index.php | searchcode

/modules/users/index.php

https://bitbucket.org/ssimpledecision/simpledecision
PHP | 191 lines | 188 code | 3 blank | 0 comment | 31 complexity | b4920f27d012f3fff04c73aaa379b3c0 MD5 | raw file

<? include "../../inc/header_m.php";?>
<?
$searchinmodul=$_POST['searchinmodul'];
if (!empty($searchinmodul)){
	$searchinmodul=explode(' ', $searchinmodul);
	foreach ($searchinmodul as $key => $value) {
		$searchinmodules.="or UPPER(name) LIKE '%".strtoupper($value)."%' ";
		$searchinmodules.="or UPPER(nik) LIKE '%".strtoupper($value)."%' ";
		$searchinmodules.="or UPPER(login) LIKE '%".strtoupper($value)."%' ";
		$searchinmodules.="or UPPER(email) LIKE '%".strtoupper($value)."%' ";
		$searchinmodules.="or UPPER(phone) LIKE '%".strtoupper($value)."%' ";
	}
	$searchinmodules=' where ('.substr($searchinmodules, 2).')';
}
$del = $_POST['list'];
if (isset($del)) 
	foreach ($del as &$delv)
		{
		if ($delv>1) {
			$sql1="select * from {$pref}db_pic where id_type={$id_modules} and id_el={$delv} ";
			$query1=mysql_query($sql1);
			if ($query1 && mysql_num_rows($query1)>0)
				while ($res1=mysql_fetch_array($query1)) {
					$pic=$res1['pic'];
					unlink("{$_SERVER['DOCUMENT_ROOT']}/files/images/{$id_modules}/{$pic}");
					unlink("{$_SERVER['DOCUMENT_ROOT']}/files/images/{$id_modules}/mcith/mcith_{$pic}");
				}
			mysql_query("delete from {$pref}db_pic where id_type={$id_modules} and id_el={$delv}");
			mysql_query("delete from {$pref}db_{$modul} where id={$delv}");
			}
		}
if (isset($_GET['sort'])) $_SESSION['sort'] = $_GET['sort'];
if (isset($_SESSION['sort'])) $sort = $_SESSION['sort'];
if (strpos($mod_ver,substr($sort,0,2))===false)
$sort = 'id';
mysql_query("delete from {$pref}db_{$modul} where status=-1");
$lim=30;
if (isset($_GET['p'])) $p=$_GET['p']; else {$p=1;$_GET['p']=1;}
$o=$p*$lim-$lim;

$d1= time();
$d1=$d1-2592000;
$d1 = date('Y-m-d H:i:s',$d1);
$sql="select * from {$pref}db_{$modul} where status=1 order by id";
$query=mysql_query($sql);
if ($query && mysql_num_rows($query)>0)
	while ($inf = mysql_fetch_array($query)){
		$sql1="select * from {$pref}db_session where user='{$inf['id']}' and date>='{$d1}'";
		$query1 = mysql_query($sql1);
		if (mysql_num_rows($query1)==0)
			mysql_query("update {$pref}db_{$modul} set status=2 where id='{$inf['id']}'");
	}

$query=mysql_query("select * from {$pref}db_{$modul} {$searchinmodules} order by {$sort} limit $o,$lim");
$total=mysql_num_rows(mysql_query("select * from {$pref}db_{$modul} {$searchinmodules}"));
$m_title="Пользователи";
$body="
<table class='tablesorter' cellspacing='0'>
	<thead> 
	<tr>
		<th>ID</th>
		<th>ФИО/Ник</th>
		<th>Тип</th>
		<th>Статус</th>
		<td>Удалить<input type='checkbox' class='selectdelete'></td>
	</tr>	
	</thead> 	
	<tbody> 
";
while ($res=mysql_fetch_array($query, MYSQL_ASSOC))
{
$body.="
	<tr>
		<td>";if (getUserType()==2 || $_SESSION['user_id']==$res['id']) $body.="<a href='edit.materials.php?id_material={$res['id']}'>";$body.="{$res['id']}</td>
		<td>";if (getUserType()==2 || $_SESSION['user_id']==$res['id']) $body.="<a href='edit.materials.php?id_material={$res['id']}'>"; if (!empty($res['name'])) $body.=$res['name']; else $body.=$res['nik'];$body.="</td>
		<td>";if (getUserType()==2 || $_SESSION['user_id']==$res['id']) $body.="<a href='edit.materials.php?id_material={$res['id']}'>";$body.="{$type_user[$res['type']]}</td>
		<td><span class='hid'>{$res['status']}</span>";if (getUserType()==2 || $_SESSION['user_id']==$res['id']) $body.="<a class='statmat' id='_{$modul}-{$res['id']}-{$res['status']}' >
		<img src='{$pt}/{$cmspatch}/templates/img/{$res['status']}.gif' /></a>";$body.="</td>
		<td>";if (getUserType()==2 || $_SESSION['user_id']==$res['id']) $body.="<input type='checkbox' onclick='check();' name='list[]' class='listdelete' value='{$res['id']}' />";$body.="</td>
	</tr>";
}
$body.="
	</tbody> 
</table>
";
$body1="";
$body1.="
	<form method='POST' acction='' class='modulForm' >
	</form>
	<form name='sub' id='sub' class='userInform' action='' method='POST'>
	<fieldset class='left'>
	<label>Тип*</label>
	<select name='subustype' id='subustype' class='validate[required]'>
	<option value=''>--</option>
	<option value='0'>Пользователь</option>
	<option value='1'>Модератор</option>
	<option value='2'>Администратор</option>
	</select></fieldset>
	<fieldset class='right'>
	<label>Группа</label>
	<select name='subusgroup'>
	<option value='0' >--</option>";
	foreach ($user_group as $key => $value) {
		$body1.="<option value='".($key+1)."' >".$value."</option>";
	}
	$body1.="
	</select></fieldset><div class='clear'></div>
	<fieldset class='left'>
	<label>Обратный E-mail*</label>
	<input type='text' name='email' id='email' value='".getUser($_SESSION['user_id'],'email')."' class='validate[required]'></fieldset>
	<fieldset class='right'>
	<label>Отправить личное сообщение</label><br><br>
	&nbsp;<input type='checkbox' name='sublc' value='1'></fieldset><div class='clear'></div>
	<fieldset>
	<label>Тема*</label>
	<input type='text' name='subsubj' id='subsubj' class='validate[required]'></fieldset><div class='clear'></div>
	<fieldset>
	<label>Сообщение*</label>
	<textarea name='subtext'  id='elm1' class='validate[required]' style='height:400px;width:97%;float:left;'></textarea></fieldset><div class='clear'></div>
	<input type='submit' name='subsend'/>
	</form>
	";
if (isset($_POST['subsend'])){
	$message = "
	  <html>
	    <head>
	      <title>".$_POST['subsubj']."</title>
	    </head>
	    <body>
	      ".$_POST['subtext']."
	    </body>
	  </html>
	";
	$mail = new PHPMailer();
	$mail->From     = $_POST['email'];
	$mail->FromName = $s_title;
	$mail->CharSet  = "UTF-8";
	$mail->Subject  = $_POST['subsubj'];
	$mail->MsgHTML( $message );
	$sql1="select * from {$pref}db_users where `subscription`='1' and `type`='{$_POST['subustype']}' and `group`='{$_POST['subusgroup']}' and `confirm`='1'";
	$query1=mysql_query($sql1);
	if ($query1 && mysql_num_rows($query1)>0){
		while ($res1=mysql_fetch_array($query1)) {
			$mail->AddAddress( $res1['email'] );
			if ($_POST['sublc']=='1') mysql_query("insert into {$pref}db_users_mes set `user`='{$res1['id']}',`user_from`='{$_SESSION['user_id']}',`title`='{$_POST['subsubj']}',`text`='{$_POST['subtext']}',`date`=NOW()");
		}
		$mail->Send();
		$subscribesend='<h4 class="alert_success">Сообщение отправлено</h4>';
	} else $subscribesend='<h4 class="alert_error">Сообщение не отправлено</h4>';
}
?>
<script>
$(document).ready(function(){
$('.modulForm').submit(function(){
	if (!confirm("Уверены, что хотите внести изменения?"))
		return false;
})
});
</script>
<form method='POST' acction='' class='modulForm' >
<? if (isset($_POST['sf'])){?><h4 class="alert_success">Сохранено</h4><?}?>
<?=$subscribesend?>
<article class="module width_full">
<header><h3 class="tabs_involved"><?=$m_title?></h3>
		<ul class="tabs">
   			<li><a href="#tab1">Список</a></li>
   			<li><a href="#tab2">Рассылка</a></li>
		</ul>
</header>
		<div class="tab_container">
			<div id="tab1" class="tab_content">
			<?=$body?>
			</div>
		</div>
		<div class="module_content">
			<div id="tab2" class="tab_content">
			<?=$body1?>
			</div>
		</div>
<footer>
				<div class="submit_link fl">
					<? paging_m($total,$lim,$p);?>
				</div>
				<div class="submit_link">
					<input type='submit' value='Сохранить' name='sf' />
				</div>
			</footer>
</article>
</form>

<? include "../../inc/footer_m.php"; ?>