Файл: adultscript-2.0.3-pro/files/admin/modules/user/components/edit.php
Строк: 262
<?php
defined('_VALID') or die('Restricted Access!');
class VComponent_Admin_user_edit extends VModule_Admin_user
{
public function __construct()
{
parent::__construct();
}
public function render()
{
$ucfg = VF::cfg('module.user');
$errors = array();
$messages = array();
$groups = $this->get_groups();
$countries = VCountry::get();
$user = array();
$user_id = (isset($_GET['id']) && is_numeric($_GET['id'])) ? (int) trim($_GET['id']) : NULL;
$this->db->query("SELECT user_id FROM #__user WHERE user_id = ".$user_id." LIMIT 1");
if ($this->db->affected_rows()) {
if (isset($_POST['submit_user_edit'])) {
$filter = VF::factory('filter');
$username = $filter->get('username');
$group = (int) trim($_POST['group']);
$email = $filter->get('email');
$password = trim($_POST['password']);
$password_c = trim($_POST['password_confirm']);
$verified = (int) trim($_POST['verified']);
$locked = (int) trim($_POST['locked']);
$status = (int) trim($_POST['status']);
$name = $filter->get('name');
$birth_day = $filter->get('Date_day', 'INTEGER');
$birth_month = $filter->get('Date_month', 'INTEGER');
$birth_year = $filter->get('Date_year', 'INTEGER');
$gender = $filter->get('gender');
$relation = $filter->get('relation');
$interested = $filter->get('interested');
$country = $filter->get('country');
$city = $filter->get('city');
$zip = $filter->get('zip');
$website = $filter->get('website');
$company = $filter->get('company');
$school = $filter->get('school');
$occupation = $filter->get('occupation');
$about = $filter->get('about');
$hobbies = $filter->get('hobbies');
$movies = $filter->get('movies');
$music = $filter->get('music');
$books = $filter->get('books');
$turn_on = $filter->get('turn_on');
$turn_off = $filter->get('turn_off');
$profile = $filter->get('profile');
$profile_comments = $filter->get('profile_comments');
$show_videos = $filter->get('show_videos');
$show_video_favorites = $filter->get('show_video_favorites');
$show_video_history = $filter->get('show_video_ratings');
$show_video_ratings = $filter->get('show_video_ratings');
$show_video_playlists = $filter->get('show_video_playlists');
$show_friends = $filter->get('show_friends');
$show_subscriptions = $filter->get('show_subscriptions');
$show_subscribers = $filter->get('show_subscribers');
$show_activity = $filter->get('show_activity');
$allow_comments = $filter->get('allow_comments');
$allow_friends = $filter->get('allow_friends');
$allow_message = $filter->get('allow_message');
$video_approve = (isset($_POST['video_approve']) && $_POST['video_approve'] == 'on') ? 1 : 0;
$video_comment = (isset($_POST['video_comment']) && $_POST['video_comment'] == 'on') ? 1 : 0;
$video_rating = (isset($_POST['video_rating']) && $_POST['video_rating'] == 'on') ? 1 : 0;
$subscription = (isset($_POST['subscription']) && $_POST['subscription'] == 'on') ? 1 : 0;
$friend_request = (isset($_POST['friend_request']) && $_POST['friend_request'] == 'on') ? 1 : 0;
$friend_approve = (isset($_POST['friend_approve']) && $_POST['friend_approve'] == 'on') ? 1 : 0;
$new_message = (isset($_POST['new_message']) && $_POST['new_message'] == 'on') ? 1 : 0;
$profile_comment = (isset($_POST['profile_comment']) && $_POST['profile_comment'] == 'on') ? 1 : 0;
if (VModule::enabled('premium') && isset($_POST['credit'])) {
$credit = floatval($filter->get('credit'));
$start_date = $filter->get('start_date');
$end_date = $filter->get('end_date');
$pstatus = (int) trim($_POST['pstatus']);
if ($start_date != '') {
if (!VValid::date_string($start_date)) {
$errors[] = 'Premium start date is not a valid date!';
} else {
$start_time = strtotime($start_date);
}
}
if ($end_date != '') {
if (!VValid::date_string($end_date)) {
$errors[] = 'Premium end date is not a valid date!';
} else {
$end_time = strtotime($end_date);
}
}
if (isset($start_time) && isset($end_time)) {
if ($end_time < $start_time) {
$errors[] = 'Premium end date is lower than premium start date (in the past)!';
}
}
}
if ($username == '') {
$errors[] = 'Username field cannot be left blank!';
} elseif (!VValid::length($username, 1, 16)) {
$errors[] = 'Username can contain maximum 16 characters!';
} elseif (!VValid::aldash($username)) {
$errors[] = 'Username can contain only alphanumeric characters, dashes and underscores!';
} else {
$this->db->query("SELECT user_id FROM #__user WHERE username = '".$this->db->escape($username)."' AND user_id != ".$user_id." LIMIT 1");
if ($this->db->affected_rows()) {
$errors[] = 'Username is already used by another user!';
}
}
if ($email == '') {
$errors[] = 'Email field cannot be left blank!';
} elseif (!VValid::email($email)) {
$errors[] = 'Email is not a valid email address!';
} else {
$this->db->query("SELECT user_id FROM #__user WHERE email = '".$this->db->escape($email)."' AND user_id != ".$user_id." LIMIT 1");
if ($this->db->affected_rows()) {
$errors[] = 'Email is already used by another user!';
}
}
if ($password != '') {
if ($password != $password_c) {
$errors[] = 'New password and confirmation password are not the same!';
}
}
if ($birth_day !== 0 OR $birth_month !== 0 OR $birth_year !== 0) {
if ($birth_day === 0 OR $birth_month === 0 OR $birth_year === 0) {
$errors[] = 'Please enter your complete birth date!';
} else {
if (!checkdate($birth_month, $birth_day, $birth_year)) {
$errors[] = 'Birth date is not a valid date!';
} else {
$birth_date = $birth_year.'-'.sprintf('%02d', $birth_month).'-'.sprintf('%02d', $birth_day);
}
}
} else {
$birth_date = '0000-00-00';
}
if ($website != '') {
if (!VValid::url($website)) {
$errors[] = 'Personal website url is not a valid url address!';
}
}
if ($gender != 'hidden') {
if (!in_array($gender, array('male', 'female'))) {
$errors[] = 'Invalid gender! What exactly did you select!?';
}
}
if ($relation != 'hidden') {
if (!in_array($relation, array('single', 'taken', 'open'))) {
$errors[] = 'Invalid relation! What exactly did you select!?';
}
}
if ($interested != 'hidden') {
if (!in_array($interested, array('boys', 'girls', 'boys+girls'))) {
$errors[] = 'Invalid interested! What exactly did you select!?';
}
}
if ($country != '') {
$country = (isset($countries[$country])) ? $countries[$country] : '';
if ($country == '') {
$errors[] = 'Invalid country! What exactly did you select!?';
}
}
if (isset($_POST['photo'])) {
$photo = basename($filter->get('photo'));
$photo = substr($photo, 0, strrpos($photo, '?'));
$x = (int) $_POST['x'];
$y = (int) $_POST['y'];
$x2 = (int) $_POST['x2'];
$y2 = (int) $_POST['y2'];
$w = (int) $_POST['w'];
$h = (int) $_POST['h'];
$src = TMP_DIR.'/uploads/'.$photo;
$dst = MEDIA_DIR.'/users/'.$photo;
$image = VF::factory('image');
if ($image->load($src) &&
$image->crop($x, $y, $w, $h, $dst)) {
$ext = VFile::ext($photo);
unset($src);
} else {
$errors[] = 'Failed to crop avatar! Invalid permissions!?';
}
}
if (!$errors) {
$sql_pw = ($password != '') ? "password = '".VHash::encrypt($password)."'," : '';
$sql_avatar = (isset($ext)) ? "avatar = '".$this->db->escape($ext)."'," : '';
$this->db->query("UPDATE #__user
SET group_id = ".$group.",
username = '".$this->db->escape($username)."',
email = '".$this->db->escape($email)."',".$sql_pw.$sql_avatar."
name = '".$this->db->escape($name)."',
birth_date = '".$this->db->escape($birth_date)."',
gender = '".$this->db->escape($gender)."',
relation = '".$this->db->escape($relation)."',
country = '".$this->db->escape($country)."',
city = '".$this->db->escape($city)."',
zip = '".$this->db->escape($zip)."',
verified = '".$verified."',
locked = '".$locked."',
status = '".$status."'
WHERE user_id = ".$user_id."
LIMIT 1");
$this->db->query("UPDATE #__user_profile
SET about = '".$this->db->escape($about)."',
website = '".$this->db->escape($website)."',
occupation = '".$this->db->escape($occupation)."',
school = '".$this->db->escape($school)."',
company = '".$this->db->escape($company)."',
hobbies = '".$this->db->escape($hobbies)."',
movies = '".$this->db->escape($movies)."',
music = '".$this->db->escape($music)."',
books = '".$this->db->escape($books)."',
turn_on = '".$this->db->escape($turn_on)."',
turn_off = '".$this->db->escape($turn_off)."'
WHERE user_id = ".$user_id."
LIMIT 1");
$this->db->query("UPDATE #__user_preferences
SET profile = '".$this->db->escape($profile)."',
profile_comments = '".$this->db->escape($profile_comments)."',
show_videos = '".$this->db->escape($show_videos)."',
show_video_favorites = '".$this->db->escape($show_video_favorites)."',
show_video_history = '".$this->db->escape($show_video_history)."',
show_video_ratings = '".$this->db->escape($show_video_ratings)."',
show_video_playlists = '".$this->db->escape($show_video_playlists)."',
show_friends = '".$this->db->escape($show_friends)."',
show_subscriptions = '".$this->db->escape($show_subscriptions)."',
show_subscribers = '".$this->db->escape($show_subscribers)."',
show_activity = '".$this->db->escape($show_activity)."',
allow_comments = '".$this->db->escape($allow_comments)."',
allow_friends = '".$this->db->escape($allow_friends)."',
allow_message = '".$this->db->escape($allow_message)."'
WHERE user_id = ".$user_id."
LIMIT 1");
$this->db->query("UPDATE #__user_notifications
SET video_approve = '".$video_approve."',
video_comment = '".$video_comment."',
video_rating = '".$video_rating."',
subscription = '".$subscription."',
friend_request = '".$friend_request."',
friend_approve = '".$friend_approve."',
new_message = '".$new_message."',
profile_comment = '".$profile_comment."'
WHERE user_id = ".$user_id."
LIMIT 1");
if (isset($credit)) {
$this->db->query("SELECT user_id
FROM #__user_premium
WHERE user_id = ".$user_id."
LIMIT 1");
if ($this->db->affected_rows()) {
$this->db->query("UPDATE #__user_premium
SET start_date = '".$this->db->escape($start_date)."',
end_date = '".$this->db->escape($end_date)."',
credit = ".$credit.",
status = '".$pstatus."'
WHERE user_id = ".$user_id."
LIMIT 1");
} else {
$this->db->query("INSERT INTO #__user_premium
SET user_id = ".$user_id.",
start_date = '".$this->db->escape($start_date)."',
end_date = '".$this->db->escape($end_date)."',
credit = ".$credit.",
status = '".$pstatus."'");
}
}
$messages[] = 'User updated!';
}
}
$this->db->query("SELECT u.*, ua.*, up.*, upp.*, un.*, p.credit, p.start_date,
p.end_date, p.status as pstatus
FROM #__user AS u
LEFT JOIN #__user_activity AS ua ON (ua.user_id = u.user_id)
LEFT JOIN #__user_profile AS up ON (up.user_id = u.user_id)
LEFT JOIN #__user_preferences AS upp ON (upp.user_id = u.user_id)
LEFT JOIN #__user_notifications AS un ON (un.user_id = u.user_id)
LEFT JOIN #__user_premium AS p ON (p.user_id = u.user_id)
WHERE u.user_id = ".$user_id."
LIMIT 1");
$user = $this->db->fetch_assoc();
}
$tpl = VF::factory('template');
$tpl->menu = 'user';
$tpl->submenu = 'user_manage';
$tpl->meta_title = 'Admin::User::Edit';
$tpl->errors = $errors;
$tpl->messages = $messages;
$tpl->ucfg = $ucfg;
$tpl->groups = $groups;
$tpl->countries = $countries;
$tpl->user = $user;
$tpl->load(array('header', 'user_edit', 'footer'));
$tpl->display();
}
private function get_groups()
{
$this->db->query("SELECT group_id, name FROM #__user_groups ORDER BY group_id ASC");
if ($this->db->affected_rows()) {
return $this->db->fetch_rows();
}
die('Failed to load the user groups table!');
}
}
?>