2026-05-22 20:21:54 +02:00
< ? php
class User {
2026-07-06 12:54:07 +02:00
public $id ;
public $manager ;
public $manager_users ;
public $use_advert_budget ;
public $agency ;
2026-05-22 20:21:54 +02:00
// Делаю свойства публичными и с сохранением имени, т.к. в коде они много где используется без объявления
public $agencyName ;
public $phoneAgency ;
public $last_name ;
public $first_name ;
public $middle_name ;
public $phone ;
2026-07-06 12:54:07 +02:00
public $phone2 ;
public $role_developer ;
public $api ;
2026-05-22 20:21:54 +02:00
private $_serverPath = " /server/php/files/docs " ;
private $_serverUserpicPath = " /photos/agency " ;
private $_allowedFileTypes = [
" doc " , " docx " , " xls " , " xlsx " , " pdf " ,
" jpeg " , " jpg " , " gif " , " png "
];
private $_user_can = [
'autosearch' => false ,
'object-fields' => false ,
'advert-stats' => false
];
public function getId ()
{
return $this -> id ;
}
public function getAgencyName ()
{
return " Агентство недвижимости . " . $this -> agencyName ;
}
public function getAgencyPhone ()
{
return $this -> phoneAgency ;
}
public function getFullName ()
{
return trim ( $this -> last_name . ' ' . $this -> first_name . ' ' . $this -> middle_name );
}
public function getPhone ()
{
return $this -> phone ;
}
2026-07-06 12:54:07 +02:00
public function get ( $id , $add_info = false , $add_budget = false ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT *,
2026-05-22 20:21:54 +02:00
IF ( birthday , DATE_FORMAT ( birthday , '%d.%m.%Y' ), NULL ) as birthday
FROM users WHERE id = $id " ;
2026-07-06 12:54:07 +02:00
if ( $rez = mysql_query ( $sql )) {
if ( mysql_num_rows ( $rez )) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$user = mysql_fetch_assoc ( $rez );
foreach ( $user as $k => $v ) {
$this -> $k = $v ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$departmentClass = new Department ;
$departmentUser = $departmentClass -> getDepartment ( $id );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $departmentUser [ 'role' ] == 'manager_office' || $departmentUser [ 'role' ] == 'manager_office_menager' ) {
$this -> manager = $_SESSION [ 'manager' ] = 1 ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$this -> agencyId = $id ;
$this -> agencyEgrnRequestCount = 0 ;
$this -> agencyAntiznakRequestCount = 0 ;
2026-05-22 20:21:54 +02:00
$this -> agencyEnableWazzap = $user [ 'enable_wazzap' ];
2026-07-06 12:54:07 +02:00
$this -> agencyName = null ;
$this -> manager_users = null ;
2026-05-22 20:21:54 +02:00
if ( $user [ 'role_developer' ]) {
// застройщик
$this -> role_developer = $_SESSION [ 'role_developer' ] = 1 ;
} else {
$this -> role_developer = $_SESSION [ 'role_developer' ] = 0 ;
}
2026-07-06 12:54:07 +02:00
$this -> fio = trim ( $user [ 'last_name' ] . ' ' . $user [ 'first_name' ] . ' ' . $user [ 'middle_name' ]);
if ( $user [ 'id_manager' ] == 0 && $user [ 'agency' ] == 0 ) {
// частник
$this -> individual = $_SESSION [ 'individual' ] = 1 ;
} else {
$this -> individual = $_SESSION [ 'individual' ] = 0 ;
}
if ( isset ( $user [ 'phone2' ]))
$this -> phone2 = $user [ 'phone2' ];
if ( $user [ 'id_manager' ]) {
$thisIdManager = $user [ 'id_manager' ];
if ( $departmentUser [ 'role' ] == 'manager_office_menager' || $departmentUser [ 'role' ] == 'agent' ) {
if ( $departmentUser [ 'admin' ] > 0 ) {
$thisIdManager = $departmentUser [ 'admin' ];
}
}
$sql = " SELECT * FROM users WHERE id= $thisIdManager " ;
$rez = mysql_query ( $sql );
$manager = mysql_fetch_assoc ( $rez );
if ( $manager [ 'id_manager' ]) {
$agency = mysql_fetch_assoc ( mysql_query ( " SELECT * FROM users WHERE id= $manager[id_manager] " ));
if ( $agency [ 'id_manager' ]) {
$agency = mysql_fetch_assoc ( mysql_query ( " SELECT * FROM users WHERE id= $agency[id_manager] " ));
}
} else {
$agency = $manager ;
}
$this -> photo = $agency [ 'photo' ];
$this -> agencyId = $agency [ 'id' ];
$this -> agencyZipalLogin = $agency [ 'zipal_login' ];
$this -> agencyZipalPassword = $agency [ 'zipal_password' ];
$this -> agencyZipalBalance = $agency [ 'zipal_balance' ];
$this -> agencyEgrnRequestCount = $agency [ 'egrn_request_count' ];
$this -> agencyEnableWazzap = $agency [ 'enable_wazzap' ];
if ( $agency [ 'id' ] != 12061 ){
$this -> agencyAntiznakRequestCount = $agency [ 'antiznak_request_count' ];
} else if ( $user [ 'id' ] == 12653 || $user [ 'id' ] == 12093 ) {
$this -> agencyAntiznakRequestCount = $agency [ 'antiznak_request_count' ];
}
if ( isset ( $agency [ 'agency_name' ])) {
$this -> agencyName = $agency [ 'agency_name' ];
} else if ( isset ( $user [ 'agency_name' ])) {
$this -> agencyName = $user [ 'agency_name' ];
}
$this -> phoneAgency = empty ( $agency [ 'phoneAgency' ]) ? $agency [ 'phone' ] : $agency [ 'phoneAgency' ];
$this -> sitename = $agency [ 'sitename' ];
$this -> site = $agency [ 'site' ];
$this -> adres = $agency [ 'adres' ];
} else {
if ( isset ( $user [ 'agency_name' ])) {
$this -> agencyName = $user [ 'agency_name' ];
} else {
$this -> agencyName = null ;
}
}
if ( $this -> manager > 0 ) { // Список пользователей в подчинении у менеджера
$agents = self :: getAgentsOfManager ( $id , false );
if ( ! empty ( $agents ) && is_array ( $agents )) {
$this -> manager_users = [];
foreach ( $agents as $agent ) {
$this -> manager_users [] = ( int ) $agent [ 'id' ];
}
}
}
if ( isset ( $user [ 'agency' ]) && $user [ 'agency' ]) {
$this -> director = trim ( $user [ 'last_name' ] . ' ' . $user [ 'first_name' ] . ' ' . $user [ 'middle_name' ]);
if ( isset ( $user [ 'agency_name' ]))
$this -> fio = $user [ 'agency_name' ];
}
$this -> gmtmsk = ( int ) $user [ 'gmtmsk' ];
// Добавляем инфо о паспортных данных
if ( $add_info ) {
$sql1 = " SELECT *,
2026-05-22 20:21:54 +02:00
IF ( passport_date , DATE_FORMAT ( passport_date , '%d.%m.%Y' ), NULL ) as passport_date
FROM `users_info` WHERE user_id = $id " ;
2026-07-06 12:54:07 +02:00
$rez1 = mysql_query ( $sql1 );
if ( mysql_num_rows ( $rez1 )) {
$info = mysql_fetch_assoc ( $rez1 );
foreach ( $info as $k => $v ) {
$this -> $k = $v ;
}
}
$this -> files = [];
$sql2 = " SELECT * FROM `users_files` WHERE user_id= $id " ;
$rez2 = mysql_query ( $sql2 );
if ( mysql_num_rows ( $rez2 )) {
while ( $file = mysql_fetch_assoc ( $rez2 )) {
$this -> files [] = $file ;
}
}
}
// Добавляем инфо о рекламном бюджете
if ( $add_budget ) {
$advert_budgets = new AdvertBudgets ();
$budget = $advert_budgets -> getAdvertBudget ( $id );
$this -> advert_budget = [
'avito' => $budget [ 'avito' ],
'avito_unlimited' => $budget [ 'avito_unlimited' ],
'avito_available' => $budget [ 'avito_available' ],
'cian' => $budget [ 'cian' ],
'cian_unlimited' => $budget [ 'cian_unlimited' ],
'cian_available' => $budget [ 'cian_available' ],
'domclick' => $budget [ 'domclick' ],
'domclick_unlimited' => $budget [ 'domclick_unlimited' ],
'domclick_available' => $budget [ 'domclick_available' ],
'jcat' => $budget [ 'jcat' ],
'jcat_unlimited' => $budget [ 'jcat_unlimited' ],
'jcat_available' => $budget [ 'jcat_available' ],
'yandex' => $budget [ 'yandex' ],
'yandex_unlimited' => $budget [ 'yandex_unlimited' ],
'yandex_available' => $budget [ 'yandex_available' ],
'personal' => $budget [ 'personal' ],
'total' => $budget [ 'total' ],
'amount' => $budget [ 'amount' ],
'balance' => $budget [ 'balance' ],
'do_not_reinit_monthly' => $budget [ 'do_not_reinit_monthly' ],
];
}
} else {
return false ;
}
}
}
public function can ( $permission , $user_id = null ) {
2026-05-22 20:21:54 +02:00
if ( is_null ( $user_id ))
$user_id = $_SESSION [ 'id' ];
$this -> checkPermissions ( $user_id );
if ( isset ( $this -> _user_can [ $permission ])) {
if ( boolval ( $this -> _user_can [ $permission ]) === true ) {
return true ;
}
return false ;
}
if ( isset ( $_SESSION [ 'user_can' ][ $permission ])) {
if ( boolval ( $_SESSION [ 'user_can' ][ $permission ]) === true ) {
return true ;
}
return false ;
}
2026-07-06 12:54:07 +02:00
return false ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function getMyManagers (){
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$searchUserId = $_SESSION [ 'id' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_SESSION [ 'users_admin' ]) {
$searchUserId = $this -> agencyId ;
} else {
$departmentClass = new Department ;
$departmentUser = $departmentClass -> getDepartment ( $_SESSION [ 'id' ]);
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $departmentUser [ 'role' ] == 'manager_office' ){
$searchUserId = $departmentUser [ 'admin' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
if ( $departmentUser [ 'role' ] == 'manager_office_menager' ){
$searchUserId = $this -> id_manager ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM users WHERE manager=1 AND id_manager= $searchUserId AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$managers = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $manager = mysql_fetch_assoc ( $rez )) $managers [] = $manager ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $managers ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function getAgentsOfManager ( $id_manager , $only_active = false ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $id_manager )
return [];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT *, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users WHERE manager=0 AND id_manager= $id_manager " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $only_active )
$sql .= " AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agents = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $manager = mysql_fetch_assoc ( $rez )) $agents [] = $manager ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $agents ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function getAgentsOfManagers ( $id_manager , $only_active = false ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $id_manager )
return [];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM users WHERE manager=1 AND id_manager= $id_manager " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $only_active )
$sql .= " AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agents = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $manager = mysql_fetch_assoc ( $rez )) $agents [] = $manager ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $agents ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function getAgentsOfAgency ( $id_manager , $only_active = false ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $id_manager )
return [];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM users WHERE manager=0 AND id_manager= $id_manager " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $only_active )
$sql .= " AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agents = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $manager = mysql_fetch_assoc ( $rez )) $agents [] = $manager ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $agents ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function whoWork ( $id ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $id )
return [];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql_who_work = " SELECT * FROM clients WHERE who_work = $id " ;
$rez_who_work = mysql_query ( $sql_who_work );
$who_work = mysql_fetch_assoc ( $rez_who_work );
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function getMyUsers ( $self_include = false ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$result = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_GET [ 'moder' ]) {
$str_url_add = " moder=0 " ; $bd_usl = " moder=0 " ;
} else $bd_usl = " moder=1 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_GET [ 'blocked' ]) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$bd_usl .= " AND blocked=1 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$str_url_add = " blocked=1 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} else $bd_usl .= " AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_GET [ 'search' ]) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$bd_usl .= " AND (users.agency_name LIKE '% $_GET[search] %' OR users.first_name LIKE '% $_GET[search] %' OR users.last_name LIKE '% $_GET[search] %' OR users.middle_name LIKE '% $_GET[search] %' OR users.phone LIKE '% $_GET[search] %' OR users.email LIKE '% $_GET[search] %') " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$str_url_add = " search= " . $_GET [ 'search' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$searchUserId = $_SESSION [ 'id' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_SESSION [ 'users_admin' ] || $_SESSION [ 'id' ] == 5817 || $_SESSION [ 'id' ] == 20293 || $_SESSION [ 'id' ] == 22915 ) {
$searchUserId = $this -> agencyId ;
} else {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$departmentClass = new Department ;
$departmentUser = $departmentClass -> getDepartment ( $_SESSION [ 'id' ]);
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $departmentUser [ 'role' ] == 'manager_office' ){
$searchUserId = $departmentUser [ 'admin' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
if ( $departmentUser [ 'role' ] == 'manager_office_menager' ){
$searchUserId = $this -> id_manager ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT id FROM users WHERE id_manager = $searchUserId AND manager = 1 " ;
$mmid [] = " users.id_manager = $searchUserId " ;
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$menedgers = array ();
while ( $mm = mysql_fetch_row ( $rez )) {
$mmid [] = " users.id_manager = " . $mm [ 0 ];
$menedgers [] = $mm [ 0 ];
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
//отделы для агенства
2026-05-22 20:21:54 +02:00
if ( $_SESSION [ 'agency' ] == 1 || $_SESSION [ 'users_admin' ] == 1 ) {
$sql_dep = " SELECT id FROM `departments` where agency_id = " . $this -> agencyId ;
$q_dep = mysql_query ( $sql_dep );
while ( $r_dep = mysql_fetch_assoc ( $q_dep )){
$rez_dep = mysql_query ( " SELECT id FROM users WHERE department_id= $r_dep[id] AND manager=1 " );
while ( $mm_dep = mysql_fetch_row ( $rez_dep )) {
if ( ! in_array ( $mm_dep [ 0 ], $menedgers )){
$mmid [] = " users.id_manager = " . $mm_dep [ 0 ];
$menedgers [] = $mm_dep [ 0 ];
}
}
}
}
2026-07-06 12:54:07 +02:00
$bd_usl .= $bd_usl_managers = " AND ( " . implode ( " OR " , $mmid ) . " ) " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql22 = " SELECT online.id_user FROM online, users WHERE online.id_user=users.id AND id_user<> $_SESSION[id] $bd_usl_managers " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql22 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$result [ 'online' ] = mysql_num_rows ( $rez );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $onl = mysql_fetch_assoc ( $rez )) $onln [] = " users.id = " . $onl [ 'id_user' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$bd_usl_online = " AND ( " . implode ( " OR " , $onln ) . " ) " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_GET [ 'online' ]) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$bd_usl .= $bd_usl_online ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$str_url_add = " online=1 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$result [ 'str_url_add' ] = $str_url_add ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$kol_on_page = 20 ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql_count = " SELECT COUNT(*) FROM users WHERE id<> $_SESSION[id] AND $bd_usl " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$result [ 'vsego' ] = $vsego = mysql_result ( mysql_query ( $sql_count ), 0 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql_count_active = " SELECT COUNT(*) FROM users WHERE id<> $_SESSION[id] $bd_usl_managers AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$result [ 'active' ] = mysql_result ( mysql_query ( $sql_count_active ), 0 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
//$sql_count_online = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_online AND blocked=0";
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
//$result['online'] = mysql_result(mysql_query($sql_count_online),0);
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql_count_blocked = " SELECT COUNT(*) FROM users WHERE id<> $_SESSION[id] $bd_usl_managers AND blocked=1 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$result [ 'blocked' ] = mysql_result ( mysql_query ( $sql_count_blocked ), 0 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$all_pages = ceil ( $vsego / $kol_on_page );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_GET [ 'page' ]) $page = $_GET [ 'page' ]; else $page = 1 ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$ot = ( $page - 1 ) * $kol_on_page ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT *, DATE_FORMAT(date_reg,'%d.%m.%Y %H:%i') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $self_include ) {
$sql .= " WHERE users.id = $_SESSION[id] OR ( $bd_usl ) " ;
} else {
$sql .= " WHERE users.id <> $_SESSION[id] AND $bd_usl " ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql .= " ORDER BY users.manager desc, users.id DESC " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( isset ( $_GET [ 'dev' ]))
echo $sql ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $users = mysql_fetch_assoc ( $rez )) $result [ 'users' ][] = $users ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $result ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function del ( $id ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM users WHERE id= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$manager = mysql_fetch_assoc ( $rez );
2026-05-22 20:21:54 +02:00
$userDel = new User ;
$userDel -> get ( $id );
2026-07-06 12:54:07 +02:00
2026-05-22 20:21:54 +02:00
$user_del = array ();
2026-07-06 12:54:07 +02:00
$arrayCanKey = [ 'pwd' , 'email' , 'last_name' , 'first_name' , 'middle_name' , 'moder' , 'phone' , 'last_auth' , 'agent' , 'id_manager' , 'date_reg' , 'is_pwd' , 'date_tarif' , 'birthday' , 'telegramm_chat_id' , 'telegramm_notice' , 'telegramm_date' , 'region_rf_id' , 'agency' , 'manager' ];
2026-05-22 20:21:54 +02:00
foreach ( $manager as $key => $val ){
if ( $key != 'id' && ! empty ( $val ) && in_array ( $key , $arrayCanKey )){
$user_del [] = " ` " . $key . " ` = ' " . $val . " ' " ;
}
}
$sql_in = " INSERT INTO users_delete SET " . implode ( ',' , $user_del ) . " , agency_id = " . $userDel -> agencyId . " , user_id = { $id } " ;
file_put_contents ( $_SERVER [ " DOCUMENT_ROOT " ] . " /callevents/user.txt " , " 1. " . print_r ( $sql_in , true ) . " \n " , FILE_APPEND );
mysql_query ( $sql_in );
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM users WHERE id= $id " ;
$rez = mysql_query ( $sql );
if ( $manager [ 'id_manager' ] > 0 ) {
$sql = " UPDATE users SET id_manager= $manager[id_manager] WHERE id_manager= $id " ;
mysql_query ( $sql );
} else {
$sql = " SELECT id FROM users WHERE id_manager= $id " ;
$rez = mysql_query ( $sql );
while ( $us = mysql_fetch_assoc ( $rez )) {
User :: del ( $us [ 'id' ]);
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM views WHERE id_user= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM sended_pdf WHERE id_agent= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM online WHERE id_user= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM objects WHERE id_user= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM favor WHERE id_user= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
// осиротевшие персональные листинг-данные ушедшего (избранное/просмотры/потенциальные) — гигиена
mysql_query ( " DELETE FROM external_listing_favorites WHERE user_id= $id " );
mysql_query ( " DELETE FROM external_listing_views WHERE user_id= $id " );
mysql_query ( " DELETE FROM external_listing_potential WHERE user_id= $id " );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM clients WHERE id_agent= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM user_client_events WHERE user_id= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM user_object_events WHERE user_id= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
// Открытые задачи листингов ушедшего передаём е г о менеджеру (исполнитель ушёл — кто-то живой должен закрыть);
// авторство (from_id) Н Е трогаем; выполненные/заметки/комменты остаются за автором (видны через users_delete-scope).
if ( $manager [ 'id_manager' ] > 0 ) {
mysql_query ( " UPDATE external_listing_events SET user_id = " . ( int ) $manager [ 'id_manager' ] . " WHERE user_id = $id AND calendar_view = 0 " );
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
//удаляем из чата и данные в таблице настроек
RocketChat :: deleteChatUser ( $id );
$sql = " DELETE FROM chat_settings_user WHERE user_id= $id " ;
$rez = mysql_query ( $sql );
}
2026-05-22 20:21:54 +02:00
public static function deleteWithRebindClient ( $newIdAgent , $id , $newWhoWork , $newWhoWorkObj , $newWhoWorkReq , $managerId ) {
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM users WHERE id= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$manager = mysql_fetch_assoc ( $rez );
2026-05-22 20:21:54 +02:00
$userDel = new User ;
$userDel -> get ( $id );
2026-07-06 12:54:07 +02:00
2026-05-22 20:21:54 +02:00
$user_del = array ();
2026-07-06 12:54:07 +02:00
$arrayCanKey = [ 'pwd' , 'email' , 'last_name' , 'first_name' , 'middle_name' , 'moder' , 'phone' , 'last_auth' , 'agent' , 'id_manager' , 'date_reg' , 'is_pwd' , 'date_tarif' , 'birthday' , 'telegramm_chat_id' , 'telegramm_notice' , 'telegramm_date' , 'region_rf_id' , 'agency' , 'manager' ];
2026-05-22 20:21:54 +02:00
foreach ( $manager as $key => $val ){
if ( $key != 'id' && ! empty ( $val ) && in_array ( $key , $arrayCanKey )){
$user_del [] = " ` " . $key . " ` = ' " . $val . " ' " ;
}
}
2026-07-06 12:54:07 +02:00
2026-05-22 20:21:54 +02:00
$sql_in = " INSERT INTO users_delete SET " . implode ( ',' , $user_del ) . " , agency_id = " . $userDel -> agencyId . " , user_id = { $id } " ;
file_put_contents ( $_SERVER [ " DOCUMENT_ROOT " ] . " /callevents/user.txt " , print_r ( $sql_in , true ) . " \n " , FILE_APPEND );
mysql_query ( $sql_in );
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM users WHERE id= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $manager [ 'id_manager' ] > 0 ) {
$sql = " UPDATE users SET id_manager= $manager[id_manager] WHERE id_manager= $id " ;
mysql_query ( $sql );
} else {
$sql = " SELECT id FROM users WHERE id_manager= $id " ;
$rez = mysql_query ( $sql );
while ( $us = mysql_fetch_assoc ( $rez )) {
User :: deleteWithRebindClient ( $newIdAgent , $us [ 'id' ], $newWhoWork , $newWhoWorkObj , $newWhoWorkReq , $managerId );
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM views WHERE id_user= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM sended_pdf WHERE id_agent= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM online WHERE id_user= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " DELETE FROM favor WHERE id_user= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
// осиротевшие персональные листинг-данные ушедшего (избранное/просмотры/потенциальные) — гигиена
mysql_query ( " DELETE FROM external_listing_favorites WHERE user_id= $id " );
mysql_query ( " DELETE FROM external_listing_views WHERE user_id= $id " );
mysql_query ( " DELETE FROM external_listing_potential WHERE user_id= $id " );
$confirm = 0 ;
if ( $newWhoWork == $_SESSION [ 'id' ]){
$confirm = 1 ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE clients SET who_work= $newWhoWork , confirm= $confirm , id_agent= $newIdAgent WHERE who_work= $id AND deleted = 0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE clients SET who_work= $newWhoWork , confirm=1, id_agent= $newIdAgent WHERE who_work= $id AND deleted = 1 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
// перенос всех событий тому, кому отдаем клиентов
$sql = " UPDATE user_client_events SET user_id= $newWhoWork WHERE user_id= $id AND client_id>0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
// перенос всех событий менеджеру или агентству
$sql = " UPDATE user_object_events SET user_id= $managerId WHERE user_id= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
// Открытые задачи листингов — тому же менеджеру (как own-object события выше); авторство (from_id) сохраняем
mysql_query ( " UPDATE external_listing_events SET user_id= $managerId WHERE user_id= $id AND calendar_view = 0 " );
2026-05-22 20:21:54 +02:00
//Заявки
2026-07-06 12:54:07 +02:00
$sql = " UPDATE requisitions SET who_work= $newWhoWorkReq , confirm= $confirm , user_id= $newIdAgent WHERE who_work= $id AND deleted = 0 " ;
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE requisitions SET who_work= $newWhoWorkReq , confirm=1, user_id= $newIdAgent WHERE who_work= $id AND deleted = 1 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
// перенос всех событий тому, кому отдаем заявки
$sql = " UPDATE user_client_events SET user_id= $newWhoWorkReq WHERE user_id= $id AND req_id>0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sqlNewObjUser = " SELECT * FROM users WHERE id= $newWhoWorkObj " ;
$rezNewObjUser = mysql_query ( $sqlNewObjUser );
$newObjUser = mysql_fetch_assoc ( $rezNewObjUser );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$phone = $newObjUser [ 'phone' ];
$num_search = User :: num_search ( $newObjUser [ 'phone' ]);
$sobstv = trim ( $newObjUser [ 'last_name' ] . ' ' . $newObjUser [ 'first_name' ] . ' ' . $newObjUser [ 'middle_name' ]);
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $newObjUser [ 'agency' ] == 0 ) {
$sql = " SELECT * FROM users WHERE id= $newObjUser[id_manager] " ;
$rez = mysql_query ( $sql );
$manager = mysql_fetch_assoc ( $rez );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $manager [ 'id_manager' ]) {
$agency = mysql_fetch_assoc ( mysql_query ( " SELECT * FROM users WHERE id= $manager[id_manager] " ));
} else {
$agency = $manager ;
}
if ( $agency ) {
$sobstv = $sobstv . " , агентство " . $agency [ 'agency_name' ];
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$webHookIn = new WebHookIn ( null , $userDel -> agencyId );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$is_send_webhook = $webHookIn -> check_hook ( 'object_update' , 'object' );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $is_send_webhook ){
$webHookIn -> save_webhook_cron_many ( $_SESSION [ 'id' ], $id , $newWhoWorkObj );
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$dataWhook = array ( 'action' => 'employee_delete' , 'employee_id' => $id , 'section' => 'employee' , 'user_id' => $_SESSION [ 'id' ], 'agency_id' => $userDel -> agencyId );
$webHookIn -> check_send ( $dataWhook );
// перенос всех объектов
$sql = " UPDATE objects SET is_main = 0, id_add_user= $newWhoWorkObj , phone = ' $phone ', phone_search = ' $num_search ', sobstv = ' $sobstv ' WHERE id_add_user= $id " ;
$rez = mysql_query ( $sql );
//Запись переноса в сфинкс
$db_sphinx = new MysqlPdo ( hstsph2 , null , null , null , true , '9306' );
$sql = " UPDATE objects SET id_add_user= $newWhoWorkObj , phone_search = ' $num_search ' WHERE id_add_user= $id " ;
$db_sphinx -> query ( $sql , true );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
// перенос Зипал
$sql = " UPDATE zipal_objects SET user_id= $newWhoWorkObj , send_to_update=1 WHERE object_id in (SELECT id from objects where id_add_user= $id ) " ;
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sqlPack = " UPDATE advertising_package_object_publish SET send_to_update = '1', error_when_send_to_update = '' WHERE object_id in (SELECT id from objects where id_add_user= $id ) " ;
mysql_query ( $sqlPack );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
// в передаче объектов затираем передачи, которые адресованы удаляемому пользователю
$sql = " UPDATE objects_to_send SET accept_state='REJECTED', accept_date=NOW() WHERE new_user_id= $id " ;
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
// переносим комменты
$sqlObjN = " UPDATE object_notes SET created_by= $newWhoWorkObj WHERE created_by= $id " ;
mysql_query ( $sqlObjN );
2026-07-06 12:54:07 +02:00
//удаляем из чата и данные в таблице настроек
RocketChat :: deleteChatUser ( $id );
$sql = " DELETE FROM chat_settings_user WHERE user_id= $id " ;
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
}
public static function num_search ( $num ) {
2026-07-06 12:54:07 +02:00
$num_search = str_replace ( " + " , " " , $num );
$num_search = str_replace ( " ( " , " " , $num_search );
$num_search = str_replace ( " ) " , " " , $num_search );
$num_search = str_replace ( " " , " " , $num_search );
$num_search = str_replace ( " - " , " " , $num_search );
$num_search = trim ( $num_search );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( mb_strlen ( $num_search ) > 7 )
$num_search = mb_substr ( $num_search , 1 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $num_search ;
2026-05-22 20:21:54 +02:00
}
public function checkPermissions ( $userID = false , $useRedirect = true ) {
if ( $userID === false && isset ( $_SESSION [ 'id' ])) {
2026-07-06 12:54:07 +02:00
$userId = $_SESSION [ 'id' ];
2026-05-22 20:21:54 +02:00
} else if ( isset ( $userID )) {
2026-07-06 12:54:07 +02:00
$userId = $userID ;
2026-05-22 20:21:54 +02:00
} else {
2026-07-06 12:54:07 +02:00
if ( $useRedirect )
$this -> quit ( " ИД пользователя не указан " , $useRedirect );
else
return [ 'error' => " ИД пользователя не указан " ];
2026-05-22 20:21:54 +02:00
}
$sql = " SELECT users.*, online.ip, online.user_agent FROM users,online WHERE users.id=online.id_user AND users.id= $userId " ;
$rez = mysql_query ( $sql );
$users = mysql_fetch_assoc ( $rez );
if ( $useRedirect && ! $users )
$this -> quit ( " Пользователь не авторизован " , $useRedirect );
else if ( ! $users )
2026-07-06 12:54:07 +02:00
return [ 'error' => " Пользователь не авторизован " ];
2026-05-22 20:21:54 +02:00
if ( $useRedirect && $users [ 'blocked' ])
$this -> quit ( " Ваш аккаунт заблокирован " , $useRedirect );
2026-07-06 12:54:07 +02:00
else if ( $users [ 'blocked' ])
return [ 'error' => " Ваш аккаунт заблокирован " ];
2026-05-22 20:21:54 +02:00
/* if ( $users [ 'ip' ] != $_SERVER [ 'REMOTE_ADDR' ] || $users [ 'user_agent' ] != $_SERVER [ 'HTTP_USER_AGENT' ]) {
if ( $useRedirect )
$this -> quit ( " Сессия завершена. Авторизуйтесь заново. Если проблема повторяется, возможно ваш аккаунт используется другим человеком. " , $useRedirect );
else
return [ 'error' => " Сессия завершена. Авторизуйтесь заново. Если проблема повторяется, возможно ваш аккаунт используется другим человеком. " ];
} */
$tarif = new \Tarif ;
$this -> agencyId = $userId ;
$this -> show_zipal_balance = $users [ 'show_zipal_balance' ];
$this -> zipal_balance = $users [ 'zipal_balance' ];
$this -> agencyEgrnRequestCount = 0 ;
2026-07-06 12:54:07 +02:00
$this -> agencyAntiznakRequestCount = 0 ;
$this -> agencyEnableWazzap = $users [ 'enable_wazzap' ];
2026-05-22 20:21:54 +02:00
$departmentClass = new Department ;
$departmentUser = $departmentClass -> getDepartment ( $userId );
$payForTariff = false ;
if ( $users [ 'id_manager' ]) {
$id_menager = $users [ 'id_manager' ];
if ( $departmentUser [ 'role' ] == 'manager_office_menager' || $departmentUser [ 'role' ] == 'agent' ) {
if ( $departmentUser [ 'admin' ] > 0 ) {
$id_menager = $departmentUser [ 'admin' ];
}
}
$agency = new User ;
$agency -> get ( $id_menager );
if ( $agency -> id_manager ) {
2026-07-06 12:54:07 +02:00
$agency -> get ( $agency -> id_manager );
if ( $agency -> id_manager ) {
$agency -> get ( $agency -> id_manager );
}
}
2026-05-22 20:21:54 +02:00
$id_tarif = $agency -> id_tarif ;
$this -> agencyId = $agency -> id ;
$this -> agencyZipalLogin = $agency -> zipal_login ;
$this -> agencyZipalPassword = $agency -> zipal_password ;
$this -> agencyZipalBalance = $agency -> zipal_balance ;
$this -> agencyEgrnRequestCount = $agency -> egrn_request_count ;
2026-07-06 12:54:07 +02:00
$this -> agencyAntiznakRequestCount = $agency -> antiznak_request_count ;
$this -> agencyEnableWazzap = $agency -> enable_wazzap ;
2026-05-22 20:21:54 +02:00
$date_tarif = $agency -> date_tarif ;
if ( $agency -> date_reg < $agency -> date_tarif ) {
$payForTariff = true ;
}
if ( $userID === false ) $_SESSION [ 'photo' ] = $agency -> photo ;
} else {
$id_tarif = $users [ 'id_tarif' ];
$date_tarif = $users [ 'date_tarif' ];
$_SESSION [ 'photo' ] = $users [ 'photo' ];
if ( $users [ 'date_reg' ] < $users [ 'date_tarif' ]) {
$payForTariff = true ;
}
}
$tarif -> get ( $id_tarif );
$date_tarif = strtotime ( $date_tarif );
$date_end = $date_tarif + $tarif -> period * 3600 * 24 ;
$date_end_f = date ( " d.m.Y H:i " , $date_end );
$dney = ceil (( $date_end - time ()) / 24 / 3600 );
if ( $dney <= 0 ) {
$_SESSION [ 'pay' ] = 1 ;
$_SESSION [ 'paidEnded' ] = 0 ;
if ( $payForTariff ) {
$_SESSION [ 'paidEnded' ] = 1 ;
}
if ( $users [ 'agency' ])
$new_id_tarif = 67 ;
else
$new_id_tarif = 66 ;
if ( $id_tarif == 5 || $id_tarif == 7 ) {
$new_tarif = new Tarif ;
$new_tarif -> get ( $new_id_tarif );
$one_day_plus = $new_tarif -> period + 1 ;
mysql_query ( " UPDATE users SET test_tarif=1, date_tarif= DATE_SUB(NOW(), INTERVAL $one_day_plus DAY), id_tarif= $new_id_tarif WHERE id= $_SESSION[id] " );
}
} else {
$_SESSION [ 'pay' ] = 0 ;
$_SESSION [ 'paidEnded' ] = 0 ;
}
$_SESSION [ 'fio' ] = trim ( $users [ 'last_name' ] . ' ' . $users [ 'first_name' ] . ' ' . $users [ 'middle_name' ]);
$_SESSION [ 'first_name' ] = $users [ 'first_name' ];
$_SESSION [ 'last_name' ] = $users [ 'last_name' ];
$_SESSION [ 'middle_name' ] = $users [ 'middle_name' ];
$_SESSION [ 'phone' ] = $users [ 'phone' ];
$_SESSION [ 'email' ] = $users [ 'email' ];
if ( $users [ 'superadmin' ]) {
// Админ
$_SESSION [ 'superadmin' ] = 1 ;
} else {
$_SESSION [ 'superadmin' ] = 0 ;
}
if ( $users [ 'manager' ]) {
// менеджер
$this -> manager = $_SESSION [ 'manager' ] = 1 ;
} else {
if ( $departmentUser [ 'role' ] == 'manager_office' || $departmentUser [ 'role' ] == 'manager_office_menager' ) {
$this -> manager = $_SESSION [ 'manager' ] = 1 ;
} else {
$this -> manager = $_SESSION [ 'manager' ] = 0 ;
}
}
if ( $users [ 'id_manager' ] == 0 && $users [ 'agency' ] == 0 ) {
// частник
$this -> individual = $_SESSION [ 'individual' ] = 1 ;
} else {
$this -> individual = $_SESSION [ 'individual' ] = 0 ;
}
if ( $users [ 'agent' ]) {
// агент
$this -> agent = $_SESSION [ 'agent' ] = 1 ;
} else {
$this -> agent = $_SESSION [ 'agent' ] = 0 ;
}
if ( $users [ 'agency' ]) {
// агентство
$this -> agency = $_SESSION [ 'agency' ] = 1 ;
$this -> agencyName = $_SESSION [ 'agency_name' ] = $users [ 'agency_name' ];
} else {
$this -> agency = $_SESSION [ 'agency' ] = 0 ;
$this -> agencyName = $_SESSION [ 'agency_name' ] = null ;
}
if ( $users [ 'role_developer' ]) {
// застройщик
$this -> role_developer = $_SESSION [ 'role_developer' ] = 1 ;
} else {
$this -> role_developer = $_SESSION [ 'role_developer' ] = 0 ;
}
// пользователь, который может управлять другими
if ( $users [ 'users_admin' ]) {
$_SESSION [ 'users_admin' ] = 1 ;
} else {
$_SESSION [ 'users_admin' ] = 0 ;
}
2026-07-06 12:54:07 +02:00
//Предмодерация рекламы по объектам
$_SESSION [ 'use_advert_moderation' ] = 0 ;
$q_moderation = mysql_query ( " SELECT * FROM advert_moderation_agency WHERE agency_id = { $this -> agencyId } " );
if ( mysql_num_rows ( $q_moderation ) > 0 ){
$_SESSION [ 'use_advert_moderation' ] = 1 ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
// Рекламный бюджет и ограничение публикации
$_SESSION [ 'use_advert_budget' ] = 0 ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $this -> agency ) {
$sql = " SELECT use_advert_budget FROM users WHERE id= $this->agencyId " ;
if ( $rez = mysql_query ( $sql )) {
$row = mysql_fetch_assoc ( $rez );
$_SESSION [ 'use_advert_budget' ] = $row [ 'use_advert_budget' ];
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $this -> use_advert_budget ) {
$_SESSION [ 'use_advert_budget' ] = 1 ;
}
2026-05-22 20:21:54 +02:00
$sessionTime = 86400 ;
$this -> region = $users [ 'region_rf_id' ];
$this -> id = $_SESSION [ 'id' ] = $users [ 'id' ];
$this -> id_manager = $_SESSION [ 'id_manager' ] = $users [ 'id_manager' ];
$this -> agency_id = $_SESSION [ 'agency_id' ] = self :: getUserAgencyID ();
2026-07-06 12:54:07 +02:00
// куки-зеркало сессии для совместимости. Фронт читает права из API/стора, не из кук;
// гард — чтобы на after-output страницах setcookie не падал «headers already sent» (флуд в лог).
if ( ! headers_sent ()) {
setcookie ( 'user_id' , $_SESSION [ 'id' ], time () + 360 , " / " );
setcookie ( 'agency_id' , $_SESSION [ 'agency_id' ], time () + 360 , " / " );
setcookie ( 'id_manager' , $_SESSION [ 'id_manager' ], time () + 360 , " / " );
setcookie ( 'is_agency' , $_SESSION [ 'agency' ], time () + 360 , " / " );
setcookie ( 'is_manager' , $_SESSION [ 'manager' ], time () + 360 , " / " );
setcookie ( 'is_users_admin' , $_SESSION [ 'users_admin' ], time () + 360 , " / " );
setcookie ( 'is_agent' , $_SESSION [ 'agent' ], time () + 360 , " / " );
setcookie ( 'PHPSESSID_EXPIRATION' , $sessionTime + time (), time () + 360 , " / " );
}
2026-05-22 20:21:54 +02:00
$this -> _user_can [ 'autosearch' ] = true ;
$this -> _user_can [ 'object-fields' ] = boolval ( $this -> agency || $this -> manager || $this -> users_admin );
//$this->_user_can['advert-stats'] = boolval($this->agency || $this->users_admin);
$this -> _user_can [ 'advert-stats' ] = true ;
$_SESSION [ 'user_can' ] = $this -> _user_can ;
2026-07-06 12:54:07 +02:00
if ( ! headers_sent ()) {
setcookie ( 'user_can' , json_encode ( $_SESSION [ 'user_can' ]), time () + 360 , " / " );
}
2026-05-22 20:21:54 +02:00
}
2026-07-06 12:54:07 +02:00
public function checkMenuPermissions ( $permissionName = null ) {
2026-05-22 20:21:54 +02:00
$userId = $_SESSION [ 'id' ];
$sql_d = " SELECT * FROM `user_permissions` WHERE `user_id` = " . $userId ;
2026-07-06 12:54:07 +02:00
if ( $permissionName ) {
$sql_d .= " AND { $permissionName } = 1 " ;
}
2026-05-22 20:21:54 +02:00
$result = mysql_query ( $sql_d );
return mysql_fetch_assoc ( $result );
}
2026-07-06 12:54:07 +02:00
public function check_sms ( $post , $pwd = false , $use_redirect = true )
{
if ( $_SESSION [ 'sms' ] == $post [ 'sms' ] || $pwd ) {
$sql = " SELECT * FROM `users` WHERE `phone`='+ { $post [ 'phone' ] } ' " ;
if ( ! $rez = mysql_query ( $sql ))
$msg = mysqli_error ();
if ( mysql_num_rows ( $rez )) {
$users = mysql_fetch_assoc ( $rez );
if ( $pwd && md5 ( $post [ 'pwd' ] . SALT ) != $users [ 'pwd' ]) {
if ( $use_redirect )
return " Неверный пароль " ;
else
return [
'success' => false ,
'message' => " Неверный пароль " ,
];
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $users [ 'moder' ]) {
if ( ! $users [ 'blocked' ]) {
2026-05-22 20:21:54 +02:00
$this -> agency_id = self :: getUserAgencyID ( $users [ 'id' ]);
$sql_enable = " SELECT * FROM auth_enable_ip WHERE id_agency = { $this -> agency_id } " ;
$q_enable = mysql_query ( $sql_enable );
//если есть строки в таблице, значит есть ограничение по IP
if ( mysql_num_rows ( $q_enable ) > 0 ) {
$ipEnabled = false ;
while ( $ip = mysql_fetch_assoc ( $q_enable )) {
if ( $ip [ 'ip' ] == $_SERVER [ 'REMOTE_ADDR' ]) {
$ipEnabled = true ;
}
}
if ( ! $ipEnabled ) {
//проверяем разрешение на фход с любого IP
$sql_select_permissions = " SELECT allow_any_ip FROM user_permissions WHERE user_id= $users[id] " ;
$permissions_result = mysql_query ( $sql_select_permissions );
if ( mysql_num_rows ( $permissions_result ) > 0 ) {
$r_u = mysql_fetch_assoc ( $permissions_result );
$allowAnyIp = $r_u [ " allow_any_ip " ];
if ( $allowAnyIp ) {
$ipEnabled = true ;
}
}
}
if ( ! $ipEnabled ) {
if ( $use_redirect )
return " Вход с вашим IP адресом запрещен " ;
else
return [
'success' => false ,
'message' => " Вход с вашим IP адресом запрещен " ,
];
}
}
// регенерация ИД сессии для установки новых кук
$sessionTime = 86400 ;
session_set_cookie_params ( $sessionTime );
session_regenerate_id ( false );
$_SESSION [ 'agency_id' ] = $this -> agency_id ;
2026-07-06 12:54:07 +02:00
$_SESSION [ 'fio' ] = trim ( $users [ 'last_name' ] . ' ' . $users [ 'first_name' ] . ' ' . $users [ 'middle_name' ]);
$_SESSION [ 'phone' ] = $users [ 'phone' ];
$_SESSION [ 'id' ] = $users [ 'id' ];
$_SESSION [ 'email' ] = $users [ 'email' ];
if ( $users [ 'manager' ])
$this -> manager = $_SESSION [ 'manager' ] = 1 ;
else
$this -> manager = $_SESSION [ 'manager' ] = 0 ;
if ( $users [ 'id_manager' ] == 0 )
$this -> individual = $_SESSION [ 'individual' ] = 1 ; // частник
else
$this -> individual = $_SESSION [ 'individual' ] = 0 ;
if ( $users [ 'agent' ])
$this -> agent = $_SESSION [ 'agent' ] = 1 ;
else
$this -> agent = $_SESSION [ 'agent' ] = 0 ;
if ( $users [ 'agency' ])
$this -> agency = $_SESSION [ 'agency' ] = 1 ;
else
$this -> agency = $_SESSION [ 'agency' ] = 0 ;
//пользователь, который может управлять другими
if ( $users [ 'users_admin' ])
$_SESSION [ 'users_admin' ] = 1 ;
else
$_SESSION [ 'users_admin' ] = 0 ;
$this -> id = $_SESSION [ 'id' ] = $users [ 'id' ];
mysql_query ( " UPDATE users SET last_auth=NOW() WHERE id= $users[id] " );
mysql_query ( " DELETE FROM online WHERE id_user= $users[id] " );
mysql_query ( " INSERT INTO online(id_user, last_activity, entry, ip, user_agent) VALUES( $_SESSION[id] , NOW(), NOW(), ' " . $_SERVER [ 'REMOTE_ADDR' ] . " ', ' " . $_SERVER [ 'HTTP_USER_AGENT' ] . " ') " );
mysql_query ( " INSERT INTO auth_log(id_user, entry, ip, user_agent) VALUES( $_SESSION[id] , NOW(), ' " . $_SERVER [ 'REMOTE_ADDR' ] . " ', ' " . $_SERVER [ 'HTTP_USER_AGENT' ] . " ') " );
//Для Laravel
$allowed_users_deal = [ 117 , 4 ];
if ( in_array (( int ) $_SESSION [ 'agency_id' ], $allowed_users_deal )) {
$sessionData = [
'id' => session_id (),
'user_id' => $users [ 'id' ],
'payload' => json_encode ([
'fio' => $_SESSION [ 'fio' ],
'phone' => $_SESSION [ 'phone' ],
'roles' => [
'manager' => $_SESSION [ 'manager' ],
'agent' => $_SESSION [ 'agent' ],
'agency' => $_SESSION [ 'agency' ],
'superadmin' => $_SESSION [ 'superadmin' ]
]
]),
'last_activity' => time (),
'ip_address' => $_SERVER [ 'REMOTE_ADDR' ],
'user_agent' => isset ( $_SERVER [ 'HTTP_USER_AGENT' ]) ? $_SERVER [ 'HTTP_USER_AGENT' ] : ''
];
$sql_session = " REPLACE INTO sessions (id, user_id, payload, last_activity, ip_address, user_agent) VALUES (
'" . mysql_real_escape_string($sessionData[' id ']) . "' ,
{ $sessionData [ 'user_id' ]},
'" . mysql_real_escape_string($sessionData[' payload ']) . "' ,
{ $sessionData [ 'last_activity' ]},
'" . mysql_real_escape_string($sessionData[' ip_address ']) . "' ,
'" . mysql_real_escape_string($sessionData[' user_agent ']) . "'
) " ;
mysql_query ( $sql_session );
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $users [ 'superadmin' ]) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$_SESSION [ 'superadmin' ] = 1 ;
if ( $use_redirect )
header ( " location:/admin/index.php " );
else
return [
'success' => true
];
} else {
$agenciesHaveAccessToNewComplexes = [ 4 , 5261 , 12028 , 12061 , 17328 , 11325 , 13735 , 19093 , 16378 , 19467 , 20197 , 19909 , 19646 ];
$user_id = $_SESSION [ 'id' ];
$check_permissions_sql = " SELECT * FROM `user_permissions` WHERE `user_id` = $user_id " ;
$check_permissions_result = mysql_query ( $check_permissions_sql );
if ( ! $check_permissions_result || mysql_num_rows ( $check_permissions_result ) == 0 ) {
$permissions = [
$user_id ,
1 , 1 , 1 , // menu_office, menu_search, menu_objects
0 , 0 , // menu_all_objects, menu_all_objects_edit
0 , // menu_ads
1 , 0 , 0 , 0 , // menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export
1 , 0 , 0 , 0 , // menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export
0 , 1 , 1 , // menu_partners, menu_docs, menu_settings
0 , // menu_complexes (по умолчанию отключено)
1 , 0 , // menu_can_transfer_to_common (по умолчанию включено), menu_can_take_from_closed (по умолчанию отключено)
0 , // menu_can_transfer_closed_to_others (может передавать закрытые заявки другим сотрудникам)
];
$is_admin = ! empty ( $users [ 'users_admin' ]);
$in_agency_list = in_array ( $user_id , $agenciesHaveAccessToNewComplexes );
$is_agent = $users [ 'agent' ] == '1' && $users [ 'agency' ] != '1' && $users [ 'manager' ] != '1' && $users [ 'id_manager' ] == 0 ;
$is_supervisor = $users [ 'agency' ] == '1' && $users [ 'manager' ] == '1' ;
$is_developer = $users [ 'role_developer' ] == '1' ;
$default_can_transfer_to_common = 1 ;
if ( $this -> agency_id == 19895 ) {
$default_can_transfer_to_common = 0 ;
}
$default_cannot_create_req_manually = 0 ;
if ( $this -> agency_id == 19895 ) {
$default_cannot_create_req_manually = 1 ;
}
// Если admin или частный агент или руководитель и в списке с комплексами
if (
( $is_admin && $in_agency_list ) ||
( $is_agent && $in_agency_list ) ||
( $is_supervisor && $in_agency_list ) ||
( $is_developer )
) {
$permissions = [
$user_id ,
1 , 1 , 1 ,
1 , 1 ,
1 ,
1 , 1 , 1 , 1 ,
1 , 1 , 1 , 1 ,
1 , 1 , 1 ,
1 , // комплексы включены
$default_can_transfer_to_common , 1 ,
1 ,
$default_cannot_create_req_manually
];
}
// Если просто admin или частный агент или руководитель
elseif ( $is_admin || $is_agent || $is_supervisor ) {
$permissions = [
$user_id ,
1 , 1 , 1 ,
1 , 1 ,
1 ,
1 , 1 , 1 , 1 ,
1 , 1 , 1 , 1 ,
1 , 1 , 1 ,
0 , // комплексы выключены
$default_can_transfer_to_common , 1 ,
1 ,
$default_cannot_create_req_manually
];
}
$values_str = implode ( ',' , $permissions );
$insert_sql = " INSERT INTO user_permissions
2026-05-22 20:21:54 +02:00
( user_id , menu_office , menu_search , menu_objects , menu_all_objects , menu_all_objects_edit ,
menu_ads , menu_clients , menu_all_clients , menu_all_clients_edit , menu_all_clients_export ,
menu_submissions , menu_all_submissions , menu_all_submissions_edit , menu_all_submissions_export ,
menu_partners , menu_docs , menu_settings , menu_complexes , menu_can_transfer_to_common , menu_can_take_from_closed , menu_can_transfer_closed_to_others , cannot_create_req_manually )
VALUES ( $values_str ) " ;
2026-07-06 12:54:07 +02:00
mysql_query ( $insert_sql );
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$_SESSION [ 'superadmin' ] = 0 ;
$first_page_query = " SELECT jp.page_url FROM users
2026-05-22 20:21:54 +02:00
JOIN jw_pages jp ON users . jw_page_id = jp . id
WHERE users . id = " . $_SESSION['id'] ;
2026-07-06 12:54:07 +02:00
$first_page_result = mysql_query ( $first_page_query );
$first_page = mysql_fetch_assoc ( $first_page_result );
$redirect_page = ! empty ( $first_page [ 'page_url' ]) ? $first_page [ 'page_url' ] : " /sale.php " ;
if ( $use_redirect )
if ( $redirect_page ) {
header ( " location: $redirect_page " );
} else {
header ( " location:/sale.php " );
}
else
return [
'success' => true
];
}
} else $msg = " Аккаунт заблокирован! " ;
} else $msg = " Аккаунт ещё не подтверждён. " ;
} else $msg = " Этот номер телефона не зарегистрирован в JoyWork. " ;
} else $msg = " Неверный код подтверждения! " ;
if ( $use_redirect )
return $msg ;
else
return [
'success' => false ,
'message' => $msg ,
];
}
public function auth ( $post ) {
$msg = 0 ;
if ( ! empty ( $post [ 'phone' ])) {
$phone = $post [ 'phone' ];
$sql = " SELECT * FROM users WHERE phone = ' { $phone } ' " ;
$rez = mysql_query ( $sql );
if ( mysql_num_rows ( $rez )) {
$users = mysql_fetch_assoc ( $rez );
if ( $users [ 'moder' ]) {
if ( ! $users [ 'blocked' ]) {
$PHP_SELF = $_SERVER [ 'PHP_SELF' ];
if ( $users [ 'is_pwd' ]) {
header ( " location: $PHP_SELF ?phone2= $phone " );
}
else {
require_once ( $_SERVER [ 'DOCUMENT_ROOT' ] . " /engine/mobilGroupApi.php " );
$_SESSION [ 'sms' ] = $code_sms = ok_code ( $phone );
$r = sendCode ( $phone , $code_sms );
if ( $r [ 1 ] > 0 ) {
header ( " location: $PHP_SELF ?phone= $phone " );
} else {
$msg = " Робот не может дозвониться по номеру $phone . Проверьте корректность номера или попробуйте выполнить вход позже. " ;
2026-05-22 20:21:54 +02:00
mailClient ( " ellada-an@mail.ru " , " Робот не может дозвониться по номеру " . $_SERVER [ 'SERVER_NAME' ], " Ответ сервера: $r[0] " );
2026-07-06 12:54:07 +02:00
}
}
} else $msg = " Аккаунт заблокирован! " ;
} else $msg = " Аккаунт ещё не подтверждён. " ;
} else $msg = " Этот номер телефона не зарегистрирован в JoyWork " ;
} else $msg = " Н е заполнены поля формы!" ;
return $msg ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function destroy_session () {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$_SESSION = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if ( ini_get ( " session.use_cookies " )) {
$params = session_get_cookie_params ();
setcookie ( session_name (), '' , time () - 42000 ,
$params [ " path " ], $params [ " domain " ],
$params [ " secure " ], $params [ " httponly " ]
);
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
session_destroy ();
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function quit ( $msg = " " , $useRedirect = true ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$this -> destroy_session ();
2026-05-22 20:21:54 +02:00
$this -> id = false ;
$this -> manager = false ;
$this -> agent = false ;
if ( $useRedirect )
2026-07-06 12:54:07 +02:00
header ( " location:/index.php?msg= $msg " );
2026-05-22 20:21:54 +02:00
}
public function reg ( $post ) {
$post_data = http_build_query (
array (
'secret' => '6Le30z8UAAAAALHfN7ZJoLcA5sPUZYmfwC1teREV' ,
'response' => $post [ 'g-recaptcha-response' ],
'remoteip' => $_SERVER [ 'REMOTE_ADDR' ]
)
);
$opts = array ( 'http' =>
array (
'method' => 'POST' ,
'header' => 'Content-type: application/x-www-form-urlencoded' ,
'content' => $post_data
)
);
$context = stream_context_create ( $opts );
$response = file_get_contents ( 'https://www.google.com/recaptcha/api/siteverify' , false , $context );
$result = json_decode ( $response );
/* if ( ! $result -> success ) {
$msg_user = " Проверка капчи не пройдена. " ;
} else { */
if ( ! empty ( $post [ 'email' ])) {
if ( ! empty ( $post [ 'phone' ])) {
if ( ! empty ( $post [ 'region' ]) && $post [ 'region' ] > 0 ){
if ( substr ( $post [ 'phone' ], 0 , 2 ) !== " +7 " ) {
return " Телефон должен начинаться с +7 " ;
}
$sql = " SELECT * FROM users WHERE phone=' $post[phone] ' " ;
$rez = mysql_query ( $sql );
if ( ! empty ( $post [ 'last_name' ]) || ! empty ( $post [ 'first_name' ])) {
if ( mysql_num_rows ( $rez ) == 0 ) {
$msg_user = " " ;
$agent = 0 ;
$agency = 0 ;
2026-07-06 12:54:07 +02:00
$developer = 0 ;
2026-05-22 20:21:54 +02:00
$adMenuVisible = 0 ;
2026-07-06 12:54:07 +02:00
$manager = 0 ;
2026-05-22 20:21:54 +02:00
// ставим всем нормальный тариф сразу
if ( $post [ 'type' ] == 1 )
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
$agency = 1 ;
2026-07-06 12:54:07 +02:00
$manager = 1 ;
2026-05-22 20:21:54 +02:00
$agent = 1 ;
$tarif = 67 ;
$adMenuVisible = 1 ;
}
2026-07-06 12:54:07 +02:00
else if ( $post [ 'type' ] == 3 )
{
$developer = 1 ;
2026-05-22 20:21:54 +02:00
$agent = 0 ;
2026-07-06 12:54:07 +02:00
$agency = 0 ;
$manager = 1 ;
$tarif = 107 ;
}
else
{
$agent = 1 ;
2026-05-22 20:21:54 +02:00
$tarif = 97 ;
}
$new_tarif = new Tarif ;
$new_tarif -> get ( $tarif );
$one_day_plus = $new_tarif -> period + 1 ;
2026-07-06 12:54:07 +02:00
if ( empty ( $post [ 'fio' ]))
$post [ 'fio' ] = trim (( $post [ 'last_name' ] . " " . $post [ 'first_name' ] . " " . $post [ 'middle_name' ]));
2026-05-22 20:21:54 +02:00
try {
$sql = " INSERT INTO
users (
`fio` ,
`region_rf_id` ,
`email` ,
`phone` ,
`agency_name` ,
`first_name` ,
`last_name` ,
`middle_name` ,
`agency` ,
`agent` ,
`manager` ,
`moder` ,
`date_reg` ,
`show_all_objects_page` ,
`id_tarif` ,
`date_tarif` ,
`role_developer`
) VALUES (
'$post[fio]' ,
'$post[region]' ,
'" . trim($post[' email ']) . "' ,
'$post[phone]' ,
'$post[agency_name]' ,
'$post[first_name]' ,
'$post[last_name]' ,
'$post[middle_name]' ,
'$agency' ,
'$agent' ,
'$manager' ,
'1' ,
NOW (),
'$adMenuVisible' ,
'$tarif' ,
DATE_SUB ( NOW (), INTERVAL $one_day_plus DAY ),
$developer
) " ;
mysql_query ( $sql );
2026-07-06 12:54:07 +02:00
$user_id = mysql_insert_id ();
2026-05-22 20:21:54 +02:00
mysql_query ( " UPDATE users SET company_id = $user_id WHERE id = $user_id " );
// письмо с шаблоном
2026-07-06 12:54:07 +02:00
/* $f1 = file ( " https://joywork.ru/template_mail/afterreg.html " );
$text = implode ( " " , $f1 );
mailClient ( $post [ 'email' ], " Регистрация на сайте " . $_SERVER [ 'SERVER_NAME' ], $text );
mailClientFromJoywork ( " service@joywork.ru " , " Новый пользователь на сайте JoyWork " ,
" Зарегистрирован новый пользователь - " . ( $agency ? " агентство $post[agency_name] . " : " агент. ФИО: " . trim ( $post [ 'last_name' ] . ' ' . $post [ 'first_name' ] . ' ' . $post [ 'middle_name' ]) . " . " ) . " Email: " . $post [ 'email' ] . " . Телефон: " . $post [ 'phone' ]);
mailClientFromJoywork ( " iganus@joywork.ru " , " Новый пользователь на сайте JoyWork " ,
" Зарегистрирован новый пользователь - " . ( $agency ? " агентство $post[agency_name] . " : " агент. ФИО: " . trim ( $post [ 'last_name' ] . ' ' . $post [ 'first_name' ] . ' ' . $post [ 'middle_name' ]) . " . " ) . " Email: " . $post [ 'email' ] . " . Телефон: " . $post [ 'phone' ]);
*/
$agency_or_developer = $agency ? $agency : $developer ;
$funnel = 0 ;
$fio_jw = trim ( $post [ 'last_name' ] . ' ' . $post [ 'first_name' ] . ' ' . $post [ 'middle_name' ]);
$name_agent = '' ;
2026-05-22 20:21:54 +02:00
if ( $agency_or_developer ){
2026-07-06 12:54:07 +02:00
if ( $developer )
{
mysql_query (
" INSERT INTO `user_permissions`
2026-05-22 20:21:54 +02:00
(
user_id ,
menu_office ,
menu_complexes ,
menu_search ,
menu_objects ,
menu_all_objects ,
menu_all_objects_edit ,
menu_ads ,
menu_clients ,
menu_all_clients ,
menu_all_clients_edit ,
menu_all_clients_export ,
menu_submissions ,
menu_all_submissions ,
menu_all_submissions_edit ,
menu_all_submissions_export ,
menu_docs ,
menu_settings ,
menu_partners ,
menu_can_transfer_to_common ,
menu_can_take_from_closed ,
menu_can_transfer_closed_to_others
) VALUES (
$user_id ,
1 ,
1 ,
0 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
1 ,
)
"
2026-07-06 12:54:07 +02:00
);
}
2026-05-22 20:21:54 +02:00
$funnel = 118 ;
2026-07-06 12:54:07 +02:00
$name_agent = $post [ 'agency_name' ];
2026-05-22 20:21:54 +02:00
} else {
2026-07-06 12:54:07 +02:00
$funnel = 1141 ;
$name_agent = $fio_jw ;
}
//$fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
$sql_jw = " INSERT INTO clients SET phone=' { $post [ 'phone' ] } ', " .
" fio = ' { $name_agent } ', email = ' { $post [ 'email' ] } ', " .
" opis=' { $fio_jw } ', " .
" id_agent = 4, who_work = 0, " .
" date_add = NOW(), stage=1, confirm=0, funnel_id= { $funnel } , `developer` = $developer " ;
if ( mysql_query ( $sql_jw )){
$id_cl = mysql_insert_id ();
$cl = new Clients ();
$cl -> get_class_etap ( $id_cl , $funnel );
$reg = mysql_fetch_assoc ( mysql_query ( " SELECT name FROM rf_regions WHERE id= $post[region] " ));
$actyvites = mysql_fetch_assoc ( mysql_query ( " SELECT id FROM activities WHERE user_id=4 AND name=' " . $reg [ 'name' ] . " ' " ));
if ( isset ( $actyvites [ 'id' ])){
mysql_query ( " INSERT INTO clients_activities (activity_id, client_id) VALUES ( { $actyvites [ 'id' ] } , { $id_cl } ) " );
}
$comment = " Новый пользователь - " . ( $agency_or_developer ? " агентство $post[agency_name] . " : " агент. ФИО: " . trim ( $post [ 'last_name' ] . ' ' . $post [ 'first_name' ] . ' ' . $post [ 'middle_name' ]) . " . " ) . " Email: " . $post [ 'email' ] . " . Телефон: " . $post [ 'phone' ];
$newTime = date ( " Y-m-d H:i:s " , strtotime ( '+30 minutes' ));
$sql_in_ev = " INSERT INTO user_client_events (user_id, client_id, create_date, schedule_date, `type`, comment, calendar_view, from_id) " .
" VALUES (4, { $id_cl } , ' " . date ( 'Y-m-d H:i:s' ) . " ', ' " . $newTime . " ', 'call', ' " . $comment . " ', 0, 4) " ;
mysql_query ( $sql_in_ev );
}
2026-05-22 20:21:54 +02:00
require_once ( $_SERVER [ 'DOCUMENT_ROOT' ] . " /engine/mobilGroupApi.php " );
$_SESSION [ 'sms' ] = $code_sms = ok_code ( $post [ " phone " ]);
2026-07-06 12:54:07 +02:00
2026-05-22 20:21:54 +02:00
$r = sendCode ( $post [ " phone " ], $code_sms );
2026-07-06 12:54:07 +02:00
$phone = $post [ 'phone' ];
2026-05-22 20:21:54 +02:00
if ( $r [ 1 ] > 0 ) {
header ( " location:index.php?phone= $phone " );
} else {
$msg_user = " Робот не может дозвониться по номеру $phone . Проверьте корректность номера или попробуйте выполнить вход позже. " ;
mailClient ( " ellada-an@mail.ru " , " Робот не может дозвониться по номеру " . $_SERVER [ 'SERVER_NAME' ], " Ответ сервера: $r[0] " );
}
} catch ( Exception $e ) {
$msg_user .= " Выброшено исключение: " . $e -> getMessage ();
}
2026-07-06 12:54:07 +02:00
$this -> get ( $user_id );
$this -> getNewUserPackages ();
$status_text = " \n агент. ФИО: " ;
if ( $agency )
{
$status_text = " агентство $post[agency_name] . " ;
}
else if ( $developer )
{
$status_text = " \n застройщик. $post[agency_name] ФИО: " ;
}
$text_reg = " " ;
$text_reg .= " <b>Новый пользователь на сайте JoyWork</b> " ;
$text_reg .= " \n Зарегистрирован новый пользователь - "
. ( $status_text . trim ( $post [ 'last_name' ]
. ' '
. $post [ 'first_name' ]
. ' '
. $post [ 'middle_name' ])
. " . " )
. " \n Email: "
. $post [ 'email' ]
. " . \n Телефон: "
. $post [ 'phone' ];
$tel = new Telegram ( false );
$max = new MaxClass ();
$chatId = 255183898 ;
try {
$tel -> send ( $text_reg , $chatId );
} catch ( Exception $e ) {
//$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
}
$max_user_id = 125565439 ;
try {
$max -> send_messages_to_user ( $max_user_id , $text_reg );
} catch ( Exception $e ){}
$chatId = 1313658538 ;
try {
$tel -> send ( $text_reg , $chatId );
} catch ( Exception $e ) {
//$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
}
$max_user_id = 238784061 ;
try {
$max -> send_messages_to_user ( $max_user_id , $text_reg );
} catch ( Exception $e ){}
$chatId = 161649599 ;
try {
$tel -> send ( $text_reg , $chatId );
} catch ( Exception $e ) {
//$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
}
2026-05-22 20:21:54 +02:00
} else $msg_user = " Пользователь с таким номером телефона уже существует. " ;
} else $msg_user = " Н е указана Фамилия и/или Имя пользователя." ;
} else $msg_user = " Н е указан регион" ;
} else $msg_user = " Н е указан номер телефона." ;
} else $msg_user = " Н е указан адрес электронной почты." ;
//}
2026-07-06 12:54:07 +02:00
return $msg_user ;
2026-05-22 20:21:54 +02:00
}
2026-07-06 12:54:07 +02:00
public function remind_pass ( $post ) {
$msg = 0 ;
if ( ! empty ( $post [ 'email' ])) // проверяем обязательные поля
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM users WHERE email=' $post[email] ' " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( mysql_num_rows ( $rez ))
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$users = mysql_fetch_array ( $rez );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$pwd = generatePass ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$pwd_enc = md5 ( $pwd . SALT );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET pwd=' $pwd_enc ' WHERE id= $users[id] " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mailClient ( $users [ 'email' ], " Новый пароль на сайте " . $_SERVER [ 'SERVER_NAME' ], " Ваш новый пароль: $pwd " );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
header ( " location:remind_pass.php?success=1 " );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} else $msg = " Неверный адрес почты! " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} else $msg = " Н е заполнены поля формы!" ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $msg ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function change_pwd ( $post ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$msg = 0 ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! empty ( $post [ 'pwd' ]) and ! empty ( $post [ 'old_pwd' ]) and ! empty ( $post [ 'pwd2' ]))
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM users WHERE id=' $_SESSION[id] ' " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $users = mysql_fetch_assoc ( $rez ))
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( md5 ( $post [ 'old_pwd' ] . SALT ) == $users [ 'pwd' ])
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $post [ 'pwd' ] == $post [ 'pwd2' ])
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$pwd = md5 ( $post [ 'pwd' ] . SALT );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET pwd=' $pwd ' WHERE id= $_SESSION[id] " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$f1 = file ( " https://joywork.ru/template_mail/changepassword.html " );
$text = implode ( " " , $f1 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$text = str_replace ( " <%login%> " , $users [ 'phone' ], $text );
$text = str_replace ( " <%pass%> " , $post [ 'pwd' ], $text );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mailClientFromJoywork ( $users [ 'email' ], " Новый пароль на сайте " . $_SERVER [ 'SERVER_NAME' ], $text );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
header ( " location:settings.php?success=ok " );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} else $msg = " Пароль и подтверждение пароля не совпадают! " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} else $msg = " Неверный пароль! " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} else $msg = " Пользователь не существует! " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} else $msg = " Н е заполнены поля формы!" ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $msg ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function edit ( $post ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$postf = clearInputData ( $_POST );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$postf [ 'txt' ] = strip_tags ( mysql_real_escape_string ( $post [ 'txt' ]));
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$post [ 'agency_name' ] = htmlspecialchars ( $post [ 'agency_name' ]);
$post [ 'first_name' ] = htmlspecialchars ( $post [ 'first_name' ]);
$post [ 'last_name' ] = htmlspecialchars ( $post [ 'last_name' ]);
$post [ 'middle_name' ] = htmlspecialchars ( $post [ 'middle_name' ]);
$post [ 'is_dispatcher' ] = 0 ;
if ( isset ( $post [ 'vpbx_id' ])){
if ( $post [ 'vpbx_id' ] == $post [ 'phone' ]){
$post [ 'is_dispatcher' ] = 1 ;
}
} else {
$post [ 'vpbx_id' ] = " " ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$this -> edit_api_ids ( $post , $_SESSION [ 'id' ]);
$gmtmsk = 0 ;
if ( isset ( $post [ 'utc_edit' ])){
$gmtmsk = $post [ 'utc_edit' ] - 3 ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_SESSION [ 'individual' ] == 1 ) {
$sql = " UPDATE users SET jw_page_id = ' $post[first_page] ', region_rf_id = $post[region] , agency_name=' $post[agency_name] ', first_name=' $post[first_name] ', last_name=' $post[last_name] ', middle_name=' $post[middle_name] ', txt=' $postf[txt] ', email=' " . trim ( $post [ 'email' ]) . " ', site=' $post[site] ', sitename=' $post[sitename] ', adres=' $post[adres] ', phoneAgency=' $post[phoneAgency] ', is_dispatcher= $post[is_dispatcher] , vpbx_id=' $post[vpbx_id] ', gmtmsk = ' $gmtmsk ' WHERE id= $_SESSION[id] " ;
} else {
$sql = " SELECT * FROM users WHERE phone=' $post[phone] ' and id <> $_SESSION[id] " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( mysql_num_rows ( $rez ) > 0 ) {
return " Пользователь с таким номером телефона уже существует. " ;
} else {
$sql = " UPDATE users SET jw_page_id = ' $post[first_page] ', region_rf_id = $post[region] , agency_name=' $post[agency_name] ', first_name=' $post[first_name] ', last_name=' $post[last_name] ', middle_name=' $post[middle_name] ', phone=' $post[phone] ', phone2=' $post[phone2_user] ', txt=' $postf[txt] ', email=' " . trim ( $post [ 'email' ]) . " ', site=' $post[site] ', sitename=' $post[sitename] ', adres=' $post[adres] ', phoneAgency=' $post[phoneAgency] ', is_dispatcher= $post[is_dispatcher] , vpbx_id=' $post[vpbx_id] ', gmtmsk = ' $gmtmsk ' WHERE id= $_SESSION[id] " ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $post [ 'all_update_utc' ]){
$agency_id = $this -> getAgencyIdForUser ( $_SESSION [ 'id' ]);
$usersIds [] = $agency_id ;
$sql_users = " SELECT id FROM users WHERE id in (select id from users where id= $agency_id or id_manager= $agency_id or id_manager in
2026-05-22 20:21:54 +02:00
( select id from users where id_manager = $agency_id or id_manager in
( select id from users where id_manager = $agency_id ))) " ;
2026-07-06 12:54:07 +02:00
$q_users = mysql_query ( $sql_users );
while ( $r_users = mysql_fetch_assoc ( $q_users )){
$usersIds [] = ( int ) $r_users [ 'id' ];
}
if ( ! empty ( $usersIds )) {
$sqlAll = " UPDATE users SET gmtmsk = ' $gmtmsk ' WHERE id in ( " . implode ( ',' , $usersIds ) . " ) " ;
}
}
}
if ( mysql_query ( $sql )) {
if ( isset ( $sqlAll )){
mysql_query ( $sqlAll );
}
$sqlNewObjUser = " SELECT * FROM users WHERE id= $_SESSION[id] " ;
$rezNewObjUser = mysql_query ( $sqlNewObjUser );
$newObjUser = mysql_fetch_assoc ( $rezNewObjUser );
$sobstv = trim ( $post [ 'last_name' ] . ' ' . $post [ 'first_name' ] . ' ' . $post [ 'middle_name' ]);
if ( $newObjUser [ 'agency' ] == 0 ) {
$sql = " SELECT * FROM users WHERE id= $newObjUser[id_manager] " ;
$rez = mysql_query ( $sql );
$manager = mysql_fetch_assoc ( $rez );
if ( $manager [ 'id_manager' ]) {
$agency = mysql_fetch_assoc ( mysql_query ( " SELECT * FROM users WHERE id= $manager[id_manager] " ));
} else {
$agency = $manager ;
}
if ( $agency ) {
$sobstv = $sobstv . " , агентство " . $agency [ 'agency_name' ];
}
}
if ( $_SESSION [ 'agency' ]) {
if ( ! isset ( $post [ 'on_agency_any_ip' ])) {
$post [ 'on_agency_any_ip' ] = 0 ;
}
$check_permissions_sql = " SELECT * FROM `user_permissions` WHERE `user_id` = $_SESSION[id] " ;
$check_permissions_result = mysql_query ( $check_permissions_sql );
if ( mysql_num_rows ( $check_permissions_result ) > 0 ) {
$sql_update_permissions = " UPDATE user_permissions SET allow_any_ip = ' $post[on_agency_any_ip] ' WHERE user_id= $_SESSION[id] " ;
mysql_query ( $sql_update_permissions );
} else {
$permissions = [
$_SESSION [ 'id' ],
1 , 1 , 1 ,
1 , 1 ,
1 ,
1 , 1 , 1 , 1 ,
1 , 1 , 1 , 1 ,
1 , 1 , 1 ,
0 , // комплексы выключены
1 ,
1 ,
1 ,
$post [ 'on_agency_any_ip' ] ? 1 : 0
];
$values_str = implode ( ',' , $permissions );
$insert_sql = " INSERT INTO user_permissions
2026-05-22 20:21:54 +02:00
( user_id , menu_office , menu_search , menu_objects , menu_all_objects , menu_all_objects_edit ,
menu_ads , menu_clients , menu_all_clients , menu_all_clients_edit , menu_all_clients_export ,
menu_submissions , menu_all_submissions , menu_all_submissions_edit , menu_all_submissions_export ,
menu_partners , menu_docs , menu_settings , menu_complexes , menu_can_transfer_to_common , menu_can_take_from_closed , menu_can_transfer_closed_to_others , allow_any_ip )
VALUES ( $values_str ) " ;
2026-07-06 12:54:07 +02:00
mysql_query ( $insert_sql );
}
}
//обновляем объекты пользователя
$phone = $post [ 'phone' ];
$sqlUpdateObj = " UPDATE objects SET is_main = 0, phone = ' $phone ', sobstv = ' $sobstv ' WHERE id_add_user= $_SESSION[id] " ;
mysql_query ( $sqlUpdateObj );
$_SESSION [ 'fio' ] = trim ( $post [ 'last_name' ] . ' ' . $post [ 'first_name' ] . ' ' . $post [ 'middle_name' ]);
$_SESSION [ 'agency_name' ] = $post [ 'agency_name' ];
$_SESSION [ 'first_name' ] = $post [ 'first_name' ];
$_SESSION [ 'last_name' ] = $post [ 'last_name' ];
$_SESSION [ 'middle_name' ] = $post [ 'middle_name' ];
}
header ( " location:settings.php?success2=ok " );
}
public function edit_api_ids ( $post , $user_id ) {
$id = 0 ;
$sql = " SELECT * FROM user_api_keys WHERE user_id = { $user_id } " ;
$q = mysql_query ( $sql );
if ( mysql_num_rows ( $q ) == 0 ){
$id = $this -> gen_token ( $user_id );
} else {
$apis = mysql_fetch_assoc ( $q );
$id = $apis [ 'id' ];
}
if ( $id > 0 ){
$cian_id = ( int ) $post [ 'cian_id' ];
$avito_id = ( int ) str_replace ( ' ' , '' , $post [ 'avito_id' ]);
$is_all_cian = 0 ;
if ( $post [ 'is_all_cian' ]){
$is_all_cian = ( int ) $post [ 'is_all_cian' ];
}
$is_all_avito = 0 ;
if ( $post [ 'is_all_avito' ]){
$is_all_avito = ( int ) $post [ 'is_all_avito' ];
}
$is_id_object = 0 ;
if ( $post [ 'is_id_object' ]){
$is_id_object = ( int ) $post [ 'is_id_object' ];
}
$is_id_object_cian = 0 ;
if ( $post [ 'is_id_object_cian' ]){
$is_id_object_cian = ( int ) $post [ 'is_id_object_cian' ];
}
$sql_up = " UPDATE user_api_keys SET cian_id = { $cian_id } , avito_id = { $avito_id } , is_all_cian= { $is_all_cian } , is_all_avito= { $is_all_avito } , is_id_object= { $is_id_object } , is_id_object_cian= { $is_id_object_cian } WHERE id = { $id } " ;
mysql_query ( $sql_up );
}
}
2026-05-22 20:21:54 +02:00
public function edit_vk ( $postUi ) {
2026-07-06 12:54:07 +02:00
$post = clearInputData ( $postUi );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$flag = isset ( $post [ 'vkFromGroup' ]) ? 1 : 0 ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET vk_group_id=' $post[vkGroup] ', vk_post_as_group= $flag WHERE id= $_SESSION[id] " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
header ( " location:settings.php?success2=ok " );
2026-05-22 20:21:54 +02:00
}
public function edit_zipal ( $postUi ) {
2026-07-06 12:54:07 +02:00
$post = clearInputData ( $postUi );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET zipal_login=' $post[zipalLogin] ', zipal_password=' $post[zipalPass] ' WHERE id= $_SESSION[id] " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
header ( " location:settings.php?success2=ok " );
2026-05-22 20:21:54 +02:00
}
public function edit_jcat ( $postUi ) {
2026-07-06 12:54:07 +02:00
$post = clearInputData ( $postUi );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET jcat_api_key=' $post[jcatApiKey] ' WHERE id= $_SESSION[id] " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
header ( " location:settings.php?success2=ok " );
2026-05-22 20:21:54 +02:00
}
2026-07-06 12:54:07 +02:00
2026-05-22 20:21:54 +02:00
public function set_blocked ( $block , $id ) {
$id = ( int ) $id ;
$block = ( int ) $block ;
// Блокируем/разблокируем основного пользователя
mysql_query ( " UPDATE users SET blocked = $block WHERE id = $id " )
or die ( " Ошибка обновления статуса: " . mysql_error ());
// Получаем данные пользователя
$result = mysql_query ( " SELECT * FROM users WHERE id = $id " );
if ( ! $result ) die ( " Ошибка запроса: " . mysql_error ());
$user = mysql_fetch_assoc ( $result );
if ( ! $user ) die ( " Пользователь не найден " );
2026-07-06 12:54:07 +02:00
$agencyId = self :: getUserAgencyID ( $id );
$action = ( $block == 1 ) ? " employee_block " : " employee_unblock " ;
$dataWhook = array ( 'action' => $action , 'employee_id' => $id , 'section' => 'employee' , 'user_id' => $_SESSION [ 'id' ], 'agency_id' => $agencyId );
$w_in = new WebHookIn ( null , $agencyId );
$w_in -> check_send ( $dataWhook );
2026-05-22 20:21:54 +02:00
// Если статус меняется на "разблокирован" и пользователь — агент (не менеджер)
if ( $block == 0 && ! $user [ 'manager' ]) {
2026-07-06 12:54:07 +02:00
2026-05-22 20:21:54 +02:00
if ( $agencyId ) {
mysql_query ( " UPDATE users SET id_manager = $agencyId WHERE id = $id " )
or die ( " Ошибка обновления id_manager: " . mysql_error ());
}
}
// Определяем действие для уведомления
$act = ( $block == 1 ) ? " заблокирован " : " разблокирован " ;
// Если пользователь — менеджер, меняем статус всех подчиненных
if ( $user [ 'manager' ]) {
$queue = [ $id ]; // Очередь менеджеров для обработки
$processed = []; // Уже обработанные ID (защита от циклов)
while ( ! empty ( $queue )) {
$current_manager_id = array_shift ( $queue );
// Защита от зацикливания
if ( in_array ( $current_manager_id , $processed )) continue ;
$processed [] = $current_manager_id ;
// Находим всех подчиненных текущего менеджера
$subordinates = mysql_query ( "
SELECT id , email , manager
FROM users
WHERE id_manager = $current_manager_id
" );
if ( ! $subordinates ) {
error_log ( " Ошибка SQL: " . mysql_error ());
continue ;
}
while ( $subordinate = mysql_fetch_assoc ( $subordinates )) {
// Меняем статус подчиненного
mysql_query ( " UPDATE users SET blocked = $block WHERE id = { $subordinate [ 'id' ] } " );
// Отправляем уведомление
if ( ! empty ( $subordinate [ 'email' ])) {
mail (
$subordinate [ 'email' ],
" Аккаунт на сайте " . $_SERVER [ 'SERVER_NAME' ],
" Ваш аккаунт заблокирован, так как ваш менеджер был заблокирован "
);
}
// Если подчиненный — тоже менеджер, добавляем е г о в очередь
if ( $subordinate [ 'manager' ]) {
$queue [] = $subordinate [ 'id' ];
}
}
}
}
// Отправляем уведомление основному пользователю
if ( ! empty ( $user [ 'email' ])) {
mail (
$user [ 'email' ],
" Аккаунт на сайте " . $_SERVER [ 'SERVER_NAME' ],
" Ваш аккаунт был $act "
);
}
return true ;
}
2026-07-06 12:54:07 +02:00
/* public function set_moder ( $id , $mdb ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET moder=1 WHERE id= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql , $mdb );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM users WHERE id= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql , $mdb );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$users = mysql_fetch_assoc ( $rez );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mailClient ( $users [ 'email' ], " Аккаунт на сайте " . $_SERVER [ 'SERVER_NAME' ], " Ваш аккаунт был подтверждён администратором р е с у р с а . Вы можете начать пользоваться системой. " );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} */
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function set_manager ( $id_mngr , $id_user ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$id_agency = $_SESSION [ 'id' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$curUser = new User ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$curUser -> checkPermissions ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_SESSION [ 'users_admin' ]) {
$id_agency = $curUser -> agencyId ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $id_mngr == 0 ) // делаем юзера менеджером
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET manager=1, id_manager= $id_agency , photo=' $_SESSION[photo] ', department_id = 0, role_id = 0 WHERE id= $id_user " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} elseif ( $id_mngr == - 1 ) // разжаловать и сбросить всех агентов
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
$id_agency = $curUser -> agencyId ;
$sql = " UPDATE users SET manager=0, id_manager= $id_agency , photo=' $_SESSION[photo] ', department_id = 0, role_id = 0 WHERE id_manager= $id_user OR id= $id_user " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} else // установить агенту менеджера
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET id_manager= $id_mngr , photo=' $_SESSION[photo] ' WHERE id= $id_user " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
//return $this->getMyManagers();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function set_role ( $roleId , $userId , $depId ){
$id_agency = $_SESSION [ 'id' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$curUser = new User ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$curUser -> checkPermissions ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_SESSION [ 'users_admin' ]) {
$id_agency = $curUser -> agencyId ;
}
$sql = " SELECT `id`, `role` FROM roles WHERE id = " . $roleId ;
$q = mysql_query ( $sql );
$role = mysql_fetch_array ( $q );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $role [ 'role' ] == 'agent' ){
$managerId = $id_agency ;
2026-05-22 20:21:54 +02:00
//Ищем менеджера отдела
2026-07-06 12:54:07 +02:00
$sql_a = " SELECT id FROM roles WHERE department_id = { $depId } AND (role = 'admin_department' or role = 'manager') order by role " ;
$q_a = mysql_query ( $sql_a );
if ( mysql_num_rows ( $q_a ) > 0 ){
while ( $r_a = mysql_fetch_assoc ( $q_a )){
$sql_u = " SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1 " ;
$q_u = mysql_query ( $sql_u );
if ( mysql_num_rows ( $q_u ) > 0 ){
$r_u = mysql_fetch_assoc ( $q_u );
$managerId = ( int ) $r_u [ 'id' ];
break ;
}
}
}
2026-05-22 20:21:54 +02:00
//Делаем пользователя агентом отдела
2026-07-06 12:54:07 +02:00
mysql_query ( " UPDATE users SET department_id = { $depId } , role_id = { $roleId } , agent = 1, id_manager= $managerId , manager = 0 WHERE id = { $userId } " );
2026-05-22 20:21:54 +02:00
//если пользователь был менеджером, то сбрасываем е г о пользователь к агенству
2026-07-06 12:54:07 +02:00
mysql_query ( " UPDATE users SET id_manager = { $id_agency } , department_id = 0, role_id = 0 WHERE id_manager = { $userId } " );
} else if ( $role [ 'role' ] == 'manager' ){
2026-05-22 20:21:54 +02:00
//Поиск админа отдела
2026-07-06 12:54:07 +02:00
$menager_id = $id_agency ;
2026-05-22 20:21:54 +02:00
//echo $menager_id;
2026-07-06 12:54:07 +02:00
$sql_a = " SELECT id FROM roles WHERE department_id = { $depId } AND role = 'admin_department' LIMIT 1 " ;
$q_a = mysql_query ( $sql_a );
if ( mysql_num_rows ( $q_a ) > 0 ){
$r_a = mysql_fetch_assoc ( $q_a );
$sql_u = " SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1 " ;
//echo $sql_u;
$q_u = mysql_query ( $sql_u );
if ( mysql_num_rows ( $q_u ) > 0 ){
$r_u = mysql_fetch_assoc ( $q_u );
$menager_id = ( int ) $r_u [ 'id' ];
}
}
2026-05-22 20:21:54 +02:00
//Делаем пользователя менеджером отдела
2026-07-06 12:54:07 +02:00
$sql_up = " UPDATE users SET department_id = { $depId } , role_id = { $roleId } , manager = 1, id_manager = { $menager_id } WHERE id = { $userId } " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql_up );
2026-05-22 20:21:54 +02:00
//Делаем всех пользователей этого менеджера агентами отдела
2026-07-06 12:54:07 +02:00
$sql = " SELECT `id` FROM roles WHERE department_id = { $depId } and role = 'agent' " ;
$q = mysql_query ( $sql );
$roleBase = 0 ;
if ( mysql_num_rows ( $q ) > 0 ){
$role = mysql_fetch_array ( $q );
$roleBase = $role [ 'id' ];
}
mysql_query ( " UPDATE users SET department_id = { $depId } , role_id = { $roleBase } WHERE id_manager = { $userId } and manager = 0 " );
2026-05-22 20:21:54 +02:00
//Делаем всех свободных сотрудников отдела агентами этого менеджера
//mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND manager=0 AND (id_manager=0 or id_manager={$id_agency})");*/
2026-07-06 12:54:07 +02:00
} else if ( $role [ 'role' ] == 'user_admin' ){
2026-05-22 20:21:54 +02:00
//Делаем пользователя псевдо руководителем
2026-07-06 12:54:07 +02:00
mysql_query ( " UPDATE users SET users_admin = 1, department_id = { $depId } , role_id = { $roleId } WHERE id = { $userId } " );
} else if ( $role [ 'role' ] == 'admin_department' ){
mysql_query ( " UPDATE users SET department_id = { $depId } , manager = 1, id_manager = { $id_agency } , role_id = { $roleId } WHERE id = { $userId } " );
2026-05-22 20:21:54 +02:00
//Переводим всех менеджеров и агентов отдела, привязанных к руководителю, к админу
2026-07-06 12:54:07 +02:00
mysql_query ( " UPDATE users SET id_manager = { $userId } WHERE department_id = { $depId } AND id_manager = { $id_agency } AND id != { $userId } " );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} else if ( $role [ 'role' ] == 'manager_office' ){
2026-05-22 20:21:54 +02:00
//Поиск админа отдела
2026-07-06 12:54:07 +02:00
$menager_id = $id_agency ;
2026-05-22 20:21:54 +02:00
//echo $menager_id;
2026-07-06 12:54:07 +02:00
$sql_a = " SELECT id FROM roles WHERE department_id = { $depId } AND role = 'admin_department' LIMIT 1 " ;
$q_a = mysql_query ( $sql_a );
if ( mysql_num_rows ( $q_a ) > 0 ){
$r_a = mysql_fetch_assoc ( $q_a );
$sql_u = " SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1 " ;
//echo $sql_u;
$q_u = mysql_query ( $sql_u );
if ( mysql_num_rows ( $q_u ) > 0 ){
$r_u = mysql_fetch_assoc ( $q_u );
$menager_id = ( int ) $r_u [ 'id' ];
}
}
//Делаем пользователя офис менеджером отдела
$sql_up = " UPDATE users SET department_id = { $depId } , role_id = { $roleId } , manager = 0, id_manager = { $menager_id } WHERE id = { $userId } " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql_up );
} else if ( $role [ 'role' ] == 'manager_office_menager' ){
//Делаем пользователя офис менеджером наблюдателем отдела
$sql_up = " UPDATE users SET department_id = { $depId } , role_id = { $roleId } , manager = 0 WHERE id = { $userId } " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql_up );
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function getDepManagers ( $dep_id ){
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $dep_id )
return [];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$res = array ();
$sql = " SELECT * FROM users WHERE manager=1 AND department_id = { $dep_id } " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$q = mysql_query ( $sql );
while ( $r = mysql_fetch_assoc ( $q )){
$res [] = $r ;
}
return $res ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function settings_email () {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$this -> get ( $_SESSION [ 'id' ]);
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$post = clearInputData ( $_POST );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$smtpSsl = $post [ 'smtp_ssl' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$type = $post [ 'type' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $type != 5 ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$smtpSsl = " 1 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET smtp_from=' $post[smtp_from] ', smtp_fromname=' $post[smtp_fromname] ', smtp=' $post[smtp] ', smtp_ssl=' $smtpSsl ', smtp_port=' $post[smtp_port] ', smtp_lg=' $post[smtp_lg] ', smtp_pwd=' $post[smtp_pwd] ' WHERE id= $_SESSION[id] " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$f1 = file ( " https://joywork.ru/template_mail/changemailsettings.html " );
$text = implode ( " " , $f1 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$try = checkMail ( $this -> email , " Тестовое письмо " , $text );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $try === true ) $s = 1 ; else $s = 2 ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET smtp_check=' $s ' WHERE id= $_SESSION[id] " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $s == 2 ) return " Ошибка отправки тестового письма на почту " . $this -> email . " . Проверьте настройки.<br><small> $try </small><br><b> Для успешной настройки почты обратитесь в службу поддержки по тел. +7 812 981 56 17</b> " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
else header ( " location:settings.php?success3= $s " );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function add_agent ( $get ) {
$msg_user = '' ;
if ( ! empty ( $get [ 'email' ])) {
if ( ! empty ( $get [ 'phone' ])) {
$sql = " SELECT * FROM users WHERE phone=' $get[phone] ' " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( mysql_num_rows ( $rez ) == 0 ) {
$sql = " INSERT INTO users(fio, email, phone, agency_name, first_name, last_name, middle_name, agent, moder, date_reg, id_manager) VALUES(' $get[fio] ', ' $get[email] ', ' $get[phone] ', ' $get[agency_name] ', ' $get[first_name] ', ' $get[last_name] ', ' $get[middle_name] ', '1', '1', NOW(), ' $_SESSION[id] ') " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mailClient ( $get [ 'email' ], " Регистрация на сайте " . $_SERVER [ 'SERVER_NAME' ], " Вы зарегистрированы на сайте " . $_SERVER [ 'SERVER_NAME' ] . " . Для входа используйте номер телефона $get[phone] и пароль в смс. " );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
} else $msg_user = " Агент с таким номером телефона уже существует! " ;
} else $msg_user = " Н е указан номер телефона!" ;
} else $msg_user = " Н е указан E-Mail!" ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $msg_user ;
}
2026-05-22 20:21:54 +02:00
public function add_agent_with_password ( $post ) {
$msg_user = '' ;
if ( ! empty ( $post [ 'email' ])) {
if ( ! empty ( $post [ 'phone' ])) {
$sql = " SELECT * FROM users WHERE phone=' $post[phone] ' " ;
$rez = mysql_query ( $sql );
if ( mysql_num_rows ( $rez ) == 0 ) {
$id_agency = $_SESSION [ 'id' ];
$curUser = new User ;
$curUser -> checkPermissions ();
if ( $_SESSION [ 'users_admin' ]) {
$id_agency = $curUser -> agencyId ;
} else {
$departmentClass = new Department ;
$departmentUser = $departmentClass -> getDepartment ( $_SESSION [ 'id' ]);
if ( $departmentUser [ 'role' ] == 'manager_office' ){
if ( $departmentUser [ 'admin' ] > 0 ){
$id_agency = $departmentUser [ 'admin' ];
}
}
}
$pwd = generatePass ();
$pwd_enc = md5 ( $pwd . SALT );
2026-07-06 12:54:07 +02:00
if ( isset ( $post [ 'pass' ]) && ! empty ( trim ( $post [ 'pass' ]))){
$pwd = trim ( $post [ 'pass' ]);
$pwd_enc = md5 ( $pwd . SALT );
}
2026-05-22 20:21:54 +02:00
if ( isset ( $post [ 'is_dispatcher' ]) && $post [ 'is_dispatcher' ] == 1 ) {
$vpbx_id = $post [ 'phone' ];
$is_dis = 1 ;
} else {
$is_dis = 0 ;
if ( ! empty ( $post [ 'vpbx_id' ])) {
$vpbx_id = $post [ 'vpbx_id' ];
} else {
$vpbx_id = " " ;
}
}
2026-07-06 12:54:07 +02:00
$role_developer = ( int )( $post [ 'role_developer' ] ? $post [ 'role_developer' ] : 0 );
2026-05-22 20:21:54 +02:00
$agency_name = " " ;
if ( ! empty ( $post [ 'agency_name' ]))
$agency_name = $post [ 'agency_name' ];
$last_name = " " ;
if ( ! empty ( $post [ 'last_name' ]))
$last_name = $post [ 'last_name' ];
$first_name = " " ;
if ( ! empty ( $post [ 'first_name' ]))
$first_name = $post [ 'first_name' ];
$middle_name = " " ;
if ( ! empty ( $post [ 'middle_name' ]))
$middle_name = $post [ 'middle_name' ];
$birthday = " " ;
if ( ! empty ( $post [ 'birthday' ]))
$birthday = date ( " Y-m-d H:i:s " , strtotime ( $post [ 'birthday' ]));
// Определяем agency_id
$company_id = self :: getUserAgencyID ( $_SESSION [ 'id' ]);
$sql_company_id = is_numeric ( $company_id ) && $company_id > 0
? ( int ) $company_id
: 'NULL' ;
$sql = " INSERT INTO users(
fio ,
company_id ,
email ,
phone ,
phone2 ,
agency_name ,
last_name ,
first_name ,
middle_name ,
txt ,
agent ,
moder ,
admin ,
superadmin ,
blocked ,
date_reg ,
id_manager ,
is_pwd ,
pwd ,
region_rf_id ,
is_dispatcher ,
birthday ,
vpbx_id ,
role_developer
) VALUES (
'$post[fio]' ,
$sql_company_id ,
'$post[email]' ,
'$post[phone]' ,
'$post[phone2]' ,
'$agency_name' ,
'$last_name' ,
'$first_name' ,
'$middle_name' ,
'' ,
'1' ,
'1' ,
'0' ,
'0' ,
'0' ,
NOW (),
'$id_agency' ,
1 ,
'$pwd_enc' ,
$curUser -> region ,
$is_dis ,
'$birthday' ,
'$vpbx_id' ,
$role_developer
) " ;
if ( mysql_query ( $sql )) {
$user_id = mysql_insert_id ();
// Устанавливаем menu_can_transfer_to_common по умолчанию для Домрил
$default_can_transfer_to_common = 1 ;
if ( $company_id == 19895 ) {
$default_can_transfer_to_common = 0 ;
}
$default_cannot_create_req_manually = 0 ;
if ( $company_id == 19895 ) {
$default_cannot_create_req_manually = 1 ;
}
// Базовые права по умолчанию
$permissions = [
$user_id ,
1 , 1 , 1 , // menu_office, menu_search, menu_objects
0 , 0 , // menu_all_objects, menu_all_objects_edit
0 , // menu_ads
1 , 0 , 0 , 0 , // menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export
1 , 0 , 0 , 0 , // menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export
0 , 1 , 1 , // menu_partners, menu_docs, menu_settings
0 , // menu_complexes (по умолчанию отключено)
$default_can_transfer_to_common , 0 , // menu_can_transfer_to_common, menu_can_take_from_closed
0 , // menu_can_transfer_closed_to_others
$default_cannot_create_req_manually
];
$values_str = implode ( ',' , $permissions );
$insert_sql = " INSERT INTO user_permissions
( user_id , menu_office , menu_search , menu_objects , menu_all_objects , menu_all_objects_edit ,
menu_ads , menu_clients , menu_all_clients , menu_all_clients_edit , menu_all_clients_export ,
menu_submissions , menu_all_submissions , menu_all_submissions_edit , menu_all_submissions_export ,
menu_partners , menu_docs , menu_settings , menu_complexes , menu_can_transfer_to_common , menu_can_take_from_closed , menu_can_transfer_closed_to_others , cannot_create_req_manually )
VALUES ( $values_str ) " ;
mysql_query ( $insert_sql );
$passport_date = " NULL " ;
if ( ! empty ( $post [ 'passport_date' ]))
$passport_date = date ( " Y-m-d H:i:s " , strtotime ( $post [ 'passport_date' ]));
2026-07-06 12:54:07 +02:00
$wa_enabled = ( int ) $post [ 'wa_enabled' ];
2026-05-22 20:21:54 +02:00
$sql2 = " INSERT INTO `users_info` (
user_id ,
passport_serial ,
passport_number ,
passport_date ,
passport_emited ,
passport_adress ,
adress_postal ,
soc_vk ,
soc_tg ,
soc_fb ,
soc_inst ,
soc_tw ,
soc_wa ,
wa_enabled
) VALUES (
'$user_id' ,
'$post[passport_serial]' ,
'$post[passport_number]' ,
'$passport_date' ,
'$post[passport_emited]' ,
'$post[passport_adress]' ,
'$post[adress_postal]' ,
'$post[soc_vk]' ,
'$post[soc_tg]' ,
'$post[soc_fb]' ,
'$post[soc_inst]' ,
'$post[soc_tw]' ,
'$post[soc_wa]' ,
'$wa_enabled'
) " ;
2026-07-06 12:54:07 +02:00
mysql_query ( $sql2 );
2026-05-22 20:21:54 +02:00
if ( ! ( $_FILES [ 'avatar' ][ 'size' ] == 0 && $_FILES [ 'avatar' ][ 'error' ] == 0 )) {
$curUser -> setUserpic ( $user_id );
}
if ( ! ( $_FILES [ 'files' ][ 'size' ] == 0 && $_FILES [ 'files' ][ 'error' ] == 0 )) {
$curUser -> uploadFiles ( $user_id );
}
$f1 = file ( " https://joywork.ru/template_mail/setpassword.html " );
$text = implode ( " " , $f1 );
$text = str_replace ( " <%login%> " , $post [ 'phone' ], $text );
$text = str_replace ( " <%pass%> " , $pwd , $text );
2026-07-06 12:54:07 +02:00
// mailClientFromJoywork($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text);
if ( isset ( $post [ 'advert_budget_total' ]) || isset ( $post [ 'advert_budget_personal' ])) {
$advert_budget_total = 0 ;
if ( isset ( $post [ 'advert_budget_total' ]))
$advert_budget_total = ( double ) $post [ 'advert_budget_total' ];
$advert_budget_personal = 0 ;
if ( isset ( $post [ 'advert_budget_personal' ]))
$advert_budget_personal = $post [ 'advert_budget_personal' ];
$advert_budget_avito = 0 ;
if ( isset ( $post [ 'advert_budget_avito' ]))
$advert_budget_avito = ( double ) $post [ 'advert_budget_avito' ];
$advert_budget_cian = 0 ;
if ( isset ( $post [ 'advert_budget_cian' ]))
$advert_budget_cian = ( double ) $post [ 'advert_budget_cian' ];
$advert_budget_domclick = 0 ;
if ( isset ( $post [ 'advert_budget_domclick' ]))
$advert_budget_domclick = ( double ) $post [ 'advert_budget_domclick' ];
$advert_budget_jcat = 0 ;
if ( isset ( $post [ 'advert_budget_jcat' ]))
$advert_budget_jcat = ( double ) $post [ 'advert_budget_jcat' ];
$advert_budget_yandex = 0 ;
if ( isset ( $post [ 'advert_budget_yandex' ]))
$advert_budget_yandex = ( double ) $post [ 'advert_budget_yandex' ];
$advert_budget_avito_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_avito_unlimited' ]))
$advert_budget_avito_unlimited = ( int ) $post [ 'advert_budget_avito_unlimited' ];
$advert_budget_cian_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_cian_unlimited' ]))
$advert_budget_cian_unlimited = ( int ) $post [ 'advert_budget_cian_unlimited' ];
$advert_budget_domclick_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_domclick_unlimited' ]))
$advert_budget_domclick_unlimited = ( int ) $post [ 'advert_budget_domclick_unlimited' ];
$advert_budget_jcat_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_jcat_unlimited' ]))
$advert_budget_jcat_unlimited = ( int ) $post [ 'advert_budget_jcat_unlimited' ];
$advert_budget_yandex_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_yandex_unlimited' ]))
$advert_budget_yandex_unlimited = ( int ) $post [ 'advert_budget_yandex_unlimited' ];
$advert_budgets = new AdvertBudgets ();
$advert_budgets -> setAdvertBudget ([
'user_id' => $user_id ,
'total' => $advert_budget_total ,
'personal' => $advert_budget_personal ,
'avito' => $advert_budget_avito ,
'avito_unlimited' => $advert_budget_avito_unlimited ,
'cian' => $advert_budget_cian ,
'cian_unlimited' => $advert_budget_cian_unlimited ,
'domclick' => $advert_budget_domclick ,
'domclick_unlimited' => $advert_budget_domclick_unlimited ,
'jcat' => $advert_budget_jcat ,
'jcat_unlimited' => $advert_budget_jcat_unlimited ,
'yandex' => $advert_budget_yandex ,
'yandex_unlimited' => $advert_budget_yandex_unlimited ,
]);
}
$dataWhook = array ( 'action' => 'employee_create' , 'employee_id' => $user_id , 'section' => 'employee' , 'user_id' => $_SESSION [ 'id' ], 'agency_id' => $sql_company_id );
$w_in = new WebHookIn ( null , $sql_company_id );
$w_in -> check_send ( $dataWhook );
2026-05-22 20:21:54 +02:00
} else $msg_user = mysql_error () . " Произошла ошибка при добавлении пользователя! " ;
} else $msg_user = " Агент с таким номером телефона уже существует! " ;
} else $msg_user = " Н е указан номер телефона!" ;
} else $msg_user = " Н е указан E-Mail!" ;
return $msg_user ;
}
2026-07-06 12:54:07 +02:00
public function edit_agent_password ( $post )
{
if ( isset ( $post [ 'new_password' ]) && ! empty ( trim ( $post [ 'new_password' ]))){
$pwd = trim ( $post [ 'new_password' ]);
$pwd_enc = md5 ( $pwd . SALT );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$user_id = $post [ 'user_id' ];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " UPDATE users SET pwd = ' { $pwd_enc } ', is_pwd=1 WHERE id = $user_id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return [ " success " => true ];
}
}
2026-05-22 20:21:54 +02:00
public function edit_agent_budget ( $post ) {
$user_id = ( int ) $post [ 'ok_agent_id' ];
$msg_user = '' ;
if ( isset ( $post [ 'advert_budget_total' ]) || isset ( $post [ 'advert_budget_personal' ])) {
$advert_budget_total = 0 ;
if ( isset ( $post [ 'advert_budget_total' ]))
$advert_budget_total = ( double ) $post [ 'advert_budget_total' ];
$advert_budget_personal = 0 ;
if ( isset ( $post [ 'advert_budget_personal' ]))
$advert_budget_personal = $post [ 'advert_budget_personal' ];
$advert_budget_avito = 0 ;
if ( isset ( $post [ 'advert_budget_avito' ]))
$advert_budget_avito = ( double ) $post [ 'advert_budget_avito' ];
$advert_budget_cian = 0 ;
if ( isset ( $post [ 'advert_budget_cian' ]))
$advert_budget_cian = ( double ) $post [ 'advert_budget_cian' ];
$advert_budget_domclick = 0 ;
if ( isset ( $post [ 'advert_budget_domclick' ]))
$advert_budget_domclick = ( double ) $post [ 'advert_budget_domclick' ];
$advert_budget_jcat = 0 ;
if ( isset ( $post [ 'advert_budget_jcat' ]))
$advert_budget_jcat = ( double ) $post [ 'advert_budget_jcat' ];
$advert_budget_yandex = 0 ;
if ( isset ( $post [ 'advert_budget_yandex' ]))
$advert_budget_yandex = ( double ) $post [ 'advert_budget_yandex' ];
$advert_budget_avito_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_avito_unlimited' ]))
$advert_budget_avito_unlimited = ( int ) $post [ 'advert_budget_avito_unlimited' ];
$advert_budget_cian_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_cian_unlimited' ]))
$advert_budget_cian_unlimited = ( int ) $post [ 'advert_budget_cian_unlimited' ];
$advert_budget_domclick_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_domclick_unlimited' ]))
$advert_budget_domclick_unlimited = ( int ) $post [ 'advert_budget_domclick_unlimited' ];
$advert_budget_jcat_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_jcat_unlimited' ]))
$advert_budget_jcat_unlimited = ( int ) $post [ 'advert_budget_jcat_unlimited' ];
$advert_budget_yandex_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_yandex_unlimited' ]))
$advert_budget_yandex_unlimited = ( int ) $post [ 'advert_budget_yandex_unlimited' ];
$advert_do_not_reinit_monthly = 0 ;
if ( isset ( $post [ 'do_not_reinit_monthly' ]))
$advert_do_not_reinit_monthly = ( int ) $post [ 'do_not_reinit_monthly' ];
$advert_budgets_inst = new AdvertBudgets ();
$advert_budget = $advert_budgets_inst -> setAdvertBudget ([
'user_id' => $user_id ,
'total' => $advert_budget_total ,
'personal' => $advert_budget_personal ,
'avito' => $advert_budget_avito ,
'avito_unlimited' => $advert_budget_avito_unlimited ,
'cian' => $advert_budget_cian ,
'cian_unlimited' => $advert_budget_cian_unlimited ,
'domclick' => $advert_budget_domclick ,
'domclick_unlimited' => $advert_budget_domclick_unlimited ,
'jcat' => $advert_budget_jcat ,
'jcat_unlimited' => $advert_budget_jcat_unlimited ,
'yandex' => $advert_budget_yandex ,
'yandex_unlimited' => $advert_budget_yandex_unlimited ,
'do_not_reinit_monthly' => $advert_do_not_reinit_monthly ,
]);
$data = [
'id' => $user_id
];
if ( ! is_null ( $advert_budget )) {
if ( $advert_budget [ 'success' ] == true ) {
$data [ 'advert_budget' ] = [
'total' => $advert_budget [ 'total' ],
'amount' => $advert_budget [ 'amount' ],
'balance' => $advert_budget [ 'balance' ],
];
} else {
$msg_user = implode ( '<br/>' , $advert_budget [ 'errors' ]);
}
}
if ( empty ( $msg_user )) {
return $data ;
}
}
return [ 'error' => $msg_user ];
}
2026-07-06 12:54:07 +02:00
public function edit_agent ( $post ) {
$msg_user = '' ;
if ( ! empty ( $post [ 'email' ])) {
if ( ! empty ( $post [ 'phone' ])) {
if ( ! empty ( $post [ 'last_name' ])) {
if ( ! empty ( $post [ 'first_name' ])) {
$sql = " SELECT * FROM users WHERE phone=' $post[phone] ' AND id != $post[ok_agent_id] " ;
$rez = mysql_query ( $sql );
if ( mysql_num_rows ( $rez ) == 0 ) {
if ( isset ( $post [ 'is_dispatcher' ]) && $post [ 'is_dispatcher' ] == 1 ) {
$vpbx_id = $post [ 'phone' ];
$is_dis = 1 ;
} else {
$is_dis = 0 ;
if ( ! empty ( $post [ 'vpbx_id' ])) {
$vpbx_id = $post [ 'vpbx_id' ];
} else {
$vpbx_id = " " ;
}
}
if ( isset ( $post [ 'pass-edit' ]) && ! empty ( trim ( $post [ 'pass-edit' ]))){
$pwd = trim ( $post [ 'pass-edit' ]);
$pwd_enc = md5 ( $pwd . SALT );
}
$advert_budget = null ;
$user_id = ( int ) $post [ 'ok_agent_id' ];
$birthday = " " ;
if ( ! empty ( $post [ 'birthday' ]))
$birthday = date ( " Y-m-d H:i:s " , strtotime ( $post [ 'birthday' ]));
$gmtmsk = 0 ;
if ( isset ( $post [ 'utc-edit' ])){
$gmtmsk = $post [ 'utc-edit' ] - 3 ;
}
$agency_id = self :: getUserAgencyID ( $_SESSION [ 'id' ]);
$webHookIn = new WebHookIn ( null , $agency_id );
$is_send_webhook = $webHookIn -> check_hook ( 'employee_update' , 'employee' );
if ( $is_send_webhook ){
$webHookIn -> save_temp_employee ( $user_id );
}
$sql = " UPDATE users
2026-05-22 20:21:54 +02:00
SET email = '$post[email]' ,
phone = '$post[phone]' ,
agency_name = '$post[agency_name]' ,
last_name = '$post[last_name]' ,
first_name = '$post[first_name]' ,
middle_name = '$post[middle_name]' ,
phone2 = '$post[phone2_user]' ,
users_admin = '$post[is_two_admin]' ,
is_dispatcher = $is_dis ,
vpbx_id = '$vpbx_id' ,
birthday = '$birthday' ,
gmtmsk = '$gmtmsk' " ;
2026-07-06 12:54:07 +02:00
if ( isset ( $pwd_enc )) {
$sql .= " , pwd = ' { $pwd_enc } ', is_pwd=1 " ;
}
$sql .= " WHERE id = $user_id " ;
if ( mysql_query ( $sql )) {
if ( $is_send_webhook ){
$dataWhook = array ( 'action' => 'employee_update' , 'employee_id' => $user_id , 'section' => 'employee' , 'user_id' => $_SESSION [ 'id' ], 'agency_id' => $agency_id );
$webHookIn -> check_send ( $dataWhook );
}
$this -> edit_api_ids ( $post , $user_id );
$sqlNewObjUser = " SELECT * FROM users WHERE id= $user_id " ;
$rezNewObjUser = mysql_query ( $sqlNewObjUser );
$newObjUser = mysql_fetch_assoc ( $rezNewObjUser );
$phone = $post [ 'phone' ];
$num_search = User :: num_search ( $post [ 'phone' ]);
$sobstv = trim ( $post [ 'last_name' ] . ' ' . $post [ 'first_name' ] . ' ' . $post [ 'middle_name' ]);
if ( $newObjUser [ 'agency' ] == 0 ) {
$sql = " SELECT * FROM users WHERE id= $newObjUser[id_manager] " ;
$rez = mysql_query ( $sql );
$manager = mysql_fetch_assoc ( $rez );
if ( $manager [ 'id_manager' ]) {
$agency = mysql_fetch_assoc ( mysql_query ( " SELECT * FROM users WHERE id= $manager[id_manager] " ));
} else {
$agency = $manager ;
}
if ( $agency ) {
$sobstv = $sobstv . " , агентство " . $agency [ 'agency_name' ];
}
}
//обновляем объекты пользователя
$sql = " UPDATE objects SET is_main = 0, phone = ' $phone ', phone_search = ' $num_search ', sobstv = ' $sobstv ' WHERE id_add_user= $user_id " ;
mysql_query ( $sql );
$this -> agency_name = $post [ 'agency_name' ];
$this -> last_name = $post [ 'last_name' ];
$this -> first_name = $post [ 'first_name' ];
$this -> middle_name = $post [ 'middle_name' ];
$this -> phone = $post [ 'phone' ];
$this -> email = $post [ 'email' ];
$this -> birthday = $birthday ;
$passport_date = " NULL " ;
if ( ! empty ( $post [ 'passport_date' ]))
$passport_date = date ( " Y-m-d H:i:s " , strtotime ( $post [ 'passport_date' ]));
$wa_enabled = ( int ) $post [ 'wa_enabled' ];
$sql1 = " SELECT count(id) FROM `users_info` WHERE user_id = $user_id " ;
$rez = mysql_query ( $sql1 );
if ( mysql_result ( $rez , 0 )) {
$sql2 = " UPDATE `users_info`
2026-05-22 20:21:54 +02:00
SET passport_serial = '$post[passport_serial]' ,
passport_number = '$post[passport_number]' ,
passport_date = '$passport_date' ,
passport_emited = '$post[passport_emited]' ,
passport_adress = '$post[passport_adress]' ,
adress_postal = '$post[adress_postal]' ,
soc_vk = '$post[soc_vk]' ,
soc_tg = '$post[soc_tg]' ,
soc_fb = '$post[soc_fb]' ,
soc_inst = '$post[soc_inst]' ,
soc_tw = '$post[soc_tw]' ,
soc_wa = '$post[soc_wa]' ,
wa_enabled = '$wa_enabled'
WHERE user_id = $user_id " ;
2026-07-06 12:54:07 +02:00
} else {
$sql2 = " INSERT INTO `users_info` (
2026-05-22 20:21:54 +02:00
user_id ,
passport_serial ,
passport_number ,
passport_date ,
passport_emited ,
passport_adress ,
adress_postal ,
soc_vk ,
soc_tg ,
soc_fb ,
soc_inst ,
soc_tw ,
soc_wa ,
wa_enabled
) VALUES (
'$user_id' ,
'$post[passport_serial]' ,
'$post[passport_number]' ,
'$passport_date' ,
'$post[passport_emited]' ,
'$post[passport_adress]' ,
'$post[adress_postal]' ,
'$post[soc_vk]' ,
'$post[soc_tg]' ,
'$post[soc_fb]' ,
'$post[soc_inst]' ,
'$post[soc_tw]' ,
'$post[soc_wa]' ,
'$wa_enabled'
) " ;
2026-07-06 12:54:07 +02:00
}
mysql_query ( $sql2 );
if ( ! ( $_FILES [ 'avatar' ][ 'size' ] == 0 && $_FILES [ 'avatar' ][ 'error' ] == 0 )) {
if ( $user_logo = $this -> setUserpic ( $user_id ))
if ( $user_logo ) {
$this -> user_logo = $this -> _serverUserpicPath . '/' . $user_logo ;
}
} else {
$user_logo = mysql_fetch_assoc ( mysql_query ( " SELECT user_logo FROM users WHERE id= $user_id " ))[ 'user_logo' ];
if ( $user_logo ) {
$this -> user_logo = $this -> _serverUserpicPath . '/' . $user_logo ;
}
}
if ( ! ( $_FILES [ 'files' ][ 'size' ] == 0 && $_FILES [ 'files' ][ 'error' ] == 0 )) {
if ( $files = $this -> uploadFiles ( $user_id )) {
$this -> files = $files ;
}
}
if ( isset ( $post [ 'pass-edit' ]) && ! empty ( trim ( $post [ 'pass-edit' ]))){
$pwd = trim ( $post [ 'pass-edit' ]);
$pwd_enc = md5 ( $pwd . SALT );
}
//отключаем, так как по отдельной кнопке обновляем
/* if ( isset ( $post [ 'advert_budget_total' ]) || isset ( $post [ 'advert_budget_personal' ])) {
$advert_budget_total = 0 ;
if ( isset ( $post [ 'advert_budget_total' ]))
$advert_budget_total = ( double ) $post [ 'advert_budget_total' ];
$advert_budget_personal = 0 ;
if ( isset ( $post [ 'advert_budget_personal' ]))
$advert_budget_personal = $post [ 'advert_budget_personal' ];
$advert_budget_avito = 0 ;
if ( isset ( $post [ 'advert_budget_avito' ]))
$advert_budget_avito = ( double ) $post [ 'advert_budget_avito' ];
$advert_budget_cian = 0 ;
if ( isset ( $post [ 'advert_budget_cian' ]))
$advert_budget_cian = ( double ) $post [ 'advert_budget_cian' ];
$advert_budget_domclick = 0 ;
if ( isset ( $post [ 'advert_budget_domclick' ]))
$advert_budget_domclick = ( double ) $post [ 'advert_budget_domclick' ];
$advert_budget_jcat = 0 ;
if ( isset ( $post [ 'advert_budget_jcat' ]))
$advert_budget_jcat = ( double ) $post [ 'advert_budget_jcat' ];
$advert_budget_yandex = 0 ;
if ( isset ( $post [ 'advert_budget_yandex' ]))
$advert_budget_yandex = ( double ) $post [ 'advert_budget_yandex' ];
$advert_budget_avito_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_avito_unlimited' ]))
$advert_budget_avito_unlimited = ( int ) $post [ 'advert_budget_avito_unlimited' ];
$advert_budget_cian_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_cian_unlimited' ]))
$advert_budget_cian_unlimited = ( int ) $post [ 'advert_budget_cian_unlimited' ];
$advert_budget_domclick_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_domclick_unlimited' ]))
$advert_budget_domclick_unlimited = ( int ) $post [ 'advert_budget_domclick_unlimited' ];
$advert_budget_jcat_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_jcat_unlimited' ]))
$advert_budget_jcat_unlimited = ( int ) $post [ 'advert_budget_jcat_unlimited' ];
$advert_budget_yandex_unlimited = 0 ;
if ( isset ( $post [ 'advert_budget_yandex_unlimited' ]))
$advert_budget_yandex_unlimited = ( int ) $post [ 'advert_budget_yandex_unlimited' ];
2026-05-22 20:21:54 +02:00
$advert_do_not_reinit_monthly = 0 ;
if ( isset ( $post [ 'do_not_reinit_monthly' ]))
$advert_do_not_reinit_monthly = ( int ) $post [ 'do_not_reinit_monthly' ];
2026-07-06 12:54:07 +02:00
$advert_budgets_inst = new AdvertBudgets ();
$advert_budget = $advert_budgets_inst -> setAdvertBudget ([
'user_id' => $user_id ,
'total' => $advert_budget_total ,
'personal' => $advert_budget_personal ,
'avito' => $advert_budget_avito ,
'avito_unlimited' => $advert_budget_avito_unlimited ,
'cian' => $advert_budget_cian ,
'cian_unlimited' => $advert_budget_cian_unlimited ,
'domclick' => $advert_budget_domclick ,
'domclick_unlimited' => $advert_budget_domclick_unlimited ,
'jcat' => $advert_budget_jcat ,
'jcat_unlimited' => $advert_budget_jcat_unlimited ,
'yandex' => $advert_budget_yandex ,
'yandex_unlimited' => $advert_budget_yandex_unlimited ,
'do_not_reinit_monthly' => $advert_do_not_reinit_monthly ,
]);
} */
2026-05-22 20:21:54 +02:00
if ( ! isset ( $post [ " on_any_ip " ])) {
$post [ " on_any_ip " ] = 0 ;
}
if ( ! isset ( $post [ " on_hide_client_contacts " ])) {
$post [ " on_hide_client_contacts " ] = 0 ;
}
2026-07-06 12:54:07 +02:00
//Update permissions
2026-05-22 20:21:54 +02:00
$sql_check_perm = " SELECT count(id) FROM `user_permissions` WHERE user_id = $user_id " ;
$rez_check_perm = mysql_query ( $sql_check_perm );
if ( mysql_result ( $rez_check_perm , 0 )) {
$sql_update_permissions = " UPDATE user_permissions SET menu_office = ' $post[on_office] ',
menu_complexes = '$post[on_complexes]' ,
menu_search = '$post[on_search]' ,
menu_objects = '$post[on_objects]' ,
menu_all_objects = '$post[on_objects_all]' ,
menu_all_objects_edit = '$post[on_objects_all_edit]' ,
menu_ads = '$post[on_ads]' ,
menu_clients = '$post[on_clients]' ,
menu_all_clients = '$post[on_clients_all]' ,
menu_all_clients_edit = '$post[on_clients_all_edit]' ,
menu_all_clients_export = '$post[on_clients_all_export]' ,
menu_submissions = '$post[on_submissions]' ,
menu_all_submissions = '$post[on_submissions_all]' ,
menu_all_submissions_edit = '$post[on_submissions_all_edit]' ,
menu_all_submissions_export = '$post[on_submissions_all_export]' ,
menu_docs = '$post[on_docs]' ,
menu_settings = '$post[on_settings]' ,
menu_can_transfer_to_common = '$post[on_can_transfer_to_common]' ,
menu_can_take_from_closed = '$post[on_can_take_from_closed]' ,
daily_closed_req_limit = '$post[on_daily_closed_req_limit]' ,
menu_can_transfer_closed_to_others = '$post[on_can_transfer_closed_to_others]' ,
daily_closed_transfer_limit = '$post[on_daily_closed_transfer_limit]' ,
cannot_create_req_manually = '$post[on_cannot_create_req_manually]' ,
search_company_objects_only = '$post[on_search_company_objects_only]' ,
allow_any_ip = '$post[on_any_ip]' ,
hide_client_contacts = '$post[on_hide_client_contacts]'
WHERE user_id = $user_id " ;
} else {
$sql_update_permissions = " INSERT INTO `user_permissions` (
user_id ,
menu_office ,
menu_complexes ,
menu_search ,
menu_objects ,
menu_all_objects ,
menu_all_objects_edit ,
menu_ads ,
menu_clients ,
menu_all_clients ,
menu_all_clients_edit ,
menu_all_clients_export ,
menu_submissions ,
menu_all_submissions ,
menu_all_submissions_edit ,
menu_all_submissions_export ,
menu_docs ,
menu_settings ,
menu_can_transfer_to_common ,
menu_can_take_from_closed ,
daily_closed_req_limit ,
menu_can_transfer_closed_to_others ,
daily_closed_transfer_limit ,
cannot_create_req_manually ,
search_company_objects_only ,
allow_any_ip ,
hide_client_contacts
) VALUES (
'$user_id' ,
'$post[on_office]' ,
'$post[on_complexes]' ,
'$post[on_search]' ,
'$post[on_objects]' ,
'$post[on_objects_all]' ,
'$post[on_objects_all_edit]' ,
'$post[on_ads]' ,
'$post[on_clients]' ,
'$post[on_clients_all]' ,
'$post[on_clients_all_edit]' ,
'$post[on_clients_all_export]' ,
'$post[on_submissions]' ,
'$post[on_submissions_all]' ,
'$post[on_submissions_all_edit]' ,
'$post[on_submissions_all_export]' ,
'$post[on_docs]' ,
'$post[on_settings]' ,
'$post[on_can_transfer_to_common]' ,
'$post[on_menu_can_take_from_closed]' ,
'$post[on_daily_closed_req_limit]' ,
'$post[on_menu_can_transfer_closed_to_others]' ,
'$post[on_daily_closed_transfer_limit]' ,
'$post[on_cannot_create_req_manually]' ,
'$post[on_search_company_objects_only]' ,
'$post[on_any_ip]' ,
'$post[on_hide_client_contacts]'
) " ;
}
2026-07-06 12:54:07 +02:00
// echo($sql_update_permissions);die;
2026-05-22 20:21:54 +02:00
mysql_query ( $sql_update_permissions );
2026-07-06 12:54:07 +02:00
$data = [
'id' => $user_id ,
'agency_name' => $this -> agency_name ,
'last_name' => $this -> last_name ,
'first_name' => $this -> first_name ,
'middle_name' => $this -> middle_name ,
'phone' => $this -> phone ,
'email' => $this -> email ,
'user_logo' => $this -> user_logo ,
'passport_date' => $passport_date ,
];
if ( ! is_null ( $advert_budget )) {
if ( $advert_budget [ 'success' ] == true ) {
$data [ 'advert_budget' ] = [
'total' => $advert_budget [ 'total' ],
'amount' => $advert_budget [ 'amount' ],
'balance' => $advert_budget [ 'balance' ],
];
} else {
$msg_user = implode ( '<br/>' , $advert_budget [ 'errors' ]);
}
}
if ( empty ( $msg_user )) {
return $data ;
}
} else $msg_user = " Произошла ошибка при сохранении пользователя.! " ;
} else $msg_user = " Агент с таким номером телефона уже существует! " ;
} else $msg_user = " Н е указано Имя пользователя!" ;
} else $msg_user = " Н е указана Фамилия пользователя!" ;
} else $msg_user = " Н е указан номер телефона!" ;
} else $msg_user = " Н е указан E-Mail!" ;
return [ 'error' => $msg_user ];
}
public static function getAllAgencyUsers ( $agencyId = false ) {
$agentIds = [];
if ( isset ( $_SESSION [ 'id' ]))
$agentIds [] = $_SESSION [ 'id' ];
if ( $agencyId ) {
$agentIds [] = $agencyId ;
$agentsOfAgency = self :: getAllAgents ( $agencyId );
foreach ( $agentsOfAgency as $agent ) {
if ( ! in_array ( $agent [ 'id' ], $agentIds )) {
$agentIds [] = $agent [ 'id' ];
}
}
$agentsOfManager = self :: getAllManagers ( $agencyId );
foreach ( $agentsOfManager as $agent ) {
if ( ! in_array ( $agent [ 'id' ], $agentIds )) {
$agentIds [] = $agent [ 'id' ];
}
}
}
return array_unique ( $agentIds );
}
2026-05-22 20:21:54 +02:00
public static function getAgencyIdForUser ( $userId ) {
return self :: getUserAgencyID ( $userId );
}
public static function getUserAgencyID ( $user_id = null ) {
if ( is_null ( $user_id ) && isset ( $_SESSION [ 'id' ]))
$user_id = $_SESSION [ 'id' ];
if ( ! $user_id )
return false ;
$agency_id = false ;
$sql = " SELECT * FROM `users` WHERE `id` = ' $user_id ' " ;
$res = mysql_query ( $sql );
$user = mysql_fetch_assoc ( $res );
if ( $user [ 'agency' ]) {
$agency_id = intval ( $user [ 'id' ]);
} else if ( $user [ 'id_manager' ]) {
$id_manager = $user [ 'id_manager' ];
$agency = mysql_fetch_assoc ( mysql_query ( " SELECT id, id_manager, agency FROM `users` WHERE `id`=' $id_manager ' " ));
if ( $agency [ 'agency' ]) {
$agency_id = intval ( $agency [ 'id' ]);
} else {
if ( $agency [ 'id_manager' ]) {
2026-07-06 12:54:07 +02:00
$agency2 = mysql_fetch_assoc ( mysql_query ( " SELECT * FROM users WHERE id= $agency[id_manager] " ));
if ( $agency2 [ 'id_manager' ])
$agency_id = intval ( $agency2 [ 'id_manager' ]);
else
$agency_id = intval ( $agency [ 'id_manager' ]);
}
2026-05-22 20:21:54 +02:00
else if ( $user [ 'id_manager' ])
$agency_id = intval ( $user [ 'id_manager' ]);
else
$agency_id = intval ( $user [ 'id' ]);
}
} else if ( isset ( $_SESSION [ 'id' ])) {
2026-07-06 12:54:07 +02:00
$agency_id = intval ( $_SESSION [ 'id' ]);
2026-05-22 20:21:54 +02:00
}
return $agency_id ;
}
2026-07-06 12:54:07 +02:00
public static function getAllAgency ( $agent = false , $block = false , $active = false , $from = 0 , $to = 1000 ){
if ( $agent ) {
if ( $block ) {
$usl = " agent=1 AND agency=0 AND id_manager=0 AND blocked = 1 " ;
} else {
$usl = " agent=1 AND agency=0 AND id_manager=0 AND blocked = 0 " ;
}
} else {
if ( $block ) {
$usl = " agency=1 AND blocked = 1 " ;
} else {
$usl = " agency=1 AND blocked = 0 " ;
}
}
if ( $active ) {
$usl = $usl . " AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY) " ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from , $to " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( isset ( $_GET [ 'dev' ])) {
echo $sql ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agency = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $ag = mysql_fetch_assoc ( $rez ))
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $ag [ 'id_tarif' ]) {
$ag [ 'tarif' ] = mysql_result ( mysql_query ( " SELECT nazv FROM tariffs WHERE id= $ag[id_tarif] " ), 0 );
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
else $ag [ 'tarif' ] = " " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agency [] = $ag ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $agency ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function getAllDeveloper ( $block = false , $active = false , $from = 0 , $to = 1000 ){
$usl = " role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 " ;
if ( $block ) {
$usl = " role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 1 " ;
} else {
$usl = " role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 0 " ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $active ) {
$usl = $usl . " AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY) " ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from , $to " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( isset ( $_GET [ 'dev' ]))
{
echo $sql ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$developers = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $dev = mysql_fetch_assoc ( $rez ))
{
if ( $id_tarif = $dev [ 'id_tarif' ])
{
$dev [ 'tarif' ] = mysql_result ( mysql_query ( " SELECT nazv FROM tariffs WHERE id = $id_tarif " ), 0 );
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
else $dev [ 'tarif' ] = " " ;
$developers [] = $dev ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $developers ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function countAllAgency ( $agent = false , $block = false , $active = false ){
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $agent ) {
if ( $block ) {
$usl = " agent=1 AND agency=0 AND id_manager=0 AND blocked = 1 " ;
} else {
$usl = " agent=1 AND agency=0 AND id_manager=0 AND blocked = 0 " ;
}
} else {
if ( $block ) {
$usl = " agency=1 AND blocked = 1 " ;
} else {
$usl = " agency=1 AND blocked = 0 " ;
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $active ) {
$usl = $usl . " AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY) " ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( isset ( $_GET [ 'dev' ])) {
echo $sql ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return mysql_result ( $rez , 0 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function searchUsers ( $agent = false , $from = 0 , $to = 1000 ){
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$usl = " 1 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_GET [ 'search' ]) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$usl .= " AND (LCASE(agency_name) LIKE '% $_GET[search] %' OR LCASE(first_name) LIKE '% $_GET[search] %' OR LCASE(last_name) LIKE '% $_GET[search] %' OR LCASE(middle_name) LIKE '% $_GET[search] %' OR LCASE(phone) LIKE '% $_GET[search] %' OR LCASE(email) LIKE '% $_GET[search] %') " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from , $to " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( isset ( $_GET [ 'dev' ])) {
echo $sql ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agency = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $ag = mysql_fetch_assoc ( $rez ))
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $ag [ id_tarif ]) $ag [ 'tarif' ] = mysql_result ( mysql_query ( " SELECT nazv FROM tariffs WHERE id= $ag[id_tarif] " ), 0 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
else $ag [ 'tarif' ] = " " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agency [] = $ag ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $agency ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function countUsers ( $agent = false ){
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$usl = " 1 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_GET [ 'search' ]) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$usl .= " AND (LCASE(agency_name) LIKE '% $_GET[search] %' OR LCASE(first_name) LIKE '% $_GET[search] %' OR LCASE(last_name) LIKE '% $_GET[search] %' OR LCASE(middle_name) LIKE '% $_GET[search] %' OR LCASE(phone) LIKE '% $_GET[search] %' OR LCASE(email) LIKE '% $_GET[search] %') " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( isset ( $_GET [ 'dev' ])) {
echo $sql ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return mysql_result ( $rez , 0 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function getCountAgency ( $agent = false , $block = false , $active = false ){
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $agent ) {
$usl = " agent=1 AND agency=0 AND role_developer=0 AND id_manager=0 " ;
if ( $block ) {
$usl = $usl . " AND blocked = 1 " ;
} else {
$usl = $usl . " AND blocked = 0 " ;
}
} else {
$usl = " agency=1 AND role_developer=0 " ;
if ( $block ) {
$usl = $usl . " AND blocked = 1 " ;
} else {
$usl = $usl . " AND blocked = 0 " ;
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $active ) {
$usl = $usl . " AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY) " ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT COUNT(*) FROM users WHERE $usl " ;
if ( isset ( $_GET [ 'dev' ])) {
echo $sql ;
}
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return mysql_result ( $rez , 0 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function getCountDeveloper ( $block = false , $active = false )
{
$usl = " role_developer = 1 AND agent = 0 AND agency = 0 AND id_manager = 0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $block )
{
$usl = $usl . " AND blocked = 1 " ;
}
else
{
$usl = $usl . " AND blocked = 0 " ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $active )
{
$usl = $usl . " AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY) " ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT COUNT(*) FROM users WHERE $usl " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( isset ( $_GET [ 'dev' ]))
{
echo $sql ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return mysql_result ( $rez , 0 );
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function countAllAdmins ( $id , $only_active = false ) {
$sql = " SELECT count(*) FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $only_active )
$sql .= " AND users.blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$res = mysql_query ( $sql );
return mysql_result ( $res , 0 );
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function getAllAdmins ( $id , $only_active = false ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $id )
return [];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $only_active )
$sql .= " AND users.blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$res = mysql_query ( $sql );
$admins = [];
while ( $admin = mysql_fetch_assoc ( $res )) {
$admins [] = $admin ;
}
return $admins ;
}
2026-05-22 20:21:54 +02:00
public static function countAllManagers ( $id , $only_active = false ) {
$total = 0 ;
$sql = " SELECT id, manager FROM users WHERE manager=1 AND id_manager= $id AND blocked=0 " ;
if ( $only_active )
$sql .= " AND users.blocked=0 " ;
$rez = mysql_query ( $sql );
$total = mysql_num_rows ( $rez );
while ( $res = mysql_fetch_assoc ( $rez )){
if ( $res [ 'manager' ] == 1 ){
$sql_m = " SELECT count(*) FROM users WHERE manager=1 AND id_manager= $res[id] AND blocked=0 " ;
$rez_m = mysql_query ( $sql_m );
$total += mysql_result ( $rez_m , 0 );
}
}
return $total ;
}
2026-07-06 12:54:07 +02:00
public static function getAllManagers ( $id , $only_active = true ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $id )
return [];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM users WHERE manager=1 AND id_manager= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $only_active )
$sql .= " AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$managers = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $manager = mysql_fetch_assoc ( $rez )) {
$managers [] = $manager ;
2026-05-22 20:21:54 +02:00
$sql3 = " SELECT * FROM users WHERE manager=1 AND id_manager= $manager[id] " ;
if ( $only_active )
$sql3 .= " AND blocked=0 " ;
$rez3 = mysql_query ( $sql3 );
while ( $agent3 = mysql_fetch_assoc ( $rez3 )) {
$managers [] = $agent3 ;
}
}
// Удаляем дублирующиеся записи по 'id'
$managers = array_unique ( $managers , SORT_REGULAR );
2026-07-06 12:54:07 +02:00
return $managers ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function countAllAgents ( $id , $only_active = false ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $id )
return [];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT id, manager FROM users WHERE manager=1 AND id_manager= $id AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $only_active )
$sql .= " AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agentsCount = 0 ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $agent = mysql_fetch_assoc ( $rez ))
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql2 = " SELECT count(*) FROM users WHERE manager=0 AND id_manager= $agent[id] AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez2 = mysql_query ( $sql2 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agentsCount = $agentsCount + ( int ) mysql_result ( $rez2 , 0 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql2 = " SELECT count(*) FROM users WHERE manager=0 AND id_manager= $id AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez2 = mysql_query ( $sql2 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agentsCount = $agentsCount + ( int ) mysql_result ( $rez2 , 0 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $agentsCount ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public static function getAllAgents ( $id , $only_active = false ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $id )
return [];
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql = " SELECT * FROM users WHERE manager=1 AND id_manager= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $only_active )
$sql .= " AND blocked=0 " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez = mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agents = array ();
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $agent = mysql_fetch_assoc ( $rez ))
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
{
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql2 = " SELECT * FROM users WHERE manager=0 AND id_manager= $agent[id] " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez2 = mysql_query ( $sql2 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $agent2 = mysql_fetch_assoc ( $rez2 )) $agents [] = $agent2 ;
2026-05-22 20:21:54 +02:00
$sql3 = " SELECT * FROM users WHERE manager=1 AND id_manager= $agent[id] " ;
$rez3 = mysql_query ( $sql3 );
while ( $agent3 = mysql_fetch_assoc ( $rez3 )) {
$sql4 = " SELECT * FROM users WHERE manager=0 AND id_manager= $agent3[id] " ;
$rez4 = mysql_query ( $sql4 );
while ( $agent4 = mysql_fetch_assoc ( $rez4 )) $agents [] = $agent4 ;
}
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql2 = " SELECT * FROM users WHERE manager=0 AND id_manager= $id " ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$rez2 = mysql_query ( $sql2 );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
while ( $agent2 = mysql_fetch_assoc ( $rez2 )) $agents [] = $agent2 ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $agents ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
public function changeTarif () {
$sql = " UPDATE users SET id_tarif=' $_GET[id_tarif] ', date_tarif=NOW() WHERE id= $_GET[id_user] " ;
mysql_query ( $sql );
}
2026-05-22 20:21:54 +02:00
/**
* @ return array
*/
2026-07-06 12:54:07 +02:00
public function getFilesList ( $user_id = null ) {
if ( ! is_null ( $user_id )) {
$sql = " SELECT *
2026-05-22 20:21:54 +02:00
FROM `users_files` AS files
WHERE files . user_id = " . trim( $user_id );
2026-07-06 12:54:07 +02:00
$files = [];
$res = mysql_query ( $sql );
if ( mysql_num_rows ( $res )) {
while ( $file = mysql_fetch_assoc ( $res )) {
$files [] = $file ;
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return $files ;
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return [];
}
2026-05-22 20:21:54 +02:00
/**
* @ return array
*/
2026-07-06 12:54:07 +02:00
public function getFile ( $file_id = null ) {
if ( ! is_null ( $file_id )) {
$sql = " SELECT *
2026-05-22 20:21:54 +02:00
FROM `users_files` AS files
WHERE files . id = " . trim( $file_id ) . " LIMIT 1 " ;
2026-07-06 12:54:07 +02:00
$res = mysql_query ( $sql );
return mysql_fetch_assoc ( $res );
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return [];
}
2026-05-22 20:21:54 +02:00
/**
* @ param null $file_id
* @ return bool
*/
2026-07-06 12:54:07 +02:00
public function deleteFile ( $file_id = null ) {
if ( ! is_null ( $file_id )) {
if ( $file = $this -> getFile ( $file_id )) {
$sql = " DELETE FROM `users_files` WHERE `users_files`.`id` = " . $file [ 'id' ] . " LIMIT 1 " ;
if ( mysql_query ( $sql )) {
unlink ( $_SERVER [ 'DOCUMENT_ROOT' ] . $file [ 'path' ]);
return true ;
}
}
}
return mysql_error ();
}
2026-05-22 20:21:54 +02:00
/**
* @ param null $user_id
* @ return bool | string
*/
2026-07-06 12:54:07 +02:00
public function delUserPic ( $user_id = null ) {
if ( ! is_null ( $user_id )) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$user = new self ;
$user -> get ( $user_id );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $user_logo = $user -> user_logo ) {
$sql = " UPDATE users SET user_logo='' WHERE id=' $user_id ' LIMIT 1 " ;
if ( mysql_query ( $sql )) {
unlink ( $this -> _serverUserpicPath . '/' . $user_logo );
return true ;
}
}
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return false ;
}
2026-05-22 20:21:54 +02:00
/**
* @ param $str
* @ param $config
* @ param bool $is_folder
* @ return string
*/
2026-07-06 12:54:07 +02:00
private function fixFilename ( $str , $config , $is_folder = false ) {
$str = strip_tags ( htmlspecialchars ( $str ));
if ( $config [ 'convert_spaces' ])
$str = str_replace ( ' ' , $config [ 'replace_with' ], $str );
if ( $config [ 'transliteration' ]) {
if ( ! mb_detect_encoding ( $str , 'UTF-8' , true ))
$str = utf8_encode ( $str );
if ( function_exists ( 'transliterator_transliterate' ))
$str = transliterator_transliterate ( 'Any-Latin; Latin-ASCII' , $str );
else
$str = iconv ( 'UTF-8' , 'ASCII//TRANSLIT//IGNORE' , $str );
$str = preg_replace ( " /[^a-zA-Z0-9 \ . \ [ \ ]_| -]/ " , '' , $str );
}
$str = str_replace ( array ( '"' , " ' " , " / " , " \\ " ), " " , $str );
$str = strip_tags ( $str );
// Empty or incorrectly transliterated filename.
// Here is a point: a good file UNKNOWN_LANGUAGE.jpg could become .jpg in previous code.
// So we add that default 'file' name to fix that issue.
if ( ! $config [ 'empty_filename' ] && strpos ( $str , '.' ) === 0 && $is_folder === false )
{
$str = 'file' . $str ;
}
if ( $config [ 'lowercase' ])
return ( mb_strtolower ( trim ( $str )));
else
return trim ( $str );
}
2026-05-22 20:21:54 +02:00
/**
* @ param $path
* @ param $filename
* @ return string
*/
2026-07-06 12:54:07 +02:00
private function newFilename ( $path , $filename ) {
$res = " $path / $filename " ;
if ( ! file_exists ( $res ))
return $res ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$fnameNoExt = pathinfo ( $filename , PATHINFO_FILENAME );
$ext = pathinfo ( $filename , PATHINFO_EXTENSION );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$i = 1 ;
while ( file_exists ( " $path / $fnameNoExt - $i . $ext " )) $i ++ ;
return " $path / $fnameNoExt - $i . $ext " ;
}
2026-05-22 20:21:54 +02:00
/**
* @ param null $user_id
* @ return array | bool
*/
2026-07-06 12:54:07 +02:00
private function setUserpic ( $user_id = null ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $user_id || is_null ( $user_id ))
return false ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( $_FILES [ 'avatar' ][ 'name' ]) {
list ( $a , $ext ) = explode ( " / " , $_FILES [ 'avatar' ][ 'type' ]);
if ( $ext == " pjpeg " ) {
$ext = " jpeg " ;
}
2026-05-22 20:21:54 +02:00
$ext = mb_strtolower ( $ext );
if ( in_array ( $ext , $this -> _allowedFileTypes )) {
$name = md5 ( $_FILES [ 'avatar' ][ 'tmp_name' ] . time ()) . " . " . $ext ;
$photo = $_SERVER [ 'DOCUMENT_ROOT' ] . $this -> _serverUserpicPath . " / " . $name ;
move_uploaded_file ( $_FILES [ 'avatar' ][ 'tmp_name' ], $photo );
if ( square_crop ( $photo , $photo , 272 , 90 )) {
$sql = " UPDATE `users` SET user_logo=' $name ' WHERE id= $user_id " ;
mysql_query ( $sql );
return $name ;
}
}
2026-07-06 12:54:07 +02:00
}
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
return false ;
}
2026-05-22 20:21:54 +02:00
/**
* @ param null $user_id
* @ return array | bool
*/
2026-07-06 12:54:07 +02:00
private function uploadFiles ( $user_id = null ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( ! $user_id || is_null ( $user_id ))
return false ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
list ( $success , $errors ) = [[],[]];
$user_id = intval ( $user_id );
$post = clearInputData ( $_POST );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$created_by = intval ( $_SESSION [ 'id' ]);
if ( isset ( $_FILES [ 'files' ])) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$count = count ( $_FILES [ 'files' ][ 'name' ]);
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$agency_id = self :: getUserAgencyID ();
$users_id = $this -> getAllAgencyUsers ( $agency_id );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
for ( $i = 0 ; $i < $count ; $i ++ ) {
if ( in_array ( $user_id , $users_id ) && $user_id && $_FILES [ 'files' ][ 'error' ][ $i ] == 0 ) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$extension = mb_strtolower ( pathinfo ( $_FILES [ 'files' ][ 'name' ][ $i ], PATHINFO_EXTENSION ));
if ( in_array ( $extension , $this -> _allowedFileTypes )) {
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$real_filename = $_FILES [ 'files' ][ 'name' ][ $i ];
$description = (( isset ( $post [ 'description' ][ $i ])) ? trim ( $post [ 'description' ][ $i ]) : null );
$filename = $this -> fixFilename ( $real_filename , [
'convert_spaces' => true ,
'replace_with' => '_' ,
'transliteration' => true ,
'empty_filename' => true ,
'lowercase' => true
]);
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$tmp_path = $_FILES [ 'files' ][ 'tmp_name' ][ $i ];
$save_path = $this -> newFilename ( $_SERVER [ 'DOCUMENT_ROOT' ] . $this -> _serverPath , $filename );
$path = str_replace ( $_SERVER [ 'DOCUMENT_ROOT' ], '' , $save_path );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( empty ( $description ))
$description = $real_filename ;
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
if ( move_uploaded_file ( $tmp_path , $save_path )) {
$sql = " INSERT INTO `users_files` (`user_id`, `filename`, `path`, `created_by`) VALUES
2026-05-22 20:21:54 +02:00
( '$user_id' , '$description' , '$path' , '$created_by' ) " ;
2026-07-06 12:54:07 +02:00
if ( mysql_query ( $sql )) {
$id = mysql_insert_id ();
$success [ $id ] = [
'filename' => $real_filename ,
'path' => $path ,
];
} else {
$errors [] = [ $filename => mysql_error ()];
}
}
}
}
}
}
if ( ! empty ( $success ))
return $success ;
else
return $errors ;
}
/**
* Генирация и сохранение токенов
*/
public function gen_token ( $user_id ) {
$token = md5 ( microtime () . 'user' . $user_id . time ());
$sql = " REPLACE INTO user_api_keys (user_id, api_key) VALUES ( { $user_id } , ' { $token } ') " ;
mysql_query ( $sql );
$id = mysql_insert_id ();
return $id ;
}
public static function getUserTarif ( $user_id ) {
$sgl = " SELECT id_tarif FROM users WHERE id= { $user_id } " ;
$user = mysql_query ( $sgl );
$userTarrif = mysql_fetch_assoc ( $user );
if ( $userTarrif [ 'id_tarif' ] == 0 ) {
$sqlManager = " SELECT id_manager FROM users WHERE id= { $user_id } " ;
$userManager = mysql_query ( $sqlManager );
$userIdManager = mysql_fetch_assoc ( $userManager );
$sgl = " SELECT id_tarif FROM users WHERE id= { $userIdManager [ 'id_manager' ] } " ;
$user = mysql_query ( $sgl );
$userTarrif = mysql_fetch_assoc ( $user );
}
$sql2 = " SELECT max_worker FROM tariffs WHERE id= { $userTarrif [ 'id_tarif' ] } " ;
$tarif = mysql_query ( $sql2 );
$maxWorker = mysql_fetch_assoc ( $tarif );
if ( $maxWorker == 0 ) { $maxWorker = array ( 'max_worker' => 9999 );}
return $maxWorker ;
}
public static function getUserTarifCount ( $user_id ) {
$res = array ();
$res2 = array ();
$res3 = array ();
$sgl = " SELECT COUNT(*) FROM users WHERE id_manager= { $user_id } AND blocked=0 " ;
$user = mysql_query ( $sgl );
$userAgency = mysql_fetch_assoc ( $user );
$sgl3 = " SELECT id FROM users WHERE id_manager= { $user_id } AND blocked=0 " ;
$user3 = mysql_query ( $sgl3 );
while ( $r = mysql_fetch_assoc ( $user3 )) {
$res [] = $r ;
}
foreach ( $res as $value ) {
$i = reset ( $value );
$sgl2 = " SELECT id FROM users WHERE id_manager= { $i } AND blocked=0 " ;
$userA2 = mysql_query ( $sgl2 );
while ( $r = mysql_fetch_assoc ( $userA2 )) {
$res2 [] = $r ;
}
}
$sgl4 = " SELECT department_id FROM users WHERE id_manager= { $user_id } AND blocked=0 " ;
$user4 = mysql_query ( $sgl4 );
while ( $r = mysql_fetch_assoc ( $user4 )) {
$res3 [] = $r ;
}
foreach ( $res3 as $value ) {
$i = reset ( $value );
if ( $i != 0 ){
$sgl2 = " SELECT id FROM users WHERE department_id= { $i } AND blocked=0 AND id_manager!= { $user_id } " ;
$userA2 = mysql_query ( $sgl2 );
while ( $r = mysql_fetch_assoc ( $userA2 )) {
$res2 [] = $r ;
}
}
}
2026-05-22 20:21:54 +02:00
$result = array ();
foreach ( $res2 as $k => $v ) {
$result [] = reset ( $v );
}
2026-07-06 12:54:07 +02:00
$userCount = ( reset ( $userAgency ));
$userCount2 = count ( array_unique ( $result ));
$userCountSum = $userCount + $userCount2 ;
return $userCountSum ;
}
2026-05-22 20:21:54 +02:00
public static function isCurrentUserShowAdvertButton () {
$showAds = true ;
if ( $_SESSION [ 'id' ] == 5812 || $_SESSION [ 'id' ] == 7076 ) {
$showAds = false ;
}
2026-07-06 12:54:07 +02:00
if (( in_array ( $_SESSION [ 'agency_id' ], array ( 8353 , 8375 , 8376 , 8399 , 8867 , 8910 , 9082 , 9072 , 9077 , 9110 , 9588 , 9805 , 9973 , 7864 , 10203 , 10041 , 10493 , 4873 , 10876 , 10982 , 11086 , 10933 , 11456 , 11501 , 11397 , 7507 , 8826 , 10429 , 12061 , 10041 , 10732 , 11417 , 12556 , 13338 , 10387 , 14134 , 13735 , 13792 , 15401 , 16182 , 14493 , 18438 , 18708 , 19476 , 19821 , 17157 , 19111 , 19750 , 22666 , 22432 , 22434 , 19011 ))) && ! in_array ( $_SESSION [ 'id' ], array ( 8373 , 8353 , 8375 , 8376 , 8399 , 8867 , 8910 , 9082 , 9072 , 9077 , 9110 , 9588 , 9805 , 9973 , 7864 , 10203 , 10041 , 10493 , 4873 , 10876 , 10982 , 11086 , 10933 , 11456 , 11501 , 11397 , 7507 , 8826 , 10429 , 12061 , 10041 , 10732 , 11417 , 12556 , 13338 , 10387 , 14134 , 13735 , 13792 , 15401 , 16182 , 14493 , 18438 , 18708 , 19476 , 19821 , 17157 , 19111 , 19750 , 22666 , 22432 , 22434 , 19011 ))) {
2026-05-22 20:21:54 +02:00
$showAds = false ;
}
if ( $_SESSION [ 'agency_id' ] == 8435 && ( ! in_array ( $_SESSION [ 'id' ], array ( 8435 , 8532 , 8541 , 8555 ))))
$showAds = false ;
if ( $_SESSION [ 'agency_id' ] == 8649 && ( ! in_array ( $_SESSION [ 'id' ], array ( 8649 , 8653 )))) {
$showAds = false ;
}
if ( $_SESSION [ 'agency_id' ] == 8867 && ( ! in_array ( $_SESSION [ 'id' ], array ( 8867 , 8910 , 9082 , 9072 , 9077 )))) {
$showAds = false ;
}
if ( $_SESSION [ 'id' ] == 9170 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 19750 || $_SESSION [ 'id' ] == 22196 || $_SESSION [ 'id' ] == 22280 || $_SESSION [ 'id' ] == 22195 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 19821 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 18708 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 9588 || $_SESSION [ 'id' ] == 9904 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 9110 || $_SESSION [ 'id' ] == 9892 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 9805 || $_SESSION [ 'id' ] == 9927 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 18438 || $_SESSION [ 'id' ] == 18446 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 9973 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 13338 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 10203 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 10041 || $_SESSION [ 'id' ] == 10966 || $_SESSION [ 'id' ] == 10869 || $_SESSION [ 'id' ] == 13845 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 7864 || $_SESSION [ 'id' ] == 8118 || $_SESSION [ 'id' ] == 7866 || $_SESSION [ 'id' ] == 8432 || $_SESSION [ 'id' ] == 9152 || $_SESSION [ 'id' ] == 9426 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 10493 || $_SESSION [ 'id' ] == 10606 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 4873 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 10876 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 10982 || $_SESSION [ 'id' ] == 10992 || $_SESSION [ 'id' ] == 11299 || $_SESSION [ 'id' ] == 14572 || $_SESSION [ 'id' ] == 21355 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 11086 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 10933 || $_SESSION [ 'id' ] == 11547 || $_SESSION [ 'id' ] == 11538 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 11456 || $_SESSION [ 'id' ] == 11552 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 11501 || $_SESSION [ 'id' ] == 11549 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 11397 || $_SESSION [ 'id' ] == 11583 ) {
$showAds = true ;
}
if ( in_array (( int ) $_SESSION [ 'id' ], [ 11378 , 11688 , 11690 , 11691 , 11694 , 11696 , 11698 , 11700 , 11702 , 11864 , 11865 , 11873 , 8829 , 11799 , 11801 , 11803 , 11806 , 11808 , 11810 , 11812 , 11814 , 11816 , 11818 , 11819 , 11821 , 11822 , 11824 , 11825 , 11827 , 11830 , 11831 , 11833 , 11835 , 11850 , 11837 , 11839 , 11840 , 11841 , 11843 , 11845 , 11847 , 11849 , 11851 , 11854 , 11856 , 11859 , 11861 , 11683 , 11877 , 11879 , 11880 , 11882 , 11705 , 11709 , 11711 , 11713 , 11715 , 11720 , 11722 , 11723 , 11725 , 11726 , 11728 , 11731 , 11733 , 11735 , 11737 , 11739 , 11741 , 11743 , 11745 , 11747 , 11749 , 11753 , 11763 , 11765 , 11769 , 11770 , 11771 , 11772 , 11773 , 11774 , 11775 , 11776 , 11777 , 11779 , 11781 , 11784 , 11786 , 11788 , 11791 , 11793 , 11795 , 11796 , 11797 , 11798 , 11800 , 11802 , 11804 , 11807 , 11809 , 11811 , 11813 , 11815 , 11817 , 11820 , 11823 , 11826 , 11828 , 11829 , 11832 , 11834 , 11836 , 11838 , 11842 , 11844 , 11846 , 11848 , 11852 , 11853 , 11855 , 11857 , 11858 , 11860 , 11862 , 11863 , 11866 , 11869 , 11871 , 11872 , 11875 , 11876 , 11878 , 11881 , 11703 , 11704 , 11706 , 11708 , 11710 , 11712 , 11714 , 11716 , 11717 , 11718 , 11719 , 11721 , 11724 , 11727 , 11729 , 11730 , 11732 , 11734 , 11736 , 11738 , 11740 , 11742 , 11744 , 11746 , 11748 , 11750 , 11751 , 11752 , 11754 , 11755 , 11756 , 11757 , 11758 , 11759 , 11760 , 11761 , 11762 , 11764 , 11766 , 11767 , 11768 , 11778 , 11780 , 11782 , 11783 , 11785 , 11787 , 11789 , 11790 , 11792 , 11794 , 11883 , 11884 , 11885 , 11886 , 11887 , 11888 , 11889 , 11890 , 11891 , 11892 , 11893 , 11894 , 11895 , 11679 , 11680 , 11681 , 11682 , 11684 , 11685 , 11686 , 11687 , 11689 , 11692 , 11693 , 11695 , 11697 , 11699 , 11701 , 11896 , 11897 , 11898 , 11899 , 11900 , 11901 , 11902 , 11903 , 11904 , 11905 , 11906 ])) {
$showAds = false ;
}
if ( in_array (( int ) $_SESSION [ 'id' ], [ 8826 , 8827 , 11867 , 11870 , 11874 , 12444 , 11868 , 16929 ])) {
$showAds = true ;
}
if ( in_array (( int ) $_SESSION [ 'id' ], [ 7507 , 7719 , 7513 , 8787 , 9878 , 10483 , 10815 , 7514 , 7517 , 7518 , 7519 , 7614 , 7762 , 8364 , 10484 , 9047 , 9928 , 10386 , 10522 , 10530 , 10531 , 7931 , 8893 , 9048 , 9809 , 11039 , 11805 , 10589 , 11329 , 11516 , 9770 , 10338 , 7905 , 8569 , 11641 , 11707 , 7520 , 7540 , 7541 , 7826 , 8729 , 8737 , 9861 , 10156 , 11034 , 7508 , 7509 , 7510 , 7512 , 7515 , 7543 , 7553 , 10499 ])) // А Н О О О МИДОМ
$showAds = false ;
if ( in_array (( int ) $_SESSION [ 'id' ], [ 7507 , 7508 , 7509 , 7543 , 7905 , 8364 , 11707 , 10499 , 8569 , 8569 , 11930 , 12052 , 11641 , 7553 , 8787 , 7510 , 7548 , 7516 ]))
$showAds = true ;
if ( $_SESSION [ 'id' ] == 10429 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 12061 || $_SESSION [ 'id' ] == 12071 || $_SESSION [ 'id' ] == 12073 || $_SESSION [ 'id' ] == 12093 || $_SESSION [ 'id' ] == 12077 || $_SESSION [ 'id' ] == 12090 || $_SESSION [ 'id' ] == 12649 || $_SESSION [ 'id' ] == 12129 || $_SESSION [ 'id' ] == 12171 || $_SESSION [ 'id' ] == 12098 || $_SESSION [ 'id' ] == 1219 || $_SESSION [ 'id' ] == 12624 || $_SESSION [ 'id' ] == 12641 || $_SESSION [ 'id' ] == 16725 || $_SESSION [ 'id' ] == 12192 || $_SESSION [ 'id' ] == 12654 || $_SESSION [ 'id' ] == 12617 || $_SESSION [ 'id' ] == 12634 || $_SESSION [ 'id' ] == 12132 || $_SESSION [ 'id' ] == 21063 || $_SESSION [ 'id' ] == 21124 || $_SESSION [ 'id' ] == 12653 || $_SESSION [ 'id' ] == 12616 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 10732 || $_SESSION [ 'id' ] == 12405 || $_SESSION [ 'id' ] == 13064 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 11417 || $_SESSION [ 'id' ] == 12363 || $_SESSION [ 'id' ] == 12353 || $_SESSION [ 'id' ] == 13690 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 12556 || $_SESSION [ 'id' ] == 12910 || $_SESSION [ 'id' ] == 12909 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 14290 || $_SESSION [ 'id' ] == 14424 || $_SESSION [ 'id' ] == 14437 || $_SESSION [ 'id' ] == 16141 || $_SESSION [ 'id' ] == 16022 || $_SESSION [ 'id' ] == 15846 || $_SESSION [ 'id' ] == 16841 ){
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 14435 || $_SESSION [ 'id' ] == 15068 || $_SESSION [ 'id' ] == 15531 || $_SESSION [ 'id' ] == 15532 || $_SESSION [ 'id' ] == 15529 || $_SESSION [ 'id' ] == 13023 ){
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 12995 || $_SESSION [ 'id' ] == 12999 || $_SESSION [ 'id' ] == 12996 || $_SESSION [ 'id' ] == 13025 || $_SESSION [ 'id' ] == 13026 || $_SESSION [ 'id' ] == 13034 || $_SESSION [ 'id' ] == 13035 || $_SESSION [ 'id' ] == 13040 || $_SESSION [ 'id' ] == 17202 ){
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 10387 || $_SESSION [ 'id' ] == 10388 || $_SESSION [ 'id' ] == 10389 || $_SESSION [ 'id' ] == 10412 || $_SESSION [ 'id' ] == 10414 || $_SESSION [ 'id' ] == 10910 || $_SESSION [ 'id' ] == 12746 || $_SESSION [ 'id' ] == 12748 || $_SESSION [ 'id' ] == 10785 || $_SESSION [ 'id' ] == 10567 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 8889 ) {
$showAds = false ;
}
if ( $_SESSION [ 'id' ] == 14134 || $_SESSION [ 'id' ] == 14199 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 13735 || $_SESSION [ 'id' ] == 13851 || $_SESSION [ 'id' ] == 13882 || $_SESSION [ 'id' ] == 13902 || $_SESSION [ 'id' ] == 13884 || $_SESSION [ 'id' ] == 13885 || $_SESSION [ 'id' ] == 18001 || $_SESSION [ 'id' ] == 18131 || $_SESSION [ 'id' ] == 19035 || $_SESSION [ 'id' ] == 18613 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 13792 || $_SESSION [ 'id' ] == 14066 ) {
$showAds = true ;
}
if ( $_SESSION [ 'agency_id' ] == 14493 ) {
$showAds = true ;
}
if ( $_SESSION [ 'agency_id' ] == 19111 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 15401 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 19476 || $_SESSION [ 'id' ] == 19491 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 17157 || $_SESSION [ 'id' ] == 17943 || $_SESSION [ 'id' ] == 17546 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 16182 || $_SESSION [ 'id' ] == 16281 || $_SESSION [ 'id' ] == 16270 ) {
$showAds = true ;
}
if ( $_SESSION [ 'agency_id' ] == 22746 && ( ! in_array ( $_SESSION [ 'id' ], array ( 22746 , 22823 )))) {
$showAds = false ;
}
if ( $_SESSION [ 'id' ] == 22666 || $_SESSION [ 'id' ] == 22694 || $_SESSION [ 'id' ] == 22687 ) {
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 22432 || $_SESSION [ 'id' ] == 22642 ) {
$showAds = true ;
}
2026-07-06 12:54:07 +02:00
if ( $_SESSION [ 'id' ] == 22434 || $_SESSION [ 'id' ] == 22447 || $_SESSION [ 'id' ] == 22451 ) {
2026-05-22 20:21:54 +02:00
$showAds = true ;
}
if ( $_SESSION [ 'id' ] == 21484 ) {
$showAds = false ;
}
2026-07-06 12:54:07 +02:00
if ( $_SESSION [ 'id' ] == 19011 ) {
$showAds = true ;
}
2026-05-22 20:21:54 +02:00
return $showAds ;
}
public static function getSubordinatesJson ( $managerId ) {
$sql = " SELECT id, last_name, first_name, middle_name, blocked, manager FROM users
WHERE id IN (
SELECT id FROM users WHERE id_manager = $managerId
OR id_manager IN (
SELECT id FROM users WHERE id_manager = $managerId
OR id_manager IN (
SELECT id FROM users WHERE id_manager = $managerId
)
)
) AND blocked = 0 " ;
$result = mysql_query ( $sql );
$users = [];
if ( $result ) {
while ( $row = mysql_fetch_assoc ( $result )) {
$users [] = [
'id' => $row [ 'id' ],
'name' => trim ( $row [ 'last_name' ] . ' ' . $row [ 'first_name' ] . ' ' . $row [ 'middle_name' ]),
'is_manager' => $row [ 'manager' ] == 1
];
}
} else {
return json_encode ([
'error' => 'SQL execution failed' ,
'sql' => $sql ,
'mysql_error' => mysql_error ()
], JSON_UNESCAPED_UNICODE );
}
if ( empty ( $users )) {
return json_encode ([
'error' => 'No subordinates found' ,
'sql' => $sql
], JSON_UNESCAPED_UNICODE );
}
return json_encode ( $users , JSON_UNESCAPED_UNICODE );
}
2026-07-06 12:54:07 +02:00
/**
* получение пакета настроек для новой компании ( новой регистрации )
*/
public function getNewUserPackages (){
$is_agent = ( int ) $this -> individual ;
$is_agency = ( int ) $this -> agency ;
$is_dev = ( int ) $this -> role_developer ;
$where = '' ;
if ( $is_dev > 0 ){
$is_agency = 0 ;
$is_agent = 0 ;
$where = " is_dev = 1 " ;
} else if ( $is_agency > 0 ){
$where = " is_agency = 1 " ;
} else if ( $is_agent > 0 ){
$where = " is_agent = 1 " ;
}
$funnels = [];
$sql = " SELECT * FROM funnel_admin where $where and deleted = 0 order by id " ;
$q = mysql_query ( $sql );
while ( $r = mysql_fetch_assoc ( $q )) {
$funnels [] = $r [ 'id' ];
}
if ( ! empty ( $funnels )){
$funnelClass = new Funnel ();
$f = $funnelClass -> set_template_funnels ( $this -> agencyId , $this -> id , $funnels );
}
//Дефолтные настройки
$sql = " INSERT INTO `funnel_default` (`name`, `agency_id`, `is_client`, `is_req`, `is_filter`, `is_stage`, `is_show_funnels`, `order_number`) VALUES
2026-05-22 20:21:54 +02:00
( 'Список клиентов' , { $this -> agencyId }, 1 , 0 , 1 , 0 , 1 , 0 ) " ;
2026-07-06 12:54:07 +02:00
mysql_query ( $sql );
2026-05-22 20:21:54 +02:00
2026-07-06 12:54:07 +02:00
$sql_in = " INSERT INTO user_views_page (user_id, view_req, view_client) values ( { $this -> id } , 'kanban', 'list') " ;
mysql_query ( $sql_in );
}
2026-05-22 20:21:54 +02:00
}