template Notice: ' . $msg);
}
}
/*
--------------------------------------------------------------------------------
set_var(string _name, mixed _value[, int _nesting]) - easy way to set up template variables
Where _name is the name of template variable and _value is variables's value.
Use _nesting in case of your template variable is array.
The following strings are the same:
$tpl->set_var('your_var1', 2, 1);
$tpl->vars['your_var1'][1] = 2;
--------------------------------------------------------------------------------
*/
function set_var($name, $value){ // set the template variable
if (func_num_args()> 2){
if (!$this->in_vars($name)) $this->vars[$name] = array();
$this->vars[$name][func_get_arg(2)] = $value;
} else $this->vars[$name] = $value;
}
/*
--------------------------------------------------------------------------------
unset_var(string _name) - unset the template variable
where _name is the name of template variable
--------------------------------------------------------------------------------
*/
function unset_var($name){ // unset the template variable
if (isset($this->vars[$name])) unset($this->vars[$name]);
}
/*
--------------------------------------------------------------------------------
bool in_vars(string _name) - determine whether a variable is set
where _name is the name of template variable
returns TRUE if _name exists and FALSE otherwise.
--------------------------------------------------------------------------------
*/
function in_vars($name){ // check the template variable
return array_key_exists($name, $this->vars);
}
/*
--------------------------------------------------------------------------------
bool is_nested_var(string _name) - system method
--------------------------------------------------------------------------------
*/
function is_nested_var($name){ // SYSTEM FUNCTION - DO NOT USE!
$curr_var = $this->vars[$name];
for($c = 0; $c <= $this->system_vars['cycle_nesting']; $c++){
if (!is_array($curr_var) || !isset($curr_var[$this->system_vars['cycle_counters'][$c]])) return false;
$curr_var = $curr_var[$this->system_vars['cycle_counters'][$c]];
}
return true;
}
/*
--------------------------------------------------------------------------------
mixed get_nested_var(string _name) - system method
--------------------------------------------------------------------------------
*/
function get_nested_val($name){ // SYSTEM FUNCTION - DO NOT USE!
$curr_var = $this->vars[$name];
for($c = 0; $c <= $this->system_vars['cycle_nesting']; $c++)
$curr_var = $curr_var[$this->system_vars['cycle_counters'][$c]];
if (is_array($curr_var)){
$this->show_notice($name, 3);
$curr_var = 'INVALID';
}
return $curr_var;
}
/*
--------------------------------------------------------------------------------
mixed get_var_val(string _name) - system method
--------------------------------------------------------------------------------
*/
function get_var_val($name){ // SYSTEM FUNCTION - DO NOT USE!
if (!$this->in_vars($name)) system_die('Invalid variable name - "' . $name . '"', 'Template->get_var_val');
if (!is_array($this->vars[$name])) return $this->vars[$name]; // common variable
elseif ($this->is_nested_var($name)) return $this->get_nested_val($name); // array with valid nesting
else { // array with invalid nesting
$keys = array_keys($this->vars[$name]);
return $this->vars[$name][$keys[0]];
}
}
/*
--------------------------------------------------------------------------------
parse(void) - template parsing (without output)
--------------------------------------------------------------------------------
*/
function parse(){ // parsing template
$loop_count = -1;
if (func_num_args()>= 1){
$proc_type = func_get_arg(0);
//if (!in_array($proc_type, array(PT_ROOT, PT_IF, PT_FOR, PT_SILENT_IF, PT_SILENT_FOR, PT_FALSE_IF))) system_die('Invalid process type', 'Template->parse');
} else {
$proc_type = PT_ROOT;
unset($this->result);
}
if (func_num_args()> 1){
$curr_pos = intval(func_get_arg(1));
if (($proc_type == PT_FOR) && (func_num_args() < 3)) system_die('Undefined loop count (FOR process)', 'Template->parse');
if (func_num_args()> 2) $loop_count = intval(func_get_arg(2));
}
else
$curr_pos = 0;
$succ_mode = false;
while ($curr_pos < sizeof($this->template)){
$line = $this->template[$curr_pos]; // current line
$line = preg_replace(PT_COMMENT_TAGS, '', $line); // Remove comments
if (preg_match(PT_START_TAGS, $line, $result)){ // this line contains one of the START tags
$result[1] = strtoupper($result[1]);
if ($result[1] == 'FOR'){
if (!$this->in_vars($result[3]) && ($proc_type < PT_SILENT_IF)){ // invalid FOR variable
$error_msg = 'Invalid FOR statement counter named "'.$result[3].'"';
break;
} else {
if ($proc_type <= PT_FOR) $count = intval($this->get_var_val($result[3]));
$this->system_vars['cycle_nesting']++;
$nesting_saver = $this->system_vars['cycle_nesting'];
if ($proc_type> PT_FOR) $last_pos = $this->parse(PT_SILENT_FOR, $curr_pos + 1, 0); // create invisible FOR process
else {
if ($count == 0) $last_pos = $this->parse(PT_SILENT_FOR, $curr_pos + 1, 0); // create invisible FOR process
else {
for ($c = 0; $c < $count; $c++){
$this->system_vars['cycle_counters'][$nesting_saver] = $c;
$this->system_vars['cycle_nesting'] = $nesting_saver;
$last_pos = $this->parse(PT_FOR, $curr_pos + 1, $c); // create visible FOR process in loop
}
}
}
$curr_pos = $last_pos;
}
} else { // this line is IF opening tag
if (!$this->in_vars($result[3]) && ($proc_type < PT_SILENT_IF)){
$error_msg = 'Invalid IF statement variable named "'.$result[3].'"';
break;
} else {
if ($proc_type>PT_FOR) $curr_type = PT_SILENT_IF;
else {
$var = (bool)$this->get_var_val($result[3]);
if (strlen($result[2])> 0) $var = !$var;
$curr_type = ($var)?PT_IF:PT_FALSE_IF;
}
if ($loop_count!=-1) $curr_pos = $this->parse($curr_type, $curr_pos+1, $loop_count); // create new IF process inside the loop
else $curr_pos = $this->parse($curr_type, $curr_pos+1); // create new IF process
}
}
} elseif(preg_match(PT_END_TAGS, $line, $result)){
$result[1] = strtoupper($result[1]);
if (((($proc_type == PT_FOR) || ($proc_type == PT_SILENT_FOR)) && ($result[1] == 'FOR')) || ((($proc_type == PT_IF) || ($proc_type == PT_SILENT_IF) || ($proc_type == PT_FALSE_IF)) && ($result[1] == 'IF'))) {
if (($proc_type == PT_FOR) || ($proc_type == PT_SILENT_FOR)) $this->system_vars['cycle_nesting']--; // this one was the end of loop block
$succ_mode = true;
break;
} else {
$error_msg = 'Unexpected end of '.$result[1].' statement';
break;
}
} elseif(preg_match(PT_MIDDLE_TAGS, $line, $result)){ // this line contains one of the MIDDLE tags (ELSE probably)
$result[1] = strtoupper($result[1]);
if (($proc_type == PT_FALSE_IF) && ($result[1] == 'ELSE')) {
$proc_type = PT_IF;
} elseif (($proc_type == PT_IF) && ($result[1] == 'ELSE')) {
$proc_type = PT_FALSE_IF;
} elseif($proc_type != PT_SILENT_IF) { // ELSE inside non IF process or so
$error_msg = 'Unexpected '.$result[1].' statement '.$proc_type;
break;
}
} elseif ($proc_type <= PT_FOR){ // processing of visible contents
if (!isset($this->result)) $this->result = '';
$matches = array();
$line_is_control = false;
if (preg_match_all(PT_COUNTER_TAGS, $line, $matches)){ // We have counter tags inside
$replace = array();
foreach ($matches[0] as $key => $val){ // process counters
if ($loop_count >= 0) $replace[$key] = $loop_count + 1;
else $replace[$key] = '';
}
$line = str_replace($matches[0], $replace, $line); // replace'em all
}
// processing variables
if (preg_match_all(PT_VARIABLE_TAGS, $line, $matches)){ // Yes! We have some tags inside
$replace = array();
foreach ($matches[2] as $key => $val){ // go thru the matches
if (strlen($matches[4][$key])> 0){ // process array variables
if (isset($this->vars[$val]) && is_array($this->vars[$val]) && array_key_exists($matches[4][$key], $this->vars[$val])){
$replace[$key] = $this->vars[$val][$matches[4][$key]];
if ($matches[1][$key] == '#')
$replace[$key] = htmlspecialchars($replace[$key]); // escape html entries for # tag
if ($matches[1][$key] == '+')
$replace[$key] = str_replace('+', '%20', urlencode($replace[$key])); // url escape for + tag
if ($matches[1][$key] == '^')
{
$replace[$key] = str_replace("\\", "\\\\", $replace[$key]);
$replace[$key] = str_replace("'", "\\'", $replace[$key]);
$replace[$key] = str_replace("\r", "\\r", $replace[$key]);
$replace[$key] = str_replace("\n", "\\n", $replace[$key]);
$replace[$key] = str_replace("", "", $replace[$key]);
}
} elseif (isset($this->vars[$val]) && is_object($this->vars[$val])) {
$_obj = &$this->vars[$val];
$_name = $matches[4][$key];
$replace[$key] = $_obj->$_name;
if ($matches[1][$key] == '#')
$replace[$key] = htmlspecialchars($replace[$key]); // escape html entries for # tag
if ($matches[1][$key] == '+')
$replace[$key] = str_replace('+', '%20', urlencode($replace[$key])); // url escape for + tag
if ($matches[1][$key] == '^')
{
$replace[$key] = str_replace("\\", "\\\\", $replace[$key]);
$replace[$key] = str_replace("'", "\\'", $replace[$key]);
$replace[$key] = str_replace("\r", "\\r", $replace[$key]);
$replace[$key] = str_replace("\n", "\\n", $replace[$key]);
$replace[$key] = str_replace("", "", $replace[$key]);
}
} else {
if ($this->debug_mode) $this->show_notice($val.$matches[3][$key], 4); // show stupid notice
$replace[$key] = ''; // and insert complete emptyness
}
} else{ // process common variables
if (isset($this->vars[$val]))
$replace[$key] = $this->get_var_val($val);
elseif (preg_match('/\\//', $val))
{
$v_row = $this->Registry->_internal_get_value($val);
if ( ($v_row !== false) && (!$v_row->eof()) ) {
$out = $v_row->Rows[0]->Fields['value'];
if ($v_row->Rows[0]->Fields['key_type'] == KEY_TYPE_IMAGE)
$out = $GLOBALS['app']->template_vars['REGISTRY_WEB'] . $v_row->Rows[0]->Fields['id_path'] . '/' . $out;
$replace[$key] = $out;
}
else
$replace[$key] = '';
}
else
$replace[$key] = '';
if ($matches[1][$key] == '#')
$replace[$key] = htmlspecialchars($replace[$key]); // escape html entries for # tag
if ($matches[1][$key] == '+')
$replace[$key] = str_replace('+', '%20', urlencode($replace[$key])); // url escape for + tag
if ($matches[1][$key] == '^')
{
$replace[$key] = str_replace("\\", "\\\\", $replace[$key]);
$replace[$key] = str_replace("'", "\\'", $replace[$key]);
$replace[$key] = str_replace("\r", "\\r", $replace[$key]);
$replace[$key] = str_replace("\n", "\\n", $replace[$key]);
$replace[$key] = str_replace("", "", $replace[$key]);
}
}
}
$line = str_replace($matches[0], $replace, $line); // replace'em all
}
// processing ternary operators
if (preg_match_all(PT_TERNARY_TAGS, $line, $matches)){ // Yes! We have some tags inside
foreach ($matches[2] as $key => $val){ // go thru the matches
if (isset($this->vars[$val])){
$var = (bool)$this->get_var_val($val);
if (strlen($matches[1][$key])> 0) $var = !$var;
$res_num = ($var)?4:6;
if (isset($this->vars[$matches[$res_num][$key]])) {
$replace[$key] = $this->get_var_val($matches[$res_num][$key]);
if (strlen($matches[$res_num - 1][$key])> 0) $replace[$key] = htmlspecialchars($replace[$key]); // escape html entries
} else {
if ($this->debug_mode) $this->show_notice($res_var, 1);
$result[$key] = '';
}
} else { // we have tag but haven't got variable
if ($this->debug_mode) $this->show_notice($val, 1); // curse them out in debug mode
$replace[$key] = ''; // and insert pretty nothing
}
}
$line = str_replace($matches[0], $replace, $line); // replace'em all
}
// processing controls
if (preg_match_all(PT_CONTROL_TAGS, $line, $matches)){ // Yes! This line contains control definition
$replace = array();
foreach ($matches[1] as $key => $name){ // go through the matches
if (strlen($matches[3][$key])> 0) $tcontrol = &$GLOBALS['pt_template_factory']->get_object(strtolower($name), strtolower($matches[3][$key])); // here is control with id
else $tcontrol = &$GLOBALS['pt_template_factory']->get_object(strtolower($name)); // here is control without id
if (!is_null($tcontrol)){
$tcontrol->parse_vars($matches[5][$key]);
$tcontrol->on_page_init();
$replace[$key] = $tcontrol->process($loop_count);
} else
$replace[$key] = '';
}
$line = str_replace($matches[0], $replace, $line); // replace control statements with control results
}
// compress and delete blank lines
$line = preg_replace('/[\r\n]*$/', '', trim($line));
if (strlen($line)> 0) $this->result .= $line . "\n";
}
$curr_pos++;
}
// And what we have here?
if (!isset($error_msg) && ($proc_type != PT_ROOT) && !$succ_mode) $error_msg = 'Unexpected end of file'; // invalid template - show error
if (isset($error_msg)){
$error_txt = 'Template parsing error on line '.($curr_pos + 1);
if (isset($this->filename)) $error_txt .= ' of file "'.$this->filename.'"';
$error_txt .= ' - '.$error_msg;
system_die($error_txt, 'Template->parse'); // invalid template - show error
}
if ($proc_type == PT_ROOT)
if (!isset($this->result))
$this->result = ''; // probably there were one big false IF?
return $curr_pos; // HURRA! HURRA! This one is successfully completed!
}
function parse_string($string, $tv = null){ // fast access (LA)
$tmp = &new CTemplate();
$tmp->load_string($string);
if (is_null($tv)) $tmp->vars = &$GLOBALS['app']->template_vars;
else $tmp->vars = $tv;
$tmp->parse();
return $tmp->result;
}
function parse_file($file_name, $tv = null){ // fast access (LA)
$tmp = &new CTemplate();
$tmp->load_file($file_name);
if (is_null($tv)) $tmp->vars = &$GLOBALS['app']->template_vars;
else $tmp->vars = $tv;
$tmp->parse();
return $tmp->result;
}
function parse_array($array, $tv = null){ // fast access (LA)
$tmp = &new CTemplate();
$tmp->load_array($array);
if (is_null($tv)) $tmp->vars = &$GLOBALS['app']->template_vars;
else $tmp->vars = $tv;
$tmp->parse();
return $tmp->result;
}
}
?>m_oApplication->User->is_logged() - to check if user logged
$this->m_oApplication->User->UserData['id_member'] - to retreive id of current user
$this->m_oApplication->User->UserData['id_level'] - to retreive access level of logged user (see constants below)
$this->m_oApplication->User->UserData['first_name'] - to retreive first name of logged user
... all fields in %prefix%me_members table
2. Maintains administrative suite for creating/editing/deleting of members
history:
v 1.1.6 - important security update (ALEKS)
v 1.1.5 - get_by_id($user_id) added (PERSON)
v 1.1.4 - multiple cc support added (AHA)
v 1.1.3 - multiple address support added (AHA)
v 1.1.2 - user status added (AHA)
v 1.1.1 - synchronize method added (LA)
v 1.1.0 - refactored (LA)
v 1.0.0 - created (LA)
--------------------------------------------------------------------------------
*/
define( 'USER_LEVEL_GUEST', 0 );
define( 'USER_LEVEL_USER', 10 );
define( 'USER_LEVEL_MANAGER', 20 );
define( 'USER_LEVEL_ADMIN', 100 );
define( 'USER_LEVEL_GLOBAL_ADMIN', 255 );
define( 'TYPE_STRING', 0 );
define( 'TYPE_TEXT', 1 );
define( 'TYPE_HTMLTEXT', 2 );
define( 'TYPE_INT', 3 );
define( 'TYPE_FLOAT', 4 );
define( 'TYPE_DATETIME', 5 );
define( 'TYPE_BOOLEAN', 6 );
define( 'TYPE_IMAGE', 7 );
define( 'TYPE_FILE', 8 );
define( 'STATUS_ACTIVE', 1 );
define( 'STATUS_INACTIVE', 2 );
define( 'STATUS_OBSOLETE', 3 );
class CUser {
/**
* @var CApplication object
*/
var $m_oApplication = NULL;
/**
* @var CDataBase object
*/
var $m_oDataBase = NULL;
/**
* @var CRole object
*/
var $m_oRole = NULL;
/**
* @var CField object
*/
var $m_oField = NULL;
/**
* @var CGroup object
*/
var $m_oGroup = NULL;
/**
* @var array
*/
var $m_aTemplateVars = array();
/**
* @var array of database tables using by class
*/
var $m_aTables = array();
/**
* @var array of user data
*/
var $m_aUserData = array();
/**
* @var int
*/
var $m_iRoleID = 0;
/**
* @var int
*/
var $m_iGroupID = 0;
/**
* @var array of user data for previous compatibility
*/
var $UserData = array();
/**
* @var string containing last error message
*/
var $m_sLastError = '';
/**
* @access public
* @param CApplication &$app
* @desc CUser class Constructor
*/
function CUser( &$oApp ) {
$this->m_oApplication =&$oApp;
$this->m_aTemplateVars =&$oApp->template_vars;
$this->m_aTemplateVars['the_u_days_unlim']=true;
$this->m_aTemplateVars['the_u_quota_unlim']=true;
$this->m_aTemplateVars['the_u_quota_reached']=false;
$this->m_aTemplateVars['the_u_days_reached']=false;
$this->m_aTemplateVars['filesPath'] = '/contest-files/';
$this->m_oDataBase =&$oApp->DataBase;
$this->m_oRole =&new CRole( $oApp );
$this->m_oField =&new CField( $oApp );
$this->m_oGroup =&new CGroup( $oApp );
$this->m_aTables = array(
'users' => 'me_members',
'groups' => 'me_groups',
'fields' => 'me_fields',
'field2group' => 'me_field2group',
'field2user' => 'me_field2member',
'roles' => 'me_roles',
'user2role' => 'me_member2role',
'statuses' => 'statuses',
);
if ( !array_key_exists( 'UserData', $_SESSION ) ){
$_SESSION['UserData'] = array();
}
$this->m_aUserData =&$_SESSION['UserData'];
$this->UserData =&$this->m_aUserData;
if (InCache('usd_id') != '' && time()-InCache('auth_time')<6000)
{
$bf = &$this->m_oApplication->get_module('BF');
$this->UserData['id_member'] = intval(@$bf->getbyid(InCache('usd_id')), 10);
if (!is_numeric($this->UserData['id_member'])){
$this->UserData['id_member'] = -1;
}else{
SetCacheVar('auth_time',time());
}
}else{
$this->UserData['id_member'] = -1;
}
global $dont_synchronize;
if(!$dont_synchronize){
$this->synchronize();
}
$this->m_iRoleID = intVal( inPostGetCache( 'filter_role', 0, 'User' ) );
$this->m_iGroupID = intVal( inPostGetCache( 'filter_group', 0, 'User' ) );
$this->m_aTemplateVars['filter_role'] = $this->m_iRoleID;
$this->m_aTemplateVars['filter_group'] = $this->m_iGroupID;
}
/**
* @access public
* @desc Get available statuses.
* @return CRecordSet object containing statuses on success, otherwise FALSE.
*/
function getStatuses() {
if ( !isset( $this->m_oStatuses ) ) {
$sQuery = 'SELECT id_status AS id, name
FROM %prefix%'.$this->m_aTables['statuses'];
$this->m_oStatuses = $this->m_oDataBase->select_custom_sql( $sQuery );
}
return $this->m_oStatuses;
}
/**
* @access public
* @desc return last error message
* @return string last error message
*/
function getLastError() {
return $this->m_sLastError;
}
/**
* @access public
* @desc get user information by id
* @param int $iID user id
* @return CRecordSet object on success or FALSE on failure
*/
function getByID( $iID ) {
$iID = intval( $iID );
if ( $iID < 1 ) {
$this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'invalid_input_data' );
return FALSE;
}
$oRS = $this->m_oDataBase->select_sql( $this->m_aTables['users'], array( 'id_member' => $iID ) );
if ( $oRS === FALSE ) {
$this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'database_error' );
return FALSE;
}
$this->m_sLastError = '';
return $oRS;
}
/**
* @access private
* @desc sets user variables
* @param array $aVars array to set user variables
* @return bool TRUE
*/
function setLoggedVars( &$aVars ) {
if ( $this->isLogged() ) {
$aVars['is_logged'] = TRUE;
foreach( $this->m_aUserData as $sKey => $sValue )
$aVars['logged_user_'.$sKey] = $sValue;
$aVars['logged_user_formatted_login'] = strLen( $this->m_aUserData['login'] ) > 17 ? subStr( $this->m_aUserData['login'], 0, 17 ) . '...' : $this->m_aUserData['login'];
$aVars['logged_user_formatted_email'] = strLen( $this->m_aUserData['email'] ) > 17 ? subStr( $this->m_aUserData['email'], 0, 17 ) . '...' : $this->m_aUserData['email'];
$oRS = $this->m_oRole->getRoles();
if ( $oRS !== FALSE ) {
while ( !$oRS->eof() ) {
$aVars['logged_user_role_'.$oRS->get_field( 'code' )] = FALSE;
$oRS->next();
}
}
$oRS = $this->getRoles();
if ( $oRS !== FALSE ) {
while ( !$oRS->eof() ) {
$aVars['logged_user_role_'.$oRS->get_field( 'code' )] = TRUE;
$oRS->next();
}
}
$aVars['is_global_admin'] = ( $this->isInRoles( array( 'ADMIN_RIGHTS', 'CONTENT_RIGHTS' ) ) );
}
else {
$aVars['is_logged'] = FALSE;
$aVars['logged_user_id_member'] = -1;
}
return TRUE;
}
/**
* @access public
* @desc check if user is logged into system under role
* @param int $iRoleID role id
* @return bool TRUE if user if logged in, otherwise FALSE
*/
function isLogged( $iRoleID = 0 ) {
if ( !$iRoleID )
return ( ( isset( $this->m_aUserData['id_member'] ) ) && ( $this->m_aUserData['id_member'] > 0 ) );
else
return ( ( isset( $this->m_aUserData['id_member'] ) ) && ( $this->m_aUserData['id_member'] > 0 ) && $this->isInRole( 'ADMIN_RIGHTS' ) );
}
/**
* @access public
* @desc try to login user into system
* @param string $sLogin user login
* @param string $sPassword user password
* @param bool $bStore define if to store user id in cookie
* @return bool TRUE if user logged, otherwise FALSE
*/
function login( $sLogin, $sPassword, $bStore = TRUE ) {
$this->m_sLastError = '';
$oRS = $this->m_oDataBase->select_custom_sql("SELECT u.id_status as id_status, u.id_member as id_member from %prefix%me_members u, %prefix%me_member2role r where login='".$this->m_oDataBase->internalEscape($sLogin)."' and password='".base64_encode($sPassword)."' and u.id_member=r.id_member and id_role=1");
// ('me_members', array('login'=>$sLogin, 'password'=>base64_encode($sPassword)));
if ( ( is_object( $oRS ) ) && ( !$oRS->eof() ) ) {
if ( $oRS->get_field( 'id_status' ) == STATUS_ACTIVE ) {
$this->set_user_from_db( $oRS );
$bf = &$this->m_oApplication->get_module('BF');
if ( $bStore )
SetCacheVar('usd_id', $bf->makeid($oRS->get_field('id_member')));
else
SetCacheVar('usd_id', $bf->makeid($oRS->get_field('id_member')));
SetCacheVar('auth_time',time());
$this->set_logged_vars( $this->m_aTemplateVars );
return TRUE;
}
elseif ( $oRS->get_field( 'id_status' ) == STATUS_INACTIVE )
$this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'login_inactive_user' );
else
$this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'login_obsolete_user' );
}
else
$this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'login_no_such_user' );
return FALSE;
}
/**
* @access public
* @desc logout user from system
*/
function logout() {
$this->m_aUserData = array();
SetCacheVar( 'usd_id', '');
SetCacheVar('auth_time',0);
}
/**
* @access public
* @desc get user information
* @param int $iUserID user id
* @return CRecordSet object containing user information or FALSE if user isn't present in database
*/
function getUser( $iUserID = 0 ) {
if ( $iUserID == 0 )
$iUserID = $this->m_aUserData['id_member'];
$iUserID = intval( $iUserID );
if ( !$iUserID )
return FALSE;
if ( !isset( $this->m_aUserInfo[$iUserID] ) ) {
//, (-unix_timestamp(NOW())+unix_timestamp(date_start)+days_limit*3600*24 )/(3600*24) as days_left, -sum(filesize)/(1024*1024)+quota as size_left
//LEFT JOIN %prefix%cms_files f
$sQuery = 'SELECT u.id_member AS id, u.id_group AS `group`, u.id_status AS status, login, password, email, DATE_FORMAT( FROM_UNIXTIME( reg_time ), "%d.%m.%Y %H:%i" ) AS reg_time, theme
FROM %prefix%'.$this->m_aTables['users'].' u
WHERE id_member = '.$iUserID;//' GROUP BY user_id';
$this->m_aUserInfo[$iUserID] = $this->m_oDataBase->select_custom_sql( $sQuery );
//print $this->m_aUserInfo[$iUserID]->get_field('days_left');
}
return $this->m_aUserInfo[$iUserID];
}
/**
* @access public
* @desc get user fields
* @param int $iUserID user id
* @return CRecordSet object containing user fields or FALSE if user isn't present in database
*/
function getFields( $iUserID = 0 ) {
if ( $iUserID == 0 )
$iUserID = $this->m_aUserData['id_member'];
$iUserID = intval( $iUserID );
if ( !$iUserID )
return FALSE;
if ( !isset( $this->m_oUserFields[$iUserID] ) ) {
$sQuery = 'SELECT ftu.id_field AS id, f.name, ftu.value
FROM %prefix%'.$this->m_aTables['fields'].' f
INNER JOIN %prefix%'.$this->m_aTables['field2group'].' ftg ON ( ftg.id_field = f.id_field )
INNER JOIN %prefix%'.$this->m_aTables['groups'].' g ON ( g.id_group = ftg.id_group )
LEFT JOIN %prefix%'.$this->m_aTables['field2user'].' ftu ON ( ftu.id_field = f.id_field )
WHERE f.status = 1 AND ftu.id_member = '.$iUserID;
$this->m_oUserFields[$iUserID] = $this->m_oDataBase->select_custom_sql( $sQuery );
}
return $this->m_oUserFields[$iUserID];
}
/**
* @access public
* @desc get user roles
* @param int $iUserID user id
* @return CRecordSet object containing user roles or FALSE if user isn't present in database
*/
function getRoles( $iUserID = 0 ) {
if ( $iUserID == 0 )
$iUserID = $this->m_aUserData['id_member'];
$iUserID = intval( $iUserID );
if ( !$iUserID )
return FALSE;
if ( !isset( $this->m_oRoles[$iUserID] ) ) {
$sQuery = 'SELECT r.id_role AS id, r.code
FROM %prefix%'.$this->m_aTables['users'].' u
INNER JOIN %prefix%'.$this->m_aTables['user2role'].' utr ON ( utr.id_member = u.id_member )
INNER JOIN %prefix%'.$this->m_aTables['roles'].' r ON ( r.id_role = utr.id_role )
WHERE u.id_member = '.$iUserID;
$this->m_oRoles[$iUserID] = $this->m_oDataBase->select_custom_sql( $sQuery );
}
return $this->m_oRoles[$iUserID];
}
/**
* @access public
* @desc check if user consist in role
* @param int $iRoleID role id
* @param int $iUserID user id
* @return bool TRUE if user consist in role, otherwise FALSE
*/
function isInRole( $iRoleID, $iUserID = 0 ) {
if ( is_integer( $iRoleID ) )
return in_array( $iRoleID, $this->getRolesIDs( $iUserID ) );
else
return in_array( $iRoleID, $this->getRolesCodes( $iUserID ) );
}
/**
* @access public
* @desc check if user consist at least in on of roles
* @param array $aRolesIDs roles ids
* @param int $iUserID user id
* @return bool TRUE if user consist at least in one of roles, otherwise FALSE
*/
function isInRoles( $aRolesIDs, $iUserID = 0 ) {
if ( !is_array( $aRolesIDs ) )
return FALSE;
$iSize = sizeOf ( $aRolesIDs );
for ( $i = 0; $i < $iSize; $i++ ) {
if ( !$this->isInRole( $aRolesIDs[$i], $iUserID ) )
return FALSE;
}
return TRUE;
}
/**
* @access public
* @desc get user roles ids
* @param int $iUserID user id
* @return array of user roles ids or FALSE if user isn't present in database
*/
function getRolesIDs( $iUserID = 0 ) {
if ( $iUserID == 0 )
$iUserID = $this->m_aUserData['id_member'];
$iUserID = intval( $iUserID );
if ( !$iUserID )
return FALSE;
if ( !isset( $this->m_aRolesIDs[$iUserID] ) ) {
$this->m_aRolesIDs[$iUserID] = array();
$oRS = $this->getRoles( $iUserID );
recordset_to_vars( $oRS, $aRoles, FALSE );
$iSize = sizeOf ( $aRoles['id'] );
for ( $i = 0; $i < $iSize; $i++ )
$this->m_aRolesIDs[$iUserID][] = $aRoles['id'][$i];
}
return $this->m_aRolesIDs[$iUserID];
}
/**
* @access public
* @desc get user roles ids
* @param int $iUserID user id
* @return array of user roles codes or FALSE if user isn't present in database
*/
function getRolesCodes( $iUserID = 0 ) {
if ( $iUserID == 0 )
$iUserID = !empty($this->m_aUserData['id_member'])?$this->m_aUserData['id_member']:'';
$iUserID = intval( $iUserID );
if ( !$iUserID ){
return array();
}
if ( !isset( $this->m_aRolesCodes[$iUserID] ) ) {
$this->m_aRolesCodes[$iUserID] = array();
$oRS = $this->getRoles( $iUserID );
recordset_to_vars( $oRS, $aRoles, FALSE );
$iSize = sizeOf ( $aRoles['code'] );
for ( $i = 0; $i < $iSize; $i++ )
$this->m_aRolesCodes[$iUserID][] = $aRoles['code'][$i];
}
return $this->m_aRolesCodes[$iUserID];
}
function createUser( $aInfo, $aFields = array(), $aRoles = array() ) {
$sQuery = 'SELECT login FROM %prefix%'.$this->m_aTables['users'].' WHERE login = "'. $this->m_oDataBase->internalEscape( $aInfo['login'] ) .'"';
$oRS = $this->m_oDataBase->select_custom_sql( $sQuery );
if ( is_object( $oRS ) && !$oRS->eof() ) {
if ( $oRS->get_field( 'login' ) )
$this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'login_already_exists' );
return FALSE;
}
else {
$sQuery = 'SELECT email FROM %prefix%'.$this->m_aTables['users'].' WHERE email = "'. $this->m_oDataBase->internalEscape( $aInfo['email'] ) .'"';
$oRS = $this->m_oDataBase->select_custom_sql( $sQuery );
if ( is_object( $oRS ) && !$oRS->eof() ) {
if ( $oRS->get_field( 'email' ) )
$this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'email_already_exists' );
return FALSE;
}
}
$aInfo['group'] = empty( $aInfo['group'] ) ? 1 : $aInfo['group'];
$aInsert = array(
'id_group' => $aInfo['group'],
'id_status' => empty( $aInfo['status'] ) ? STATUS_INACTIVE : $aInfo['status'],
'email' => $aInfo['email'],
'login' => $aInfo['login'],
'password' => base64_encode( $aInfo['password'] ),
'reg_time' => time(),
'theme' => $aInfo['theme']
);
if( !empty( $aInfo['lang_id'] ) )
$aInsert['lang_id'] = $aInfo['lang_id'];
$iUserID = $this->m_oDataBase->insert_sql( $this->m_aTables['users'], $aInsert );
$oFields = $this->m_oGroup->getFields( $aInfo['group'] );
while ( !$oFields->eof() ) {
$iID = $oFields->get_field( 'id' );
if ( isset( $aFields[$iID] ) ) {
$aUserField = array(
'id_field' => $iID,
'id_member' => $iUserID,
'value' => $aFields[$iID]
);
}
else {
$aUserField = array(
'id_field' => $iID,
'id_member' => $iUserID,
'value' => ''
);
}
$this->m_oDataBase->insert_sql( $this->m_aTables['field2user'], $aUserField );
$oFields->next();
}
$iSize = sizeOf( $aRoles );
for ( $i = 0; $i < $iSize; $i++ )
$this->m_oRole->addUser( $iUserID, $aRoles[$i] );
return $iUserID;
}
function updateUserCustomData( $aData, $iUserID = null ) {
if ( is_null( $iUserID ) )
if ( $this->is_logged() )
$iUserID = $this->m_aUserData['id_member'];
else
return FALSE;
if ( $this->m_oDataBase->update_sql( $this->m_aTables['users'], $aData, array( 'id_member' => $iUserID ) ) !== FALSE ) {
if ( ( $this->is_logged() ) && ( $iUserID == $this->m_aUserData['id_member'] ) )
$this->synchronize();
return TRUE;
}
else
return FALSE;
}
function updateUser( $iUserID, $aInfo, $aFields = array(), $aRoles = array() ) {
if(is_null($aRoles)){
$the_roles=$this->getRolesIDs( $iUserID );
}else{
$the_roles=$aRoles;
}
$sQuery = 'SELECT login
FROM %prefix%'.$this->m_aTables['users'].'
WHERE login = "'.$this->m_oDataBase->internalEscape( $aInfo['login'] ).'" AND id_member <> '.$iUserID;
$oRS = $this->m_oDataBase->select_custom_sql( $sQuery );
if ( is_object( $oRS ) && !$oRS->eof() ) {
if ( $oRS->get_field( 'login' ) )
$this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'login_already_exists' );
return FALSE;
}else {
$sQuery = 'SELECT email FROM %prefix%'.$this->m_aTables['users'].' WHERE email = "'. $this->m_oDataBase->internalEscape( $aInfo['email'] ) .'" AND id_member <> '.$iUserID;
$oRS = $this->m_oDataBase->select_custom_sql( $sQuery );
if ( is_object( $oRS ) && !$oRS->eof() ) {
if ( $oRS->get_field( 'email' ) )
$this->m_sLastError = $this->m_oApplication->Localizer->get_string( 'email_already_exists' );
return FALSE;
}
}
if( empty( $aInfo['password'] ) ) {
$oRS = $this->m_oDataBase->select_custom_sql( 'SELECT password FROM %prefix%'.$this->m_aTables['users'].' WHERE id_member = '.$iUserID );
$aInfo['password'] = base64_decode( $oRS->get_field( 'password' ) );
}
if ( $iUserID != $this->m_aUserData['id_member'] && $iUserID!= 1 ) {
$aUpdate = array(
'login' => $aInfo['login'],
'password' => base64_encode( $aInfo['password'] ),
'email' => $aInfo['email'],
'theme' => $aInfo['theme']
);
}else{
$aUpdate = array(
'login' => $aInfo['login'],
'password' => base64_encode( $aInfo['password'] ),
'email' => $aInfo['email'],
);
}
if ( isset( $aInfo['status'] ) )
$aUpdate['id_status'] = $aInfo['status'];
$this->updateUserCustomData( $aUpdate, $iUserID );
$oFields = $this->getFields( $iUserID );
while ( !$oFields->eof() ) {
$iID = $oFields->get_field( 'id' );
$aCond = array(
'id_field' => $iID,
'id_member' => $iUserID,
);
if ( isset( $aFields[$iID] ) ) {
$aUserField = array(
'value' => $aFields[$iID]
);
$this->m_oDataBase->update_sql( $this->m_aTables['field2user'], $aUserField, $aCond );
}
else {
$aUserField = array(
'id_field' => $iID,
'id_member' => $iUserID,
'value' => ''
);
$this->m_oDataBase->insert_sql( $this->m_aTables['field2user'], $aUserField );
}
$oFields->next();
}
if ( !is_null( $aRoles ) ) {
$this->m_oDataBase->delete_sql( $this->m_aTables['user2role'], array( 'id_member' => $iUserID ) );
$iSize = sizeOf( $aRoles );
for ( $i = 0; $i < $iSize; $i++ )
$this->m_oRole->addUser( $iUserID, $aRoles[$i] );
}
return TRUE;
}
function deleteUsers( $aUsersID ) {
if ( !$iSize = sizeOf( $aUsersID ) ){
$this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User&no_user_selected' );
return FALSE;
}
if ( !is_array( $aUsersID ) )
$aUsersID = array( $aUsersID );
$sSet = join( ', ', $aUsersID );
$this->m_oDataBase->custom_sql( 'DELETE FROM %prefix%'.$this->m_aTables['field2user'].' WHERE id_member IN ( '.$sSet.' )' );
$this->m_oDataBase->custom_sql( 'DELETE FROM %prefix%'.$this->m_aTables['user2role'].' WHERE id_member IN ( '.$sSet.' )' );
return $this->m_oDataBase->custom_sql( 'DELETE FROM %prefix%'.$this->m_aTables['users'].' WHERE id_member IN ( '.$sSet.' )' );
}
function get_admin_names() {
if ( $this->isInRole( 'ADMIN_RIGHTS' ) )
return 'Пользователи';
else
return '';
}
function synchronize() {
if ( isset( $this->m_aUserData['id_member'] ) ) {
$oRS = $this->m_oDataBase->select_sql( $this->m_aTables['users'], array( 'id_member' => $this->m_aUserData['id_member'], 'id_status' => STATUS_ACTIVE ) );
if ( ( $oRS !== FALSE ) && ( !$oRS->eof() ) )
$this->set_user_from_db( $oRS );
else
$this->m_aUserData = array();
}
else
$this->m_aUserData = array();
}
function setUserFromDB( $oRS ) {
$this->m_aUserData = array();
$iUserID = $oRS->get_field( 'id_member' );
$aRoles = $this->getRolesIDs( $iUserID );
if ( !empty( $aRoles ) && ( $this->isInRole( 'ADMIN_RIGHTS', $iUserID ) || $this->isInRole( 'CMS_RIGHTS', $iUserID ) ) )
$oRS->Rows[0]->Fields['id_level'] = USER_LEVEL_GLOBAL_ADMIN;
else
$oRS->Rows[0]->Fields['id_level'] = USER_LEVEL_USER;
foreach( $oRS->Rows[0]->Fields as $sKey => $sValue )
if ( strcmp( $sKey, 'password' ) != 0 )
$this->m_aUserData[$sKey] = $sValue;
}
function run_admin_interface( $sModule, $sSubModule ) {
if ( !$this->isInRole( 'ADMIN_RIGHTS' ) ) {
$this->m_aTemplateVars['has_access'] = FALSE;
$this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( 'module_access_denied' );
}
else {
require_once( CUSTOM_CONTROLS_PATH . 'sub.php' );
new CSubModule( $this );
$this->contest =&$this->m_oApplication->get_module('Contest');
// Set base template variables
$this->m_aTemplateVars['firstAdmin']=false;
$this->m_aTemplateVars['has_access'] = TRUE;
$this->m_aTemplateVars['action'] = FALSE;
$this->m_aTemplateVars['action_edit_user'] = FALSE;
$this->m_aTemplateVars['action_add_user'] = FALSE;
$this->m_aTemplateVars['users_deleted'] = in_get('deleted')?true:false;
$this->m_aTemplateVars['nobody_deleted'] = in_get('no_user_selected')?true:false;
$this->m_aTemplateVars['disable_options'] = false;
$oLocalizer =&$this->m_oApplication->Localizer;
$oGroups = $this->m_oGroup->getGroups();
$aGroups = array( '0' => 'All' );
while ( !$oGroups->eof() ) {
$aGroups[$oGroups->get_field( 'id' )] = $oGroups->get_field( 'name' );
$oGroups->next();
}
CInput::set_select_data( 'filter_group', $aGroups );
$oRoles = $this->m_oRole->getRoles();
$aRoles = array( '0' => 'All' );
while ( !$oRoles->eof() ) {
$aRoles[$oRoles->get_field( 'id' )] = $oRoles->get_field( 'name' );
$oRoles->next();
}
CInput::set_select_data( 'filter_role', $aRoles );
// Display Users List
require_once( BASE_CLASSES_PATH . 'controls/navigator.php' );
$sQuery = 'SELECT m.id_member as id, m.login as login, m.email as email, s.name AS status
FROM %prefix%'.$this->m_aTables['users'].' m ';
$sQuery .=' INNER JOIN %prefix%'.$this->m_aTables['statuses'].' s ON ( s.id_status = m.id_status )';
if ( $this->m_iRoleID )
$sQuery .= ' INNER JOIN %prefix%'. $this->m_aTables['user2role'] .' utr ON ( utr.id_member = m.id_member AND utr.id_role = '. $this->m_iRoleID .' )';
if ( $this->m_iGroupID )
$sQuery .= ' WHERE m.id_group = '. $this->m_iGroupID;
$sQuery .= " GROUP BY m.id_member";
$aFields = array(
'login' => 'login',
'email' => 'email',
'status' => 'status'
);
$aDisabled = array( 1, $this->m_aUserData['id_member'] );
$oUsersNavigator = &new Navigator( 'UsersList', $sQuery, $aFields, 'login' );
$header_num=$oUsersNavigator->add_header( $oLocalizer->get_string( 'title_login' ), 'login');
$oUsersNavigator->add_header( $oLocalizer->get_string( 'title_email' ), 'email' );
$oUsersNavigator->add_header( $oLocalizer->get_string( 'title_status' ), 'status' );
$oUsersNavigator->set_disabled_list( $aDisabled );
$oUsersNavigator->set_width( 0, '50%' );
$oUsersNavigator->set_width( 1, '50%' );
$iUserID = intval( inGet( 'id_member', 0 ) );
$iUserID = $iUserID >= 0 ? $iUserID : 0;
if ( $iUserID ) {
if($iUserID=='1'){
$this->m_aTemplateVars['firstAdmin']=true;
}else{
$this->m_aTemplateVars['firstAdmin']=false;
}
$this->m_aTemplateVars['action'] = TRUE;
$this->m_aTemplateVars['action_edit_user'] = TRUE;
$this->m_aTemplateVars['action_add_user'] = FALSE;
CValidator::add( 'user_login', VRT_TEXT, 6, 64 );
CValidator::add( 'user_email', VRT_EMAIL );
CValidator::add_nr( 'user_password', VRT_PASSWORD, '', 6, 64 );
CValidator::add_nr( 'user_confirm_password',VRT_PASSWORD, '', 6, 64 );
$oUserRS = $this->getUser( $iUserID );
if ( !is_object( $oUserRS ) || $oUserRS->eof() ) {
$this->m_aTemplateVars['action'] = FALSE;
$this->m_aTemplateVars['action_edit_user'] = FALSE;
$this->m_aTemplateVars['action_add_user'] = FALSE;
$this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User' );
}
else {
if ( in_get( 'created' ) )
$this->m_aTemplateVars['module_messages'][] = $oLocalizer->get_string( 'message_user_created' );
elseif ( in_get( 'modified' ) )
$this->m_aTemplateVars['module_messages'][] = $oLocalizer->get_string( 'message_user_modified' );
$this->m_aTemplateVars['user_theme']=$oUserRS->get_field('theme');
CInput::set_select_data('user_theme',$this->contest->themeArray);
$iGroupID = $oUserRS->get_field( 'group' );
$oUserFields = $this->getFields( $iUserID );
$oGroupFields = $this->m_oGroup->getFields( $iGroupID );
while ( !$oUserFields->eof() ) {
$this->m_aTemplateVars['field_'.$oUserFields->get_field( 'name' )] = stripslashes( str_replace( array( '\r', '\n' ), array( "\r", "\n" ), $oUserFields->get_field( 'value' ) ) );
$oUserFields->next();
}
row_to_vars( $oUserRS->Rows[0], $this->m_aTemplateVars, '', 'user_' );
recordset_to_vars( $oGroupFields, $this->m_aTemplateVars, 'fields', 'field_' );
foreach ( $this->m_aTemplateVars['field_type'] as $sKey => $sValue ) {
$this->m_aTemplateVars['field_name'][$sKey] = 'field_'.$this->m_aTemplateVars['field_name'][$sKey];
$this->m_aTemplateVars['field_STRING'][$sKey] =
$this->m_aTemplateVars['field_TEXT'][$sKey] =
$this->m_aTemplateVars['field_HTMLTEXT'][$sKey] =
$this->m_aTemplateVars['field_INT'][$sKey] =
$this->m_aTemplateVars['field_FLOAT'][$sKey] =
$this->m_aTemplateVars['field_DATETIME'][$sKey] =
$this->m_aTemplateVars['field_BOOLEAN'][$sKey] =
$this->m_aTemplateVars['field_IMAGE'][$sKey] =
$this->m_aTemplateVars['field_FILE'][$sKey] = FALSE;
switch ( $sValue ) {
case TYPE_STRING:
$this->m_aTemplateVars['field_STRING'][$sKey] = TRUE;
if ( $this->m_aTemplateVars['field_required'][$sKey] )
CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, 1, 255 );
else
CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, '', 1, 255 );
break;
case TYPE_TEXT:
$this->m_aTemplateVars['field_TEXT'][$sKey] = TRUE;
if ( $this->m_aTemplateVars['field_required'][$sKey] )
CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, 1 );
else
CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, '' );
break;
case TYPE_HTMLTEXT:
$this->m_aTemplateVars['field_HTMLTEXT'][$sKey] = TRUE;
if ( $this->m_aTemplateVars['field_required'][$sKey] )
CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, 1 );
else
CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_TEXT, '' );
break;
case TYPE_INT:
$this->m_aTemplateVars['field_INT'][$sKey] = TRUE;
if ( $this->m_aTemplateVars['field_required'][$sKey] )
CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_NUMBER );
else
CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_NUMBER, '' );
break;
case TYPE_FLOAT:
$this->m_aTemplateVars['field_FLOAT'][$sKey] = TRUE;
if ( $this->m_aTemplateVars['field_required'][$sKey] )
CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_FLOAT );
else
CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_FLOAT, '' );
break;
case TYPE_DATETIME:
$this->m_aTemplateVars['field_DATETIME'][$sKey] = TRUE;
if ( $this->m_aTemplateVars['field_required'][$sKey] )
CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_ODBCDATE );
else
CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_ODBCDATE, date( 'Y-m-d' ) );
break;
case TYPE_BOOLEAN:
$this->m_aTemplateVars['field_BOOLEAN'][$sKey] = TRUE;
break;
case TYPE_IMAGE:
$this->m_aTemplateVars['field_IMAGE'][$sKey] = TRUE;
if ( $this->m_aTemplateVars['field_required'][$sKey] )
CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_IMAGE_FILE );
else
CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_IMAGE_FILE, '' );
break;
case TYPE_FILE:
$this->m_aTemplateVars['field_FILE'][$sKey] = TRUE;
$this->m_aTemplateVars[$this->m_aTemplateVars['field_name'][$sKey]] = isset( $aUserFields[$this->m_aTemplateVars['field_id'][$sKey]] ) ? $aUserFields[$this->m_aTemplateVars['field_id'][$sKey]] : '';
if ( $this->m_aTemplateVars['field_required'][$sKey] )
CValidator::add( $this->m_aTemplateVars['field_name'][$sKey], VRT_CUSTOM_FILE );
else
CValidator::add_nr( $this->m_aTemplateVars['field_name'][$sKey], VRT_CUSTOM_FILE, '' );
break;
}
}
}
// Set statuses
$oStatuses = $this->getStatuses();
$aStatuses = array();
$oStatuses->first();
if ( $oStatuses !== FALSE ) {
while ( !$oStatuses->eof() ) {
$aStatuses[$oStatuses->get_field( 'id' )] = $oStatuses->get_field( 'name' );
$aStatusesIDS[] = $oStatuses->get_field( 'id' );
$oStatuses->next();
}
}
$themes=array_flip($this->contest->themeArray);
CValidator::add( 'user_theme', VRT_ENUMERATION, $themes );
CValidator::add( 'user_status', VRT_ENUMERATION, $aStatusesIDS );
CInput::set_select_data( 'user_status', $aStatuses );
if ( $iUserID == $this->m_aUserData['id_member'] || $iUserID==1){
CInput::disable( 'user_status' );
$this->m_aTemplateVars['disable_options']=true;
}
$oRoles = $this->m_oRole->getRoles();
recordset_to_vars( $oRoles, $this->m_aTemplateVars, 'roles', 'role_' );
if(CForm::is_submit('UserEdit') && $iUserID != $this->m_aUserData['id_member'] && $iUserID!=1 && is_object($oRoles)){
$oRoles->first();
for($x=0;$x<$oRoles->get_record_count();$x++){
$this->m_aTemplateVars['role_'.$oRoles->get_field('id')]=inpost('role_'.$oRoles->get_field('id'));
$oRoles->next();
}
}else{
$aRoles = $this->getRolesIDs( $iUserID );
$iSize = sizeOf( $aRoles );
for ( $i = 0; $i < $iSize; $i++ ){
$this->m_aTemplateVars['role_'.$aRoles[$i]] = 1;
if($iUserID == $this->m_aUserData['id_member'] || $iUserID == 1 ){
CInput::disable( 'role_'.$aRoles[$i] );
}
}
}
$oUsersNavigator->set_highlight( 'id', $iUserID );
}
elseif ( in_get( 'add_user' ) ) {
$this->m_aTemplateVars['action'] = TRUE;
$this->m_aTemplateVars['action_edit_user'] = FALSE;
$this->m_aTemplateVars['action_add_user'] = TRUE;
CInput::set_select_data('user_theme',$this->contest->themeArray);
CValidator::add( 'user_login', VRT_TEXT, 6, 64 );
CValidator::add( 'user_email', VRT_EMAIL );
CValidator::add( 'user_password', VRT_PASSWORD, 6, 64 );
CValidator::add( 'user_confirm_password', VRT_PASSWORD, 6, 64 );
if(!CForm::is_submit('UserAdd'))
$this->m_aTemplateVars['role_2']=1;
// Set statuses
$oStatuses = $this->getStatuses();
$aStatuses = array();
$aStatusesIDS=array();
$oStatuses->first();
if ( $oStatuses !== FALSE ) {
while ( !$oStatuses->eof() ) {
$aStatuses[$oStatuses->get_field( 'id' )] = $oStatuses->get_field( 'name' );
$aStatusesIDS[] = $oStatuses->get_field( 'id' );
$oStatuses->next();
}
}
$oGroups = $this->m_oGroup->getGroups();
$aUserGroups = array();
if ( $oGroups !== FALSE ) {
while ( !$oGroups->eof() ) {
$aUserGroups[$oGroups->get_field( 'id' )] = $oGroups->get_field( 'name' );
$aUserGroupsIDS[] = $oGroups->get_field( 'id' );
$oGroups->next();
}
}
CValidator::add( 'user_group', VRT_ENUMERATION, $aUserGroupsIDS );
CInput::set_select_data( 'user_group', $aUserGroups );
CValidator::add( 'user_status', VRT_ENUMERATION, $aStatusesIDS );
CInput::set_select_data( 'user_status', $aStatuses );
// Get group roles
$oRoles = $this->m_oRole->getRoles();
recordset_to_vars( $oRoles, $this->m_aTemplateVars, 'roles', 'role_' );
}
}
$this->m_aTemplateVars['with_messages'] = empty( $this->m_aTemplateVars['module_messages'] ) ? FALSE : TRUE;
$this->m_aTemplateVars['with_errors'] = empty( $this->m_aTemplateVars['module_errors'] ) ? FALSE : TRUE;
if ( !empty( $this->m_aTemplateVars['module_errors'] ) || !empty( $this->m_aTemplateVars['module_messages'] ) ) {
require_once( BASE_CONTROLS_PATH.'simplearrayoutput.php' );
new CSimpleArrayOutput();
}
return CTemplate::parse_file( CUSTOM_TEMPLATE_PATH.'admin/user/main.tpl' );
}
function on_UserList_submit( $sAction ) {
if ( !$this->isInRole( 'ADMIN_RIGHTS' ) ) {
return true;
}
if ( $sAction == 'delete' ) {
$aChecked = InPost( 'ch', array() );
if($this->deleteUsers( $aChecked ))
$this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User&deleted' );
}
elseif ( $sAction == 'add' ) {
$this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User&add_user' );
}
return TRUE;
}
function on_UserAdd_submit( $sAction ) {
if ( !$this->isInRole( 'ADMIN_RIGHTS' ) ) {
return true;
}
if ( $sAction == 'cancel' ) {
$this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User' );
return TRUE;
}
$this->contest= &$this->m_oApplication->get_module('Contest');
$oGroups = $this->m_oGroup->getGroups();
$aUserGroups = array();
if ( $oGroups !== FALSE ) {
while ( !$oGroups->eof() ) {
$aUserGroups[] = $oGroups->get_field( 'id' );
$oGroups->next();
}
}
CValidator::add( 'user_login', VRT_TEXT, 6, 64 );
CValidator::add( 'user_email', VRT_EMAIL );
CValidator::add( 'user_password', VRT_PASSWORD, 6, 64 );
CValidator::add( 'user_confirm_password', VRT_PASSWORD, 6, 64 );
$oStatuses = $this->getStatuses();
$aStatusesIDs = array();
if ( $oStatuses !== FALSE ) {
while ( !$oStatuses->eof() ) {
$aStatusesIDS[] = $oStatuses->get_field( 'id' );
$oStatuses->next();
}
}
CValidator::add( 'user_group', VRT_ENUMERATION, $aUserGroups );
if(inpost('role_2')){
$themes=array_flip($this->contest->themeArray);
CValidator::add( 'user_theme', VRT_ENUMERATION, $themes );
}
CValidator::add( 'user_status', VRT_ENUMERATION, $aStatusesIDS );
if ( CValidator::validate_input() ) {
if ( strcmp( $this->m_aTemplateVars['user_password'], $this->m_aTemplateVars['user_confirm_password'] ) ) {
$this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( 'passwords_doesnt_match' );
}
else {
$aUserInfo = array(
'login' => $this->m_aTemplateVars['user_login'],
'password' => $this->m_aTemplateVars['user_password'],
'email' => $this->m_aTemplateVars['user_email'],
'status' => $this->m_aTemplateVars['user_status'],
);
if(inpost('role_2')){
$aUserInfo['theme']=$this->m_aTemplateVars['user_theme'];
}else{
$aUserInfo['theme']=0;
}
$aUserFields = array();
$aUserRoles = array();
$oRoles = $this->m_oRole->getRoles();
if ( is_object( $oRoles ) ) {
while ( !$oRoles->eof() ) {
if ( in_post( 'role_'.$oRoles->get_field( 'id' ) ) )
$aUserRoles[] = $oRoles->get_field( 'id' );
$oRoles->next();
}
}
if ( !( $iUserID = $this->createUser( $aUserInfo, $aUserFields, $aUserRoles ) ) ){
$this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( $this->getLastError() );
}
else{
$this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User&id_member='.$iUserID.'&created' );
}
}
}
else
$this->m_aTemplateVars['module_errors'] = CValidator::get_errors();
return TRUE;
}
function on_UserEdit_submit( $sAction ) {
if ( !$this->isInRole( 'ADMIN_RIGHTS' ) ) {
return true;
}
if ( $sAction == 'cancel' ) {
$this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User' );
return TRUE;
}
$this->contest= &$this->m_oApplication->get_module('Contest');
CValidator::add( 'user_login', VRT_TEXT, 6, 64 );
CValidator::add( 'user_email', VRT_EMAIL );
CValidator::add_nr( 'user_password', VRT_PASSWORD, '', 6, 64 );
CValidator::add_nr( 'user_confirm_password', VRT_PASSWORD, '', 6, 64 );
$iUserID = intval( inGetPost( 'id_member', 0 ) );
if ( $iUserID != $this->m_aUserData['id_member'] && $iUserID!= 1 ) {
$oStatuses = $this->getStatuses();
$aStatusesIDs = array();
if ( $oStatuses !== FALSE ) {
while ( !$oStatuses->eof() ) {
$aStatusesIDS[] = $oStatuses->get_field( 'id' );
$oStatuses->next();
}
}
$themes=array_flip($this->contest->themeArray);
if(inpost('role_2')){
CValidator::add( 'user_theme', VRT_ENUMERATION, $themes );
}
CValidator::add( 'user_status', VRT_ENUMERATION, $aStatusesIDS );
}
$oUser = $this->getUser( $iUserID );
if ( $oUser === FALSE || $oUser->eof() ) {
$this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User' );
return TRUE;
}
else
$iGroupID = $oUser->get_field( 'group' );
$oFields = $this->m_oGroup->getFields( $iGroupID );
while ( is_object( $oFields ) && !$oFields->eof() ) {
switch ( $oFields->get_field( 'type' ) ) {
case TYPE_STRING:
if ( $oFields->get_field( 'required' ) )
CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, 1, 255 );
else
CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, '', 1, 255 );
break;
case TYPE_TEXT:
if ( $oFields->get_field( 'required' ) )
CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, 1 );
else
CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, '', 1 );
break;
case TYPE_HTMLTEXT:
if ( $oFields->get_field( 'required' ) )
CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, 1 );
else
CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_TEXT, '', 1 );
break;
case TYPE_INT:
if ( $oFields->get_field( 'required' ) )
CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_NUMBER );
else
CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_NUMBER, 0 );
break;
case TYPE_FLOAT:
if ( $oFields->get_field( 'required' ) )
CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_FLOAT );
else
CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_FLOAT, 0.0 );
break;
case TYPE_DATETIME:
if ( $oFields->get_field( 'required' ) )
CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_ODBCDATE );
else
CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_ODBCDATE, date( 'Y-m-d' ) );
break;
case TYPE_IMAGE:
if ( $oFields->get_field( 'required' ) )
CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_IMAGE_FILE );
else
CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_IMAGE_FILE, '' );
break;
case TYPE_FILE:
if ( $oFields->get_field( 'required' ) )
CValidator::add( 'field_'.$oFields->get_field( 'name' ), VRT_CUSTOM_FILE );
else
CValidator::add_nr( 'field_'.$oFields->get_field( 'name' ), VRT_CUSTOM_FILE, '' );
break;
}
$oFields->next();
}
if ( CValidator::validate_input() ) {
if ( strcmp( $this->m_aTemplateVars['user_password'], $this->m_aTemplateVars['user_confirm_password'] ) )
$this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( 'passwords_doesnt_match' );
//elseif ( !strcmp( $this->m_aTemplateVars['user_login'], $this->m_aTemplateVars['user_email'] ) )
// $this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( 'the_same_emails' );
else {
if ( $iUserID != $this->m_aUserData['id_member'] && $iUserID!= 1 ) {
$aUserInfo = array(
'login' => $this->m_aTemplateVars['user_login'],
'password' => $this->m_aTemplateVars['user_password'],
'email' => $this->m_aTemplateVars['user_email'],
);
if(inpost('role_2')){
$aUserInfo['theme']=$this->m_aTemplateVars['user_theme'];
}else{
$aUserInfo['theme']=0;
}
}else{
$aUserInfo = array(
'login' => $this->m_aTemplateVars['user_login'],
'password' => $this->m_aTemplateVars['user_password'],
'email' => $this->m_aTemplateVars['user_email'],
);
}
if ( $iUserID != $this->m_aUserData['id_member'] && $iUserID!=1)
$aUserInfo['status'] = $this->m_aTemplateVars['user_status'];
$aUserFields = array();
$aUserRoles = array();
if ( is_object( $oFields ) ) {
$oFields->first();
while ( !$oFields->eof() ) {
$aUserFields[$oFields->get_field( 'id' )] = $this->m_aTemplateVars['field_'.$oFields->get_field( 'name' )];
$oFields->next();
}
}
$oRoles = $this->m_oRole->getRoles();
if ( is_object( $oRoles ) ) {
while ( !$oRoles->eof() ) {
if ( in_post( 'role_'.$oRoles->get_field( 'id' ) ) )
$aUserRoles[] = $oRoles->get_field( 'id' );
$oRoles->next();
}
}
//print_r($aUserRoles);
if ( $iUserID == $this->m_aUserData['id_member'] || $iUserID == 1){
$aUserRoles=null;
}
if ( !$this->updateUser( $iUserID, $aUserInfo, $aUserFields, $aUserRoles ) )
$this->m_aTemplateVars['module_errors'][] = $this->m_oApplication->Localizer->get_string( $this->get_last_error() );
else
$this->m_oApplication->CurrentPage->redirect( $this->m_aTemplateVars['ROOT'].'admin/index.php?action=run_module&module=User&id_member='.$iUserID.'&modified' );
}
}
else
$this->m_aTemplateVars['module_errors'] = CValidator::get_errors();
return TRUE;
}
function check_install() {
foreach ( $this->m_aTables as $sKey => $sValue ) {
$sQuery = 'SHOW TABLES LIKE "%prefix%'.$sValue.'"';
$oRS = $this->m_oDataBase->select_custom_sql( $sQuery );
if ( !is_object( $oRS ) || $oRS->eof() )
return FALSE;
}
return TRUE;
}
function install() {
foreach ( $this->m_aTables as $sKey => $sValue )
$this->m_oDataBase->internalQuery( 'DROP TABLE IF EXISTS %prefix%'.$sValue );
$this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['statuses'].' (
id_status int AUTO_INCREMENT NOT NULL,
name varchar(64) NOT NULL,
PRIMARY KEY ( id_status )
)
'
);
$this->m_oDataBase->internalQuery( 'INSERT INTO %prefix%'.$this->m_aTables['statuses'].' ( id_status, name )
VALUES ( 1, "Current" ), ( 2, "Inactive" )' );
$this->m_oDataBase->internalQuery( "CREATE TABLE %prefix%".$this->m_aTables['users']." (
`id_member` int(11) NOT NULL auto_increment,
`id_group` int(10) unsigned NOT NULL,
`id_status` int(10) unsigned NOT NULL,
`login` varchar(64) NOT NULL,
`password` varchar(100) NOT NULL,
`email` varchar(255) NOT NULL,
`reg_time` int(10) unsigned NOT NULL,
`lang_id` int(10) unsigned NOT NULL default '1',
`theme` int(10) unsigned NOT NULL default '0',
PRIMARY KEY (`id_member`),
KEY `id_status` (`id_status`,`id_group`,`lang_id`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 ");
$this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['roles'].' (
id_role int AUTO_INCREMENT NOT NULL,
name varchar(64) NOT NULL,
code varchar(64) NOT NULL,
description text,
status smallint(5) UNSIGNED NOT NULL,
PRIMARY KEY ( id_role ),
UNIQUE INDEX ( code ),
KEY ( status )
) ENGINE=MyISAM DEFAULT CHARSET=cp1251
'
);
$this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['groups'].' (
id_group int AUTO_INCREMENT NOT NULL,
name varchar(64),
description text,
status smallint(5) UNSIGNED NOT NULL,
PRIMARY KEY ( id_group ),
KEY ( status )
) ENGINE=MyISAM DEFAULT CHARSET=cp1251
'
);
$this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['fields'].' (
id_field int AUTO_INCREMENT NOT NULL,
name varchar(64) NOT NULL,
type smallint(5) UNSIGNED NOT NULL,
status smallint(5) UNSIGNED NOT NULL,
PRIMARY KEY ( id_field ),
KEY ( status )
) ENGINE=MyISAM DEFAULT CHARSET=cp1251
'
);
$this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['field2group'].' (
id_group int NOT NULL,
id_field int NOT NULL,
required smallint(5) UNSIGNED NOT NULL,
visible smallint(5) UNSIGNED NOT NULL,
PRIMARY KEY ( id_group, id_field ),
KEY ( visible )
) ENGINE=MyISAM DEFAULT CHARSET=cp1251
'
);
$this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['field2user'].' (
id_member int NOT NULL,
id_field int NOT NULL,
value TEXT NOT NULL,
PRIMARY KEY ( id_member, id_field )
) ENGINE=MyISAM DEFAULT CHARSET=cp1251
'
);
$this->m_oDataBase->internalQuery( 'CREATE TABLE %prefix%'.$this->m_aTables['user2role'].' (
id_role int NOT NULL,
id_member int NOT NULL,
PRIMARY KEY ( id_role, id_member )
) ENGINE=MyISAM DEFAULT CHARSET=cp1251
'
);
return TRUE;
}
// Old functions for compatibility with old LLA version
function is_logged( $iRoleID = 0 ) {
return $this->isLogged( $iRoleID );
}
function get_last_error() {
return $this->getLastError();
}
function get_by_id( $iID ) {
return $this->getByID( $iID );
}
function set_logged_vars( &$tv ) {
return $this->setLoggedVars( $tv );
}
function set_user_from_db( $rs ) {
return $this->setUserFromDB( $rs );
}
function fetch_( $query, $param, $what = 1 )
{
$param = trim( $param );
$par_expl = explode( ',', $param );
$row_set = $this->m_oDataBase->select_custom_sql( $query );
if ( !is_object($row_set) || !$row_set->get_record_count() )
{
return;
}
if ( $what == '1' )
{
if ( count( $par_expl ) > 1 )
{
while ( list( , $val ) = each( $par_expl ) )
{
$ret_array[$val] = $row_set->get_field( $val );
}
return $ret_array;
}
else
{
return $row_set->get_field( $param );
}
} elseif ( $what == 'all' )
{
for( $x = 0;$x < $row_set->get_record_count();$x++ )
{
if ( count( $par_expl ) > 1 )
{
for($i=0;$iget_field( $par_expl[$i] );
}
//return $array;
}
else
{
$array[] = $row_set->get_field( $param );
}
$row_set->next();
}
}
else
{
return;
}
return $array;
}
}
class CGroup {
var $m_oApplication = NULL;
var $m_oDataBase = NULL;
var $m_aTemplateVars = array();
var $sLastError = '';
var $m_aTables = array();
var $m_iGroupID = 0;
function CGroup( &$oApp, $iGroupID = 0 ) {
$this->m_oApplication =&$oApp;
$this->m_aTemplateVars =&$oApp->template_vars;
$this->m_oDataBase =&$oApp->DataBase;
$this->m_aTables = array(
'users' => 'me_members',
'groups' => 'me_groups',
'fields' => 'me_fields',
'roles' => 'me_roles',
'field2group' => 'me_field2group',
);
$this->m_iGroupID = intval( $iGroupID );
}
function createGroup( $aInfo, $aFieldsID = array(), $aRequiredFieldsID = array(), $aVisibleFieldsID = array() ) {
$aInsert = array(
'name' => $aInfo['name'],
'description' => $aInfo['description'],
'status' => isset( $aInfo['status'] ) ? 1 : 0,
);
$iGroupID = $this->m_oDataBase->insert_sql( $this->m_aTables['groups'], $aInsert );
if ( $iSize = sizeOf( $aFieldsID ) ) {
for ( $i = 0; $i < $iSize; $i++ )
$this->addField( $aFieldsID[$i], in_array( $aFieldsID[$i], $aRequiredFieldsID ), in_array( $aFieldsID[$i], $aVisibleFieldsID ), $iGroupID );
}
return $iGroupID;
}
function deleteGroup( $iGroupID = 0 ) {
if ( !intval( $iGroupID ) ) {
$iGroupID = $this->m_iGroupID;
$this->m_iGroupID = 0;
}
if ( !$iGroupID )
return FALSE;
$this->m_oDataBase->delete_sql( $this->m_aTables['field2group'], array( 'id_group' => $iGroupID ) );
return $this->m_oDataBase->delete_sql( $this->m_aTables['groups'], array( 'id_group' => $iGroupID ) );
}
function addField( $iFieldID, $bRequired = TRUE, $bVisible = TRUE, $iGroupID = 0 ) {
if ( !intval( $iGroupID ) )
$iGroupID = $this->m_iGroupID;
if ( !$iGroupID )
return FALSE;
if ( !( $iFieldID = intval( $iFieldID ) ) )
return FALSE;
return $this->m_oDataBase->insert_sql( $this->m_aTables['field2group'], array( 'id_group' => $iGroupID, 'id_field' => $iFieldID, 'required' => $bRequired, 'visible' => $bVisible ) );
}
function deleteField( $iFieldID, $iGroupID = 0 ) {
if ( !intval( $iGroupID ) )
$iGroupID = $this->m_iGroupID;
if ( !$iGroupID )
return FALSE;
if ( !( $iFieldID = intval( $iFieldID ) ) )
return FALSE;
return $this->m_oDataBase->delete_sql( $this->m_aTables['field2group'], array( 'id_field' => $iFieldID, 'id_group' => $iGroupID ) );
}
function getFields( $iGroupID = 0, $bVisible = FALSE ) {
if ( !intval( $iGroupID ) )
$iGroupID = $this->m_iGroupID;
if ( !$iGroupID )
return FALSE;
if ( !isset( $this->m_aFields[$iGroupID] ) ) {
$sQuery = 'SELECT f.id_field AS id, f.name, f.type, ftg.required, ftg.visible
FROM %prefix%'.$this->m_aTables['fields'].' f
INNER JOIN %prefix%'.$this->m_aTables['field2group'].' ftg ON ( f.id_field = ftg.id_field )
INNER JOIN %prefix%'.$this->m_aTables['groups'].' g ON ( ftg.id_group = g.id_group )
WHERE f.status = 1 AND g.id_group = '.$iGroupID;
if ( $bVisible )
$sQuery .= ' AND ftg.visible = 1';
$this->m_aFields[$iGroupID] = $this->m_oDataBase->select_custom_sql( $sQuery );
}
return $this->m_aFields[$iGroupID];
}
function getGroups() {
if ( !isset( $this->m_aGroups ) )
$this->m_aGroups = $this->m_oDataBase->select_custom_sql( 'SELECT id_group AS id, name, description, status FROM %prefix%'.$this->m_aTables['groups'] );
$this->m_aGroups->first();
return $this->m_aGroups;
}
function getGroup( $iGroupID = 0 ) {
if ( !intval( $iGroupID ) )
$iGroupID = $this->m_iGroupID;
if ( !$iGroupID )
return FALSE;
if ( !isset( $this->m_aGroup[$iGroupID] ) )
$this->m_aGroup[$iGroupID] = $this->m_oDataBase->select_custom_sql( 'SELECT * FROM %prefix%'.$this->m_aTables['groups'].' WHERE id_group = '.$iGroupID );
return $this->m_aGroup[$iGroupID];
}
}
class CField {
var $m_oApplication = NULL;
var $m_oDataBase = NULL;
var $m_aTemplateVars = array();
var $sLastError = '';
var $m_aTables = array();
var $m_iFieldID = 0;
function CField( &$oApp, $iFieldID = 0 ) {
$this->m_oApplication =&$oApp;
$this->m_aTemplateVars =&$oApp->template_vars;
$this->m_oDataBase =&$oApp->DataBase;
$this->m_aTables = array(
'groups' => 'me_groups',
'fields' => 'me_fields',
'field2group' => 'me_field2group',
);
$this->m_iFieldID = intval( $iFieldID );
}
function createField( $aInfo ) {
$this->m_oDataBase->insert_sql( $this->m_aTables['fields'], $aInfo );
return $this->m_oDataBase->get_last_id();
}
function deleteField( $iFieldID = 0 ) {
if ( !intval( $iFieldID ) ) {
$iFieldID = $this->m_iFieldID;
$this->m_iFieldID = 0;
}
if ( !$iFieldID )
return FALSE;
$this->m_oDataBase->delete_sql( $this->m_aTables['field2group'], array( 'id_field' => $iFieldID ) );
return $this->m_oDataBase->delete_sql( $this->m_aTables['fields'], array( 'id_field' => $iFieldID ) );
}
}
class CRole {
var $m_oApplication = NULL;
var $m_oDataBase = NULL;
var $m_aTemplateVars = array();
var $sLastError = '';
var $m_aTables = array();
var $m_iRoleID = 0;
function CRole( &$oApp, $iRoleID = 0 ) {
$this->m_oApplication =&$oApp;
$this->m_aTemplateVars =&$oApp->template_vars;
$this->m_oDataBase =&$oApp->DataBase;
$this->m_aTables = array(
'users' => 'me_members',
'roles' => 'me_roles',
'user2role' => 'me_member2role',
);
$this->m_iRoleID = intval( $iRoleID );
}
function createRole( $aInfo ) {
$aInsert = array(
'name' => $aInfo['name'],
'code' => $aInfo['code'],
'description' => $aInfo['description'],
'status' => isset( $aInfo['status'] ) ? 1 : 0,
);
$this->m_oDataBase->insert_sql( $this->m_aTables['roles'], $aInsert );
return $this->m_oDataBase->get_last_id();
}
function deleteRole( $iRoleID = 0 ) {
if ( !intval( $iRoleID ) ) {
$iRoleID = $this->m_iRoleID;
$this->m_iRoleID = 0;
}
if ( !$iRoleID )
return FALSE;
$this->m_oDataBase->delete_sql( $this->m_aTables['user2role'], array( 'id_role' => $iRoleID ) );
return $this->m_oDataBase->delete_sql( $this->m_aTables['groups'], array( 'id_role' => $iRoleID ) );
}
function addUser( $iUserID, $iRoleID = 0 ) {
if ( !intval( $iRoleID ) )
$iRoleID = $this->m_iRoleID;
if ( !$iRoleID )
return FALSE;
if ( !( $iUserID = intval( $iUserID ) ) )
return FALSE;
return $this->m_oDataBase->insert_sql( $this->m_aTables['user2role'], array( 'id_role' => $iRoleID, 'id_member' => $iUserID ) );
}
function deleteUser( $iUserID, $iRoleID = 0 ) {
if ( !intval( $iRoleID ) )
$iRoleID = $this->m_iRoleID;
if ( !$iRoleID )
return FALSE;
if ( !( $iUserID = intval( $iUserID ) ) )
return FALSE;
return $this->m_oDataBase->delete_sql( $this->m_aTables['user2role'], array( 'id_member' => $iGroupID, 'id_role' => $iRoleID ) );
}
function getRoles() {
if ( !isset( $this->m_oRoles ) )
$this->m_oRoles = $this->m_oDataBase->select_custom_sql( 'SELECT id_role AS id, name, code, description FROM %prefix%'.$this->m_aTables['roles'] );
$this->m_oRoles->first();
return $this->m_oRoles;
}
}
?>