diff --git a/class/class.user.php b/class/class.user.php
index 7eac240..ff69704 100644
--- a/class/class.user.php
+++ b/class/class.user.php
@@ -16,906 +16,846 @@
class AVE_User
{
/**
- * СВОЙСТВА
+ * СВОЙСТВА
*/
- /**
- * Количество Пользователей отображаемых на одной странице списка
- *
- * @public int
- */
- public $_limit = 25;
+ /**
+ * Количество Пользователей отображаемых на одной странице списка
+ *
+ * @public int
+ */
+ public $_limit = 25;
- /**
- * Допустимые права доступа в административной панели
- *
- * @public array
- */
- public $_allowed_admin_permission = [
- 'alles', // все права
- 'adminpanel', // доступ в админку
- 'group_view', 'group_edit', // группы пользователей
- 'user_view', 'user_edit', 'user_perms', // пользователи
- 'template_view', 'template_edit', 'template_php', // шаблоны
- 'rubric_view', 'rubric_edit', 'rubric_php', 'rubric_perms', 'rubric_code', // рубрики
- 'document_view', 'document_php', 'document_revisions', // документы
- 'remark_view', 'remark_edit',
- 'request_view', 'request_edit', 'request_php', // запросы
- 'navigation_view', 'navigation_edit', // навигация
- 'blocks_view', 'blocks_edit', // визуальные блоки
- 'sysblocks_view', 'sysblocks_edit', // системные блоки
- 'modules_view', 'modules_admin', 'modules_system', // модули
- 'mediapool_int', 'mediapool_add', 'mediapool_del', 'mediapool_finder', // файловый менеджер
- 'gen_settings', 'gen_settings_more', 'gen_settings_countries', 'gen_settings_languages', // общие настройки
- 'gen_settings_robots', 'gen_settings_fcustom',
- 'db_actions', // база данных
- 'logs_view', 'logs_clear', // логи
- 'cache_clear', 'cache_thumb' // сессии и кеш
- ];
+ /**
+ * Допустимые права доступа в административной панели
+ *
+ * @public array
+ */
+ public $_allowed_admin_permission = [
+ 'alles', // все права
+ 'adminpanel', // доступ в админку
+ 'group_view', 'group_edit', // группы пользователей
+ 'user_view', 'user_edit', 'user_perms', // пользователи
+ 'template_view', 'template_edit', 'template_php', // шаблоны
+ 'rubric_view', 'rubric_edit', 'rubric_php', 'rubric_perms', 'rubric_code', // рубрики
+ 'document_view', 'document_php', 'document_revisions', // документы
+ 'remark_view', 'remark_edit',
+ 'request_view', 'request_edit', 'request_php', // запросы
+ 'navigation_view', 'navigation_edit', // навигация
+ 'blocks_view', 'blocks_edit', // визуальные блоки
+ 'sysblocks_view', 'sysblocks_edit', // системные блоки
+ 'modules_view', 'modules_admin', 'modules_system', // модули
+ 'mediapool_int', 'mediapool_add', 'mediapool_del', 'mediapool_finder', // файловый менеджер
+ 'gen_settings', 'gen_settings_more', 'gen_settings_countries', 'gen_settings_languages', // общие настройки
+ 'gen_settings_robots', 'gen_settings_fcustom',
+ 'db_actions', // база данных
+ 'logs_view', 'logs_clear', // логи
+ 'cache_clear', 'cache_thumb' // сессии и кеш
+ ];
- /**
- * Разделитель используемый при записи даты рождения
- *
- * @public string
- */
- public $_birthday_delimetr = '.';
+ /**
+ * Разделитель используемый при записи даты рождения
+ *
+ * @public string
+ */
+ public $_birthday_delimetr = '.';
/**
- * ВНУТРЕННИЕ МЕТОДЫ
+ * ВНУТРЕННИЕ МЕТОДЫ
*/
- /**
- * Проверка элементов учетной записи пользователя
- *
- * @param boolean $new признак проверки элементов новой учетной записи
- * @return array
- */
- function _userFieldValidate($new = false)
- {
- global $AVE_DB, $AVE_Template;
+ /**
+ * Проверка элементов учетной записи пользователя
+ *
+ * @param boolean $new признак проверки элементов новой учетной записи
+ * @return array
+ */
+ function _userFieldValidate($new = false)
+ {
+ global $AVE_DB, $AVE_Template;
- $errors = array();
+ $errors = array();
- $regex = '/[^\x20-\xFF]/';
- $regex_username = '/[^\w-]/';
- $regex_password = '/[^\x21-\xFF]/';
- $regex_birthday = '#(0[1-9]|[12][0-9]|3[01])([[:punct:]| ])(0[1-9]|1[012])\2(19|20)\d\d#';
-// $regex_email = "¬^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+(?:[a-z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|asia|jobs|museum)$¬i";
- $regex_email = '/^[\w.-]+@[a-z0-9.-]+\.(?:[a-z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|asia|jobs|museum)$/i';
+ $regex = '/[^\x20-\xFF]/';
+ $regex_username = '/[^\w-]/';
+ $regex_password = '/[^\x21-\xFF]/';
+ $regex_birthday = '#(0[1-9]|[12][0-9]|3[01])([[:punct:]| ])(0[1-9]|1[012])\2(19|20)\d\d#';
+ $regex_email = '/^[\w.-]+@[a-z0-9.-]+\.(?:[a-z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|asia|jobs|museum)$/i';
- // Проверка логина
- if (empty($_POST['user_name']))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_NO_USERNAME');
- }
- elseif (preg_match($regex_username, $_POST['user_name']))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_ERROR_USERNAME');
- }
+ // Проверка логина
+ if (empty($_POST['user_name']))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_NO_USERNAME');
+ }
+ elseif (preg_match($regex_username, $_POST['user_name']))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_ERROR_USERNAME');
+ }
- // Проверка имени
- if (empty($_POST['firstname']))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_NO_FIRSTNAME');
- }
- elseif (preg_match($regex, stripslashes($_POST['firstname'])))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_ERROR_FIRSTNAME');
- }
+ // Проверка имени
+ if (empty($_POST['firstname']))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_NO_FIRSTNAME');
+ }
+ elseif (preg_match($regex, stripslashes($_POST['firstname'])))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_ERROR_FIRSTNAME');
+ }
- // Проверка фамилии
- if (empty($_POST['lastname']))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_NO_LASTNAME');
- }
- elseif (preg_match($regex, stripslashes($_POST['lastname'])))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_ERROR_LASTNAME');
- }
+ // Проверка фамилии
+ if (empty($_POST['lastname']))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_NO_LASTNAME');
+ }
+ elseif (preg_match($regex, stripslashes($_POST['lastname'])))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_ERROR_LASTNAME');
+ }
- // Проверка e-Mail
- if (empty($_POST['email']))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_NO_EMAIL');
- }
- elseif (!preg_match($regex_email, $_POST['email']))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_EMAIL_ERROR');
- }
- else
- {
- $email_exist = $AVE_DB->Query("
- SELECT *
- FROM " . PREFIX . "_users
- WHERE email != '" . (isset($_POST['Email_Old']) ? $_POST['Email_Old'] : '') . "'
- AND email = '" . $_POST['email'] . "'
- " . ($new ? "AND email != '" . $_SESSION['user_email'] . "'" : '') . "
- LIMIT 1
- ")->NumRows();
- if ($email_exist==1)
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_EMAIL_EXIST');
- }
- }
+ // Проверка e-Mail
+ if (empty($_POST['email']))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_NO_EMAIL');
+ }
+ elseif (!preg_match($regex_email, $_POST['email']))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_EMAIL_ERROR');
+ }
+ else
+ {
+ // ИСПРАВЛЕНО: Правильная проверка уникальности email
+ $email_val = $_POST['email'];
+
+ if ($new) {
+ // При создании нового пользователя проверяем, нет ли такого email вообще
+ $sql_check = "SELECT Id FROM " . PREFIX . "_users WHERE email = '" . $email_val . "' LIMIT 1";
+ } else {
+ // При редактировании проверяем, нет ли такого email у ДРУГИХ пользователей
+ $old_email = isset($_POST['Email_Old']) ? $_POST['Email_Old'] : '';
+ $sql_check = "SELECT Id FROM " . PREFIX . "_users WHERE email = '" . $email_val . "' AND email != '" . $old_email . "' LIMIT 1";
+ }
- // Проверка пароля
- if (isset($_REQUEST['action']) && $_REQUEST['action'] != 'edit')
- {
- if (empty($_POST['password']))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_NO_PASSWORD');
- }
- elseif (strlen($_POST['password']) < 4)
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_PASSWORD_SHORT');
- }
- elseif (preg_match($regex_password, $_POST['password']))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_PASSWORD_ERROR');
- }
- }
+ $email_exist = $AVE_DB->Query($sql_check)->NumRows();
- // Проверка даты рождения
- $match = '';
-
- if (! empty($_POST['birthday']) && ! preg_match($regex_birthday, $_POST['birthday'], $match))
- {
- $errors[] = @$AVE_Template->get_config_vars('USER_ERROR_DATEFORMAT');
- }
- elseif (!empty($match))
- {
+ if ($email_exist >= 1)
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_EMAIL_EXIST');
+ }
+ }
- $_POST['birthday'] = $match[1]
- . $this->_birthday_delimetr . $match[3]
- . $this->_birthday_delimetr . $match[4];
- }
+ // Проверка пароля
+ if (isset($_REQUEST['action']) && $_REQUEST['action'] != 'edit')
+ {
+ if (empty($_POST['password']))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_NO_PASSWORD');
+ }
+ elseif (strlen($_POST['password']) < 4)
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_PASSWORD_SHORT');
+ }
+ elseif (preg_match($regex_password, $_POST['password']))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_PASSWORD_ERROR');
+ }
+ }
- return $errors;
- }
+ // Проверка даты рождения
+ $match = '';
+
+ if (! empty($_POST['birthday']) && ! preg_match($regex_birthday, $_POST['birthday'], $match))
+ {
+ $errors[] = @$AVE_Template->get_config_vars('USER_ERROR_DATEFORMAT');
+ }
+ elseif (!empty($match))
+ {
+
+ $_POST['birthday'] = $match[1]
+ . $this->_birthday_delimetr . $match[3]
+ . $this->_birthday_delimetr . $match[4];
+ }
+
+ return $errors;
+ }
/**
- * ВНЕШНИЕ МЕТОДЫ
+ * ВНЕШНИЕ МЕТОДЫ
*/
- /**
- * Группы пользователей
- */
+ /**
+ * Группы пользователей
+ */
- /**
- * Получение списка Групп пользователей
- *
- * @param string $exclude идентификатор исключаемой Группы пользователей (гостей)
- * @return array
- */
- function userGroupListGet($exclude = '')
- {
- global $AVE_DB;
+ /**
+ * Получение списка Групп пользователей
+ *
+ * @param string $exclude идентификатор исключаемой Группы пользователей (гостей)
+ * @return array
+ */
+ function userGroupListGet($exclude = '')
+ {
+ global $AVE_DB;
- $user_groups = array();
- $sql = $AVE_DB->Query("
- SELECT
- grp.*,
- COUNT(usr.Id) AS UserCount
- FROM
- " . PREFIX . "_user_groups AS grp
- LEFT JOIN
- " . PREFIX . "_users AS usr
- ON usr.user_group = grp.user_group
- " . (($exclude != '' && is_numeric($exclude)) ? "WHERE grp.user_group != '" . $exclude . "'" : '') . "
- GROUP BY grp.user_group
- ");
+ $user_groups = array();
+ $sql = $AVE_DB->Query("
+ SELECT
+ grp.*,
+ COUNT(usr.Id) AS UserCount
+ FROM
+ " . PREFIX . "_user_groups AS grp
+ LEFT JOIN
+ " . PREFIX . "_users AS usr
+ ON usr.user_group = grp.user_group
+ " . (($exclude != '' && is_numeric($exclude)) ? "WHERE grp.user_group != '" . $exclude . "'" : '') . "
+ GROUP BY grp.user_group
+ ");
- while ($row = $sql->FetchRow())
- {
- array_push($user_groups, $row);
- }
+ while ($row = $sql->FetchRow())
+ {
+ array_push($user_groups, $row);
+ }
- return $user_groups;
- }
-
- /**
- * Отобразить список Групп пользователей
- *
- */
- function userGroupListShow()
- {
- global $AVE_Template;
-
- $AVE_Template->assign('ugroups', $this->userGroupListGet());
- $AVE_Template->assign('content', $AVE_Template->fetch('groups/groups.tpl'));
- }
-
- /**
- * Создание новой Группы пользователей
- *
- */
- function userGroupNew()
- {
- global $AVE_DB, $AVE_Template;
-
- if (!empty($_POST['user_group_name']))
- {
- $AVE_DB->Query("
- INSERT
- INTO " . PREFIX . "_user_groups
- SET
- user_group = '',
- user_group_name = '" . $_POST['user_group_name'] . "',
- status = '1',
- user_group_permission = ''
- ");
- $iid = $AVE_DB->InsertId();
-
- reportLog($AVE_Template->get_config_vars('UGROUP_REPORT_ADD') . ' - (' . groupName($iid) . ')');
-
- header('Location:index.php?do=groups&action=grouprights&Id=' . $iid . '&cp=' . SESSION);
- }
- else
- {
- header('Location:index.php?do=groups&cp=' . SESSION);
- }
- }
-
- /**
- * Удаление Группы пользователей
- *
- * @param int $user_group_id идентификатор Группы пользователей
- */
- function userGroupDelete($user_group_id = '0')
- {
- global $AVE_DB, $AVE_Template;
-
- if (is_numeric($user_group_id) && $user_group_id > 2)
- {
- $exist_user_in_group = $AVE_DB->Query("
- SELECT user_group
- FROM " . PREFIX . "_users
- WHERE user_group = '" . $user_group_id . "'
- LIMIT 1
- ")->NumRows();
-
- if (!$exist_user_in_group)
- {
- $AVE_DB->Query("
- DELETE
- FROM " . PREFIX . "_user_groups
- WHERE user_group = '" . $user_group_id . "'
- ");
-
- reportLog($AVE_Template->get_config_vars('UGROUP_REPORT_DEL') . ' - (' . groupName($user_group_id) . ')');
- }
- }
-
- header('Location:index.php?do=groups&cp=' . SESSION);
- }
-
- /**
- * Редактирование прав Группы пользователей
- *
- * @param int $user_group_id идентификатор Группы пользователей
- */
- function userGroupPermissionEdit($user_group_id)
- {
- global $AVE_DB, $AVE_Template, $AVE_Module;
-
- if ((UGROUP != 1 && UGROUP == $user_group_id) || (UGROUP != 1 && $user_group_id == 1) || (UGROUP != 1 && $user_group_id == 2))
- {
-
- $AVE_Template->assign('own_group', true);
- }
- else
- {
- if (is_numeric($user_group_id) && $user_group_id)
- {
- $row = $AVE_DB->Query("
- SELECT
- user_group_name,
- user_group_permission
- FROM
- " . PREFIX . "_user_groups
- WHERE
- user_group = '" . $user_group_id . "'
- ")->FetchRow();
- }
-
- if (empty($row))
- {
- $AVE_Template->assign('no_group', true);
- }
- else
- {
- $AVE_Template->assign('g_all_permissions', $this->_allowed_admin_permission);
- $AVE_Template->assign('g_group_permissions', array_diff(explode('|', $row->user_group_permission), array('')));
- $AVE_Template->assign('g_name', $row->user_group_name);
- $AVE_Template->assign('modules', $AVE_Module->_modules);
- }
- }
-
- $AVE_Template->assign('content', $AVE_Template->fetch('groups/perms.tpl'));
- }
-
- /**
- * Запись прав Групп пользователей
- *
- * @param int $user_group_id идентификатор Группы пользователей
- */
- function userGroupPermissionSave($user_group_id)
- {
- global $AVE_DB, $AVE_Template;
-
-if (is_numeric($user_group_id)) {
- $permsArray = (isset($_REQUEST['perms']) && is_array($_REQUEST['perms'])) ? $_REQUEST['perms'] : [];
- $perms = !empty($permsArray) ? implode('|', $permsArray) : '';
-
- if ($user_group_id == '1' || in_array('alles', $permsArray)) {
- $perms = 'alles';
+ return $user_groups;
}
- if ($user_group_id == '2') {
- $perms = '';
+ /**
+ * Отобразить список Групп пользователей
+ *
+ */
+ function userGroupListShow()
+ {
+ global $AVE_Template;
+
+ $AVE_Template->assign('ugroups', $this->userGroupListGet());
+ $AVE_Template->assign('content', $AVE_Template->fetch('groups/groups.tpl'));
}
- $sql = $AVE_DB->Query("
- UPDATE " . PREFIX . "_user_groups
- SET user_group_permission = '" . $perms . "'
- " . (!empty($_POST['user_group_name']) ? ", user_group_name = '" . $_POST['user_group_name'] . "'" : '') . "
- WHERE user_group = '" . $user_group_id . "'
- ");
-}
+ /**
+ * Создание новой Группы пользователей
+ *
+ */
+ function userGroupNew()
+ {
+ global $AVE_DB, $AVE_Template;
- if (is_object($sql) && $sql->_result === false) {
- $message = $AVE_Template->get_config_vars('UGROUP_SAVED_ERR');
- $header = $AVE_Template->get_config_vars('UGROUP_ERROR');
- $theme = 'error';
+ if (!empty($_POST['user_group_name']))
+ {
+ $AVE_DB->Query("
+ INSERT
+ INTO " . PREFIX . "_user_groups
+ SET
+ user_group = '',
+ user_group_name = '" . $_POST['user_group_name'] . "',
+ status = '1',
+ user_group_permission = ''
+ ");
+ $iid = $AVE_DB->InsertId();
- }else{
- $message = $AVE_Template->get_config_vars('UGROUP_SAVED');
- $header = $AVE_Template->get_config_vars('UGROUP_SUCCESS');
- $theme = 'accept';
- reportLog($AVE_Template->get_config_vars('UGROUP_SAVE_MAIN') . ' - (' . groupName($user_group_id) . ')');
- }
+ reportLog($AVE_Template->get_config_vars('UGROUP_REPORT_ADD') . ' - (' . groupName($iid) . ')');
- if (isset($_REQUEST['ajax']) && $_REQUEST['ajax'] = '1') {
+ header('Location:index.php?do=groups&action=grouprights&Id=' . $iid . '&cp=' . SESSION);
+ }
+ else
+ {
+ header('Location:index.php?do=groups&cp=' . SESSION);
+ }
+ }
- echo json_encode(array('message' => $message, 'header' => $header, 'theme' => $theme));
- } else {
- $AVE_Template->assign('message', $message);
- header('Location:index.php?do=groups&cp=' . SESSION);
- }
+ /**
+ * Удаление Группы пользователей
+ *
+ * @param int $user_group_id идентификатор Группы пользователей
+ */
+ function userGroupDelete($user_group_id = '0')
+ {
+ global $AVE_DB, $AVE_Template;
- exit;
- }
+ if (is_numeric($user_group_id) && $user_group_id > 2)
+ {
+ $exist_user_in_group = $AVE_DB->Query("
+ SELECT user_group
+ FROM " . PREFIX . "_users
+ WHERE user_group = '" . $user_group_id . "'
+ LIMIT 1
+ ")->NumRows();
- /**
- * Учетные записи пользователей
- */
+ if (!$exist_user_in_group)
+ {
+ $AVE_DB->Query("
+ DELETE
+ FROM " . PREFIX . "_user_groups
+ WHERE user_group = '" . $user_group_id . "'
+ ");
- /**
- * Формирование спискка учетных записей пользователей
- *
- * @param int $user_group_id идентификатор Группы пользователей
- */
- function userListFetch($user_group_id = '')
- {
- global $AVE_DB, $AVE_Template;
+ reportLog($AVE_Template->get_config_vars('UGROUP_REPORT_DEL') . ' - (' . groupName($user_group_id) . ')');
+ }
+ }
- $search_by_group = '';
- $search_by_id_or_name = '';
- $user_group_navi = '';
- $query_navi = '';
- $status_search = '';
- $status_navi = '';
+ header('Location:index.php?do=groups&cp=' . SESSION);
+ }
+
+ /**
+ * Редактирование прав Группы пользователей
+ *
+ * @param int $user_group_id идентификатор Группы пользователей
+ */
+ function userGroupPermissionEdit($user_group_id)
+ {
+ global $AVE_DB, $AVE_Template, $AVE_Module;
+
+ if ((UGROUP != 1 && UGROUP == $user_group_id) || (UGROUP != 1 && $user_group_id == 1) || (UGROUP != 1 && $user_group_id == 2))
+ {
+
+ $AVE_Template->assign('own_group', true);
+ }
+ else
+ {
+ if (is_numeric($user_group_id) && $user_group_id)
+ {
+ $row = $AVE_DB->Query("
+ SELECT
+ user_group_name,
+ user_group_permission
+ FROM
+ " . PREFIX . "_user_groups
+ WHERE
+ user_group = '" . $user_group_id . "'
+ ")->FetchRow();
+ }
+
+ if (empty($row))
+ {
+ $AVE_Template->assign('no_group', true);
+ }
+ else
+ {
+ $AVE_Template->assign('g_all_permissions', $this->_allowed_admin_permission);
+ $AVE_Template->assign('g_group_permissions', array_diff(explode('|', $row->user_group_permission), array('')));
+ $AVE_Template->assign('g_name', $row->user_group_name);
+ $AVE_Template->assign('modules', $AVE_Module->_modules);
+ }
+ }
+
+ $AVE_Template->assign('content', $AVE_Template->fetch('groups/perms.tpl'));
+ }
+
+ /**
+ * Запись прав Групп пользователей
+ *
+ * @param int $user_group_id идентификатор Группы пользователей
+ */
+ function userGroupPermissionSave($user_group_id)
+ {
+ global $AVE_DB, $AVE_Template;
+
+ if (is_numeric($user_group_id)) {
+ $permsArray = (isset($_REQUEST['perms']) && is_array($_REQUEST['perms'])) ? $_REQUEST['perms'] : [];
+ $perms = !empty($permsArray) ? implode('|', $permsArray) : '';
+
+ if ($user_group_id == '1' || in_array('alles', $permsArray)) {
+ $perms = 'alles';
+ }
+
+ if ($user_group_id == '2') {
+ $perms = '';
+ }
+
+ $sql = $AVE_DB->Query("
+ UPDATE " . PREFIX . "_user_groups
+ SET user_group_permission = '" . $perms . "'
+ " . (!empty($_POST['user_group_name']) ? ", user_group_name = '" . $_POST['user_group_name'] . "'" : '') . "
+ WHERE user_group = '" . $user_group_id . "'
+ ");
+ }
+
+ if (is_object($sql) && $sql->_result === false) {
+ $message = $AVE_Template->get_config_vars('UGROUP_SAVED_ERR');
+ $header = $AVE_Template->get_config_vars('UGROUP_ERROR');
+ $theme = 'error';
+
+ }else{
+ $message = $AVE_Template->get_config_vars('UGROUP_SAVED');
+ $header = $AVE_Template->get_config_vars('UGROUP_SUCCESS');
+ $theme = 'accept';
+ reportLog($AVE_Template->get_config_vars('UGROUP_SAVE_MAIN') . ' - (' . groupName($user_group_id) . ')');
+ }
+
+ if (isset($_REQUEST['ajax']) && $_REQUEST['ajax'] = '1') {
+
+ echo json_encode(array('message' => $message, 'header' => $header, 'theme' => $theme));
+ } else {
+ $AVE_Template->assign('message', $message);
+ header('Location:index.php?do=groups&cp=' . SESSION);
+ }
+
+ exit;
+ }
+
+ /**
+ * Учетные записи пользователей
+ */
+
+ /**
+ * Формирование спискка учетных записей пользователей
+ *
+ * @param int $user_group_id идентификатор Группы пользователей
+ */
+ function userListFetch($user_group_id = '')
+ {
+ global $AVE_DB, $AVE_Template;
+
+ $search_by_group = '';
+ $search_by_id_or_name = '';
+ $user_group_navi = '';
+ $query_navi = '';
+ $status_search = '';
+ $status_navi = '';
if (isset($_REQUEST['user_group']) && $_REQUEST['user_group'] != '0')
- {
+ {
$request_group = $_REQUEST['user_group'];
if (is_array($request_group)) {
- $request_group = reset($request_group); // Берем первый элемент
+ $request_group = reset($request_group);
}
- $user_group_id = ($user_group_id != '') ? $user_group_id : $request_group;
-
- // Убеждаемся, что ID является скалярным (строкой/числом)
+ $user_group_id = ($user_group_id != '') ? $user_group_id : $request_group;
+
if (is_scalar($user_group_id) && $user_group_id != '') {
$user_group_navi = '&user_group=' . $user_group_id;
$search_by_group = " AND user_group = '" . $user_group_id . "' ";
} else {
- // Если после обработки ID все равно некорректен, сбрасываем переменные
$user_group_navi = '';
$search_by_group = '';
}
- }
+ }
- if (!empty($_REQUEST['query']))
- {
- $q = urldecode($_REQUEST['query']);
- $search_by_id_or_name = "
- AND (email LIKE '%" . $q . "%'
- OR email = '" . $q . "'
- OR Id = '" . $q . "'
- OR firstname LIKE '" . $q . "%'
- OR lastname LIKE '" . $q . "%')
- ";
- $query_navi = '&query=' . urlencode($_REQUEST['query']);
- }
+ if (!empty($_REQUEST['query']))
+ {
+ $q = urldecode($_REQUEST['query']);
+ $search_by_id_or_name = "
+ AND (email LIKE '%" . $q . "%'
+ OR email = '" . $q . "'
+ OR Id = '" . $q . "'
+ OR firstname LIKE '" . $q . "%'
+ OR lastname LIKE '" . $q . "%')
+ ";
+ $query_navi = '&query=' . urlencode($_REQUEST['query']);
+ }
- if (isset($_REQUEST['status']) && $_REQUEST['status'] != 'all')
- {
- $status_search = " AND status = '" . $_REQUEST['status'] . "' ";
- $status_navi = '&status=' . $_REQUEST['status'];
- }
+ if (isset($_REQUEST['status']) && $_REQUEST['status'] != 'all')
+ {
+ $status_search = " AND status = '" . $_REQUEST['status'] . "' ";
+ $status_navi = '&status=' . $_REQUEST['status'];
+ }
- $num = $AVE_DB->Query("
- SELECT COUNT(*)
- FROM " . PREFIX . "_users
- WHERE 1"
- . $search_by_group
- . $search_by_id_or_name
- . $status_search
- )->GetCell();
+ $num = $AVE_DB->Query("
+ SELECT COUNT(*)
+ FROM " . PREFIX . "_users
+ WHERE 1"
+ . $search_by_group
+ . $search_by_id_or_name
+ . $status_search
+ )->GetCell();
- $sql = $AVE_DB->Query("
- SELECT *
- FROM " . PREFIX . "_users
- WHERE 1"
- . $search_by_group
- . $search_by_id_or_name
- . $status_search
- . " LIMIT " . (get_current_page()*$this->_limit-$this->_limit) . "," . $this->_limit
- );
+ $sql = $AVE_DB->Query("
+ SELECT *
+ FROM " . PREFIX . "_users
+ WHERE 1"
+ . $search_by_group
+ . $search_by_id_or_name
+ . $status_search
+ . " LIMIT " . (get_current_page()*$this->_limit-$this->_limit) . "," . $this->_limit
+ );
- $isShop = $AVE_DB->Query("SHOW TABLES LIKE '" . PREFIX . "_modul_shop_bestellungen'")->GetCell();
- $users = array();
+ $isShop = $AVE_DB->Query("SHOW TABLES LIKE '" . PREFIX . "_modul_shop_bestellungen'")->GetCell();
+ $users = array();
- while ($row = $sql->FetchRow())
- {
- // для комментариев
- //$sqla = $AVE_DB->Query("SELECT * FROM " . PREFIX . "_modul_comment_info WHERE comment_author_id = '".(int)$row->Id."'");
- //$row->comments = $sqla->numrows();
- $row->avatar=getAvatar($row->Id,40);
- array_push($users, $row);
- }
+ while ($row = $sql->FetchRow())
+ {
+ $row->avatar=getAvatar($row->Id,40);
+ array_push($users, $row);
+ }
- if ($num > $this->_limit)
- {
- $page_nav = '{t}';
- $page_nav = get_pagination(ceil($num/$this->_limit), 'page', $page_nav);
- $AVE_Template->assign('page_nav', $page_nav);
- }
+ if ($num > $this->_limit)
+ {
+ $page_nav = '{t}';
+ $page_nav = get_pagination(ceil($num/$this->_limit), 'page', $page_nav);
+ $AVE_Template->assign('page_nav', $page_nav);
+ }
- $AVE_Template->assign('ugroups', $this->userGroupListGet(2));
- $AVE_Template->assign('users', $users);
- }
+ $AVE_Template->assign('ugroups', $this->userGroupListGet(2));
+ $AVE_Template->assign('users', $users);
+ }
- /**
- * Создание новой учетной записи
- *
- */
- function userNew()
- {
- global $AVE_DB, $AVE_Template;
+ /**
+ * Создание новой учетной записи
+ *
+ */
+ function userNew()
+ {
+ global $AVE_DB, $AVE_Template;
- switch($_REQUEST['sub'])
- {
- case '':
- $AVE_Template->assign('available_countries', get_country_list(1));
- $AVE_Template->assign('ugroups', $this->userGroupListGet(2));
- $AVE_Template->assign('formaction', 'index.php?do=user&action=new&sub=save&cp=' . SESSION);
- $AVE_Template->assign('content', $AVE_Template->fetch('user/form.tpl'));
- break;
+ switch($_REQUEST['sub'])
+ {
+ case '':
+ $AVE_Template->assign('available_countries', get_country_list(1));
+ $AVE_Template->assign('ugroups', $this->userGroupListGet(2));
+ $AVE_Template->assign('formaction', 'index.php?do=user&action=new&sub=save&cp=' . SESSION);
+ $AVE_Template->assign('content', $AVE_Template->fetch('user/form.tpl'));
+ break;
- case 'save':
- $errors = $this->_userFieldValidate(1);
- if (!empty($errors))
- {
- $AVE_Template->assign('errors', $errors);
- $AVE_Template->assign('available_countries', get_country_list(1));
- $AVE_Template->assign('ugroups', $this->userGroupListGet(2));
- $AVE_Template->assign('formaction', 'index.php?do=user&action=new&sub=save&cp=' . SESSION);
- $AVE_Template->assign('content', $AVE_Template->fetch('user/form.tpl'));
- }
- else
- {
- $salt = make_random_string();
- $password = md5(md5(trim($_POST['password']) . $salt));
-$user_group_extra = '';
-if (isset($_POST['user_group_extra']) && is_array($_POST['user_group_extra'])) {
- $user_group_extra = implode(';', $_POST['user_group_extra']);
-}
+ case 'save':
+ $errors = $this->_userFieldValidate(true);
+ if (!empty($errors))
+ {
+ $AVE_Template->assign('errors', $errors);
+ $AVE_Template->assign('available_countries', get_country_list(1));
+ $AVE_Template->assign('ugroups', $this->userGroupListGet(2));
+ $AVE_Template->assign('formaction', 'index.php?do=user&action=new&sub=save&cp=' . SESSION);
+ $AVE_Template->assign('content', $AVE_Template->fetch('user/form.tpl'));
+ }
+ else
+ {
+ $salt = make_random_string();
+ $password = md5(md5(trim($_POST['password']) . $salt));
+ $user_group_extra = '';
+ if (isset($_POST['user_group_extra']) && is_array($_POST['user_group_extra'])) {
+ $user_group_extra = implode(';', $_POST['user_group_extra']);
+ }
-$AVE_DB->Query("
- INSERT INTO " . PREFIX . "_users
- SET
- Id = '',
- password = '" . $password . "',
- salt = '" . $salt . "',
- email = '" . $_POST['email'] . "',
- street = '" . $_POST['street'] . "',
- street_nr = '" . $_POST['street_nr'] . "',
- zipcode = '" . $_POST['zipcode'] . "',
- city = '" . $_POST['city'] . "',
- phone = '" . $_POST['phone'] . "',
- telefax = '" . $_POST['telefax'] . "',
- description = '" . $_POST['description'] . "',
- firstname = '" . $_POST['firstname'] . "',
- lastname = '" . $_POST['lastname'] . "',
- user_name = '" . $_POST['user_name'] . "',
- user_group = '" . $_POST['user_group'] . "',
- reg_time = '" . time() . "',
- status = '" . $_POST['status'] . "',
- last_visit = '" . time() . "',
- country = '" . $_POST['country'] . "',
- birthday = '" . $_POST['birthday'] . "',
- company = '" . $_POST['company'] . "',
- taxpay = '" . (isset($_POST['taxpay']) ? $_POST['taxpay'] : '') . "',
- user_group_extra = '" . $user_group_extra . "'
-");
- $user_id=$AVE_DB->InsertId();
- if(is_uploaded_file($_FILES["avatar"]["tmp_name"]))
- {
- // Если файл загружен успешно, перемещаем его
- // из временной директории в конечную
- $newf_n= BASE_DIR.'/'. UPLOAD_DIR.'/avatars/new/'.$_FILES["avatar"]["name"];
- move_uploaded_file($_FILES["avatar"]["tmp_name"],$newf_n);
- SetAvatar($user_id,$newf_n);
- }
+ $AVE_DB->Query("
+ INSERT INTO " . PREFIX . "_users
+ SET
+ Id = '',
+ password = '" . $password . "',
+ salt = '" . $salt . "',
+ email = '" . $_POST['email'] . "',
+ street = '" . $_POST['street'] . "',
+ street_nr = '" . $_POST['street_nr'] . "',
+ zipcode = '" . $_POST['zipcode'] . "',
+ city = '" . $_POST['city'] . "',
+ phone = '" . $_POST['phone'] . "',
+ telefax = '" . $_POST['telefax'] . "',
+ description = '" . $_POST['description'] . "',
+ firstname = '" . $_POST['firstname'] . "',
+ lastname = '" . $_POST['lastname'] . "',
+ user_name = '" . $_POST['user_name'] . "',
+ user_group = '" . $_POST['user_group'] . "',
+ reg_time = '" . time() . "',
+ status = '" . $_POST['status'] . "',
+ last_visit = '" . time() . "',
+ country = '" . $_POST['country'] . "',
+ birthday = '" . $_POST['birthday'] . "',
+ company = '" . $_POST['company'] . "',
+ taxpay = '" . (isset($_POST['taxpay']) ? $_POST['taxpay'] : '') . "',
+ user_group_extra = '" . $user_group_extra . "'
+ ");
+ $user_id=$AVE_DB->InsertId();
+ if(is_uploaded_file($_FILES["avatar"]["tmp_name"]))
+ {
+ $newf_n= BASE_DIR.'/'. UPLOAD_DIR.'/avatars/new/'.$_FILES["avatar"]["name"];
+ move_uploaded_file($_FILES["avatar"]["tmp_name"],$newf_n);
+ SetAvatar($user_id,$newf_n);
+ }
- $message = get_settings('mail_new_user');
- $message = str_replace('%NAME%', $_POST['user_name'], $message);
- $message = str_replace('%HOST%', HOST . ABS_PATH, $message);
- $message = str_replace('%PASSWORD%', $_POST['password'], $message);
- $message = str_replace('%EMAIL%', $_POST['email'], $message);
- $message = str_replace('%EMAILSIGNATURE%', get_settings('mail_signature'), $message);
-/*
- send_mail(
- $_POST['email'],
- $message,
- $AVE_Template->get_config_vars('USER_MAIL_SUBJECT')
- );
-*/
- reportLog($AVE_Template->get_config_vars('USER_REPORT_ADD') . ' - (' . stripslashes($_POST['user_name']) . ')');
+ $message = get_settings('mail_new_user');
+ $message = str_replace('%NAME%', $_POST['user_name'], $message);
+ $message = str_replace('%HOST%', HOST . ABS_PATH, $message);
+ $message = str_replace('%PASSWORD%', $_POST['password'], $message);
+ $message = str_replace('%EMAIL%', $_POST['email'], $message);
+ $message = str_replace('%EMAILSIGNATURE%', get_settings('mail_signature'), $message);
- header('Location:index.php?do=user&cp=' . SESSION);
- }
- break;
- }
- }
+ reportLog($AVE_Template->get_config_vars('USER_REPORT_ADD') . ' - (' . stripslashes($_POST['user_name']) . ')');
- /**
- * Редактирование учетной записи пользователя
- *
- * @param int $user_id идентификатор учетной записи пользователя
- */
- function userEdit($user_id)
- {
- global $AVE_DB, $AVE_Template;
+ header('Location:index.php?do=user&cp=' . SESSION);
+ }
+ break;
+ }
+ }
- $user_id = (int)$user_id;
+ /**
+ * Редактирование учетной записи пользователя
+ *
+ * @param int $user_id идентификатор учетной записи пользователя
+ */
+ function userEdit($user_id)
+ {
+ global $AVE_DB, $AVE_Template;
- switch($_REQUEST['sub'])
- {
- case '':
- $row = $AVE_DB->Query("
- SELECT *
- FROM " . PREFIX . "_users
- WHERE Id = '" . $user_id . "'
- ")->FetchRow();
+ $user_id = (int)$user_id;
- if (!$row)
- {
- header('Location:index.php?do=user&cp=' . SESSION);
- exit;
- }
-/*
- if ($AVE_DB->Query("SHOW TABLES LIKE '" . PREFIX . "_modul_shop'")->GetCell())
- {
- $AVE_Template->assign('is_shop', 1);
- }
+ switch($_REQUEST['sub'])
+ {
+ case '':
+ $row = $AVE_DB->Query("
+ SELECT *
+ FROM " . PREFIX . "_users
+ WHERE Id = '" . $user_id . "'
+ ")->FetchRow();
- if ($AVE_DB->Query("SHOW TABLES LIKE '" . PREFIX . "_modul_forum_userprofile'")->GetCell())
- {
- $row = $AVE_DB->Query("
- SELECT *
- FROM " . PREFIX . "_modul_forum_userprofile
- WHERE BenutzerId = '" . $user_id . "'
- ")->FetchRow();
+ if (!$row)
+ {
+ header('Location:index.php?do=user&cp=' . SESSION);
+ exit;
+ }
- if (is_object($row))
- {
- $AVE_Template->assign('row_fp', $row);
- $AVE_Template->assign('is_forum', 1);
- }
- }
-*/
- if (($_SESSION['user_group'] != 1)){
+ if (($_SESSION['user_group'] != 1)){
- if (($_SESSION['user_group'] == $row->user_group) && ($_SESSION['user_id'] != $row->Id)){
- $AVE_Template->assign('no_edit', true);
- }
+ if (($_SESSION['user_group'] == $row->user_group) && ($_SESSION['user_id'] != $row->Id)){
+ $AVE_Template->assign('no_edit', true);
+ }
- if ($row->user_group == 1 && $row->Id == 1) {
- $AVE_Template->assign('no_edit', true);
- }
+ if ($row->user_group == 1 && $row->Id == 1) {
+ $AVE_Template->assign('no_edit', true);
+ }
- }
+ }
- $row->avatar = getAvatar($user_id, 70);
+ $row->avatar = getAvatar($user_id, 70);
- $AVE_Template->assign('row', $row);
+ $AVE_Template->assign('row', $row);
- $AVE_Template->assign('user_group_extra', explode(';', $row->user_group_extra));
- $AVE_Template->assign('available_countries', get_country_list(1));
- $AVE_Template->assign('ugroups', $this->userGroupListGet(2));
- $AVE_Template->assign('us_groups', explode(';', $row->user_group_extra));
- $AVE_Template->assign('formaction', 'index.php?do=user&action=edit&Id='. $user_id .'&sub=save&cp=' . SESSION);
- $AVE_Template->assign('content', $AVE_Template->fetch('user/form.tpl'));
- break;
+ $AVE_Template->assign('user_group_extra', explode(';', $row->user_group_extra));
+ $AVE_Template->assign('available_countries', get_country_list(1));
+ $AVE_Template->assign('ugroups', $this->userGroupListGet(2));
+ $AVE_Template->assign('us_groups', explode(';', $row->user_group_extra));
+ $AVE_Template->assign('formaction', 'index.php?do=user&action=edit&Id='. $user_id .'&sub=save&cp=' . SESSION);
+ $AVE_Template->assign('content', $AVE_Template->fetch('user/form.tpl'));
+ break;
- case 'save':
- $errors = $this->_userFieldValidate();
- if (!empty($errors))
- {
+ case 'save':
+ $errors = $this->_userFieldValidate(false);
+ if (!empty($errors))
+ {
- $row = $AVE_DB->Query("
- SELECT *
- FROM " . PREFIX . "_users
- WHERE Id = '" . $user_id . "'
- ")->FetchRow();
+ $row = $AVE_DB->Query("
+ SELECT *
+ FROM " . PREFIX . "_users
+ WHERE Id = '" . $user_id . "'
+ ")->FetchRow();
- if (!$row)
- {
- header('Location:index.php?do=user&cp=' . SESSION);
- exit;
- }
+ if (!$row)
+ {
+ header('Location:index.php?do=user&cp=' . SESSION);
+ exit;
+ }
- if (($_SESSION['user_group'] != 1)){
+ if (($_SESSION['user_group'] != 1)){
- if (($_SESSION['user_group'] == $row->user_group) && ($_SESSION['user_id'] != $row->Id)){
- $AVE_Template->assign('no_edit', true);
- }
+ if (($_SESSION['user_group'] == $row->user_group) && ($_SESSION['user_id'] != $row->Id)){
+ $AVE_Template->assign('no_edit', true);
+ }
- if ($row->user_group == 1 && $row->Id == 1) {
- $AVE_Template->assign('no_edit', true);
- }
+ if ($row->user_group == 1 && $row->Id == 1) {
+ $AVE_Template->assign('no_edit', true);
+ }
- }
+ }
- $row->avatar = getAvatar($user_id, 70);
+ $row->avatar = getAvatar($user_id, 70);
- $AVE_Template->assign('row', $row);
- $AVE_Template->assign('errors', $errors);
- $AVE_Template->assign('user_group_extra', explode(';', $row->user_group_extra));
- $AVE_Template->assign('available_countries', get_country_list(1));
- $AVE_Template->assign('ugroups', $this->userGroupListGet(2));
- $AVE_Template->assign('us_groups', explode(';', $row->user_group_extra));
- $AVE_Template->assign('formaction', 'index.php?do=user&action=edit&Id='. $user_id .'&sub=save&cp=' . SESSION);
- $AVE_Template->assign('content', $AVE_Template->fetch('user/form.tpl'));
- }
- else
- {
- if (!empty($_REQUEST['password']))
- {
- $salt = make_random_string();
- $password = md5(md5(trim($_POST['password']) . $salt));
- $password_set = "password = '" . $password . "', salt = '" . $salt . "',";
- }
- else
- {
- $password_set = '';
- }
+ $AVE_Template->assign('row', $row);
+ $AVE_Template->assign('errors', $errors);
+ $AVE_Template->assign('user_group_extra', explode(';', $row->user_group_extra));
+ $AVE_Template->assign('available_countries', get_country_list(1));
+ $AVE_Template->assign('ugroups', $this->userGroupListGet(2));
+ $AVE_Template->assign('us_groups', explode(';', $row->user_group_extra));
+ $AVE_Template->assign('formaction', 'index.php?do=user&action=edit&Id='. $user_id .'&sub=save&cp=' . SESSION);
+ $AVE_Template->assign('content', $AVE_Template->fetch('user/form.tpl'));
+ }
+ else
+ {
+ if (!empty($_REQUEST['password']))
+ {
+ $salt = make_random_string();
+ $password = md5(md5(trim($_POST['password']) . $salt));
+ $password_set = "password = '" . $password . "', salt = '" . $salt . "',";
+ }
+ else
+ {
+ $password_set = '';
+ }
- $user_group_set = ($_SESSION['user_id'] != $user_id) ? "user_group = '" . $_REQUEST['user_group'] . "'," : '';
+ $user_group_set = ($_SESSION['user_id'] != $user_id) ? "user_group = '" . $_REQUEST['user_group'] . "'," : '';
- $is_deleted = isset($_REQUEST['deleted']) ? $_REQUEST['deleted'] : '0';
+ $is_deleted = isset($_REQUEST['deleted']) ? $_REQUEST['deleted'] : '0';
$times = ($is_deleted == "1") ? time() : '';
- if(is_uploaded_file($_FILES["avatar"]["tmp_name"]))
- {
- // Если файл загружен успешно, перемещаем его
- // из временной директории в конечную
- $newf_n = BASE_DIR.'/'. UPLOAD_DIR.'/avatars/new/'.$_FILES["avatar"]["name"];
- move_uploaded_file($_FILES["avatar"]["tmp_name"],$newf_n);
- SetAvatar($user_id,$newf_n);
- }
+ if(is_uploaded_file($_FILES["avatar"]["tmp_name"]))
+ {
+ $newf_n = BASE_DIR.'/'. UPLOAD_DIR.'/avatars/new/'.$_FILES["avatar"]["name"];
+ move_uploaded_file($_FILES["avatar"]["tmp_name"],$newf_n);
+ SetAvatar($user_id,$newf_n);
+ }
-$user_group_extra = '';
-if (isset($_REQUEST['user_group_extra']) && is_array($_REQUEST['user_group_extra'])) {
- $user_group_extra = implode(';', $_REQUEST['user_group_extra']);
+ $user_group_extra = '';
+ if (isset($_REQUEST['user_group_extra']) && is_array($_REQUEST['user_group_extra'])) {
+ $user_group_extra = implode(';', $_REQUEST['user_group_extra']);
+ }
+
+ $AVE_DB->Query("
+ UPDATE " . PREFIX . "_users
+ SET
+ " . $password_set . "
+ " . $user_group_set . "
+ email = '" . $_REQUEST['email'] . "',
+ street = '" . $_REQUEST['street'] . "',
+ street_nr = '" . $_REQUEST['street_nr'] . "',
+ zipcode = '" . $_REQUEST['zipcode'] . "',
+ city = '" . $_REQUEST['city'] . "',
+ phone = '" . $_REQUEST['phone'] . "',
+ telefax = '" . $_REQUEST['telefax'] . "',
+ description = '" . $_REQUEST['description'] . "',
+ firstname = '" . $_REQUEST['firstname'] . "',
+ lastname = '" . $_REQUEST['lastname'] . "',
+ user_name = '" . $_REQUEST['user_name'] . "',
+ status = '" . $_REQUEST['status'] . "',
+ country = '" . $_REQUEST['country'] . "',
+ birthday = '" . $_REQUEST['birthday'] . "',
+ deleted = '" . $is_deleted . "',
+ del_time = '" . $times . "',
+ taxpay = '" . (isset($_REQUEST['taxpay']) ? $_REQUEST['taxpay'] : '') . "',
+ company = '" . $_REQUEST['company'] . "',
+ user_group_extra = '" . $user_group_extra . "'
+ WHERE
+ Id = '" . $user_id . "'
+ ");
+
+ if ($_REQUEST['status'] == 1 && @$_REQUEST['SendFreeMail'] == 1)
+ {
+ $host = HOST . ABS_PATH;
+ $body_start = $AVE_Template->get_config_vars('USER_MAIL_BODY1');
+ $body_start = str_replace('%USER%', $_REQUEST['user_name'], $body_start);
+ $body_start .= str_replace('%HOST%', $host, $AVE_Template->get_config_vars('USER_MAIL_BODY2'));
+ $body_start .= str_replace('%HOMEPAGENAME%', get_settings('site_name'), $AVE_Template->get_config_vars('USER_MAIL_FOOTER'));
+ $body_start = str_replace('%N%', "\n", $body_start);
+ $body_start = str_replace('%HOST%', $host, $body_start);
+
+ send_mail(
+ $_POST['email'],
+ $body_start,
+ $AVE_Template->get_config_vars('USER_MAIL_SUBJECT'),
+ get_settings('mail_from'),
+ get_settings('mail_from_name') . ' (' . get_settings('site_name') . ')',
+ 'text'
+ );
+ }
+
+ if (!empty($_REQUEST['password']) && $_REQUEST['PassChange'] == 1)
+ {
+ $host = HOST . ABS_PATH;
+ $body_start = $AVE_Template->get_config_vars('USER_MAIL_BODY1');
+ $body_start = str_replace('%USER%', $_REQUEST['user_name'], $body_start);
+ $body_start .= str_replace('%HOST%', $host, $AVE_Template->get_config_vars('USER_MAIL_PASSWORD2'));
+ $body_start = str_replace('%NEWPASS%', $_REQUEST['password'], $body_start);
+ $body_start .= str_replace('%HOMEPAGENAME%', get_settings('site_name'), $AVE_Template->get_config_vars('USER_MAIL_FOOTER'));
+ $body_start = str_replace('%N%', "\n", $body_start);
+ $body_start = str_replace('%HOST%', $host, $body_start);
+
+ send_mail(
+ $_POST['email'],
+ $body_start,
+ $AVE_Template->get_config_vars('USER_MAIL_PASSWORD'),
+ get_settings('mail_from'),
+ get_settings('mail_from_name') . ' (' . get_settings('site_name') . ')',
+ 'text'
+ );
+ }
+
+ if ($_REQUEST['SimpleMessage'] != '')
+ {
+ send_mail(
+ $_POST['email'],
+ stripslashes($_POST['SimpleMessage']),
+ stripslashes($_POST['SubjectMessage']),
+ $_SESSION['user_email'],
+ $_SESSION['user_name'],
+ 'text'
+ );
+ }
+
+ if (!empty($_REQUEST['password']) && $_SESSION['user_id'] == $user_id)
+ {
+ $_SESSION['user_pass'] = $password;
+ $_SESSION['user_email'] = $_POST['email'];
+ }
+
+ reportLog($AVE_Template->get_config_vars('USER_REPORT_EDIT') . ' - (' . stripslashes($_POST['user_name']) . ')');
+
+ header('Location:index.php?do=user&cp=' . SESSION);
+ exit;
+ }
+ break;
+ }
+ }
+
+ /**
+ * Удаление учетной записи пользователя
+ *
+ * @param int $user_id идентификатор учетной записи пользователя
+ */
+ function userDelete($user_id)
+ {
+ global $AVE_DB, $AVE_Template;
+
+ if (is_numeric($user_id) && $user_id != 1)
+ {
+ $AVE_DB->Query("
+ DELETE
+ FROM " . PREFIX . "_users
+ WHERE Id = '" . $user_id . "'
+ ");
+
+ reportLog($AVE_Template->get_config_vars('USER_REPORT_DEL') . ' - (' . get_username_by_id($user_id) . ')');
+ }
+
+ header('Location:index.php?do=user&cp=' . SESSION);
+ }
+
+ /**
+ * Запись изменений учетных записей пользователей в списке
+ *
+ */
+ function userListEdit()
+ {
+ global $AVE_DB, $AVE_Template;
+
+ if (isset($_POST['del']) && is_array($_POST['del']))
+ {
+ foreach ($_POST['del'] as $user_id => $del)
+ {
+ if (is_numeric($user_id) && $user_id > 1)
+ {
+ $username = get_username_by_id($user_id);
+ $AVE_DB->Query("
+ DELETE
+ FROM " . PREFIX . "_users
+ WHERE Id = '" . $user_id . "'
+ ");
+ reportLog($AVE_Template->get_config_vars('USER_REPORT_DEL') . ' - (' . $username . ')');
+ }
+ }
+ }
+
+ if (isset($_POST['user_group']) && is_array($_POST['user_group']))
+ {
+ foreach ($_POST['user_group'] as $user_id => $user_group_id)
+ {
+ if (is_numeric($user_id) && $user_id > 0 &&
+ is_numeric($user_group_id) && $user_group_id > 0)
+ {
+ $AVE_DB->Query("
+ UPDATE " . PREFIX . "_users
+ SET user_group = '" . $user_group_id . "'
+ WHERE Id = '" . $user_id . "'
+ ");
+ reportLog($AVE_Template->get_config_vars('USER_REPORT_GROUP') . ' - (' . get_username_by_id($user_id) . ')');
+ }
+ }
+ }
+
+ header('Location:index.php?do=user&cp=' . SESSION);
+ exit;
+ }
}
-
-$AVE_DB->Query("
- UPDATE " . PREFIX . "_users
- SET
- " . $password_set . "
- " . $user_group_set . "
- email = '" . $_REQUEST['email'] . "',
- street = '" . $_REQUEST['street'] . "',
- street_nr = '" . $_REQUEST['street_nr'] . "',
- zipcode = '" . $_REQUEST['zipcode'] . "',
- city = '" . $_REQUEST['city'] . "',
- phone = '" . $_REQUEST['phone'] . "',
- telefax = '" . $_REQUEST['telefax'] . "',
- description = '" . $_REQUEST['description'] . "',
- firstname = '" . $_REQUEST['firstname'] . "',
- lastname = '" . $_REQUEST['lastname'] . "',
- user_name = '" . $_REQUEST['user_name'] . "',
- status = '" . $_REQUEST['status'] . "',
- country = '" . $_REQUEST['country'] . "',
- birthday = '" . $_REQUEST['birthday'] . "',
- deleted = '" . $is_deleted . "',
- del_time = '" . $times . "',
- taxpay = '" . (isset($_REQUEST['taxpay']) ? $_REQUEST['taxpay'] : '') . "',
- company = '" . $_REQUEST['company'] . "',
- user_group_extra = '" . $user_group_extra . "'
- WHERE
- Id = '" . $user_id . "'
-");
-
-
-/*
- if ($AVE_DB->Query("SHOW TABLES LIKE '" . PREFIX . "_module_forum_userprofile'")->GetCell())
- {
- $AVE_DB->Query("
- UPDATE " . PREFIX . "_modul_forum_userprofile
- SET
- GroupIdMisc = '" . @implode(';', $_REQUEST['user_group_extra']) . "',
- BenutzerName = '" . @$_REQUEST['BenutzerName_fp']. "',
- Signatur = '" . @$_REQUEST['Signatur_fp'] . "' ,
- Avatar = '" . @$_REQUEST['Avatar_fp'] . "'
- WHERE
- BenutzerId = '" . $user_id . "'
- ");
- }
-*/
-
- if ($_REQUEST['status'] == 1 && @$_REQUEST['SendFreeMail'] == 1)
- {
- $host = HOST . ABS_PATH;
- $body_start = $AVE_Template->get_config_vars('USER_MAIL_BODY1');
- $body_start = str_replace('%USER%', $_REQUEST['user_name'], $body_start);
- $body_start .= str_replace('%HOST%', $host, $AVE_Template->get_config_vars('USER_MAIL_BODY2'));
- $body_start .= str_replace('%HOMEPAGENAME%', get_settings('site_name'), $AVE_Template->get_config_vars('USER_MAIL_FOOTER'));
- $body_start = str_replace('%N%', "\n", $body_start);
- $body_start = str_replace('%HOST%', $host, $body_start);
-
- send_mail(
- $_POST['email'],
- $body_start,
- $AVE_Template->get_config_vars('USER_MAIL_SUBJECT'),
- get_settings('mail_from'),
- get_settings('mail_from_name') . ' (' . get_settings('site_name') . ')',
- 'text'
- );
- }
-
- if (!empty($_REQUEST['password']) && $_REQUEST['PassChange'] == 1)
- {
- $host = HOST . ABS_PATH;
- $body_start = $AVE_Template->get_config_vars('USER_MAIL_BODY1');
- $body_start = str_replace('%USER%', $_REQUEST['user_name'], $body_start);
- $body_start .= str_replace('%HOST%', $host, $AVE_Template->get_config_vars('USER_MAIL_PASSWORD2'));
- $body_start = str_replace('%NEWPASS%', $_REQUEST['password'], $body_start);
- $body_start .= str_replace('%HOMEPAGENAME%', get_settings('site_name'), $AVE_Template->get_config_vars('USER_MAIL_FOOTER'));
- $body_start = str_replace('%N%', "\n", $body_start);
- $body_start = str_replace('%HOST%', $host, $body_start);
-
- send_mail(
- $_POST['email'],
- $body_start,
- $AVE_Template->get_config_vars('USER_MAIL_PASSWORD'),
- get_settings('mail_from'),
- get_settings('mail_from_name') . ' (' . get_settings('site_name') . ')',
- 'text'
- );
- }
-
- if ($_REQUEST['SimpleMessage'] != '')
- {
- send_mail(
- $_POST['email'],
- stripslashes($_POST['SimpleMessage']),
- stripslashes($_POST['SubjectMessage']),
- $_SESSION['user_email'],
- $_SESSION['user_name'],
- 'text'
- );
- }
-
- if (!empty($_REQUEST['password']) && $_SESSION['user_id'] == $user_id)
- {
- $_SESSION['user_pass'] = $password;
- $_SESSION['user_email'] = $_POST['email'];
- }
-
- reportLog($AVE_Template->get_config_vars('USER_REPORT_EDIT') . ' - (' . stripslashes($_POST['user_name']) . ')');
-
- header('Location:index.php?do=user&cp=' . SESSION);
- exit;
- }
- break;
- }
- }
-
- /**
- * Удаление учетной записи пользователя
- *
- * @param int $user_id идентификатор учетной записи пользователя
- */
- function userDelete($user_id)
- {
- global $AVE_DB, $AVE_Template;
-
- if (is_numeric($user_id) && $user_id != 1)
- {
- $AVE_DB->Query("
- DELETE
- FROM " . PREFIX . "_users
- WHERE Id = '" . $user_id . "'
- ");
-
- if ($AVE_DB->Query("SHOW TABLES LIKE '" . PREFIX . "_modul_forum_userprofile'")->GetCell())
- {
- $AVE_DB->Query("
- DELETE
- FROM " . PREFIX . "_modul_forum_userprofile
- WHERE BenutzerId = '" . $user_id . "'
- ");
- }
-
- reportLog($AVE_Template->get_config_vars('USER_REPORT_DEL') . ' - (' . get_username_by_id($user_id) . ')');
- }
-
- header('Location:index.php?do=user&cp=' . SESSION);
- }
-
-/**
- * Запись изменений учетных записей пользователей в списке
- *
- */
- function userListEdit()
- {
- global $AVE_DB, $AVE_Template;
-
- // Проверка существования и типа массива 'del'
- if (isset($_POST['del']) && is_array($_POST['del']))
- {
- foreach ($_POST['del'] as $user_id => $del)
- {
- if (is_numeric($user_id) && $user_id > 1)
- {
- $AVE_DB->Query("
- DELETE
- FROM " . PREFIX . "_users
- WHERE Id = '" . $user_id . "'
- ");
-
- // Используем get_username_by_id() до того, как удалили
- reportLog($AVE_Template->get_config_vars('USER_REPORT_DEL') . ' - (' . get_username_by_id($user_id) . ')');
- }
- }
- }
-
- // Проверка существования и типа массива 'user_group'
- if (isset($_POST['user_group']) && is_array($_POST['user_group']))
- {
- foreach ($_POST['user_group'] as $user_id => $user_group_id)
- {
- if (is_numeric($user_id) && $user_id > 0 &&
- is_numeric($user_group_id) && $user_group_id > 0)
- {
- $AVE_DB->Query("
- UPDATE " . PREFIX . "_users
- SET user_group = '" . $user_group_id . "'
- WHERE Id = '" . $user_id . "'
- ");
- reportLog($AVE_Template->get_config_vars('USER_REPORT_GROUP') . ' - (' . get_username_by_id($user_id) . ')');
- }
- }
- }
-
- header('Location:index.php?do=user&cp=' . SESSION);
- exit;
- }
-}
-
-?>
+?>
\ No newline at end of file