diff --git a/engine/classes/User.php b/engine/classes/User.php index 3c943d4..daf95f1 100644 --- a/engine/classes/User.php +++ b/engine/classes/User.php @@ -2,11 +2,11 @@ class User { - public $id; - public $manager; - public $manager_users; - public $use_advert_budget; - public $agency; + public $id; + public $manager; + public $manager_users; + public $use_advert_budget; + public $agency; // Делаю свойства публичными и с сохранением имени, т.к. в коде они много где используется без объявления public $agencyName; public $phoneAgency; @@ -15,9 +15,9 @@ class User { public $first_name; public $middle_name; public $phone; - public $phone2; - public $role_developer; - public $api; + public $phone2; + public $role_developer; + public $api; private $_serverPath = "/server/php/files/docs"; @@ -57,186 +57,186 @@ class User { return $this->phone; } - public function get($id, $add_info = false, $add_budget = false) { + public function get($id, $add_info = false, $add_budget = false) { - $sql = "SELECT *, + $sql = "SELECT *, IF(birthday, DATE_FORMAT(birthday, '%d.%m.%Y'), NULL) as birthday FROM users WHERE id=$id"; - if ($rez = mysql_query($sql)) { - if (mysql_num_rows($rez)) { + if ($rez = mysql_query($sql)) { + if (mysql_num_rows($rez)) { - $user = mysql_fetch_assoc($rez); - foreach ($user as $k => $v) { - $this->$k = $v; - } + $user = mysql_fetch_assoc($rez); + foreach ($user as $k => $v) { + $this->$k = $v; + } - $departmentClass = new Department; - $departmentUser = $departmentClass->getDepartment($id); + $departmentClass = new Department; + $departmentUser = $departmentClass->getDepartment($id); - if ($departmentUser['role'] == 'manager_office' || $departmentUser['role'] == 'manager_office_menager') { - $this->manager = $_SESSION['manager'] = 1; - } + if ($departmentUser['role'] == 'manager_office' || $departmentUser['role'] == 'manager_office_menager') { + $this->manager = $_SESSION['manager'] = 1; + } - $this->agencyId = $id; - $this->agencyEgrnRequestCount = 0; - $this->agencyAntiznakRequestCount = 0; + $this->agencyId = $id; + $this->agencyEgrnRequestCount = 0; + $this->agencyAntiznakRequestCount = 0; $this->agencyEnableWazzap = $user['enable_wazzap']; - $this->agencyName = null; - $this->manager_users = null; + $this->agencyName = null; + $this->manager_users = null; if ($user['role_developer']) { // застройщик $this->role_developer = $_SESSION['role_developer'] = 1; } else { $this->role_developer = $_SESSION['role_developer'] = 0; } - $this->fio = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']); - if ($user['id_manager'] == 0 && $user['agency'] == 0) { - // частник - $this->individual = $_SESSION['individual'] = 1; - } else { - $this->individual = $_SESSION['individual'] = 0; - } + $this->fio = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']); + if ($user['id_manager'] == 0 && $user['agency'] == 0) { + // частник + $this->individual = $_SESSION['individual'] = 1; + } else { + $this->individual = $_SESSION['individual'] = 0; + } - if (isset($user['phone2'])) - $this->phone2 = $user['phone2']; + if (isset($user['phone2'])) + $this->phone2 = $user['phone2']; - if ($user['id_manager']) { + if ($user['id_manager']) { - $thisIdManager = $user['id_manager']; - if ($departmentUser['role'] == 'manager_office_menager' || $departmentUser['role'] == 'agent') { - if ($departmentUser['admin'] > 0) { - $thisIdManager = $departmentUser['admin']; - } - } + $thisIdManager = $user['id_manager']; + if ($departmentUser['role'] == 'manager_office_menager' || $departmentUser['role'] == 'agent') { + if ($departmentUser['admin'] > 0) { + $thisIdManager = $departmentUser['admin']; + } + } - $sql = "SELECT * FROM users WHERE id= $thisIdManager"; - $rez = mysql_query($sql); - $manager = mysql_fetch_assoc($rez); + $sql = "SELECT * FROM users WHERE id= $thisIdManager"; + $rez = mysql_query($sql); + $manager = mysql_fetch_assoc($rez); - if ($manager['id_manager']) { - $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); - if ($agency['id_manager']) { - $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]")); - } - } else { - $agency = $manager; - } + if ($manager['id_manager']) { + $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); + if ($agency['id_manager']) { + $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]")); + } + } else { + $agency = $manager; + } - $this->photo = $agency['photo']; - $this->agencyId = $agency['id']; - $this->agencyZipalLogin = $agency['zipal_login']; - $this->agencyZipalPassword = $agency['zipal_password']; - $this->agencyZipalBalance = $agency['zipal_balance']; - $this->agencyEgrnRequestCount = $agency['egrn_request_count']; - $this->agencyEnableWazzap = $agency['enable_wazzap']; - if($agency['id'] != 12061){ - $this->agencyAntiznakRequestCount = $agency['antiznak_request_count']; - } else if($user['id'] == 12653 || $user['id'] == 12093) { - $this->agencyAntiznakRequestCount = $agency['antiznak_request_count']; - } + $this->photo = $agency['photo']; + $this->agencyId = $agency['id']; + $this->agencyZipalLogin = $agency['zipal_login']; + $this->agencyZipalPassword = $agency['zipal_password']; + $this->agencyZipalBalance = $agency['zipal_balance']; + $this->agencyEgrnRequestCount = $agency['egrn_request_count']; + $this->agencyEnableWazzap = $agency['enable_wazzap']; + if($agency['id'] != 12061){ + $this->agencyAntiznakRequestCount = $agency['antiznak_request_count']; + } else if($user['id'] == 12653 || $user['id'] == 12093) { + $this->agencyAntiznakRequestCount = $agency['antiznak_request_count']; + } - if (isset($agency['agency_name'])) { - $this->agencyName = $agency['agency_name']; - } else if (isset($user['agency_name'])) { - $this->agencyName = $user['agency_name']; - } + if (isset($agency['agency_name'])) { + $this->agencyName = $agency['agency_name']; + } else if (isset($user['agency_name'])) { + $this->agencyName = $user['agency_name']; + } - $this->phoneAgency = empty($agency['phoneAgency']) ? $agency['phone'] : $agency['phoneAgency']; - $this->sitename = $agency['sitename']; - $this->site = $agency['site']; - $this->adres = $agency['adres']; - } else { + $this->phoneAgency = empty($agency['phoneAgency']) ? $agency['phone'] : $agency['phoneAgency']; + $this->sitename = $agency['sitename']; + $this->site = $agency['site']; + $this->adres = $agency['adres']; + } else { - if (isset($user['agency_name'])) { - $this->agencyName = $user['agency_name']; - } else { - $this->agencyName = null; - } - } + if (isset($user['agency_name'])) { + $this->agencyName = $user['agency_name']; + } else { + $this->agencyName = null; + } + } - if ($this->manager > 0) { // Список пользователей в подчинении у менеджера - $agents = self::getAgentsOfManager($id, false); - if (!empty($agents) && is_array($agents)) { - $this->manager_users = []; - foreach ($agents as $agent) { - $this->manager_users[] = (int)$agent['id']; - } - } - } + if ($this->manager > 0) { // Список пользователей в подчинении у менеджера + $agents = self::getAgentsOfManager($id, false); + if (!empty($agents) && is_array($agents)) { + $this->manager_users = []; + foreach ($agents as $agent) { + $this->manager_users[] = (int)$agent['id']; + } + } + } - if (isset($user['agency']) && $user['agency']) { + if (isset($user['agency']) && $user['agency']) { - $this->director = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']); + $this->director = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']); - if (isset($user['agency_name'])) - $this->fio = $user['agency_name']; + if (isset($user['agency_name'])) + $this->fio = $user['agency_name']; - } + } - $this->gmtmsk = (int)$user['gmtmsk']; + $this->gmtmsk = (int)$user['gmtmsk']; - // Добавляем инфо о паспортных данных - if ($add_info) { + // Добавляем инфо о паспортных данных + if ($add_info) { - $sql1 = "SELECT *, + $sql1 = "SELECT *, IF(passport_date, DATE_FORMAT(passport_date, '%d.%m.%Y'), NULL) as passport_date FROM `users_info` WHERE user_id=$id"; - $rez1 = mysql_query($sql1); - if (mysql_num_rows($rez1)) { - $info = mysql_fetch_assoc($rez1); - foreach ($info as $k => $v) { - $this->$k = $v; - } - } + $rez1 = mysql_query($sql1); + if (mysql_num_rows($rez1)) { + $info = mysql_fetch_assoc($rez1); + foreach ($info as $k => $v) { + $this->$k = $v; + } + } - $this->files = []; - $sql2 = "SELECT * FROM `users_files` WHERE user_id=$id"; - $rez2 = mysql_query($sql2); - if (mysql_num_rows($rez2)) { - while ($file = mysql_fetch_assoc($rez2)) { - $this->files[] = $file; - } - } - } + $this->files = []; + $sql2 = "SELECT * FROM `users_files` WHERE user_id=$id"; + $rez2 = mysql_query($sql2); + if (mysql_num_rows($rez2)) { + while ($file = mysql_fetch_assoc($rez2)) { + $this->files[] = $file; + } + } + } - // Добавляем инфо о рекламном бюджете - if ($add_budget) { - $advert_budgets = new AdvertBudgets(); + // Добавляем инфо о рекламном бюджете + if ($add_budget) { + $advert_budgets = new AdvertBudgets(); - $budget = $advert_budgets->getAdvertBudget($id); + $budget = $advert_budgets->getAdvertBudget($id); - $this->advert_budget = [ - 'avito' => $budget['avito'], - 'avito_unlimited' => $budget['avito_unlimited'], - 'avito_available' => $budget['avito_available'], - 'cian' => $budget['cian'], - 'cian_unlimited' => $budget['cian_unlimited'], - 'cian_available' => $budget['cian_available'], - 'domclick' => $budget['domclick'], - 'domclick_unlimited' => $budget['domclick_unlimited'], - 'domclick_available' => $budget['domclick_available'], - 'jcat' => $budget['jcat'], - 'jcat_unlimited' => $budget['jcat_unlimited'], - 'jcat_available' => $budget['jcat_available'], - 'yandex' => $budget['yandex'], - 'yandex_unlimited' => $budget['yandex_unlimited'], - 'yandex_available' => $budget['yandex_available'], - 'personal' => $budget['personal'], - 'total' => $budget['total'], - 'amount' => $budget['amount'], - 'balance' => $budget['balance'], - 'do_not_reinit_monthly' => $budget['do_not_reinit_monthly'], - ]; - } - } else { - return false; - } - } - } + $this->advert_budget = [ + 'avito' => $budget['avito'], + 'avito_unlimited' => $budget['avito_unlimited'], + 'avito_available' => $budget['avito_available'], + 'cian' => $budget['cian'], + 'cian_unlimited' => $budget['cian_unlimited'], + 'cian_available' => $budget['cian_available'], + 'domclick' => $budget['domclick'], + 'domclick_unlimited' => $budget['domclick_unlimited'], + 'domclick_available' => $budget['domclick_available'], + 'jcat' => $budget['jcat'], + 'jcat_unlimited' => $budget['jcat_unlimited'], + 'jcat_available' => $budget['jcat_available'], + 'yandex' => $budget['yandex'], + 'yandex_unlimited' => $budget['yandex_unlimited'], + 'yandex_available' => $budget['yandex_available'], + 'personal' => $budget['personal'], + 'total' => $budget['total'], + 'amount' => $budget['amount'], + 'balance' => $budget['balance'], + 'do_not_reinit_monthly' => $budget['do_not_reinit_monthly'], + ]; + } + } else { + return false; + } + } + } - public function can($permission, $user_id = null) { + public function can($permission, $user_id = null) { if (is_null($user_id)) $user_id = $_SESSION['id']; @@ -258,168 +258,168 @@ class User { return false; } - return false; - } + return false; + } - public function getMyManagers(){ + public function getMyManagers(){ - $searchUserId = $_SESSION['id']; + $searchUserId = $_SESSION['id']; - if ($_SESSION['users_admin']) { - $searchUserId = $this->agencyId; - } else { - $departmentClass = new Department; - $departmentUser = $departmentClass->getDepartment($_SESSION['id']); + if ($_SESSION['users_admin']) { + $searchUserId = $this->agencyId; + } else { + $departmentClass = new Department; + $departmentUser = $departmentClass->getDepartment($_SESSION['id']); - if($departmentUser['role'] == 'manager_office'){ - $searchUserId = $departmentUser['admin']; + if($departmentUser['role'] == 'manager_office'){ + $searchUserId = $departmentUser['admin']; - } - if($departmentUser['role'] == 'manager_office_menager'){ - $searchUserId = $this->id_manager; + } + if($departmentUser['role'] == 'manager_office_menager'){ + $searchUserId = $this->id_manager; - } - } + } + } - $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$searchUserId AND blocked=0"; + $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$searchUserId AND blocked=0"; - $rez = mysql_query($sql); + $rez = mysql_query($sql); - $managers = array(); + $managers = array(); - while($manager = mysql_fetch_assoc($rez)) $managers[] = $manager; + while($manager = mysql_fetch_assoc($rez)) $managers[] = $manager; - return $managers; + return $managers; - } + } - public static function getAgentsOfManager($id_manager, $only_active = false) { + public static function getAgentsOfManager($id_manager, $only_active = false) { - if (!$id_manager) - return []; + if (!$id_manager) + return []; - $sql = "SELECT *, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users WHERE manager=0 AND id_manager=$id_manager"; + $sql = "SELECT *, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users WHERE manager=0 AND id_manager=$id_manager"; - if ($only_active) - $sql .= " AND blocked=0"; + if ($only_active) + $sql .= " AND blocked=0"; - $rez = mysql_query($sql); + $rez = mysql_query($sql); - $agents = array(); + $agents = array(); - while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager; + while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager; - return $agents; + return $agents; - } + } - public static function getAgentsOfManagers($id_manager, $only_active = false) { + public static function getAgentsOfManagers($id_manager, $only_active = false) { - if (!$id_manager) - return []; + if (!$id_manager) + return []; - $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id_manager"; + $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id_manager"; - if ($only_active) - $sql .= " AND blocked=0"; + if ($only_active) + $sql .= " AND blocked=0"; - $rez = mysql_query($sql); + $rez = mysql_query($sql); - $agents = array(); + $agents = array(); - while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager; + while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager; - return $agents; + return $agents; - } + } - public function getAgentsOfAgency($id_manager, $only_active = false) { + public function getAgentsOfAgency($id_manager, $only_active = false) { - if (!$id_manager) - return []; + if (!$id_manager) + return []; - $sql = "SELECT * FROM users WHERE manager=0 AND id_manager=$id_manager"; + $sql = "SELECT * FROM users WHERE manager=0 AND id_manager=$id_manager"; - if ($only_active) - $sql .= " AND blocked=0"; + if ($only_active) + $sql .= " AND blocked=0"; - $rez = mysql_query($sql); + $rez = mysql_query($sql); - $agents = array(); + $agents = array(); - while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager; + while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager; - return $agents; + return $agents; - } + } - public function whoWork($id) { + public function whoWork($id) { - if (!$id) - return []; + if (!$id) + return []; - $sql_who_work="SELECT * FROM clients WHERE who_work = $id"; - $rez_who_work=mysql_query($sql_who_work); - $who_work=mysql_fetch_assoc($rez_who_work); - } + $sql_who_work="SELECT * FROM clients WHERE who_work = $id"; + $rez_who_work=mysql_query($sql_who_work); + $who_work=mysql_fetch_assoc($rez_who_work); + } - public function getMyUsers($self_include = false) { + public function getMyUsers($self_include = false) { - $result = array(); + $result = array(); - if ($_GET['moder']) { - $str_url_add = "moder=0"; $bd_usl = "moder=0"; - } else $bd_usl = "moder=1"; + if ($_GET['moder']) { + $str_url_add = "moder=0"; $bd_usl = "moder=0"; + } else $bd_usl = "moder=1"; - if ($_GET['blocked']) { + if ($_GET['blocked']) { - $bd_usl.=" AND blocked=1"; + $bd_usl.=" AND blocked=1"; - $str_url_add = "blocked=1"; + $str_url_add = "blocked=1"; - } else $bd_usl .= " AND blocked=0"; + } else $bd_usl .= " AND blocked=0"; - if ($_GET['search']) { + if ($_GET['search']) { - $bd_usl.=" AND (users.agency_name LIKE '%$_GET[search]%' OR users.first_name LIKE '%$_GET[search]%' OR users.last_name LIKE '%$_GET[search]%' OR users.middle_name LIKE '%$_GET[search]%' OR users.phone LIKE '%$_GET[search]%' OR users.email LIKE '%$_GET[search]%')"; + $bd_usl.=" AND (users.agency_name LIKE '%$_GET[search]%' OR users.first_name LIKE '%$_GET[search]%' OR users.last_name LIKE '%$_GET[search]%' OR users.middle_name LIKE '%$_GET[search]%' OR users.phone LIKE '%$_GET[search]%' OR users.email LIKE '%$_GET[search]%')"; - $str_url_add = "search=".$_GET['search']; + $str_url_add = "search=".$_GET['search']; - } + } - $searchUserId = $_SESSION['id']; + $searchUserId = $_SESSION['id']; - if ($_SESSION['users_admin'] || $_SESSION['id'] == 5817 || $_SESSION['id'] == 20293 || $_SESSION['id'] == 22915) { - $searchUserId = $this->agencyId; - } else { + if ($_SESSION['users_admin'] || $_SESSION['id'] == 5817 || $_SESSION['id'] == 20293 || $_SESSION['id'] == 22915) { + $searchUserId = $this->agencyId; + } else { - $departmentClass = new Department; - $departmentUser = $departmentClass->getDepartment($_SESSION['id']); + $departmentClass = new Department; + $departmentUser = $departmentClass->getDepartment($_SESSION['id']); - if($departmentUser['role'] == 'manager_office'){ - $searchUserId = $departmentUser['admin']; + if($departmentUser['role'] == 'manager_office'){ + $searchUserId = $departmentUser['admin']; - } - if($departmentUser['role'] == 'manager_office_menager'){ - $searchUserId = $this->id_manager; + } + if($departmentUser['role'] == 'manager_office_menager'){ + $searchUserId = $this->id_manager; - } - } + } + } - $sql = "SELECT id FROM users WHERE id_manager = $searchUserId AND manager = 1"; - $mmid[] = "users.id_manager = $searchUserId"; - $rez = mysql_query($sql); + $sql = "SELECT id FROM users WHERE id_manager = $searchUserId AND manager = 1"; + $mmid[] = "users.id_manager = $searchUserId"; + $rez = mysql_query($sql); - $menedgers = array(); - while($mm = mysql_fetch_row($rez)) { - $mmid[] = "users.id_manager = ".$mm[0]; - $menedgers[] = $mm[0]; - } + $menedgers = array(); + while($mm = mysql_fetch_row($rez)) { + $mmid[] = "users.id_manager = ".$mm[0]; + $menedgers[] = $mm[0]; + } - //отделы для агенства + //отделы для агенства if ($_SESSION['agency'] == 1 || $_SESSION['users_admin'] == 1) { $sql_dep = "SELECT id FROM `departments` where agency_id = ".$this->agencyId; @@ -435,86 +435,86 @@ class User { } } - $bd_usl .= $bd_usl_managers = " AND (".implode(" OR ",$mmid).")"; + $bd_usl .= $bd_usl_managers = " AND (".implode(" OR ",$mmid).")"; - $sql22 = "SELECT online.id_user FROM online, users WHERE online.id_user=users.id AND id_user<>$_SESSION[id] $bd_usl_managers"; + $sql22 = "SELECT online.id_user FROM online, users WHERE online.id_user=users.id AND id_user<>$_SESSION[id] $bd_usl_managers"; - $rez = mysql_query($sql22); + $rez = mysql_query($sql22); - $result['online'] = mysql_num_rows($rez); + $result['online'] = mysql_num_rows($rez); - while($onl = mysql_fetch_assoc($rez)) $onln[] = "users.id = ".$onl['id_user']; + while($onl = mysql_fetch_assoc($rez)) $onln[] = "users.id = ".$onl['id_user']; - $bd_usl_online = " AND (".implode(" OR ",$onln).")"; + $bd_usl_online = " AND (".implode(" OR ",$onln).")"; - if ($_GET['online']) { + if ($_GET['online']) { - $bd_usl.=$bd_usl_online; + $bd_usl.=$bd_usl_online; - $str_url_add = "online=1"; + $str_url_add = "online=1"; - } + } - $result['str_url_add'] = $str_url_add; + $result['str_url_add'] = $str_url_add; - $kol_on_page = 20; + $kol_on_page = 20; - $sql_count = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] AND $bd_usl"; + $sql_count = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] AND $bd_usl"; - $result['vsego'] = $vsego = mysql_result(mysql_query($sql_count),0); + $result['vsego'] = $vsego = mysql_result(mysql_query($sql_count),0); - $sql_count_active = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=0"; + $sql_count_active = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=0"; - $result['active'] = mysql_result(mysql_query($sql_count_active),0); + $result['active'] = mysql_result(mysql_query($sql_count_active),0); - //$sql_count_online = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_online AND blocked=0"; + //$sql_count_online = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_online AND blocked=0"; - //$result['online'] = mysql_result(mysql_query($sql_count_online),0); + //$result['online'] = mysql_result(mysql_query($sql_count_online),0); - $sql_count_blocked = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=1"; + $sql_count_blocked = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=1"; - $result['blocked'] = mysql_result(mysql_query($sql_count_blocked),0); + $result['blocked'] = mysql_result(mysql_query($sql_count_blocked),0); - $all_pages = ceil($vsego/$kol_on_page); + $all_pages = ceil($vsego/$kol_on_page); - if($_GET['page']) $page = $_GET['page']; else $page = 1; + if($_GET['page']) $page = $_GET['page']; else $page = 1; - $ot = ($page-1)*$kol_on_page; + $ot = ($page-1)*$kol_on_page; - $sql = "SELECT *, DATE_FORMAT(date_reg,'%d.%m.%Y %H:%i') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users"; + $sql = "SELECT *, DATE_FORMAT(date_reg,'%d.%m.%Y %H:%i') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users"; - if ($self_include) { - $sql .= " WHERE users.id = $_SESSION[id] OR ($bd_usl)"; - } else { - $sql .= " WHERE users.id <> $_SESSION[id] AND $bd_usl"; - } + if ($self_include) { + $sql .= " WHERE users.id = $_SESSION[id] OR ($bd_usl)"; + } else { + $sql .= " WHERE users.id <> $_SESSION[id] AND $bd_usl"; + } - $sql .= " ORDER BY users.manager desc, users.id DESC"; + $sql .= " ORDER BY users.manager desc, users.id DESC"; - if (isset($_GET['dev'])) - echo $sql; + if (isset($_GET['dev'])) + echo $sql; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - while($users=mysql_fetch_assoc($rez)) $result['users'][] = $users; + while($users=mysql_fetch_assoc($rez)) $result['users'][] = $users; - return $result; + return $result; - } + } - public function del($id) { + public function del($id) { - $sql="SELECT * FROM users WHERE id=$id"; + $sql="SELECT * FROM users WHERE id=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $manager = mysql_fetch_assoc($rez); + $manager = mysql_fetch_assoc($rez); $userDel = new User; $userDel->get($id); - + $user_del = array(); - $arrayCanKey = ['pwd','email','last_name','first_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager']; + $arrayCanKey = ['pwd','email','last_name','first_name','middle_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager']; foreach($manager as $key => $val){ if($key != 'id' && !empty($val) && in_array($key, $arrayCanKey)){ $user_del[] = "`".$key."` = '".$val."'"; @@ -524,238 +524,257 @@ class User { file_put_contents($_SERVER["DOCUMENT_ROOT"]."/callevents/user.txt", "1. ". print_r($sql_in, true) . "\n", FILE_APPEND); mysql_query($sql_in); - $sql="DELETE FROM users WHERE id=$id"; + $sql="DELETE FROM users WHERE id=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - if ($manager['id_manager'] > 0) { - $sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id"; - mysql_query($sql); - } else { - $sql="SELECT id FROM users WHERE id_manager=$id"; - $rez=mysql_query($sql); - while($us = mysql_fetch_assoc($rez)) { - User::del($us['id']); - } - } + if ($manager['id_manager'] > 0) { + $sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id"; + mysql_query($sql); + } else { + $sql="SELECT id FROM users WHERE id_manager=$id"; + $rez=mysql_query($sql); + while($us = mysql_fetch_assoc($rez)) { + User::del($us['id']); + } + } - $sql="DELETE FROM views WHERE id_user=$id"; + $sql="DELETE FROM views WHERE id_user=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $sql="DELETE FROM sended_pdf WHERE id_agent=$id"; + $sql="DELETE FROM sended_pdf WHERE id_agent=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $sql="DELETE FROM online WHERE id_user=$id"; + $sql="DELETE FROM online WHERE id_user=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $sql="DELETE FROM objects WHERE id_user=$id"; + $sql="DELETE FROM objects WHERE id_user=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $sql="DELETE FROM favor WHERE id_user=$id"; + $sql="DELETE FROM favor WHERE id_user=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $sql="DELETE FROM clients WHERE id_agent=$id"; + // осиротевшие персональные листинг-данные ушедшего (избранное/просмотры/потенциальные) — гигиена + mysql_query("DELETE FROM external_listing_favorites WHERE user_id=$id"); + mysql_query("DELETE FROM external_listing_views WHERE user_id=$id"); + mysql_query("DELETE FROM external_listing_potential WHERE user_id=$id"); - $rez=mysql_query($sql); + $sql="DELETE FROM clients WHERE id_agent=$id"; - $sql="DELETE FROM user_client_events WHERE user_id=$id"; + $rez=mysql_query($sql); - $rez=mysql_query($sql); + $sql="DELETE FROM user_client_events WHERE user_id=$id"; - $sql="DELETE FROM user_object_events WHERE user_id=$id"; + $rez=mysql_query($sql); - $rez=mysql_query($sql); + $sql="DELETE FROM user_object_events WHERE user_id=$id"; - //удаляем из чата и данные в таблице настроек - RocketChat::deleteChatUser($id); - $sql="DELETE FROM chat_settings_user WHERE user_id=$id"; - $rez=mysql_query($sql); - } + $rez=mysql_query($sql); + + // Открытые задачи листингов ушедшего передаём его менеджеру (исполнитель ушёл — кто-то живой должен закрыть); + // авторство (from_id) НЕ трогаем; выполненные/заметки/комменты остаются за автором (видны через users_delete-scope). + if ($manager['id_manager'] > 0) { + mysql_query("UPDATE external_listing_events SET user_id = " . (int)$manager['id_manager'] . " WHERE user_id = $id AND calendar_view = 0"); + } + + //удаляем из чата и данные в таблице настроек + RocketChat::deleteChatUser($id); + $sql="DELETE FROM chat_settings_user WHERE user_id=$id"; + $rez=mysql_query($sql); + } public static function deleteWithRebindClient($newIdAgent, $id, $newWhoWork, $newWhoWorkObj, $newWhoWorkReq, $managerId) { - $sql="SELECT * FROM users WHERE id=$id"; + $sql="SELECT * FROM users WHERE id=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $manager = mysql_fetch_assoc($rez); + $manager = mysql_fetch_assoc($rez); $userDel = new User; $userDel->get($id); - + $user_del = array(); - $arrayCanKey = ['pwd','email','last_name','first_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager']; + $arrayCanKey = ['pwd','email','last_name','first_name','middle_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager']; foreach($manager as $key => $val){ if($key != 'id' && !empty($val) && in_array($key, $arrayCanKey)){ $user_del[] = "`".$key."` = '".$val."'"; } } - + $sql_in = "INSERT INTO users_delete SET ".implode(',', $user_del).", agency_id = " . $userDel->agencyId. ", user_id = {$id}"; file_put_contents($_SERVER["DOCUMENT_ROOT"]."/callevents/user.txt", print_r($sql_in, true) . "\n", FILE_APPEND); mysql_query($sql_in); - $sql="DELETE FROM users WHERE id=$id"; + $sql="DELETE FROM users WHERE id=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - if ($manager['id_manager'] > 0) { - $sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id"; - mysql_query($sql); - } else { - $sql="SELECT id FROM users WHERE id_manager=$id"; - $rez=mysql_query($sql); - while($us = mysql_fetch_assoc($rez)) { - User::deleteWithRebindClient($newIdAgent, $us['id'], $newWhoWork, $newWhoWorkObj, $newWhoWorkReq, $managerId); - } - } + if ($manager['id_manager'] > 0) { + $sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id"; + mysql_query($sql); + } else { + $sql="SELECT id FROM users WHERE id_manager=$id"; + $rez=mysql_query($sql); + while($us = mysql_fetch_assoc($rez)) { + User::deleteWithRebindClient($newIdAgent, $us['id'], $newWhoWork, $newWhoWorkObj, $newWhoWorkReq, $managerId); + } + } - $sql="DELETE FROM views WHERE id_user=$id"; + $sql="DELETE FROM views WHERE id_user=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $sql="DELETE FROM sended_pdf WHERE id_agent=$id"; + $sql="DELETE FROM sended_pdf WHERE id_agent=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $sql="DELETE FROM online WHERE id_user=$id"; + $sql="DELETE FROM online WHERE id_user=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $sql="DELETE FROM favor WHERE id_user=$id"; + $sql="DELETE FROM favor WHERE id_user=$id"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $confirm = 0; - if($newWhoWork == $_SESSION['id']){ - $confirm = 1; - } + // осиротевшие персональные листинг-данные ушедшего (избранное/просмотры/потенциальные) — гигиена + mysql_query("DELETE FROM external_listing_favorites WHERE user_id=$id"); + mysql_query("DELETE FROM external_listing_views WHERE user_id=$id"); + mysql_query("DELETE FROM external_listing_potential WHERE user_id=$id"); - $sql="UPDATE clients SET who_work=$newWhoWork, confirm=$confirm, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 0"; + $confirm = 0; + if($newWhoWork == $_SESSION['id']){ + $confirm = 1; + } - $rez=mysql_query($sql); + $sql="UPDATE clients SET who_work=$newWhoWork, confirm=$confirm, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 0"; - $sql="UPDATE clients SET who_work=$newWhoWork, confirm=1, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 1"; + $rez=mysql_query($sql); - $rez=mysql_query($sql); + $sql="UPDATE clients SET who_work=$newWhoWork, confirm=1, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 1"; - // перенос всех событий тому, кому отдаем клиентов - $sql="UPDATE user_client_events SET user_id=$newWhoWork WHERE user_id=$id AND client_id>0"; + $rez=mysql_query($sql); - $rez=mysql_query($sql); + // перенос всех событий тому, кому отдаем клиентов + $sql="UPDATE user_client_events SET user_id=$newWhoWork WHERE user_id=$id AND client_id>0"; - // перенос всех событий менеджеру или агентству - $sql="UPDATE user_object_events SET user_id=$managerId WHERE user_id=$id"; + $rez=mysql_query($sql); - $rez=mysql_query($sql); + // перенос всех событий менеджеру или агентству + $sql="UPDATE user_object_events SET user_id=$managerId WHERE user_id=$id"; + + $rez=mysql_query($sql); + + // Открытые задачи листингов — тому же менеджеру (как own-object события выше); авторство (from_id) сохраняем + mysql_query("UPDATE external_listing_events SET user_id=$managerId WHERE user_id=$id AND calendar_view = 0"); //Заявки - $sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=$confirm, user_id=$newIdAgent WHERE who_work=$id AND deleted = 0"; + $sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=$confirm, user_id=$newIdAgent WHERE who_work=$id AND deleted = 0"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=1, user_id=$newIdAgent WHERE who_work=$id AND deleted = 1"; + $sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=1, user_id=$newIdAgent WHERE who_work=$id AND deleted = 1"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - // перенос всех событий тому, кому отдаем заявки - $sql="UPDATE user_client_events SET user_id=$newWhoWorkReq WHERE user_id=$id AND req_id>0"; + // перенос всех событий тому, кому отдаем заявки + $sql="UPDATE user_client_events SET user_id=$newWhoWorkReq WHERE user_id=$id AND req_id>0"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - $sqlNewObjUser = "SELECT * FROM users WHERE id=$newWhoWorkObj"; - $rezNewObjUser = mysql_query($sqlNewObjUser); - $newObjUser = mysql_fetch_assoc($rezNewObjUser); + $sqlNewObjUser = "SELECT * FROM users WHERE id=$newWhoWorkObj"; + $rezNewObjUser = mysql_query($sqlNewObjUser); + $newObjUser = mysql_fetch_assoc($rezNewObjUser); - $phone = $newObjUser['phone']; - $num_search = User::num_search($newObjUser['phone']); - $sobstv = trim($newObjUser['last_name'] . ' ' . $newObjUser['first_name'] . ' ' . $newObjUser['middle_name']); + $phone = $newObjUser['phone']; + $num_search = User::num_search($newObjUser['phone']); + $sobstv = trim($newObjUser['last_name'] . ' ' . $newObjUser['first_name'] . ' ' . $newObjUser['middle_name']); - if ($newObjUser['agency'] == 0) { - $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]"; - $rez=mysql_query($sql); - $manager = mysql_fetch_assoc($rez); + if ($newObjUser['agency'] == 0) { + $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]"; + $rez=mysql_query($sql); + $manager = mysql_fetch_assoc($rez); - if($manager['id_manager']) { - $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); - } else { - $agency = $manager; - } - if ($agency) { - $sobstv = $sobstv . ", агентство " . $agency['agency_name']; - } - } + if($manager['id_manager']) { + $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); + } else { + $agency = $manager; + } + if ($agency) { + $sobstv = $sobstv . ", агентство " . $agency['agency_name']; + } + } -$webHookIn = new WebHookIn(null, $userDel->agencyId); - -$is_send_webhook = $webHookIn->check_hook('object_update', 'object'); + $webHookIn = new WebHookIn(null, $userDel->agencyId); -if($is_send_webhook){ - $webHookIn->save_webhook_cron_many($_SESSION['id'], $id, $newWhoWorkObj); -} + $is_send_webhook = $webHookIn->check_hook('object_update', 'object'); -$dataWhook = array('action'=>'employee_delete', 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$userDel->agencyId); -$webHookIn->check_send($dataWhook); - // перенос всех объектов - $sql = "UPDATE objects SET is_main = 0, id_add_user=$newWhoWorkObj, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$id"; - $rez = mysql_query($sql); - //Запись переноса в сфинкс - $db_sphinx = new MysqlPdo(hstsph2, null, null, null, true, '9306'); - $sql = "UPDATE objects SET id_add_user=$newWhoWorkObj, phone_search = '$num_search' WHERE id_add_user=$id"; - $db_sphinx->query($sql,true); + if($is_send_webhook){ + $webHookIn->save_webhook_cron_many($_SESSION['id'], $id, $newWhoWorkObj); + } - // перенос Зипал - $sql = "UPDATE zipal_objects SET user_id=$newWhoWorkObj, send_to_update=1 WHERE object_id in (SELECT id from objects where id_add_user=$id)"; - mysql_query($sql); + $dataWhook = array('action'=>'employee_delete', 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$userDel->agencyId); + $webHookIn->check_send($dataWhook); + // перенос всех объектов + $sql = "UPDATE objects SET is_main = 0, id_add_user=$newWhoWorkObj, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$id"; + $rez = mysql_query($sql); + //Запись переноса в сфинкс + $db_sphinx = new MysqlPdo(hstsph2, null, null, null, true, '9306'); + $sql = "UPDATE objects SET id_add_user=$newWhoWorkObj, phone_search = '$num_search' WHERE id_add_user=$id"; + $db_sphinx->query($sql,true); - $sqlPack = "UPDATE advertising_package_object_publish SET send_to_update = '1', error_when_send_to_update = '' WHERE object_id in (SELECT id from objects where id_add_user=$id)"; - mysql_query($sqlPack); + // перенос Зипал + $sql = "UPDATE zipal_objects SET user_id=$newWhoWorkObj, send_to_update=1 WHERE object_id in (SELECT id from objects where id_add_user=$id)"; + mysql_query($sql); - // в передаче объектов затираем передачи, которые адресованы удаляемому пользователю - $sql = "UPDATE objects_to_send SET accept_state='REJECTED', accept_date=NOW() WHERE new_user_id=$id"; - mysql_query($sql); + $sqlPack = "UPDATE advertising_package_object_publish SET send_to_update = '1', error_when_send_to_update = '' WHERE object_id in (SELECT id from objects where id_add_user=$id)"; + mysql_query($sqlPack); + + // в передаче объектов затираем передачи, которые адресованы удаляемому пользователю + $sql = "UPDATE objects_to_send SET accept_state='REJECTED', accept_date=NOW() WHERE new_user_id=$id"; + mysql_query($sql); // переносим комменты $sqlObjN = "UPDATE object_notes SET created_by=$newWhoWorkObj WHERE created_by=$id"; mysql_query($sqlObjN); - //удаляем из чата и данные в таблице настроек - RocketChat::deleteChatUser($id); - $sql="DELETE FROM chat_settings_user WHERE user_id=$id"; - $rez=mysql_query($sql); + //удаляем из чата и данные в таблице настроек + RocketChat::deleteChatUser($id); + $sql="DELETE FROM chat_settings_user WHERE user_id=$id"; + $rez=mysql_query($sql); } public static function num_search($num) { - $num_search = str_replace("+", "", $num); - $num_search = str_replace("(", "", $num_search); - $num_search = str_replace(")", "", $num_search); - $num_search = str_replace(" ", "", $num_search); - $num_search = str_replace("-", "", $num_search); - $num_search = trim($num_search); + $num_search = str_replace("+", "", $num); + $num_search = str_replace("(", "", $num_search); + $num_search = str_replace(")", "", $num_search); + $num_search = str_replace(" ", "", $num_search); + $num_search = str_replace("-", "", $num_search); + $num_search = trim($num_search); - if (mb_strlen($num_search) > 7) - $num_search = mb_substr($num_search, 1); + if (mb_strlen($num_search) > 7) + $num_search = mb_substr($num_search, 1); - return $num_search; + return $num_search; } public function checkPermissions($userID = false, $useRedirect = true) { if ($userID === false && isset($_SESSION['id'])) { - $userId = $_SESSION['id']; + $userId = $_SESSION['id']; } else if (isset($userID)) { - $userId = $userID; + $userId = $userID; } else { - if ($useRedirect) - $this->quit("ИД пользователя не указан", $useRedirect); - else - return ['error' => "ИД пользователя не указан"]; + if ($useRedirect) + $this->quit("ИД пользователя не указан", $useRedirect); + else + return ['error' => "ИД пользователя не указан"]; } $sql = "SELECT users.*, online.ip, online.user_agent FROM users,online WHERE users.id=online.id_user AND users.id=$userId"; @@ -765,13 +784,13 @@ $webHookIn->check_send($dataWhook); if ($useRedirect && !$users) $this->quit("Пользователь не авторизован", $useRedirect); else if (!$users) - return ['error' => "Пользователь не авторизован"]; + return ['error' => "Пользователь не авторизован"]; if ($useRedirect && $users['blocked']) $this->quit("Ваш аккаунт заблокирован", $useRedirect); - else if ($users['blocked']) - return ['error' => "Ваш аккаунт заблокирован"]; + else if ($users['blocked']) + return ['error' => "Ваш аккаунт заблокирован"]; /*if ($users['ip'] != $_SERVER['REMOTE_ADDR'] || $users['user_agent'] != $_SERVER['HTTP_USER_AGENT']) { if ($useRedirect) @@ -785,8 +804,8 @@ $webHookIn->check_send($dataWhook); $this->show_zipal_balance = $users['show_zipal_balance']; $this->zipal_balance = $users['zipal_balance']; $this->agencyEgrnRequestCount = 0; - $this->agencyAntiznakRequestCount = 0; - $this->agencyEnableWazzap = $users['enable_wazzap']; + $this->agencyAntiznakRequestCount = 0; + $this->agencyEnableWazzap = $users['enable_wazzap']; $departmentClass = new Department; $departmentUser = $departmentClass->getDepartment($userId); @@ -802,19 +821,19 @@ $webHookIn->check_send($dataWhook); $agency = new User; $agency->get($id_menager); if ($agency->id_manager) { - $agency->get($agency->id_manager); - if ($agency->id_manager) { - $agency->get($agency->id_manager); - } - } + $agency->get($agency->id_manager); + if ($agency->id_manager) { + $agency->get($agency->id_manager); + } + } $id_tarif = $agency->id_tarif; $this->agencyId = $agency->id; $this->agencyZipalLogin = $agency->zipal_login; $this->agencyZipalPassword = $agency->zipal_password; $this->agencyZipalBalance = $agency->zipal_balance; $this->agencyEgrnRequestCount = $agency->egrn_request_count; - $this->agencyAntiznakRequestCount = $agency->antiznak_request_count; - $this->agencyEnableWazzap = $agency->enable_wazzap; + $this->agencyAntiznakRequestCount = $agency->antiznak_request_count; + $this->agencyEnableWazzap = $agency->enable_wazzap; $date_tarif = $agency->date_tarif; if ($agency->date_reg < $agency->date_tarif) { @@ -925,27 +944,27 @@ $webHookIn->check_send($dataWhook); $_SESSION['users_admin'] = 0; } - //Предмодерация рекламы по объектам - $_SESSION['use_advert_moderation'] = 0; - $q_moderation = mysql_query("SELECT * FROM advert_moderation_agency WHERE agency_id = {$this->agencyId}"); - if(mysql_num_rows($q_moderation) > 0){ - $_SESSION['use_advert_moderation'] = 1; - } + //Предмодерация рекламы по объектам + $_SESSION['use_advert_moderation'] = 0; + $q_moderation = mysql_query("SELECT * FROM advert_moderation_agency WHERE agency_id = {$this->agencyId}"); + if(mysql_num_rows($q_moderation) > 0){ + $_SESSION['use_advert_moderation'] = 1; + } - // Рекламный бюджет и ограничение публикации - $_SESSION['use_advert_budget'] = 0; + // Рекламный бюджет и ограничение публикации + $_SESSION['use_advert_budget'] = 0; - if (!$this->agency) { - $sql = "SELECT use_advert_budget FROM users WHERE id=$this->agencyId"; - if ($rez = mysql_query($sql)) { - $row = mysql_fetch_assoc($rez); - $_SESSION['use_advert_budget'] = $row['use_advert_budget']; - } - } + if (!$this->agency) { + $sql = "SELECT use_advert_budget FROM users WHERE id=$this->agencyId"; + if ($rez = mysql_query($sql)) { + $row = mysql_fetch_assoc($rez); + $_SESSION['use_advert_budget'] = $row['use_advert_budget']; + } + } - if ($this->use_advert_budget) { - $_SESSION['use_advert_budget'] = 1; - } + if ($this->use_advert_budget) { + $_SESSION['use_advert_budget'] = 1; + } $sessionTime = 86400; @@ -953,57 +972,63 @@ $webHookIn->check_send($dataWhook); $this->id = $_SESSION['id'] = $users['id']; $this->id_manager = $_SESSION['id_manager'] = $users['id_manager']; $this->agency_id = $_SESSION['agency_id'] = self::getUserAgencyID(); - setcookie('user_id', $_SESSION['id'], time() + 360, "/"); - setcookie('agency_id', $_SESSION['agency_id'], time() + 360, "/"); - setcookie('id_manager', $_SESSION['id_manager'], time() + 360, "/"); - setcookie('is_agency', $_SESSION['agency'], time() + 360, "/"); - setcookie('is_manager', $_SESSION['manager'], time() + 360, "/"); - setcookie('is_users_admin', $_SESSION['users_admin'], time() + 360, "/"); - setcookie('is_agent', $_SESSION['agent'], time() + 360, "/"); - setcookie('PHPSESSID_EXPIRATION', $sessionTime + time(), time() + 360, "/"); + // куки-зеркало сессии для совместимости. Фронт читает права из API/стора, не из кук; + // гард — чтобы на after-output страницах setcookie не падал «headers already sent» (флуд в лог). + if (!headers_sent()) { + setcookie('user_id', $_SESSION['id'], time() + 360, "/"); + setcookie('agency_id', $_SESSION['agency_id'], time() + 360, "/"); + setcookie('id_manager', $_SESSION['id_manager'], time() + 360, "/"); + setcookie('is_agency', $_SESSION['agency'], time() + 360, "/"); + setcookie('is_manager', $_SESSION['manager'], time() + 360, "/"); + setcookie('is_users_admin', $_SESSION['users_admin'], time() + 360, "/"); + setcookie('is_agent', $_SESSION['agent'], time() + 360, "/"); + setcookie('PHPSESSID_EXPIRATION', $sessionTime + time(), time() + 360, "/"); + } $this->_user_can['autosearch'] = true; $this->_user_can['object-fields'] = boolval($this->agency || $this->manager || $this->users_admin); //$this->_user_can['advert-stats'] = boolval($this->agency || $this->users_admin); $this->_user_can['advert-stats'] = true; $_SESSION['user_can'] = $this->_user_can; - setcookie('user_can', json_encode($_SESSION['user_can']), time() + 360, "/"); + if (!headers_sent()) { + setcookie('user_can', json_encode($_SESSION['user_can']), time() + 360, "/"); + } } - public function checkMenuPermissions($permissionName = null) { + public function checkMenuPermissions($permissionName = null) { $userId = $_SESSION['id']; $sql_d = "SELECT * FROM `user_permissions` WHERE `user_id` = ".$userId; - if ($permissionName) { - $sql_d .= " AND {$permissionName} = 1"; - } + if ($permissionName) { + $sql_d .= " AND {$permissionName} = 1"; + } $result = mysql_query($sql_d); return mysql_fetch_assoc($result); } - public function check_sms($post, $pwd = false, $use_redirect = true) - { - if ($_SESSION['sms'] == $post['sms'] || $pwd) { + public function check_sms($post, $pwd = false, $use_redirect = true) + { + if ($_SESSION['sms'] == $post['sms'] || $pwd) { - $sql = "SELECT * FROM `users` WHERE `phone`='+{$post['phone']}'"; - if (!$rez = mysql_query($sql)) - $msg = mysqli_error(); + $sql = "SELECT * FROM `users` WHERE `phone`='+{$post['phone']}'"; + if (!$rez = mysql_query($sql)) + $msg = mysqli_error(); - if (mysql_num_rows($rez)) { + if (mysql_num_rows($rez)) { - $users = mysql_fetch_assoc($rez); - if ($pwd && md5($post['pwd'] . SALT) != $users['pwd']) { - if ($use_redirect) - return "Неверный пароль"; - else - return [ - 'success' => false, - 'message' => "Неверный пароль", - ]; - } + $users = mysql_fetch_assoc($rez); + if ($pwd && md5($post['pwd'] . SALT) != $users['pwd']) { + if ($use_redirect) + return "Неверный пароль"; + else + return [ + 'success' => false, + 'message' => "Неверный пароль", + ]; + } - if ($users['moder']) { - if (!$users['blocked']) { + if ($users['moder']) { + if (!$users['blocked']) { $this->agency_id = self::getUserAgencyID($users['id']); @@ -1054,246 +1079,278 @@ $webHookIn->check_send($dataWhook); $_SESSION['agency_id'] = $this->agency_id; - $_SESSION['fio'] = trim($users['last_name'] . ' ' . $users['first_name'] . ' ' . $users['middle_name']); - $_SESSION['phone'] = $users['phone']; - $_SESSION['id'] = $users['id']; - $_SESSION['email'] = $users['email']; + $_SESSION['fio'] = trim($users['last_name'] . ' ' . $users['first_name'] . ' ' . $users['middle_name']); + $_SESSION['phone'] = $users['phone']; + $_SESSION['id'] = $users['id']; + $_SESSION['email'] = $users['email']; - if ($users['manager']) - $this->manager = $_SESSION['manager'] = 1; - else - $this->manager = $_SESSION['manager'] = 0; + if ($users['manager']) + $this->manager = $_SESSION['manager'] = 1; + else + $this->manager = $_SESSION['manager'] = 0; - if ($users['id_manager'] == 0) - $this->individual = $_SESSION['individual'] = 1; // частник - else - $this->individual = $_SESSION['individual'] = 0; + if ($users['id_manager'] == 0) + $this->individual = $_SESSION['individual'] = 1; // частник + else + $this->individual = $_SESSION['individual'] = 0; - if ($users['agent']) - $this->agent = $_SESSION['agent'] = 1; - else - $this->agent = $_SESSION['agent'] = 0; + if ($users['agent']) + $this->agent = $_SESSION['agent'] = 1; + else + $this->agent = $_SESSION['agent'] = 0; - if ($users['agency']) - $this->agency = $_SESSION['agency'] = 1; - else - $this->agency = $_SESSION['agency'] = 0; + if ($users['agency']) + $this->agency = $_SESSION['agency'] = 1; + else + $this->agency = $_SESSION['agency'] = 0; - //пользователь, который может управлять другими - if ($users['users_admin']) - $_SESSION['users_admin'] = 1; - else - $_SESSION['users_admin'] = 0; + //пользователь, который может управлять другими + if ($users['users_admin']) + $_SESSION['users_admin'] = 1; + else + $_SESSION['users_admin'] = 0; - $this->id = $_SESSION['id'] = $users['id']; + $this->id = $_SESSION['id'] = $users['id']; - mysql_query("UPDATE users SET last_auth=NOW() WHERE id=$users[id]"); + mysql_query("UPDATE users SET last_auth=NOW() WHERE id=$users[id]"); - mysql_query("DELETE FROM online WHERE id_user=$users[id]"); + mysql_query("DELETE FROM online WHERE id_user=$users[id]"); - mysql_query("INSERT INTO online(id_user, last_activity, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')"); + mysql_query("INSERT INTO online(id_user, last_activity, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')"); - mysql_query("INSERT INTO auth_log(id_user, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')"); + mysql_query("INSERT INTO auth_log(id_user, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')"); - if ($users['superadmin']) { + //Для Laravel + $allowed_users_deal = [117, 4]; + if (in_array((int)$_SESSION['agency_id'], $allowed_users_deal)) { + $sessionData = [ + 'id' => session_id(), + 'user_id' => $users['id'], + 'payload' => json_encode([ + 'fio' => $_SESSION['fio'], + 'phone' => $_SESSION['phone'], + 'roles' => [ + 'manager' => $_SESSION['manager'], + 'agent' => $_SESSION['agent'], + 'agency' => $_SESSION['agency'], + 'superadmin' => $_SESSION['superadmin'] + ] + ]), + 'last_activity' => time(), + 'ip_address' => $_SERVER['REMOTE_ADDR'], + 'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '' + ]; - $_SESSION['superadmin'] = 1; - if ($use_redirect) - header("location:/admin/index.php"); - else - return [ - 'success' => true - ]; - } else { - - $agenciesHaveAccessToNewComplexes = [4, 5261, 12028, 12061, 17328, 11325, 13735, 19093, 16378, 19467, 20197, 19909, 19646]; + $sql_session = "REPLACE INTO sessions (id, user_id, payload, last_activity, ip_address, user_agent) VALUES ( + '" . mysql_real_escape_string($sessionData['id']) . "', + {$sessionData['user_id']}, + '" . mysql_real_escape_string($sessionData['payload']) . "', + {$sessionData['last_activity']}, + '" . mysql_real_escape_string($sessionData['ip_address']) . "', + '" . mysql_real_escape_string($sessionData['user_agent']) . "' + )"; + mysql_query($sql_session); + } - $user_id = $_SESSION['id']; + if ($users['superadmin']) { - $check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $user_id"; - $check_permissions_result = mysql_query($check_permissions_sql); + $_SESSION['superadmin'] = 1; + if ($use_redirect) + header("location:/admin/index.php"); + else + return [ + 'success' => true + ]; + } else { - if (!$check_permissions_result || mysql_num_rows($check_permissions_result) == 0) { - - $permissions = [ - $user_id, - 1, 1, 1, // menu_office, menu_search, menu_objects - 0, 0, // menu_all_objects, menu_all_objects_edit - 0, // menu_ads - 1, 0, 0, 0, // menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export - 1, 0, 0, 0, // menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export - 0, 1, 1, // menu_partners, menu_docs, menu_settings - 0, // menu_complexes (по умолчанию отключено) - 1, 0, // menu_can_transfer_to_common (по умолчанию включено), menu_can_take_from_closed (по умолчанию отключено) - 0, // menu_can_transfer_closed_to_others (может передавать закрытые заявки другим сотрудникам) - ]; + $agenciesHaveAccessToNewComplexes = [4, 5261, 12028, 12061, 17328, 11325, 13735, 19093, 16378, 19467, 20197, 19909, 19646]; - $is_admin = !empty($users['users_admin']); - $in_agency_list = in_array($user_id, $agenciesHaveAccessToNewComplexes); - $is_agent = $users['agent'] == '1' && $users['agency'] != '1' && $users['manager'] != '1' && $users['id_manager'] == 0; - $is_supervisor = $users['agency'] == '1' && $users['manager'] == '1'; - $is_developer = $users['role_developer'] == '1'; + $user_id = $_SESSION['id']; - $default_can_transfer_to_common = 1; - if ($this->agency_id == 19895) { - $default_can_transfer_to_common = 0; - } + $check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $user_id"; + $check_permissions_result = mysql_query($check_permissions_sql); - $default_cannot_create_req_manually = 0; - if ($this->agency_id == 19895) { - $default_cannot_create_req_manually = 1; - } + if (!$check_permissions_result || mysql_num_rows($check_permissions_result) == 0) { - // Если admin или частный агент или руководитель и в списке с комплексами - if ( - ($is_admin && $in_agency_list) || - ($is_agent && $in_agency_list) || - ($is_supervisor && $in_agency_list) || - ($is_developer) - ) { - $permissions = [ - $user_id, - 1, 1, 1, - 1, 1, - 1, - 1, 1, 1, 1, - 1, 1, 1, 1, - 1, 1, 1, - 1, // комплексы включены - $default_can_transfer_to_common, 1, - 1, - $default_cannot_create_req_manually - ]; - } - // Если просто admin или частный агент или руководитель - elseif ($is_admin || $is_agent || $is_supervisor ) { - $permissions = [ - $user_id, - 1, 1, 1, - 1, 1, - 1, - 1, 1, 1, 1, - 1, 1, 1, 1, - 1, 1, 1, - 0, // комплексы выключены - $default_can_transfer_to_common, 1, - 1, - $default_cannot_create_req_manually - ]; - } - $values_str = implode(',', $permissions); + $permissions = [ + $user_id, + 1, 1, 1, // menu_office, menu_search, menu_objects + 0, 0, // menu_all_objects, menu_all_objects_edit + 0, // menu_ads + 1, 0, 0, 0, // menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export + 1, 0, 0, 0, // menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export + 0, 1, 1, // menu_partners, menu_docs, menu_settings + 0, // menu_complexes (по умолчанию отключено) + 1, 0, // menu_can_transfer_to_common (по умолчанию включено), menu_can_take_from_closed (по умолчанию отключено) + 0, // menu_can_transfer_closed_to_others (может передавать закрытые заявки другим сотрудникам) + ]; - $insert_sql = "INSERT INTO user_permissions + $is_admin = !empty($users['users_admin']); + $in_agency_list = in_array($user_id, $agenciesHaveAccessToNewComplexes); + $is_agent = $users['agent'] == '1' && $users['agency'] != '1' && $users['manager'] != '1' && $users['id_manager'] == 0; + $is_supervisor = $users['agency'] == '1' && $users['manager'] == '1'; + $is_developer = $users['role_developer'] == '1'; + + $default_can_transfer_to_common = 1; + if ($this->agency_id == 19895) { + $default_can_transfer_to_common = 0; + } + + $default_cannot_create_req_manually = 0; + if ($this->agency_id == 19895) { + $default_cannot_create_req_manually = 1; + } + + // Если admin или частный агент или руководитель и в списке с комплексами + if ( + ($is_admin && $in_agency_list) || + ($is_agent && $in_agency_list) || + ($is_supervisor && $in_agency_list) || + ($is_developer) + ) { + $permissions = [ + $user_id, + 1, 1, 1, + 1, 1, + 1, + 1, 1, 1, 1, + 1, 1, 1, 1, + 1, 1, 1, + 1, // комплексы включены + $default_can_transfer_to_common, 1, + 1, + $default_cannot_create_req_manually + ]; + } + // Если просто admin или частный агент или руководитель + elseif ($is_admin || $is_agent || $is_supervisor ) { + $permissions = [ + $user_id, + 1, 1, 1, + 1, 1, + 1, + 1, 1, 1, 1, + 1, 1, 1, 1, + 1, 1, 1, + 0, // комплексы выключены + $default_can_transfer_to_common, 1, + 1, + $default_cannot_create_req_manually + ]; + } + $values_str = implode(',', $permissions); + + $insert_sql = "INSERT INTO user_permissions (user_id, menu_office, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit, menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export, menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export, menu_partners, menu_docs, menu_settings, menu_complexes, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others, cannot_create_req_manually) VALUES ($values_str)"; - mysql_query($insert_sql); - } + mysql_query($insert_sql); + } - $_SESSION['superadmin'] = 0; - $first_page_query = "SELECT jp.page_url FROM users + $_SESSION['superadmin'] = 0; + $first_page_query = "SELECT jp.page_url FROM users JOIN jw_pages jp ON users.jw_page_id = jp.id WHERE users.id = " . $_SESSION['id']; - $first_page_result = mysql_query($first_page_query); - $first_page = mysql_fetch_assoc($first_page_result); - $redirect_page = !empty($first_page['page_url']) ? $first_page['page_url'] : "/sale.php"; - if ($use_redirect) - if ($redirect_page) { - header("location:$redirect_page"); - } else { - header("location:/sale.php"); - } - else - return [ - 'success' => true - ]; - } + $first_page_result = mysql_query($first_page_query); + $first_page = mysql_fetch_assoc($first_page_result); + $redirect_page = !empty($first_page['page_url']) ? $first_page['page_url'] : "/sale.php"; + if ($use_redirect) + if ($redirect_page) { + header("location:$redirect_page"); + } else { + header("location:/sale.php"); + } + else + return [ + 'success' => true + ]; + } - } else $msg = "Аккаунт заблокирован!"; + } else $msg = "Аккаунт заблокирован!"; - } else $msg = "Аккаунт ещё не подтверждён."; + } else $msg = "Аккаунт ещё не подтверждён."; - } else $msg = "Этот номер телефона не зарегистрирован в JoyWork."; + } else $msg = "Этот номер телефона не зарегистрирован в JoyWork."; - } else $msg = "Неверный код подтверждения!"; + } else $msg = "Неверный код подтверждения!"; - if ($use_redirect) - return $msg; - else - return [ - 'success' => false, - 'message' => $msg, - ]; - } + if ($use_redirect) + return $msg; + else + return [ + 'success' => false, + 'message' => $msg, + ]; + } - public function auth($post) { - $msg = 0; - if(!empty($post['phone'])) { - $phone = $post['phone']; - $sql = "SELECT * FROM users WHERE phone = '{$phone}'"; - $rez = mysql_query($sql); + public function auth($post) { + $msg = 0; + if(!empty($post['phone'])) { + $phone = $post['phone']; + $sql = "SELECT * FROM users WHERE phone = '{$phone}'"; + $rez = mysql_query($sql); - if (mysql_num_rows($rez)) { - $users = mysql_fetch_assoc($rez); + if (mysql_num_rows($rez)) { + $users = mysql_fetch_assoc($rez); - if ($users['moder']) { - if (!$users['blocked']) { - $PHP_SELF = $_SERVER['PHP_SELF']; - if ($users['is_pwd']) { - header("location:$PHP_SELF?phone2=$phone"); - } - else { - require_once($_SERVER['DOCUMENT_ROOT']."/engine/mobilGroupApi.php"); - $_SESSION['sms'] = $code_sms = ok_code($phone); - $r = sendCode($phone, $code_sms); - if ($r[1] > 0) { - header("location:$PHP_SELF?phone=$phone"); - } else { - $msg = "Робот не может дозвониться по номеру $phone. Проверьте корректность номера или попробуйте выполнить вход позже."; + if ($users['moder']) { + if (!$users['blocked']) { + $PHP_SELF = $_SERVER['PHP_SELF']; + if ($users['is_pwd']) { + header("location:$PHP_SELF?phone2=$phone"); + } + else { + require_once($_SERVER['DOCUMENT_ROOT']."/engine/mobilGroupApi.php"); + $_SESSION['sms'] = $code_sms = ok_code($phone); + $r = sendCode($phone, $code_sms); + if ($r[1] > 0) { + header("location:$PHP_SELF?phone=$phone"); + } else { + $msg = "Робот не может дозвониться по номеру $phone. Проверьте корректность номера или попробуйте выполнить вход позже."; mailClient("ellada-an@mail.ru","Робот не может дозвониться по номеру ".$_SERVER['SERVER_NAME'], "Ответ сервера: $r[0]"); - } - } - } else $msg = "Аккаунт заблокирован!"; - } else $msg="Аккаунт ещё не подтверждён."; - } else $msg="Этот номер телефона не зарегистрирован в JoyWork"; - } else $msg="Не заполнены поля формы!"; - return $msg; - } + } + } + } else $msg = "Аккаунт заблокирован!"; + } else $msg="Аккаунт ещё не подтверждён."; + } else $msg="Этот номер телефона не зарегистрирован в JoyWork"; + } else $msg="Не заполнены поля формы!"; + return $msg; + } - public function destroy_session() { + public function destroy_session() { - $_SESSION = array(); + $_SESSION = array(); - // If it's desired to kill the session, also delete the session cookie. - // Note: This will destroy the session, and not just the session data! - if (ini_get("session.use_cookies")) { - $params = session_get_cookie_params(); - setcookie(session_name(), '', time() - 42000, - $params["path"], $params["domain"], - $params["secure"], $params["httponly"] - ); - } + // If it's desired to kill the session, also delete the session cookie. + // Note: This will destroy the session, and not just the session data! + if (ini_get("session.use_cookies")) { + $params = session_get_cookie_params(); + setcookie(session_name(), '', time() - 42000, + $params["path"], $params["domain"], + $params["secure"], $params["httponly"] + ); + } - session_destroy(); - } + session_destroy(); + } - public function quit($msg = "", $useRedirect = true) { + public function quit($msg = "", $useRedirect = true) { - $this->destroy_session(); + $this->destroy_session(); $this->id = false; $this->manager = false; $this->agent = false; if ($useRedirect) - header("location:/index.php?msg=$msg"); + header("location:/index.php?msg=$msg"); } @@ -1338,30 +1395,30 @@ $webHookIn->check_send($dataWhook); $msg_user = ""; $agent = 0; $agency = 0; - $developer = 0; + $developer = 0; $adMenuVisible = 0; - $manager = 0; + $manager = 0; // ставим всем нормальный тариф сразу if ($post['type'] == 1) - { + { $agency = 1; - $manager = 1; + $manager = 1; $agent = 1; $tarif = 67; $adMenuVisible = 1; } - else if ($post['type'] == 3) - { - $developer = 1; + else if ($post['type'] == 3) + { + $developer = 1; $agent = 0; - $agency = 0; - $manager = 1; - $tarif = 107; - } - else - { - $agent = 1; + $agency = 0; + $manager = 1; + $tarif = 107; + } + else + { + $agent = 1; $tarif = 97; } @@ -1369,8 +1426,8 @@ $webHookIn->check_send($dataWhook); $new_tarif->get($tarif); $one_day_plus = $new_tarif->period + 1; - if (empty($post['fio'])) - $post['fio'] = trim(($post['last_name'] . " " . $post['first_name'] . " " . $post['middle_name'])); + if (empty($post['fio'])) + $post['fio'] = trim(($post['last_name'] . " " . $post['first_name'] . " " . $post['middle_name'])); try { $sql = "INSERT INTO @@ -1413,33 +1470,33 @@ $webHookIn->check_send($dataWhook); )"; mysql_query($sql); - $user_id = mysql_insert_id(); + $user_id = mysql_insert_id(); mysql_query("UPDATE users SET company_id = $user_id WHERE id = $user_id"); // письмо с шаблоном - /* $f1 = file("https://joywork.ru/template_mail/afterreg.html"); - $text = implode("", $f1); + /* $f1 = file("https://joywork.ru/template_mail/afterreg.html"); + $text = implode("", $f1); - mailClient($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text); + mailClient($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text); - mailClientFromJoywork("service@joywork.ru", "Новый пользователь на сайте JoyWork", - "Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']); + mailClientFromJoywork("service@joywork.ru", "Новый пользователь на сайте JoyWork", + "Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']); - mailClientFromJoywork("iganus@joywork.ru", "Новый пользователь на сайте JoyWork", - "Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']); - - */ - $agency_or_developer = $agency ? $agency : $developer; - $funnel = 0; - $fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); - $name_agent = ''; + mailClientFromJoywork("iganus@joywork.ru", "Новый пользователь на сайте JoyWork", + "Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']); + + */ + $agency_or_developer = $agency ? $agency : $developer; + $funnel = 0; + $fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); + $name_agent = ''; if($agency_or_developer){ - - if ($developer) - { - mysql_query( - "INSERT INTO `user_permissions` + + if ($developer) + { + mysql_query( + "INSERT INTO `user_permissions` ( user_id, menu_office, @@ -1488,51 +1545,51 @@ $webHookIn->check_send($dataWhook); 1, ) " - ); - } + ); + } $funnel = 118; - $name_agent = $post['agency_name']; - - } else { - $funnel = 1141; - $name_agent = $fio_jw; - } + $name_agent = $post['agency_name']; + + } else { + $funnel = 1141; + $name_agent = $fio_jw; + } + + //$fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); + + $sql_jw = "INSERT INTO clients SET phone='{$post['phone']}', ". + "fio = '{$name_agent}', email = '{$post['email']}', ". + "opis='{$fio_jw}', ". + "id_agent = 4, who_work = 0, ". + "date_add = NOW(), stage=1, confirm=0, funnel_id={$funnel}, `developer` = $developer"; + + if(mysql_query($sql_jw)){ + $id_cl = mysql_insert_id(); + $cl = new Clients(); + $cl->get_class_etap($id_cl, $funnel); + + $reg = mysql_fetch_assoc(mysql_query("SELECT name FROM rf_regions WHERE id=$post[region]")); + + $actyvites = mysql_fetch_assoc(mysql_query("SELECT id FROM activities WHERE user_id=4 AND name='".$reg['name']."'")); + if(isset($actyvites['id'])){ + + mysql_query("INSERT INTO clients_activities (activity_id, client_id) VALUES ({$actyvites['id']}, {$id_cl})"); + } + $comment = "Новый пользователь - " . ($agency_or_developer ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']; + + $newTime = date("Y-m-d H:i:s", strtotime('+30 minutes')); + $sql_in_ev = "INSERT INTO user_client_events (user_id, client_id, create_date, schedule_date, `type`, comment, calendar_view, from_id) ". + "VALUES (4, {$id_cl}, '".date('Y-m-d H:i:s')."', '".$newTime."', 'call', '".$comment."', 0, 4)"; + + mysql_query($sql_in_ev); + } - //$fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); - - $sql_jw = "INSERT INTO clients SET phone='{$post['phone']}', ". - "fio = '{$name_agent}', email = '{$post['email']}', ". - "opis='{$fio_jw}', ". - "id_agent = 4, who_work = 0, ". - "date_add = NOW(), stage=1, confirm=0, funnel_id={$funnel}, `developer` = $developer"; - - if(mysql_query($sql_jw)){ - $id_cl = mysql_insert_id(); - $cl = new Clients(); - $cl->get_class_etap($id_cl, $funnel); - - $reg = mysql_fetch_assoc(mysql_query("SELECT name FROM rf_regions WHERE id=$post[region]")); - - $actyvites = mysql_fetch_assoc(mysql_query("SELECT id FROM activities WHERE user_id=4 AND name='".$reg['name']."'")); - if(isset($actyvites['id'])){ - - mysql_query("INSERT INTO clients_activities (activity_id, client_id) VALUES ({$actyvites['id']}, {$id_cl})"); - } - $comment = "Новый пользователь - " . ($agency_or_developer ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']; - - $newTime = date("Y-m-d H:i:s", strtotime('+30 minutes')); - $sql_in_ev = "INSERT INTO user_client_events (user_id, client_id, create_date, schedule_date, `type`, comment, calendar_view, from_id) ". - "VALUES (4, {$id_cl}, '".date('Y-m-d H:i:s')."', '".$newTime."', 'call', '".$comment."', 0, 4)"; - - mysql_query($sql_in_ev); - } - require_once($_SERVER['DOCUMENT_ROOT'] . "/engine/mobilGroupApi.php"); $_SESSION['sms'] = $code_sms = ok_code($post["phone"]); - + $r = sendCode($post["phone"], $code_sms); - $phone = $post['phone']; + $phone = $post['phone']; if ($r[1] > 0) { header("location:index.php?phone=$phone"); } else { @@ -1543,68 +1600,68 @@ $webHookIn->check_send($dataWhook); $msg_user .= "Выброшено исключение: " . $e->getMessage(); } - $this->get($user_id); - $this->getNewUserPackages(); + $this->get($user_id); + $this->getNewUserPackages(); - $status_text = "\nагент. ФИО: "; + $status_text = "\nагент. ФИО: "; - if ($agency) - { - $status_text = "агентство $post[agency_name]. "; - } - else if ($developer) - { - $status_text = "\nзастройщик. $post[agency_name] ФИО: "; - } + if ($agency) + { + $status_text = "агентство $post[agency_name]. "; + } + else if ($developer) + { + $status_text = "\nзастройщик. $post[agency_name] ФИО: "; + } - $text_reg = ""; - $text_reg .= "Новый пользователь на сайте JoyWork"; - $text_reg .= "\nЗарегистрирован новый пользователь - " - . ($status_text . trim($post['last_name'] - . ' ' - . $post['first_name'] - . ' ' - . $post['middle_name']) - . ". ") - . "\nEmail: " - . $post['email'] - . ".\nТелефон: " - . $post['phone']; - - $tel = new Telegram(false); - $max = new MaxClass(); + $text_reg = ""; + $text_reg .= "Новый пользователь на сайте JoyWork"; + $text_reg .= "\nЗарегистрирован новый пользователь - " + . ($status_text . trim($post['last_name'] + . ' ' + . $post['first_name'] + . ' ' + . $post['middle_name']) + . ". ") + . "\nEmail: " + . $post['email'] + . ".\nТелефон: " + . $post['phone']; - $chatId = 255183898; - try{ - $tel->send($text_reg, $chatId); - } catch (Exception $e) { - //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage(); - } + $tel = new Telegram(false); + $max = new MaxClass(); - $max_user_id = 125565439; - try{ - $max->send_messages_to_user($max_user_id, $text_reg); + $chatId = 255183898; + try{ + $tel->send($text_reg, $chatId); + } catch (Exception $e) { + //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage(); + } - } catch (Exception $e){} + $max_user_id = 125565439; + try{ + $max->send_messages_to_user($max_user_id, $text_reg); - $chatId = 1313658538; - try{ - $tel->send($text_reg, $chatId); - } catch (Exception $e) { - //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage(); - } - $max_user_id = 238784061; - try{ - $max->send_messages_to_user($max_user_id, $text_reg); + } catch (Exception $e){} - } catch (Exception $e){} + $chatId = 1313658538; + try{ + $tel->send($text_reg, $chatId); + } catch (Exception $e) { + //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage(); + } + $max_user_id = 238784061; + try{ + $max->send_messages_to_user($max_user_id, $text_reg); - $chatId = 161649599; - try{ - $tel->send($text_reg, $chatId); - } catch (Exception $e) { - //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage(); - } + } catch (Exception $e){} + + $chatId = 161649599; + try{ + $tel->send($text_reg, $chatId); + } catch (Exception $e) { + //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage(); + } } else $msg_user = "Пользователь с таким номером телефона уже существует."; @@ -1614,316 +1671,316 @@ $webHookIn->check_send($dataWhook); } else $msg_user = "Не указан адрес электронной почты."; //} - return $msg_user; + return $msg_user; } - public function remind_pass($post) { + public function remind_pass($post) { - $msg = 0; + $msg = 0; - if(!empty($post['email'])) // проверяем обязательные поля + if(!empty($post['email'])) // проверяем обязательные поля - { + { - $sql="SELECT * FROM users WHERE email='$post[email]'"; + $sql="SELECT * FROM users WHERE email='$post[email]'"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - if(mysql_num_rows($rez)) + if(mysql_num_rows($rez)) - { + { - $users=mysql_fetch_array($rez); + $users=mysql_fetch_array($rez); - $pwd = generatePass(); + $pwd = generatePass(); - $pwd_enc = md5($pwd.SALT); + $pwd_enc = md5($pwd.SALT); - $sql = "UPDATE users SET pwd='$pwd_enc' WHERE id=$users[id]"; + $sql = "UPDATE users SET pwd='$pwd_enc' WHERE id=$users[id]"; - mysql_query($sql); + mysql_query($sql); - mailClient($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],"Ваш новый пароль: $pwd"); + mailClient($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],"Ваш новый пароль: $pwd"); - header("location:remind_pass.php?success=1"); + header("location:remind_pass.php?success=1"); - } else $msg="Неверный адрес почты!"; + } else $msg="Неверный адрес почты!"; - } else $msg="Не заполнены поля формы!"; + } else $msg="Не заполнены поля формы!"; - return $msg; + return $msg; - } + } - public function change_pwd($post) { + public function change_pwd($post) { - $msg = 0; + $msg = 0; - if(!empty($post['pwd']) and !empty($post['old_pwd']) and !empty($post['pwd2'])) + if(!empty($post['pwd']) and !empty($post['old_pwd']) and !empty($post['pwd2'])) - { + { - $sql="SELECT * FROM users WHERE id='$_SESSION[id]'"; + $sql="SELECT * FROM users WHERE id='$_SESSION[id]'"; - $rez=mysql_query($sql); + $rez=mysql_query($sql); - if($users=mysql_fetch_assoc($rez)) + if($users=mysql_fetch_assoc($rez)) - { + { - if(md5($post['old_pwd'].SALT)==$users['pwd']) + if(md5($post['old_pwd'].SALT)==$users['pwd']) - { + { - if($post['pwd']==$post['pwd2']) + if($post['pwd']==$post['pwd2']) - { + { - $pwd = md5($post['pwd'].SALT); + $pwd = md5($post['pwd'].SALT); - $sql = "UPDATE users SET pwd='$pwd' WHERE id=$_SESSION[id]"; + $sql = "UPDATE users SET pwd='$pwd' WHERE id=$_SESSION[id]"; - mysql_query($sql); + mysql_query($sql); - $f1=file("https://joywork.ru/template_mail/changepassword.html"); - $text = implode("",$f1); + $f1=file("https://joywork.ru/template_mail/changepassword.html"); + $text = implode("",$f1); - $text = str_replace("<%login%>", $users['phone'], $text); - $text = str_replace("<%pass%>", $post['pwd'], $text); + $text = str_replace("<%login%>", $users['phone'], $text); + $text = str_replace("<%pass%>", $post['pwd'], $text); - mailClientFromJoywork($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],$text); + mailClientFromJoywork($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],$text); - header("location:settings.php?success=ok"); + header("location:settings.php?success=ok"); - } else $msg="Пароль и подтверждение пароля не совпадают!"; + } else $msg="Пароль и подтверждение пароля не совпадают!"; - } else $msg="Неверный пароль!"; + } else $msg="Неверный пароль!"; - } else $msg="Пользователь не существует!"; + } else $msg="Пользователь не существует!"; - } else $msg="Не заполнены поля формы!"; + } else $msg="Не заполнены поля формы!"; - return $msg; + return $msg; - } + } - public function edit($post) { + public function edit($post) { - $postf=clearInputData($_POST); + $postf=clearInputData($_POST); - $postf['txt'] = strip_tags(mysql_real_escape_string($post['txt'])); + $postf['txt'] = strip_tags(mysql_real_escape_string($post['txt'])); - $post['agency_name'] = htmlspecialchars($post['agency_name']); - $post['first_name'] = htmlspecialchars($post['first_name']); - $post['last_name'] = htmlspecialchars($post['last_name']); - $post['middle_name'] = htmlspecialchars($post['middle_name']); - $post['is_dispatcher'] = 0; - if(isset($post['vpbx_id'])){ - if($post['vpbx_id'] == $post['phone']){ - $post['is_dispatcher'] = 1; - } - } else { - $post['vpbx_id'] = ""; - } + $post['agency_name'] = htmlspecialchars($post['agency_name']); + $post['first_name'] = htmlspecialchars($post['first_name']); + $post['last_name'] = htmlspecialchars($post['last_name']); + $post['middle_name'] = htmlspecialchars($post['middle_name']); + $post['is_dispatcher'] = 0; + if(isset($post['vpbx_id'])){ + if($post['vpbx_id'] == $post['phone']){ + $post['is_dispatcher'] = 1; + } + } else { + $post['vpbx_id'] = ""; + } - $this->edit_api_ids($post, $_SESSION['id']); - $gmtmsk = 0; - if(isset($post['utc_edit'])){ - $gmtmsk = $post['utc_edit'] - 3; - } - - - if ($_SESSION['individual'] == 1) { - $sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', txt='$postf[txt]', email='".trim($post['email'])."', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]"; - } else { - $sql = "SELECT * FROM users WHERE phone='$post[phone]' and id <> $_SESSION[id]"; + $this->edit_api_ids($post, $_SESSION['id']); + $gmtmsk = 0; + if(isset($post['utc_edit'])){ + $gmtmsk = $post['utc_edit'] - 3; + } - $rez = mysql_query($sql); - if (mysql_num_rows($rez) > 0) { - return "Пользователь с таким номером телефона уже существует."; - } else { - $sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', phone='$post[phone]', phone2='$post[phone2_user]', txt='$postf[txt]', email='" . trim($post['email']) . "', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]"; - } - - if($post['all_update_utc']){ - $agency_id = $this->getAgencyIdForUser($_SESSION['id']); - $usersIds[] = $agency_id; - $sql_users = "SELECT id FROM users WHERE id in (select id from users where id=$agency_id or id_manager=$agency_id or id_manager in + if ($_SESSION['individual'] == 1) { + $sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', txt='$postf[txt]', email='".trim($post['email'])."', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]"; + } else { + $sql = "SELECT * FROM users WHERE phone='$post[phone]' and id <> $_SESSION[id]"; + + $rez = mysql_query($sql); + + if (mysql_num_rows($rez) > 0) { + return "Пользователь с таким номером телефона уже существует."; + } else { + $sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', phone='$post[phone]', phone2='$post[phone2_user]', txt='$postf[txt]', email='" . trim($post['email']) . "', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]"; + } + + if($post['all_update_utc']){ + $agency_id = $this->getAgencyIdForUser($_SESSION['id']); + $usersIds[] = $agency_id; + $sql_users = "SELECT id FROM users WHERE id in (select id from users where id=$agency_id or id_manager=$agency_id or id_manager in (select id from users where id_manager=$agency_id or id_manager in (select id from users where id_manager=$agency_id)))"; - $q_users = mysql_query($sql_users); - while($r_users = mysql_fetch_assoc($q_users)){ - $usersIds[] = (int)$r_users['id']; - } - if(!empty($usersIds)) { - $sqlAll = "UPDATE users SET gmtmsk = '$gmtmsk' WHERE id in (".implode(',',$usersIds).")"; - } - } - } + $q_users = mysql_query($sql_users); + while($r_users = mysql_fetch_assoc($q_users)){ + $usersIds[] = (int)$r_users['id']; + } + if(!empty($usersIds)) { + $sqlAll = "UPDATE users SET gmtmsk = '$gmtmsk' WHERE id in (".implode(',',$usersIds).")"; + } + } + } - if (mysql_query($sql)) { - if(isset($sqlAll)){ - mysql_query($sqlAll); - - } - $sqlNewObjUser = "SELECT * FROM users WHERE id=$_SESSION[id]"; - $rezNewObjUser = mysql_query($sqlNewObjUser); - $newObjUser = mysql_fetch_assoc($rezNewObjUser); + if (mysql_query($sql)) { + if(isset($sqlAll)){ + mysql_query($sqlAll); - $sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); - if ($newObjUser['agency'] == 0) { - $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]"; - $rez=mysql_query($sql); - $manager = mysql_fetch_assoc($rez); + } + $sqlNewObjUser = "SELECT * FROM users WHERE id=$_SESSION[id]"; + $rezNewObjUser = mysql_query($sqlNewObjUser); + $newObjUser = mysql_fetch_assoc($rezNewObjUser); - if ($manager['id_manager']) { - $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); - } else { - $agency = $manager; - } - if ($agency) { - $sobstv = $sobstv . ", агентство " . $agency['agency_name']; - } - } + $sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); + if ($newObjUser['agency'] == 0) { + $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]"; + $rez=mysql_query($sql); + $manager = mysql_fetch_assoc($rez); - if ($_SESSION['agency']) { - if (!isset($post['on_agency_any_ip'])) { - $post['on_agency_any_ip'] = 0; - } - $check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $_SESSION[id]"; - $check_permissions_result = mysql_query($check_permissions_sql); + if ($manager['id_manager']) { + $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); + } else { + $agency = $manager; + } + if ($agency) { + $sobstv = $sobstv . ", агентство " . $agency['agency_name']; + } + } - if (mysql_num_rows($check_permissions_result) > 0) { - $sql_update_permissions = "UPDATE user_permissions SET allow_any_ip = '$post[on_agency_any_ip]' WHERE user_id=$_SESSION[id]"; - mysql_query($sql_update_permissions); - } else { - $permissions = [ - $_SESSION['id'], - 1, 1, 1, - 1, 1, - 1, - 1, 1, 1, 1, - 1, 1, 1, 1, - 1, 1, 1, - 0, // комплексы выключены - 1, - 1, - 1, - $post['on_agency_any_ip'] ? 1 : 0 - ]; + if ($_SESSION['agency']) { + if (!isset($post['on_agency_any_ip'])) { + $post['on_agency_any_ip'] = 0; + } + $check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $_SESSION[id]"; + $check_permissions_result = mysql_query($check_permissions_sql); - $values_str = implode(',', $permissions); + if (mysql_num_rows($check_permissions_result) > 0) { + $sql_update_permissions = "UPDATE user_permissions SET allow_any_ip = '$post[on_agency_any_ip]' WHERE user_id=$_SESSION[id]"; + mysql_query($sql_update_permissions); + } else { + $permissions = [ + $_SESSION['id'], + 1, 1, 1, + 1, 1, + 1, + 1, 1, 1, 1, + 1, 1, 1, 1, + 1, 1, 1, + 0, // комплексы выключены + 1, + 1, + 1, + $post['on_agency_any_ip'] ? 1 : 0 + ]; - $insert_sql = "INSERT INTO user_permissions + $values_str = implode(',', $permissions); + + $insert_sql = "INSERT INTO user_permissions (user_id, menu_office, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit, menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export, menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export, menu_partners, menu_docs, menu_settings, menu_complexes, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others, allow_any_ip) VALUES ($values_str)"; - mysql_query($insert_sql); - } + mysql_query($insert_sql); + } - } + } - //обновляем объекты пользователя - $phone = $post['phone']; - - $sqlUpdateObj = "UPDATE objects SET is_main = 0, phone = '$phone', sobstv = '$sobstv' WHERE id_add_user=$_SESSION[id]"; - mysql_query($sqlUpdateObj); + //обновляем объекты пользователя + $phone = $post['phone']; - $_SESSION['fio'] = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); - $_SESSION['agency_name'] = $post['agency_name']; - $_SESSION['first_name'] = $post['first_name']; - $_SESSION['last_name'] = $post['last_name']; - $_SESSION['middle_name'] = $post['middle_name']; - } + $sqlUpdateObj = "UPDATE objects SET is_main = 0, phone = '$phone', sobstv = '$sobstv' WHERE id_add_user=$_SESSION[id]"; + mysql_query($sqlUpdateObj); - header("location:settings.php?success2=ok"); + $_SESSION['fio'] = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); + $_SESSION['agency_name'] = $post['agency_name']; + $_SESSION['first_name'] = $post['first_name']; + $_SESSION['last_name'] = $post['last_name']; + $_SESSION['middle_name'] = $post['middle_name']; + } - } + header("location:settings.php?success2=ok"); - public function edit_api_ids($post, $user_id) { - $id=0; - $sql = "SELECT * FROM user_api_keys WHERE user_id = {$user_id}"; - $q = mysql_query($sql); - if(mysql_num_rows($q) == 0){ - $id = $this->gen_token($user_id); - } else { - - $apis = mysql_fetch_assoc($q); - $id = $apis['id']; - } - if($id > 0){ - $cian_id = (int)$post['cian_id']; - $avito_id = (int)str_replace(' ', '', $post['avito_id']); - $is_all_cian = 0; - if($post['is_all_cian']){ - $is_all_cian = (int)$post['is_all_cian']; - } - $is_all_avito = 0; - if($post['is_all_avito']){ - $is_all_avito = (int)$post['is_all_avito']; - } - $is_id_object = 0; - if($post['is_id_object']){ - $is_id_object = (int)$post['is_id_object']; - } + } - $is_id_object_cian = 0; - if($post['is_id_object_cian']){ - $is_id_object_cian = (int)$post['is_id_object_cian']; - } - - $sql_up = "UPDATE user_api_keys SET cian_id = {$cian_id}, avito_id = {$avito_id}, is_all_cian={$is_all_cian}, is_all_avito={$is_all_avito}, is_id_object={$is_id_object}, is_id_object_cian={$is_id_object_cian} WHERE id = {$id}"; - mysql_query($sql_up); - } - } + public function edit_api_ids($post, $user_id) { + $id=0; + $sql = "SELECT * FROM user_api_keys WHERE user_id = {$user_id}"; + $q = mysql_query($sql); + if(mysql_num_rows($q) == 0){ + $id = $this->gen_token($user_id); + } else { + + $apis = mysql_fetch_assoc($q); + $id = $apis['id']; + } + if($id > 0){ + $cian_id = (int)$post['cian_id']; + $avito_id = (int)str_replace(' ', '', $post['avito_id']); + $is_all_cian = 0; + if($post['is_all_cian']){ + $is_all_cian = (int)$post['is_all_cian']; + } + $is_all_avito = 0; + if($post['is_all_avito']){ + $is_all_avito = (int)$post['is_all_avito']; + } + $is_id_object = 0; + if($post['is_id_object']){ + $is_id_object = (int)$post['is_id_object']; + } + + $is_id_object_cian = 0; + if($post['is_id_object_cian']){ + $is_id_object_cian = (int)$post['is_id_object_cian']; + } + + $sql_up = "UPDATE user_api_keys SET cian_id = {$cian_id}, avito_id = {$avito_id}, is_all_cian={$is_all_cian}, is_all_avito={$is_all_avito}, is_id_object={$is_id_object}, is_id_object_cian={$is_id_object_cian} WHERE id = {$id}"; + mysql_query($sql_up); + } + } public function edit_vk($postUi) { - $post=clearInputData($postUi); + $post=clearInputData($postUi); - $flag = isset($post['vkFromGroup']) ? 1 : 0; + $flag = isset($post['vkFromGroup']) ? 1 : 0; - $sql = "UPDATE users SET vk_group_id='$post[vkGroup]', vk_post_as_group=$flag WHERE id=$_SESSION[id]"; + $sql = "UPDATE users SET vk_group_id='$post[vkGroup]', vk_post_as_group=$flag WHERE id=$_SESSION[id]"; - mysql_query($sql); + mysql_query($sql); - header("location:settings.php?success2=ok"); + header("location:settings.php?success2=ok"); } public function edit_zipal($postUi) { - $post=clearInputData($postUi); + $post=clearInputData($postUi); - $sql = "UPDATE users SET zipal_login='$post[zipalLogin]', zipal_password='$post[zipalPass]' WHERE id=$_SESSION[id]"; + $sql = "UPDATE users SET zipal_login='$post[zipalLogin]', zipal_password='$post[zipalPass]' WHERE id=$_SESSION[id]"; - mysql_query($sql); + mysql_query($sql); - header("location:settings.php?success2=ok"); + header("location:settings.php?success2=ok"); } public function edit_jcat($postUi) { - $post=clearInputData($postUi); + $post=clearInputData($postUi); - $sql = "UPDATE users SET jcat_api_key='$post[jcatApiKey]' WHERE id=$_SESSION[id]"; + $sql = "UPDATE users SET jcat_api_key='$post[jcatApiKey]' WHERE id=$_SESSION[id]"; - mysql_query($sql); + mysql_query($sql); - header("location:settings.php?success2=ok"); + header("location:settings.php?success2=ok"); } - + public function set_blocked($block, $id) { $id = (int)$id; @@ -1940,17 +1997,17 @@ $webHookIn->check_send($dataWhook); $user = mysql_fetch_assoc($result); if (!$user) die("Пользователь не найден"); - $agencyId = self::getUserAgencyID($id); - $action = ($block == 1) ? "employee_block" : "employee_unblock"; - $dataWhook = array('action'=>$action, 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agencyId); + $agencyId = self::getUserAgencyID($id); + $action = ($block == 1) ? "employee_block" : "employee_unblock"; + $dataWhook = array('action'=>$action, 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agencyId); + + $w_in = new WebHookIn(null, $agencyId); + $w_in->check_send($dataWhook); - $w_in = new WebHookIn(null, $agencyId); - $w_in->check_send($dataWhook); - // Если статус меняется на "разблокирован" и пользователь — агент (не менеджер) if ($block == 0 && !$user['manager']) { - + if ($agencyId) { mysql_query("UPDATE users SET id_manager = $agencyId WHERE id = $id") or die("Ошибка обновления id_manager: " . mysql_error()); @@ -2019,248 +2076,248 @@ $webHookIn->check_send($dataWhook); - /*public function set_moder($id,$mdb) { + /*public function set_moder($id,$mdb) { - $sql="UPDATE users SET moder=1 WHERE id=$id"; + $sql="UPDATE users SET moder=1 WHERE id=$id"; - mysql_query($sql,$mdb); + mysql_query($sql,$mdb); - $sql="SELECT * FROM users WHERE id=$id"; + $sql="SELECT * FROM users WHERE id=$id"; - $rez=mysql_query($sql,$mdb); + $rez=mysql_query($sql,$mdb); - $users=mysql_fetch_assoc($rez); + $users=mysql_fetch_assoc($rez); - mailClient($users['email'],"Аккаунт на сайте ".$_SERVER['SERVER_NAME'],"Ваш аккаунт был подтверждён администратором ресурса. Вы можете начать пользоваться системой."); + mailClient($users['email'],"Аккаунт на сайте ".$_SERVER['SERVER_NAME'],"Ваш аккаунт был подтверждён администратором ресурса. Вы можете начать пользоваться системой."); - }*/ + }*/ - public function set_manager($id_mngr, $id_user) { + public function set_manager($id_mngr, $id_user) { - $id_agency = $_SESSION['id']; + $id_agency = $_SESSION['id']; - $curUser = new User; + $curUser = new User; - $curUser->checkPermissions(); + $curUser->checkPermissions(); - if ($_SESSION['users_admin']) { - $id_agency = $curUser->agencyId; - } + if ($_SESSION['users_admin']) { + $id_agency = $curUser->agencyId; + } - if($id_mngr == 0) // делаем юзера менеджером + if($id_mngr == 0) // делаем юзера менеджером - { + { - $sql = "UPDATE users SET manager=1, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id=$id_user"; + $sql = "UPDATE users SET manager=1, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id=$id_user"; - mysql_query($sql); + mysql_query($sql); - } elseif($id_mngr == -1) // разжаловать и сбросить всех агентов + } elseif($id_mngr == -1) // разжаловать и сбросить всех агентов - { - $id_agency = $curUser->agencyId; - $sql = "UPDATE users SET manager=0, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id_manager=$id_user OR id=$id_user"; + { + $id_agency = $curUser->agencyId; + $sql = "UPDATE users SET manager=0, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id_manager=$id_user OR id=$id_user"; - mysql_query($sql); + mysql_query($sql); - } else // установить агенту менеджера + } else // установить агенту менеджера - { + { - $sql = "UPDATE users SET id_manager=$id_mngr, photo='$_SESSION[photo]' WHERE id=$id_user"; + $sql = "UPDATE users SET id_manager=$id_mngr, photo='$_SESSION[photo]' WHERE id=$id_user"; - mysql_query($sql); + mysql_query($sql); - } + } - //return $this->getMyManagers(); + //return $this->getMyManagers(); - } + } - public function set_role($roleId, $userId, $depId){ - $id_agency = $_SESSION['id']; + public function set_role($roleId, $userId, $depId){ + $id_agency = $_SESSION['id']; - $curUser = new User; + $curUser = new User; - $curUser->checkPermissions(); + $curUser->checkPermissions(); - if ($_SESSION['users_admin']) { - $id_agency = $curUser->agencyId; - } - $sql = "SELECT `id`, `role` FROM roles WHERE id = ".$roleId; - $q = mysql_query($sql); - $role = mysql_fetch_array($q); + if ($_SESSION['users_admin']) { + $id_agency = $curUser->agencyId; + } + $sql = "SELECT `id`, `role` FROM roles WHERE id = ".$roleId; + $q = mysql_query($sql); + $role = mysql_fetch_array($q); - if($role['role'] == 'agent'){ - $managerId = $id_agency; + if($role['role'] == 'agent'){ + $managerId = $id_agency; //Ищем менеджера отдела - $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND (role = 'admin_department' or role = 'manager') order by role"; + $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND (role = 'admin_department' or role = 'manager') order by role"; - $q_a = mysql_query($sql_a); - if(mysql_num_rows($q_a) > 0){ - while($r_a = mysql_fetch_assoc($q_a)){ + $q_a = mysql_query($sql_a); + if(mysql_num_rows($q_a) > 0){ + while($r_a = mysql_fetch_assoc($q_a)){ - $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1"; + $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1"; - $q_u = mysql_query($sql_u); - if(mysql_num_rows($q_u) > 0){ - $r_u = mysql_fetch_assoc($q_u); - $managerId = (int)$r_u['id']; - break; - } - } - } + $q_u = mysql_query($sql_u); + if(mysql_num_rows($q_u) > 0){ + $r_u = mysql_fetch_assoc($q_u); + $managerId = (int)$r_u['id']; + break; + } + } + } //Делаем пользователя агентом отдела - mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleId}, agent = 1, id_manager=$managerId, manager = 0 WHERE id = {$userId}"); + mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleId}, agent = 1, id_manager=$managerId, manager = 0 WHERE id = {$userId}"); //если пользователь был менеджером, то сбрасываем его пользователь к агенству - mysql_query("UPDATE users SET id_manager = {$id_agency}, department_id = 0, role_id = 0 WHERE id_manager = {$userId}"); - } else if($role['role'] == 'manager'){ + mysql_query("UPDATE users SET id_manager = {$id_agency}, department_id = 0, role_id = 0 WHERE id_manager = {$userId}"); + } else if($role['role'] == 'manager'){ //Поиск админа отдела - $menager_id = $id_agency; + $menager_id = $id_agency; //echo $menager_id; - $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1"; - $q_a = mysql_query($sql_a); - if(mysql_num_rows($q_a) > 0){ - $r_a = mysql_fetch_assoc($q_a); - $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1"; - //echo $sql_u; - $q_u = mysql_query($sql_u); - if(mysql_num_rows($q_u) > 0){ - $r_u = mysql_fetch_assoc($q_u); - $menager_id = (int)$r_u['id']; - } - } + $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1"; + $q_a = mysql_query($sql_a); + if(mysql_num_rows($q_a) > 0){ + $r_a = mysql_fetch_assoc($q_a); + $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1"; + //echo $sql_u; + $q_u = mysql_query($sql_u); + if(mysql_num_rows($q_u) > 0){ + $r_u = mysql_fetch_assoc($q_u); + $menager_id = (int)$r_u['id']; + } + } //Делаем пользователя менеджером отдела - $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 1, id_manager = {$menager_id} WHERE id = {$userId}"; + $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 1, id_manager = {$menager_id} WHERE id = {$userId}"; - mysql_query($sql_up); + mysql_query($sql_up); //Делаем всех пользователей этого менеджера агентами отдела - $sql = "SELECT `id` FROM roles WHERE department_id = {$depId} and role = 'agent'"; - $q = mysql_query($sql); - $roleBase = 0; - if(mysql_num_rows($q) > 0){ - $role = mysql_fetch_array($q); - $roleBase = $role['id']; - } - mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleBase} WHERE id_manager = {$userId} and manager = 0"); + $sql = "SELECT `id` FROM roles WHERE department_id = {$depId} and role = 'agent'"; + $q = mysql_query($sql); + $roleBase = 0; + if(mysql_num_rows($q) > 0){ + $role = mysql_fetch_array($q); + $roleBase = $role['id']; + } + mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleBase} WHERE id_manager = {$userId} and manager = 0"); //Делаем всех свободных сотрудников отдела агентами этого менеджера //mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND manager=0 AND (id_manager=0 or id_manager={$id_agency})");*/ - } else if($role['role'] == 'user_admin'){ + } else if($role['role'] == 'user_admin'){ //Делаем пользователя псевдо руководителем - mysql_query("UPDATE users SET users_admin = 1, department_id = {$depId}, role_id = {$roleId} WHERE id = {$userId}"); - } else if($role['role'] == 'admin_department'){ - mysql_query("UPDATE users SET department_id = {$depId}, manager = 1, id_manager = {$id_agency}, role_id = {$roleId} WHERE id = {$userId}"); + mysql_query("UPDATE users SET users_admin = 1, department_id = {$depId}, role_id = {$roleId} WHERE id = {$userId}"); + } else if($role['role'] == 'admin_department'){ + mysql_query("UPDATE users SET department_id = {$depId}, manager = 1, id_manager = {$id_agency}, role_id = {$roleId} WHERE id = {$userId}"); //Переводим всех менеджеров и агентов отдела, привязанных к руководителю, к админу - mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND id_manager = {$id_agency} AND id != {$userId}"); + mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND id_manager = {$id_agency} AND id != {$userId}"); - } else if($role['role'] == 'manager_office'){ + } else if($role['role'] == 'manager_office'){ //Поиск админа отдела - $menager_id = $id_agency; + $menager_id = $id_agency; //echo $menager_id; - $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1"; - $q_a = mysql_query($sql_a); - if(mysql_num_rows($q_a) > 0){ - $r_a = mysql_fetch_assoc($q_a); - $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1"; - //echo $sql_u; - $q_u = mysql_query($sql_u); - if(mysql_num_rows($q_u) > 0){ - $r_u = mysql_fetch_assoc($q_u); - $menager_id = (int)$r_u['id']; - } - } - //Делаем пользователя офис менеджером отдела - $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0, id_manager = {$menager_id} WHERE id = {$userId}"; + $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1"; + $q_a = mysql_query($sql_a); + if(mysql_num_rows($q_a) > 0){ + $r_a = mysql_fetch_assoc($q_a); + $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1"; + //echo $sql_u; + $q_u = mysql_query($sql_u); + if(mysql_num_rows($q_u) > 0){ + $r_u = mysql_fetch_assoc($q_u); + $menager_id = (int)$r_u['id']; + } + } + //Делаем пользователя офис менеджером отдела + $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0, id_manager = {$menager_id} WHERE id = {$userId}"; - mysql_query($sql_up); - } else if($role['role'] == 'manager_office_menager'){ - //Делаем пользователя офис менеджером наблюдателем отдела - $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0 WHERE id = {$userId}"; + mysql_query($sql_up); + } else if($role['role'] == 'manager_office_menager'){ + //Делаем пользователя офис менеджером наблюдателем отдела + $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0 WHERE id = {$userId}"; - mysql_query($sql_up); - } - } + mysql_query($sql_up); + } + } - public function getDepManagers($dep_id){ + public function getDepManagers($dep_id){ - if (!$dep_id) - return []; + if (!$dep_id) + return []; - $res = array(); - $sql = "SELECT * FROM users WHERE manager=1 AND department_id = {$dep_id}"; + $res = array(); + $sql = "SELECT * FROM users WHERE manager=1 AND department_id = {$dep_id}"; - $q = mysql_query($sql); - while($r = mysql_fetch_assoc($q)){ - $res[] = $r; - } - return $res; - } + $q = mysql_query($sql); + while($r = mysql_fetch_assoc($q)){ + $res[] = $r; + } + return $res; + } - public function settings_email() { + public function settings_email() { - $this->get($_SESSION['id']); + $this->get($_SESSION['id']); - $post=clearInputData($_POST); + $post=clearInputData($_POST); - $smtpSsl = $post['smtp_ssl']; + $smtpSsl = $post['smtp_ssl']; - $type = $post['type']; + $type = $post['type']; - if ($type != 5) { + if ($type != 5) { - $smtpSsl = "1"; + $smtpSsl = "1"; - } + } - $sql = "UPDATE users SET smtp_from='$post[smtp_from]', smtp_fromname='$post[smtp_fromname]', smtp='$post[smtp]', smtp_ssl='$smtpSsl', smtp_port='$post[smtp_port]', smtp_lg='$post[smtp_lg]', smtp_pwd='$post[smtp_pwd]' WHERE id=$_SESSION[id]"; + $sql = "UPDATE users SET smtp_from='$post[smtp_from]', smtp_fromname='$post[smtp_fromname]', smtp='$post[smtp]', smtp_ssl='$smtpSsl', smtp_port='$post[smtp_port]', smtp_lg='$post[smtp_lg]', smtp_pwd='$post[smtp_pwd]' WHERE id=$_SESSION[id]"; - mysql_query($sql); + mysql_query($sql); - $f1=file("https://joywork.ru/template_mail/changemailsettings.html"); - $text = implode("",$f1); + $f1=file("https://joywork.ru/template_mail/changemailsettings.html"); + $text = implode("",$f1); - $try = checkMail($this->email, "Тестовое письмо", $text); + $try = checkMail($this->email, "Тестовое письмо", $text); - if($try===true) $s=1; else $s=2; + if($try===true) $s=1; else $s=2; - $sql = "UPDATE users SET smtp_check='$s' WHERE id=$_SESSION[id]"; + $sql = "UPDATE users SET smtp_check='$s' WHERE id=$_SESSION[id]"; - mysql_query($sql); + mysql_query($sql); - if($s == 2) return "Ошибка отправки тестового письма на почту ".$this->email.". Проверьте настройки.
$try
Для успешной настройки почты обратитесь в службу поддержки по тел. +7 812 981 56 17"; + if($s == 2) return "Ошибка отправки тестового письма на почту ".$this->email.". Проверьте настройки.
$try
Для успешной настройки почты обратитесь в службу поддержки по тел. +7 812 981 56 17"; - else header("location:settings.php?success3=$s"); + else header("location:settings.php?success3=$s"); - } + } - public function add_agent($get) { - $msg_user = ''; - if (!empty($get['email'])) { - if(!empty($get['phone'])) { - $sql = "SELECT * FROM users WHERE phone='$get[phone]'"; + public function add_agent($get) { + $msg_user = ''; + if (!empty($get['email'])) { + if(!empty($get['phone'])) { + $sql = "SELECT * FROM users WHERE phone='$get[phone]'"; - $rez = mysql_query($sql); + $rez = mysql_query($sql); - if (mysql_num_rows($rez) == 0) { - $sql="INSERT INTO users(fio, email, phone, agency_name, first_name, last_name, middle_name, agent, moder, date_reg, id_manager) VALUES('$get[fio]', '$get[email]', '$get[phone]', '$get[agency_name]', '$get[first_name]', '$get[last_name]', '$get[middle_name]', '1', '1', NOW(), '$_SESSION[id]')"; + if (mysql_num_rows($rez) == 0) { + $sql="INSERT INTO users(fio, email, phone, agency_name, first_name, last_name, middle_name, agent, moder, date_reg, id_manager) VALUES('$get[fio]', '$get[email]', '$get[phone]', '$get[agency_name]', '$get[first_name]', '$get[last_name]', '$get[middle_name]', '1', '1', NOW(), '$_SESSION[id]')"; - mysql_query($sql); + mysql_query($sql); - mailClient($get['email'],"Регистрация на сайте ".$_SERVER['SERVER_NAME'],"Вы зарегистрированы на сайте ".$_SERVER['SERVER_NAME'].". Для входа используйте номер телефона $get[phone] и пароль в смс."); + mailClient($get['email'],"Регистрация на сайте ".$_SERVER['SERVER_NAME'],"Вы зарегистрированы на сайте ".$_SERVER['SERVER_NAME'].". Для входа используйте номер телефона $get[phone] и пароль в смс."); - } else $msg_user="Агент с таким номером телефона уже существует!"; - } else $msg_user="Не указан номер телефона!"; - } else $msg_user="Не указан E-Mail!"; + } else $msg_user="Агент с таким номером телефона уже существует!"; + } else $msg_user="Не указан номер телефона!"; + } else $msg_user="Не указан E-Mail!"; - return $msg_user; - } + return $msg_user; + } public function add_agent_with_password($post) { $msg_user = ''; @@ -2293,10 +2350,10 @@ $webHookIn->check_send($dataWhook); $pwd = generatePass(); $pwd_enc = md5($pwd . SALT); - if(isset($post['pass']) && ! empty(trim($post['pass']))){ - $pwd = trim($post['pass']); - $pwd_enc = md5($pwd . SALT); - } + if(isset($post['pass']) && ! empty(trim($post['pass']))){ + $pwd = trim($post['pass']); + $pwd_enc = md5($pwd . SALT); + } if (isset($post['is_dispatcher']) && $post['is_dispatcher'] == 1) { $vpbx_id = $post['phone']; @@ -2310,7 +2367,7 @@ $webHookIn->check_send($dataWhook); } } - $role_developer = (int)($post['role_developer'] ? $post['role_developer'] : 0); + $role_developer = (int)($post['role_developer'] ? $post['role_developer'] : 0); $agency_name = ""; if (!empty($post['agency_name'])) @@ -2435,7 +2492,7 @@ $webHookIn->check_send($dataWhook); if (!empty($post['passport_date'])) $passport_date = date("Y-m-d H:i:s", strtotime($post['passport_date'])); - $wa_enabled = (int)$post['wa_enabled']; + $wa_enabled = (int)$post['wa_enabled']; $sql2 = "INSERT INTO `users_info` ( user_id, passport_serial, @@ -2468,7 +2525,7 @@ $webHookIn->check_send($dataWhook); '$wa_enabled' )"; - mysql_query($sql2); + mysql_query($sql2); if (!($_FILES['avatar']['size'] == 0 && $_FILES['avatar']['error'] == 0)) { $curUser->setUserpic($user_id); @@ -2483,79 +2540,79 @@ $webHookIn->check_send($dataWhook); $text = str_replace("<%login%>", $post['phone'], $text); $text = str_replace("<%pass%>", $pwd, $text); - // mailClientFromJoywork($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text); + // mailClientFromJoywork($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text); - if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) { + if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) { - $advert_budget_total = 0; - if (isset($post['advert_budget_total'])) - $advert_budget_total = (double)$post['advert_budget_total']; + $advert_budget_total = 0; + if (isset($post['advert_budget_total'])) + $advert_budget_total = (double)$post['advert_budget_total']; - $advert_budget_personal = 0; - if (isset($post['advert_budget_personal'])) - $advert_budget_personal = $post['advert_budget_personal']; + $advert_budget_personal = 0; + if (isset($post['advert_budget_personal'])) + $advert_budget_personal = $post['advert_budget_personal']; - $advert_budget_avito = 0; - if (isset($post['advert_budget_avito'])) - $advert_budget_avito = (double)$post['advert_budget_avito']; + $advert_budget_avito = 0; + if (isset($post['advert_budget_avito'])) + $advert_budget_avito = (double)$post['advert_budget_avito']; - $advert_budget_cian = 0; - if (isset($post['advert_budget_cian'])) - $advert_budget_cian = (double)$post['advert_budget_cian']; + $advert_budget_cian = 0; + if (isset($post['advert_budget_cian'])) + $advert_budget_cian = (double)$post['advert_budget_cian']; - $advert_budget_domclick = 0; - if (isset($post['advert_budget_domclick'])) - $advert_budget_domclick = (double)$post['advert_budget_domclick']; + $advert_budget_domclick = 0; + if (isset($post['advert_budget_domclick'])) + $advert_budget_domclick = (double)$post['advert_budget_domclick']; - $advert_budget_jcat = 0; - if (isset($post['advert_budget_jcat'])) - $advert_budget_jcat = (double)$post['advert_budget_jcat']; + $advert_budget_jcat = 0; + if (isset($post['advert_budget_jcat'])) + $advert_budget_jcat = (double)$post['advert_budget_jcat']; - $advert_budget_yandex = 0; - if (isset($post['advert_budget_yandex'])) - $advert_budget_yandex = (double)$post['advert_budget_yandex']; + $advert_budget_yandex = 0; + if (isset($post['advert_budget_yandex'])) + $advert_budget_yandex = (double)$post['advert_budget_yandex']; - $advert_budget_avito_unlimited = 0; - if (isset($post['advert_budget_avito_unlimited'])) - $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited']; + $advert_budget_avito_unlimited = 0; + if (isset($post['advert_budget_avito_unlimited'])) + $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited']; - $advert_budget_cian_unlimited = 0; - if (isset($post['advert_budget_cian_unlimited'])) - $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited']; + $advert_budget_cian_unlimited = 0; + if (isset($post['advert_budget_cian_unlimited'])) + $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited']; - $advert_budget_domclick_unlimited = 0; - if (isset($post['advert_budget_domclick_unlimited'])) - $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited']; + $advert_budget_domclick_unlimited = 0; + if (isset($post['advert_budget_domclick_unlimited'])) + $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited']; - $advert_budget_jcat_unlimited = 0; - if (isset($post['advert_budget_jcat_unlimited'])) - $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited']; + $advert_budget_jcat_unlimited = 0; + if (isset($post['advert_budget_jcat_unlimited'])) + $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited']; - $advert_budget_yandex_unlimited = 0; - if (isset($post['advert_budget_yandex_unlimited'])) - $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited']; + $advert_budget_yandex_unlimited = 0; + if (isset($post['advert_budget_yandex_unlimited'])) + $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited']; - $advert_budgets = new AdvertBudgets(); - $advert_budgets->setAdvertBudget([ - 'user_id' => $user_id, - 'total' => $advert_budget_total, - 'personal' => $advert_budget_personal, - 'avito' => $advert_budget_avito, - 'avito_unlimited' => $advert_budget_avito_unlimited, - 'cian' => $advert_budget_cian, - 'cian_unlimited' => $advert_budget_cian_unlimited, - 'domclick' => $advert_budget_domclick, - 'domclick_unlimited' => $advert_budget_domclick_unlimited, - 'jcat' => $advert_budget_jcat, - 'jcat_unlimited' => $advert_budget_jcat_unlimited, - 'yandex' => $advert_budget_yandex, - 'yandex_unlimited' => $advert_budget_yandex_unlimited, - ]); - } + $advert_budgets = new AdvertBudgets(); + $advert_budgets->setAdvertBudget([ + 'user_id' => $user_id, + 'total' => $advert_budget_total, + 'personal' => $advert_budget_personal, + 'avito' => $advert_budget_avito, + 'avito_unlimited' => $advert_budget_avito_unlimited, + 'cian' => $advert_budget_cian, + 'cian_unlimited' => $advert_budget_cian_unlimited, + 'domclick' => $advert_budget_domclick, + 'domclick_unlimited' => $advert_budget_domclick_unlimited, + 'jcat' => $advert_budget_jcat, + 'jcat_unlimited' => $advert_budget_jcat_unlimited, + 'yandex' => $advert_budget_yandex, + 'yandex_unlimited' => $advert_budget_yandex_unlimited, + ]); + } - $dataWhook = array('action'=>'employee_create', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$sql_company_id); - $w_in = new WebHookIn(null, $sql_company_id); - $w_in->check_send($dataWhook); + $dataWhook = array('action'=>'employee_create', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$sql_company_id); + $w_in = new WebHookIn(null, $sql_company_id); + $w_in->check_send($dataWhook); } else $msg_user = mysql_error() . "Произошла ошибка при добавлении пользователя!"; } else $msg_user = "Агент с таким номером телефона уже существует!"; } else $msg_user = "Не указан номер телефона!"; @@ -2564,21 +2621,21 @@ $webHookIn->check_send($dataWhook); return $msg_user; } - public function edit_agent_password($post) - { - if(isset($post['new_password']) && !empty(trim($post['new_password']))){ - $pwd = trim($post['new_password']); - $pwd_enc = md5($pwd . SALT); + public function edit_agent_password($post) + { + if(isset($post['new_password']) && !empty(trim($post['new_password']))){ + $pwd = trim($post['new_password']); + $pwd_enc = md5($pwd . SALT); - $user_id = $post['user_id']; + $user_id = $post['user_id']; - $sql = "UPDATE users SET pwd = '{$pwd_enc}', is_pwd=1 WHERE id = $user_id"; + $sql = "UPDATE users SET pwd = '{$pwd_enc}', is_pwd=1 WHERE id = $user_id"; - mysql_query($sql); + mysql_query($sql); - return ["success" => true]; - } - } + return ["success" => true]; + } + } public function edit_agent_budget($post) { $user_id = (int)$post['ok_agent_id']; @@ -2681,53 +2738,53 @@ $webHookIn->check_send($dataWhook); return ['error' => $msg_user]; } - public function edit_agent($post) { - $msg_user = ''; - if (!empty($post['email'])) { - if (!empty($post['phone'])) { - if (!empty($post['last_name'])) { - if (!empty($post['first_name'])) { - $sql = "SELECT * FROM users WHERE phone='$post[phone]' AND id != $post[ok_agent_id]"; - $rez = mysql_query($sql); + public function edit_agent($post) { + $msg_user = ''; + if (!empty($post['email'])) { + if (!empty($post['phone'])) { + if (!empty($post['last_name'])) { + if (!empty($post['first_name'])) { + $sql = "SELECT * FROM users WHERE phone='$post[phone]' AND id != $post[ok_agent_id]"; + $rez = mysql_query($sql); - if (mysql_num_rows($rez) == 0) { + if (mysql_num_rows($rez) == 0) { - if (isset($post['is_dispatcher']) && $post['is_dispatcher'] == 1) { - $vpbx_id = $post['phone']; - $is_dis = 1; - } else { - $is_dis = 0; - if (!empty($post['vpbx_id'])) { - $vpbx_id = $post['vpbx_id']; - } else { - $vpbx_id = ""; - } - } + if (isset($post['is_dispatcher']) && $post['is_dispatcher'] == 1) { + $vpbx_id = $post['phone']; + $is_dis = 1; + } else { + $is_dis = 0; + if (!empty($post['vpbx_id'])) { + $vpbx_id = $post['vpbx_id']; + } else { + $vpbx_id = ""; + } + } - if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){ - $pwd = trim($post['pass-edit']); - $pwd_enc = md5($pwd . SALT); - } + if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){ + $pwd = trim($post['pass-edit']); + $pwd_enc = md5($pwd . SALT); + } - $advert_budget = null; - $user_id = (int)$post['ok_agent_id']; - $birthday = ""; - if (!empty($post['birthday'])) - $birthday = date("Y-m-d H:i:s", strtotime($post['birthday'])); - $gmtmsk = 0; - if(isset($post['utc-edit'])){ - $gmtmsk = $post['utc-edit'] - 3; - } + $advert_budget = null; + $user_id = (int)$post['ok_agent_id']; + $birthday = ""; + if (!empty($post['birthday'])) + $birthday = date("Y-m-d H:i:s", strtotime($post['birthday'])); + $gmtmsk = 0; + if(isset($post['utc-edit'])){ + $gmtmsk = $post['utc-edit'] - 3; + } - $agency_id = self::getUserAgencyID($_SESSION['id']); - $webHookIn = new WebHookIn(null, $agency_id); - - $is_send_webhook = $webHookIn->check_hook('employee_update', 'employee'); - if($is_send_webhook){ - $webHookIn->save_temp_employee($user_id); - } - - $sql = "UPDATE users + $agency_id = self::getUserAgencyID($_SESSION['id']); + $webHookIn = new WebHookIn(null, $agency_id); + + $is_send_webhook = $webHookIn->check_hook('employee_update', 'employee'); + if($is_send_webhook){ + $webHookIn->save_temp_employee($user_id); + } + + $sql = "UPDATE users SET email='$post[email]', phone='$post[phone]', agency_name='$post[agency_name]', @@ -2741,65 +2798,65 @@ $webHookIn->check_send($dataWhook); birthday='$birthday', gmtmsk = '$gmtmsk'"; - if (isset($pwd_enc)) { - $sql .= ", pwd = '{$pwd_enc}', is_pwd=1"; - } - $sql .= " WHERE id = $user_id"; + if (isset($pwd_enc)) { + $sql .= ", pwd = '{$pwd_enc}', is_pwd=1"; + } + $sql .= " WHERE id = $user_id"; - if (mysql_query($sql)) { - if($is_send_webhook){ - $dataWhook = array('action'=>'employee_update', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agency_id); - $webHookIn->check_send($dataWhook); - } + if (mysql_query($sql)) { + if($is_send_webhook){ + $dataWhook = array('action'=>'employee_update', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agency_id); + $webHookIn->check_send($dataWhook); + } - $this->edit_api_ids($post, $user_id); + $this->edit_api_ids($post, $user_id); - $sqlNewObjUser = "SELECT * FROM users WHERE id=$user_id"; - $rezNewObjUser = mysql_query($sqlNewObjUser); - $newObjUser = mysql_fetch_assoc($rezNewObjUser); + $sqlNewObjUser = "SELECT * FROM users WHERE id=$user_id"; + $rezNewObjUser = mysql_query($sqlNewObjUser); + $newObjUser = mysql_fetch_assoc($rezNewObjUser); - $phone = $post['phone']; + $phone = $post['phone']; - $num_search = User::num_search($post['phone']); - $sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); + $num_search = User::num_search($post['phone']); + $sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); - if ($newObjUser['agency'] == 0) { - $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]"; - $rez=mysql_query($sql); - $manager = mysql_fetch_assoc($rez); + if ($newObjUser['agency'] == 0) { + $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]"; + $rez=mysql_query($sql); + $manager = mysql_fetch_assoc($rez); - if($manager['id_manager']) { - $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); - } else { - $agency = $manager; - } - if ($agency) { - $sobstv = $sobstv . ", агентство " . $agency['agency_name']; - } - } + if($manager['id_manager']) { + $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); + } else { + $agency = $manager; + } + if ($agency) { + $sobstv = $sobstv . ", агентство " . $agency['agency_name']; + } + } - //обновляем объекты пользователя - $sql = "UPDATE objects SET is_main = 0, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$user_id"; - mysql_query($sql); + //обновляем объекты пользователя + $sql = "UPDATE objects SET is_main = 0, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$user_id"; + mysql_query($sql); - $this->agency_name = $post['agency_name']; - $this->last_name = $post['last_name']; - $this->first_name = $post['first_name']; - $this->middle_name = $post['middle_name']; - $this->phone = $post['phone']; - $this->email = $post['email']; - $this->birthday = $birthday; + $this->agency_name = $post['agency_name']; + $this->last_name = $post['last_name']; + $this->first_name = $post['first_name']; + $this->middle_name = $post['middle_name']; + $this->phone = $post['phone']; + $this->email = $post['email']; + $this->birthday = $birthday; - $passport_date = "NULL"; - if (!empty($post['passport_date'])) - $passport_date = date("Y-m-d H:i:s", strtotime($post['passport_date'])); + $passport_date = "NULL"; + if (!empty($post['passport_date'])) + $passport_date = date("Y-m-d H:i:s", strtotime($post['passport_date'])); - $wa_enabled = (int)$post['wa_enabled']; + $wa_enabled = (int)$post['wa_enabled']; - $sql1 = "SELECT count(id) FROM `users_info` WHERE user_id = $user_id"; - $rez = mysql_query($sql1); - if (mysql_result($rez,0)) { - $sql2 = "UPDATE `users_info` + $sql1 = "SELECT count(id) FROM `users_info` WHERE user_id = $user_id"; + $rez = mysql_query($sql1); + if (mysql_result($rez,0)) { + $sql2 = "UPDATE `users_info` SET passport_serial='$post[passport_serial]', passport_number='$post[passport_number]', passport_date='$passport_date', @@ -2814,8 +2871,8 @@ $webHookIn->check_send($dataWhook); soc_wa='$post[soc_wa]', wa_enabled='$wa_enabled' WHERE user_id = $user_id"; - } else { - $sql2 = "INSERT INTO `users_info` ( + } else { + $sql2 = "INSERT INTO `users_info` ( user_id, passport_serial, passport_number, @@ -2846,106 +2903,106 @@ $webHookIn->check_send($dataWhook); '$post[soc_wa]', '$wa_enabled' )"; - } + } - mysql_query($sql2); + mysql_query($sql2); - if (!($_FILES['avatar']['size'] == 0 && $_FILES['avatar']['error'] == 0)) { - if ($user_logo = $this->setUserpic($user_id)) - if ($user_logo) { - $this->user_logo = $this->_serverUserpicPath . '/' . $user_logo; - } - } else { - $user_logo = mysql_fetch_assoc(mysql_query("SELECT user_logo FROM users WHERE id=$user_id"))['user_logo']; - if ($user_logo) { - $this->user_logo = $this->_serverUserpicPath . '/' . $user_logo; - } - } + if (!($_FILES['avatar']['size'] == 0 && $_FILES['avatar']['error'] == 0)) { + if ($user_logo = $this->setUserpic($user_id)) + if ($user_logo) { + $this->user_logo = $this->_serverUserpicPath . '/' . $user_logo; + } + } else { + $user_logo = mysql_fetch_assoc(mysql_query("SELECT user_logo FROM users WHERE id=$user_id"))['user_logo']; + if ($user_logo) { + $this->user_logo = $this->_serverUserpicPath . '/' . $user_logo; + } + } - if (!($_FILES['files']['size'] == 0 && $_FILES['files']['error'] == 0)) { - if ($files = $this->uploadFiles($user_id)) { - $this->files = $files; - } - } + if (!($_FILES['files']['size'] == 0 && $_FILES['files']['error'] == 0)) { + if ($files = $this->uploadFiles($user_id)) { + $this->files = $files; + } + } - if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){ - $pwd = trim($post['pass-edit']); - $pwd_enc = md5($pwd . SALT); - } + if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){ + $pwd = trim($post['pass-edit']); + $pwd_enc = md5($pwd . SALT); + } - //отключаем, так как по отдельной кнопке обновляем - /*if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) { + //отключаем, так как по отдельной кнопке обновляем + /*if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) { - $advert_budget_total = 0; - if (isset($post['advert_budget_total'])) - $advert_budget_total = (double)$post['advert_budget_total']; + $advert_budget_total = 0; + if (isset($post['advert_budget_total'])) + $advert_budget_total = (double)$post['advert_budget_total']; - $advert_budget_personal = 0; - if (isset($post['advert_budget_personal'])) - $advert_budget_personal = $post['advert_budget_personal']; + $advert_budget_personal = 0; + if (isset($post['advert_budget_personal'])) + $advert_budget_personal = $post['advert_budget_personal']; - $advert_budget_avito = 0; - if (isset($post['advert_budget_avito'])) - $advert_budget_avito = (double)$post['advert_budget_avito']; + $advert_budget_avito = 0; + if (isset($post['advert_budget_avito'])) + $advert_budget_avito = (double)$post['advert_budget_avito']; - $advert_budget_cian = 0; - if (isset($post['advert_budget_cian'])) - $advert_budget_cian = (double)$post['advert_budget_cian']; + $advert_budget_cian = 0; + if (isset($post['advert_budget_cian'])) + $advert_budget_cian = (double)$post['advert_budget_cian']; - $advert_budget_domclick = 0; - if (isset($post['advert_budget_domclick'])) - $advert_budget_domclick = (double)$post['advert_budget_domclick']; + $advert_budget_domclick = 0; + if (isset($post['advert_budget_domclick'])) + $advert_budget_domclick = (double)$post['advert_budget_domclick']; - $advert_budget_jcat = 0; - if (isset($post['advert_budget_jcat'])) - $advert_budget_jcat = (double)$post['advert_budget_jcat']; + $advert_budget_jcat = 0; + if (isset($post['advert_budget_jcat'])) + $advert_budget_jcat = (double)$post['advert_budget_jcat']; - $advert_budget_yandex = 0; - if (isset($post['advert_budget_yandex'])) - $advert_budget_yandex = (double)$post['advert_budget_yandex']; + $advert_budget_yandex = 0; + if (isset($post['advert_budget_yandex'])) + $advert_budget_yandex = (double)$post['advert_budget_yandex']; - $advert_budget_avito_unlimited = 0; - if (isset($post['advert_budget_avito_unlimited'])) - $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited']; + $advert_budget_avito_unlimited = 0; + if (isset($post['advert_budget_avito_unlimited'])) + $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited']; - $advert_budget_cian_unlimited = 0; - if (isset($post['advert_budget_cian_unlimited'])) - $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited']; + $advert_budget_cian_unlimited = 0; + if (isset($post['advert_budget_cian_unlimited'])) + $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited']; - $advert_budget_domclick_unlimited = 0; - if (isset($post['advert_budget_domclick_unlimited'])) - $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited']; + $advert_budget_domclick_unlimited = 0; + if (isset($post['advert_budget_domclick_unlimited'])) + $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited']; - $advert_budget_jcat_unlimited = 0; - if (isset($post['advert_budget_jcat_unlimited'])) - $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited']; + $advert_budget_jcat_unlimited = 0; + if (isset($post['advert_budget_jcat_unlimited'])) + $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited']; - $advert_budget_yandex_unlimited = 0; - if (isset($post['advert_budget_yandex_unlimited'])) - $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited']; + $advert_budget_yandex_unlimited = 0; + if (isset($post['advert_budget_yandex_unlimited'])) + $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited']; $advert_do_not_reinit_monthly = 0; if (isset($post['do_not_reinit_monthly'])) $advert_do_not_reinit_monthly = (int)$post['do_not_reinit_monthly']; - $advert_budgets_inst = new AdvertBudgets(); - $advert_budget = $advert_budgets_inst->setAdvertBudget([ - 'user_id' => $user_id, - 'total' => $advert_budget_total, - 'personal' => $advert_budget_personal, - 'avito' => $advert_budget_avito, - 'avito_unlimited' => $advert_budget_avito_unlimited, - 'cian' => $advert_budget_cian, - 'cian_unlimited' => $advert_budget_cian_unlimited, - 'domclick' => $advert_budget_domclick, - 'domclick_unlimited' => $advert_budget_domclick_unlimited, - 'jcat' => $advert_budget_jcat, - 'jcat_unlimited' => $advert_budget_jcat_unlimited, - 'yandex' => $advert_budget_yandex, - 'yandex_unlimited' => $advert_budget_yandex_unlimited, - 'do_not_reinit_monthly' => $advert_do_not_reinit_monthly, - ]); - }*/ + $advert_budgets_inst = new AdvertBudgets(); + $advert_budget = $advert_budgets_inst->setAdvertBudget([ + 'user_id' => $user_id, + 'total' => $advert_budget_total, + 'personal' => $advert_budget_personal, + 'avito' => $advert_budget_avito, + 'avito_unlimited' => $advert_budget_avito_unlimited, + 'cian' => $advert_budget_cian, + 'cian_unlimited' => $advert_budget_cian_unlimited, + 'domclick' => $advert_budget_domclick, + 'domclick_unlimited' => $advert_budget_domclick_unlimited, + 'jcat' => $advert_budget_jcat, + 'jcat_unlimited' => $advert_budget_jcat_unlimited, + 'yandex' => $advert_budget_yandex, + 'yandex_unlimited' => $advert_budget_yandex_unlimited, + 'do_not_reinit_monthly' => $advert_do_not_reinit_monthly, + ]); + }*/ if (!isset($post["on_any_ip"])) { $post["on_any_ip"] = 0; @@ -2955,7 +3012,7 @@ $webHookIn->check_send($dataWhook); $post["on_hide_client_contacts"] = 0; } - //Update permissions + //Update permissions $sql_check_perm = "SELECT count(id) FROM `user_permissions` WHERE user_id = $user_id"; $rez_check_perm = mysql_query($sql_check_perm); if (mysql_result($rez_check_perm,0)) { @@ -3045,73 +3102,73 @@ $webHookIn->check_send($dataWhook); '$post[on_hide_client_contacts]' )"; } - // echo($sql_update_permissions);die; + // echo($sql_update_permissions);die; mysql_query($sql_update_permissions); - $data = [ - 'id' => $user_id, - 'agency_name' => $this->agency_name, - 'last_name' => $this->last_name, - 'first_name' => $this->first_name, - 'middle_name' => $this->middle_name, - 'phone' => $this->phone, - 'email' => $this->email, - 'user_logo' => $this->user_logo, - 'passport_date' => $passport_date, - ]; + $data = [ + 'id' => $user_id, + 'agency_name' => $this->agency_name, + 'last_name' => $this->last_name, + 'first_name' => $this->first_name, + 'middle_name' => $this->middle_name, + 'phone' => $this->phone, + 'email' => $this->email, + 'user_logo' => $this->user_logo, + 'passport_date' => $passport_date, + ]; - if (!is_null($advert_budget)) { - if ($advert_budget['success'] == true) { - $data['advert_budget'] = [ - 'total' => $advert_budget['total'], - 'amount' => $advert_budget['amount'], - 'balance' => $advert_budget['balance'], - ]; - } else { - $msg_user = implode('
', $advert_budget['errors']); - } - } + if (!is_null($advert_budget)) { + if ($advert_budget['success'] == true) { + $data['advert_budget'] = [ + 'total' => $advert_budget['total'], + 'amount' => $advert_budget['amount'], + 'balance' => $advert_budget['balance'], + ]; + } else { + $msg_user = implode('
', $advert_budget['errors']); + } + } - if (empty($msg_user)) { - return $data; - } - } else $msg_user = "Произошла ошибка при сохранении пользователя.!"; + if (empty($msg_user)) { + return $data; + } + } else $msg_user = "Произошла ошибка при сохранении пользователя.!"; - } else $msg_user = "Агент с таким номером телефона уже существует!"; - } else $msg_user = "Не указано Имя пользователя!"; - } else $msg_user = "Не указана Фамилия пользователя!"; - } else $msg_user = "Не указан номер телефона!"; - } else $msg_user = "Не указан E-Mail!"; + } else $msg_user = "Агент с таким номером телефона уже существует!"; + } else $msg_user = "Не указано Имя пользователя!"; + } else $msg_user = "Не указана Фамилия пользователя!"; + } else $msg_user = "Не указан номер телефона!"; + } else $msg_user = "Не указан E-Mail!"; - return ['error' => $msg_user]; - } + return ['error' => $msg_user]; + } - public static function getAllAgencyUsers($agencyId = false) { + public static function getAllAgencyUsers($agencyId = false) { - $agentIds = []; - if (isset($_SESSION['id'])) - $agentIds[] = $_SESSION['id']; + $agentIds = []; + if (isset($_SESSION['id'])) + $agentIds[] = $_SESSION['id']; - if ($agencyId) { - $agentIds[] = $agencyId; + if ($agencyId) { + $agentIds[] = $agencyId; - $agentsOfAgency = self::getAllAgents($agencyId); - foreach ($agentsOfAgency as $agent) { - if (!in_array($agent['id'], $agentIds)) { - $agentIds[] = $agent['id']; - } - } + $agentsOfAgency = self::getAllAgents($agencyId); + foreach ($agentsOfAgency as $agent) { + if (!in_array($agent['id'], $agentIds)) { + $agentIds[] = $agent['id']; + } + } - $agentsOfManager = self::getAllManagers($agencyId); - foreach ($agentsOfManager as $agent) { - if (!in_array($agent['id'], $agentIds)) { - $agentIds[] = $agent['id']; - } - } - } + $agentsOfManager = self::getAllManagers($agencyId); + foreach ($agentsOfManager as $agent) { + if (!in_array($agent['id'], $agentIds)) { + $agentIds[] = $agent['id']; + } + } + } - return array_unique($agentIds); - } + return array_unique($agentIds); + } public static function getAgencyIdForUser($userId) { return self::getUserAgencyID($userId); @@ -3139,290 +3196,290 @@ $webHookIn->check_send($dataWhook); $agency_id = intval($agency['id']); } else { if ($agency['id_manager']) { - $agency2 = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]")); - if($agency2['id_manager']) - $agency_id = intval($agency2['id_manager']); - else - $agency_id = intval($agency['id_manager']); - - } + $agency2 = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]")); + if($agency2['id_manager']) + $agency_id = intval($agency2['id_manager']); + else + $agency_id = intval($agency['id_manager']); + + } else if ($user['id_manager']) $agency_id = intval($user['id_manager']); else $agency_id = intval($user['id']); } } else if (isset($_SESSION['id'])) { - $agency_id = intval($_SESSION['id']); + $agency_id = intval($_SESSION['id']); } return $agency_id; } - public static function getAllAgency($agent = false, $block = false, $active = false, $from = 0, $to = 1000){ + public static function getAllAgency($agent = false, $block = false, $active = false, $from = 0, $to = 1000){ - if($agent) { - if ($block) { - $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1"; - } else { - $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0"; - } - } else { - if ($block) { - $usl = "agency=1 AND blocked = 1"; - } else { - $usl = "agency=1 AND blocked = 0"; - } - } + if($agent) { + if ($block) { + $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1"; + } else { + $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0"; + } + } else { + if ($block) { + $usl = "agency=1 AND blocked = 1"; + } else { + $usl = "agency=1 AND blocked = 0"; + } + } - if ($active) { - $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)"; - } + if ($active) { + $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)"; + } - $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to"; + $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to"; - if (isset($_GET['dev'])) { - echo $sql; - } + if (isset($_GET['dev'])) { + echo $sql; + } - $rez = mysql_query($sql); + $rez = mysql_query($sql); - $agency = array(); + $agency = array(); - while($ag = mysql_fetch_assoc($rez)) + while($ag = mysql_fetch_assoc($rez)) - { + { - if($ag['id_tarif']) { - $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0); - } + if($ag['id_tarif']) { + $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0); + } - else $ag['tarif'] = ""; + else $ag['tarif'] = ""; - $agency[] = $ag; + $agency[] = $ag; - } + } - return $agency; + return $agency; - } + } - public static function getAllDeveloper($block = false, $active = false, $from = 0, $to = 1000){ - $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0"; - if ($block) { - $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 1"; - } else { - $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 0"; - } + public static function getAllDeveloper($block = false, $active = false, $from = 0, $to = 1000){ + $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0"; + if ($block) { + $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 1"; + } else { + $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 0"; + } - if ($active) { - $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)"; - } + if ($active) { + $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)"; + } - $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to"; + $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to"; - if (isset($_GET['dev'])) - { - echo $sql; - } + if (isset($_GET['dev'])) + { + echo $sql; + } - $rez = mysql_query($sql); + $rez = mysql_query($sql); - $developers = array(); + $developers = array(); - while($dev = mysql_fetch_assoc($rez)) - { - if($id_tarif = $dev['id_tarif']) - { - $dev['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id = $id_tarif"),0); - } + while($dev = mysql_fetch_assoc($rez)) + { + if($id_tarif = $dev['id_tarif']) + { + $dev['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id = $id_tarif"),0); + } - else $dev['tarif'] = ""; - $developers[] = $dev; - } + else $dev['tarif'] = ""; + $developers[] = $dev; + } - return $developers; - } + return $developers; + } - public static function countAllAgency($agent = false, $block = false, $active = false){ + public static function countAllAgency($agent = false, $block = false, $active = false){ - if($agent) { - if ($block) { - $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1"; - } else { - $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0"; - } - } else { - if ($block) { - $usl = "agency=1 AND blocked = 1"; - } else { - $usl = "agency=1 AND blocked = 0"; - } - } + if($agent) { + if ($block) { + $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1"; + } else { + $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0"; + } + } else { + if ($block) { + $usl = "agency=1 AND blocked = 1"; + } else { + $usl = "agency=1 AND blocked = 0"; + } + } - if ($active) { - $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)"; - } + if ($active) { + $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)"; + } - $sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC"; + $sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC"; - if (isset($_GET['dev'])) { - echo $sql; - } + if (isset($_GET['dev'])) { + echo $sql; + } - $rez = mysql_query($sql); + $rez = mysql_query($sql); - return mysql_result($rez,0); + return mysql_result($rez,0); - } + } - public static function searchUsers($agent = false, $from = 0, $to = 1000){ + public static function searchUsers($agent = false, $from = 0, $to = 1000){ - $usl = "1"; + $usl = "1"; - if($_GET['search']) { + if($_GET['search']) { - $usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')"; + $usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')"; - } + } - $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to"; + $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to"; - if (isset($_GET['dev'])) { - echo $sql; - } + if (isset($_GET['dev'])) { + echo $sql; + } - $rez = mysql_query($sql); + $rez = mysql_query($sql); - $agency = array(); + $agency = array(); - while($ag = mysql_fetch_assoc($rez)) + while($ag = mysql_fetch_assoc($rez)) - { + { - if($ag[id_tarif]) $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0); + if($ag[id_tarif]) $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0); - else $ag['tarif'] = ""; + else $ag['tarif'] = ""; - $agency[] = $ag; + $agency[] = $ag; - } + } - return $agency; + return $agency; - } + } - public static function countUsers($agent = false){ + public static function countUsers($agent = false){ - $usl = "1"; + $usl = "1"; - if($_GET['search']) { + if($_GET['search']) { - $usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')"; + $usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')"; - } + } - $sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC"; + $sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC"; - if (isset($_GET['dev'])) { - echo $sql; - } + if (isset($_GET['dev'])) { + echo $sql; + } - $rez = mysql_query($sql); + $rez = mysql_query($sql); - return mysql_result($rez,0); + return mysql_result($rez,0); - } + } - public static function getCountAgency($agent = false, $block = false, $active = false){ + public static function getCountAgency($agent = false, $block = false, $active = false){ - if($agent) { - $usl = "agent=1 AND agency=0 AND role_developer=0 AND id_manager=0"; - if ($block) { - $usl = $usl." AND blocked = 1"; - } else { - $usl = $usl." AND blocked = 0"; - } - } else { - $usl = "agency=1 AND role_developer=0"; - if ($block) { - $usl = $usl." AND blocked = 1"; - } else { - $usl = $usl." AND blocked = 0"; - } - } + if($agent) { + $usl = "agent=1 AND agency=0 AND role_developer=0 AND id_manager=0"; + if ($block) { + $usl = $usl." AND blocked = 1"; + } else { + $usl = $usl." AND blocked = 0"; + } + } else { + $usl = "agency=1 AND role_developer=0"; + if ($block) { + $usl = $usl." AND blocked = 1"; + } else { + $usl = $usl." AND blocked = 0"; + } + } - if ($active) { - $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)"; - } + if ($active) { + $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)"; + } - $sql = "SELECT COUNT(*) FROM users WHERE $usl"; - if (isset($_GET['dev'])) { - echo $sql; - } - $rez = mysql_query($sql); + $sql = "SELECT COUNT(*) FROM users WHERE $usl"; + if (isset($_GET['dev'])) { + echo $sql; + } + $rez = mysql_query($sql); - return mysql_result($rez,0); + return mysql_result($rez,0); - } + } - public static function getCountDeveloper($block = false, $active = false) - { - $usl = "role_developer = 1 AND agent = 0 AND agency = 0 AND id_manager = 0"; - - if ($block) - { - $usl = $usl." AND blocked = 1"; - } - else - { - $usl = $usl." AND blocked = 0"; - } + public static function getCountDeveloper($block = false, $active = false) + { + $usl = "role_developer = 1 AND agent = 0 AND agency = 0 AND id_manager = 0"; - if ($active) - { - $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)"; - } + if ($block) + { + $usl = $usl." AND blocked = 1"; + } + else + { + $usl = $usl." AND blocked = 0"; + } - $sql = "SELECT COUNT(*) FROM users WHERE $usl"; - - if (isset($_GET['dev'])) - { - echo $sql; - } + if ($active) + { + $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)"; + } - $rez = mysql_query($sql); + $sql = "SELECT COUNT(*) FROM users WHERE $usl"; - return mysql_result($rez, 0); - } + if (isset($_GET['dev'])) + { + echo $sql; + } - public static function countAllAdmins($id, $only_active = false) { - $sql = "SELECT count(*) FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id"; + $rez = mysql_query($sql); - if ($only_active) - $sql .= " AND users.blocked=0"; + return mysql_result($rez, 0); + } - $res = mysql_query($sql); - return mysql_result($res,0); - } + public static function countAllAdmins($id, $only_active = false) { + $sql = "SELECT count(*) FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id"; - public static function getAllAdmins($id, $only_active = false) { + if ($only_active) + $sql .= " AND users.blocked=0"; - if (!$id) - return []; + $res = mysql_query($sql); + return mysql_result($res,0); + } - $sql = "SELECT * FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id"; + public static function getAllAdmins($id, $only_active = false) { - if ($only_active) - $sql .= " AND users.blocked=0"; + if (!$id) + return []; - $res = mysql_query($sql); - $admins = []; - while ($admin = mysql_fetch_assoc($res)) { - $admins[] = $admin; - } - return $admins; - } + $sql = "SELECT * FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id"; + + if ($only_active) + $sql .= " AND users.blocked=0"; + + $res = mysql_query($sql); + $admins = []; + while ($admin = mysql_fetch_assoc($res)) { + $admins[] = $admin; + } + return $admins; + } public static function countAllManagers($id, $only_active = false) { $total = 0; @@ -3445,22 +3502,22 @@ $webHookIn->check_send($dataWhook); } - public static function getAllManagers($id, $only_active = true) { + public static function getAllManagers($id, $only_active = true) { - if (!$id) - return []; + if (!$id) + return []; - $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id"; + $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id"; - if ($only_active) - $sql .= " AND blocked=0"; + if ($only_active) + $sql .= " AND blocked=0"; - $rez = mysql_query($sql); + $rez = mysql_query($sql); - $managers = array(); + $managers = array(); - while($manager = mysql_fetch_assoc($rez)) { - $managers[] = $manager; + while($manager = mysql_fetch_assoc($rez)) { + $managers[] = $manager; $sql3 = "SELECT * FROM users WHERE manager=1 AND id_manager=$manager[id]"; @@ -3477,71 +3534,71 @@ $webHookIn->check_send($dataWhook); // Удаляем дублирующиеся записи по 'id' $managers = array_unique($managers, SORT_REGULAR); - return $managers; + return $managers; - } + } - public static function countAllAgents($id, $only_active = false) { + public static function countAllAgents($id, $only_active = false) { - if (!$id) - return []; + if (!$id) + return []; - $sql = "SELECT id, manager FROM users WHERE manager=1 AND id_manager=$id AND blocked=0"; + $sql = "SELECT id, manager FROM users WHERE manager=1 AND id_manager=$id AND blocked=0"; - if (!$only_active) - $sql .= " AND blocked=0"; + if (!$only_active) + $sql .= " AND blocked=0"; - $rez = mysql_query($sql); + $rez = mysql_query($sql); - $agentsCount = 0; + $agentsCount = 0; - while($agent = mysql_fetch_assoc($rez)) + while($agent = mysql_fetch_assoc($rez)) - { + { - $sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$agent[id] AND blocked=0"; + $sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$agent[id] AND blocked=0"; - $rez2 = mysql_query($sql2); + $rez2 = mysql_query($sql2); - $agentsCount = $agentsCount + (int) mysql_result($rez2,0); + $agentsCount = $agentsCount + (int) mysql_result($rez2,0); - } + } - $sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$id AND blocked=0"; + $sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$id AND blocked=0"; - $rez2 = mysql_query($sql2); + $rez2 = mysql_query($sql2); - $agentsCount = $agentsCount + (int) mysql_result($rez2,0); + $agentsCount = $agentsCount + (int) mysql_result($rez2,0); - return $agentsCount; + return $agentsCount; - } + } - public static function getAllAgents($id, $only_active = false) { + public static function getAllAgents($id, $only_active = false) { - if (!$id) - return []; + if (!$id) + return []; - $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id"; + $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id"; - if ($only_active) - $sql .= " AND blocked=0"; + if ($only_active) + $sql .= " AND blocked=0"; - $rez = mysql_query($sql); + $rez = mysql_query($sql); - $agents = array(); + $agents = array(); - while($agent = mysql_fetch_assoc($rez)) + while($agent = mysql_fetch_assoc($rez)) - { + { - $sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$agent[id]"; + $sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$agent[id]"; - $rez2 = mysql_query($sql2); + $rez2 = mysql_query($sql2); - while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2; + while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2; $sql3 = "SELECT * FROM users WHERE manager=1 AND id_manager=$agent[id]"; @@ -3555,102 +3612,102 @@ $webHookIn->check_send($dataWhook); while($agent4 = mysql_fetch_assoc($rez4)) $agents[] = $agent4; } - } + } - $sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$id"; + $sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$id"; - $rez2 = mysql_query($sql2); + $rez2 = mysql_query($sql2); - while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2; + while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2; - return $agents; + return $agents; - } + } - public function changeTarif() { - $sql = "UPDATE users SET id_tarif='$_GET[id_tarif]', date_tarif=NOW() WHERE id=$_GET[id_user]"; - mysql_query($sql); - } + public function changeTarif() { + $sql = "UPDATE users SET id_tarif='$_GET[id_tarif]', date_tarif=NOW() WHERE id=$_GET[id_user]"; + mysql_query($sql); + } /** * @return array */ - public function getFilesList($user_id = null) { - if (!is_null($user_id)) { - $sql = "SELECT * + public function getFilesList($user_id = null) { + if (!is_null($user_id)) { + $sql = "SELECT * FROM `users_files` AS files WHERE files.user_id = " . trim($user_id); - $files = []; - $res = mysql_query($sql); - if (mysql_num_rows($res)) { - while ($file = mysql_fetch_assoc($res)) { - $files[] = $file; - } - } + $files = []; + $res = mysql_query($sql); + if (mysql_num_rows($res)) { + while ($file = mysql_fetch_assoc($res)) { + $files[] = $file; + } + } - return $files; - } + return $files; + } - return []; - } + return []; + } /** * @return array */ - public function getFile($file_id = null) { - if (!is_null($file_id)) { - $sql = "SELECT * + public function getFile($file_id = null) { + if (!is_null($file_id)) { + $sql = "SELECT * FROM `users_files` AS files WHERE files.id = " . trim($file_id) . " LIMIT 1"; - $res = mysql_query($sql); - return mysql_fetch_assoc($res); - } + $res = mysql_query($sql); + return mysql_fetch_assoc($res); + } - return []; - } + return []; + } /** * @param null $file_id * @return bool */ - public function deleteFile($file_id = null) { - if (!is_null($file_id)) { - if ($file = $this->getFile($file_id)) { - $sql = "DELETE FROM `users_files` WHERE `users_files`.`id` = " . $file['id'] . " LIMIT 1"; - if (mysql_query($sql)) { - unlink($_SERVER['DOCUMENT_ROOT'] . $file['path']); - return true; - } - } - } + public function deleteFile($file_id = null) { + if (!is_null($file_id)) { + if ($file = $this->getFile($file_id)) { + $sql = "DELETE FROM `users_files` WHERE `users_files`.`id` = " . $file['id'] . " LIMIT 1"; + if (mysql_query($sql)) { + unlink($_SERVER['DOCUMENT_ROOT'] . $file['path']); + return true; + } + } + } - return mysql_error(); - } + return mysql_error(); + } /** * @param null $user_id * @return bool|string */ - public function delUserPic($user_id = null) { - if (!is_null($user_id)) { + public function delUserPic($user_id = null) { + if (!is_null($user_id)) { - $user = new self; - $user->get($user_id); + $user = new self; + $user->get($user_id); - if ($user_logo = $user->user_logo) { - $sql = "UPDATE users SET user_logo='' WHERE id='$user_id' LIMIT 1"; - if (mysql_query($sql)) { - unlink($this->_serverUserpicPath . '/' . $user_logo); - return true; - } - } - } + if ($user_logo = $user->user_logo) { + $sql = "UPDATE users SET user_logo='' WHERE id='$user_id' LIMIT 1"; + if (mysql_query($sql)) { + unlink($this->_serverUserpicPath . '/' . $user_logo); + return true; + } + } + } - return false; - } + return false; + } /** * @param $str @@ -3658,71 +3715,71 @@ $webHookIn->check_send($dataWhook); * @param bool $is_folder * @return string */ - private function fixFilename($str, $config, $is_folder = false) { - $str = strip_tags(htmlspecialchars($str)); - if ($config['convert_spaces']) - $str = str_replace(' ', $config['replace_with'], $str); + private function fixFilename($str, $config, $is_folder = false) { + $str = strip_tags(htmlspecialchars($str)); + if ($config['convert_spaces']) + $str = str_replace(' ', $config['replace_with'], $str); - if ($config['transliteration']) { - if (!mb_detect_encoding($str, 'UTF-8', true)) - $str = utf8_encode($str); - if (function_exists('transliterator_transliterate')) - $str = transliterator_transliterate('Any-Latin; Latin-ASCII', $str); - else - $str = iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $str); + if ($config['transliteration']) { + if (!mb_detect_encoding($str, 'UTF-8', true)) + $str = utf8_encode($str); + if (function_exists('transliterator_transliterate')) + $str = transliterator_transliterate('Any-Latin; Latin-ASCII', $str); + else + $str = iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $str); - $str = preg_replace("/[^a-zA-Z0-9\.\[\]_| -]/", '', $str); - } + $str = preg_replace("/[^a-zA-Z0-9\.\[\]_| -]/", '', $str); + } - $str = str_replace(array( '"', "'", "/", "\\" ), "", $str); - $str = strip_tags($str); + $str = str_replace(array( '"', "'", "/", "\\" ), "", $str); + $str = strip_tags($str); - // Empty or incorrectly transliterated filename. - // Here is a point: a good file UNKNOWN_LANGUAGE.jpg could become .jpg in previous code. - // So we add that default 'file' name to fix that issue. - if (!$config['empty_filename'] && strpos($str, '.') === 0 && $is_folder === false) - { - $str = 'file' . $str; - } + // Empty or incorrectly transliterated filename. + // Here is a point: a good file UNKNOWN_LANGUAGE.jpg could become .jpg in previous code. + // So we add that default 'file' name to fix that issue. + if (!$config['empty_filename'] && strpos($str, '.') === 0 && $is_folder === false) + { + $str = 'file' . $str; + } - if ($config['lowercase']) - return (mb_strtolower(trim($str))); - else - return trim($str); - } + if ($config['lowercase']) + return (mb_strtolower(trim($str))); + else + return trim($str); + } /** * @param $path * @param $filename * @return string */ - private function newFilename($path, $filename) { - $res = "$path/$filename"; - if (!file_exists($res)) - return $res; + private function newFilename($path, $filename) { + $res = "$path/$filename"; + if (!file_exists($res)) + return $res; - $fnameNoExt = pathinfo($filename,PATHINFO_FILENAME); - $ext = pathinfo($filename, PATHINFO_EXTENSION); + $fnameNoExt = pathinfo($filename,PATHINFO_FILENAME); + $ext = pathinfo($filename, PATHINFO_EXTENSION); - $i = 1; - while(file_exists("$path/$fnameNoExt-$i.$ext")) $i++; - return "$path/$fnameNoExt-$i.$ext"; - } + $i = 1; + while(file_exists("$path/$fnameNoExt-$i.$ext")) $i++; + return "$path/$fnameNoExt-$i.$ext"; + } /** * @param null $user_id * @return array|bool */ - private function setUserpic($user_id = null) { + private function setUserpic($user_id = null) { - if (!$user_id || is_null($user_id)) - return false; + if (!$user_id || is_null($user_id)) + return false; - if ($_FILES['avatar']['name']) { - list($a, $ext) = explode("/", $_FILES['avatar']['type']); - if ($ext == "pjpeg") { - $ext = "jpeg"; - } + if ($_FILES['avatar']['name']) { + list($a, $ext) = explode("/", $_FILES['avatar']['type']); + if ($ext == "pjpeg") { + $ext = "jpeg"; + } $ext = mb_strtolower($ext); @@ -3739,162 +3796,162 @@ $webHookIn->check_send($dataWhook); return $name; } } - } + } - return false; - } + return false; + } /** * @param null $user_id * @return array|bool */ - private function uploadFiles($user_id = null) { + private function uploadFiles($user_id = null) { - if (!$user_id || is_null($user_id)) - return false; + if (!$user_id || is_null($user_id)) + return false; - list($success, $errors) = [[],[]]; - $user_id = intval($user_id); - $post = clearInputData($_POST); + list($success, $errors) = [[],[]]; + $user_id = intval($user_id); + $post = clearInputData($_POST); - $created_by = intval($_SESSION['id']); - if (isset($_FILES['files'])) { + $created_by = intval($_SESSION['id']); + if (isset($_FILES['files'])) { - $count = count($_FILES['files']['name']); + $count = count($_FILES['files']['name']); - $agency_id = self::getUserAgencyID(); - $users_id = $this->getAllAgencyUsers($agency_id); + $agency_id = self::getUserAgencyID(); + $users_id = $this->getAllAgencyUsers($agency_id); - for ($i = 0; $i < $count; $i++) { - if (in_array($user_id, $users_id) && $user_id && $_FILES['files']['error'][$i] == 0) { + for ($i = 0; $i < $count; $i++) { + if (in_array($user_id, $users_id) && $user_id && $_FILES['files']['error'][$i] == 0) { - $extension = mb_strtolower(pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION)); - if (in_array($extension, $this->_allowedFileTypes)) { + $extension = mb_strtolower(pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION)); + if (in_array($extension, $this->_allowedFileTypes)) { - $real_filename = $_FILES['files']['name'][$i]; - $description = ((isset($post['description'][$i])) ? trim($post['description'][$i]) : null); - $filename = $this->fixFilename($real_filename, [ - 'convert_spaces' => true, - 'replace_with' => '_', - 'transliteration' => true, - 'empty_filename' => true, - 'lowercase' => true - ]); + $real_filename = $_FILES['files']['name'][$i]; + $description = ((isset($post['description'][$i])) ? trim($post['description'][$i]) : null); + $filename = $this->fixFilename($real_filename, [ + 'convert_spaces' => true, + 'replace_with' => '_', + 'transliteration' => true, + 'empty_filename' => true, + 'lowercase' => true + ]); - $tmp_path = $_FILES['files']['tmp_name'][$i]; - $save_path = $this->newFilename($_SERVER['DOCUMENT_ROOT'] . $this->_serverPath, $filename); - $path = str_replace($_SERVER['DOCUMENT_ROOT'], '', $save_path); + $tmp_path = $_FILES['files']['tmp_name'][$i]; + $save_path = $this->newFilename($_SERVER['DOCUMENT_ROOT'] . $this->_serverPath, $filename); + $path = str_replace($_SERVER['DOCUMENT_ROOT'], '', $save_path); - if (empty($description)) - $description = $real_filename; + if (empty($description)) + $description = $real_filename; - if (move_uploaded_file($tmp_path, $save_path)) { - $sql = "INSERT INTO `users_files` (`user_id`, `filename`, `path`, `created_by`) VALUES + if (move_uploaded_file($tmp_path, $save_path)) { + $sql = "INSERT INTO `users_files` (`user_id`, `filename`, `path`, `created_by`) VALUES ('$user_id', '$description', '$path', '$created_by')"; - if (mysql_query($sql)) { - $id = mysql_insert_id(); - $success[$id] = [ - 'filename' => $real_filename, - 'path' => $path, - ]; - } else { - $errors[] = [$filename => mysql_error()]; - } - } - } - } - } - } + if (mysql_query($sql)) { + $id = mysql_insert_id(); + $success[$id] = [ + 'filename' => $real_filename, + 'path' => $path, + ]; + } else { + $errors[] = [$filename => mysql_error()]; + } + } + } + } + } + } - if (!empty($success)) - return $success; - else - return $errors; + if (!empty($success)) + return $success; + else + return $errors; - } + } - /** - * Генирация и сохранение токенов - */ - public function gen_token($user_id) { - $token = md5(microtime() . 'user' . $user_id . time()); - $sql = "REPLACE INTO user_api_keys (user_id, api_key) VALUES ({$user_id}, '{$token}')"; - mysql_query($sql); - $id = mysql_insert_id(); - return $id; - - } + /** + * Генирация и сохранение токенов + */ + public function gen_token($user_id) { + $token = md5(microtime() . 'user' . $user_id . time()); + $sql = "REPLACE INTO user_api_keys (user_id, api_key) VALUES ({$user_id}, '{$token}')"; + mysql_query($sql); + $id = mysql_insert_id(); + return $id; + + } - public static function getUserTarif($user_id) { - $sgl = "SELECT id_tarif FROM users WHERE id={$user_id}"; - $user = mysql_query($sgl); - $userTarrif = mysql_fetch_assoc($user); + public static function getUserTarif($user_id) { + $sgl = "SELECT id_tarif FROM users WHERE id={$user_id}"; + $user = mysql_query($sgl); + $userTarrif = mysql_fetch_assoc($user); - if($userTarrif['id_tarif'] == 0) { - $sqlManager = "SELECT id_manager FROM users WHERE id={$user_id}"; - $userManager = mysql_query($sqlManager); - $userIdManager = mysql_fetch_assoc($userManager); - $sgl = "SELECT id_tarif FROM users WHERE id={$userIdManager['id_manager']}"; - $user = mysql_query($sgl); - $userTarrif = mysql_fetch_assoc($user); - } - $sql2 = "SELECT max_worker FROM tariffs WHERE id={$userTarrif['id_tarif']}"; - $tarif = mysql_query($sql2); - $maxWorker = mysql_fetch_assoc($tarif); - if ($maxWorker == 0) {$maxWorker = array('max_worker' => 9999);} - return $maxWorker; + if($userTarrif['id_tarif'] == 0) { + $sqlManager = "SELECT id_manager FROM users WHERE id={$user_id}"; + $userManager = mysql_query($sqlManager); + $userIdManager = mysql_fetch_assoc($userManager); + $sgl = "SELECT id_tarif FROM users WHERE id={$userIdManager['id_manager']}"; + $user = mysql_query($sgl); + $userTarrif = mysql_fetch_assoc($user); + } + $sql2 = "SELECT max_worker FROM tariffs WHERE id={$userTarrif['id_tarif']}"; + $tarif = mysql_query($sql2); + $maxWorker = mysql_fetch_assoc($tarif); + if ($maxWorker == 0) {$maxWorker = array('max_worker' => 9999);} + return $maxWorker; - } + } - public static function getUserTarifCount($user_id) { - $res = array(); - $res2 = array(); - $res3 = array(); - $sgl = "SELECT COUNT(*) FROM users WHERE id_manager={$user_id} AND blocked=0" ; - $user = mysql_query($sgl); - $userAgency = mysql_fetch_assoc($user); + public static function getUserTarifCount($user_id) { + $res = array(); + $res2 = array(); + $res3 = array(); + $sgl = "SELECT COUNT(*) FROM users WHERE id_manager={$user_id} AND blocked=0" ; + $user = mysql_query($sgl); + $userAgency = mysql_fetch_assoc($user); - $sgl3 = "SELECT id FROM users WHERE id_manager={$user_id} AND blocked=0"; - $user3 = mysql_query($sgl3); - while ($r = mysql_fetch_assoc($user3)) { - $res[] = $r; - } - foreach ($res as $value) { - $i = reset($value); - $sgl2 = "SELECT id FROM users WHERE id_manager={$i } AND blocked=0"; - $userA2 = mysql_query($sgl2); - while ($r = mysql_fetch_assoc($userA2)) { - $res2[] = $r; - } - } + $sgl3 = "SELECT id FROM users WHERE id_manager={$user_id} AND blocked=0"; + $user3 = mysql_query($sgl3); + while ($r = mysql_fetch_assoc($user3)) { + $res[] = $r; + } + foreach ($res as $value) { + $i = reset($value); + $sgl2 = "SELECT id FROM users WHERE id_manager={$i } AND blocked=0"; + $userA2 = mysql_query($sgl2); + while ($r = mysql_fetch_assoc($userA2)) { + $res2[] = $r; + } + } - $sgl4 = "SELECT department_id FROM users WHERE id_manager={$user_id} AND blocked=0"; - $user4 = mysql_query($sgl4); - while ($r = mysql_fetch_assoc($user4)) { - $res3[] = $r; - } + $sgl4 = "SELECT department_id FROM users WHERE id_manager={$user_id} AND blocked=0"; + $user4 = mysql_query($sgl4); + while ($r = mysql_fetch_assoc($user4)) { + $res3[] = $r; + } - foreach ($res3 as $value) { - $i = reset($value); - if ($i != 0){ - $sgl2 = "SELECT id FROM users WHERE department_id={$i } AND blocked=0 AND id_manager!={$user_id}"; - $userA2 = mysql_query($sgl2); - while ($r = mysql_fetch_assoc($userA2)) { - $res2[] = $r; - } - } - } + foreach ($res3 as $value) { + $i = reset($value); + if ($i != 0){ + $sgl2 = "SELECT id FROM users WHERE department_id={$i } AND blocked=0 AND id_manager!={$user_id}"; + $userA2 = mysql_query($sgl2); + while ($r = mysql_fetch_assoc($userA2)) { + $res2[] = $r; + } + } + } $result = array(); foreach ($res2 as $k => $v) { $result[] = reset($v); } - $userCount = (reset($userAgency)); - $userCount2 = count(array_unique($result)); - $userCountSum = $userCount + $userCount2; - return $userCountSum; - } + $userCount = (reset($userAgency)); + $userCount2 = count(array_unique($result)); + $userCountSum = $userCount + $userCount2; + return $userCountSum; + } public static function isCurrentUserShowAdvertButton() { $showAds = true; @@ -3903,7 +3960,7 @@ $webHookIn->check_send($dataWhook); $showAds = false; } - if ((in_array($_SESSION['agency_id'], array(8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434))) && !in_array($_SESSION['id'], array(8373, 8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434))) { + if ((in_array($_SESSION['agency_id'], array(8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434, 19011))) && !in_array($_SESSION['id'], array(8373, 8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434, 19011))) { $showAds = false; } @@ -4108,7 +4165,7 @@ $webHookIn->check_send($dataWhook); $showAds = true; } - if ($_SESSION['id'] == 22434 || $_SESSION['id'] == 22447) { + if ($_SESSION['id'] == 22434 || $_SESSION['id'] == 22447 || $_SESSION['id'] == 22451) { $showAds = true; } @@ -4116,6 +4173,10 @@ $webHookIn->check_send($dataWhook); $showAds = false; } + if ($_SESSION['id'] == 19011) { + $showAds = true; + } + return $showAds; } @@ -4159,47 +4220,47 @@ $webHookIn->check_send($dataWhook); return json_encode($users, JSON_UNESCAPED_UNICODE); } - /** - * получение пакета настроек для новой компании (новой регистрации) - */ - public function getNewUserPackages(){ - - $is_agent = (int)$this->individual; - $is_agency = (int)$this->agency; - $is_dev = (int)$this->role_developer; + /** + * получение пакета настроек для новой компании (новой регистрации) + */ + public function getNewUserPackages(){ - $where = ''; - if($is_dev > 0){ - $is_agency = 0; - $is_agent = 0; - $where = "is_dev = 1"; - } else if($is_agency > 0){ - $where = "is_agency = 1"; - } else if($is_agent > 0){ - $where = "is_agent = 1"; - } + $is_agent = (int)$this->individual; + $is_agency = (int)$this->agency; + $is_dev = (int)$this->role_developer; - $funnels = []; + $where = ''; + if($is_dev > 0){ + $is_agency = 0; + $is_agent = 0; + $where = "is_dev = 1"; + } else if($is_agency > 0){ + $where = "is_agency = 1"; + } else if($is_agent > 0){ + $where = "is_agent = 1"; + } - $sql = "SELECT * FROM funnel_admin where $where and deleted = 0 order by id"; - $q = mysql_query($sql); - while($r = mysql_fetch_assoc($q)) { - $funnels[] = $r['id']; - } - - if(!empty($funnels)){ - $funnelClass = new Funnel(); - $f = $funnelClass->set_template_funnels($this->agencyId, $this->id, $funnels); - } + $funnels = []; - //Дефолтные настройки - $sql = "INSERT INTO `funnel_default` (`name`, `agency_id`, `is_client`, `is_req`, `is_filter`, `is_stage`, `is_show_funnels`, `order_number`) VALUES + $sql = "SELECT * FROM funnel_admin where $where and deleted = 0 order by id"; + $q = mysql_query($sql); + while($r = mysql_fetch_assoc($q)) { + $funnels[] = $r['id']; + } + + if(!empty($funnels)){ + $funnelClass = new Funnel(); + $f = $funnelClass->set_template_funnels($this->agencyId, $this->id, $funnels); + } + + //Дефолтные настройки + $sql = "INSERT INTO `funnel_default` (`name`, `agency_id`, `is_client`, `is_req`, `is_filter`, `is_stage`, `is_show_funnels`, `order_number`) VALUES ('Список клиентов', {$this->agencyId}, 1, 0, 1, 0, 1, 0)"; - mysql_query($sql); - - $sql_in = "INSERT INTO user_views_page (user_id, view_req, view_client) values ({$this->id}, 'kanban', 'list')"; - mysql_query($sql_in); + mysql_query($sql); - - } + $sql_in = "INSERT INTO user_views_page (user_id, view_req, view_client) values ({$this->id}, 'kanban', 'list')"; + mysql_query($sql_in); + + + } }