mirror of
https://github.com/e107inc/e107.git
synced 2025-07-31 03:40:37 +02:00
EONE-62 (New Feature): Improved extended field model (fields of type db working now);
structure model improvements; extended fields administration problems solved (there are maybe more); init_session() and login core routines modified to work with user models; option Login As added on user administration (visible from main admins only); minor fixes;
This commit is contained in:
secretr
129
class2.php
129
class2.php
@@ -949,8 +949,9 @@ $sql->db_Mark_Time('(Start: Login/logout/ban/tz)');
|
|||||||
|
|
||||||
if (isset($_POST['userlogin']) || isset($_POST['userlogin_x']))
|
if (isset($_POST['userlogin']) || isset($_POST['userlogin_x']))
|
||||||
{
|
{
|
||||||
e107_require_once(e_HANDLER.'login.php');
|
e107::getUser()->login($_POST['username'], $_POST['userpass'], $_POST['autologin'], varset($_POST['hashchallenge'],''), false);
|
||||||
$usr = new userlogin($_POST['username'], $_POST['userpass'], $_POST['autologin'], varset($_POST['hashchallenge'],''));
|
// e107_require_once(e_HANDLER.'login.php');
|
||||||
|
// $usr = new userlogin($_POST['username'], $_POST['userpass'], $_POST['autologin'], varset($_POST['hashchallenge'],''));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@@ -1543,6 +1544,10 @@ class floodprotect
|
|||||||
|
|
||||||
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
|
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
|
||||||
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
|
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
|
||||||
|
/**
|
||||||
|
* The whole could happen inside e_user class
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
function init_session()
|
function init_session()
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
@@ -1554,17 +1559,17 @@ function init_session()
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
global $pref, $user_pref, $currentUser, $_E107;
|
global $user_pref, $currentUser;
|
||||||
|
|
||||||
$sql = e107::getDb();
|
$sql = e107::getDb();
|
||||||
$tp = e107::getParser();
|
|
||||||
$e107 = e107::getInstance();
|
$e107 = e107::getInstance();
|
||||||
$eArrayStorage = e107::getArrayStorage();
|
|
||||||
|
|
||||||
|
// New user model
|
||||||
|
$user = e107::getUser();
|
||||||
|
|
||||||
define('USERIP', $e107->getip());
|
define('USERIP', $e107->getip());
|
||||||
|
|
||||||
if(varset($_E107['cli']))
|
if(e107::isCli())
|
||||||
{
|
{
|
||||||
define('USER', true);
|
define('USER', true);
|
||||||
define('USERID', 1);
|
define('USERID', 1);
|
||||||
@@ -1579,7 +1584,14 @@ function init_session()
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($_COOKIE[e_COOKIE]) && !isset($_SESSION[e_COOKIE]) && !isset($_E107['cli']))
|
if ($user->hasBan())
|
||||||
|
{
|
||||||
|
$msg = e107::findPref('ban_messages/6');
|
||||||
|
if($msg) echo e107::getParser()->toHTML($msg);
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$user->isUser())
|
||||||
{
|
{
|
||||||
define('USER', false);
|
define('USER', false);
|
||||||
define('USERID', 0);
|
define('USERID', 0);
|
||||||
@@ -1588,9 +1600,101 @@ function init_session()
|
|||||||
define('GUEST', true);
|
define('GUEST', true);
|
||||||
define('USERCLASS', '');
|
define('USERCLASS', '');
|
||||||
define('USEREMAIL', '');
|
define('USEREMAIL', '');
|
||||||
|
|
||||||
|
if($user->hasSessionError())
|
||||||
|
{
|
||||||
|
define('LOGINMESSAGE', CORE_LAN10);
|
||||||
|
define('CORRUPT_COOKIE', true);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
// we shouldn't use getValue() here, it's there for e.g. shortcodes, profile page render etc.
|
||||||
|
define('USERID', $user->getId());
|
||||||
|
define('USERNAME', $user->get('user_name'));
|
||||||
|
// define('USERURL', $user->get('user_homepage', false)); OLD?
|
||||||
|
define('USEREMAIL', $user->get('user_email'));
|
||||||
|
define('USER', true);
|
||||||
|
define('USERCLASS', $user->get('user_class'));
|
||||||
|
define('USERIMAGE', $user->get('user_image'));
|
||||||
|
define('USERPHOTO', $user->get('user_sess'));
|
||||||
|
|
||||||
|
define('ADMIN', $user->isAdmin());
|
||||||
|
define('ADMINID', $user->getAdminId());
|
||||||
|
define('ADMINNAME', $user->getAdminName());
|
||||||
|
define('ADMINPERMS', $user->getAdminPerms());
|
||||||
|
define('ADMINEMAIL', $user->getAdminEmail());
|
||||||
|
define('ADMINPWCHANGE', $user->getAdminPwchange());
|
||||||
|
if(ADMIN) // XXX - why for admins only?
|
||||||
|
{
|
||||||
|
e107::getRedirect()->setPreviousUrl();
|
||||||
|
}
|
||||||
|
|
||||||
|
// DB
|
||||||
|
$update_ip = ($user->get('user_ip') != USERIP ? ", user_ip = '".USERIP."'" : "");
|
||||||
|
if($user->get('user_currentvisit') + 3600 < time() || !$user->get('user_lastvisit'))
|
||||||
|
{
|
||||||
|
$user->set('user_lastvisit', (integer) $user->get('user_currentvisit'));
|
||||||
|
$user->set('user_currentvisit', time());
|
||||||
|
$sql->db_Update('user', "user_visits = user_visits + 1, user_lastvisit = ".$user->get('user_lastvisit').", user_currentvisit = ".$user->get('user_currentvisit')."{$update_ip} WHERE user_id='".USERID."' ");
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$user->set('user_currentvisit', time());
|
||||||
|
$sql->db_Update('user', "user_currentvisit = ".$user->get('user_currentvisit')."{$update_ip} WHERE user_id='".USERID."' ");
|
||||||
|
}
|
||||||
|
define('USERLV', $user->get('user_lastvisit'));
|
||||||
|
|
||||||
|
// BC - FIXME - get rid of them!
|
||||||
|
$currentUser = $user->getData();
|
||||||
|
$currentUser['user_realname'] = $result['user_login']; // Used by force_userupdate
|
||||||
|
$e107->currentUser = &$currentUser;
|
||||||
|
|
||||||
|
if ($user->checkClass(e107::getPref('allow_theme_select', false), false))
|
||||||
|
{ // User can set own theme
|
||||||
|
if (isset($_POST['settheme']))
|
||||||
|
{
|
||||||
|
$uconfig = $user->getConfig();
|
||||||
|
if(e107::getPref('sitetheme') != $_POST['sitetheme'])
|
||||||
|
{
|
||||||
|
require_once(e_HANDLER."theme_handler.php");
|
||||||
|
$utheme = new themeHandler;
|
||||||
|
$ut = $utheme->themeArray[$_POST['sitetheme']];
|
||||||
|
|
||||||
|
$uconfig->setPosted('sitetheme', $_POST['sitetheme'])
|
||||||
|
->setPosted('sitetheme_custompages', $ut['custompages'])
|
||||||
|
->setPosted('sitetheme_deflayout', $utheme->findDefault($_POST['sitetheme']));
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$uconfig->remove('sitetheme')
|
||||||
|
->remove('sitetheme_custompages')
|
||||||
|
->remove('sitetheme_deflayout');
|
||||||
|
}
|
||||||
|
|
||||||
|
$uconfig->save(true);
|
||||||
|
unset($ut);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
elseif ($user->getPref('sitetheme'))
|
||||||
|
{
|
||||||
|
$user->getConfig()
|
||||||
|
->remove('sitetheme')
|
||||||
|
->remove('sitetheme_custompages')
|
||||||
|
->remove('sitetheme_deflayout')
|
||||||
|
->save(false);
|
||||||
|
}
|
||||||
|
|
||||||
|
define('USERTHEME', ($user->getPref('sitetheme') && file_exists(e_THEME.$user->getPref('sitetheme')."/theme.php") ? $user->getPref('sitetheme') : false));
|
||||||
|
|
||||||
|
$user_pref = $user->getPref();
|
||||||
|
}
|
||||||
|
|
||||||
|
define('USERCLASS_LIST', $user->getClassList(true));
|
||||||
|
define('e_CLASS_REGEXP', '(^|,)('.str_replace(',', '|', USERCLASS_LIST).')(,|$)');
|
||||||
|
define('e_NOBODY_REGEXP', '(^|,)'.e_UC_NOBODY.'(,|$)');
|
||||||
|
|
||||||
|
/* XXX - remove it after everything is working well!!
|
||||||
if(!isset($_E107['cli']))
|
if(!isset($_E107['cli']))
|
||||||
{
|
{
|
||||||
list($uid, $upw)=(isset($_COOKIE[e_COOKIE]) && $_COOKIE[e_COOKIE] ? explode(".", $_COOKIE[e_COOKIE]) : explode(".", $_SESSION[e_COOKIE]));
|
list($uid, $upw)=(isset($_COOKIE[e_COOKIE]) && $_COOKIE[e_COOKIE] ? explode(".", $_COOKIE[e_COOKIE]) : explode(".", $_SESSION[e_COOKIE]));
|
||||||
@@ -1631,7 +1735,6 @@ function init_session()
|
|||||||
define('USERPHOTO', $result['user_sess']);
|
define('USERPHOTO', $result['user_sess']);
|
||||||
|
|
||||||
$update_ip = ($result['user_ip'] != USERIP ? ", user_ip = '".USERIP."'" : "");
|
$update_ip = ($result['user_ip'] != USERIP ? ", user_ip = '".USERIP."'" : "");
|
||||||
|
|
||||||
if($result['user_currentvisit'] + 3600 < time() || !$result['user_lastvisit'])
|
if($result['user_currentvisit'] + 3600 < time() || !$result['user_lastvisit'])
|
||||||
{
|
{
|
||||||
$result['user_lastvisit'] = $result['user_currentvisit'];
|
$result['user_lastvisit'] = $result['user_currentvisit'];
|
||||||
@@ -1715,8 +1818,8 @@ function init_session()
|
|||||||
|
|
||||||
define('USERTHEME', (isset($user_pref['sitetheme']) && file_exists(e_THEME.$user_pref['sitetheme']."/theme.php") ? $user_pref['sitetheme'] : false));
|
define('USERTHEME', (isset($user_pref['sitetheme']) && file_exists(e_THEME.$user_pref['sitetheme']."/theme.php") ? $user_pref['sitetheme'] : false));
|
||||||
// global $ADMIN_DIRECTORY, $PLUGINS_DIRECTORY;
|
// global $ADMIN_DIRECTORY, $PLUGINS_DIRECTORY;
|
||||||
}
|
}*/
|
||||||
else
|
/*else
|
||||||
{
|
{
|
||||||
define('USER', false);
|
define('USER', false);
|
||||||
define('USERID', 0);
|
define('USERID', 0);
|
||||||
@@ -1725,11 +1828,11 @@ function init_session()
|
|||||||
define('CORRUPT_COOKIE', true);
|
define('CORRUPT_COOKIE', true);
|
||||||
define('USERCLASS', '');
|
define('USERCLASS', '');
|
||||||
}
|
}
|
||||||
}
|
}*/
|
||||||
|
|
||||||
define('USERCLASS_LIST', class_list());
|
/*define('USERCLASS_LIST', class_list());
|
||||||
define('e_CLASS_REGEXP', '(^|,)('.str_replace(',', '|', USERCLASS_LIST).')(,|$)');
|
define('e_CLASS_REGEXP', '(^|,)('.str_replace(',', '|', USERCLASS_LIST).')(,|$)');
|
||||||
define('e_NOBODY_REGEXP', '(^|,)'.e_UC_NOBODY.'(,|$)');
|
define('e_NOBODY_REGEXP', '(^|,)'.e_UC_NOBODY.'(,|$)');*/
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -29,9 +29,16 @@ if (ADMIN)
|
|||||||
//don't include it if it'a an AJAX call or not wanted
|
//don't include it if it'a an AJAX call or not wanted
|
||||||
if (!e_AJAX_REQUEST && !defset('e_NOHEADER'))
|
if (!e_AJAX_REQUEST && !defset('e_NOHEADER'))
|
||||||
{
|
{
|
||||||
|
// XXX LOGIN AS Temporary solution, we need something smarter, e.g. reserved message stack 'admin' which will be always printed
|
||||||
|
// inside admin area
|
||||||
|
if(e107::getUser()->getSessionDataAs())
|
||||||
|
{ // TODO - lan
|
||||||
|
$asuser = e107::getSystemUser(e107::getUser()->getSessionDataAs(), false);
|
||||||
|
e107::getMessage()->addInfo('Successfully logged in as '.($asuser && $asuser->getValue('name') ? $asuser->getValue('name') : 'unknown'). ' <a href="'.e_ADMIN_ABS.'users.php?logoutas">[logout]</a>');
|
||||||
|
}
|
||||||
require_once (e_ADMIN."header.php");
|
require_once (e_ADMIN."header.php");
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* FIXME - missing $style for tablerender
|
* FIXME - missing $style for tablerender
|
||||||
* The Solution: parse_admin() without sending it to the browser if it's an ajax call
|
* The Solution: parse_admin() without sending it to the browser if it's an ajax call
|
||||||
@@ -46,19 +53,19 @@ else
|
|||||||
require_once (e_HANDLER.'js_helper.php');
|
require_once (e_HANDLER.'js_helper.php');
|
||||||
e_jshelper::sendAjaxError(403, ADLAN_86, ADLAN_87, true);
|
e_jshelper::sendAjaxError(403, ADLAN_86, ADLAN_87, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$use_imagecode = ($pref['logcode'] && extension_loaded("gd"));
|
$use_imagecode = ($pref['logcode'] && extension_loaded("gd"));
|
||||||
|
|
||||||
if ($use_imagecode)
|
if ($use_imagecode)
|
||||||
{
|
{
|
||||||
require_once (e_HANDLER."secure_img_handler.php");
|
require_once (e_HANDLER."secure_img_handler.php");
|
||||||
$sec_img = new secure_image;
|
$sec_img = new secure_image;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_POST['authsubmit'])
|
if ($_POST['authsubmit'])
|
||||||
{
|
{
|
||||||
$obj = new auth;
|
$obj = new auth;
|
||||||
|
|
||||||
if ($use_imagecode)
|
if ($use_imagecode)
|
||||||
{
|
{
|
||||||
if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))
|
if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))
|
||||||
@@ -68,10 +75,10 @@ else
|
|||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// require_once (e_HANDLER.'user_handler.php');
|
// require_once (e_HANDLER.'user_handler.php');
|
||||||
$row = $authresult = $obj->authcheck($_POST['authname'], $_POST['authpass'], varset($_POST['hashchallenge'], ''));
|
$row = $authresult = $obj->authcheck($_POST['authname'], $_POST['authpass'], varset($_POST['hashchallenge'], ''));
|
||||||
|
|
||||||
if ($row[0] == "authfail")
|
if ($row[0] == "authfail")
|
||||||
{
|
{
|
||||||
$admin_log->e_log_event(4, __FILE__."|".__FUNCTION__."@".__LINE__, "LOGIN", LAN_ROLL_LOG_11, "U: ".$tp->toDB($_POST['authname']), FALSE, LOG_TO_ROLLING);
|
$admin_log->e_log_event(4, __FILE__."|".__FUNCTION__."@".__LINE__, "LOGIN", LAN_ROLL_LOG_11, "U: ".$tp->toDB($_POST['authname']), FALSE, LOG_TO_ROLLING);
|
||||||
@@ -83,10 +90,10 @@ else
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
$cookieval = $row['user_id'].".".md5($row['user_password']);
|
$cookieval = $row['user_id'].".".md5($row['user_password']);
|
||||||
|
|
||||||
// $sql->db_Select("user", "*", "user_name='".$tp -> toDB($_POST['authname'])."'");
|
// $sql->db_Select("user", "*", "user_name='".$tp -> toDB($_POST['authname'])."'");
|
||||||
// list($user_id, $user_name, $userpass) = $sql->db_Fetch();
|
// list($user_id, $user_name, $userpass) = $sql->db_Fetch();
|
||||||
|
|
||||||
// Calculate class membership - needed for a couple of things
|
// Calculate class membership - needed for a couple of things
|
||||||
// Problem is that USERCLASS_LIST just contains 'guest' and 'everyone' at this point
|
// Problem is that USERCLASS_LIST just contains 'guest' and 'everyone' at this point
|
||||||
$class_list = explode(',', $row['user_class']);
|
$class_list = explode(',', $row['user_class']);
|
||||||
@@ -100,26 +107,26 @@ else
|
|||||||
}
|
}
|
||||||
$class_list[] = e_UC_MEMBER;
|
$class_list[] = e_UC_MEMBER;
|
||||||
$class_list[] = e_UC_PUBLIC;
|
$class_list[] = e_UC_PUBLIC;
|
||||||
|
|
||||||
$user_logging_opts = array_flip(explode(',', varset($pref['user_audit_opts'], '')));
|
$user_logging_opts = array_flip(explode(',', varset($pref['user_audit_opts'], '')));
|
||||||
if (isset($user_logging_opts[USER_AUDIT_LOGIN]) && in_array(varset($pref['user_audit_class'], ''), $class_list))
|
if (isset($user_logging_opts[USER_AUDIT_LOGIN]) && in_array(varset($pref['user_audit_class'], ''), $class_list))
|
||||||
{ // Need to note in user audit trail
|
{ // Need to note in user audit trail
|
||||||
e107::getAdminLog()->user_audit(USER_AUDIT_LOGIN, '', $user_id, $user_name);
|
e107::getAdminLog()->user_audit(USER_AUDIT_LOGIN, '', $user_id, $user_name);
|
||||||
}
|
}
|
||||||
|
|
||||||
$edata_li = array("user_id"=>$row['user_id'], "user_name"=>$row['user_name'], 'class_list'=>implode(',', $class_list));
|
$edata_li = array("user_id"=>$row['user_id'], "user_name"=>$row['user_name'], 'class_list'=>implode(',', $class_list));
|
||||||
|
|
||||||
e107::getEvent()->trigger("login", $edata_li);
|
e107::getEvent()->trigger("login", $edata_li);
|
||||||
|
|
||||||
session_set(e_COOKIE, $cookieval, (time() + 3600 * 24 * 30));
|
session_set(e_COOKIE, $cookieval, (time() + 3600 * 24 * 30));
|
||||||
echo "<script type='text/javascript'>document.location.href='admin.php'</script>\n";
|
echo "<script type='text/javascript'>document.location.href='admin.php'</script>\n";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$e_sub_cat = 'logout';
|
$e_sub_cat = 'logout';
|
||||||
if (!defset('NO_HEADER'))
|
if (!defset('NO_HEADER'))
|
||||||
require_once (e_ADMIN."header.php");
|
require_once (e_ADMIN."header.php");
|
||||||
|
|
||||||
if (ADMIN == FALSE)
|
if (ADMIN == FALSE)
|
||||||
{
|
{
|
||||||
$obj = new auth;
|
$obj = new auth;
|
||||||
@@ -139,13 +146,13 @@ class auth
|
|||||||
* @return null
|
* @return null
|
||||||
*/
|
*/
|
||||||
public function authform() //TODO Template
|
public function authform() //TODO Template
|
||||||
{
|
{
|
||||||
global $use_imagecode,$sec_img,$pref;
|
global $use_imagecode,$sec_img,$pref;
|
||||||
|
|
||||||
$frm = e107::getForm();
|
$frm = e107::getForm();
|
||||||
|
|
||||||
$incChap = (vartrue($pref['password_CHAP'], 0)) ? " onsubmit='hashLoginPassword(this)'" : "";
|
$incChap = (vartrue($pref['password_CHAP'], 0)) ? " onsubmit='hashLoginPassword(this)'" : "";
|
||||||
|
|
||||||
$text = "<div style='padding:20px;text-align:center'>
|
$text = "<div style='padding:20px;text-align:center'>
|
||||||
<form method='post' action='".e_SELF."' {$incChap} >
|
<form method='post' action='".e_SELF."' {$incChap} >
|
||||||
<table style='width:50%' class='fborder'>
|
<table style='width:50%' class='fborder'>
|
||||||
@@ -158,12 +165,12 @@ class auth
|
|||||||
<tr>
|
<tr>
|
||||||
<td style='width:35%' class='forumheader3'>".ADLAN_90."</td>
|
<td style='width:35%' class='forumheader3'>".ADLAN_90."</td>
|
||||||
<td class='forumheader3' style='text-align:center'><input class='tbox' type='password' name='authpass' id='userpass' size='30' value='' maxlength='30' />\n";
|
<td class='forumheader3' style='text-align:center'><input class='tbox' type='password' name='authpass' id='userpass' size='30' value='' maxlength='30' />\n";
|
||||||
|
|
||||||
if (isset($_SESSION['challenge']) && varset($pref['password_CHAP'], 0))
|
if (isset($_SESSION['challenge']) && varset($pref['password_CHAP'], 0))
|
||||||
|
|
||||||
$text .= "<input type='hidden' name='hashchallenge' id='hashchallenge' value='{$_SESSION['challenge']}' />\n\n";
|
$text .= "<input type='hidden' name='hashchallenge' id='hashchallenge' value='{$_SESSION['challenge']}' />\n\n";
|
||||||
$text .= "</td></tr>\n";
|
$text .= "</td></tr>\n";
|
||||||
|
|
||||||
if ($use_imagecode)
|
if ($use_imagecode)
|
||||||
{
|
{
|
||||||
$text .= "
|
$text .= "
|
||||||
@@ -174,7 +181,7 @@ class auth
|
|||||||
</tr>
|
</tr>
|
||||||
";
|
";
|
||||||
}
|
}
|
||||||
|
|
||||||
$text .= "
|
$text .= "
|
||||||
<tr>
|
<tr>
|
||||||
<td colspan='2' class='forumheader center'>"
|
<td colspan='2' class='forumheader center'>"
|
||||||
@@ -184,7 +191,7 @@ class auth
|
|||||||
</table>
|
</table>
|
||||||
</form>
|
</form>
|
||||||
</div>";
|
</div>";
|
||||||
|
|
||||||
e107::getRender()->tablerender(ADLAN_92, $text);
|
e107::getRender()->tablerender(ADLAN_92, $text);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -200,20 +207,20 @@ class auth
|
|||||||
{
|
{
|
||||||
|
|
||||||
global $pref;
|
global $pref;
|
||||||
|
|
||||||
$tp = e107::getParser();
|
$tp = e107::getParser();
|
||||||
$sql_auth = e107::getDb('sql_auth');
|
$sql_auth = e107::getDb('sql_auth');
|
||||||
$user_info = e107::getSession();
|
$user_info = e107::getSession();
|
||||||
$reason = '';
|
$reason = '';
|
||||||
|
|
||||||
$authname = $tp->toDB(preg_replace("/\sOR\s|\=|\#/", "", trim($authname)));
|
$authname = $tp->toDB(preg_replace("/\sOR\s|\=|\#/", "", trim($authname)));
|
||||||
$authpass = trim($authpass);
|
$authpass = trim($authpass);
|
||||||
|
|
||||||
if (($authpass == '') || ($authname == ''))
|
if (($authpass == '') || ($authname == ''))
|
||||||
$reason = 'np';
|
$reason = 'np';
|
||||||
if (strlen($authname) > varset($pref['loginname_maxlength'], 30))
|
if (strlen($authname) > varset($pref['loginname_maxlength'], 30))
|
||||||
$reason = 'lu';
|
$reason = 'lu';
|
||||||
|
|
||||||
if (!$reason)
|
if (!$reason)
|
||||||
{
|
{
|
||||||
if ($sql_auth->db_Select("user", "*", "user_loginname='{$authname}' AND user_admin='1' "))
|
if ($sql_auth->db_Select("user", "*", "user_loginname='{$authname}' AND user_admin='1' "))
|
||||||
@@ -231,7 +238,7 @@ class auth
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!$reason && ($row['user_id'])) // Can validate password
|
if (!$reason && ($row['user_id'])) // Can validate password
|
||||||
{
|
{
|
||||||
if (($authresponse && isset($_SESSION['challenge'])) && ($authresponse != $_SESSION['challenge']))
|
if (($authresponse && isset($_SESSION['challenge'])) && ($authresponse != $_SESSION['challenge']))
|
||||||
{ // Verify using CHAP (can't handle login by email address - only loginname - although with this code it does still work if the password is stored unsalted)
|
{ // Verify using CHAP (can't handle login by email address - only loginname - although with this code it does still work if the password is stored unsalted)
|
||||||
if (($pass_result = $user_info->CheckCHAP($_SESSION['challenge'], $authresponse, $authname, $row['user_password'])) !== PASSWORD_INVALID)
|
if (($pass_result = $user_info->CheckCHAP($_SESSION['challenge'], $authresponse, $authname, $row['user_password'])) !== PASSWORD_INVALID)
|
||||||
|
|||||||
@@ -3,7 +3,7 @@
|
|||||||
/*
|
/*
|
||||||
* e107 website system
|
* e107 website system
|
||||||
*
|
*
|
||||||
* Copyright (C) 2008-2009 e107 Inc (e107.org)
|
* Copyright (C) 2008-2010 e107 Inc (e107.org)
|
||||||
* Released under the terms and conditions of the
|
* Released under the terms and conditions of the
|
||||||
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
|
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
|
||||||
*
|
*
|
||||||
@@ -23,6 +23,7 @@ if (!getperms('4'))
|
|||||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/admin/lan_'.e_PAGE);
|
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/admin/lan_'.e_PAGE);
|
||||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php');
|
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php');
|
||||||
|
|
||||||
|
|
||||||
if (varset($_POST['useraction']))
|
if (varset($_POST['useraction']))
|
||||||
{
|
{
|
||||||
foreach ($_POST['useraction'] as $key => $val)
|
foreach ($_POST['useraction'] as $key => $val)
|
||||||
@@ -36,11 +37,18 @@ if (varset($_POST['useraction']))
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/*if (isset ($_POST['useraction']) && $_POST['useraction'] == 'userinfo')
|
|
||||||
|
if (e_QUERY == 'logoutas' || varset($_POST['useraction']) == 'logoutas')
|
||||||
{
|
{
|
||||||
header('location:'.e_ADMIN."userinfo.php?".$e107->tp->toDB($_POST['userip']));
|
$asuser = e107::getSystemUser(e107::getUser()->getSessionDataAs(), false);
|
||||||
|
if(e107::getUser()->logoutAs())
|
||||||
|
{ // TODO - lan
|
||||||
|
e107::getMessage()->addSuccess('Successfully logged out from '.($asuser && $asuser->getValue('name') ? $asuser->getValue('name') : 'unknown').' account', 'default', true);
|
||||||
|
}
|
||||||
|
header('location:'.e_ADMIN_ABS.'users.php');
|
||||||
exit;
|
exit;
|
||||||
}*/
|
}
|
||||||
|
|
||||||
if (isset ($_POST['useraction']) && $_POST['useraction'] == 'usersettings')
|
if (isset ($_POST['useraction']) && $_POST['useraction'] == 'usersettings')
|
||||||
{
|
{
|
||||||
header('location:'.$e107->url->getUrl('core:user','main','func=settings&id='.(int) $_POST['userid']));
|
header('location:'.$e107->url->getUrl('core:user','main','func=settings&id='.(int) $_POST['userid']));
|
||||||
@@ -389,6 +397,21 @@ if (isset ($_POST['useraction']) && $_POST['useraction'] == 'userclass')
|
|||||||
$user->show_userclass($_POST['userid']);
|
$user->show_userclass($_POST['userid']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ---- Login as another user --------------------
|
||||||
|
if (isset ($_POST['useraction']) && $_POST['useraction'] == 'loginas')
|
||||||
|
{
|
||||||
|
if(e107::getUser()->getSessionDataAs())
|
||||||
|
{
|
||||||
|
e107::getMessage()->addWarning(USRLAN_AS_3);
|
||||||
|
}
|
||||||
|
elseif(e107::getUser()->loginAs($_POST['userid']))
|
||||||
|
{ // TODO - lan
|
||||||
|
e107::getMessage()->addSuccess('Successfully logged in as '.e107::getSystemUser($_POST['userid'])->getValue('name').' <a href="'.e_ADMIN_ABS.'users.php?logoutas">[logout]</a>')
|
||||||
|
->addSuccess('Please, <a href="'.SITEURL.'" rel="external">Leave Admin</a> to browse the system as this user. Use "Logout" option in Administration to end front-end session');
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
// ------- Resend Email Confirmation. --------------
|
// ------- Resend Email Confirmation. --------------
|
||||||
if (isset ($_POST['useraction']) && $_POST['useraction'] == 'resend')
|
if (isset ($_POST['useraction']) && $_POST['useraction'] == 'resend')
|
||||||
{
|
{
|
||||||
@@ -910,7 +933,14 @@ class users
|
|||||||
if ($user_perms != "0")
|
if ($user_perms != "0")
|
||||||
{
|
{
|
||||||
$text .= "<option value='userinfo'>".USRLAN_80."</option>
|
$text .= "<option value='userinfo'>".USRLAN_80."</option>
|
||||||
<option value='usersettings'>".LAN_EDIT."</option>";
|
<option value='usersettings'>".LAN_EDIT."</option>
|
||||||
|
";
|
||||||
|
// login/logout As
|
||||||
|
if(getperms('0') && !($row['user_admin'] && getperms('0', $row['user_perms'])))
|
||||||
|
{
|
||||||
|
if(e107::getUser()->getSessionDataAs() == $row['user_id']) $text .= "<option value='logoutas'>".sprintf(USRLAN_AS_2, $row['user_name'])."</option>";
|
||||||
|
else $text .= "<option value='loginas'>".sprintf(USRLAN_AS_1, $row['user_name'])."</option>";
|
||||||
|
}
|
||||||
switch ($user_ban)
|
switch ($user_ban)
|
||||||
{
|
{
|
||||||
case 0 :
|
case 0 :
|
||||||
@@ -1149,7 +1179,7 @@ class users
|
|||||||
|
|
||||||
</div>";
|
</div>";
|
||||||
|
|
||||||
$emessage = & eMessage :: getInstance();
|
$emessage = eMessage :: getInstance();
|
||||||
|
|
||||||
$total_cap = (isset ($_GET['srch'])) ? $user_total : $users;
|
$total_cap = (isset ($_GET['srch'])) ? $user_total : $users;
|
||||||
$caption = USRLAN_77." (total: $total_cap)";
|
$caption = USRLAN_77." (total: $total_cap)";
|
||||||
|
|||||||
@@ -50,9 +50,6 @@ $frm = new e_form;
|
|||||||
$ue = new e107_user_extended;
|
$ue = new e107_user_extended;
|
||||||
|
|
||||||
|
|
||||||
$user = new users_ext;
|
|
||||||
|
|
||||||
|
|
||||||
$message = '';
|
$message = '';
|
||||||
|
|
||||||
if (e_QUERY)
|
if (e_QUERY)
|
||||||
@@ -64,38 +61,44 @@ if (e_QUERY)
|
|||||||
unset($tmp);
|
unset($tmp);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO $_POST['up_x'] check for the evil IE
|
||||||
if (isset($_POST['up_x']))
|
$tmp = isset($_POST['up']) ? $_POST['up'] : false;
|
||||||
|
if ($tmp)
|
||||||
{
|
{
|
||||||
$qs = explode(".", $_POST['id']);
|
$tmp = array_values($tmp);
|
||||||
|
$qs = explode(".", $tmp[0]);
|
||||||
$_id = intval($qs[0]);
|
$_id = intval($qs[0]);
|
||||||
$_order = intval($qs[1]);
|
$_order = intval($qs[1]);
|
||||||
$_parent = intval($qs[2]);
|
$_parent = intval($qs[2]); var_dump($_id, $_order, $_parent);
|
||||||
if (($_id > 0) && ($_order > 0) && ($_parent > 0))
|
if (($_id > 0) && ($_order > 0) /*&& ($_parent > 0)*/)
|
||||||
{
|
{
|
||||||
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_order ='".($_order-1)."'");
|
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_order ='".($_order-1)."'");
|
||||||
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_id='".$_id."'");
|
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_id='".$_id."'");
|
||||||
$admin_log->log_event('EUF_01',$_id.', '.$_order.', '.$_parent,E_LOG_INFORMATIVE,'');
|
$admin_log->log_event('EUF_01',$_id.', '.$_order.', '.$_parent,E_LOG_INFORMATIVE,'');
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO $_POST['down_x'] check for the evil IE
|
||||||
if (isset($_POST['down_x']))
|
$tmp = isset($_POST['down']) ? $_POST['down'] : false;
|
||||||
|
if ($tmp)
|
||||||
{
|
{
|
||||||
$qs = explode(".", $_POST['id']);
|
$tmp = array_values($tmp);
|
||||||
|
$qs = explode(".", $tmp[0]);
|
||||||
$_id = intval($qs[0]);
|
$_id = intval($qs[0]);
|
||||||
$_order = intval($qs[1]);
|
$_order = intval($qs[1]);
|
||||||
$_parent = intval($qs[2]);
|
$_parent = intval($qs[2]);
|
||||||
if (($_id > 0) && ($_order > 0) && ($_parent > 0))
|
if (($_id > 0) && ($_order > 0)/* && ($_parent > 0)*/)
|
||||||
{
|
{
|
||||||
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_order='".($_order+1)."'");
|
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_order='".($_order+1)."'");
|
||||||
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_id='".$_id."'");
|
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_id='".$_id."'");
|
||||||
$admin_log->log_event('EUF_02',$_id.', '.$_order.', '.$_parent,E_LOG_INFORMATIVE,'');
|
$admin_log->log_event('EUF_02',$_id.', '.$_order.', '.$_parent,E_LOG_INFORMATIVE,'');
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if (isset($_POST['catup_x']))
|
if (isset($_POST['catup_x']) || isset($_POST['catup']))
|
||||||
{
|
{
|
||||||
$qs = explode(".", $_POST['id']);
|
$qs = explode(".", $_POST['id']);
|
||||||
$_id = intval($qs[0]);
|
$_id = intval($qs[0]);
|
||||||
@@ -105,11 +108,12 @@ if (isset($_POST['catup_x']))
|
|||||||
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type = 0 AND user_extended_struct_order='".($_order-1)."'");
|
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type = 0 AND user_extended_struct_order='".($_order-1)."'");
|
||||||
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type = 0 AND user_extended_struct_id='".$_id."'");
|
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type = 0 AND user_extended_struct_id='".$_id."'");
|
||||||
$admin_log->log_event('EUF_03',$_id.', '.$_order,E_LOG_INFORMATIVE,'');
|
$admin_log->log_event('EUF_03',$_id.', '.$_order,E_LOG_INFORMATIVE,'');
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if (isset($_POST['catdown_x']))
|
if (isset($_POST['catdown_x']) || isset($_POST['catdown']))
|
||||||
{
|
{
|
||||||
$qs = explode(".", $_POST['id']);
|
$qs = explode(".", $_POST['id']);
|
||||||
$_id = intval($qs[0]);
|
$_id = intval($qs[0]);
|
||||||
@@ -119,9 +123,11 @@ if (isset($_POST['catdown_x']))
|
|||||||
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type = 0 AND user_extended_struct_order='".($_order+1)."'");
|
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type = 0 AND user_extended_struct_order='".($_order+1)."'");
|
||||||
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type = 0 AND user_extended_struct_id='".$_id."'");
|
$sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type = 0 AND user_extended_struct_id='".$_id."'");
|
||||||
$admin_log->log_event('EUF_04',$_id.', '.$_order,E_LOG_INFORMATIVE,'');
|
$admin_log->log_event('EUF_04',$_id.', '.$_order,E_LOG_INFORMATIVE,'');
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$user = new users_ext;
|
||||||
|
|
||||||
if (isset($_POST['add_field']))
|
if (isset($_POST['add_field']))
|
||||||
{
|
{
|
||||||
@@ -134,7 +140,7 @@ if (isset($_POST['add_field']))
|
|||||||
}
|
}
|
||||||
$new_values = $user->make_delimited($_POST['user_values']);
|
$new_values = $user->make_delimited($_POST['user_values']);
|
||||||
$new_parms = $tp->toDB($_POST['user_include']."^,^".$_POST['user_regex']."^,^".$_POST['user_regexfail']."^,^".$_POST['user_hide']);
|
$new_parms = $tp->toDB($_POST['user_include']."^,^".$_POST['user_regex']."^,^".$_POST['user_regexfail']."^,^".$_POST['user_hide']);
|
||||||
|
|
||||||
// Check to see if its a reserved field name before adding to database
|
// Check to see if its a reserved field name before adding to database
|
||||||
if ($ue->user_extended_reserved($ue_field_name))
|
if ($ue->user_extended_reserved($ue_field_name))
|
||||||
{ // Reserved field name
|
{ // Reserved field name
|
||||||
@@ -150,6 +156,7 @@ if (isset($_POST['add_field']))
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
$admin_log->log_event('EUF_05',$ue_field_name.'[!br!]'.$tp->toDB($_POST['user_text']).'[!br!]'.intval($_POST['user_type']),E_LOG_INFORMATIVE,'');
|
$admin_log->log_event('EUF_05',$ue_field_name.'[!br!]'.$tp->toDB($_POST['user_text']).'[!br!]'.intval($_POST['user_type']),E_LOG_INFORMATIVE,'');
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -160,7 +167,7 @@ if (isset($_POST['add_field']))
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if (isset($_POST['update_field']))
|
if (isset($_POST['update_field']))
|
||||||
{
|
{
|
||||||
if($_POST['user_type']==EUF_DB_FIELD)
|
if($_POST['user_type']==EUF_DB_FIELD)
|
||||||
{
|
{
|
||||||
@@ -168,24 +175,36 @@ if (isset($_POST['update_field']))
|
|||||||
}
|
}
|
||||||
$upd_values = $user->make_delimited($_POST['user_values']);
|
$upd_values = $user->make_delimited($_POST['user_values']);
|
||||||
$upd_parms = $tp->toDB($_POST['user_include']."^,^".$_POST['user_regex']."^,^".$_POST['user_regexfail']."^,^".$_POST['user_hide']);
|
$upd_parms = $tp->toDB($_POST['user_include']."^,^".$_POST['user_regex']."^,^".$_POST['user_regexfail']."^,^".$_POST['user_hide']);
|
||||||
admin_update($ue->user_extended_modify($sub_action, $tp->toDB($_POST['user_field']), $tp->toDB($_POST['user_text']), intval($_POST['user_type']), $upd_parms, $upd_values, $tp->toDB($_POST['user_default']), intval($_POST['user_required']), intval($_POST['user_read']), intval($_POST['user_write']), intval($_POST['user_applicable']), intval($_POST['user_parent'])), 'update', EXTLAN_29);
|
$result = admin_update($ue->user_extended_modify($sub_action, $tp->toDB($_POST['user_field']), $tp->toDB($_POST['user_text']), intval($_POST['user_type']), $upd_parms, $upd_values, $tp->toDB($_POST['user_default']), intval($_POST['user_required']), intval($_POST['user_read']), intval($_POST['user_write']), intval($_POST['user_applicable']), intval($_POST['user_parent'])), 'update', EXTLAN_29);
|
||||||
$admin_log->log_event('EUF_06',$tp->toDB($_POST['user_field']).'[!br!]'.$tp->toDB($_POST['user_text']).'[!br!]'.intval($_POST['user_type']),E_LOG_INFORMATIVE,'');
|
if($result)
|
||||||
|
{
|
||||||
|
$admin_log->log_event('EUF_06',$tp->toDB($_POST['user_field']).'[!br!]'.$tp->toDB($_POST['user_text']).'[!br!]'.intval($_POST['user_type']),E_LOG_INFORMATIVE,'');
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if (isset($_POST['update_category']))
|
if (isset($_POST['update_category']))
|
||||||
{
|
{
|
||||||
$name = trim($tp->toHTML($_POST['user_field']));
|
$name = trim($tp->toHTML($_POST['user_field']));
|
||||||
admin_update($sql->db_Update("user_extended_struct","user_extended_struct_name = '{$name}', user_extended_struct_read = '{$_POST['user_read']}', user_extended_struct_write = '{$_POST['user_write']}', user_extended_struct_applicable = '{$_POST['user_applicable']}' WHERE user_extended_struct_id = '{$sub_action}'"), 'update', EXTLAN_43);
|
$result = admin_update($sql->db_Update("user_extended_struct","user_extended_struct_name = '{$name}', user_extended_struct_read = '{$_POST['user_read']}', user_extended_struct_write = '{$_POST['user_write']}', user_extended_struct_applicable = '{$_POST['user_applicable']}' WHERE user_extended_struct_id = '{$sub_action}'"), 'update', EXTLAN_43);
|
||||||
$admin_log->log_event('EUF_09',$name,E_LOG_INFORMATIVE,'');
|
if($result)
|
||||||
|
{
|
||||||
|
$admin_log->log_event('EUF_09',$name,E_LOG_INFORMATIVE,'');
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if (isset($_POST['add_category']))
|
if (isset($_POST['add_category']))
|
||||||
{
|
{
|
||||||
$name = $tp->toHTML($_POST['user_field']);
|
$name = $tp->toHTML($_POST['user_field']);
|
||||||
admin_update($sql->db_Insert("user_extended_struct","'0', '{$name}', '', 0, '', '', '', '{$_POST['user_read']}', '{$_POST['user_write']}', '0', '0', '{$_POST['user_applicable']}', '0', '0'"), 'insert', EXTLAN_40);
|
$result = admin_update($sql->db_Insert("user_extended_struct","'0', '{$name}', '', 0, '', '', '', '{$_POST['user_read']}', '{$_POST['user_write']}', '0', '0', '{$_POST['user_applicable']}', '0', '0'"), 'insert', EXTLAN_40);
|
||||||
$admin_log->log_event('EUF_08',$name,E_LOG_INFORMATIVE,'');
|
if($result)
|
||||||
|
{
|
||||||
|
$admin_log->log_event('EUF_08',$name,E_LOG_INFORMATIVE,'');
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@@ -201,6 +220,7 @@ if (varset($_POST['eu_action'],'') == "delcat")
|
|||||||
{
|
{
|
||||||
$admin_log->log_event('EUF_10',$_id.', '.$_name,E_LOG_INFORMATIVE,'');
|
$admin_log->log_event('EUF_10',$_id.', '.$_name,E_LOG_INFORMATIVE,'');
|
||||||
$message = EXTLAN_41;
|
$message = EXTLAN_41;
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -216,7 +236,7 @@ if(isset($_POST['deactivate']))
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
if($sql->db_Select("user_extended_struct","DISTINCT(user_extended_struct_parent)"))
|
/*if($sql->db_Select("user_extended_struct","DISTINCT(user_extended_struct_parent)"))
|
||||||
{
|
{
|
||||||
$plist = $sql->db_getList();
|
$plist = $sql->db_getList();
|
||||||
foreach($plist as $_p)
|
foreach($plist as $_p)
|
||||||
@@ -232,7 +252,7 @@ if($sql->db_Select("user_extended_struct","DISTINCT(user_extended_struct_parent)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}*/
|
||||||
|
|
||||||
|
|
||||||
if($message)
|
if($message)
|
||||||
@@ -292,8 +312,8 @@ require_once("footer.php");
|
|||||||
|
|
||||||
class users_ext
|
class users_ext
|
||||||
{
|
{
|
||||||
var $catList;
|
protected $catList;
|
||||||
var $catNums;
|
protected $catNums;
|
||||||
|
|
||||||
function users_ext()
|
function users_ext()
|
||||||
{
|
{
|
||||||
@@ -311,14 +331,45 @@ class users_ext
|
|||||||
$this->catList[0][0] = array('user_extended_struct_name' => EXTLAN_36);
|
$this->catList[0][0] = array('user_extended_struct_name' => EXTLAN_36);
|
||||||
$this->catNums = array_keys($this->catList);
|
$this->catNums = array_keys($this->catList);
|
||||||
|
|
||||||
|
if($action == 'cat' && !empty($_POST))
|
||||||
|
{
|
||||||
|
$this->reorderItems();
|
||||||
|
}
|
||||||
|
|
||||||
if (!e_QUERY || $action == 'main')
|
if (!e_QUERY || $action == 'main')
|
||||||
{
|
{
|
||||||
$this->showExtendedList();
|
// moved here for better performance
|
||||||
|
if(!empty($_POST))
|
||||||
|
{
|
||||||
|
$this->reorderItems();
|
||||||
|
}
|
||||||
|
$this->showExtendedList();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function reorderItems()
|
||||||
|
{
|
||||||
|
$sql = e107::getDb();
|
||||||
|
if($sql->db_Select("user_extended_struct","DISTINCT(user_extended_struct_parent)"))
|
||||||
|
{
|
||||||
|
$plist = $sql->db_getList();
|
||||||
|
foreach($plist as $_p)
|
||||||
|
{
|
||||||
|
$o = 0;
|
||||||
|
if($sql->db_Select("user_extended_struct", "user_extended_struct_id", "user_extended_struct_parent = {$_p['user_extended_struct_parent']} && user_extended_struct_type != 0 ORDER BY user_extended_struct_order ASC"))
|
||||||
|
{
|
||||||
|
$_list = $sql->db_getList();
|
||||||
|
foreach($_list as $r)
|
||||||
|
{
|
||||||
|
$sql->db_Update("user_extended_struct", "user_extended_struct_order = '{$o}' WHERE user_extended_struct_id = {$r['user_extended_struct_id']}");
|
||||||
|
$o++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@@ -331,6 +382,7 @@ class users_ext
|
|||||||
{
|
{
|
||||||
$admin_log->log_event('EUF_07',$_id.', '.$_name, E_LOG_INFORMATIVE,'');
|
$admin_log->log_event('EUF_07',$_id.', '.$_name, E_LOG_INFORMATIVE,'');
|
||||||
$emessage->add(EXTLAN_30." [".$_name."]", E_MESSAGE_SUCCESS);
|
$emessage->add(EXTLAN_30." [".$_name."]", E_MESSAGE_SUCCESS);
|
||||||
|
e107::getCache()->clear_sys('user_extended_struct', true);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@@ -422,11 +474,11 @@ class users_ext
|
|||||||
$i++;
|
$i++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
elseif($cn == 0)
|
||||||
{
|
{
|
||||||
$text .= "
|
$text .= "
|
||||||
<tr>
|
<tr>
|
||||||
<td colspan='8' class='center'>".EXTLAN_28."</td>
|
<td colspan='10' class='center'>".EXTLAN_28."</td>
|
||||||
</tr>
|
</tr>
|
||||||
";
|
";
|
||||||
}
|
}
|
||||||
@@ -573,7 +625,7 @@ class users_ext
|
|||||||
$table_list = ($_POST['table_db']) ? $_POST['table_db'] : $curVals[0] ;
|
$table_list = ($_POST['table_db']) ? $_POST['table_db'] : $curVals[0] ;
|
||||||
if($sql -> db_Select_gen("DESCRIBE ".MPREFIX."{$table_list}")){
|
if($sql -> db_Select_gen("DESCRIBE ".MPREFIX."{$table_list}")){
|
||||||
while($row3 = $sql -> db_Fetch()){
|
while($row3 = $sql -> db_Fetch()){
|
||||||
$field_name=$row3[0];
|
$field_name=$row3['Field'];
|
||||||
$selected = ($curVals[1] == $field_name) ? " selected='selected' " : "";
|
$selected = ($curVals[1] == $field_name) ? " selected='selected' " : "";
|
||||||
$text .="<option value=\"$field_name\" $selected>".$field_name."</option>\n";
|
$text .="<option value=\"$field_name\" $selected>".$field_name."</option>\n";
|
||||||
}
|
}
|
||||||
@@ -585,7 +637,7 @@ class users_ext
|
|||||||
$table_list = ($_POST['table_db']) ? $_POST['table_db'] : $curVals[0] ;
|
$table_list = ($_POST['table_db']) ? $_POST['table_db'] : $curVals[0] ;
|
||||||
if($sql -> db_Select_gen("DESCRIBE ".MPREFIX."{$table_list}")){
|
if($sql -> db_Select_gen("DESCRIBE ".MPREFIX."{$table_list}")){
|
||||||
while($row3 = $sql -> db_Fetch()){
|
while($row3 = $sql -> db_Fetch()){
|
||||||
$field_name=$row3[0];
|
$field_name=$row3['Field'];
|
||||||
$selected = ($curVals[2] == $field_name) ? " selected='selected' " : "";
|
$selected = ($curVals[2] == $field_name) ? " selected='selected' " : "";
|
||||||
$text .="<option value=\"$field_name\" $selected>".$field_name."</option>\n";
|
$text .="<option value=\"$field_name\" $selected>".$field_name."</option>\n";
|
||||||
}
|
}
|
||||||
@@ -597,7 +649,7 @@ class users_ext
|
|||||||
$table_list = ($_POST['table_db']) ? $_POST['table_db'] : $curVals[0] ;
|
$table_list = ($_POST['table_db']) ? $_POST['table_db'] : $curVals[0] ;
|
||||||
if($sql -> db_Select_gen("DESCRIBE ".MPREFIX."{$table_list}")){
|
if($sql -> db_Select_gen("DESCRIBE ".MPREFIX."{$table_list}")){
|
||||||
while($row3 = $sql -> db_Fetch()){
|
while($row3 = $sql -> db_Fetch()){
|
||||||
$field_name=$row3[0];
|
$field_name=$row3['Field'];
|
||||||
$selected = ($curVals[3] == $field_name) ? " selected='selected' " : "";
|
$selected = ($curVals[3] == $field_name) ? " selected='selected' " : "";
|
||||||
$text .="<option value=\"$field_name\" $selected>".$field_name."</option>\n";
|
$text .="<option value=\"$field_name\" $selected>".$field_name."</option>\n";
|
||||||
}
|
}
|
||||||
@@ -679,21 +731,21 @@ class users_ext
|
|||||||
<tr>
|
<tr>
|
||||||
<td >".EXTLAN_5."</td>
|
<td >".EXTLAN_5."</td>
|
||||||
<td colspan='3'>
|
<td colspan='3'>
|
||||||
".r_userclass("user_applicable", $current['user_extended_struct_applicable'], 'off', 'member, admin, classes, nobody')."<br /><span class='field-help'>".EXTLAN_20."</span>
|
".r_userclass("user_applicable", $current['user_extended_struct_applicable'], 'off', 'member, admin, main, classes, nobody')."<br /><span class='field-help'>".EXTLAN_20."</span>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
|
||||||
<tr>
|
<tr>
|
||||||
<td>".EXTLAN_6."</td>
|
<td>".EXTLAN_6."</td>
|
||||||
<td colspan='3'>
|
<td colspan='3'>
|
||||||
".r_userclass("user_read", $current['user_extended_struct_read'], 'off', 'public, member, admin, readonly, classes')."<br /><span class='field-help'>".EXTLAN_22."</span>
|
".r_userclass("user_read", $current['user_extended_struct_read'], 'off', 'public, member, admin, main, readonly, classes')."<br /><span class='field-help'>".EXTLAN_22."</span>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
|
||||||
<tr>
|
<tr>
|
||||||
<td>".EXTLAN_7."</td>
|
<td>".EXTLAN_7."</td>
|
||||||
<td colspan='3'>
|
<td colspan='3'>
|
||||||
".r_userclass("user_write", $current['user_extended_struct_write'], 'off', 'member, admin, classes')."<br /><span class='field-help'>".EXTLAN_21."</span>
|
".r_userclass("user_write", $current['user_extended_struct_write'], 'off', 'member, admin, main, classes')."<br /><span class='field-help'>".EXTLAN_21."</span>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
|
||||||
@@ -796,12 +848,12 @@ class users_ext
|
|||||||
if($i > 0)
|
if($i > 0)
|
||||||
{
|
{
|
||||||
$text .= "
|
$text .= "
|
||||||
<input type='image' alt='' title='".EXTLAN_26."' src='".e_IMAGE."/admin_images/up.png' name='catup' value='{$ext['user_extended_struct_id']}.{$i}' />
|
<input type='image' alt='' title='".EXTLAN_26."' src='".ADMIN_UP_ICON_PATH."' name='catup' value='{$ext['user_extended_struct_id']}.{$i}' />
|
||||||
";
|
";
|
||||||
}
|
}
|
||||||
if($i <= count($catList)-2)
|
if($i <= count($catList)-2)
|
||||||
{
|
{
|
||||||
$text .= "<input type='image' alt='' title='".EXTLAN_25."' src='".e_IMAGE."/admin_images/down.png' name='catdown' value='{$ext['user_extended_struct_id']}.{$i}' />";
|
$text .= "<input type='image' alt='' title='".EXTLAN_25."' src='".ADMIN_DOWN_ICON_PATH."' name='catdown' value='{$ext['user_extended_struct_id']}.{$i}' />";
|
||||||
}
|
}
|
||||||
$text .= "
|
$text .= "
|
||||||
</form>
|
</form>
|
||||||
@@ -1138,7 +1190,7 @@ class users_ext
|
|||||||
|
|
||||||
function headerjs()
|
function headerjs()
|
||||||
{
|
{
|
||||||
|
|
||||||
//FIXME
|
//FIXME
|
||||||
include_once(e_LANGUAGEDIR.e_LANGUAGE."/lan_user_extended.php");
|
include_once(e_LANGUAGEDIR.e_LANGUAGE."/lan_user_extended.php");
|
||||||
$text = "
|
$text = "
|
||||||
|
|||||||
@@ -1642,7 +1642,7 @@ class e_front_model extends e_model
|
|||||||
}*/
|
}*/
|
||||||
|
|
||||||
$data = $this->getPostedData();
|
$data = $this->getPostedData();
|
||||||
$valid_data = $this->getValidator()->getValidData();
|
$valid_data = $validate ? $this->getValidator()->getValidData() : array();
|
||||||
|
|
||||||
if($sanitize)
|
if($sanitize)
|
||||||
{
|
{
|
||||||
@@ -2478,7 +2478,10 @@ class e_tree_model extends e_front_model
|
|||||||
// auto-load all
|
// auto-load all
|
||||||
if(!$this->getParam('db_query') && $this->getModelTable())
|
if(!$this->getParam('db_query') && $this->getModelTable())
|
||||||
{
|
{
|
||||||
$this->setParam('db_query', 'SELECT'.(!$this->getParam('nocount') ? ' SQL_CALC_FOUND_ROWS' : '').' * FROM #'.$this->getModelTable());
|
$this->setParam('db_query', 'SELECT'.(!$this->getParam('nocount') ? ' SQL_CALC_FOUND_ROWS' : '').' * FROM #'.$this->getModelTable()
|
||||||
|
.($this->getParam('db_order') ? ' ORDER BY '.$this->getParam('db_order') : '')
|
||||||
|
.($this->getParam('db_limit') ? ' LIMIT '.$this->getParam('db_limit') : '')
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if($this->getParam('db_query') && $class_name && class_exists($class_name))
|
if($this->getParam('db_query') && $class_name && class_exists($class_name))
|
||||||
|
|||||||
@@ -142,22 +142,22 @@ class e_user_model extends e_front_model
|
|||||||
|
|
||||||
final public function getAdminName()
|
final public function getAdminName()
|
||||||
{
|
{
|
||||||
return ($this->isAdmin() ? $this->getValue('name') : '');
|
return ($this->isAdmin() ? $this->get('user_name') : false);
|
||||||
}
|
}
|
||||||
|
|
||||||
final public function getAdminEmail()
|
final public function getAdminEmail()
|
||||||
{
|
{
|
||||||
return ($this->isAdmin() ? $this->getValue('email') : '');
|
return ($this->isAdmin() ? $this->get('user_email') : false);
|
||||||
}
|
}
|
||||||
|
|
||||||
final public function getAdminPwchange()
|
final public function getAdminPwchange()
|
||||||
{
|
{
|
||||||
return ($this->isAdmin() ? $this->getValue('pwchange') : '');
|
return ($this->isAdmin() ? $this->get('user_pwchange') : false);
|
||||||
}
|
}
|
||||||
|
|
||||||
final public function getAdminPerms()
|
final public function getAdminPerms()
|
||||||
{
|
{
|
||||||
return $this->getValue('perms');
|
return ($this->isAdmin() ? $this->get('user_perms') : false);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function isCurrent()
|
public function isCurrent()
|
||||||
@@ -167,7 +167,7 @@ class e_user_model extends e_front_model
|
|||||||
|
|
||||||
final public function isAdmin()
|
final public function isAdmin()
|
||||||
{
|
{
|
||||||
return ($this->getValue('admin') ? true : false);
|
return ($this->get('user_admin') ? true : false);
|
||||||
}
|
}
|
||||||
|
|
||||||
final public function isMainAdmin()
|
final public function isMainAdmin()
|
||||||
@@ -180,6 +180,21 @@ class e_user_model extends e_front_model
|
|||||||
return ($this->getId() ? true : false);
|
return ($this->getId() ? true : false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
final public function isGuest()
|
||||||
|
{
|
||||||
|
return ($this->getId() ? false : true);
|
||||||
|
}
|
||||||
|
|
||||||
|
final public function hasBan()
|
||||||
|
{
|
||||||
|
return ((integer)$this->get('user_ban') === 1 ? true : false);
|
||||||
|
}
|
||||||
|
|
||||||
|
final public function hasRestriction()
|
||||||
|
{
|
||||||
|
return ((integer)$this->get('user_ban') === 0 ? false : true);
|
||||||
|
}
|
||||||
|
|
||||||
public function hasEditor()
|
public function hasEditor()
|
||||||
{
|
{
|
||||||
return (null !== $this->_editor);
|
return (null !== $this->_editor);
|
||||||
@@ -328,12 +343,12 @@ class e_user_model extends e_front_model
|
|||||||
* Get User extended value
|
* Get User extended value
|
||||||
*
|
*
|
||||||
* @param string$field
|
* @param string$field
|
||||||
* @param string $default
|
* @param boolean $short if true, 'user_' prefix will be added to field name
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function getExtended($field)
|
public function getExtended($field, $short = true)
|
||||||
{
|
{
|
||||||
return $this->getExtendedModel()->getValue($field);
|
return $this->getExtendedModel()->getValue($field, $short);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -341,11 +356,12 @@ class e_user_model extends e_front_model
|
|||||||
*
|
*
|
||||||
* @param string $field
|
* @param string $field
|
||||||
* @param mixed $value
|
* @param mixed $value
|
||||||
|
* @param boolean $short if true, 'user_' prefix will be added to field name
|
||||||
* @return e_user_model
|
* @return e_user_model
|
||||||
*/
|
*/
|
||||||
public function setExtended($field, $value)
|
public function setExtended($field, $value, $short = true)
|
||||||
{
|
{
|
||||||
$this->getExtendedModel()->setValue($field, $value);
|
$this->getExtendedModel()->setValue($field, $value, $short);
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -547,9 +563,16 @@ class e_user_model extends e_front_model
|
|||||||
{
|
{
|
||||||
$this->clearTarget()
|
$this->clearTarget()
|
||||||
->removeData();
|
->removeData();
|
||||||
|
|
||||||
|
$this->_class_list = array();
|
||||||
|
$this->_editor = null;
|
||||||
|
$this->_extended_structure = null;
|
||||||
|
$this->_user_config = null;
|
||||||
|
|
||||||
if (null !== $this->_extended_model)
|
if (null !== $this->_extended_model)
|
||||||
{
|
{
|
||||||
$this->_extended_model->destroy();
|
$this->_extended_model->destroy();
|
||||||
|
$this->_extended_model = null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -638,22 +661,48 @@ class e_user extends e_user_model
|
|||||||
* @param string $upass_plain
|
* @param string $upass_plain
|
||||||
* @param boolean $uauto
|
* @param boolean $uauto
|
||||||
* @param string $uchallange
|
* @param string $uchallange
|
||||||
|
* @param boolean $noredirect
|
||||||
* @return boolean success
|
* @return boolean success
|
||||||
*/
|
*/
|
||||||
final public function login($uname, $upass_plain, $uauto = false, $uchallange = false)
|
final public function login($uname, $upass_plain, $uauto = false, $uchallange = false, $noredirect = true)
|
||||||
{
|
{
|
||||||
if($this->isUser()) return false;
|
if($this->isUser()) return false;
|
||||||
|
|
||||||
$userlogin = new userlogin($uname, $upass_plain, $uauto, $uchallange, true);
|
$userlogin = new userlogin($uname, $upass_plain, $uauto, $uchallange, $noredirect);
|
||||||
$this->setSessionData(true)
|
$this->setSessionData(true)
|
||||||
->setData($userlogin->getUserData());
|
->setData($userlogin->getUserData());
|
||||||
|
|
||||||
return $this->isUser();
|
return $this->isUser();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Login as another user account
|
||||||
|
* @param integer $user_id
|
||||||
|
* @return boolean success
|
||||||
|
*/
|
||||||
final public function loginAs($user_id)
|
final public function loginAs($user_id)
|
||||||
{
|
{
|
||||||
// TODO - set session data required for loadAs()
|
// TODO - set session data required for loadAs()
|
||||||
|
if($this->getParentId()
|
||||||
|
|| !$this->isMainAdmin()
|
||||||
|
|| empty($user_id)
|
||||||
|
|| $this->getSessionDataAs()
|
||||||
|
|| $user_id == $this->getId()
|
||||||
|
) return false;
|
||||||
|
|
||||||
|
$key = $this->_session_key.'_as';
|
||||||
|
|
||||||
|
if('session' == $this->_session_type)
|
||||||
|
{
|
||||||
|
$_SESSION[$key] = $user_id;
|
||||||
|
}
|
||||||
|
elseif('cookie' == $this->_session_type)
|
||||||
|
{
|
||||||
|
$_COOKIE[$key] = $user_id;
|
||||||
|
cookie($key, $user_id);
|
||||||
|
}
|
||||||
|
//$this->loadAs(); - shouldn't be called here - loginAs should be called in Admin area only, loadAs - front-end
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -701,10 +750,10 @@ class e_user extends e_user_model
|
|||||||
$this->setData($this->_parent_model->getData());
|
$this->setData($this->_parent_model->getData());
|
||||||
|
|
||||||
// cleanup
|
// cleanup
|
||||||
$this->_destroyAsSession();
|
|
||||||
$this->_parent_id = false;
|
$this->_parent_id = false;
|
||||||
$this->_parent_model = $this->_parent_extstruct = $this->_parent_extmodel = $this->_parent_config = null;
|
$this->_parent_model = $this->_parent_extstruct = $this->_parent_extmodel = $this->_parent_config = null;
|
||||||
}
|
}
|
||||||
|
$this->_destroyAsSession();
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -714,11 +763,10 @@ class e_user extends e_user_model
|
|||||||
*/
|
*/
|
||||||
final public function load($force = false, $denyAs = false)
|
final public function load($force = false, $denyAs = false)
|
||||||
{
|
{
|
||||||
// init_session() should come here
|
|
||||||
// $this->initConstants(); - called after data is loaded
|
|
||||||
|
|
||||||
if(!$force && $this->getId()) return $this;
|
if(!$force && $this->getId()) return $this;
|
||||||
|
|
||||||
|
if(deftrue('e_ADMIN_AREA')) $denyAs = true;
|
||||||
|
|
||||||
// always run cli as main admin
|
// always run cli as main admin
|
||||||
if(e107::isCli())
|
if(e107::isCli())
|
||||||
{
|
{
|
||||||
@@ -772,7 +820,7 @@ class e_user extends e_user_model
|
|||||||
final public function loadAs()
|
final public function loadAs()
|
||||||
{
|
{
|
||||||
// FIXME - option to avoid it when browsing Admin area
|
// FIXME - option to avoid it when browsing Admin area
|
||||||
$loginAs = $this->_getSessionDataAs();
|
$loginAs = $this->getSessionDataAs();
|
||||||
if(!$this->getParentId() && false !== $loginAs && $loginAs !== $this->getId() && $loginAs !== 1 && $this->isMainAdmin())
|
if(!$this->getParentId() && false !== $loginAs && $loginAs !== $this->getId() && $loginAs !== 1 && $this->isMainAdmin())
|
||||||
{
|
{
|
||||||
$uasdata = $this->_load($loginAs);
|
$uasdata = $this->_load($loginAs);
|
||||||
@@ -780,7 +828,7 @@ class e_user extends e_user_model
|
|||||||
{
|
{
|
||||||
// backup parent user data to prevent further db queries
|
// backup parent user data to prevent further db queries
|
||||||
$this->_parent_id = $this->getId();
|
$this->_parent_id = $this->getId();
|
||||||
$this->_parent_model = new e_system_user($this->getData());
|
$this->_parent_model = new e_user_model($this->getData());
|
||||||
$this->setData($uasdata);
|
$this->setData($uasdata);
|
||||||
|
|
||||||
// not allowed - revert back
|
// not allowed - revert back
|
||||||
@@ -806,6 +854,7 @@ class e_user extends e_user_model
|
|||||||
$this->_parent_model = null;
|
$this->_parent_model = null;
|
||||||
$this->_parent_extstruct = $this->_parent_extmodel = null;
|
$this->_parent_extstruct = $this->_parent_extmodel = null;
|
||||||
}
|
}
|
||||||
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
final protected function _destroySession()
|
final protected function _destroySession()
|
||||||
@@ -832,7 +881,7 @@ class e_user extends e_user_model
|
|||||||
return $this->_destroySession();
|
return $this->_destroySession();
|
||||||
}
|
}
|
||||||
|
|
||||||
final protected function _getSessionDataAs()
|
final public function getSessionDataAs()
|
||||||
{
|
{
|
||||||
$id = false;
|
$id = false;
|
||||||
$key = $this->_session_key.'_as';
|
$key = $this->_session_key.'_as';
|
||||||
@@ -1027,13 +1076,18 @@ class e_user_extended_model extends e_front_model
|
|||||||
* Returns NULL when field/default value not found or not enough permissions
|
* Returns NULL when field/default value not found or not enough permissions
|
||||||
* @param string $field
|
* @param string $field
|
||||||
* @param boolean $short if true, 'user_' prefix will be added to field name
|
* @param boolean $short if true, 'user_' prefix will be added to field name
|
||||||
|
* @param boolean $raw don't retrieve db value
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function getValue($field, $short = true)
|
public function getValue($field, $short = true, $raw = false)
|
||||||
{
|
{
|
||||||
if($short) $field = 'user_'.$field;
|
if($short) $field = 'user_'.$field;
|
||||||
if (!$this->checkRead($field))
|
if (!$this->checkRead($field))
|
||||||
return null;
|
return null;
|
||||||
|
if(!$raw && vartrue($this->_struct_index[$field]['db']))
|
||||||
|
{
|
||||||
|
return $this->getDbValue($field);
|
||||||
|
}
|
||||||
return $this->get($field, $this->getDefault($field));
|
return $this->get($field, $this->getDefault($field));
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1054,6 +1108,26 @@ class e_user_extended_model extends e_front_model
|
|||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected function getDbValue($field)
|
||||||
|
{
|
||||||
|
if(null !== $this->_struct_index[$field]['db_value'])
|
||||||
|
{
|
||||||
|
return $this->_struct_index[$field]['db_value'];
|
||||||
|
}
|
||||||
|
|
||||||
|
// retrieve db data
|
||||||
|
$value = $this->get($field);
|
||||||
|
list($table, $field_id, $field_name, $field_order) = explode(',', $this->_struct_index[$field]['db'], 4);
|
||||||
|
$this->_struct_index[$field]['db_value'] = $value;
|
||||||
|
if($value && $table && $field_id && $field_name && e107::getDb()->db_Select($table, $field_name, "{$field_id}='{$value}'"))
|
||||||
|
{
|
||||||
|
$res = e107::getDb()->db_Fetch();
|
||||||
|
$this->_struct_index[$field]['db_value'] = $res[$field_name];
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->_struct_index[$field]['db_value'];
|
||||||
|
}
|
||||||
|
|
||||||
public function getReadData()
|
public function getReadData()
|
||||||
{
|
{
|
||||||
// TODO array allowed profile page data (read mode)
|
// TODO array allowed profile page data (read mode)
|
||||||
@@ -1157,6 +1231,8 @@ class e_user_extended_model extends e_front_model
|
|||||||
if (!in_array($field->getValue('name'), $ignore))
|
if (!in_array($field->getValue('name'), $ignore))
|
||||||
{
|
{
|
||||||
$this->_struct_index['user_'.$field->getValue('name')] = array(
|
$this->_struct_index['user_'.$field->getValue('name')] = array(
|
||||||
|
'db' => $field->getValue('type') == 4 ? $field->getValue('values') : '',
|
||||||
|
'db_value' => null, // used later for caching DB results
|
||||||
'read' => $field->getValue('read'),
|
'read' => $field->getValue('read'),
|
||||||
'write' => $field->getValue('write'),
|
'write' => $field->getValue('write'),
|
||||||
'signup' => $field->getValue('signup'),
|
'signup' => $field->getValue('signup'),
|
||||||
@@ -1312,6 +1388,22 @@ class e_user_extended_structure_model extends e_model
|
|||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function isCategory()
|
||||||
|
{
|
||||||
|
return ($this->getValue('type') ? false : true);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getCategoryId()
|
||||||
|
{
|
||||||
|
return $this->getValue('parent');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getLabel()
|
||||||
|
{
|
||||||
|
$label = $this->isCategory() ? $this->getValue('name') : $this->getValue('text');
|
||||||
|
return defset($label, $label);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Loading of single structure row not allowed for front model
|
* Loading of single structure row not allowed for front model
|
||||||
*/
|
*/
|
||||||
@@ -1353,10 +1445,22 @@ class e_user_extended_structure_tree extends e_tree_model
|
|||||||
protected $_cache_force = true;
|
protected $_cache_force = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Force system cache (cache used even if disabled by site admin)
|
* Index for speed up retrieving by name routine
|
||||||
* @var boolen
|
* @var array
|
||||||
*/
|
*/
|
||||||
protected $_name_index = true;
|
protected $_name_index = array();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Category Index - numerical array of id's
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
protected $_category_index = array();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Items by category list
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
protected $_parent_index = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor - auto-load
|
* Constructor - auto-load
|
||||||
@@ -1367,6 +1471,10 @@ class e_user_extended_structure_tree extends e_tree_model
|
|||||||
$this->load();
|
$this->load();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $name name field value
|
||||||
|
* @return e_user_extended_structure_model
|
||||||
|
*/
|
||||||
public function getNodeByName($name)
|
public function getNodeByName($name)
|
||||||
{
|
{
|
||||||
if ($this->isNodeName($name))
|
if ($this->isNodeName($name))
|
||||||
@@ -1376,14 +1484,44 @@ class e_user_extended_structure_tree extends e_tree_model
|
|||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if node exists by its name field value
|
||||||
|
* @param string $name
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
public function isNodeName($name)
|
public function isNodeName($name)
|
||||||
{
|
{
|
||||||
return (isset($this->_name_index[$name]) && $this->isNode($this->_name_index[$name]));
|
return (isset($this->_name_index[$name]) && $this->isNode($this->_name_index[$name]));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get node ID by node name field
|
||||||
|
* @param string $name
|
||||||
|
* @return integer
|
||||||
|
*/
|
||||||
public function getNodeId($name)
|
public function getNodeId($name)
|
||||||
{
|
{
|
||||||
return $this->_name_index[$name];
|
return (isset($this->_name_index[$name]) ? $this->_name_index[$name] : null);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get collection of nodes of type category
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
public function getCategoryTree()
|
||||||
|
{
|
||||||
|
return $this->_array_intersect_key($this->getTree(), array_combine($this->_category_index, $this->_category_index));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get collection of nodes assigned to a specific category
|
||||||
|
* @param integer $category_id
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
public function getTreeByCategory($category_id)
|
||||||
|
{
|
||||||
|
if(!isset($this->_parent_index[$category_id]) || empty($this->_parent_index[$category_id])) return array();
|
||||||
|
return $this->_array_intersect_key($this->getTree(), array_combine($this->_parent_index[$category_id], $this->_parent_index[$category_id]));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -1394,24 +1532,57 @@ class e_user_extended_structure_tree extends e_tree_model
|
|||||||
public function load($force = false)
|
public function load($force = false)
|
||||||
{
|
{
|
||||||
$this->setParam('nocount', true)
|
$this->setParam('nocount', true)
|
||||||
->setParam('model_class', 'e_user_extended_structure_model');
|
->setParam('model_class', 'e_user_extended_structure_model')
|
||||||
|
->setParam('db_order', 'user_extended_struct_order ASC');
|
||||||
parent::load($force);
|
parent::load($force);
|
||||||
|
print_a($this->_category_index);
|
||||||
|
print_a($this->_parent_index);
|
||||||
|
print_a($this->_name_index);
|
||||||
|
print_a($this->getTreeByCategory(4));
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Build name index on load
|
* Build all indexes on load
|
||||||
|
* (New) This method is auto-triggered by core load() method
|
||||||
* @param e_user_extended_structure_model $model
|
* @param e_user_extended_structure_model $model
|
||||||
*/
|
*/
|
||||||
protected function _onLoad($model)
|
protected function _onLoad($model)
|
||||||
{
|
{
|
||||||
$this->_name_index['user_'.$model->getValue('name')] = $model->getId();
|
if($model->isCategory())
|
||||||
|
{
|
||||||
|
$this->_category_index[] = $model->getId();
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$this->_name_index['user_'.$model->getValue('name')] = $model->getId();
|
||||||
|
$this->_parent_index[$model->getCategoryId()][] = $model->getId();
|
||||||
|
}
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Compatibility - array_intersect_key() available since PHP 5.1
|
||||||
|
*
|
||||||
|
* @see http://php.net/manual/en/function.array-intersect-key.php
|
||||||
|
* @param array $array1
|
||||||
|
* @param array $array2
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
protected function _array_intersect_key($array1, $array2)
|
||||||
|
{
|
||||||
|
if(function_exists('array_intersect_key')) return array_intersect_key($array1, $array2);
|
||||||
|
|
||||||
|
$ret = array();
|
||||||
|
foreach ($array1 as $k => $v)
|
||||||
|
{
|
||||||
|
if(isset($array2[$k])) $ret[$k] = $v;
|
||||||
|
}
|
||||||
|
return $ret;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class e_user_pref extends e_model
|
class e_user_pref extends e_front_model
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* @var e_user_model
|
* @var e_user_model
|
||||||
@@ -1441,7 +1612,8 @@ class e_user_pref extends e_model
|
|||||||
$data = $this->_user->get('user_prefs', '');
|
$data = $this->_user->get('user_prefs', '');
|
||||||
if(!empty($data))
|
if(!empty($data))
|
||||||
{
|
{
|
||||||
$data = e107::getArrayStorage()->ReadArray($data);
|
// BC
|
||||||
|
$data = substr($data, 0, 5) == "array" ? e107::getArrayStorage()->ReadArray($data) : unserialize($data);
|
||||||
if(!$data) $data = array();
|
if(!$data) $data = array();
|
||||||
}
|
}
|
||||||
else $data = array();
|
else $data = array();
|
||||||
@@ -1465,10 +1637,14 @@ class e_user_pref extends e_model
|
|||||||
* Save and apply user preferences
|
* Save and apply user preferences
|
||||||
* @return boolean success
|
* @return boolean success
|
||||||
*/
|
*/
|
||||||
public function save()
|
public function save($from_post = false)
|
||||||
{
|
{
|
||||||
if($this->_user->getId())
|
if($this->_user->getId())
|
||||||
{
|
{
|
||||||
|
if($from_post)
|
||||||
|
{
|
||||||
|
$this->mergePostedData(false, true, false);
|
||||||
|
}
|
||||||
$data = $this->toString(true);
|
$data = $this->toString(true);
|
||||||
$this->apply();
|
$this->apply();
|
||||||
return (e107::getDb('user_prefs')->db_Update('user', "user_prefs='{$data}' WHERE user_id=".$this->_user->getId()) ? true : false);
|
return (e107::getDb('user_prefs')->db_Update('user', "user_prefs='{$data}' WHERE user_id=".$this->_user->getId()) ? true : false);
|
||||||
|
|||||||
@@ -260,4 +260,8 @@ define("USFLAN_6", "User ID");
|
|||||||
define("USFLAN_7", "User Information");
|
define("USFLAN_7", "User Information");
|
||||||
|
|
||||||
|
|
||||||
?>
|
define('USRLAN_AS_1', 'Login as %s');
|
||||||
|
define('USRLAN_AS_2', 'Logout from %s account');
|
||||||
|
define('USRLAN_AS_3', 'You are already logged in as another user account. Please logout first.');
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user