diff --git a/engine/classes/User.php b/engine/classes/User.php
index 3c943d4..daf95f1 100644
--- a/engine/classes/User.php
+++ b/engine/classes/User.php
@@ -2,11 +2,11 @@
class User {
- public $id;
- public $manager;
- public $manager_users;
- public $use_advert_budget;
- public $agency;
+ public $id;
+ public $manager;
+ public $manager_users;
+ public $use_advert_budget;
+ public $agency;
// Делаю свойства публичными и с сохранением имени, т.к. в коде они много где используется без объявления
public $agencyName;
public $phoneAgency;
@@ -15,9 +15,9 @@ class User {
public $first_name;
public $middle_name;
public $phone;
- public $phone2;
- public $role_developer;
- public $api;
+ public $phone2;
+ public $role_developer;
+ public $api;
private $_serverPath = "/server/php/files/docs";
@@ -57,186 +57,186 @@ class User {
return $this->phone;
}
- public function get($id, $add_info = false, $add_budget = false) {
+ public function get($id, $add_info = false, $add_budget = false) {
- $sql = "SELECT *,
+ $sql = "SELECT *,
IF(birthday, DATE_FORMAT(birthday, '%d.%m.%Y'), NULL) as birthday
FROM users WHERE id=$id";
- if ($rez = mysql_query($sql)) {
- if (mysql_num_rows($rez)) {
+ if ($rez = mysql_query($sql)) {
+ if (mysql_num_rows($rez)) {
- $user = mysql_fetch_assoc($rez);
- foreach ($user as $k => $v) {
- $this->$k = $v;
- }
+ $user = mysql_fetch_assoc($rez);
+ foreach ($user as $k => $v) {
+ $this->$k = $v;
+ }
- $departmentClass = new Department;
- $departmentUser = $departmentClass->getDepartment($id);
+ $departmentClass = new Department;
+ $departmentUser = $departmentClass->getDepartment($id);
- if ($departmentUser['role'] == 'manager_office' || $departmentUser['role'] == 'manager_office_menager') {
- $this->manager = $_SESSION['manager'] = 1;
- }
+ if ($departmentUser['role'] == 'manager_office' || $departmentUser['role'] == 'manager_office_menager') {
+ $this->manager = $_SESSION['manager'] = 1;
+ }
- $this->agencyId = $id;
- $this->agencyEgrnRequestCount = 0;
- $this->agencyAntiznakRequestCount = 0;
+ $this->agencyId = $id;
+ $this->agencyEgrnRequestCount = 0;
+ $this->agencyAntiznakRequestCount = 0;
$this->agencyEnableWazzap = $user['enable_wazzap'];
- $this->agencyName = null;
- $this->manager_users = null;
+ $this->agencyName = null;
+ $this->manager_users = null;
if ($user['role_developer']) {
// застройщик
$this->role_developer = $_SESSION['role_developer'] = 1;
} else {
$this->role_developer = $_SESSION['role_developer'] = 0;
}
- $this->fio = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']);
- if ($user['id_manager'] == 0 && $user['agency'] == 0) {
- // частник
- $this->individual = $_SESSION['individual'] = 1;
- } else {
- $this->individual = $_SESSION['individual'] = 0;
- }
+ $this->fio = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']);
+ if ($user['id_manager'] == 0 && $user['agency'] == 0) {
+ // частник
+ $this->individual = $_SESSION['individual'] = 1;
+ } else {
+ $this->individual = $_SESSION['individual'] = 0;
+ }
- if (isset($user['phone2']))
- $this->phone2 = $user['phone2'];
+ if (isset($user['phone2']))
+ $this->phone2 = $user['phone2'];
- if ($user['id_manager']) {
+ if ($user['id_manager']) {
- $thisIdManager = $user['id_manager'];
- if ($departmentUser['role'] == 'manager_office_menager' || $departmentUser['role'] == 'agent') {
- if ($departmentUser['admin'] > 0) {
- $thisIdManager = $departmentUser['admin'];
- }
- }
+ $thisIdManager = $user['id_manager'];
+ if ($departmentUser['role'] == 'manager_office_menager' || $departmentUser['role'] == 'agent') {
+ if ($departmentUser['admin'] > 0) {
+ $thisIdManager = $departmentUser['admin'];
+ }
+ }
- $sql = "SELECT * FROM users WHERE id= $thisIdManager";
- $rez = mysql_query($sql);
- $manager = mysql_fetch_assoc($rez);
+ $sql = "SELECT * FROM users WHERE id= $thisIdManager";
+ $rez = mysql_query($sql);
+ $manager = mysql_fetch_assoc($rez);
- if ($manager['id_manager']) {
- $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
- if ($agency['id_manager']) {
- $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]"));
- }
- } else {
- $agency = $manager;
- }
+ if ($manager['id_manager']) {
+ $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
+ if ($agency['id_manager']) {
+ $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]"));
+ }
+ } else {
+ $agency = $manager;
+ }
- $this->photo = $agency['photo'];
- $this->agencyId = $agency['id'];
- $this->agencyZipalLogin = $agency['zipal_login'];
- $this->agencyZipalPassword = $agency['zipal_password'];
- $this->agencyZipalBalance = $agency['zipal_balance'];
- $this->agencyEgrnRequestCount = $agency['egrn_request_count'];
- $this->agencyEnableWazzap = $agency['enable_wazzap'];
- if($agency['id'] != 12061){
- $this->agencyAntiznakRequestCount = $agency['antiznak_request_count'];
- } else if($user['id'] == 12653 || $user['id'] == 12093) {
- $this->agencyAntiznakRequestCount = $agency['antiznak_request_count'];
- }
+ $this->photo = $agency['photo'];
+ $this->agencyId = $agency['id'];
+ $this->agencyZipalLogin = $agency['zipal_login'];
+ $this->agencyZipalPassword = $agency['zipal_password'];
+ $this->agencyZipalBalance = $agency['zipal_balance'];
+ $this->agencyEgrnRequestCount = $agency['egrn_request_count'];
+ $this->agencyEnableWazzap = $agency['enable_wazzap'];
+ if($agency['id'] != 12061){
+ $this->agencyAntiznakRequestCount = $agency['antiznak_request_count'];
+ } else if($user['id'] == 12653 || $user['id'] == 12093) {
+ $this->agencyAntiznakRequestCount = $agency['antiznak_request_count'];
+ }
- if (isset($agency['agency_name'])) {
- $this->agencyName = $agency['agency_name'];
- } else if (isset($user['agency_name'])) {
- $this->agencyName = $user['agency_name'];
- }
+ if (isset($agency['agency_name'])) {
+ $this->agencyName = $agency['agency_name'];
+ } else if (isset($user['agency_name'])) {
+ $this->agencyName = $user['agency_name'];
+ }
- $this->phoneAgency = empty($agency['phoneAgency']) ? $agency['phone'] : $agency['phoneAgency'];
- $this->sitename = $agency['sitename'];
- $this->site = $agency['site'];
- $this->adres = $agency['adres'];
- } else {
+ $this->phoneAgency = empty($agency['phoneAgency']) ? $agency['phone'] : $agency['phoneAgency'];
+ $this->sitename = $agency['sitename'];
+ $this->site = $agency['site'];
+ $this->adres = $agency['adres'];
+ } else {
- if (isset($user['agency_name'])) {
- $this->agencyName = $user['agency_name'];
- } else {
- $this->agencyName = null;
- }
- }
+ if (isset($user['agency_name'])) {
+ $this->agencyName = $user['agency_name'];
+ } else {
+ $this->agencyName = null;
+ }
+ }
- if ($this->manager > 0) { // Список пользователей в подчинении у менеджера
- $agents = self::getAgentsOfManager($id, false);
- if (!empty($agents) && is_array($agents)) {
- $this->manager_users = [];
- foreach ($agents as $agent) {
- $this->manager_users[] = (int)$agent['id'];
- }
- }
- }
+ if ($this->manager > 0) { // Список пользователей в подчинении у менеджера
+ $agents = self::getAgentsOfManager($id, false);
+ if (!empty($agents) && is_array($agents)) {
+ $this->manager_users = [];
+ foreach ($agents as $agent) {
+ $this->manager_users[] = (int)$agent['id'];
+ }
+ }
+ }
- if (isset($user['agency']) && $user['agency']) {
+ if (isset($user['agency']) && $user['agency']) {
- $this->director = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']);
+ $this->director = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']);
- if (isset($user['agency_name']))
- $this->fio = $user['agency_name'];
+ if (isset($user['agency_name']))
+ $this->fio = $user['agency_name'];
- }
+ }
- $this->gmtmsk = (int)$user['gmtmsk'];
+ $this->gmtmsk = (int)$user['gmtmsk'];
- // Добавляем инфо о паспортных данных
- if ($add_info) {
+ // Добавляем инфо о паспортных данных
+ if ($add_info) {
- $sql1 = "SELECT *,
+ $sql1 = "SELECT *,
IF(passport_date, DATE_FORMAT(passport_date, '%d.%m.%Y'), NULL) as passport_date
FROM `users_info` WHERE user_id=$id";
- $rez1 = mysql_query($sql1);
- if (mysql_num_rows($rez1)) {
- $info = mysql_fetch_assoc($rez1);
- foreach ($info as $k => $v) {
- $this->$k = $v;
- }
- }
+ $rez1 = mysql_query($sql1);
+ if (mysql_num_rows($rez1)) {
+ $info = mysql_fetch_assoc($rez1);
+ foreach ($info as $k => $v) {
+ $this->$k = $v;
+ }
+ }
- $this->files = [];
- $sql2 = "SELECT * FROM `users_files` WHERE user_id=$id";
- $rez2 = mysql_query($sql2);
- if (mysql_num_rows($rez2)) {
- while ($file = mysql_fetch_assoc($rez2)) {
- $this->files[] = $file;
- }
- }
- }
+ $this->files = [];
+ $sql2 = "SELECT * FROM `users_files` WHERE user_id=$id";
+ $rez2 = mysql_query($sql2);
+ if (mysql_num_rows($rez2)) {
+ while ($file = mysql_fetch_assoc($rez2)) {
+ $this->files[] = $file;
+ }
+ }
+ }
- // Добавляем инфо о рекламном бюджете
- if ($add_budget) {
- $advert_budgets = new AdvertBudgets();
+ // Добавляем инфо о рекламном бюджете
+ if ($add_budget) {
+ $advert_budgets = new AdvertBudgets();
- $budget = $advert_budgets->getAdvertBudget($id);
+ $budget = $advert_budgets->getAdvertBudget($id);
- $this->advert_budget = [
- 'avito' => $budget['avito'],
- 'avito_unlimited' => $budget['avito_unlimited'],
- 'avito_available' => $budget['avito_available'],
- 'cian' => $budget['cian'],
- 'cian_unlimited' => $budget['cian_unlimited'],
- 'cian_available' => $budget['cian_available'],
- 'domclick' => $budget['domclick'],
- 'domclick_unlimited' => $budget['domclick_unlimited'],
- 'domclick_available' => $budget['domclick_available'],
- 'jcat' => $budget['jcat'],
- 'jcat_unlimited' => $budget['jcat_unlimited'],
- 'jcat_available' => $budget['jcat_available'],
- 'yandex' => $budget['yandex'],
- 'yandex_unlimited' => $budget['yandex_unlimited'],
- 'yandex_available' => $budget['yandex_available'],
- 'personal' => $budget['personal'],
- 'total' => $budget['total'],
- 'amount' => $budget['amount'],
- 'balance' => $budget['balance'],
- 'do_not_reinit_monthly' => $budget['do_not_reinit_monthly'],
- ];
- }
- } else {
- return false;
- }
- }
- }
+ $this->advert_budget = [
+ 'avito' => $budget['avito'],
+ 'avito_unlimited' => $budget['avito_unlimited'],
+ 'avito_available' => $budget['avito_available'],
+ 'cian' => $budget['cian'],
+ 'cian_unlimited' => $budget['cian_unlimited'],
+ 'cian_available' => $budget['cian_available'],
+ 'domclick' => $budget['domclick'],
+ 'domclick_unlimited' => $budget['domclick_unlimited'],
+ 'domclick_available' => $budget['domclick_available'],
+ 'jcat' => $budget['jcat'],
+ 'jcat_unlimited' => $budget['jcat_unlimited'],
+ 'jcat_available' => $budget['jcat_available'],
+ 'yandex' => $budget['yandex'],
+ 'yandex_unlimited' => $budget['yandex_unlimited'],
+ 'yandex_available' => $budget['yandex_available'],
+ 'personal' => $budget['personal'],
+ 'total' => $budget['total'],
+ 'amount' => $budget['amount'],
+ 'balance' => $budget['balance'],
+ 'do_not_reinit_monthly' => $budget['do_not_reinit_monthly'],
+ ];
+ }
+ } else {
+ return false;
+ }
+ }
+ }
- public function can($permission, $user_id = null) {
+ public function can($permission, $user_id = null) {
if (is_null($user_id))
$user_id = $_SESSION['id'];
@@ -258,168 +258,168 @@ class User {
return false;
}
- return false;
- }
+ return false;
+ }
- public function getMyManagers(){
+ public function getMyManagers(){
- $searchUserId = $_SESSION['id'];
+ $searchUserId = $_SESSION['id'];
- if ($_SESSION['users_admin']) {
- $searchUserId = $this->agencyId;
- } else {
- $departmentClass = new Department;
- $departmentUser = $departmentClass->getDepartment($_SESSION['id']);
+ if ($_SESSION['users_admin']) {
+ $searchUserId = $this->agencyId;
+ } else {
+ $departmentClass = new Department;
+ $departmentUser = $departmentClass->getDepartment($_SESSION['id']);
- if($departmentUser['role'] == 'manager_office'){
- $searchUserId = $departmentUser['admin'];
+ if($departmentUser['role'] == 'manager_office'){
+ $searchUserId = $departmentUser['admin'];
- }
- if($departmentUser['role'] == 'manager_office_menager'){
- $searchUserId = $this->id_manager;
+ }
+ if($departmentUser['role'] == 'manager_office_menager'){
+ $searchUserId = $this->id_manager;
- }
- }
+ }
+ }
- $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$searchUserId AND blocked=0";
+ $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$searchUserId AND blocked=0";
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- $managers = array();
+ $managers = array();
- while($manager = mysql_fetch_assoc($rez)) $managers[] = $manager;
+ while($manager = mysql_fetch_assoc($rez)) $managers[] = $manager;
- return $managers;
+ return $managers;
- }
+ }
- public static function getAgentsOfManager($id_manager, $only_active = false) {
+ public static function getAgentsOfManager($id_manager, $only_active = false) {
- if (!$id_manager)
- return [];
+ if (!$id_manager)
+ return [];
- $sql = "SELECT *, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users WHERE manager=0 AND id_manager=$id_manager";
+ $sql = "SELECT *, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users WHERE manager=0 AND id_manager=$id_manager";
- if ($only_active)
- $sql .= " AND blocked=0";
+ if ($only_active)
+ $sql .= " AND blocked=0";
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- $agents = array();
+ $agents = array();
- while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager;
+ while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager;
- return $agents;
+ return $agents;
- }
+ }
- public static function getAgentsOfManagers($id_manager, $only_active = false) {
+ public static function getAgentsOfManagers($id_manager, $only_active = false) {
- if (!$id_manager)
- return [];
+ if (!$id_manager)
+ return [];
- $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id_manager";
+ $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id_manager";
- if ($only_active)
- $sql .= " AND blocked=0";
+ if ($only_active)
+ $sql .= " AND blocked=0";
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- $agents = array();
+ $agents = array();
- while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager;
+ while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager;
- return $agents;
+ return $agents;
- }
+ }
- public function getAgentsOfAgency($id_manager, $only_active = false) {
+ public function getAgentsOfAgency($id_manager, $only_active = false) {
- if (!$id_manager)
- return [];
+ if (!$id_manager)
+ return [];
- $sql = "SELECT * FROM users WHERE manager=0 AND id_manager=$id_manager";
+ $sql = "SELECT * FROM users WHERE manager=0 AND id_manager=$id_manager";
- if ($only_active)
- $sql .= " AND blocked=0";
+ if ($only_active)
+ $sql .= " AND blocked=0";
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- $agents = array();
+ $agents = array();
- while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager;
+ while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager;
- return $agents;
+ return $agents;
- }
+ }
- public function whoWork($id) {
+ public function whoWork($id) {
- if (!$id)
- return [];
+ if (!$id)
+ return [];
- $sql_who_work="SELECT * FROM clients WHERE who_work = $id";
- $rez_who_work=mysql_query($sql_who_work);
- $who_work=mysql_fetch_assoc($rez_who_work);
- }
+ $sql_who_work="SELECT * FROM clients WHERE who_work = $id";
+ $rez_who_work=mysql_query($sql_who_work);
+ $who_work=mysql_fetch_assoc($rez_who_work);
+ }
- public function getMyUsers($self_include = false) {
+ public function getMyUsers($self_include = false) {
- $result = array();
+ $result = array();
- if ($_GET['moder']) {
- $str_url_add = "moder=0"; $bd_usl = "moder=0";
- } else $bd_usl = "moder=1";
+ if ($_GET['moder']) {
+ $str_url_add = "moder=0"; $bd_usl = "moder=0";
+ } else $bd_usl = "moder=1";
- if ($_GET['blocked']) {
+ if ($_GET['blocked']) {
- $bd_usl.=" AND blocked=1";
+ $bd_usl.=" AND blocked=1";
- $str_url_add = "blocked=1";
+ $str_url_add = "blocked=1";
- } else $bd_usl .= " AND blocked=0";
+ } else $bd_usl .= " AND blocked=0";
- if ($_GET['search']) {
+ if ($_GET['search']) {
- $bd_usl.=" AND (users.agency_name LIKE '%$_GET[search]%' OR users.first_name LIKE '%$_GET[search]%' OR users.last_name LIKE '%$_GET[search]%' OR users.middle_name LIKE '%$_GET[search]%' OR users.phone LIKE '%$_GET[search]%' OR users.email LIKE '%$_GET[search]%')";
+ $bd_usl.=" AND (users.agency_name LIKE '%$_GET[search]%' OR users.first_name LIKE '%$_GET[search]%' OR users.last_name LIKE '%$_GET[search]%' OR users.middle_name LIKE '%$_GET[search]%' OR users.phone LIKE '%$_GET[search]%' OR users.email LIKE '%$_GET[search]%')";
- $str_url_add = "search=".$_GET['search'];
+ $str_url_add = "search=".$_GET['search'];
- }
+ }
- $searchUserId = $_SESSION['id'];
+ $searchUserId = $_SESSION['id'];
- if ($_SESSION['users_admin'] || $_SESSION['id'] == 5817 || $_SESSION['id'] == 20293 || $_SESSION['id'] == 22915) {
- $searchUserId = $this->agencyId;
- } else {
+ if ($_SESSION['users_admin'] || $_SESSION['id'] == 5817 || $_SESSION['id'] == 20293 || $_SESSION['id'] == 22915) {
+ $searchUserId = $this->agencyId;
+ } else {
- $departmentClass = new Department;
- $departmentUser = $departmentClass->getDepartment($_SESSION['id']);
+ $departmentClass = new Department;
+ $departmentUser = $departmentClass->getDepartment($_SESSION['id']);
- if($departmentUser['role'] == 'manager_office'){
- $searchUserId = $departmentUser['admin'];
+ if($departmentUser['role'] == 'manager_office'){
+ $searchUserId = $departmentUser['admin'];
- }
- if($departmentUser['role'] == 'manager_office_menager'){
- $searchUserId = $this->id_manager;
+ }
+ if($departmentUser['role'] == 'manager_office_menager'){
+ $searchUserId = $this->id_manager;
- }
- }
+ }
+ }
- $sql = "SELECT id FROM users WHERE id_manager = $searchUserId AND manager = 1";
- $mmid[] = "users.id_manager = $searchUserId";
- $rez = mysql_query($sql);
+ $sql = "SELECT id FROM users WHERE id_manager = $searchUserId AND manager = 1";
+ $mmid[] = "users.id_manager = $searchUserId";
+ $rez = mysql_query($sql);
- $menedgers = array();
- while($mm = mysql_fetch_row($rez)) {
- $mmid[] = "users.id_manager = ".$mm[0];
- $menedgers[] = $mm[0];
- }
+ $menedgers = array();
+ while($mm = mysql_fetch_row($rez)) {
+ $mmid[] = "users.id_manager = ".$mm[0];
+ $menedgers[] = $mm[0];
+ }
- //отделы для агенства
+ //отделы для агенства
if ($_SESSION['agency'] == 1 || $_SESSION['users_admin'] == 1) {
$sql_dep = "SELECT id FROM `departments` where agency_id = ".$this->agencyId;
@@ -435,86 +435,86 @@ class User {
}
}
- $bd_usl .= $bd_usl_managers = " AND (".implode(" OR ",$mmid).")";
+ $bd_usl .= $bd_usl_managers = " AND (".implode(" OR ",$mmid).")";
- $sql22 = "SELECT online.id_user FROM online, users WHERE online.id_user=users.id AND id_user<>$_SESSION[id] $bd_usl_managers";
+ $sql22 = "SELECT online.id_user FROM online, users WHERE online.id_user=users.id AND id_user<>$_SESSION[id] $bd_usl_managers";
- $rez = mysql_query($sql22);
+ $rez = mysql_query($sql22);
- $result['online'] = mysql_num_rows($rez);
+ $result['online'] = mysql_num_rows($rez);
- while($onl = mysql_fetch_assoc($rez)) $onln[] = "users.id = ".$onl['id_user'];
+ while($onl = mysql_fetch_assoc($rez)) $onln[] = "users.id = ".$onl['id_user'];
- $bd_usl_online = " AND (".implode(" OR ",$onln).")";
+ $bd_usl_online = " AND (".implode(" OR ",$onln).")";
- if ($_GET['online']) {
+ if ($_GET['online']) {
- $bd_usl.=$bd_usl_online;
+ $bd_usl.=$bd_usl_online;
- $str_url_add = "online=1";
+ $str_url_add = "online=1";
- }
+ }
- $result['str_url_add'] = $str_url_add;
+ $result['str_url_add'] = $str_url_add;
- $kol_on_page = 20;
+ $kol_on_page = 20;
- $sql_count = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] AND $bd_usl";
+ $sql_count = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] AND $bd_usl";
- $result['vsego'] = $vsego = mysql_result(mysql_query($sql_count),0);
+ $result['vsego'] = $vsego = mysql_result(mysql_query($sql_count),0);
- $sql_count_active = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=0";
+ $sql_count_active = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=0";
- $result['active'] = mysql_result(mysql_query($sql_count_active),0);
+ $result['active'] = mysql_result(mysql_query($sql_count_active),0);
- //$sql_count_online = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_online AND blocked=0";
+ //$sql_count_online = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_online AND blocked=0";
- //$result['online'] = mysql_result(mysql_query($sql_count_online),0);
+ //$result['online'] = mysql_result(mysql_query($sql_count_online),0);
- $sql_count_blocked = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=1";
+ $sql_count_blocked = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=1";
- $result['blocked'] = mysql_result(mysql_query($sql_count_blocked),0);
+ $result['blocked'] = mysql_result(mysql_query($sql_count_blocked),0);
- $all_pages = ceil($vsego/$kol_on_page);
+ $all_pages = ceil($vsego/$kol_on_page);
- if($_GET['page']) $page = $_GET['page']; else $page = 1;
+ if($_GET['page']) $page = $_GET['page']; else $page = 1;
- $ot = ($page-1)*$kol_on_page;
+ $ot = ($page-1)*$kol_on_page;
- $sql = "SELECT *, DATE_FORMAT(date_reg,'%d.%m.%Y %H:%i') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users";
+ $sql = "SELECT *, DATE_FORMAT(date_reg,'%d.%m.%Y %H:%i') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users";
- if ($self_include) {
- $sql .= " WHERE users.id = $_SESSION[id] OR ($bd_usl)";
- } else {
- $sql .= " WHERE users.id <> $_SESSION[id] AND $bd_usl";
- }
+ if ($self_include) {
+ $sql .= " WHERE users.id = $_SESSION[id] OR ($bd_usl)";
+ } else {
+ $sql .= " WHERE users.id <> $_SESSION[id] AND $bd_usl";
+ }
- $sql .= " ORDER BY users.manager desc, users.id DESC";
+ $sql .= " ORDER BY users.manager desc, users.id DESC";
- if (isset($_GET['dev']))
- echo $sql;
+ if (isset($_GET['dev']))
+ echo $sql;
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- while($users=mysql_fetch_assoc($rez)) $result['users'][] = $users;
+ while($users=mysql_fetch_assoc($rez)) $result['users'][] = $users;
- return $result;
+ return $result;
- }
+ }
- public function del($id) {
+ public function del($id) {
- $sql="SELECT * FROM users WHERE id=$id";
+ $sql="SELECT * FROM users WHERE id=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $manager = mysql_fetch_assoc($rez);
+ $manager = mysql_fetch_assoc($rez);
$userDel = new User;
$userDel->get($id);
-
+
$user_del = array();
- $arrayCanKey = ['pwd','email','last_name','first_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager'];
+ $arrayCanKey = ['pwd','email','last_name','first_name','middle_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager'];
foreach($manager as $key => $val){
if($key != 'id' && !empty($val) && in_array($key, $arrayCanKey)){
$user_del[] = "`".$key."` = '".$val."'";
@@ -524,238 +524,257 @@ class User {
file_put_contents($_SERVER["DOCUMENT_ROOT"]."/callevents/user.txt", "1. ". print_r($sql_in, true) . "\n", FILE_APPEND);
mysql_query($sql_in);
- $sql="DELETE FROM users WHERE id=$id";
+ $sql="DELETE FROM users WHERE id=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- if ($manager['id_manager'] > 0) {
- $sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id";
- mysql_query($sql);
- } else {
- $sql="SELECT id FROM users WHERE id_manager=$id";
- $rez=mysql_query($sql);
- while($us = mysql_fetch_assoc($rez)) {
- User::del($us['id']);
- }
- }
+ if ($manager['id_manager'] > 0) {
+ $sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id";
+ mysql_query($sql);
+ } else {
+ $sql="SELECT id FROM users WHERE id_manager=$id";
+ $rez=mysql_query($sql);
+ while($us = mysql_fetch_assoc($rez)) {
+ User::del($us['id']);
+ }
+ }
- $sql="DELETE FROM views WHERE id_user=$id";
+ $sql="DELETE FROM views WHERE id_user=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $sql="DELETE FROM sended_pdf WHERE id_agent=$id";
+ $sql="DELETE FROM sended_pdf WHERE id_agent=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $sql="DELETE FROM online WHERE id_user=$id";
+ $sql="DELETE FROM online WHERE id_user=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $sql="DELETE FROM objects WHERE id_user=$id";
+ $sql="DELETE FROM objects WHERE id_user=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $sql="DELETE FROM favor WHERE id_user=$id";
+ $sql="DELETE FROM favor WHERE id_user=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $sql="DELETE FROM clients WHERE id_agent=$id";
+ // осиротевшие персональные листинг-данные ушедшего (избранное/просмотры/потенциальные) — гигиена
+ mysql_query("DELETE FROM external_listing_favorites WHERE user_id=$id");
+ mysql_query("DELETE FROM external_listing_views WHERE user_id=$id");
+ mysql_query("DELETE FROM external_listing_potential WHERE user_id=$id");
- $rez=mysql_query($sql);
+ $sql="DELETE FROM clients WHERE id_agent=$id";
- $sql="DELETE FROM user_client_events WHERE user_id=$id";
+ $rez=mysql_query($sql);
- $rez=mysql_query($sql);
+ $sql="DELETE FROM user_client_events WHERE user_id=$id";
- $sql="DELETE FROM user_object_events WHERE user_id=$id";
+ $rez=mysql_query($sql);
- $rez=mysql_query($sql);
+ $sql="DELETE FROM user_object_events WHERE user_id=$id";
- //удаляем из чата и данные в таблице настроек
- RocketChat::deleteChatUser($id);
- $sql="DELETE FROM chat_settings_user WHERE user_id=$id";
- $rez=mysql_query($sql);
- }
+ $rez=mysql_query($sql);
+
+ // Открытые задачи листингов ушедшего передаём его менеджеру (исполнитель ушёл — кто-то живой должен закрыть);
+ // авторство (from_id) НЕ трогаем; выполненные/заметки/комменты остаются за автором (видны через users_delete-scope).
+ if ($manager['id_manager'] > 0) {
+ mysql_query("UPDATE external_listing_events SET user_id = " . (int)$manager['id_manager'] . " WHERE user_id = $id AND calendar_view = 0");
+ }
+
+ //удаляем из чата и данные в таблице настроек
+ RocketChat::deleteChatUser($id);
+ $sql="DELETE FROM chat_settings_user WHERE user_id=$id";
+ $rez=mysql_query($sql);
+ }
public static function deleteWithRebindClient($newIdAgent, $id, $newWhoWork, $newWhoWorkObj, $newWhoWorkReq, $managerId) {
- $sql="SELECT * FROM users WHERE id=$id";
+ $sql="SELECT * FROM users WHERE id=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $manager = mysql_fetch_assoc($rez);
+ $manager = mysql_fetch_assoc($rez);
$userDel = new User;
$userDel->get($id);
-
+
$user_del = array();
- $arrayCanKey = ['pwd','email','last_name','first_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager'];
+ $arrayCanKey = ['pwd','email','last_name','first_name','middle_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager'];
foreach($manager as $key => $val){
if($key != 'id' && !empty($val) && in_array($key, $arrayCanKey)){
$user_del[] = "`".$key."` = '".$val."'";
}
}
-
+
$sql_in = "INSERT INTO users_delete SET ".implode(',', $user_del).", agency_id = " . $userDel->agencyId. ", user_id = {$id}";
file_put_contents($_SERVER["DOCUMENT_ROOT"]."/callevents/user.txt", print_r($sql_in, true) . "\n", FILE_APPEND);
mysql_query($sql_in);
- $sql="DELETE FROM users WHERE id=$id";
+ $sql="DELETE FROM users WHERE id=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- if ($manager['id_manager'] > 0) {
- $sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id";
- mysql_query($sql);
- } else {
- $sql="SELECT id FROM users WHERE id_manager=$id";
- $rez=mysql_query($sql);
- while($us = mysql_fetch_assoc($rez)) {
- User::deleteWithRebindClient($newIdAgent, $us['id'], $newWhoWork, $newWhoWorkObj, $newWhoWorkReq, $managerId);
- }
- }
+ if ($manager['id_manager'] > 0) {
+ $sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id";
+ mysql_query($sql);
+ } else {
+ $sql="SELECT id FROM users WHERE id_manager=$id";
+ $rez=mysql_query($sql);
+ while($us = mysql_fetch_assoc($rez)) {
+ User::deleteWithRebindClient($newIdAgent, $us['id'], $newWhoWork, $newWhoWorkObj, $newWhoWorkReq, $managerId);
+ }
+ }
- $sql="DELETE FROM views WHERE id_user=$id";
+ $sql="DELETE FROM views WHERE id_user=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $sql="DELETE FROM sended_pdf WHERE id_agent=$id";
+ $sql="DELETE FROM sended_pdf WHERE id_agent=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $sql="DELETE FROM online WHERE id_user=$id";
+ $sql="DELETE FROM online WHERE id_user=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $sql="DELETE FROM favor WHERE id_user=$id";
+ $sql="DELETE FROM favor WHERE id_user=$id";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $confirm = 0;
- if($newWhoWork == $_SESSION['id']){
- $confirm = 1;
- }
+ // осиротевшие персональные листинг-данные ушедшего (избранное/просмотры/потенциальные) — гигиена
+ mysql_query("DELETE FROM external_listing_favorites WHERE user_id=$id");
+ mysql_query("DELETE FROM external_listing_views WHERE user_id=$id");
+ mysql_query("DELETE FROM external_listing_potential WHERE user_id=$id");
- $sql="UPDATE clients SET who_work=$newWhoWork, confirm=$confirm, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 0";
+ $confirm = 0;
+ if($newWhoWork == $_SESSION['id']){
+ $confirm = 1;
+ }
- $rez=mysql_query($sql);
+ $sql="UPDATE clients SET who_work=$newWhoWork, confirm=$confirm, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 0";
- $sql="UPDATE clients SET who_work=$newWhoWork, confirm=1, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 1";
+ $rez=mysql_query($sql);
- $rez=mysql_query($sql);
+ $sql="UPDATE clients SET who_work=$newWhoWork, confirm=1, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 1";
- // перенос всех событий тому, кому отдаем клиентов
- $sql="UPDATE user_client_events SET user_id=$newWhoWork WHERE user_id=$id AND client_id>0";
+ $rez=mysql_query($sql);
- $rez=mysql_query($sql);
+ // перенос всех событий тому, кому отдаем клиентов
+ $sql="UPDATE user_client_events SET user_id=$newWhoWork WHERE user_id=$id AND client_id>0";
- // перенос всех событий менеджеру или агентству
- $sql="UPDATE user_object_events SET user_id=$managerId WHERE user_id=$id";
+ $rez=mysql_query($sql);
- $rez=mysql_query($sql);
+ // перенос всех событий менеджеру или агентству
+ $sql="UPDATE user_object_events SET user_id=$managerId WHERE user_id=$id";
+
+ $rez=mysql_query($sql);
+
+ // Открытые задачи листингов — тому же менеджеру (как own-object события выше); авторство (from_id) сохраняем
+ mysql_query("UPDATE external_listing_events SET user_id=$managerId WHERE user_id=$id AND calendar_view = 0");
//Заявки
- $sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=$confirm, user_id=$newIdAgent WHERE who_work=$id AND deleted = 0";
+ $sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=$confirm, user_id=$newIdAgent WHERE who_work=$id AND deleted = 0";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=1, user_id=$newIdAgent WHERE who_work=$id AND deleted = 1";
+ $sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=1, user_id=$newIdAgent WHERE who_work=$id AND deleted = 1";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- // перенос всех событий тому, кому отдаем заявки
- $sql="UPDATE user_client_events SET user_id=$newWhoWorkReq WHERE user_id=$id AND req_id>0";
+ // перенос всех событий тому, кому отдаем заявки
+ $sql="UPDATE user_client_events SET user_id=$newWhoWorkReq WHERE user_id=$id AND req_id>0";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- $sqlNewObjUser = "SELECT * FROM users WHERE id=$newWhoWorkObj";
- $rezNewObjUser = mysql_query($sqlNewObjUser);
- $newObjUser = mysql_fetch_assoc($rezNewObjUser);
+ $sqlNewObjUser = "SELECT * FROM users WHERE id=$newWhoWorkObj";
+ $rezNewObjUser = mysql_query($sqlNewObjUser);
+ $newObjUser = mysql_fetch_assoc($rezNewObjUser);
- $phone = $newObjUser['phone'];
- $num_search = User::num_search($newObjUser['phone']);
- $sobstv = trim($newObjUser['last_name'] . ' ' . $newObjUser['first_name'] . ' ' . $newObjUser['middle_name']);
+ $phone = $newObjUser['phone'];
+ $num_search = User::num_search($newObjUser['phone']);
+ $sobstv = trim($newObjUser['last_name'] . ' ' . $newObjUser['first_name'] . ' ' . $newObjUser['middle_name']);
- if ($newObjUser['agency'] == 0) {
- $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]";
- $rez=mysql_query($sql);
- $manager = mysql_fetch_assoc($rez);
+ if ($newObjUser['agency'] == 0) {
+ $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]";
+ $rez=mysql_query($sql);
+ $manager = mysql_fetch_assoc($rez);
- if($manager['id_manager']) {
- $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
- } else {
- $agency = $manager;
- }
- if ($agency) {
- $sobstv = $sobstv . ", агентство " . $agency['agency_name'];
- }
- }
+ if($manager['id_manager']) {
+ $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
+ } else {
+ $agency = $manager;
+ }
+ if ($agency) {
+ $sobstv = $sobstv . ", агентство " . $agency['agency_name'];
+ }
+ }
-$webHookIn = new WebHookIn(null, $userDel->agencyId);
-
-$is_send_webhook = $webHookIn->check_hook('object_update', 'object');
+ $webHookIn = new WebHookIn(null, $userDel->agencyId);
-if($is_send_webhook){
- $webHookIn->save_webhook_cron_many($_SESSION['id'], $id, $newWhoWorkObj);
-}
+ $is_send_webhook = $webHookIn->check_hook('object_update', 'object');
-$dataWhook = array('action'=>'employee_delete', 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$userDel->agencyId);
-$webHookIn->check_send($dataWhook);
- // перенос всех объектов
- $sql = "UPDATE objects SET is_main = 0, id_add_user=$newWhoWorkObj, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$id";
- $rez = mysql_query($sql);
- //Запись переноса в сфинкс
- $db_sphinx = new MysqlPdo(hstsph2, null, null, null, true, '9306');
- $sql = "UPDATE objects SET id_add_user=$newWhoWorkObj, phone_search = '$num_search' WHERE id_add_user=$id";
- $db_sphinx->query($sql,true);
+ if($is_send_webhook){
+ $webHookIn->save_webhook_cron_many($_SESSION['id'], $id, $newWhoWorkObj);
+ }
- // перенос Зипал
- $sql = "UPDATE zipal_objects SET user_id=$newWhoWorkObj, send_to_update=1 WHERE object_id in (SELECT id from objects where id_add_user=$id)";
- mysql_query($sql);
+ $dataWhook = array('action'=>'employee_delete', 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$userDel->agencyId);
+ $webHookIn->check_send($dataWhook);
+ // перенос всех объектов
+ $sql = "UPDATE objects SET is_main = 0, id_add_user=$newWhoWorkObj, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$id";
+ $rez = mysql_query($sql);
+ //Запись переноса в сфинкс
+ $db_sphinx = new MysqlPdo(hstsph2, null, null, null, true, '9306');
+ $sql = "UPDATE objects SET id_add_user=$newWhoWorkObj, phone_search = '$num_search' WHERE id_add_user=$id";
+ $db_sphinx->query($sql,true);
- $sqlPack = "UPDATE advertising_package_object_publish SET send_to_update = '1', error_when_send_to_update = '' WHERE object_id in (SELECT id from objects where id_add_user=$id)";
- mysql_query($sqlPack);
+ // перенос Зипал
+ $sql = "UPDATE zipal_objects SET user_id=$newWhoWorkObj, send_to_update=1 WHERE object_id in (SELECT id from objects where id_add_user=$id)";
+ mysql_query($sql);
- // в передаче объектов затираем передачи, которые адресованы удаляемому пользователю
- $sql = "UPDATE objects_to_send SET accept_state='REJECTED', accept_date=NOW() WHERE new_user_id=$id";
- mysql_query($sql);
+ $sqlPack = "UPDATE advertising_package_object_publish SET send_to_update = '1', error_when_send_to_update = '' WHERE object_id in (SELECT id from objects where id_add_user=$id)";
+ mysql_query($sqlPack);
+
+ // в передаче объектов затираем передачи, которые адресованы удаляемому пользователю
+ $sql = "UPDATE objects_to_send SET accept_state='REJECTED', accept_date=NOW() WHERE new_user_id=$id";
+ mysql_query($sql);
// переносим комменты
$sqlObjN = "UPDATE object_notes SET created_by=$newWhoWorkObj WHERE created_by=$id";
mysql_query($sqlObjN);
- //удаляем из чата и данные в таблице настроек
- RocketChat::deleteChatUser($id);
- $sql="DELETE FROM chat_settings_user WHERE user_id=$id";
- $rez=mysql_query($sql);
+ //удаляем из чата и данные в таблице настроек
+ RocketChat::deleteChatUser($id);
+ $sql="DELETE FROM chat_settings_user WHERE user_id=$id";
+ $rez=mysql_query($sql);
}
public static function num_search($num) {
- $num_search = str_replace("+", "", $num);
- $num_search = str_replace("(", "", $num_search);
- $num_search = str_replace(")", "", $num_search);
- $num_search = str_replace(" ", "", $num_search);
- $num_search = str_replace("-", "", $num_search);
- $num_search = trim($num_search);
+ $num_search = str_replace("+", "", $num);
+ $num_search = str_replace("(", "", $num_search);
+ $num_search = str_replace(")", "", $num_search);
+ $num_search = str_replace(" ", "", $num_search);
+ $num_search = str_replace("-", "", $num_search);
+ $num_search = trim($num_search);
- if (mb_strlen($num_search) > 7)
- $num_search = mb_substr($num_search, 1);
+ if (mb_strlen($num_search) > 7)
+ $num_search = mb_substr($num_search, 1);
- return $num_search;
+ return $num_search;
}
public function checkPermissions($userID = false, $useRedirect = true) {
if ($userID === false && isset($_SESSION['id'])) {
- $userId = $_SESSION['id'];
+ $userId = $_SESSION['id'];
} else if (isset($userID)) {
- $userId = $userID;
+ $userId = $userID;
} else {
- if ($useRedirect)
- $this->quit("ИД пользователя не указан", $useRedirect);
- else
- return ['error' => "ИД пользователя не указан"];
+ if ($useRedirect)
+ $this->quit("ИД пользователя не указан", $useRedirect);
+ else
+ return ['error' => "ИД пользователя не указан"];
}
$sql = "SELECT users.*, online.ip, online.user_agent FROM users,online WHERE users.id=online.id_user AND users.id=$userId";
@@ -765,13 +784,13 @@ $webHookIn->check_send($dataWhook);
if ($useRedirect && !$users)
$this->quit("Пользователь не авторизован", $useRedirect);
else if (!$users)
- return ['error' => "Пользователь не авторизован"];
+ return ['error' => "Пользователь не авторизован"];
if ($useRedirect && $users['blocked'])
$this->quit("Ваш аккаунт заблокирован", $useRedirect);
- else if ($users['blocked'])
- return ['error' => "Ваш аккаунт заблокирован"];
+ else if ($users['blocked'])
+ return ['error' => "Ваш аккаунт заблокирован"];
/*if ($users['ip'] != $_SERVER['REMOTE_ADDR'] || $users['user_agent'] != $_SERVER['HTTP_USER_AGENT']) {
if ($useRedirect)
@@ -785,8 +804,8 @@ $webHookIn->check_send($dataWhook);
$this->show_zipal_balance = $users['show_zipal_balance'];
$this->zipal_balance = $users['zipal_balance'];
$this->agencyEgrnRequestCount = 0;
- $this->agencyAntiznakRequestCount = 0;
- $this->agencyEnableWazzap = $users['enable_wazzap'];
+ $this->agencyAntiznakRequestCount = 0;
+ $this->agencyEnableWazzap = $users['enable_wazzap'];
$departmentClass = new Department;
$departmentUser = $departmentClass->getDepartment($userId);
@@ -802,19 +821,19 @@ $webHookIn->check_send($dataWhook);
$agency = new User;
$agency->get($id_menager);
if ($agency->id_manager) {
- $agency->get($agency->id_manager);
- if ($agency->id_manager) {
- $agency->get($agency->id_manager);
- }
- }
+ $agency->get($agency->id_manager);
+ if ($agency->id_manager) {
+ $agency->get($agency->id_manager);
+ }
+ }
$id_tarif = $agency->id_tarif;
$this->agencyId = $agency->id;
$this->agencyZipalLogin = $agency->zipal_login;
$this->agencyZipalPassword = $agency->zipal_password;
$this->agencyZipalBalance = $agency->zipal_balance;
$this->agencyEgrnRequestCount = $agency->egrn_request_count;
- $this->agencyAntiznakRequestCount = $agency->antiznak_request_count;
- $this->agencyEnableWazzap = $agency->enable_wazzap;
+ $this->agencyAntiznakRequestCount = $agency->antiznak_request_count;
+ $this->agencyEnableWazzap = $agency->enable_wazzap;
$date_tarif = $agency->date_tarif;
if ($agency->date_reg < $agency->date_tarif) {
@@ -925,27 +944,27 @@ $webHookIn->check_send($dataWhook);
$_SESSION['users_admin'] = 0;
}
- //Предмодерация рекламы по объектам
- $_SESSION['use_advert_moderation'] = 0;
- $q_moderation = mysql_query("SELECT * FROM advert_moderation_agency WHERE agency_id = {$this->agencyId}");
- if(mysql_num_rows($q_moderation) > 0){
- $_SESSION['use_advert_moderation'] = 1;
- }
+ //Предмодерация рекламы по объектам
+ $_SESSION['use_advert_moderation'] = 0;
+ $q_moderation = mysql_query("SELECT * FROM advert_moderation_agency WHERE agency_id = {$this->agencyId}");
+ if(mysql_num_rows($q_moderation) > 0){
+ $_SESSION['use_advert_moderation'] = 1;
+ }
- // Рекламный бюджет и ограничение публикации
- $_SESSION['use_advert_budget'] = 0;
+ // Рекламный бюджет и ограничение публикации
+ $_SESSION['use_advert_budget'] = 0;
- if (!$this->agency) {
- $sql = "SELECT use_advert_budget FROM users WHERE id=$this->agencyId";
- if ($rez = mysql_query($sql)) {
- $row = mysql_fetch_assoc($rez);
- $_SESSION['use_advert_budget'] = $row['use_advert_budget'];
- }
- }
+ if (!$this->agency) {
+ $sql = "SELECT use_advert_budget FROM users WHERE id=$this->agencyId";
+ if ($rez = mysql_query($sql)) {
+ $row = mysql_fetch_assoc($rez);
+ $_SESSION['use_advert_budget'] = $row['use_advert_budget'];
+ }
+ }
- if ($this->use_advert_budget) {
- $_SESSION['use_advert_budget'] = 1;
- }
+ if ($this->use_advert_budget) {
+ $_SESSION['use_advert_budget'] = 1;
+ }
$sessionTime = 86400;
@@ -953,57 +972,63 @@ $webHookIn->check_send($dataWhook);
$this->id = $_SESSION['id'] = $users['id'];
$this->id_manager = $_SESSION['id_manager'] = $users['id_manager'];
$this->agency_id = $_SESSION['agency_id'] = self::getUserAgencyID();
- setcookie('user_id', $_SESSION['id'], time() + 360, "/");
- setcookie('agency_id', $_SESSION['agency_id'], time() + 360, "/");
- setcookie('id_manager', $_SESSION['id_manager'], time() + 360, "/");
- setcookie('is_agency', $_SESSION['agency'], time() + 360, "/");
- setcookie('is_manager', $_SESSION['manager'], time() + 360, "/");
- setcookie('is_users_admin', $_SESSION['users_admin'], time() + 360, "/");
- setcookie('is_agent', $_SESSION['agent'], time() + 360, "/");
- setcookie('PHPSESSID_EXPIRATION', $sessionTime + time(), time() + 360, "/");
+ // куки-зеркало сессии для совместимости. Фронт читает права из API/стора, не из кук;
+ // гард — чтобы на after-output страницах setcookie не падал «headers already sent» (флуд в лог).
+ if (!headers_sent()) {
+ setcookie('user_id', $_SESSION['id'], time() + 360, "/");
+ setcookie('agency_id', $_SESSION['agency_id'], time() + 360, "/");
+ setcookie('id_manager', $_SESSION['id_manager'], time() + 360, "/");
+ setcookie('is_agency', $_SESSION['agency'], time() + 360, "/");
+ setcookie('is_manager', $_SESSION['manager'], time() + 360, "/");
+ setcookie('is_users_admin', $_SESSION['users_admin'], time() + 360, "/");
+ setcookie('is_agent', $_SESSION['agent'], time() + 360, "/");
+ setcookie('PHPSESSID_EXPIRATION', $sessionTime + time(), time() + 360, "/");
+ }
$this->_user_can['autosearch'] = true;
$this->_user_can['object-fields'] = boolval($this->agency || $this->manager || $this->users_admin);
//$this->_user_can['advert-stats'] = boolval($this->agency || $this->users_admin);
$this->_user_can['advert-stats'] = true;
$_SESSION['user_can'] = $this->_user_can;
- setcookie('user_can', json_encode($_SESSION['user_can']), time() + 360, "/");
+ if (!headers_sent()) {
+ setcookie('user_can', json_encode($_SESSION['user_can']), time() + 360, "/");
+ }
}
- public function checkMenuPermissions($permissionName = null) {
+ public function checkMenuPermissions($permissionName = null) {
$userId = $_SESSION['id'];
$sql_d = "SELECT * FROM `user_permissions` WHERE `user_id` = ".$userId;
- if ($permissionName) {
- $sql_d .= " AND {$permissionName} = 1";
- }
+ if ($permissionName) {
+ $sql_d .= " AND {$permissionName} = 1";
+ }
$result = mysql_query($sql_d);
return mysql_fetch_assoc($result);
}
- public function check_sms($post, $pwd = false, $use_redirect = true)
- {
- if ($_SESSION['sms'] == $post['sms'] || $pwd) {
+ public function check_sms($post, $pwd = false, $use_redirect = true)
+ {
+ if ($_SESSION['sms'] == $post['sms'] || $pwd) {
- $sql = "SELECT * FROM `users` WHERE `phone`='+{$post['phone']}'";
- if (!$rez = mysql_query($sql))
- $msg = mysqli_error();
+ $sql = "SELECT * FROM `users` WHERE `phone`='+{$post['phone']}'";
+ if (!$rez = mysql_query($sql))
+ $msg = mysqli_error();
- if (mysql_num_rows($rez)) {
+ if (mysql_num_rows($rez)) {
- $users = mysql_fetch_assoc($rez);
- if ($pwd && md5($post['pwd'] . SALT) != $users['pwd']) {
- if ($use_redirect)
- return "Неверный пароль";
- else
- return [
- 'success' => false,
- 'message' => "Неверный пароль",
- ];
- }
+ $users = mysql_fetch_assoc($rez);
+ if ($pwd && md5($post['pwd'] . SALT) != $users['pwd']) {
+ if ($use_redirect)
+ return "Неверный пароль";
+ else
+ return [
+ 'success' => false,
+ 'message' => "Неверный пароль",
+ ];
+ }
- if ($users['moder']) {
- if (!$users['blocked']) {
+ if ($users['moder']) {
+ if (!$users['blocked']) {
$this->agency_id = self::getUserAgencyID($users['id']);
@@ -1054,246 +1079,278 @@ $webHookIn->check_send($dataWhook);
$_SESSION['agency_id'] = $this->agency_id;
- $_SESSION['fio'] = trim($users['last_name'] . ' ' . $users['first_name'] . ' ' . $users['middle_name']);
- $_SESSION['phone'] = $users['phone'];
- $_SESSION['id'] = $users['id'];
- $_SESSION['email'] = $users['email'];
+ $_SESSION['fio'] = trim($users['last_name'] . ' ' . $users['first_name'] . ' ' . $users['middle_name']);
+ $_SESSION['phone'] = $users['phone'];
+ $_SESSION['id'] = $users['id'];
+ $_SESSION['email'] = $users['email'];
- if ($users['manager'])
- $this->manager = $_SESSION['manager'] = 1;
- else
- $this->manager = $_SESSION['manager'] = 0;
+ if ($users['manager'])
+ $this->manager = $_SESSION['manager'] = 1;
+ else
+ $this->manager = $_SESSION['manager'] = 0;
- if ($users['id_manager'] == 0)
- $this->individual = $_SESSION['individual'] = 1; // частник
- else
- $this->individual = $_SESSION['individual'] = 0;
+ if ($users['id_manager'] == 0)
+ $this->individual = $_SESSION['individual'] = 1; // частник
+ else
+ $this->individual = $_SESSION['individual'] = 0;
- if ($users['agent'])
- $this->agent = $_SESSION['agent'] = 1;
- else
- $this->agent = $_SESSION['agent'] = 0;
+ if ($users['agent'])
+ $this->agent = $_SESSION['agent'] = 1;
+ else
+ $this->agent = $_SESSION['agent'] = 0;
- if ($users['agency'])
- $this->agency = $_SESSION['agency'] = 1;
- else
- $this->agency = $_SESSION['agency'] = 0;
+ if ($users['agency'])
+ $this->agency = $_SESSION['agency'] = 1;
+ else
+ $this->agency = $_SESSION['agency'] = 0;
- //пользователь, который может управлять другими
- if ($users['users_admin'])
- $_SESSION['users_admin'] = 1;
- else
- $_SESSION['users_admin'] = 0;
+ //пользователь, который может управлять другими
+ if ($users['users_admin'])
+ $_SESSION['users_admin'] = 1;
+ else
+ $_SESSION['users_admin'] = 0;
- $this->id = $_SESSION['id'] = $users['id'];
+ $this->id = $_SESSION['id'] = $users['id'];
- mysql_query("UPDATE users SET last_auth=NOW() WHERE id=$users[id]");
+ mysql_query("UPDATE users SET last_auth=NOW() WHERE id=$users[id]");
- mysql_query("DELETE FROM online WHERE id_user=$users[id]");
+ mysql_query("DELETE FROM online WHERE id_user=$users[id]");
- mysql_query("INSERT INTO online(id_user, last_activity, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')");
+ mysql_query("INSERT INTO online(id_user, last_activity, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')");
- mysql_query("INSERT INTO auth_log(id_user, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')");
+ mysql_query("INSERT INTO auth_log(id_user, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')");
- if ($users['superadmin']) {
+ //Для Laravel
+ $allowed_users_deal = [117, 4];
+ if (in_array((int)$_SESSION['agency_id'], $allowed_users_deal)) {
+ $sessionData = [
+ 'id' => session_id(),
+ 'user_id' => $users['id'],
+ 'payload' => json_encode([
+ 'fio' => $_SESSION['fio'],
+ 'phone' => $_SESSION['phone'],
+ 'roles' => [
+ 'manager' => $_SESSION['manager'],
+ 'agent' => $_SESSION['agent'],
+ 'agency' => $_SESSION['agency'],
+ 'superadmin' => $_SESSION['superadmin']
+ ]
+ ]),
+ 'last_activity' => time(),
+ 'ip_address' => $_SERVER['REMOTE_ADDR'],
+ 'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''
+ ];
- $_SESSION['superadmin'] = 1;
- if ($use_redirect)
- header("location:/admin/index.php");
- else
- return [
- 'success' => true
- ];
- } else {
-
- $agenciesHaveAccessToNewComplexes = [4, 5261, 12028, 12061, 17328, 11325, 13735, 19093, 16378, 19467, 20197, 19909, 19646];
+ $sql_session = "REPLACE INTO sessions (id, user_id, payload, last_activity, ip_address, user_agent) VALUES (
+ '" . mysql_real_escape_string($sessionData['id']) . "',
+ {$sessionData['user_id']},
+ '" . mysql_real_escape_string($sessionData['payload']) . "',
+ {$sessionData['last_activity']},
+ '" . mysql_real_escape_string($sessionData['ip_address']) . "',
+ '" . mysql_real_escape_string($sessionData['user_agent']) . "'
+ )";
+ mysql_query($sql_session);
+ }
- $user_id = $_SESSION['id'];
+ if ($users['superadmin']) {
- $check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $user_id";
- $check_permissions_result = mysql_query($check_permissions_sql);
+ $_SESSION['superadmin'] = 1;
+ if ($use_redirect)
+ header("location:/admin/index.php");
+ else
+ return [
+ 'success' => true
+ ];
+ } else {
- if (!$check_permissions_result || mysql_num_rows($check_permissions_result) == 0) {
-
- $permissions = [
- $user_id,
- 1, 1, 1, // menu_office, menu_search, menu_objects
- 0, 0, // menu_all_objects, menu_all_objects_edit
- 0, // menu_ads
- 1, 0, 0, 0, // menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export
- 1, 0, 0, 0, // menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export
- 0, 1, 1, // menu_partners, menu_docs, menu_settings
- 0, // menu_complexes (по умолчанию отключено)
- 1, 0, // menu_can_transfer_to_common (по умолчанию включено), menu_can_take_from_closed (по умолчанию отключено)
- 0, // menu_can_transfer_closed_to_others (может передавать закрытые заявки другим сотрудникам)
- ];
+ $agenciesHaveAccessToNewComplexes = [4, 5261, 12028, 12061, 17328, 11325, 13735, 19093, 16378, 19467, 20197, 19909, 19646];
- $is_admin = !empty($users['users_admin']);
- $in_agency_list = in_array($user_id, $agenciesHaveAccessToNewComplexes);
- $is_agent = $users['agent'] == '1' && $users['agency'] != '1' && $users['manager'] != '1' && $users['id_manager'] == 0;
- $is_supervisor = $users['agency'] == '1' && $users['manager'] == '1';
- $is_developer = $users['role_developer'] == '1';
+ $user_id = $_SESSION['id'];
- $default_can_transfer_to_common = 1;
- if ($this->agency_id == 19895) {
- $default_can_transfer_to_common = 0;
- }
+ $check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $user_id";
+ $check_permissions_result = mysql_query($check_permissions_sql);
- $default_cannot_create_req_manually = 0;
- if ($this->agency_id == 19895) {
- $default_cannot_create_req_manually = 1;
- }
+ if (!$check_permissions_result || mysql_num_rows($check_permissions_result) == 0) {
- // Если admin или частный агент или руководитель и в списке с комплексами
- if (
- ($is_admin && $in_agency_list) ||
- ($is_agent && $in_agency_list) ||
- ($is_supervisor && $in_agency_list) ||
- ($is_developer)
- ) {
- $permissions = [
- $user_id,
- 1, 1, 1,
- 1, 1,
- 1,
- 1, 1, 1, 1,
- 1, 1, 1, 1,
- 1, 1, 1,
- 1, // комплексы включены
- $default_can_transfer_to_common, 1,
- 1,
- $default_cannot_create_req_manually
- ];
- }
- // Если просто admin или частный агент или руководитель
- elseif ($is_admin || $is_agent || $is_supervisor ) {
- $permissions = [
- $user_id,
- 1, 1, 1,
- 1, 1,
- 1,
- 1, 1, 1, 1,
- 1, 1, 1, 1,
- 1, 1, 1,
- 0, // комплексы выключены
- $default_can_transfer_to_common, 1,
- 1,
- $default_cannot_create_req_manually
- ];
- }
- $values_str = implode(',', $permissions);
+ $permissions = [
+ $user_id,
+ 1, 1, 1, // menu_office, menu_search, menu_objects
+ 0, 0, // menu_all_objects, menu_all_objects_edit
+ 0, // menu_ads
+ 1, 0, 0, 0, // menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export
+ 1, 0, 0, 0, // menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export
+ 0, 1, 1, // menu_partners, menu_docs, menu_settings
+ 0, // menu_complexes (по умолчанию отключено)
+ 1, 0, // menu_can_transfer_to_common (по умолчанию включено), menu_can_take_from_closed (по умолчанию отключено)
+ 0, // menu_can_transfer_closed_to_others (может передавать закрытые заявки другим сотрудникам)
+ ];
- $insert_sql = "INSERT INTO user_permissions
+ $is_admin = !empty($users['users_admin']);
+ $in_agency_list = in_array($user_id, $agenciesHaveAccessToNewComplexes);
+ $is_agent = $users['agent'] == '1' && $users['agency'] != '1' && $users['manager'] != '1' && $users['id_manager'] == 0;
+ $is_supervisor = $users['agency'] == '1' && $users['manager'] == '1';
+ $is_developer = $users['role_developer'] == '1';
+
+ $default_can_transfer_to_common = 1;
+ if ($this->agency_id == 19895) {
+ $default_can_transfer_to_common = 0;
+ }
+
+ $default_cannot_create_req_manually = 0;
+ if ($this->agency_id == 19895) {
+ $default_cannot_create_req_manually = 1;
+ }
+
+ // Если admin или частный агент или руководитель и в списке с комплексами
+ if (
+ ($is_admin && $in_agency_list) ||
+ ($is_agent && $in_agency_list) ||
+ ($is_supervisor && $in_agency_list) ||
+ ($is_developer)
+ ) {
+ $permissions = [
+ $user_id,
+ 1, 1, 1,
+ 1, 1,
+ 1,
+ 1, 1, 1, 1,
+ 1, 1, 1, 1,
+ 1, 1, 1,
+ 1, // комплексы включены
+ $default_can_transfer_to_common, 1,
+ 1,
+ $default_cannot_create_req_manually
+ ];
+ }
+ // Если просто admin или частный агент или руководитель
+ elseif ($is_admin || $is_agent || $is_supervisor ) {
+ $permissions = [
+ $user_id,
+ 1, 1, 1,
+ 1, 1,
+ 1,
+ 1, 1, 1, 1,
+ 1, 1, 1, 1,
+ 1, 1, 1,
+ 0, // комплексы выключены
+ $default_can_transfer_to_common, 1,
+ 1,
+ $default_cannot_create_req_manually
+ ];
+ }
+ $values_str = implode(',', $permissions);
+
+ $insert_sql = "INSERT INTO user_permissions
(user_id, menu_office, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit,
menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export,
menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export,
menu_partners, menu_docs, menu_settings, menu_complexes, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others, cannot_create_req_manually)
VALUES ($values_str)";
- mysql_query($insert_sql);
- }
+ mysql_query($insert_sql);
+ }
- $_SESSION['superadmin'] = 0;
- $first_page_query = "SELECT jp.page_url FROM users
+ $_SESSION['superadmin'] = 0;
+ $first_page_query = "SELECT jp.page_url FROM users
JOIN jw_pages jp ON users.jw_page_id = jp.id
WHERE users.id = " . $_SESSION['id'];
- $first_page_result = mysql_query($first_page_query);
- $first_page = mysql_fetch_assoc($first_page_result);
- $redirect_page = !empty($first_page['page_url']) ? $first_page['page_url'] : "/sale.php";
- if ($use_redirect)
- if ($redirect_page) {
- header("location:$redirect_page");
- } else {
- header("location:/sale.php");
- }
- else
- return [
- 'success' => true
- ];
- }
+ $first_page_result = mysql_query($first_page_query);
+ $first_page = mysql_fetch_assoc($first_page_result);
+ $redirect_page = !empty($first_page['page_url']) ? $first_page['page_url'] : "/sale.php";
+ if ($use_redirect)
+ if ($redirect_page) {
+ header("location:$redirect_page");
+ } else {
+ header("location:/sale.php");
+ }
+ else
+ return [
+ 'success' => true
+ ];
+ }
- } else $msg = "Аккаунт заблокирован!";
+ } else $msg = "Аккаунт заблокирован!";
- } else $msg = "Аккаунт ещё не подтверждён.";
+ } else $msg = "Аккаунт ещё не подтверждён.";
- } else $msg = "Этот номер телефона не зарегистрирован в JoyWork.";
+ } else $msg = "Этот номер телефона не зарегистрирован в JoyWork.";
- } else $msg = "Неверный код подтверждения!";
+ } else $msg = "Неверный код подтверждения!";
- if ($use_redirect)
- return $msg;
- else
- return [
- 'success' => false,
- 'message' => $msg,
- ];
- }
+ if ($use_redirect)
+ return $msg;
+ else
+ return [
+ 'success' => false,
+ 'message' => $msg,
+ ];
+ }
- public function auth($post) {
- $msg = 0;
- if(!empty($post['phone'])) {
- $phone = $post['phone'];
- $sql = "SELECT * FROM users WHERE phone = '{$phone}'";
- $rez = mysql_query($sql);
+ public function auth($post) {
+ $msg = 0;
+ if(!empty($post['phone'])) {
+ $phone = $post['phone'];
+ $sql = "SELECT * FROM users WHERE phone = '{$phone}'";
+ $rez = mysql_query($sql);
- if (mysql_num_rows($rez)) {
- $users = mysql_fetch_assoc($rez);
+ if (mysql_num_rows($rez)) {
+ $users = mysql_fetch_assoc($rez);
- if ($users['moder']) {
- if (!$users['blocked']) {
- $PHP_SELF = $_SERVER['PHP_SELF'];
- if ($users['is_pwd']) {
- header("location:$PHP_SELF?phone2=$phone");
- }
- else {
- require_once($_SERVER['DOCUMENT_ROOT']."/engine/mobilGroupApi.php");
- $_SESSION['sms'] = $code_sms = ok_code($phone);
- $r = sendCode($phone, $code_sms);
- if ($r[1] > 0) {
- header("location:$PHP_SELF?phone=$phone");
- } else {
- $msg = "Робот не может дозвониться по номеру $phone. Проверьте корректность номера или попробуйте выполнить вход позже.";
+ if ($users['moder']) {
+ if (!$users['blocked']) {
+ $PHP_SELF = $_SERVER['PHP_SELF'];
+ if ($users['is_pwd']) {
+ header("location:$PHP_SELF?phone2=$phone");
+ }
+ else {
+ require_once($_SERVER['DOCUMENT_ROOT']."/engine/mobilGroupApi.php");
+ $_SESSION['sms'] = $code_sms = ok_code($phone);
+ $r = sendCode($phone, $code_sms);
+ if ($r[1] > 0) {
+ header("location:$PHP_SELF?phone=$phone");
+ } else {
+ $msg = "Робот не может дозвониться по номеру $phone. Проверьте корректность номера или попробуйте выполнить вход позже.";
mailClient("ellada-an@mail.ru","Робот не может дозвониться по номеру ".$_SERVER['SERVER_NAME'], "Ответ сервера: $r[0]");
- }
- }
- } else $msg = "Аккаунт заблокирован!";
- } else $msg="Аккаунт ещё не подтверждён.";
- } else $msg="Этот номер телефона не зарегистрирован в JoyWork";
- } else $msg="Не заполнены поля формы!";
- return $msg;
- }
+ }
+ }
+ } else $msg = "Аккаунт заблокирован!";
+ } else $msg="Аккаунт ещё не подтверждён.";
+ } else $msg="Этот номер телефона не зарегистрирован в JoyWork";
+ } else $msg="Не заполнены поля формы!";
+ return $msg;
+ }
- public function destroy_session() {
+ public function destroy_session() {
- $_SESSION = array();
+ $_SESSION = array();
- // If it's desired to kill the session, also delete the session cookie.
- // Note: This will destroy the session, and not just the session data!
- if (ini_get("session.use_cookies")) {
- $params = session_get_cookie_params();
- setcookie(session_name(), '', time() - 42000,
- $params["path"], $params["domain"],
- $params["secure"], $params["httponly"]
- );
- }
+ // If it's desired to kill the session, also delete the session cookie.
+ // Note: This will destroy the session, and not just the session data!
+ if (ini_get("session.use_cookies")) {
+ $params = session_get_cookie_params();
+ setcookie(session_name(), '', time() - 42000,
+ $params["path"], $params["domain"],
+ $params["secure"], $params["httponly"]
+ );
+ }
- session_destroy();
- }
+ session_destroy();
+ }
- public function quit($msg = "", $useRedirect = true) {
+ public function quit($msg = "", $useRedirect = true) {
- $this->destroy_session();
+ $this->destroy_session();
$this->id = false;
$this->manager = false;
$this->agent = false;
if ($useRedirect)
- header("location:/index.php?msg=$msg");
+ header("location:/index.php?msg=$msg");
}
@@ -1338,30 +1395,30 @@ $webHookIn->check_send($dataWhook);
$msg_user = "";
$agent = 0;
$agency = 0;
- $developer = 0;
+ $developer = 0;
$adMenuVisible = 0;
- $manager = 0;
+ $manager = 0;
// ставим всем нормальный тариф сразу
if ($post['type'] == 1)
- {
+ {
$agency = 1;
- $manager = 1;
+ $manager = 1;
$agent = 1;
$tarif = 67;
$adMenuVisible = 1;
}
- else if ($post['type'] == 3)
- {
- $developer = 1;
+ else if ($post['type'] == 3)
+ {
+ $developer = 1;
$agent = 0;
- $agency = 0;
- $manager = 1;
- $tarif = 107;
- }
- else
- {
- $agent = 1;
+ $agency = 0;
+ $manager = 1;
+ $tarif = 107;
+ }
+ else
+ {
+ $agent = 1;
$tarif = 97;
}
@@ -1369,8 +1426,8 @@ $webHookIn->check_send($dataWhook);
$new_tarif->get($tarif);
$one_day_plus = $new_tarif->period + 1;
- if (empty($post['fio']))
- $post['fio'] = trim(($post['last_name'] . " " . $post['first_name'] . " " . $post['middle_name']));
+ if (empty($post['fio']))
+ $post['fio'] = trim(($post['last_name'] . " " . $post['first_name'] . " " . $post['middle_name']));
try {
$sql = "INSERT INTO
@@ -1413,33 +1470,33 @@ $webHookIn->check_send($dataWhook);
)";
mysql_query($sql);
- $user_id = mysql_insert_id();
+ $user_id = mysql_insert_id();
mysql_query("UPDATE users SET company_id = $user_id WHERE id = $user_id");
// письмо с шаблоном
- /* $f1 = file("https://joywork.ru/template_mail/afterreg.html");
- $text = implode("", $f1);
+ /* $f1 = file("https://joywork.ru/template_mail/afterreg.html");
+ $text = implode("", $f1);
- mailClient($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text);
+ mailClient($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text);
- mailClientFromJoywork("service@joywork.ru", "Новый пользователь на сайте JoyWork",
- "Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']);
+ mailClientFromJoywork("service@joywork.ru", "Новый пользователь на сайте JoyWork",
+ "Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']);
- mailClientFromJoywork("iganus@joywork.ru", "Новый пользователь на сайте JoyWork",
- "Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']);
-
- */
- $agency_or_developer = $agency ? $agency : $developer;
- $funnel = 0;
- $fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
- $name_agent = '';
+ mailClientFromJoywork("iganus@joywork.ru", "Новый пользователь на сайте JoyWork",
+ "Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']);
+
+ */
+ $agency_or_developer = $agency ? $agency : $developer;
+ $funnel = 0;
+ $fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
+ $name_agent = '';
if($agency_or_developer){
-
- if ($developer)
- {
- mysql_query(
- "INSERT INTO `user_permissions`
+
+ if ($developer)
+ {
+ mysql_query(
+ "INSERT INTO `user_permissions`
(
user_id,
menu_office,
@@ -1488,51 +1545,51 @@ $webHookIn->check_send($dataWhook);
1,
)
"
- );
- }
+ );
+ }
$funnel = 118;
- $name_agent = $post['agency_name'];
-
- } else {
- $funnel = 1141;
- $name_agent = $fio_jw;
- }
+ $name_agent = $post['agency_name'];
+
+ } else {
+ $funnel = 1141;
+ $name_agent = $fio_jw;
+ }
+
+ //$fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
+
+ $sql_jw = "INSERT INTO clients SET phone='{$post['phone']}', ".
+ "fio = '{$name_agent}', email = '{$post['email']}', ".
+ "opis='{$fio_jw}', ".
+ "id_agent = 4, who_work = 0, ".
+ "date_add = NOW(), stage=1, confirm=0, funnel_id={$funnel}, `developer` = $developer";
+
+ if(mysql_query($sql_jw)){
+ $id_cl = mysql_insert_id();
+ $cl = new Clients();
+ $cl->get_class_etap($id_cl, $funnel);
+
+ $reg = mysql_fetch_assoc(mysql_query("SELECT name FROM rf_regions WHERE id=$post[region]"));
+
+ $actyvites = mysql_fetch_assoc(mysql_query("SELECT id FROM activities WHERE user_id=4 AND name='".$reg['name']."'"));
+ if(isset($actyvites['id'])){
+
+ mysql_query("INSERT INTO clients_activities (activity_id, client_id) VALUES ({$actyvites['id']}, {$id_cl})");
+ }
+ $comment = "Новый пользователь - " . ($agency_or_developer ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone'];
+
+ $newTime = date("Y-m-d H:i:s", strtotime('+30 minutes'));
+ $sql_in_ev = "INSERT INTO user_client_events (user_id, client_id, create_date, schedule_date, `type`, comment, calendar_view, from_id) ".
+ "VALUES (4, {$id_cl}, '".date('Y-m-d H:i:s')."', '".$newTime."', 'call', '".$comment."', 0, 4)";
+
+ mysql_query($sql_in_ev);
+ }
- //$fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
-
- $sql_jw = "INSERT INTO clients SET phone='{$post['phone']}', ".
- "fio = '{$name_agent}', email = '{$post['email']}', ".
- "opis='{$fio_jw}', ".
- "id_agent = 4, who_work = 0, ".
- "date_add = NOW(), stage=1, confirm=0, funnel_id={$funnel}, `developer` = $developer";
-
- if(mysql_query($sql_jw)){
- $id_cl = mysql_insert_id();
- $cl = new Clients();
- $cl->get_class_etap($id_cl, $funnel);
-
- $reg = mysql_fetch_assoc(mysql_query("SELECT name FROM rf_regions WHERE id=$post[region]"));
-
- $actyvites = mysql_fetch_assoc(mysql_query("SELECT id FROM activities WHERE user_id=4 AND name='".$reg['name']."'"));
- if(isset($actyvites['id'])){
-
- mysql_query("INSERT INTO clients_activities (activity_id, client_id) VALUES ({$actyvites['id']}, {$id_cl})");
- }
- $comment = "Новый пользователь - " . ($agency_or_developer ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone'];
-
- $newTime = date("Y-m-d H:i:s", strtotime('+30 minutes'));
- $sql_in_ev = "INSERT INTO user_client_events (user_id, client_id, create_date, schedule_date, `type`, comment, calendar_view, from_id) ".
- "VALUES (4, {$id_cl}, '".date('Y-m-d H:i:s')."', '".$newTime."', 'call', '".$comment."', 0, 4)";
-
- mysql_query($sql_in_ev);
- }
-
require_once($_SERVER['DOCUMENT_ROOT'] . "/engine/mobilGroupApi.php");
$_SESSION['sms'] = $code_sms = ok_code($post["phone"]);
-
+
$r = sendCode($post["phone"], $code_sms);
- $phone = $post['phone'];
+ $phone = $post['phone'];
if ($r[1] > 0) {
header("location:index.php?phone=$phone");
} else {
@@ -1543,68 +1600,68 @@ $webHookIn->check_send($dataWhook);
$msg_user .= "Выброшено исключение: " . $e->getMessage();
}
- $this->get($user_id);
- $this->getNewUserPackages();
+ $this->get($user_id);
+ $this->getNewUserPackages();
- $status_text = "\nагент. ФИО: ";
+ $status_text = "\nагент. ФИО: ";
- if ($agency)
- {
- $status_text = "агентство $post[agency_name]. ";
- }
- else if ($developer)
- {
- $status_text = "\nзастройщик. $post[agency_name] ФИО: ";
- }
+ if ($agency)
+ {
+ $status_text = "агентство $post[agency_name]. ";
+ }
+ else if ($developer)
+ {
+ $status_text = "\nзастройщик. $post[agency_name] ФИО: ";
+ }
- $text_reg = "";
- $text_reg .= "Новый пользователь на сайте JoyWork";
- $text_reg .= "\nЗарегистрирован новый пользователь - "
- . ($status_text . trim($post['last_name']
- . ' '
- . $post['first_name']
- . ' '
- . $post['middle_name'])
- . ". ")
- . "\nEmail: "
- . $post['email']
- . ".\nТелефон: "
- . $post['phone'];
-
- $tel = new Telegram(false);
- $max = new MaxClass();
+ $text_reg = "";
+ $text_reg .= "Новый пользователь на сайте JoyWork";
+ $text_reg .= "\nЗарегистрирован новый пользователь - "
+ . ($status_text . trim($post['last_name']
+ . ' '
+ . $post['first_name']
+ . ' '
+ . $post['middle_name'])
+ . ". ")
+ . "\nEmail: "
+ . $post['email']
+ . ".\nТелефон: "
+ . $post['phone'];
- $chatId = 255183898;
- try{
- $tel->send($text_reg, $chatId);
- } catch (Exception $e) {
- //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
- }
+ $tel = new Telegram(false);
+ $max = new MaxClass();
- $max_user_id = 125565439;
- try{
- $max->send_messages_to_user($max_user_id, $text_reg);
+ $chatId = 255183898;
+ try{
+ $tel->send($text_reg, $chatId);
+ } catch (Exception $e) {
+ //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
+ }
- } catch (Exception $e){}
+ $max_user_id = 125565439;
+ try{
+ $max->send_messages_to_user($max_user_id, $text_reg);
- $chatId = 1313658538;
- try{
- $tel->send($text_reg, $chatId);
- } catch (Exception $e) {
- //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
- }
- $max_user_id = 238784061;
- try{
- $max->send_messages_to_user($max_user_id, $text_reg);
+ } catch (Exception $e){}
- } catch (Exception $e){}
+ $chatId = 1313658538;
+ try{
+ $tel->send($text_reg, $chatId);
+ } catch (Exception $e) {
+ //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
+ }
+ $max_user_id = 238784061;
+ try{
+ $max->send_messages_to_user($max_user_id, $text_reg);
- $chatId = 161649599;
- try{
- $tel->send($text_reg, $chatId);
- } catch (Exception $e) {
- //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
- }
+ } catch (Exception $e){}
+
+ $chatId = 161649599;
+ try{
+ $tel->send($text_reg, $chatId);
+ } catch (Exception $e) {
+ //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
+ }
} else $msg_user = "Пользователь с таким номером телефона уже существует.";
@@ -1614,316 +1671,316 @@ $webHookIn->check_send($dataWhook);
} else $msg_user = "Не указан адрес электронной почты.";
//}
- return $msg_user;
+ return $msg_user;
}
- public function remind_pass($post) {
+ public function remind_pass($post) {
- $msg = 0;
+ $msg = 0;
- if(!empty($post['email'])) // проверяем обязательные поля
+ if(!empty($post['email'])) // проверяем обязательные поля
- {
+ {
- $sql="SELECT * FROM users WHERE email='$post[email]'";
+ $sql="SELECT * FROM users WHERE email='$post[email]'";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- if(mysql_num_rows($rez))
+ if(mysql_num_rows($rez))
- {
+ {
- $users=mysql_fetch_array($rez);
+ $users=mysql_fetch_array($rez);
- $pwd = generatePass();
+ $pwd = generatePass();
- $pwd_enc = md5($pwd.SALT);
+ $pwd_enc = md5($pwd.SALT);
- $sql = "UPDATE users SET pwd='$pwd_enc' WHERE id=$users[id]";
+ $sql = "UPDATE users SET pwd='$pwd_enc' WHERE id=$users[id]";
- mysql_query($sql);
+ mysql_query($sql);
- mailClient($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],"Ваш новый пароль: $pwd");
+ mailClient($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],"Ваш новый пароль: $pwd");
- header("location:remind_pass.php?success=1");
+ header("location:remind_pass.php?success=1");
- } else $msg="Неверный адрес почты!";
+ } else $msg="Неверный адрес почты!";
- } else $msg="Не заполнены поля формы!";
+ } else $msg="Не заполнены поля формы!";
- return $msg;
+ return $msg;
- }
+ }
- public function change_pwd($post) {
+ public function change_pwd($post) {
- $msg = 0;
+ $msg = 0;
- if(!empty($post['pwd']) and !empty($post['old_pwd']) and !empty($post['pwd2']))
+ if(!empty($post['pwd']) and !empty($post['old_pwd']) and !empty($post['pwd2']))
- {
+ {
- $sql="SELECT * FROM users WHERE id='$_SESSION[id]'";
+ $sql="SELECT * FROM users WHERE id='$_SESSION[id]'";
- $rez=mysql_query($sql);
+ $rez=mysql_query($sql);
- if($users=mysql_fetch_assoc($rez))
+ if($users=mysql_fetch_assoc($rez))
- {
+ {
- if(md5($post['old_pwd'].SALT)==$users['pwd'])
+ if(md5($post['old_pwd'].SALT)==$users['pwd'])
- {
+ {
- if($post['pwd']==$post['pwd2'])
+ if($post['pwd']==$post['pwd2'])
- {
+ {
- $pwd = md5($post['pwd'].SALT);
+ $pwd = md5($post['pwd'].SALT);
- $sql = "UPDATE users SET pwd='$pwd' WHERE id=$_SESSION[id]";
+ $sql = "UPDATE users SET pwd='$pwd' WHERE id=$_SESSION[id]";
- mysql_query($sql);
+ mysql_query($sql);
- $f1=file("https://joywork.ru/template_mail/changepassword.html");
- $text = implode("",$f1);
+ $f1=file("https://joywork.ru/template_mail/changepassword.html");
+ $text = implode("",$f1);
- $text = str_replace("<%login%>", $users['phone'], $text);
- $text = str_replace("<%pass%>", $post['pwd'], $text);
+ $text = str_replace("<%login%>", $users['phone'], $text);
+ $text = str_replace("<%pass%>", $post['pwd'], $text);
- mailClientFromJoywork($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],$text);
+ mailClientFromJoywork($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],$text);
- header("location:settings.php?success=ok");
+ header("location:settings.php?success=ok");
- } else $msg="Пароль и подтверждение пароля не совпадают!";
+ } else $msg="Пароль и подтверждение пароля не совпадают!";
- } else $msg="Неверный пароль!";
+ } else $msg="Неверный пароль!";
- } else $msg="Пользователь не существует!";
+ } else $msg="Пользователь не существует!";
- } else $msg="Не заполнены поля формы!";
+ } else $msg="Не заполнены поля формы!";
- return $msg;
+ return $msg;
- }
+ }
- public function edit($post) {
+ public function edit($post) {
- $postf=clearInputData($_POST);
+ $postf=clearInputData($_POST);
- $postf['txt'] = strip_tags(mysql_real_escape_string($post['txt']));
+ $postf['txt'] = strip_tags(mysql_real_escape_string($post['txt']));
- $post['agency_name'] = htmlspecialchars($post['agency_name']);
- $post['first_name'] = htmlspecialchars($post['first_name']);
- $post['last_name'] = htmlspecialchars($post['last_name']);
- $post['middle_name'] = htmlspecialchars($post['middle_name']);
- $post['is_dispatcher'] = 0;
- if(isset($post['vpbx_id'])){
- if($post['vpbx_id'] == $post['phone']){
- $post['is_dispatcher'] = 1;
- }
- } else {
- $post['vpbx_id'] = "";
- }
+ $post['agency_name'] = htmlspecialchars($post['agency_name']);
+ $post['first_name'] = htmlspecialchars($post['first_name']);
+ $post['last_name'] = htmlspecialchars($post['last_name']);
+ $post['middle_name'] = htmlspecialchars($post['middle_name']);
+ $post['is_dispatcher'] = 0;
+ if(isset($post['vpbx_id'])){
+ if($post['vpbx_id'] == $post['phone']){
+ $post['is_dispatcher'] = 1;
+ }
+ } else {
+ $post['vpbx_id'] = "";
+ }
- $this->edit_api_ids($post, $_SESSION['id']);
- $gmtmsk = 0;
- if(isset($post['utc_edit'])){
- $gmtmsk = $post['utc_edit'] - 3;
- }
-
-
- if ($_SESSION['individual'] == 1) {
- $sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', txt='$postf[txt]', email='".trim($post['email'])."', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]";
- } else {
- $sql = "SELECT * FROM users WHERE phone='$post[phone]' and id <> $_SESSION[id]";
+ $this->edit_api_ids($post, $_SESSION['id']);
+ $gmtmsk = 0;
+ if(isset($post['utc_edit'])){
+ $gmtmsk = $post['utc_edit'] - 3;
+ }
- $rez = mysql_query($sql);
- if (mysql_num_rows($rez) > 0) {
- return "Пользователь с таким номером телефона уже существует.";
- } else {
- $sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', phone='$post[phone]', phone2='$post[phone2_user]', txt='$postf[txt]', email='" . trim($post['email']) . "', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]";
- }
-
- if($post['all_update_utc']){
- $agency_id = $this->getAgencyIdForUser($_SESSION['id']);
- $usersIds[] = $agency_id;
- $sql_users = "SELECT id FROM users WHERE id in (select id from users where id=$agency_id or id_manager=$agency_id or id_manager in
+ if ($_SESSION['individual'] == 1) {
+ $sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', txt='$postf[txt]', email='".trim($post['email'])."', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]";
+ } else {
+ $sql = "SELECT * FROM users WHERE phone='$post[phone]' and id <> $_SESSION[id]";
+
+ $rez = mysql_query($sql);
+
+ if (mysql_num_rows($rez) > 0) {
+ return "Пользователь с таким номером телефона уже существует.";
+ } else {
+ $sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', phone='$post[phone]', phone2='$post[phone2_user]', txt='$postf[txt]', email='" . trim($post['email']) . "', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]";
+ }
+
+ if($post['all_update_utc']){
+ $agency_id = $this->getAgencyIdForUser($_SESSION['id']);
+ $usersIds[] = $agency_id;
+ $sql_users = "SELECT id FROM users WHERE id in (select id from users where id=$agency_id or id_manager=$agency_id or id_manager in
(select id from users where id_manager=$agency_id or id_manager in
(select id from users where id_manager=$agency_id)))";
- $q_users = mysql_query($sql_users);
- while($r_users = mysql_fetch_assoc($q_users)){
- $usersIds[] = (int)$r_users['id'];
- }
- if(!empty($usersIds)) {
- $sqlAll = "UPDATE users SET gmtmsk = '$gmtmsk' WHERE id in (".implode(',',$usersIds).")";
- }
- }
- }
+ $q_users = mysql_query($sql_users);
+ while($r_users = mysql_fetch_assoc($q_users)){
+ $usersIds[] = (int)$r_users['id'];
+ }
+ if(!empty($usersIds)) {
+ $sqlAll = "UPDATE users SET gmtmsk = '$gmtmsk' WHERE id in (".implode(',',$usersIds).")";
+ }
+ }
+ }
- if (mysql_query($sql)) {
- if(isset($sqlAll)){
- mysql_query($sqlAll);
-
- }
- $sqlNewObjUser = "SELECT * FROM users WHERE id=$_SESSION[id]";
- $rezNewObjUser = mysql_query($sqlNewObjUser);
- $newObjUser = mysql_fetch_assoc($rezNewObjUser);
+ if (mysql_query($sql)) {
+ if(isset($sqlAll)){
+ mysql_query($sqlAll);
- $sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
- if ($newObjUser['agency'] == 0) {
- $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]";
- $rez=mysql_query($sql);
- $manager = mysql_fetch_assoc($rez);
+ }
+ $sqlNewObjUser = "SELECT * FROM users WHERE id=$_SESSION[id]";
+ $rezNewObjUser = mysql_query($sqlNewObjUser);
+ $newObjUser = mysql_fetch_assoc($rezNewObjUser);
- if ($manager['id_manager']) {
- $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
- } else {
- $agency = $manager;
- }
- if ($agency) {
- $sobstv = $sobstv . ", агентство " . $agency['agency_name'];
- }
- }
+ $sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
+ if ($newObjUser['agency'] == 0) {
+ $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]";
+ $rez=mysql_query($sql);
+ $manager = mysql_fetch_assoc($rez);
- if ($_SESSION['agency']) {
- if (!isset($post['on_agency_any_ip'])) {
- $post['on_agency_any_ip'] = 0;
- }
- $check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $_SESSION[id]";
- $check_permissions_result = mysql_query($check_permissions_sql);
+ if ($manager['id_manager']) {
+ $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
+ } else {
+ $agency = $manager;
+ }
+ if ($agency) {
+ $sobstv = $sobstv . ", агентство " . $agency['agency_name'];
+ }
+ }
- if (mysql_num_rows($check_permissions_result) > 0) {
- $sql_update_permissions = "UPDATE user_permissions SET allow_any_ip = '$post[on_agency_any_ip]' WHERE user_id=$_SESSION[id]";
- mysql_query($sql_update_permissions);
- } else {
- $permissions = [
- $_SESSION['id'],
- 1, 1, 1,
- 1, 1,
- 1,
- 1, 1, 1, 1,
- 1, 1, 1, 1,
- 1, 1, 1,
- 0, // комплексы выключены
- 1,
- 1,
- 1,
- $post['on_agency_any_ip'] ? 1 : 0
- ];
+ if ($_SESSION['agency']) {
+ if (!isset($post['on_agency_any_ip'])) {
+ $post['on_agency_any_ip'] = 0;
+ }
+ $check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $_SESSION[id]";
+ $check_permissions_result = mysql_query($check_permissions_sql);
- $values_str = implode(',', $permissions);
+ if (mysql_num_rows($check_permissions_result) > 0) {
+ $sql_update_permissions = "UPDATE user_permissions SET allow_any_ip = '$post[on_agency_any_ip]' WHERE user_id=$_SESSION[id]";
+ mysql_query($sql_update_permissions);
+ } else {
+ $permissions = [
+ $_SESSION['id'],
+ 1, 1, 1,
+ 1, 1,
+ 1,
+ 1, 1, 1, 1,
+ 1, 1, 1, 1,
+ 1, 1, 1,
+ 0, // комплексы выключены
+ 1,
+ 1,
+ 1,
+ $post['on_agency_any_ip'] ? 1 : 0
+ ];
- $insert_sql = "INSERT INTO user_permissions
+ $values_str = implode(',', $permissions);
+
+ $insert_sql = "INSERT INTO user_permissions
(user_id, menu_office, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit,
menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export,
menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export,
menu_partners, menu_docs, menu_settings, menu_complexes, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others, allow_any_ip)
VALUES ($values_str)";
- mysql_query($insert_sql);
- }
+ mysql_query($insert_sql);
+ }
- }
+ }
- //обновляем объекты пользователя
- $phone = $post['phone'];
-
- $sqlUpdateObj = "UPDATE objects SET is_main = 0, phone = '$phone', sobstv = '$sobstv' WHERE id_add_user=$_SESSION[id]";
- mysql_query($sqlUpdateObj);
+ //обновляем объекты пользователя
+ $phone = $post['phone'];
- $_SESSION['fio'] = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
- $_SESSION['agency_name'] = $post['agency_name'];
- $_SESSION['first_name'] = $post['first_name'];
- $_SESSION['last_name'] = $post['last_name'];
- $_SESSION['middle_name'] = $post['middle_name'];
- }
+ $sqlUpdateObj = "UPDATE objects SET is_main = 0, phone = '$phone', sobstv = '$sobstv' WHERE id_add_user=$_SESSION[id]";
+ mysql_query($sqlUpdateObj);
- header("location:settings.php?success2=ok");
+ $_SESSION['fio'] = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
+ $_SESSION['agency_name'] = $post['agency_name'];
+ $_SESSION['first_name'] = $post['first_name'];
+ $_SESSION['last_name'] = $post['last_name'];
+ $_SESSION['middle_name'] = $post['middle_name'];
+ }
- }
+ header("location:settings.php?success2=ok");
- public function edit_api_ids($post, $user_id) {
- $id=0;
- $sql = "SELECT * FROM user_api_keys WHERE user_id = {$user_id}";
- $q = mysql_query($sql);
- if(mysql_num_rows($q) == 0){
- $id = $this->gen_token($user_id);
- } else {
-
- $apis = mysql_fetch_assoc($q);
- $id = $apis['id'];
- }
- if($id > 0){
- $cian_id = (int)$post['cian_id'];
- $avito_id = (int)str_replace(' ', '', $post['avito_id']);
- $is_all_cian = 0;
- if($post['is_all_cian']){
- $is_all_cian = (int)$post['is_all_cian'];
- }
- $is_all_avito = 0;
- if($post['is_all_avito']){
- $is_all_avito = (int)$post['is_all_avito'];
- }
- $is_id_object = 0;
- if($post['is_id_object']){
- $is_id_object = (int)$post['is_id_object'];
- }
+ }
- $is_id_object_cian = 0;
- if($post['is_id_object_cian']){
- $is_id_object_cian = (int)$post['is_id_object_cian'];
- }
-
- $sql_up = "UPDATE user_api_keys SET cian_id = {$cian_id}, avito_id = {$avito_id}, is_all_cian={$is_all_cian}, is_all_avito={$is_all_avito}, is_id_object={$is_id_object}, is_id_object_cian={$is_id_object_cian} WHERE id = {$id}";
- mysql_query($sql_up);
- }
- }
+ public function edit_api_ids($post, $user_id) {
+ $id=0;
+ $sql = "SELECT * FROM user_api_keys WHERE user_id = {$user_id}";
+ $q = mysql_query($sql);
+ if(mysql_num_rows($q) == 0){
+ $id = $this->gen_token($user_id);
+ } else {
+
+ $apis = mysql_fetch_assoc($q);
+ $id = $apis['id'];
+ }
+ if($id > 0){
+ $cian_id = (int)$post['cian_id'];
+ $avito_id = (int)str_replace(' ', '', $post['avito_id']);
+ $is_all_cian = 0;
+ if($post['is_all_cian']){
+ $is_all_cian = (int)$post['is_all_cian'];
+ }
+ $is_all_avito = 0;
+ if($post['is_all_avito']){
+ $is_all_avito = (int)$post['is_all_avito'];
+ }
+ $is_id_object = 0;
+ if($post['is_id_object']){
+ $is_id_object = (int)$post['is_id_object'];
+ }
+
+ $is_id_object_cian = 0;
+ if($post['is_id_object_cian']){
+ $is_id_object_cian = (int)$post['is_id_object_cian'];
+ }
+
+ $sql_up = "UPDATE user_api_keys SET cian_id = {$cian_id}, avito_id = {$avito_id}, is_all_cian={$is_all_cian}, is_all_avito={$is_all_avito}, is_id_object={$is_id_object}, is_id_object_cian={$is_id_object_cian} WHERE id = {$id}";
+ mysql_query($sql_up);
+ }
+ }
public function edit_vk($postUi) {
- $post=clearInputData($postUi);
+ $post=clearInputData($postUi);
- $flag = isset($post['vkFromGroup']) ? 1 : 0;
+ $flag = isset($post['vkFromGroup']) ? 1 : 0;
- $sql = "UPDATE users SET vk_group_id='$post[vkGroup]', vk_post_as_group=$flag WHERE id=$_SESSION[id]";
+ $sql = "UPDATE users SET vk_group_id='$post[vkGroup]', vk_post_as_group=$flag WHERE id=$_SESSION[id]";
- mysql_query($sql);
+ mysql_query($sql);
- header("location:settings.php?success2=ok");
+ header("location:settings.php?success2=ok");
}
public function edit_zipal($postUi) {
- $post=clearInputData($postUi);
+ $post=clearInputData($postUi);
- $sql = "UPDATE users SET zipal_login='$post[zipalLogin]', zipal_password='$post[zipalPass]' WHERE id=$_SESSION[id]";
+ $sql = "UPDATE users SET zipal_login='$post[zipalLogin]', zipal_password='$post[zipalPass]' WHERE id=$_SESSION[id]";
- mysql_query($sql);
+ mysql_query($sql);
- header("location:settings.php?success2=ok");
+ header("location:settings.php?success2=ok");
}
public function edit_jcat($postUi) {
- $post=clearInputData($postUi);
+ $post=clearInputData($postUi);
- $sql = "UPDATE users SET jcat_api_key='$post[jcatApiKey]' WHERE id=$_SESSION[id]";
+ $sql = "UPDATE users SET jcat_api_key='$post[jcatApiKey]' WHERE id=$_SESSION[id]";
- mysql_query($sql);
+ mysql_query($sql);
- header("location:settings.php?success2=ok");
+ header("location:settings.php?success2=ok");
}
-
+
public function set_blocked($block, $id) {
$id = (int)$id;
@@ -1940,17 +1997,17 @@ $webHookIn->check_send($dataWhook);
$user = mysql_fetch_assoc($result);
if (!$user) die("Пользователь не найден");
- $agencyId = self::getUserAgencyID($id);
- $action = ($block == 1) ? "employee_block" : "employee_unblock";
- $dataWhook = array('action'=>$action, 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agencyId);
+ $agencyId = self::getUserAgencyID($id);
+ $action = ($block == 1) ? "employee_block" : "employee_unblock";
+ $dataWhook = array('action'=>$action, 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agencyId);
+
+ $w_in = new WebHookIn(null, $agencyId);
+ $w_in->check_send($dataWhook);
- $w_in = new WebHookIn(null, $agencyId);
- $w_in->check_send($dataWhook);
-
// Если статус меняется на "разблокирован" и пользователь — агент (не менеджер)
if ($block == 0 && !$user['manager']) {
-
+
if ($agencyId) {
mysql_query("UPDATE users SET id_manager = $agencyId WHERE id = $id")
or die("Ошибка обновления id_manager: " . mysql_error());
@@ -2019,248 +2076,248 @@ $webHookIn->check_send($dataWhook);
- /*public function set_moder($id,$mdb) {
+ /*public function set_moder($id,$mdb) {
- $sql="UPDATE users SET moder=1 WHERE id=$id";
+ $sql="UPDATE users SET moder=1 WHERE id=$id";
- mysql_query($sql,$mdb);
+ mysql_query($sql,$mdb);
- $sql="SELECT * FROM users WHERE id=$id";
+ $sql="SELECT * FROM users WHERE id=$id";
- $rez=mysql_query($sql,$mdb);
+ $rez=mysql_query($sql,$mdb);
- $users=mysql_fetch_assoc($rez);
+ $users=mysql_fetch_assoc($rez);
- mailClient($users['email'],"Аккаунт на сайте ".$_SERVER['SERVER_NAME'],"Ваш аккаунт был подтверждён администратором ресурса. Вы можете начать пользоваться системой.");
+ mailClient($users['email'],"Аккаунт на сайте ".$_SERVER['SERVER_NAME'],"Ваш аккаунт был подтверждён администратором ресурса. Вы можете начать пользоваться системой.");
- }*/
+ }*/
- public function set_manager($id_mngr, $id_user) {
+ public function set_manager($id_mngr, $id_user) {
- $id_agency = $_SESSION['id'];
+ $id_agency = $_SESSION['id'];
- $curUser = new User;
+ $curUser = new User;
- $curUser->checkPermissions();
+ $curUser->checkPermissions();
- if ($_SESSION['users_admin']) {
- $id_agency = $curUser->agencyId;
- }
+ if ($_SESSION['users_admin']) {
+ $id_agency = $curUser->agencyId;
+ }
- if($id_mngr == 0) // делаем юзера менеджером
+ if($id_mngr == 0) // делаем юзера менеджером
- {
+ {
- $sql = "UPDATE users SET manager=1, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id=$id_user";
+ $sql = "UPDATE users SET manager=1, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id=$id_user";
- mysql_query($sql);
+ mysql_query($sql);
- } elseif($id_mngr == -1) // разжаловать и сбросить всех агентов
+ } elseif($id_mngr == -1) // разжаловать и сбросить всех агентов
- {
- $id_agency = $curUser->agencyId;
- $sql = "UPDATE users SET manager=0, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id_manager=$id_user OR id=$id_user";
+ {
+ $id_agency = $curUser->agencyId;
+ $sql = "UPDATE users SET manager=0, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id_manager=$id_user OR id=$id_user";
- mysql_query($sql);
+ mysql_query($sql);
- } else // установить агенту менеджера
+ } else // установить агенту менеджера
- {
+ {
- $sql = "UPDATE users SET id_manager=$id_mngr, photo='$_SESSION[photo]' WHERE id=$id_user";
+ $sql = "UPDATE users SET id_manager=$id_mngr, photo='$_SESSION[photo]' WHERE id=$id_user";
- mysql_query($sql);
+ mysql_query($sql);
- }
+ }
- //return $this->getMyManagers();
+ //return $this->getMyManagers();
- }
+ }
- public function set_role($roleId, $userId, $depId){
- $id_agency = $_SESSION['id'];
+ public function set_role($roleId, $userId, $depId){
+ $id_agency = $_SESSION['id'];
- $curUser = new User;
+ $curUser = new User;
- $curUser->checkPermissions();
+ $curUser->checkPermissions();
- if ($_SESSION['users_admin']) {
- $id_agency = $curUser->agencyId;
- }
- $sql = "SELECT `id`, `role` FROM roles WHERE id = ".$roleId;
- $q = mysql_query($sql);
- $role = mysql_fetch_array($q);
+ if ($_SESSION['users_admin']) {
+ $id_agency = $curUser->agencyId;
+ }
+ $sql = "SELECT `id`, `role` FROM roles WHERE id = ".$roleId;
+ $q = mysql_query($sql);
+ $role = mysql_fetch_array($q);
- if($role['role'] == 'agent'){
- $managerId = $id_agency;
+ if($role['role'] == 'agent'){
+ $managerId = $id_agency;
//Ищем менеджера отдела
- $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND (role = 'admin_department' or role = 'manager') order by role";
+ $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND (role = 'admin_department' or role = 'manager') order by role";
- $q_a = mysql_query($sql_a);
- if(mysql_num_rows($q_a) > 0){
- while($r_a = mysql_fetch_assoc($q_a)){
+ $q_a = mysql_query($sql_a);
+ if(mysql_num_rows($q_a) > 0){
+ while($r_a = mysql_fetch_assoc($q_a)){
- $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1";
+ $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1";
- $q_u = mysql_query($sql_u);
- if(mysql_num_rows($q_u) > 0){
- $r_u = mysql_fetch_assoc($q_u);
- $managerId = (int)$r_u['id'];
- break;
- }
- }
- }
+ $q_u = mysql_query($sql_u);
+ if(mysql_num_rows($q_u) > 0){
+ $r_u = mysql_fetch_assoc($q_u);
+ $managerId = (int)$r_u['id'];
+ break;
+ }
+ }
+ }
//Делаем пользователя агентом отдела
- mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleId}, agent = 1, id_manager=$managerId, manager = 0 WHERE id = {$userId}");
+ mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleId}, agent = 1, id_manager=$managerId, manager = 0 WHERE id = {$userId}");
//если пользователь был менеджером, то сбрасываем его пользователь к агенству
- mysql_query("UPDATE users SET id_manager = {$id_agency}, department_id = 0, role_id = 0 WHERE id_manager = {$userId}");
- } else if($role['role'] == 'manager'){
+ mysql_query("UPDATE users SET id_manager = {$id_agency}, department_id = 0, role_id = 0 WHERE id_manager = {$userId}");
+ } else if($role['role'] == 'manager'){
//Поиск админа отдела
- $menager_id = $id_agency;
+ $menager_id = $id_agency;
//echo $menager_id;
- $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1";
- $q_a = mysql_query($sql_a);
- if(mysql_num_rows($q_a) > 0){
- $r_a = mysql_fetch_assoc($q_a);
- $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1";
- //echo $sql_u;
- $q_u = mysql_query($sql_u);
- if(mysql_num_rows($q_u) > 0){
- $r_u = mysql_fetch_assoc($q_u);
- $menager_id = (int)$r_u['id'];
- }
- }
+ $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1";
+ $q_a = mysql_query($sql_a);
+ if(mysql_num_rows($q_a) > 0){
+ $r_a = mysql_fetch_assoc($q_a);
+ $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1";
+ //echo $sql_u;
+ $q_u = mysql_query($sql_u);
+ if(mysql_num_rows($q_u) > 0){
+ $r_u = mysql_fetch_assoc($q_u);
+ $menager_id = (int)$r_u['id'];
+ }
+ }
//Делаем пользователя менеджером отдела
- $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 1, id_manager = {$menager_id} WHERE id = {$userId}";
+ $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 1, id_manager = {$menager_id} WHERE id = {$userId}";
- mysql_query($sql_up);
+ mysql_query($sql_up);
//Делаем всех пользователей этого менеджера агентами отдела
- $sql = "SELECT `id` FROM roles WHERE department_id = {$depId} and role = 'agent'";
- $q = mysql_query($sql);
- $roleBase = 0;
- if(mysql_num_rows($q) > 0){
- $role = mysql_fetch_array($q);
- $roleBase = $role['id'];
- }
- mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleBase} WHERE id_manager = {$userId} and manager = 0");
+ $sql = "SELECT `id` FROM roles WHERE department_id = {$depId} and role = 'agent'";
+ $q = mysql_query($sql);
+ $roleBase = 0;
+ if(mysql_num_rows($q) > 0){
+ $role = mysql_fetch_array($q);
+ $roleBase = $role['id'];
+ }
+ mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleBase} WHERE id_manager = {$userId} and manager = 0");
//Делаем всех свободных сотрудников отдела агентами этого менеджера
//mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND manager=0 AND (id_manager=0 or id_manager={$id_agency})");*/
- } else if($role['role'] == 'user_admin'){
+ } else if($role['role'] == 'user_admin'){
//Делаем пользователя псевдо руководителем
- mysql_query("UPDATE users SET users_admin = 1, department_id = {$depId}, role_id = {$roleId} WHERE id = {$userId}");
- } else if($role['role'] == 'admin_department'){
- mysql_query("UPDATE users SET department_id = {$depId}, manager = 1, id_manager = {$id_agency}, role_id = {$roleId} WHERE id = {$userId}");
+ mysql_query("UPDATE users SET users_admin = 1, department_id = {$depId}, role_id = {$roleId} WHERE id = {$userId}");
+ } else if($role['role'] == 'admin_department'){
+ mysql_query("UPDATE users SET department_id = {$depId}, manager = 1, id_manager = {$id_agency}, role_id = {$roleId} WHERE id = {$userId}");
//Переводим всех менеджеров и агентов отдела, привязанных к руководителю, к админу
- mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND id_manager = {$id_agency} AND id != {$userId}");
+ mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND id_manager = {$id_agency} AND id != {$userId}");
- } else if($role['role'] == 'manager_office'){
+ } else if($role['role'] == 'manager_office'){
//Поиск админа отдела
- $menager_id = $id_agency;
+ $menager_id = $id_agency;
//echo $menager_id;
- $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1";
- $q_a = mysql_query($sql_a);
- if(mysql_num_rows($q_a) > 0){
- $r_a = mysql_fetch_assoc($q_a);
- $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1";
- //echo $sql_u;
- $q_u = mysql_query($sql_u);
- if(mysql_num_rows($q_u) > 0){
- $r_u = mysql_fetch_assoc($q_u);
- $menager_id = (int)$r_u['id'];
- }
- }
- //Делаем пользователя офис менеджером отдела
- $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0, id_manager = {$menager_id} WHERE id = {$userId}";
+ $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1";
+ $q_a = mysql_query($sql_a);
+ if(mysql_num_rows($q_a) > 0){
+ $r_a = mysql_fetch_assoc($q_a);
+ $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1";
+ //echo $sql_u;
+ $q_u = mysql_query($sql_u);
+ if(mysql_num_rows($q_u) > 0){
+ $r_u = mysql_fetch_assoc($q_u);
+ $menager_id = (int)$r_u['id'];
+ }
+ }
+ //Делаем пользователя офис менеджером отдела
+ $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0, id_manager = {$menager_id} WHERE id = {$userId}";
- mysql_query($sql_up);
- } else if($role['role'] == 'manager_office_menager'){
- //Делаем пользователя офис менеджером наблюдателем отдела
- $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0 WHERE id = {$userId}";
+ mysql_query($sql_up);
+ } else if($role['role'] == 'manager_office_menager'){
+ //Делаем пользователя офис менеджером наблюдателем отдела
+ $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0 WHERE id = {$userId}";
- mysql_query($sql_up);
- }
- }
+ mysql_query($sql_up);
+ }
+ }
- public function getDepManagers($dep_id){
+ public function getDepManagers($dep_id){
- if (!$dep_id)
- return [];
+ if (!$dep_id)
+ return [];
- $res = array();
- $sql = "SELECT * FROM users WHERE manager=1 AND department_id = {$dep_id}";
+ $res = array();
+ $sql = "SELECT * FROM users WHERE manager=1 AND department_id = {$dep_id}";
- $q = mysql_query($sql);
- while($r = mysql_fetch_assoc($q)){
- $res[] = $r;
- }
- return $res;
- }
+ $q = mysql_query($sql);
+ while($r = mysql_fetch_assoc($q)){
+ $res[] = $r;
+ }
+ return $res;
+ }
- public function settings_email() {
+ public function settings_email() {
- $this->get($_SESSION['id']);
+ $this->get($_SESSION['id']);
- $post=clearInputData($_POST);
+ $post=clearInputData($_POST);
- $smtpSsl = $post['smtp_ssl'];
+ $smtpSsl = $post['smtp_ssl'];
- $type = $post['type'];
+ $type = $post['type'];
- if ($type != 5) {
+ if ($type != 5) {
- $smtpSsl = "1";
+ $smtpSsl = "1";
- }
+ }
- $sql = "UPDATE users SET smtp_from='$post[smtp_from]', smtp_fromname='$post[smtp_fromname]', smtp='$post[smtp]', smtp_ssl='$smtpSsl', smtp_port='$post[smtp_port]', smtp_lg='$post[smtp_lg]', smtp_pwd='$post[smtp_pwd]' WHERE id=$_SESSION[id]";
+ $sql = "UPDATE users SET smtp_from='$post[smtp_from]', smtp_fromname='$post[smtp_fromname]', smtp='$post[smtp]', smtp_ssl='$smtpSsl', smtp_port='$post[smtp_port]', smtp_lg='$post[smtp_lg]', smtp_pwd='$post[smtp_pwd]' WHERE id=$_SESSION[id]";
- mysql_query($sql);
+ mysql_query($sql);
- $f1=file("https://joywork.ru/template_mail/changemailsettings.html");
- $text = implode("",$f1);
+ $f1=file("https://joywork.ru/template_mail/changemailsettings.html");
+ $text = implode("",$f1);
- $try = checkMail($this->email, "Тестовое письмо", $text);
+ $try = checkMail($this->email, "Тестовое письмо", $text);
- if($try===true) $s=1; else $s=2;
+ if($try===true) $s=1; else $s=2;
- $sql = "UPDATE users SET smtp_check='$s' WHERE id=$_SESSION[id]";
+ $sql = "UPDATE users SET smtp_check='$s' WHERE id=$_SESSION[id]";
- mysql_query($sql);
+ mysql_query($sql);
- if($s == 2) return "Ошибка отправки тестового письма на почту ".$this->email.". Проверьте настройки.
$try
Для успешной настройки почты обратитесь в службу поддержки по тел. +7 812 981 56 17";
+ if($s == 2) return "Ошибка отправки тестового письма на почту ".$this->email.". Проверьте настройки.
$try
Для успешной настройки почты обратитесь в службу поддержки по тел. +7 812 981 56 17";
- else header("location:settings.php?success3=$s");
+ else header("location:settings.php?success3=$s");
- }
+ }
- public function add_agent($get) {
- $msg_user = '';
- if (!empty($get['email'])) {
- if(!empty($get['phone'])) {
- $sql = "SELECT * FROM users WHERE phone='$get[phone]'";
+ public function add_agent($get) {
+ $msg_user = '';
+ if (!empty($get['email'])) {
+ if(!empty($get['phone'])) {
+ $sql = "SELECT * FROM users WHERE phone='$get[phone]'";
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- if (mysql_num_rows($rez) == 0) {
- $sql="INSERT INTO users(fio, email, phone, agency_name, first_name, last_name, middle_name, agent, moder, date_reg, id_manager) VALUES('$get[fio]', '$get[email]', '$get[phone]', '$get[agency_name]', '$get[first_name]', '$get[last_name]', '$get[middle_name]', '1', '1', NOW(), '$_SESSION[id]')";
+ if (mysql_num_rows($rez) == 0) {
+ $sql="INSERT INTO users(fio, email, phone, agency_name, first_name, last_name, middle_name, agent, moder, date_reg, id_manager) VALUES('$get[fio]', '$get[email]', '$get[phone]', '$get[agency_name]', '$get[first_name]', '$get[last_name]', '$get[middle_name]', '1', '1', NOW(), '$_SESSION[id]')";
- mysql_query($sql);
+ mysql_query($sql);
- mailClient($get['email'],"Регистрация на сайте ".$_SERVER['SERVER_NAME'],"Вы зарегистрированы на сайте ".$_SERVER['SERVER_NAME'].". Для входа используйте номер телефона $get[phone] и пароль в смс.");
+ mailClient($get['email'],"Регистрация на сайте ".$_SERVER['SERVER_NAME'],"Вы зарегистрированы на сайте ".$_SERVER['SERVER_NAME'].". Для входа используйте номер телефона $get[phone] и пароль в смс.");
- } else $msg_user="Агент с таким номером телефона уже существует!";
- } else $msg_user="Не указан номер телефона!";
- } else $msg_user="Не указан E-Mail!";
+ } else $msg_user="Агент с таким номером телефона уже существует!";
+ } else $msg_user="Не указан номер телефона!";
+ } else $msg_user="Не указан E-Mail!";
- return $msg_user;
- }
+ return $msg_user;
+ }
public function add_agent_with_password($post) {
$msg_user = '';
@@ -2293,10 +2350,10 @@ $webHookIn->check_send($dataWhook);
$pwd = generatePass();
$pwd_enc = md5($pwd . SALT);
- if(isset($post['pass']) && ! empty(trim($post['pass']))){
- $pwd = trim($post['pass']);
- $pwd_enc = md5($pwd . SALT);
- }
+ if(isset($post['pass']) && ! empty(trim($post['pass']))){
+ $pwd = trim($post['pass']);
+ $pwd_enc = md5($pwd . SALT);
+ }
if (isset($post['is_dispatcher']) && $post['is_dispatcher'] == 1) {
$vpbx_id = $post['phone'];
@@ -2310,7 +2367,7 @@ $webHookIn->check_send($dataWhook);
}
}
- $role_developer = (int)($post['role_developer'] ? $post['role_developer'] : 0);
+ $role_developer = (int)($post['role_developer'] ? $post['role_developer'] : 0);
$agency_name = "";
if (!empty($post['agency_name']))
@@ -2435,7 +2492,7 @@ $webHookIn->check_send($dataWhook);
if (!empty($post['passport_date']))
$passport_date = date("Y-m-d H:i:s", strtotime($post['passport_date']));
- $wa_enabled = (int)$post['wa_enabled'];
+ $wa_enabled = (int)$post['wa_enabled'];
$sql2 = "INSERT INTO `users_info` (
user_id,
passport_serial,
@@ -2468,7 +2525,7 @@ $webHookIn->check_send($dataWhook);
'$wa_enabled'
)";
- mysql_query($sql2);
+ mysql_query($sql2);
if (!($_FILES['avatar']['size'] == 0 && $_FILES['avatar']['error'] == 0)) {
$curUser->setUserpic($user_id);
@@ -2483,79 +2540,79 @@ $webHookIn->check_send($dataWhook);
$text = str_replace("<%login%>", $post['phone'], $text);
$text = str_replace("<%pass%>", $pwd, $text);
- // mailClientFromJoywork($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text);
+ // mailClientFromJoywork($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text);
- if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) {
+ if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) {
- $advert_budget_total = 0;
- if (isset($post['advert_budget_total']))
- $advert_budget_total = (double)$post['advert_budget_total'];
+ $advert_budget_total = 0;
+ if (isset($post['advert_budget_total']))
+ $advert_budget_total = (double)$post['advert_budget_total'];
- $advert_budget_personal = 0;
- if (isset($post['advert_budget_personal']))
- $advert_budget_personal = $post['advert_budget_personal'];
+ $advert_budget_personal = 0;
+ if (isset($post['advert_budget_personal']))
+ $advert_budget_personal = $post['advert_budget_personal'];
- $advert_budget_avito = 0;
- if (isset($post['advert_budget_avito']))
- $advert_budget_avito = (double)$post['advert_budget_avito'];
+ $advert_budget_avito = 0;
+ if (isset($post['advert_budget_avito']))
+ $advert_budget_avito = (double)$post['advert_budget_avito'];
- $advert_budget_cian = 0;
- if (isset($post['advert_budget_cian']))
- $advert_budget_cian = (double)$post['advert_budget_cian'];
+ $advert_budget_cian = 0;
+ if (isset($post['advert_budget_cian']))
+ $advert_budget_cian = (double)$post['advert_budget_cian'];
- $advert_budget_domclick = 0;
- if (isset($post['advert_budget_domclick']))
- $advert_budget_domclick = (double)$post['advert_budget_domclick'];
+ $advert_budget_domclick = 0;
+ if (isset($post['advert_budget_domclick']))
+ $advert_budget_domclick = (double)$post['advert_budget_domclick'];
- $advert_budget_jcat = 0;
- if (isset($post['advert_budget_jcat']))
- $advert_budget_jcat = (double)$post['advert_budget_jcat'];
+ $advert_budget_jcat = 0;
+ if (isset($post['advert_budget_jcat']))
+ $advert_budget_jcat = (double)$post['advert_budget_jcat'];
- $advert_budget_yandex = 0;
- if (isset($post['advert_budget_yandex']))
- $advert_budget_yandex = (double)$post['advert_budget_yandex'];
+ $advert_budget_yandex = 0;
+ if (isset($post['advert_budget_yandex']))
+ $advert_budget_yandex = (double)$post['advert_budget_yandex'];
- $advert_budget_avito_unlimited = 0;
- if (isset($post['advert_budget_avito_unlimited']))
- $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited'];
+ $advert_budget_avito_unlimited = 0;
+ if (isset($post['advert_budget_avito_unlimited']))
+ $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited'];
- $advert_budget_cian_unlimited = 0;
- if (isset($post['advert_budget_cian_unlimited']))
- $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited'];
+ $advert_budget_cian_unlimited = 0;
+ if (isset($post['advert_budget_cian_unlimited']))
+ $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited'];
- $advert_budget_domclick_unlimited = 0;
- if (isset($post['advert_budget_domclick_unlimited']))
- $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited'];
+ $advert_budget_domclick_unlimited = 0;
+ if (isset($post['advert_budget_domclick_unlimited']))
+ $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited'];
- $advert_budget_jcat_unlimited = 0;
- if (isset($post['advert_budget_jcat_unlimited']))
- $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited'];
+ $advert_budget_jcat_unlimited = 0;
+ if (isset($post['advert_budget_jcat_unlimited']))
+ $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited'];
- $advert_budget_yandex_unlimited = 0;
- if (isset($post['advert_budget_yandex_unlimited']))
- $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited'];
+ $advert_budget_yandex_unlimited = 0;
+ if (isset($post['advert_budget_yandex_unlimited']))
+ $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited'];
- $advert_budgets = new AdvertBudgets();
- $advert_budgets->setAdvertBudget([
- 'user_id' => $user_id,
- 'total' => $advert_budget_total,
- 'personal' => $advert_budget_personal,
- 'avito' => $advert_budget_avito,
- 'avito_unlimited' => $advert_budget_avito_unlimited,
- 'cian' => $advert_budget_cian,
- 'cian_unlimited' => $advert_budget_cian_unlimited,
- 'domclick' => $advert_budget_domclick,
- 'domclick_unlimited' => $advert_budget_domclick_unlimited,
- 'jcat' => $advert_budget_jcat,
- 'jcat_unlimited' => $advert_budget_jcat_unlimited,
- 'yandex' => $advert_budget_yandex,
- 'yandex_unlimited' => $advert_budget_yandex_unlimited,
- ]);
- }
+ $advert_budgets = new AdvertBudgets();
+ $advert_budgets->setAdvertBudget([
+ 'user_id' => $user_id,
+ 'total' => $advert_budget_total,
+ 'personal' => $advert_budget_personal,
+ 'avito' => $advert_budget_avito,
+ 'avito_unlimited' => $advert_budget_avito_unlimited,
+ 'cian' => $advert_budget_cian,
+ 'cian_unlimited' => $advert_budget_cian_unlimited,
+ 'domclick' => $advert_budget_domclick,
+ 'domclick_unlimited' => $advert_budget_domclick_unlimited,
+ 'jcat' => $advert_budget_jcat,
+ 'jcat_unlimited' => $advert_budget_jcat_unlimited,
+ 'yandex' => $advert_budget_yandex,
+ 'yandex_unlimited' => $advert_budget_yandex_unlimited,
+ ]);
+ }
- $dataWhook = array('action'=>'employee_create', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$sql_company_id);
- $w_in = new WebHookIn(null, $sql_company_id);
- $w_in->check_send($dataWhook);
+ $dataWhook = array('action'=>'employee_create', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$sql_company_id);
+ $w_in = new WebHookIn(null, $sql_company_id);
+ $w_in->check_send($dataWhook);
} else $msg_user = mysql_error() . "Произошла ошибка при добавлении пользователя!";
} else $msg_user = "Агент с таким номером телефона уже существует!";
} else $msg_user = "Не указан номер телефона!";
@@ -2564,21 +2621,21 @@ $webHookIn->check_send($dataWhook);
return $msg_user;
}
- public function edit_agent_password($post)
- {
- if(isset($post['new_password']) && !empty(trim($post['new_password']))){
- $pwd = trim($post['new_password']);
- $pwd_enc = md5($pwd . SALT);
+ public function edit_agent_password($post)
+ {
+ if(isset($post['new_password']) && !empty(trim($post['new_password']))){
+ $pwd = trim($post['new_password']);
+ $pwd_enc = md5($pwd . SALT);
- $user_id = $post['user_id'];
+ $user_id = $post['user_id'];
- $sql = "UPDATE users SET pwd = '{$pwd_enc}', is_pwd=1 WHERE id = $user_id";
+ $sql = "UPDATE users SET pwd = '{$pwd_enc}', is_pwd=1 WHERE id = $user_id";
- mysql_query($sql);
+ mysql_query($sql);
- return ["success" => true];
- }
- }
+ return ["success" => true];
+ }
+ }
public function edit_agent_budget($post) {
$user_id = (int)$post['ok_agent_id'];
@@ -2681,53 +2738,53 @@ $webHookIn->check_send($dataWhook);
return ['error' => $msg_user];
}
- public function edit_agent($post) {
- $msg_user = '';
- if (!empty($post['email'])) {
- if (!empty($post['phone'])) {
- if (!empty($post['last_name'])) {
- if (!empty($post['first_name'])) {
- $sql = "SELECT * FROM users WHERE phone='$post[phone]' AND id != $post[ok_agent_id]";
- $rez = mysql_query($sql);
+ public function edit_agent($post) {
+ $msg_user = '';
+ if (!empty($post['email'])) {
+ if (!empty($post['phone'])) {
+ if (!empty($post['last_name'])) {
+ if (!empty($post['first_name'])) {
+ $sql = "SELECT * FROM users WHERE phone='$post[phone]' AND id != $post[ok_agent_id]";
+ $rez = mysql_query($sql);
- if (mysql_num_rows($rez) == 0) {
+ if (mysql_num_rows($rez) == 0) {
- if (isset($post['is_dispatcher']) && $post['is_dispatcher'] == 1) {
- $vpbx_id = $post['phone'];
- $is_dis = 1;
- } else {
- $is_dis = 0;
- if (!empty($post['vpbx_id'])) {
- $vpbx_id = $post['vpbx_id'];
- } else {
- $vpbx_id = "";
- }
- }
+ if (isset($post['is_dispatcher']) && $post['is_dispatcher'] == 1) {
+ $vpbx_id = $post['phone'];
+ $is_dis = 1;
+ } else {
+ $is_dis = 0;
+ if (!empty($post['vpbx_id'])) {
+ $vpbx_id = $post['vpbx_id'];
+ } else {
+ $vpbx_id = "";
+ }
+ }
- if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){
- $pwd = trim($post['pass-edit']);
- $pwd_enc = md5($pwd . SALT);
- }
+ if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){
+ $pwd = trim($post['pass-edit']);
+ $pwd_enc = md5($pwd . SALT);
+ }
- $advert_budget = null;
- $user_id = (int)$post['ok_agent_id'];
- $birthday = "";
- if (!empty($post['birthday']))
- $birthday = date("Y-m-d H:i:s", strtotime($post['birthday']));
- $gmtmsk = 0;
- if(isset($post['utc-edit'])){
- $gmtmsk = $post['utc-edit'] - 3;
- }
+ $advert_budget = null;
+ $user_id = (int)$post['ok_agent_id'];
+ $birthday = "";
+ if (!empty($post['birthday']))
+ $birthday = date("Y-m-d H:i:s", strtotime($post['birthday']));
+ $gmtmsk = 0;
+ if(isset($post['utc-edit'])){
+ $gmtmsk = $post['utc-edit'] - 3;
+ }
- $agency_id = self::getUserAgencyID($_SESSION['id']);
- $webHookIn = new WebHookIn(null, $agency_id);
-
- $is_send_webhook = $webHookIn->check_hook('employee_update', 'employee');
- if($is_send_webhook){
- $webHookIn->save_temp_employee($user_id);
- }
-
- $sql = "UPDATE users
+ $agency_id = self::getUserAgencyID($_SESSION['id']);
+ $webHookIn = new WebHookIn(null, $agency_id);
+
+ $is_send_webhook = $webHookIn->check_hook('employee_update', 'employee');
+ if($is_send_webhook){
+ $webHookIn->save_temp_employee($user_id);
+ }
+
+ $sql = "UPDATE users
SET email='$post[email]',
phone='$post[phone]',
agency_name='$post[agency_name]',
@@ -2741,65 +2798,65 @@ $webHookIn->check_send($dataWhook);
birthday='$birthday',
gmtmsk = '$gmtmsk'";
- if (isset($pwd_enc)) {
- $sql .= ", pwd = '{$pwd_enc}', is_pwd=1";
- }
- $sql .= " WHERE id = $user_id";
+ if (isset($pwd_enc)) {
+ $sql .= ", pwd = '{$pwd_enc}', is_pwd=1";
+ }
+ $sql .= " WHERE id = $user_id";
- if (mysql_query($sql)) {
- if($is_send_webhook){
- $dataWhook = array('action'=>'employee_update', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agency_id);
- $webHookIn->check_send($dataWhook);
- }
+ if (mysql_query($sql)) {
+ if($is_send_webhook){
+ $dataWhook = array('action'=>'employee_update', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agency_id);
+ $webHookIn->check_send($dataWhook);
+ }
- $this->edit_api_ids($post, $user_id);
+ $this->edit_api_ids($post, $user_id);
- $sqlNewObjUser = "SELECT * FROM users WHERE id=$user_id";
- $rezNewObjUser = mysql_query($sqlNewObjUser);
- $newObjUser = mysql_fetch_assoc($rezNewObjUser);
+ $sqlNewObjUser = "SELECT * FROM users WHERE id=$user_id";
+ $rezNewObjUser = mysql_query($sqlNewObjUser);
+ $newObjUser = mysql_fetch_assoc($rezNewObjUser);
- $phone = $post['phone'];
+ $phone = $post['phone'];
- $num_search = User::num_search($post['phone']);
- $sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
+ $num_search = User::num_search($post['phone']);
+ $sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
- if ($newObjUser['agency'] == 0) {
- $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]";
- $rez=mysql_query($sql);
- $manager = mysql_fetch_assoc($rez);
+ if ($newObjUser['agency'] == 0) {
+ $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]";
+ $rez=mysql_query($sql);
+ $manager = mysql_fetch_assoc($rez);
- if($manager['id_manager']) {
- $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
- } else {
- $agency = $manager;
- }
- if ($agency) {
- $sobstv = $sobstv . ", агентство " . $agency['agency_name'];
- }
- }
+ if($manager['id_manager']) {
+ $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
+ } else {
+ $agency = $manager;
+ }
+ if ($agency) {
+ $sobstv = $sobstv . ", агентство " . $agency['agency_name'];
+ }
+ }
- //обновляем объекты пользователя
- $sql = "UPDATE objects SET is_main = 0, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$user_id";
- mysql_query($sql);
+ //обновляем объекты пользователя
+ $sql = "UPDATE objects SET is_main = 0, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$user_id";
+ mysql_query($sql);
- $this->agency_name = $post['agency_name'];
- $this->last_name = $post['last_name'];
- $this->first_name = $post['first_name'];
- $this->middle_name = $post['middle_name'];
- $this->phone = $post['phone'];
- $this->email = $post['email'];
- $this->birthday = $birthday;
+ $this->agency_name = $post['agency_name'];
+ $this->last_name = $post['last_name'];
+ $this->first_name = $post['first_name'];
+ $this->middle_name = $post['middle_name'];
+ $this->phone = $post['phone'];
+ $this->email = $post['email'];
+ $this->birthday = $birthday;
- $passport_date = "NULL";
- if (!empty($post['passport_date']))
- $passport_date = date("Y-m-d H:i:s", strtotime($post['passport_date']));
+ $passport_date = "NULL";
+ if (!empty($post['passport_date']))
+ $passport_date = date("Y-m-d H:i:s", strtotime($post['passport_date']));
- $wa_enabled = (int)$post['wa_enabled'];
+ $wa_enabled = (int)$post['wa_enabled'];
- $sql1 = "SELECT count(id) FROM `users_info` WHERE user_id = $user_id";
- $rez = mysql_query($sql1);
- if (mysql_result($rez,0)) {
- $sql2 = "UPDATE `users_info`
+ $sql1 = "SELECT count(id) FROM `users_info` WHERE user_id = $user_id";
+ $rez = mysql_query($sql1);
+ if (mysql_result($rez,0)) {
+ $sql2 = "UPDATE `users_info`
SET passport_serial='$post[passport_serial]',
passport_number='$post[passport_number]',
passport_date='$passport_date',
@@ -2814,8 +2871,8 @@ $webHookIn->check_send($dataWhook);
soc_wa='$post[soc_wa]',
wa_enabled='$wa_enabled'
WHERE user_id = $user_id";
- } else {
- $sql2 = "INSERT INTO `users_info` (
+ } else {
+ $sql2 = "INSERT INTO `users_info` (
user_id,
passport_serial,
passport_number,
@@ -2846,106 +2903,106 @@ $webHookIn->check_send($dataWhook);
'$post[soc_wa]',
'$wa_enabled'
)";
- }
+ }
- mysql_query($sql2);
+ mysql_query($sql2);
- if (!($_FILES['avatar']['size'] == 0 && $_FILES['avatar']['error'] == 0)) {
- if ($user_logo = $this->setUserpic($user_id))
- if ($user_logo) {
- $this->user_logo = $this->_serverUserpicPath . '/' . $user_logo;
- }
- } else {
- $user_logo = mysql_fetch_assoc(mysql_query("SELECT user_logo FROM users WHERE id=$user_id"))['user_logo'];
- if ($user_logo) {
- $this->user_logo = $this->_serverUserpicPath . '/' . $user_logo;
- }
- }
+ if (!($_FILES['avatar']['size'] == 0 && $_FILES['avatar']['error'] == 0)) {
+ if ($user_logo = $this->setUserpic($user_id))
+ if ($user_logo) {
+ $this->user_logo = $this->_serverUserpicPath . '/' . $user_logo;
+ }
+ } else {
+ $user_logo = mysql_fetch_assoc(mysql_query("SELECT user_logo FROM users WHERE id=$user_id"))['user_logo'];
+ if ($user_logo) {
+ $this->user_logo = $this->_serverUserpicPath . '/' . $user_logo;
+ }
+ }
- if (!($_FILES['files']['size'] == 0 && $_FILES['files']['error'] == 0)) {
- if ($files = $this->uploadFiles($user_id)) {
- $this->files = $files;
- }
- }
+ if (!($_FILES['files']['size'] == 0 && $_FILES['files']['error'] == 0)) {
+ if ($files = $this->uploadFiles($user_id)) {
+ $this->files = $files;
+ }
+ }
- if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){
- $pwd = trim($post['pass-edit']);
- $pwd_enc = md5($pwd . SALT);
- }
+ if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){
+ $pwd = trim($post['pass-edit']);
+ $pwd_enc = md5($pwd . SALT);
+ }
- //отключаем, так как по отдельной кнопке обновляем
- /*if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) {
+ //отключаем, так как по отдельной кнопке обновляем
+ /*if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) {
- $advert_budget_total = 0;
- if (isset($post['advert_budget_total']))
- $advert_budget_total = (double)$post['advert_budget_total'];
+ $advert_budget_total = 0;
+ if (isset($post['advert_budget_total']))
+ $advert_budget_total = (double)$post['advert_budget_total'];
- $advert_budget_personal = 0;
- if (isset($post['advert_budget_personal']))
- $advert_budget_personal = $post['advert_budget_personal'];
+ $advert_budget_personal = 0;
+ if (isset($post['advert_budget_personal']))
+ $advert_budget_personal = $post['advert_budget_personal'];
- $advert_budget_avito = 0;
- if (isset($post['advert_budget_avito']))
- $advert_budget_avito = (double)$post['advert_budget_avito'];
+ $advert_budget_avito = 0;
+ if (isset($post['advert_budget_avito']))
+ $advert_budget_avito = (double)$post['advert_budget_avito'];
- $advert_budget_cian = 0;
- if (isset($post['advert_budget_cian']))
- $advert_budget_cian = (double)$post['advert_budget_cian'];
+ $advert_budget_cian = 0;
+ if (isset($post['advert_budget_cian']))
+ $advert_budget_cian = (double)$post['advert_budget_cian'];
- $advert_budget_domclick = 0;
- if (isset($post['advert_budget_domclick']))
- $advert_budget_domclick = (double)$post['advert_budget_domclick'];
+ $advert_budget_domclick = 0;
+ if (isset($post['advert_budget_domclick']))
+ $advert_budget_domclick = (double)$post['advert_budget_domclick'];
- $advert_budget_jcat = 0;
- if (isset($post['advert_budget_jcat']))
- $advert_budget_jcat = (double)$post['advert_budget_jcat'];
+ $advert_budget_jcat = 0;
+ if (isset($post['advert_budget_jcat']))
+ $advert_budget_jcat = (double)$post['advert_budget_jcat'];
- $advert_budget_yandex = 0;
- if (isset($post['advert_budget_yandex']))
- $advert_budget_yandex = (double)$post['advert_budget_yandex'];
+ $advert_budget_yandex = 0;
+ if (isset($post['advert_budget_yandex']))
+ $advert_budget_yandex = (double)$post['advert_budget_yandex'];
- $advert_budget_avito_unlimited = 0;
- if (isset($post['advert_budget_avito_unlimited']))
- $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited'];
+ $advert_budget_avito_unlimited = 0;
+ if (isset($post['advert_budget_avito_unlimited']))
+ $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited'];
- $advert_budget_cian_unlimited = 0;
- if (isset($post['advert_budget_cian_unlimited']))
- $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited'];
+ $advert_budget_cian_unlimited = 0;
+ if (isset($post['advert_budget_cian_unlimited']))
+ $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited'];
- $advert_budget_domclick_unlimited = 0;
- if (isset($post['advert_budget_domclick_unlimited']))
- $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited'];
+ $advert_budget_domclick_unlimited = 0;
+ if (isset($post['advert_budget_domclick_unlimited']))
+ $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited'];
- $advert_budget_jcat_unlimited = 0;
- if (isset($post['advert_budget_jcat_unlimited']))
- $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited'];
+ $advert_budget_jcat_unlimited = 0;
+ if (isset($post['advert_budget_jcat_unlimited']))
+ $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited'];
- $advert_budget_yandex_unlimited = 0;
- if (isset($post['advert_budget_yandex_unlimited']))
- $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited'];
+ $advert_budget_yandex_unlimited = 0;
+ if (isset($post['advert_budget_yandex_unlimited']))
+ $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited'];
$advert_do_not_reinit_monthly = 0;
if (isset($post['do_not_reinit_monthly']))
$advert_do_not_reinit_monthly = (int)$post['do_not_reinit_monthly'];
- $advert_budgets_inst = new AdvertBudgets();
- $advert_budget = $advert_budgets_inst->setAdvertBudget([
- 'user_id' => $user_id,
- 'total' => $advert_budget_total,
- 'personal' => $advert_budget_personal,
- 'avito' => $advert_budget_avito,
- 'avito_unlimited' => $advert_budget_avito_unlimited,
- 'cian' => $advert_budget_cian,
- 'cian_unlimited' => $advert_budget_cian_unlimited,
- 'domclick' => $advert_budget_domclick,
- 'domclick_unlimited' => $advert_budget_domclick_unlimited,
- 'jcat' => $advert_budget_jcat,
- 'jcat_unlimited' => $advert_budget_jcat_unlimited,
- 'yandex' => $advert_budget_yandex,
- 'yandex_unlimited' => $advert_budget_yandex_unlimited,
- 'do_not_reinit_monthly' => $advert_do_not_reinit_monthly,
- ]);
- }*/
+ $advert_budgets_inst = new AdvertBudgets();
+ $advert_budget = $advert_budgets_inst->setAdvertBudget([
+ 'user_id' => $user_id,
+ 'total' => $advert_budget_total,
+ 'personal' => $advert_budget_personal,
+ 'avito' => $advert_budget_avito,
+ 'avito_unlimited' => $advert_budget_avito_unlimited,
+ 'cian' => $advert_budget_cian,
+ 'cian_unlimited' => $advert_budget_cian_unlimited,
+ 'domclick' => $advert_budget_domclick,
+ 'domclick_unlimited' => $advert_budget_domclick_unlimited,
+ 'jcat' => $advert_budget_jcat,
+ 'jcat_unlimited' => $advert_budget_jcat_unlimited,
+ 'yandex' => $advert_budget_yandex,
+ 'yandex_unlimited' => $advert_budget_yandex_unlimited,
+ 'do_not_reinit_monthly' => $advert_do_not_reinit_monthly,
+ ]);
+ }*/
if (!isset($post["on_any_ip"])) {
$post["on_any_ip"] = 0;
@@ -2955,7 +3012,7 @@ $webHookIn->check_send($dataWhook);
$post["on_hide_client_contacts"] = 0;
}
- //Update permissions
+ //Update permissions
$sql_check_perm = "SELECT count(id) FROM `user_permissions` WHERE user_id = $user_id";
$rez_check_perm = mysql_query($sql_check_perm);
if (mysql_result($rez_check_perm,0)) {
@@ -3045,73 +3102,73 @@ $webHookIn->check_send($dataWhook);
'$post[on_hide_client_contacts]'
)";
}
- // echo($sql_update_permissions);die;
+ // echo($sql_update_permissions);die;
mysql_query($sql_update_permissions);
- $data = [
- 'id' => $user_id,
- 'agency_name' => $this->agency_name,
- 'last_name' => $this->last_name,
- 'first_name' => $this->first_name,
- 'middle_name' => $this->middle_name,
- 'phone' => $this->phone,
- 'email' => $this->email,
- 'user_logo' => $this->user_logo,
- 'passport_date' => $passport_date,
- ];
+ $data = [
+ 'id' => $user_id,
+ 'agency_name' => $this->agency_name,
+ 'last_name' => $this->last_name,
+ 'first_name' => $this->first_name,
+ 'middle_name' => $this->middle_name,
+ 'phone' => $this->phone,
+ 'email' => $this->email,
+ 'user_logo' => $this->user_logo,
+ 'passport_date' => $passport_date,
+ ];
- if (!is_null($advert_budget)) {
- if ($advert_budget['success'] == true) {
- $data['advert_budget'] = [
- 'total' => $advert_budget['total'],
- 'amount' => $advert_budget['amount'],
- 'balance' => $advert_budget['balance'],
- ];
- } else {
- $msg_user = implode('
', $advert_budget['errors']);
- }
- }
+ if (!is_null($advert_budget)) {
+ if ($advert_budget['success'] == true) {
+ $data['advert_budget'] = [
+ 'total' => $advert_budget['total'],
+ 'amount' => $advert_budget['amount'],
+ 'balance' => $advert_budget['balance'],
+ ];
+ } else {
+ $msg_user = implode('
', $advert_budget['errors']);
+ }
+ }
- if (empty($msg_user)) {
- return $data;
- }
- } else $msg_user = "Произошла ошибка при сохранении пользователя.!";
+ if (empty($msg_user)) {
+ return $data;
+ }
+ } else $msg_user = "Произошла ошибка при сохранении пользователя.!";
- } else $msg_user = "Агент с таким номером телефона уже существует!";
- } else $msg_user = "Не указано Имя пользователя!";
- } else $msg_user = "Не указана Фамилия пользователя!";
- } else $msg_user = "Не указан номер телефона!";
- } else $msg_user = "Не указан E-Mail!";
+ } else $msg_user = "Агент с таким номером телефона уже существует!";
+ } else $msg_user = "Не указано Имя пользователя!";
+ } else $msg_user = "Не указана Фамилия пользователя!";
+ } else $msg_user = "Не указан номер телефона!";
+ } else $msg_user = "Не указан E-Mail!";
- return ['error' => $msg_user];
- }
+ return ['error' => $msg_user];
+ }
- public static function getAllAgencyUsers($agencyId = false) {
+ public static function getAllAgencyUsers($agencyId = false) {
- $agentIds = [];
- if (isset($_SESSION['id']))
- $agentIds[] = $_SESSION['id'];
+ $agentIds = [];
+ if (isset($_SESSION['id']))
+ $agentIds[] = $_SESSION['id'];
- if ($agencyId) {
- $agentIds[] = $agencyId;
+ if ($agencyId) {
+ $agentIds[] = $agencyId;
- $agentsOfAgency = self::getAllAgents($agencyId);
- foreach ($agentsOfAgency as $agent) {
- if (!in_array($agent['id'], $agentIds)) {
- $agentIds[] = $agent['id'];
- }
- }
+ $agentsOfAgency = self::getAllAgents($agencyId);
+ foreach ($agentsOfAgency as $agent) {
+ if (!in_array($agent['id'], $agentIds)) {
+ $agentIds[] = $agent['id'];
+ }
+ }
- $agentsOfManager = self::getAllManagers($agencyId);
- foreach ($agentsOfManager as $agent) {
- if (!in_array($agent['id'], $agentIds)) {
- $agentIds[] = $agent['id'];
- }
- }
- }
+ $agentsOfManager = self::getAllManagers($agencyId);
+ foreach ($agentsOfManager as $agent) {
+ if (!in_array($agent['id'], $agentIds)) {
+ $agentIds[] = $agent['id'];
+ }
+ }
+ }
- return array_unique($agentIds);
- }
+ return array_unique($agentIds);
+ }
public static function getAgencyIdForUser($userId) {
return self::getUserAgencyID($userId);
@@ -3139,290 +3196,290 @@ $webHookIn->check_send($dataWhook);
$agency_id = intval($agency['id']);
} else {
if ($agency['id_manager']) {
- $agency2 = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]"));
- if($agency2['id_manager'])
- $agency_id = intval($agency2['id_manager']);
- else
- $agency_id = intval($agency['id_manager']);
-
- }
+ $agency2 = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]"));
+ if($agency2['id_manager'])
+ $agency_id = intval($agency2['id_manager']);
+ else
+ $agency_id = intval($agency['id_manager']);
+
+ }
else if ($user['id_manager'])
$agency_id = intval($user['id_manager']);
else
$agency_id = intval($user['id']);
}
} else if (isset($_SESSION['id'])) {
- $agency_id = intval($_SESSION['id']);
+ $agency_id = intval($_SESSION['id']);
}
return $agency_id;
}
- public static function getAllAgency($agent = false, $block = false, $active = false, $from = 0, $to = 1000){
+ public static function getAllAgency($agent = false, $block = false, $active = false, $from = 0, $to = 1000){
- if($agent) {
- if ($block) {
- $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1";
- } else {
- $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0";
- }
- } else {
- if ($block) {
- $usl = "agency=1 AND blocked = 1";
- } else {
- $usl = "agency=1 AND blocked = 0";
- }
- }
+ if($agent) {
+ if ($block) {
+ $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1";
+ } else {
+ $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0";
+ }
+ } else {
+ if ($block) {
+ $usl = "agency=1 AND blocked = 1";
+ } else {
+ $usl = "agency=1 AND blocked = 0";
+ }
+ }
- if ($active) {
- $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)";
- }
+ if ($active) {
+ $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)";
+ }
- $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to";
+ $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to";
- if (isset($_GET['dev'])) {
- echo $sql;
- }
+ if (isset($_GET['dev'])) {
+ echo $sql;
+ }
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- $agency = array();
+ $agency = array();
- while($ag = mysql_fetch_assoc($rez))
+ while($ag = mysql_fetch_assoc($rez))
- {
+ {
- if($ag['id_tarif']) {
- $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0);
- }
+ if($ag['id_tarif']) {
+ $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0);
+ }
- else $ag['tarif'] = "";
+ else $ag['tarif'] = "";
- $agency[] = $ag;
+ $agency[] = $ag;
- }
+ }
- return $agency;
+ return $agency;
- }
+ }
- public static function getAllDeveloper($block = false, $active = false, $from = 0, $to = 1000){
- $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0";
- if ($block) {
- $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 1";
- } else {
- $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 0";
- }
+ public static function getAllDeveloper($block = false, $active = false, $from = 0, $to = 1000){
+ $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0";
+ if ($block) {
+ $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 1";
+ } else {
+ $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 0";
+ }
- if ($active) {
- $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)";
- }
+ if ($active) {
+ $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)";
+ }
- $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to";
+ $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to";
- if (isset($_GET['dev']))
- {
- echo $sql;
- }
+ if (isset($_GET['dev']))
+ {
+ echo $sql;
+ }
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- $developers = array();
+ $developers = array();
- while($dev = mysql_fetch_assoc($rez))
- {
- if($id_tarif = $dev['id_tarif'])
- {
- $dev['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id = $id_tarif"),0);
- }
+ while($dev = mysql_fetch_assoc($rez))
+ {
+ if($id_tarif = $dev['id_tarif'])
+ {
+ $dev['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id = $id_tarif"),0);
+ }
- else $dev['tarif'] = "";
- $developers[] = $dev;
- }
+ else $dev['tarif'] = "";
+ $developers[] = $dev;
+ }
- return $developers;
- }
+ return $developers;
+ }
- public static function countAllAgency($agent = false, $block = false, $active = false){
+ public static function countAllAgency($agent = false, $block = false, $active = false){
- if($agent) {
- if ($block) {
- $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1";
- } else {
- $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0";
- }
- } else {
- if ($block) {
- $usl = "agency=1 AND blocked = 1";
- } else {
- $usl = "agency=1 AND blocked = 0";
- }
- }
+ if($agent) {
+ if ($block) {
+ $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1";
+ } else {
+ $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0";
+ }
+ } else {
+ if ($block) {
+ $usl = "agency=1 AND blocked = 1";
+ } else {
+ $usl = "agency=1 AND blocked = 0";
+ }
+ }
- if ($active) {
- $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)";
- }
+ if ($active) {
+ $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)";
+ }
- $sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC";
+ $sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC";
- if (isset($_GET['dev'])) {
- echo $sql;
- }
+ if (isset($_GET['dev'])) {
+ echo $sql;
+ }
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- return mysql_result($rez,0);
+ return mysql_result($rez,0);
- }
+ }
- public static function searchUsers($agent = false, $from = 0, $to = 1000){
+ public static function searchUsers($agent = false, $from = 0, $to = 1000){
- $usl = "1";
+ $usl = "1";
- if($_GET['search']) {
+ if($_GET['search']) {
- $usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')";
+ $usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')";
- }
+ }
- $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to";
+ $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to";
- if (isset($_GET['dev'])) {
- echo $sql;
- }
+ if (isset($_GET['dev'])) {
+ echo $sql;
+ }
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- $agency = array();
+ $agency = array();
- while($ag = mysql_fetch_assoc($rez))
+ while($ag = mysql_fetch_assoc($rez))
- {
+ {
- if($ag[id_tarif]) $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0);
+ if($ag[id_tarif]) $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0);
- else $ag['tarif'] = "";
+ else $ag['tarif'] = "";
- $agency[] = $ag;
+ $agency[] = $ag;
- }
+ }
- return $agency;
+ return $agency;
- }
+ }
- public static function countUsers($agent = false){
+ public static function countUsers($agent = false){
- $usl = "1";
+ $usl = "1";
- if($_GET['search']) {
+ if($_GET['search']) {
- $usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')";
+ $usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')";
- }
+ }
- $sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC";
+ $sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC";
- if (isset($_GET['dev'])) {
- echo $sql;
- }
+ if (isset($_GET['dev'])) {
+ echo $sql;
+ }
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- return mysql_result($rez,0);
+ return mysql_result($rez,0);
- }
+ }
- public static function getCountAgency($agent = false, $block = false, $active = false){
+ public static function getCountAgency($agent = false, $block = false, $active = false){
- if($agent) {
- $usl = "agent=1 AND agency=0 AND role_developer=0 AND id_manager=0";
- if ($block) {
- $usl = $usl." AND blocked = 1";
- } else {
- $usl = $usl." AND blocked = 0";
- }
- } else {
- $usl = "agency=1 AND role_developer=0";
- if ($block) {
- $usl = $usl." AND blocked = 1";
- } else {
- $usl = $usl." AND blocked = 0";
- }
- }
+ if($agent) {
+ $usl = "agent=1 AND agency=0 AND role_developer=0 AND id_manager=0";
+ if ($block) {
+ $usl = $usl." AND blocked = 1";
+ } else {
+ $usl = $usl." AND blocked = 0";
+ }
+ } else {
+ $usl = "agency=1 AND role_developer=0";
+ if ($block) {
+ $usl = $usl." AND blocked = 1";
+ } else {
+ $usl = $usl." AND blocked = 0";
+ }
+ }
- if ($active) {
- $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)";
- }
+ if ($active) {
+ $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)";
+ }
- $sql = "SELECT COUNT(*) FROM users WHERE $usl";
- if (isset($_GET['dev'])) {
- echo $sql;
- }
- $rez = mysql_query($sql);
+ $sql = "SELECT COUNT(*) FROM users WHERE $usl";
+ if (isset($_GET['dev'])) {
+ echo $sql;
+ }
+ $rez = mysql_query($sql);
- return mysql_result($rez,0);
+ return mysql_result($rez,0);
- }
+ }
- public static function getCountDeveloper($block = false, $active = false)
- {
- $usl = "role_developer = 1 AND agent = 0 AND agency = 0 AND id_manager = 0";
-
- if ($block)
- {
- $usl = $usl." AND blocked = 1";
- }
- else
- {
- $usl = $usl." AND blocked = 0";
- }
+ public static function getCountDeveloper($block = false, $active = false)
+ {
+ $usl = "role_developer = 1 AND agent = 0 AND agency = 0 AND id_manager = 0";
- if ($active)
- {
- $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)";
- }
+ if ($block)
+ {
+ $usl = $usl." AND blocked = 1";
+ }
+ else
+ {
+ $usl = $usl." AND blocked = 0";
+ }
- $sql = "SELECT COUNT(*) FROM users WHERE $usl";
-
- if (isset($_GET['dev']))
- {
- echo $sql;
- }
+ if ($active)
+ {
+ $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)";
+ }
- $rez = mysql_query($sql);
+ $sql = "SELECT COUNT(*) FROM users WHERE $usl";
- return mysql_result($rez, 0);
- }
+ if (isset($_GET['dev']))
+ {
+ echo $sql;
+ }
- public static function countAllAdmins($id, $only_active = false) {
- $sql = "SELECT count(*) FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id";
+ $rez = mysql_query($sql);
- if ($only_active)
- $sql .= " AND users.blocked=0";
+ return mysql_result($rez, 0);
+ }
- $res = mysql_query($sql);
- return mysql_result($res,0);
- }
+ public static function countAllAdmins($id, $only_active = false) {
+ $sql = "SELECT count(*) FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id";
- public static function getAllAdmins($id, $only_active = false) {
+ if ($only_active)
+ $sql .= " AND users.blocked=0";
- if (!$id)
- return [];
+ $res = mysql_query($sql);
+ return mysql_result($res,0);
+ }
- $sql = "SELECT * FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id";
+ public static function getAllAdmins($id, $only_active = false) {
- if ($only_active)
- $sql .= " AND users.blocked=0";
+ if (!$id)
+ return [];
- $res = mysql_query($sql);
- $admins = [];
- while ($admin = mysql_fetch_assoc($res)) {
- $admins[] = $admin;
- }
- return $admins;
- }
+ $sql = "SELECT * FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id";
+
+ if ($only_active)
+ $sql .= " AND users.blocked=0";
+
+ $res = mysql_query($sql);
+ $admins = [];
+ while ($admin = mysql_fetch_assoc($res)) {
+ $admins[] = $admin;
+ }
+ return $admins;
+ }
public static function countAllManagers($id, $only_active = false) {
$total = 0;
@@ -3445,22 +3502,22 @@ $webHookIn->check_send($dataWhook);
}
- public static function getAllManagers($id, $only_active = true) {
+ public static function getAllManagers($id, $only_active = true) {
- if (!$id)
- return [];
+ if (!$id)
+ return [];
- $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id";
+ $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id";
- if ($only_active)
- $sql .= " AND blocked=0";
+ if ($only_active)
+ $sql .= " AND blocked=0";
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- $managers = array();
+ $managers = array();
- while($manager = mysql_fetch_assoc($rez)) {
- $managers[] = $manager;
+ while($manager = mysql_fetch_assoc($rez)) {
+ $managers[] = $manager;
$sql3 = "SELECT * FROM users WHERE manager=1 AND id_manager=$manager[id]";
@@ -3477,71 +3534,71 @@ $webHookIn->check_send($dataWhook);
// Удаляем дублирующиеся записи по 'id'
$managers = array_unique($managers, SORT_REGULAR);
- return $managers;
+ return $managers;
- }
+ }
- public static function countAllAgents($id, $only_active = false) {
+ public static function countAllAgents($id, $only_active = false) {
- if (!$id)
- return [];
+ if (!$id)
+ return [];
- $sql = "SELECT id, manager FROM users WHERE manager=1 AND id_manager=$id AND blocked=0";
+ $sql = "SELECT id, manager FROM users WHERE manager=1 AND id_manager=$id AND blocked=0";
- if (!$only_active)
- $sql .= " AND blocked=0";
+ if (!$only_active)
+ $sql .= " AND blocked=0";
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- $agentsCount = 0;
+ $agentsCount = 0;
- while($agent = mysql_fetch_assoc($rez))
+ while($agent = mysql_fetch_assoc($rez))
- {
+ {
- $sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$agent[id] AND blocked=0";
+ $sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$agent[id] AND blocked=0";
- $rez2 = mysql_query($sql2);
+ $rez2 = mysql_query($sql2);
- $agentsCount = $agentsCount + (int) mysql_result($rez2,0);
+ $agentsCount = $agentsCount + (int) mysql_result($rez2,0);
- }
+ }
- $sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$id AND blocked=0";
+ $sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$id AND blocked=0";
- $rez2 = mysql_query($sql2);
+ $rez2 = mysql_query($sql2);
- $agentsCount = $agentsCount + (int) mysql_result($rez2,0);
+ $agentsCount = $agentsCount + (int) mysql_result($rez2,0);
- return $agentsCount;
+ return $agentsCount;
- }
+ }
- public static function getAllAgents($id, $only_active = false) {
+ public static function getAllAgents($id, $only_active = false) {
- if (!$id)
- return [];
+ if (!$id)
+ return [];
- $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id";
+ $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id";
- if ($only_active)
- $sql .= " AND blocked=0";
+ if ($only_active)
+ $sql .= " AND blocked=0";
- $rez = mysql_query($sql);
+ $rez = mysql_query($sql);
- $agents = array();
+ $agents = array();
- while($agent = mysql_fetch_assoc($rez))
+ while($agent = mysql_fetch_assoc($rez))
- {
+ {
- $sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$agent[id]";
+ $sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$agent[id]";
- $rez2 = mysql_query($sql2);
+ $rez2 = mysql_query($sql2);
- while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2;
+ while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2;
$sql3 = "SELECT * FROM users WHERE manager=1 AND id_manager=$agent[id]";
@@ -3555,102 +3612,102 @@ $webHookIn->check_send($dataWhook);
while($agent4 = mysql_fetch_assoc($rez4)) $agents[] = $agent4;
}
- }
+ }
- $sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$id";
+ $sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$id";
- $rez2 = mysql_query($sql2);
+ $rez2 = mysql_query($sql2);
- while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2;
+ while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2;
- return $agents;
+ return $agents;
- }
+ }
- public function changeTarif() {
- $sql = "UPDATE users SET id_tarif='$_GET[id_tarif]', date_tarif=NOW() WHERE id=$_GET[id_user]";
- mysql_query($sql);
- }
+ public function changeTarif() {
+ $sql = "UPDATE users SET id_tarif='$_GET[id_tarif]', date_tarif=NOW() WHERE id=$_GET[id_user]";
+ mysql_query($sql);
+ }
/**
* @return array
*/
- public function getFilesList($user_id = null) {
- if (!is_null($user_id)) {
- $sql = "SELECT *
+ public function getFilesList($user_id = null) {
+ if (!is_null($user_id)) {
+ $sql = "SELECT *
FROM `users_files` AS files
WHERE files.user_id = " . trim($user_id);
- $files = [];
- $res = mysql_query($sql);
- if (mysql_num_rows($res)) {
- while ($file = mysql_fetch_assoc($res)) {
- $files[] = $file;
- }
- }
+ $files = [];
+ $res = mysql_query($sql);
+ if (mysql_num_rows($res)) {
+ while ($file = mysql_fetch_assoc($res)) {
+ $files[] = $file;
+ }
+ }
- return $files;
- }
+ return $files;
+ }
- return [];
- }
+ return [];
+ }
/**
* @return array
*/
- public function getFile($file_id = null) {
- if (!is_null($file_id)) {
- $sql = "SELECT *
+ public function getFile($file_id = null) {
+ if (!is_null($file_id)) {
+ $sql = "SELECT *
FROM `users_files` AS files
WHERE files.id = " . trim($file_id) . " LIMIT 1";
- $res = mysql_query($sql);
- return mysql_fetch_assoc($res);
- }
+ $res = mysql_query($sql);
+ return mysql_fetch_assoc($res);
+ }
- return [];
- }
+ return [];
+ }
/**
* @param null $file_id
* @return bool
*/
- public function deleteFile($file_id = null) {
- if (!is_null($file_id)) {
- if ($file = $this->getFile($file_id)) {
- $sql = "DELETE FROM `users_files` WHERE `users_files`.`id` = " . $file['id'] . " LIMIT 1";
- if (mysql_query($sql)) {
- unlink($_SERVER['DOCUMENT_ROOT'] . $file['path']);
- return true;
- }
- }
- }
+ public function deleteFile($file_id = null) {
+ if (!is_null($file_id)) {
+ if ($file = $this->getFile($file_id)) {
+ $sql = "DELETE FROM `users_files` WHERE `users_files`.`id` = " . $file['id'] . " LIMIT 1";
+ if (mysql_query($sql)) {
+ unlink($_SERVER['DOCUMENT_ROOT'] . $file['path']);
+ return true;
+ }
+ }
+ }
- return mysql_error();
- }
+ return mysql_error();
+ }
/**
* @param null $user_id
* @return bool|string
*/
- public function delUserPic($user_id = null) {
- if (!is_null($user_id)) {
+ public function delUserPic($user_id = null) {
+ if (!is_null($user_id)) {
- $user = new self;
- $user->get($user_id);
+ $user = new self;
+ $user->get($user_id);
- if ($user_logo = $user->user_logo) {
- $sql = "UPDATE users SET user_logo='' WHERE id='$user_id' LIMIT 1";
- if (mysql_query($sql)) {
- unlink($this->_serverUserpicPath . '/' . $user_logo);
- return true;
- }
- }
- }
+ if ($user_logo = $user->user_logo) {
+ $sql = "UPDATE users SET user_logo='' WHERE id='$user_id' LIMIT 1";
+ if (mysql_query($sql)) {
+ unlink($this->_serverUserpicPath . '/' . $user_logo);
+ return true;
+ }
+ }
+ }
- return false;
- }
+ return false;
+ }
/**
* @param $str
@@ -3658,71 +3715,71 @@ $webHookIn->check_send($dataWhook);
* @param bool $is_folder
* @return string
*/
- private function fixFilename($str, $config, $is_folder = false) {
- $str = strip_tags(htmlspecialchars($str));
- if ($config['convert_spaces'])
- $str = str_replace(' ', $config['replace_with'], $str);
+ private function fixFilename($str, $config, $is_folder = false) {
+ $str = strip_tags(htmlspecialchars($str));
+ if ($config['convert_spaces'])
+ $str = str_replace(' ', $config['replace_with'], $str);
- if ($config['transliteration']) {
- if (!mb_detect_encoding($str, 'UTF-8', true))
- $str = utf8_encode($str);
- if (function_exists('transliterator_transliterate'))
- $str = transliterator_transliterate('Any-Latin; Latin-ASCII', $str);
- else
- $str = iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $str);
+ if ($config['transliteration']) {
+ if (!mb_detect_encoding($str, 'UTF-8', true))
+ $str = utf8_encode($str);
+ if (function_exists('transliterator_transliterate'))
+ $str = transliterator_transliterate('Any-Latin; Latin-ASCII', $str);
+ else
+ $str = iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $str);
- $str = preg_replace("/[^a-zA-Z0-9\.\[\]_| -]/", '', $str);
- }
+ $str = preg_replace("/[^a-zA-Z0-9\.\[\]_| -]/", '', $str);
+ }
- $str = str_replace(array( '"', "'", "/", "\\" ), "", $str);
- $str = strip_tags($str);
+ $str = str_replace(array( '"', "'", "/", "\\" ), "", $str);
+ $str = strip_tags($str);
- // Empty or incorrectly transliterated filename.
- // Here is a point: a good file UNKNOWN_LANGUAGE.jpg could become .jpg in previous code.
- // So we add that default 'file' name to fix that issue.
- if (!$config['empty_filename'] && strpos($str, '.') === 0 && $is_folder === false)
- {
- $str = 'file' . $str;
- }
+ // Empty or incorrectly transliterated filename.
+ // Here is a point: a good file UNKNOWN_LANGUAGE.jpg could become .jpg in previous code.
+ // So we add that default 'file' name to fix that issue.
+ if (!$config['empty_filename'] && strpos($str, '.') === 0 && $is_folder === false)
+ {
+ $str = 'file' . $str;
+ }
- if ($config['lowercase'])
- return (mb_strtolower(trim($str)));
- else
- return trim($str);
- }
+ if ($config['lowercase'])
+ return (mb_strtolower(trim($str)));
+ else
+ return trim($str);
+ }
/**
* @param $path
* @param $filename
* @return string
*/
- private function newFilename($path, $filename) {
- $res = "$path/$filename";
- if (!file_exists($res))
- return $res;
+ private function newFilename($path, $filename) {
+ $res = "$path/$filename";
+ if (!file_exists($res))
+ return $res;
- $fnameNoExt = pathinfo($filename,PATHINFO_FILENAME);
- $ext = pathinfo($filename, PATHINFO_EXTENSION);
+ $fnameNoExt = pathinfo($filename,PATHINFO_FILENAME);
+ $ext = pathinfo($filename, PATHINFO_EXTENSION);
- $i = 1;
- while(file_exists("$path/$fnameNoExt-$i.$ext")) $i++;
- return "$path/$fnameNoExt-$i.$ext";
- }
+ $i = 1;
+ while(file_exists("$path/$fnameNoExt-$i.$ext")) $i++;
+ return "$path/$fnameNoExt-$i.$ext";
+ }
/**
* @param null $user_id
* @return array|bool
*/
- private function setUserpic($user_id = null) {
+ private function setUserpic($user_id = null) {
- if (!$user_id || is_null($user_id))
- return false;
+ if (!$user_id || is_null($user_id))
+ return false;
- if ($_FILES['avatar']['name']) {
- list($a, $ext) = explode("/", $_FILES['avatar']['type']);
- if ($ext == "pjpeg") {
- $ext = "jpeg";
- }
+ if ($_FILES['avatar']['name']) {
+ list($a, $ext) = explode("/", $_FILES['avatar']['type']);
+ if ($ext == "pjpeg") {
+ $ext = "jpeg";
+ }
$ext = mb_strtolower($ext);
@@ -3739,162 +3796,162 @@ $webHookIn->check_send($dataWhook);
return $name;
}
}
- }
+ }
- return false;
- }
+ return false;
+ }
/**
* @param null $user_id
* @return array|bool
*/
- private function uploadFiles($user_id = null) {
+ private function uploadFiles($user_id = null) {
- if (!$user_id || is_null($user_id))
- return false;
+ if (!$user_id || is_null($user_id))
+ return false;
- list($success, $errors) = [[],[]];
- $user_id = intval($user_id);
- $post = clearInputData($_POST);
+ list($success, $errors) = [[],[]];
+ $user_id = intval($user_id);
+ $post = clearInputData($_POST);
- $created_by = intval($_SESSION['id']);
- if (isset($_FILES['files'])) {
+ $created_by = intval($_SESSION['id']);
+ if (isset($_FILES['files'])) {
- $count = count($_FILES['files']['name']);
+ $count = count($_FILES['files']['name']);
- $agency_id = self::getUserAgencyID();
- $users_id = $this->getAllAgencyUsers($agency_id);
+ $agency_id = self::getUserAgencyID();
+ $users_id = $this->getAllAgencyUsers($agency_id);
- for ($i = 0; $i < $count; $i++) {
- if (in_array($user_id, $users_id) && $user_id && $_FILES['files']['error'][$i] == 0) {
+ for ($i = 0; $i < $count; $i++) {
+ if (in_array($user_id, $users_id) && $user_id && $_FILES['files']['error'][$i] == 0) {
- $extension = mb_strtolower(pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION));
- if (in_array($extension, $this->_allowedFileTypes)) {
+ $extension = mb_strtolower(pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION));
+ if (in_array($extension, $this->_allowedFileTypes)) {
- $real_filename = $_FILES['files']['name'][$i];
- $description = ((isset($post['description'][$i])) ? trim($post['description'][$i]) : null);
- $filename = $this->fixFilename($real_filename, [
- 'convert_spaces' => true,
- 'replace_with' => '_',
- 'transliteration' => true,
- 'empty_filename' => true,
- 'lowercase' => true
- ]);
+ $real_filename = $_FILES['files']['name'][$i];
+ $description = ((isset($post['description'][$i])) ? trim($post['description'][$i]) : null);
+ $filename = $this->fixFilename($real_filename, [
+ 'convert_spaces' => true,
+ 'replace_with' => '_',
+ 'transliteration' => true,
+ 'empty_filename' => true,
+ 'lowercase' => true
+ ]);
- $tmp_path = $_FILES['files']['tmp_name'][$i];
- $save_path = $this->newFilename($_SERVER['DOCUMENT_ROOT'] . $this->_serverPath, $filename);
- $path = str_replace($_SERVER['DOCUMENT_ROOT'], '', $save_path);
+ $tmp_path = $_FILES['files']['tmp_name'][$i];
+ $save_path = $this->newFilename($_SERVER['DOCUMENT_ROOT'] . $this->_serverPath, $filename);
+ $path = str_replace($_SERVER['DOCUMENT_ROOT'], '', $save_path);
- if (empty($description))
- $description = $real_filename;
+ if (empty($description))
+ $description = $real_filename;
- if (move_uploaded_file($tmp_path, $save_path)) {
- $sql = "INSERT INTO `users_files` (`user_id`, `filename`, `path`, `created_by`) VALUES
+ if (move_uploaded_file($tmp_path, $save_path)) {
+ $sql = "INSERT INTO `users_files` (`user_id`, `filename`, `path`, `created_by`) VALUES
('$user_id', '$description', '$path', '$created_by')";
- if (mysql_query($sql)) {
- $id = mysql_insert_id();
- $success[$id] = [
- 'filename' => $real_filename,
- 'path' => $path,
- ];
- } else {
- $errors[] = [$filename => mysql_error()];
- }
- }
- }
- }
- }
- }
+ if (mysql_query($sql)) {
+ $id = mysql_insert_id();
+ $success[$id] = [
+ 'filename' => $real_filename,
+ 'path' => $path,
+ ];
+ } else {
+ $errors[] = [$filename => mysql_error()];
+ }
+ }
+ }
+ }
+ }
+ }
- if (!empty($success))
- return $success;
- else
- return $errors;
+ if (!empty($success))
+ return $success;
+ else
+ return $errors;
- }
+ }
- /**
- * Генирация и сохранение токенов
- */
- public function gen_token($user_id) {
- $token = md5(microtime() . 'user' . $user_id . time());
- $sql = "REPLACE INTO user_api_keys (user_id, api_key) VALUES ({$user_id}, '{$token}')";
- mysql_query($sql);
- $id = mysql_insert_id();
- return $id;
-
- }
+ /**
+ * Генирация и сохранение токенов
+ */
+ public function gen_token($user_id) {
+ $token = md5(microtime() . 'user' . $user_id . time());
+ $sql = "REPLACE INTO user_api_keys (user_id, api_key) VALUES ({$user_id}, '{$token}')";
+ mysql_query($sql);
+ $id = mysql_insert_id();
+ return $id;
+
+ }
- public static function getUserTarif($user_id) {
- $sgl = "SELECT id_tarif FROM users WHERE id={$user_id}";
- $user = mysql_query($sgl);
- $userTarrif = mysql_fetch_assoc($user);
+ public static function getUserTarif($user_id) {
+ $sgl = "SELECT id_tarif FROM users WHERE id={$user_id}";
+ $user = mysql_query($sgl);
+ $userTarrif = mysql_fetch_assoc($user);
- if($userTarrif['id_tarif'] == 0) {
- $sqlManager = "SELECT id_manager FROM users WHERE id={$user_id}";
- $userManager = mysql_query($sqlManager);
- $userIdManager = mysql_fetch_assoc($userManager);
- $sgl = "SELECT id_tarif FROM users WHERE id={$userIdManager['id_manager']}";
- $user = mysql_query($sgl);
- $userTarrif = mysql_fetch_assoc($user);
- }
- $sql2 = "SELECT max_worker FROM tariffs WHERE id={$userTarrif['id_tarif']}";
- $tarif = mysql_query($sql2);
- $maxWorker = mysql_fetch_assoc($tarif);
- if ($maxWorker == 0) {$maxWorker = array('max_worker' => 9999);}
- return $maxWorker;
+ if($userTarrif['id_tarif'] == 0) {
+ $sqlManager = "SELECT id_manager FROM users WHERE id={$user_id}";
+ $userManager = mysql_query($sqlManager);
+ $userIdManager = mysql_fetch_assoc($userManager);
+ $sgl = "SELECT id_tarif FROM users WHERE id={$userIdManager['id_manager']}";
+ $user = mysql_query($sgl);
+ $userTarrif = mysql_fetch_assoc($user);
+ }
+ $sql2 = "SELECT max_worker FROM tariffs WHERE id={$userTarrif['id_tarif']}";
+ $tarif = mysql_query($sql2);
+ $maxWorker = mysql_fetch_assoc($tarif);
+ if ($maxWorker == 0) {$maxWorker = array('max_worker' => 9999);}
+ return $maxWorker;
- }
+ }
- public static function getUserTarifCount($user_id) {
- $res = array();
- $res2 = array();
- $res3 = array();
- $sgl = "SELECT COUNT(*) FROM users WHERE id_manager={$user_id} AND blocked=0" ;
- $user = mysql_query($sgl);
- $userAgency = mysql_fetch_assoc($user);
+ public static function getUserTarifCount($user_id) {
+ $res = array();
+ $res2 = array();
+ $res3 = array();
+ $sgl = "SELECT COUNT(*) FROM users WHERE id_manager={$user_id} AND blocked=0" ;
+ $user = mysql_query($sgl);
+ $userAgency = mysql_fetch_assoc($user);
- $sgl3 = "SELECT id FROM users WHERE id_manager={$user_id} AND blocked=0";
- $user3 = mysql_query($sgl3);
- while ($r = mysql_fetch_assoc($user3)) {
- $res[] = $r;
- }
- foreach ($res as $value) {
- $i = reset($value);
- $sgl2 = "SELECT id FROM users WHERE id_manager={$i } AND blocked=0";
- $userA2 = mysql_query($sgl2);
- while ($r = mysql_fetch_assoc($userA2)) {
- $res2[] = $r;
- }
- }
+ $sgl3 = "SELECT id FROM users WHERE id_manager={$user_id} AND blocked=0";
+ $user3 = mysql_query($sgl3);
+ while ($r = mysql_fetch_assoc($user3)) {
+ $res[] = $r;
+ }
+ foreach ($res as $value) {
+ $i = reset($value);
+ $sgl2 = "SELECT id FROM users WHERE id_manager={$i } AND blocked=0";
+ $userA2 = mysql_query($sgl2);
+ while ($r = mysql_fetch_assoc($userA2)) {
+ $res2[] = $r;
+ }
+ }
- $sgl4 = "SELECT department_id FROM users WHERE id_manager={$user_id} AND blocked=0";
- $user4 = mysql_query($sgl4);
- while ($r = mysql_fetch_assoc($user4)) {
- $res3[] = $r;
- }
+ $sgl4 = "SELECT department_id FROM users WHERE id_manager={$user_id} AND blocked=0";
+ $user4 = mysql_query($sgl4);
+ while ($r = mysql_fetch_assoc($user4)) {
+ $res3[] = $r;
+ }
- foreach ($res3 as $value) {
- $i = reset($value);
- if ($i != 0){
- $sgl2 = "SELECT id FROM users WHERE department_id={$i } AND blocked=0 AND id_manager!={$user_id}";
- $userA2 = mysql_query($sgl2);
- while ($r = mysql_fetch_assoc($userA2)) {
- $res2[] = $r;
- }
- }
- }
+ foreach ($res3 as $value) {
+ $i = reset($value);
+ if ($i != 0){
+ $sgl2 = "SELECT id FROM users WHERE department_id={$i } AND blocked=0 AND id_manager!={$user_id}";
+ $userA2 = mysql_query($sgl2);
+ while ($r = mysql_fetch_assoc($userA2)) {
+ $res2[] = $r;
+ }
+ }
+ }
$result = array();
foreach ($res2 as $k => $v) {
$result[] = reset($v);
}
- $userCount = (reset($userAgency));
- $userCount2 = count(array_unique($result));
- $userCountSum = $userCount + $userCount2;
- return $userCountSum;
- }
+ $userCount = (reset($userAgency));
+ $userCount2 = count(array_unique($result));
+ $userCountSum = $userCount + $userCount2;
+ return $userCountSum;
+ }
public static function isCurrentUserShowAdvertButton() {
$showAds = true;
@@ -3903,7 +3960,7 @@ $webHookIn->check_send($dataWhook);
$showAds = false;
}
- if ((in_array($_SESSION['agency_id'], array(8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434))) && !in_array($_SESSION['id'], array(8373, 8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434))) {
+ if ((in_array($_SESSION['agency_id'], array(8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434, 19011))) && !in_array($_SESSION['id'], array(8373, 8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434, 19011))) {
$showAds = false;
}
@@ -4108,7 +4165,7 @@ $webHookIn->check_send($dataWhook);
$showAds = true;
}
- if ($_SESSION['id'] == 22434 || $_SESSION['id'] == 22447) {
+ if ($_SESSION['id'] == 22434 || $_SESSION['id'] == 22447 || $_SESSION['id'] == 22451) {
$showAds = true;
}
@@ -4116,6 +4173,10 @@ $webHookIn->check_send($dataWhook);
$showAds = false;
}
+ if ($_SESSION['id'] == 19011) {
+ $showAds = true;
+ }
+
return $showAds;
}
@@ -4159,47 +4220,47 @@ $webHookIn->check_send($dataWhook);
return json_encode($users, JSON_UNESCAPED_UNICODE);
}
- /**
- * получение пакета настроек для новой компании (новой регистрации)
- */
- public function getNewUserPackages(){
-
- $is_agent = (int)$this->individual;
- $is_agency = (int)$this->agency;
- $is_dev = (int)$this->role_developer;
+ /**
+ * получение пакета настроек для новой компании (новой регистрации)
+ */
+ public function getNewUserPackages(){
- $where = '';
- if($is_dev > 0){
- $is_agency = 0;
- $is_agent = 0;
- $where = "is_dev = 1";
- } else if($is_agency > 0){
- $where = "is_agency = 1";
- } else if($is_agent > 0){
- $where = "is_agent = 1";
- }
+ $is_agent = (int)$this->individual;
+ $is_agency = (int)$this->agency;
+ $is_dev = (int)$this->role_developer;
- $funnels = [];
+ $where = '';
+ if($is_dev > 0){
+ $is_agency = 0;
+ $is_agent = 0;
+ $where = "is_dev = 1";
+ } else if($is_agency > 0){
+ $where = "is_agency = 1";
+ } else if($is_agent > 0){
+ $where = "is_agent = 1";
+ }
- $sql = "SELECT * FROM funnel_admin where $where and deleted = 0 order by id";
- $q = mysql_query($sql);
- while($r = mysql_fetch_assoc($q)) {
- $funnels[] = $r['id'];
- }
-
- if(!empty($funnels)){
- $funnelClass = new Funnel();
- $f = $funnelClass->set_template_funnels($this->agencyId, $this->id, $funnels);
- }
+ $funnels = [];
- //Дефолтные настройки
- $sql = "INSERT INTO `funnel_default` (`name`, `agency_id`, `is_client`, `is_req`, `is_filter`, `is_stage`, `is_show_funnels`, `order_number`) VALUES
+ $sql = "SELECT * FROM funnel_admin where $where and deleted = 0 order by id";
+ $q = mysql_query($sql);
+ while($r = mysql_fetch_assoc($q)) {
+ $funnels[] = $r['id'];
+ }
+
+ if(!empty($funnels)){
+ $funnelClass = new Funnel();
+ $f = $funnelClass->set_template_funnels($this->agencyId, $this->id, $funnels);
+ }
+
+ //Дефолтные настройки
+ $sql = "INSERT INTO `funnel_default` (`name`, `agency_id`, `is_client`, `is_req`, `is_filter`, `is_stage`, `is_show_funnels`, `order_number`) VALUES
('Список клиентов', {$this->agencyId}, 1, 0, 1, 0, 1, 0)";
- mysql_query($sql);
-
- $sql_in = "INSERT INTO user_views_page (user_id, view_req, view_client) values ({$this->id}, 'kanban', 'list')";
- mysql_query($sql_in);
+ mysql_query($sql);
-
- }
+ $sql_in = "INSERT INTO user_views_page (user_id, view_req, view_client) values ({$this->id}, 'kanban', 'list')";
+ mysql_query($sql_in);
+
+
+ }
}