false, 'object-fields' => false, 'advert-stats' => false ]; public function getId() { return $this->id; } public function getAgencyName() { return "Агентство недвижимости ." . $this->agencyName; } public function getAgencyPhone() { return $this->phoneAgency; } public function getFullName() { return trim($this->last_name . ' ' . $this->first_name . ' ' . $this->middle_name); } public function getPhone() { return $this->phone; } public function get($id, $add_info = false, $add_budget = false) { $sql = "SELECT *, IF(birthday, DATE_FORMAT(birthday, '%d.%m.%Y'), NULL) as birthday FROM users WHERE id=$id"; if ($rez = mysql_query($sql)) { if (mysql_num_rows($rez)) { $user = mysql_fetch_assoc($rez); foreach ($user as $k => $v) { $this->$k = $v; } $departmentClass = new Department; $departmentUser = $departmentClass->getDepartment($id); if ($departmentUser['role'] == 'manager_office' || $departmentUser['role'] == 'manager_office_menager') { $this->manager = $_SESSION['manager'] = 1; } $this->agencyId = $id; $this->agencyEgrnRequestCount = 0; $this->agencyAntiznakRequestCount = 0; $this->agencyEnableWazzap = $user['enable_wazzap']; $this->agencyName = null; $this->manager_users = null; if ($user['role_developer']) { // застройщик $this->role_developer = $_SESSION['role_developer'] = 1; } else { $this->role_developer = $_SESSION['role_developer'] = 0; } $this->fio = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']); if ($user['id_manager'] == 0 && $user['agency'] == 0) { // частник $this->individual = $_SESSION['individual'] = 1; } else { $this->individual = $_SESSION['individual'] = 0; } if (isset($user['phone2'])) $this->phone2 = $user['phone2']; if ($user['id_manager']) { $thisIdManager = $user['id_manager']; if ($departmentUser['role'] == 'manager_office_menager' || $departmentUser['role'] == 'agent') { if ($departmentUser['admin'] > 0) { $thisIdManager = $departmentUser['admin']; } } $sql = "SELECT * FROM users WHERE id= $thisIdManager"; $rez = mysql_query($sql); $manager = mysql_fetch_assoc($rez); if ($manager['id_manager']) { $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); if ($agency['id_manager']) { $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]")); } } else { $agency = $manager; } $this->photo = $agency['photo']; $this->agencyId = $agency['id']; $this->agencyZipalLogin = $agency['zipal_login']; $this->agencyZipalPassword = $agency['zipal_password']; $this->agencyZipalBalance = $agency['zipal_balance']; $this->agencyEgrnRequestCount = $agency['egrn_request_count']; $this->agencyEnableWazzap = $agency['enable_wazzap']; if($agency['id'] != 12061){ $this->agencyAntiznakRequestCount = $agency['antiznak_request_count']; } else if($user['id'] == 12653 || $user['id'] == 12093) { $this->agencyAntiznakRequestCount = $agency['antiznak_request_count']; } if (isset($agency['agency_name'])) { $this->agencyName = $agency['agency_name']; } else if (isset($user['agency_name'])) { $this->agencyName = $user['agency_name']; } $this->phoneAgency = empty($agency['phoneAgency']) ? $agency['phone'] : $agency['phoneAgency']; $this->sitename = $agency['sitename']; $this->site = $agency['site']; $this->adres = $agency['adres']; } else { if (isset($user['agency_name'])) { $this->agencyName = $user['agency_name']; } else { $this->agencyName = null; } } if ($this->manager > 0) { // Список пользователей в подчинении у менеджера $agents = self::getAgentsOfManager($id, false); if (!empty($agents) && is_array($agents)) { $this->manager_users = []; foreach ($agents as $agent) { $this->manager_users[] = (int)$agent['id']; } } } if (isset($user['agency']) && $user['agency']) { $this->director = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']); if (isset($user['agency_name'])) $this->fio = $user['agency_name']; } $this->gmtmsk = (int)$user['gmtmsk']; // Добавляем инфо о паспортных данных if ($add_info) { $sql1 = "SELECT *, IF(passport_date, DATE_FORMAT(passport_date, '%d.%m.%Y'), NULL) as passport_date FROM `users_info` WHERE user_id=$id"; $rez1 = mysql_query($sql1); if (mysql_num_rows($rez1)) { $info = mysql_fetch_assoc($rez1); foreach ($info as $k => $v) { $this->$k = $v; } } $this->files = []; $sql2 = "SELECT * FROM `users_files` WHERE user_id=$id"; $rez2 = mysql_query($sql2); if (mysql_num_rows($rez2)) { while ($file = mysql_fetch_assoc($rez2)) { $this->files[] = $file; } } } // Добавляем инфо о рекламном бюджете if ($add_budget) { $advert_budgets = new AdvertBudgets(); $budget = $advert_budgets->getAdvertBudget($id); $this->advert_budget = [ 'avito' => $budget['avito'], 'avito_unlimited' => $budget['avito_unlimited'], 'avito_available' => $budget['avito_available'], 'cian' => $budget['cian'], 'cian_unlimited' => $budget['cian_unlimited'], 'cian_available' => $budget['cian_available'], 'domclick' => $budget['domclick'], 'domclick_unlimited' => $budget['domclick_unlimited'], 'domclick_available' => $budget['domclick_available'], 'jcat' => $budget['jcat'], 'jcat_unlimited' => $budget['jcat_unlimited'], 'jcat_available' => $budget['jcat_available'], 'yandex' => $budget['yandex'], 'yandex_unlimited' => $budget['yandex_unlimited'], 'yandex_available' => $budget['yandex_available'], 'personal' => $budget['personal'], 'total' => $budget['total'], 'amount' => $budget['amount'], 'balance' => $budget['balance'], 'do_not_reinit_monthly' => $budget['do_not_reinit_monthly'], ]; } } else { return false; } } } public function can($permission, $user_id = null) { if (is_null($user_id)) $user_id = $_SESSION['id']; $this->checkPermissions($user_id); if (isset($this->_user_can[$permission])) { if (boolval($this->_user_can[$permission]) === true) { return true; } return false; } if (isset($_SESSION['user_can'][$permission])) { if (boolval($_SESSION['user_can'][$permission]) === true) { return true; } return false; } return false; } public function getMyManagers(){ $searchUserId = $_SESSION['id']; if ($_SESSION['users_admin']) { $searchUserId = $this->agencyId; } else { $departmentClass = new Department; $departmentUser = $departmentClass->getDepartment($_SESSION['id']); if($departmentUser['role'] == 'manager_office'){ $searchUserId = $departmentUser['admin']; } if($departmentUser['role'] == 'manager_office_menager'){ $searchUserId = $this->id_manager; } } $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$searchUserId AND blocked=0"; $rez = mysql_query($sql); $managers = array(); while($manager = mysql_fetch_assoc($rez)) $managers[] = $manager; return $managers; } public static function getAgentsOfManager($id_manager, $only_active = false) { if (!$id_manager) return []; $sql = "SELECT *, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users WHERE manager=0 AND id_manager=$id_manager"; if ($only_active) $sql .= " AND blocked=0"; $rez = mysql_query($sql); $agents = array(); while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager; return $agents; } public static function getAgentsOfManagers($id_manager, $only_active = false) { if (!$id_manager) return []; $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id_manager"; if ($only_active) $sql .= " AND blocked=0"; $rez = mysql_query($sql); $agents = array(); while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager; return $agents; } public function getAgentsOfAgency($id_manager, $only_active = false) { if (!$id_manager) return []; $sql = "SELECT * FROM users WHERE manager=0 AND id_manager=$id_manager"; if ($only_active) $sql .= " AND blocked=0"; $rez = mysql_query($sql); $agents = array(); while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager; return $agents; } public function whoWork($id) { if (!$id) return []; $sql_who_work="SELECT * FROM clients WHERE who_work = $id"; $rez_who_work=mysql_query($sql_who_work); $who_work=mysql_fetch_assoc($rez_who_work); } public function getMyUsers($self_include = false) { $result = array(); if ($_GET['moder']) { $str_url_add = "moder=0"; $bd_usl = "moder=0"; } else $bd_usl = "moder=1"; if ($_GET['blocked']) { $bd_usl.=" AND blocked=1"; $str_url_add = "blocked=1"; } else $bd_usl .= " AND blocked=0"; if ($_GET['search']) { $bd_usl.=" AND (users.agency_name LIKE '%$_GET[search]%' OR users.first_name LIKE '%$_GET[search]%' OR users.last_name LIKE '%$_GET[search]%' OR users.middle_name LIKE '%$_GET[search]%' OR users.phone LIKE '%$_GET[search]%' OR users.email LIKE '%$_GET[search]%')"; $str_url_add = "search=".$_GET['search']; } $searchUserId = $_SESSION['id']; if ($_SESSION['users_admin'] || $_SESSION['id'] == 5817 || $_SESSION['id'] == 20293 || $_SESSION['id'] == 22915) { $searchUserId = $this->agencyId; } else { $departmentClass = new Department; $departmentUser = $departmentClass->getDepartment($_SESSION['id']); if($departmentUser['role'] == 'manager_office'){ $searchUserId = $departmentUser['admin']; } if($departmentUser['role'] == 'manager_office_menager'){ $searchUserId = $this->id_manager; } } $sql = "SELECT id FROM users WHERE id_manager = $searchUserId AND manager = 1"; $mmid[] = "users.id_manager = $searchUserId"; $rez = mysql_query($sql); $menedgers = array(); while($mm = mysql_fetch_row($rez)) { $mmid[] = "users.id_manager = ".$mm[0]; $menedgers[] = $mm[0]; } //отделы для агенства if ($_SESSION['agency'] == 1 || $_SESSION['users_admin'] == 1) { $sql_dep = "SELECT id FROM `departments` where agency_id = ".$this->agencyId; $q_dep = mysql_query($sql_dep); while($r_dep = mysql_fetch_assoc($q_dep)){ $rez_dep = mysql_query("SELECT id FROM users WHERE department_id=$r_dep[id] AND manager=1"); while($mm_dep = mysql_fetch_row($rez_dep)) { if(!in_array($mm_dep[0], $menedgers)){ $mmid[] = "users.id_manager = ".$mm_dep[0]; $menedgers[] = $mm_dep[0]; } } } } $bd_usl .= $bd_usl_managers = " AND (".implode(" OR ",$mmid).")"; $sql22 = "SELECT online.id_user FROM online, users WHERE online.id_user=users.id AND id_user<>$_SESSION[id] $bd_usl_managers"; $rez = mysql_query($sql22); $result['online'] = mysql_num_rows($rez); while($onl = mysql_fetch_assoc($rez)) $onln[] = "users.id = ".$onl['id_user']; $bd_usl_online = " AND (".implode(" OR ",$onln).")"; if ($_GET['online']) { $bd_usl.=$bd_usl_online; $str_url_add = "online=1"; } $result['str_url_add'] = $str_url_add; $kol_on_page = 20; $sql_count = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] AND $bd_usl"; $result['vsego'] = $vsego = mysql_result(mysql_query($sql_count),0); $sql_count_active = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=0"; $result['active'] = mysql_result(mysql_query($sql_count_active),0); //$sql_count_online = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_online AND blocked=0"; //$result['online'] = mysql_result(mysql_query($sql_count_online),0); $sql_count_blocked = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=1"; $result['blocked'] = mysql_result(mysql_query($sql_count_blocked),0); $all_pages = ceil($vsego/$kol_on_page); if($_GET['page']) $page = $_GET['page']; else $page = 1; $ot = ($page-1)*$kol_on_page; $sql = "SELECT *, DATE_FORMAT(date_reg,'%d.%m.%Y %H:%i') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users"; if ($self_include) { $sql .= " WHERE users.id = $_SESSION[id] OR ($bd_usl)"; } else { $sql .= " WHERE users.id <> $_SESSION[id] AND $bd_usl"; } $sql .= " ORDER BY users.manager desc, users.id DESC"; if (isset($_GET['dev'])) echo $sql; $rez=mysql_query($sql); while($users=mysql_fetch_assoc($rez)) $result['users'][] = $users; return $result; } public function del($id) { $sql="SELECT * FROM users WHERE id=$id"; $rez=mysql_query($sql); $manager = mysql_fetch_assoc($rez); $userDel = new User; $userDel->get($id); $user_del = array(); $arrayCanKey = ['pwd','email','last_name','first_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager']; foreach($manager as $key => $val){ if($key != 'id' && !empty($val) && in_array($key, $arrayCanKey)){ $user_del[] = "`".$key."` = '".$val."'"; } } $sql_in = "INSERT INTO users_delete SET ".implode(',', $user_del).", agency_id = ".$userDel->agencyId . ", user_id = {$id}"; file_put_contents($_SERVER["DOCUMENT_ROOT"]."/callevents/user.txt", "1. ". print_r($sql_in, true) . "\n", FILE_APPEND); mysql_query($sql_in); $sql="DELETE FROM users WHERE id=$id"; $rez=mysql_query($sql); if ($manager['id_manager'] > 0) { $sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id"; mysql_query($sql); } else { $sql="SELECT id FROM users WHERE id_manager=$id"; $rez=mysql_query($sql); while($us = mysql_fetch_assoc($rez)) { User::del($us['id']); } } $sql="DELETE FROM views WHERE id_user=$id"; $rez=mysql_query($sql); $sql="DELETE FROM sended_pdf WHERE id_agent=$id"; $rez=mysql_query($sql); $sql="DELETE FROM online WHERE id_user=$id"; $rez=mysql_query($sql); $sql="DELETE FROM objects WHERE id_user=$id"; $rez=mysql_query($sql); $sql="DELETE FROM favor WHERE id_user=$id"; $rez=mysql_query($sql); $sql="DELETE FROM clients WHERE id_agent=$id"; $rez=mysql_query($sql); $sql="DELETE FROM user_client_events WHERE user_id=$id"; $rez=mysql_query($sql); $sql="DELETE FROM user_object_events WHERE user_id=$id"; $rez=mysql_query($sql); //удаляем из чата и данные в таблице настроек RocketChat::deleteChatUser($id); $sql="DELETE FROM chat_settings_user WHERE user_id=$id"; $rez=mysql_query($sql); } public static function deleteWithRebindClient($newIdAgent, $id, $newWhoWork, $newWhoWorkObj, $newWhoWorkReq, $managerId) { $sql="SELECT * FROM users WHERE id=$id"; $rez=mysql_query($sql); $manager = mysql_fetch_assoc($rez); $userDel = new User; $userDel->get($id); $user_del = array(); $arrayCanKey = ['pwd','email','last_name','first_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager']; foreach($manager as $key => $val){ if($key != 'id' && !empty($val) && in_array($key, $arrayCanKey)){ $user_del[] = "`".$key."` = '".$val."'"; } } $sql_in = "INSERT INTO users_delete SET ".implode(',', $user_del).", agency_id = " . $userDel->agencyId. ", user_id = {$id}"; file_put_contents($_SERVER["DOCUMENT_ROOT"]."/callevents/user.txt", print_r($sql_in, true) . "\n", FILE_APPEND); mysql_query($sql_in); $sql="DELETE FROM users WHERE id=$id"; $rez=mysql_query($sql); if ($manager['id_manager'] > 0) { $sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id"; mysql_query($sql); } else { $sql="SELECT id FROM users WHERE id_manager=$id"; $rez=mysql_query($sql); while($us = mysql_fetch_assoc($rez)) { User::deleteWithRebindClient($newIdAgent, $us['id'], $newWhoWork, $newWhoWorkObj, $newWhoWorkReq, $managerId); } } $sql="DELETE FROM views WHERE id_user=$id"; $rez=mysql_query($sql); $sql="DELETE FROM sended_pdf WHERE id_agent=$id"; $rez=mysql_query($sql); $sql="DELETE FROM online WHERE id_user=$id"; $rez=mysql_query($sql); $sql="DELETE FROM favor WHERE id_user=$id"; $rez=mysql_query($sql); $confirm = 0; if($newWhoWork == $_SESSION['id']){ $confirm = 1; } $sql="UPDATE clients SET who_work=$newWhoWork, confirm=$confirm, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 0"; $rez=mysql_query($sql); $sql="UPDATE clients SET who_work=$newWhoWork, confirm=1, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 1"; $rez=mysql_query($sql); // перенос всех событий тому, кому отдаем клиентов $sql="UPDATE user_client_events SET user_id=$newWhoWork WHERE user_id=$id AND client_id>0"; $rez=mysql_query($sql); // перенос всех событий менеджеру или агентству $sql="UPDATE user_object_events SET user_id=$managerId WHERE user_id=$id"; $rez=mysql_query($sql); //Заявки $sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=$confirm, user_id=$newIdAgent WHERE who_work=$id AND deleted = 0"; $rez=mysql_query($sql); $sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=1, user_id=$newIdAgent WHERE who_work=$id AND deleted = 1"; $rez=mysql_query($sql); // перенос всех событий тому, кому отдаем заявки $sql="UPDATE user_client_events SET user_id=$newWhoWorkReq WHERE user_id=$id AND req_id>0"; $rez=mysql_query($sql); $sqlNewObjUser = "SELECT * FROM users WHERE id=$newWhoWorkObj"; $rezNewObjUser = mysql_query($sqlNewObjUser); $newObjUser = mysql_fetch_assoc($rezNewObjUser); $phone = $newObjUser['phone']; $num_search = User::num_search($newObjUser['phone']); $sobstv = trim($newObjUser['last_name'] . ' ' . $newObjUser['first_name'] . ' ' . $newObjUser['middle_name']); if ($newObjUser['agency'] == 0) { $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]"; $rez=mysql_query($sql); $manager = mysql_fetch_assoc($rez); if($manager['id_manager']) { $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); } else { $agency = $manager; } if ($agency) { $sobstv = $sobstv . ", агентство " . $agency['agency_name']; } } $webHookIn = new WebHookIn(null, $userDel->agencyId); $is_send_webhook = $webHookIn->check_hook('object_update', 'object'); if($is_send_webhook){ $webHookIn->save_webhook_cron_many($_SESSION['id'], $id, $newWhoWorkObj); } $dataWhook = array('action'=>'employee_delete', 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$userDel->agencyId); $webHookIn->check_send($dataWhook); // перенос всех объектов $sql = "UPDATE objects SET is_main = 0, id_add_user=$newWhoWorkObj, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$id"; $rez = mysql_query($sql); //Запись переноса в сфинкс $db_sphinx = new MysqlPdo(hstsph2, null, null, null, true, '9306'); $sql = "UPDATE objects SET id_add_user=$newWhoWorkObj, phone_search = '$num_search' WHERE id_add_user=$id"; $db_sphinx->query($sql,true); // перенос Зипал $sql = "UPDATE zipal_objects SET user_id=$newWhoWorkObj, send_to_update=1 WHERE object_id in (SELECT id from objects where id_add_user=$id)"; mysql_query($sql); $sqlPack = "UPDATE advertising_package_object_publish SET send_to_update = '1', error_when_send_to_update = '' WHERE object_id in (SELECT id from objects where id_add_user=$id)"; mysql_query($sqlPack); // в передаче объектов затираем передачи, которые адресованы удаляемому пользователю $sql = "UPDATE objects_to_send SET accept_state='REJECTED', accept_date=NOW() WHERE new_user_id=$id"; mysql_query($sql); // переносим комменты $sqlObjN = "UPDATE object_notes SET created_by=$newWhoWorkObj WHERE created_by=$id"; mysql_query($sqlObjN); //удаляем из чата и данные в таблице настроек RocketChat::deleteChatUser($id); $sql="DELETE FROM chat_settings_user WHERE user_id=$id"; $rez=mysql_query($sql); } public static function num_search($num) { $num_search = str_replace("+", "", $num); $num_search = str_replace("(", "", $num_search); $num_search = str_replace(")", "", $num_search); $num_search = str_replace(" ", "", $num_search); $num_search = str_replace("-", "", $num_search); $num_search = trim($num_search); if (mb_strlen($num_search) > 7) $num_search = mb_substr($num_search, 1); return $num_search; } public function checkPermissions($userID = false, $useRedirect = true) { if ($userID === false && isset($_SESSION['id'])) { $userId = $_SESSION['id']; } else if (isset($userID)) { $userId = $userID; } else { if ($useRedirect) $this->quit("ИД пользователя не указан", $useRedirect); else return ['error' => "ИД пользователя не указан"]; } $sql = "SELECT users.*, online.ip, online.user_agent FROM users,online WHERE users.id=online.id_user AND users.id=$userId"; $rez = mysql_query($sql); $users = mysql_fetch_assoc($rez); if ($useRedirect && !$users) $this->quit("Пользователь не авторизован", $useRedirect); else if (!$users) return ['error' => "Пользователь не авторизован"]; if ($useRedirect && $users['blocked']) $this->quit("Ваш аккаунт заблокирован", $useRedirect); else if ($users['blocked']) return ['error' => "Ваш аккаунт заблокирован"]; /*if ($users['ip'] != $_SERVER['REMOTE_ADDR'] || $users['user_agent'] != $_SERVER['HTTP_USER_AGENT']) { if ($useRedirect) $this->quit("Сессия завершена. Авторизуйтесь заново. Если проблема повторяется, возможно ваш аккаунт используется другим человеком.", $useRedirect); else return ['error' => "Сессия завершена. Авторизуйтесь заново. Если проблема повторяется, возможно ваш аккаунт используется другим человеком."]; }*/ $tarif = new \Tarif; $this->agencyId = $userId; $this->show_zipal_balance = $users['show_zipal_balance']; $this->zipal_balance = $users['zipal_balance']; $this->agencyEgrnRequestCount = 0; $this->agencyAntiznakRequestCount = 0; $this->agencyEnableWazzap = $users['enable_wazzap']; $departmentClass = new Department; $departmentUser = $departmentClass->getDepartment($userId); $payForTariff = false; if ($users['id_manager']) { $id_menager = $users['id_manager']; if ($departmentUser['role'] == 'manager_office_menager' || $departmentUser['role'] == 'agent') { if ($departmentUser['admin'] > 0) { $id_menager = $departmentUser['admin']; } } $agency = new User; $agency->get($id_menager); if ($agency->id_manager) { $agency->get($agency->id_manager); if ($agency->id_manager) { $agency->get($agency->id_manager); } } $id_tarif = $agency->id_tarif; $this->agencyId = $agency->id; $this->agencyZipalLogin = $agency->zipal_login; $this->agencyZipalPassword = $agency->zipal_password; $this->agencyZipalBalance = $agency->zipal_balance; $this->agencyEgrnRequestCount = $agency->egrn_request_count; $this->agencyAntiznakRequestCount = $agency->antiznak_request_count; $this->agencyEnableWazzap = $agency->enable_wazzap; $date_tarif = $agency->date_tarif; if ($agency->date_reg < $agency->date_tarif) { $payForTariff = true; } if ($userID === false) $_SESSION['photo'] = $agency->photo; } else { $id_tarif = $users['id_tarif']; $date_tarif = $users['date_tarif']; $_SESSION['photo'] = $users['photo']; if ($users['date_reg'] < $users['date_tarif']) { $payForTariff = true; } } $tarif->get($id_tarif); $date_tarif = strtotime($date_tarif); $date_end = $date_tarif + $tarif->period * 3600 * 24; $date_end_f = date("d.m.Y H:i", $date_end); $dney = ceil(($date_end - time()) / 24 / 3600); if ($dney <= 0) { $_SESSION['pay'] = 1; $_SESSION['paidEnded'] = 0; if ($payForTariff) { $_SESSION['paidEnded'] = 1; } if ($users['agency']) $new_id_tarif = 67; else $new_id_tarif = 66; if ($id_tarif == 5 || $id_tarif == 7) { $new_tarif = new Tarif; $new_tarif->get($new_id_tarif); $one_day_plus = $new_tarif->period + 1; mysql_query("UPDATE users SET test_tarif=1, date_tarif= DATE_SUB(NOW(), INTERVAL $one_day_plus DAY), id_tarif=$new_id_tarif WHERE id=$_SESSION[id]"); } } else { $_SESSION['pay'] = 0; $_SESSION['paidEnded'] = 0; } $_SESSION['fio'] = trim($users['last_name'] . ' ' . $users['first_name'] . ' ' . $users['middle_name']); $_SESSION['first_name'] = $users['first_name']; $_SESSION['last_name'] = $users['last_name']; $_SESSION['middle_name'] = $users['middle_name']; $_SESSION['phone'] = $users['phone']; $_SESSION['email'] = $users['email']; if ($users['superadmin']) { // Админ $_SESSION['superadmin'] = 1; } else { $_SESSION['superadmin'] = 0; } if ($users['manager']) { // менеджер $this->manager = $_SESSION['manager'] = 1; } else { if ($departmentUser['role'] == 'manager_office' || $departmentUser['role'] == 'manager_office_menager') { $this->manager = $_SESSION['manager'] = 1; } else { $this->manager = $_SESSION['manager'] = 0; } } if ($users['id_manager'] == 0 && $users['agency'] == 0) { // частник $this->individual = $_SESSION['individual'] = 1; } else { $this->individual = $_SESSION['individual'] = 0; } if ($users['agent']) { // агент $this->agent = $_SESSION['agent'] = 1; } else { $this->agent = $_SESSION['agent'] = 0; } if ($users['agency']) { // агентство $this->agency = $_SESSION['agency'] = 1; $this->agencyName = $_SESSION['agency_name'] = $users['agency_name']; } else { $this->agency = $_SESSION['agency'] = 0; $this->agencyName = $_SESSION['agency_name'] = null; } if ($users['role_developer']) { // застройщик $this->role_developer = $_SESSION['role_developer'] = 1; } else { $this->role_developer = $_SESSION['role_developer'] = 0; } // пользователь, который может управлять другими if ($users['users_admin']) { $_SESSION['users_admin'] = 1; } else { $_SESSION['users_admin'] = 0; } //Предмодерация рекламы по объектам $_SESSION['use_advert_moderation'] = 0; $q_moderation = mysql_query("SELECT * FROM advert_moderation_agency WHERE agency_id = {$this->agencyId}"); if(mysql_num_rows($q_moderation) > 0){ $_SESSION['use_advert_moderation'] = 1; } // Рекламный бюджет и ограничение публикации $_SESSION['use_advert_budget'] = 0; if (!$this->agency) { $sql = "SELECT use_advert_budget FROM users WHERE id=$this->agencyId"; if ($rez = mysql_query($sql)) { $row = mysql_fetch_assoc($rez); $_SESSION['use_advert_budget'] = $row['use_advert_budget']; } } if ($this->use_advert_budget) { $_SESSION['use_advert_budget'] = 1; } $sessionTime = 86400; $this->region = $users['region_rf_id']; $this->id = $_SESSION['id'] = $users['id']; $this->id_manager = $_SESSION['id_manager'] = $users['id_manager']; $this->agency_id = $_SESSION['agency_id'] = self::getUserAgencyID(); setcookie('user_id', $_SESSION['id'], time() + 360, "/"); setcookie('agency_id', $_SESSION['agency_id'], time() + 360, "/"); setcookie('id_manager', $_SESSION['id_manager'], time() + 360, "/"); setcookie('is_agency', $_SESSION['agency'], time() + 360, "/"); setcookie('is_manager', $_SESSION['manager'], time() + 360, "/"); setcookie('is_users_admin', $_SESSION['users_admin'], time() + 360, "/"); setcookie('is_agent', $_SESSION['agent'], time() + 360, "/"); setcookie('PHPSESSID_EXPIRATION', $sessionTime + time(), time() + 360, "/"); $this->_user_can['autosearch'] = true; $this->_user_can['object-fields'] = boolval($this->agency || $this->manager || $this->users_admin); //$this->_user_can['advert-stats'] = boolval($this->agency || $this->users_admin); $this->_user_can['advert-stats'] = true; $_SESSION['user_can'] = $this->_user_can; setcookie('user_can', json_encode($_SESSION['user_can']), time() + 360, "/"); } public function checkMenuPermissions($permissionName = null) { $userId = $_SESSION['id']; $sql_d = "SELECT * FROM `user_permissions` WHERE `user_id` = ".$userId; if ($permissionName) { $sql_d .= " AND {$permissionName} = 1"; } $result = mysql_query($sql_d); return mysql_fetch_assoc($result); } public function check_sms($post, $pwd = false, $use_redirect = true) { if ($_SESSION['sms'] == $post['sms'] || $pwd) { $sql = "SELECT * FROM `users` WHERE `phone`='+{$post['phone']}'"; if (!$rez = mysql_query($sql)) $msg = mysqli_error(); if (mysql_num_rows($rez)) { $users = mysql_fetch_assoc($rez); if ($pwd && md5($post['pwd'] . SALT) != $users['pwd']) { if ($use_redirect) return "Неверный пароль"; else return [ 'success' => false, 'message' => "Неверный пароль", ]; } if ($users['moder']) { if (!$users['blocked']) { $this->agency_id = self::getUserAgencyID($users['id']); $sql_enable = "SELECT * FROM auth_enable_ip WHERE id_agency = {$this->agency_id}"; $q_enable = mysql_query($sql_enable); //если есть строки в таблице, значит есть ограничение по IP if(mysql_num_rows($q_enable) > 0) { $ipEnabled = false; while ($ip = mysql_fetch_assoc($q_enable)) { if ($ip['ip'] == $_SERVER['REMOTE_ADDR']) { $ipEnabled = true; } } if (!$ipEnabled) { //проверяем разрешение на фход с любого IP $sql_select_permissions = "SELECT allow_any_ip FROM user_permissions WHERE user_id=$users[id]"; $permissions_result = mysql_query($sql_select_permissions); if (mysql_num_rows($permissions_result) > 0) { $r_u = mysql_fetch_assoc($permissions_result); $allowAnyIp = $r_u["allow_any_ip"]; if ($allowAnyIp) { $ipEnabled = true; } } } if (!$ipEnabled) { if ($use_redirect) return "Вход с вашим IP адресом запрещен"; else return [ 'success' => false, 'message' => "Вход с вашим IP адресом запрещен", ]; } } // регенерация ИД сессии для установки новых кук $sessionTime = 86400; session_set_cookie_params($sessionTime); session_regenerate_id(false); $_SESSION['agency_id'] = $this->agency_id; $_SESSION['fio'] = trim($users['last_name'] . ' ' . $users['first_name'] . ' ' . $users['middle_name']); $_SESSION['phone'] = $users['phone']; $_SESSION['id'] = $users['id']; $_SESSION['email'] = $users['email']; if ($users['manager']) $this->manager = $_SESSION['manager'] = 1; else $this->manager = $_SESSION['manager'] = 0; if ($users['id_manager'] == 0) $this->individual = $_SESSION['individual'] = 1; // частник else $this->individual = $_SESSION['individual'] = 0; if ($users['agent']) $this->agent = $_SESSION['agent'] = 1; else $this->agent = $_SESSION['agent'] = 0; if ($users['agency']) $this->agency = $_SESSION['agency'] = 1; else $this->agency = $_SESSION['agency'] = 0; //пользователь, который может управлять другими if ($users['users_admin']) $_SESSION['users_admin'] = 1; else $_SESSION['users_admin'] = 0; $this->id = $_SESSION['id'] = $users['id']; mysql_query("UPDATE users SET last_auth=NOW() WHERE id=$users[id]"); mysql_query("DELETE FROM online WHERE id_user=$users[id]"); mysql_query("INSERT INTO online(id_user, last_activity, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')"); mysql_query("INSERT INTO auth_log(id_user, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')"); if ($users['superadmin']) { $_SESSION['superadmin'] = 1; if ($use_redirect) header("location:/admin/index.php"); else return [ 'success' => true ]; } else { $agenciesHaveAccessToNewComplexes = [4, 5261, 12028, 12061, 17328, 11325, 13735, 19093, 16378, 19467, 20197, 19909, 19646]; $user_id = $_SESSION['id']; $check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $user_id"; $check_permissions_result = mysql_query($check_permissions_sql); if (!$check_permissions_result || mysql_num_rows($check_permissions_result) == 0) { $permissions = [ $user_id, 1, 1, 1, // menu_office, menu_search, menu_objects 0, 0, // menu_all_objects, menu_all_objects_edit 0, // menu_ads 1, 0, 0, 0, // menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export 1, 0, 0, 0, // menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export 0, 1, 1, // menu_partners, menu_docs, menu_settings 0, // menu_complexes (по умолчанию отключено) 1, 0, // menu_can_transfer_to_common (по умолчанию включено), menu_can_take_from_closed (по умолчанию отключено) 0, // menu_can_transfer_closed_to_others (может передавать закрытые заявки другим сотрудникам) ]; $is_admin = !empty($users['users_admin']); $in_agency_list = in_array($user_id, $agenciesHaveAccessToNewComplexes); $is_agent = $users['agent'] == '1' && $users['agency'] != '1' && $users['manager'] != '1' && $users['id_manager'] == 0; $is_supervisor = $users['agency'] == '1' && $users['manager'] == '1'; $is_developer = $users['role_developer'] == '1'; $default_can_transfer_to_common = 1; if ($this->agency_id == 19895) { $default_can_transfer_to_common = 0; } $default_cannot_create_req_manually = 0; if ($this->agency_id == 19895) { $default_cannot_create_req_manually = 1; } // Если admin или частный агент или руководитель и в списке с комплексами if ( ($is_admin && $in_agency_list) || ($is_agent && $in_agency_list) || ($is_supervisor && $in_agency_list) || ($is_developer) ) { $permissions = [ $user_id, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // комплексы включены $default_can_transfer_to_common, 1, 1, $default_cannot_create_req_manually ]; } // Если просто admin или частный агент или руководитель elseif ($is_admin || $is_agent || $is_supervisor ) { $permissions = [ $user_id, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, // комплексы выключены $default_can_transfer_to_common, 1, 1, $default_cannot_create_req_manually ]; } $values_str = implode(',', $permissions); $insert_sql = "INSERT INTO user_permissions (user_id, menu_office, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit, menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export, menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export, menu_partners, menu_docs, menu_settings, menu_complexes, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others, cannot_create_req_manually) VALUES ($values_str)"; mysql_query($insert_sql); } $_SESSION['superadmin'] = 0; $first_page_query = "SELECT jp.page_url FROM users JOIN jw_pages jp ON users.jw_page_id = jp.id WHERE users.id = " . $_SESSION['id']; $first_page_result = mysql_query($first_page_query); $first_page = mysql_fetch_assoc($first_page_result); $redirect_page = !empty($first_page['page_url']) ? $first_page['page_url'] : "/sale.php"; if ($use_redirect) if ($redirect_page) { header("location:$redirect_page"); } else { header("location:/sale.php"); } else return [ 'success' => true ]; } } else $msg = "Аккаунт заблокирован!"; } else $msg = "Аккаунт ещё не подтверждён."; } else $msg = "Этот номер телефона не зарегистрирован в JoyWork."; } else $msg = "Неверный код подтверждения!"; if ($use_redirect) return $msg; else return [ 'success' => false, 'message' => $msg, ]; } public function auth($post) { $msg = 0; if(!empty($post['phone'])) { $phone = $post['phone']; $sql = "SELECT * FROM users WHERE phone = '{$phone}'"; $rez = mysql_query($sql); if (mysql_num_rows($rez)) { $users = mysql_fetch_assoc($rez); if ($users['moder']) { if (!$users['blocked']) { $PHP_SELF = $_SERVER['PHP_SELF']; if ($users['is_pwd']) { header("location:$PHP_SELF?phone2=$phone"); } else { require_once($_SERVER['DOCUMENT_ROOT']."/engine/mobilGroupApi.php"); $_SESSION['sms'] = $code_sms = ok_code($phone); $r = sendCode($phone, $code_sms); if ($r[1] > 0) { header("location:$PHP_SELF?phone=$phone"); } else { $msg = "Робот не может дозвониться по номеру $phone. Проверьте корректность номера или попробуйте выполнить вход позже."; mailClient("ellada-an@mail.ru","Робот не может дозвониться по номеру ".$_SERVER['SERVER_NAME'], "Ответ сервера: $r[0]"); } } } else $msg = "Аккаунт заблокирован!"; } else $msg="Аккаунт ещё не подтверждён."; } else $msg="Этот номер телефона не зарегистрирован в JoyWork"; } else $msg="Не заполнены поля формы!"; return $msg; } public function destroy_session() { $_SESSION = array(); // If it's desired to kill the session, also delete the session cookie. // Note: This will destroy the session, and not just the session data! if (ini_get("session.use_cookies")) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"] ); } session_destroy(); } public function quit($msg = "", $useRedirect = true) { $this->destroy_session(); $this->id = false; $this->manager = false; $this->agent = false; if ($useRedirect) header("location:/index.php?msg=$msg"); } public function reg($post) { $post_data = http_build_query( array( 'secret' => '6Le30z8UAAAAALHfN7ZJoLcA5sPUZYmfwC1teREV', 'response' => $post['g-recaptcha-response'], 'remoteip' => $_SERVER['REMOTE_ADDR'] ) ); $opts = array('http' => array( 'method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $post_data ) ); $context = stream_context_create($opts); $response = file_get_contents('https://www.google.com/recaptcha/api/siteverify', false, $context); $result = json_decode($response); /*if (!$result->success) { $msg_user = "Проверка капчи не пройдена. "; } else {*/ if (!empty($post['email'])) { if (!empty($post['phone'])) { if(!empty($post['region']) && $post['region'] > 0){ if (substr($post['phone'], 0, 2) !== "+7") { return "Телефон должен начинаться с +7"; } $sql = "SELECT * FROM users WHERE phone='$post[phone]'"; $rez = mysql_query($sql); if (!empty($post['last_name']) || !empty($post['first_name'])) { if (mysql_num_rows($rez) == 0) { $msg_user = ""; $agent = 0; $agency = 0; $developer = 0; $adMenuVisible = 0; $manager = 0; // ставим всем нормальный тариф сразу if ($post['type'] == 1) { $agency = 1; $manager = 1; $agent = 1; $tarif = 67; $adMenuVisible = 1; } else if ($post['type'] == 3) { $developer = 1; $agent = 0; $agency = 0; $manager = 1; $tarif = 107; } else { $agent = 1; $tarif = 97; } $new_tarif = new Tarif; $new_tarif->get($tarif); $one_day_plus = $new_tarif->period + 1; if (empty($post['fio'])) $post['fio'] = trim(($post['last_name'] . " " . $post['first_name'] . " " . $post['middle_name'])); try { $sql = "INSERT INTO users ( `fio`, `region_rf_id`, `email`, `phone`, `agency_name`, `first_name`, `last_name`, `middle_name`, `agency`, `agent`, `manager`, `moder`, `date_reg`, `show_all_objects_page`, `id_tarif`, `date_tarif`, `role_developer` ) VALUES ( '$post[fio]', '$post[region]', '" . trim($post['email']) . "', '$post[phone]', '$post[agency_name]', '$post[first_name]', '$post[last_name]', '$post[middle_name]', '$agency', '$agent', '$manager', '1', NOW(), '$adMenuVisible', '$tarif', DATE_SUB(NOW(),INTERVAL $one_day_plus DAY), $developer )"; mysql_query($sql); $user_id = mysql_insert_id(); mysql_query("UPDATE users SET company_id = $user_id WHERE id = $user_id"); // письмо с шаблоном /* $f1 = file("https://joywork.ru/template_mail/afterreg.html"); $text = implode("", $f1); mailClient($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text); mailClientFromJoywork("service@joywork.ru", "Новый пользователь на сайте JoyWork", "Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']); mailClientFromJoywork("iganus@joywork.ru", "Новый пользователь на сайте JoyWork", "Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']); */ $agency_or_developer = $agency ? $agency : $developer; $funnel = 0; $fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); $name_agent = ''; if($agency_or_developer){ if ($developer) { mysql_query( "INSERT INTO `user_permissions` ( user_id, menu_office, menu_complexes, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit, menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export, menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export, menu_docs, menu_settings, menu_partners, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others ) VALUES ( $user_id, 1, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, ) " ); } $funnel = 118; $name_agent = $post['agency_name']; } else { $funnel = 1141; $name_agent = $fio_jw; } //$fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); $sql_jw = "INSERT INTO clients SET phone='{$post['phone']}', ". "fio = '{$name_agent}', email = '{$post['email']}', ". "opis='{$fio_jw}', ". "id_agent = 4, who_work = 0, ". "date_add = NOW(), stage=1, confirm=0, funnel_id={$funnel}, `developer` = $developer"; if(mysql_query($sql_jw)){ $id_cl = mysql_insert_id(); $cl = new Clients(); $cl->get_class_etap($id_cl, $funnel); $reg = mysql_fetch_assoc(mysql_query("SELECT name FROM rf_regions WHERE id=$post[region]")); $actyvites = mysql_fetch_assoc(mysql_query("SELECT id FROM activities WHERE user_id=4 AND name='".$reg['name']."'")); if(isset($actyvites['id'])){ mysql_query("INSERT INTO clients_activities (activity_id, client_id) VALUES ({$actyvites['id']}, {$id_cl})"); } $comment = "Новый пользователь - " . ($agency_or_developer ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']; $newTime = date("Y-m-d H:i:s", strtotime('+30 minutes')); $sql_in_ev = "INSERT INTO user_client_events (user_id, client_id, create_date, schedule_date, `type`, comment, calendar_view, from_id) ". "VALUES (4, {$id_cl}, '".date('Y-m-d H:i:s')."', '".$newTime."', 'call', '".$comment."', 0, 4)"; mysql_query($sql_in_ev); } require_once($_SERVER['DOCUMENT_ROOT'] . "/engine/mobilGroupApi.php"); $_SESSION['sms'] = $code_sms = ok_code($post["phone"]); $r = sendCode($post["phone"], $code_sms); $phone = $post['phone']; if ($r[1] > 0) { header("location:index.php?phone=$phone"); } else { $msg_user = "Робот не может дозвониться по номеру $phone. Проверьте корректность номера или попробуйте выполнить вход позже."; mailClient("ellada-an@mail.ru", "Робот не может дозвониться по номеру " . $_SERVER['SERVER_NAME'], "Ответ сервера: $r[0]"); } } catch (Exception $e) { $msg_user .= "Выброшено исключение: " . $e->getMessage(); } $this->get($user_id); $this->getNewUserPackages(); $status_text = "\nагент. ФИО: "; if ($agency) { $status_text = "агентство $post[agency_name]. "; } else if ($developer) { $status_text = "\nзастройщик. $post[agency_name] ФИО: "; } $text_reg = ""; $text_reg .= "Новый пользователь на сайте JoyWork"; $text_reg .= "\nЗарегистрирован новый пользователь - " . ($status_text . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "\nEmail: " . $post['email'] . ".\nТелефон: " . $post['phone']; $tel = new Telegram(false); $max = new MaxClass(); $chatId = 255183898; try{ $tel->send($text_reg, $chatId); } catch (Exception $e) { //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage(); } $max_user_id = 125565439; try{ $max->send_messages_to_user($max_user_id, $text_reg); } catch (Exception $e){} $chatId = 1313658538; try{ $tel->send($text_reg, $chatId); } catch (Exception $e) { //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage(); } $max_user_id = 238784061; try{ $max->send_messages_to_user($max_user_id, $text_reg); } catch (Exception $e){} $chatId = 161649599; try{ $tel->send($text_reg, $chatId); } catch (Exception $e) { //$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage(); } } else $msg_user = "Пользователь с таким номером телефона уже существует."; } else $msg_user = "Не указана Фамилия и/или Имя пользователя."; } else $msg_user = "Не указан регион"; } else $msg_user = "Не указан номер телефона."; } else $msg_user = "Не указан адрес электронной почты."; //} return $msg_user; } public function remind_pass($post) { $msg = 0; if(!empty($post['email'])) // проверяем обязательные поля { $sql="SELECT * FROM users WHERE email='$post[email]'"; $rez=mysql_query($sql); if(mysql_num_rows($rez)) { $users=mysql_fetch_array($rez); $pwd = generatePass(); $pwd_enc = md5($pwd.SALT); $sql = "UPDATE users SET pwd='$pwd_enc' WHERE id=$users[id]"; mysql_query($sql); mailClient($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],"Ваш новый пароль: $pwd"); header("location:remind_pass.php?success=1"); } else $msg="Неверный адрес почты!"; } else $msg="Не заполнены поля формы!"; return $msg; } public function change_pwd($post) { $msg = 0; if(!empty($post['pwd']) and !empty($post['old_pwd']) and !empty($post['pwd2'])) { $sql="SELECT * FROM users WHERE id='$_SESSION[id]'"; $rez=mysql_query($sql); if($users=mysql_fetch_assoc($rez)) { if(md5($post['old_pwd'].SALT)==$users['pwd']) { if($post['pwd']==$post['pwd2']) { $pwd = md5($post['pwd'].SALT); $sql = "UPDATE users SET pwd='$pwd' WHERE id=$_SESSION[id]"; mysql_query($sql); $f1=file("https://joywork.ru/template_mail/changepassword.html"); $text = implode("",$f1); $text = str_replace("<%login%>", $users['phone'], $text); $text = str_replace("<%pass%>", $post['pwd'], $text); mailClientFromJoywork($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],$text); header("location:settings.php?success=ok"); } else $msg="Пароль и подтверждение пароля не совпадают!"; } else $msg="Неверный пароль!"; } else $msg="Пользователь не существует!"; } else $msg="Не заполнены поля формы!"; return $msg; } public function edit($post) { $postf=clearInputData($_POST); $postf['txt'] = strip_tags(mysql_real_escape_string($post['txt'])); $post['agency_name'] = htmlspecialchars($post['agency_name']); $post['first_name'] = htmlspecialchars($post['first_name']); $post['last_name'] = htmlspecialchars($post['last_name']); $post['middle_name'] = htmlspecialchars($post['middle_name']); $post['is_dispatcher'] = 0; if(isset($post['vpbx_id'])){ if($post['vpbx_id'] == $post['phone']){ $post['is_dispatcher'] = 1; } } else { $post['vpbx_id'] = ""; } $this->edit_api_ids($post, $_SESSION['id']); $gmtmsk = 0; if(isset($post['utc_edit'])){ $gmtmsk = $post['utc_edit'] - 3; } if ($_SESSION['individual'] == 1) { $sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', txt='$postf[txt]', email='".trim($post['email'])."', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]"; } else { $sql = "SELECT * FROM users WHERE phone='$post[phone]' and id <> $_SESSION[id]"; $rez = mysql_query($sql); if (mysql_num_rows($rez) > 0) { return "Пользователь с таким номером телефона уже существует."; } else { $sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', phone='$post[phone]', phone2='$post[phone2_user]', txt='$postf[txt]', email='" . trim($post['email']) . "', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]"; } if($post['all_update_utc']){ $agency_id = $this->getAgencyIdForUser($_SESSION['id']); $usersIds[] = $agency_id; $sql_users = "SELECT id FROM users WHERE id in (select id from users where id=$agency_id or id_manager=$agency_id or id_manager in (select id from users where id_manager=$agency_id or id_manager in (select id from users where id_manager=$agency_id)))"; $q_users = mysql_query($sql_users); while($r_users = mysql_fetch_assoc($q_users)){ $usersIds[] = (int)$r_users['id']; } if(!empty($usersIds)) { $sqlAll = "UPDATE users SET gmtmsk = '$gmtmsk' WHERE id in (".implode(',',$usersIds).")"; } } } if (mysql_query($sql)) { if(isset($sqlAll)){ mysql_query($sqlAll); } $sqlNewObjUser = "SELECT * FROM users WHERE id=$_SESSION[id]"; $rezNewObjUser = mysql_query($sqlNewObjUser); $newObjUser = mysql_fetch_assoc($rezNewObjUser); $sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); if ($newObjUser['agency'] == 0) { $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]"; $rez=mysql_query($sql); $manager = mysql_fetch_assoc($rez); if ($manager['id_manager']) { $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); } else { $agency = $manager; } if ($agency) { $sobstv = $sobstv . ", агентство " . $agency['agency_name']; } } if ($_SESSION['agency']) { if (!isset($post['on_agency_any_ip'])) { $post['on_agency_any_ip'] = 0; } $check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $_SESSION[id]"; $check_permissions_result = mysql_query($check_permissions_sql); if (mysql_num_rows($check_permissions_result) > 0) { $sql_update_permissions = "UPDATE user_permissions SET allow_any_ip = '$post[on_agency_any_ip]' WHERE user_id=$_SESSION[id]"; mysql_query($sql_update_permissions); } else { $permissions = [ $_SESSION['id'], 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, // комплексы выключены 1, 1, 1, $post['on_agency_any_ip'] ? 1 : 0 ]; $values_str = implode(',', $permissions); $insert_sql = "INSERT INTO user_permissions (user_id, menu_office, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit, menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export, menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export, menu_partners, menu_docs, menu_settings, menu_complexes, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others, allow_any_ip) VALUES ($values_str)"; mysql_query($insert_sql); } } //обновляем объекты пользователя $phone = $post['phone']; $sqlUpdateObj = "UPDATE objects SET is_main = 0, phone = '$phone', sobstv = '$sobstv' WHERE id_add_user=$_SESSION[id]"; mysql_query($sqlUpdateObj); $_SESSION['fio'] = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); $_SESSION['agency_name'] = $post['agency_name']; $_SESSION['first_name'] = $post['first_name']; $_SESSION['last_name'] = $post['last_name']; $_SESSION['middle_name'] = $post['middle_name']; } header("location:settings.php?success2=ok"); } public function edit_api_ids($post, $user_id) { $id=0; $sql = "SELECT * FROM user_api_keys WHERE user_id = {$user_id}"; $q = mysql_query($sql); if(mysql_num_rows($q) == 0){ $id = $this->gen_token($user_id); } else { $apis = mysql_fetch_assoc($q); $id = $apis['id']; } if($id > 0){ $cian_id = (int)$post['cian_id']; $avito_id = (int)str_replace(' ', '', $post['avito_id']); $is_all_cian = 0; if($post['is_all_cian']){ $is_all_cian = (int)$post['is_all_cian']; } $is_all_avito = 0; if($post['is_all_avito']){ $is_all_avito = (int)$post['is_all_avito']; } $is_id_object = 0; if($post['is_id_object']){ $is_id_object = (int)$post['is_id_object']; } $is_id_object_cian = 0; if($post['is_id_object_cian']){ $is_id_object_cian = (int)$post['is_id_object_cian']; } $sql_up = "UPDATE user_api_keys SET cian_id = {$cian_id}, avito_id = {$avito_id}, is_all_cian={$is_all_cian}, is_all_avito={$is_all_avito}, is_id_object={$is_id_object}, is_id_object_cian={$is_id_object_cian} WHERE id = {$id}"; mysql_query($sql_up); } } public function edit_vk($postUi) { $post=clearInputData($postUi); $flag = isset($post['vkFromGroup']) ? 1 : 0; $sql = "UPDATE users SET vk_group_id='$post[vkGroup]', vk_post_as_group=$flag WHERE id=$_SESSION[id]"; mysql_query($sql); header("location:settings.php?success2=ok"); } public function edit_zipal($postUi) { $post=clearInputData($postUi); $sql = "UPDATE users SET zipal_login='$post[zipalLogin]', zipal_password='$post[zipalPass]' WHERE id=$_SESSION[id]"; mysql_query($sql); header("location:settings.php?success2=ok"); } public function edit_jcat($postUi) { $post=clearInputData($postUi); $sql = "UPDATE users SET jcat_api_key='$post[jcatApiKey]' WHERE id=$_SESSION[id]"; mysql_query($sql); header("location:settings.php?success2=ok"); } public function set_blocked($block, $id) { $id = (int)$id; $block = (int)$block; // Блокируем/разблокируем основного пользователя mysql_query("UPDATE users SET blocked = $block WHERE id = $id") or die("Ошибка обновления статуса: " . mysql_error()); // Получаем данные пользователя $result = mysql_query("SELECT * FROM users WHERE id = $id"); if (!$result) die("Ошибка запроса: " . mysql_error()); $user = mysql_fetch_assoc($result); if (!$user) die("Пользователь не найден"); $agencyId = self::getUserAgencyID($id); $action = ($block == 1) ? "employee_block" : "employee_unblock"; $dataWhook = array('action'=>$action, 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agencyId); $w_in = new WebHookIn(null, $agencyId); $w_in->check_send($dataWhook); // Если статус меняется на "разблокирован" и пользователь — агент (не менеджер) if ($block == 0 && !$user['manager']) { if ($agencyId) { mysql_query("UPDATE users SET id_manager = $agencyId WHERE id = $id") or die("Ошибка обновления id_manager: " . mysql_error()); } } // Определяем действие для уведомления $act = ($block == 1) ? "заблокирован" : "разблокирован"; // Если пользователь — менеджер, меняем статус всех подчиненных if ($user['manager']) { $queue = [$id]; // Очередь менеджеров для обработки $processed = []; // Уже обработанные ID (защита от циклов) while (!empty($queue)) { $current_manager_id = array_shift($queue); // Защита от зацикливания if (in_array($current_manager_id, $processed)) continue; $processed[] = $current_manager_id; // Находим всех подчиненных текущего менеджера $subordinates = mysql_query(" SELECT id, email, manager FROM users WHERE id_manager = $current_manager_id "); if (!$subordinates) { error_log("Ошибка SQL: " . mysql_error()); continue; } while ($subordinate = mysql_fetch_assoc($subordinates)) { // Меняем статус подчиненного mysql_query("UPDATE users SET blocked = $block WHERE id = {$subordinate['id']}"); // Отправляем уведомление if (!empty($subordinate['email'])) { mail( $subordinate['email'], "Аккаунт на сайте " . $_SERVER['SERVER_NAME'], "Ваш аккаунт заблокирован, так как ваш менеджер был заблокирован" ); } // Если подчиненный — тоже менеджер, добавляем его в очередь if ($subordinate['manager']) { $queue[] = $subordinate['id']; } } } } // Отправляем уведомление основному пользователю if (!empty($user['email'])) { mail( $user['email'], "Аккаунт на сайте " . $_SERVER['SERVER_NAME'], "Ваш аккаунт был $act" ); } return true; } /*public function set_moder($id,$mdb) { $sql="UPDATE users SET moder=1 WHERE id=$id"; mysql_query($sql,$mdb); $sql="SELECT * FROM users WHERE id=$id"; $rez=mysql_query($sql,$mdb); $users=mysql_fetch_assoc($rez); mailClient($users['email'],"Аккаунт на сайте ".$_SERVER['SERVER_NAME'],"Ваш аккаунт был подтверждён администратором ресурса. Вы можете начать пользоваться системой."); }*/ public function set_manager($id_mngr, $id_user) { $id_agency = $_SESSION['id']; $curUser = new User; $curUser->checkPermissions(); if ($_SESSION['users_admin']) { $id_agency = $curUser->agencyId; } if($id_mngr == 0) // делаем юзера менеджером { $sql = "UPDATE users SET manager=1, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id=$id_user"; mysql_query($sql); } elseif($id_mngr == -1) // разжаловать и сбросить всех агентов { $id_agency = $curUser->agencyId; $sql = "UPDATE users SET manager=0, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id_manager=$id_user OR id=$id_user"; mysql_query($sql); } else // установить агенту менеджера { $sql = "UPDATE users SET id_manager=$id_mngr, photo='$_SESSION[photo]' WHERE id=$id_user"; mysql_query($sql); } //return $this->getMyManagers(); } public function set_role($roleId, $userId, $depId){ $id_agency = $_SESSION['id']; $curUser = new User; $curUser->checkPermissions(); if ($_SESSION['users_admin']) { $id_agency = $curUser->agencyId; } $sql = "SELECT `id`, `role` FROM roles WHERE id = ".$roleId; $q = mysql_query($sql); $role = mysql_fetch_array($q); if($role['role'] == 'agent'){ $managerId = $id_agency; //Ищем менеджера отдела $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND (role = 'admin_department' or role = 'manager') order by role"; $q_a = mysql_query($sql_a); if(mysql_num_rows($q_a) > 0){ while($r_a = mysql_fetch_assoc($q_a)){ $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1"; $q_u = mysql_query($sql_u); if(mysql_num_rows($q_u) > 0){ $r_u = mysql_fetch_assoc($q_u); $managerId = (int)$r_u['id']; break; } } } //Делаем пользователя агентом отдела mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleId}, agent = 1, id_manager=$managerId, manager = 0 WHERE id = {$userId}"); //если пользователь был менеджером, то сбрасываем его пользователь к агенству mysql_query("UPDATE users SET id_manager = {$id_agency}, department_id = 0, role_id = 0 WHERE id_manager = {$userId}"); } else if($role['role'] == 'manager'){ //Поиск админа отдела $menager_id = $id_agency; //echo $menager_id; $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1"; $q_a = mysql_query($sql_a); if(mysql_num_rows($q_a) > 0){ $r_a = mysql_fetch_assoc($q_a); $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1"; //echo $sql_u; $q_u = mysql_query($sql_u); if(mysql_num_rows($q_u) > 0){ $r_u = mysql_fetch_assoc($q_u); $menager_id = (int)$r_u['id']; } } //Делаем пользователя менеджером отдела $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 1, id_manager = {$menager_id} WHERE id = {$userId}"; mysql_query($sql_up); //Делаем всех пользователей этого менеджера агентами отдела $sql = "SELECT `id` FROM roles WHERE department_id = {$depId} and role = 'agent'"; $q = mysql_query($sql); $roleBase = 0; if(mysql_num_rows($q) > 0){ $role = mysql_fetch_array($q); $roleBase = $role['id']; } mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleBase} WHERE id_manager = {$userId} and manager = 0"); //Делаем всех свободных сотрудников отдела агентами этого менеджера //mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND manager=0 AND (id_manager=0 or id_manager={$id_agency})");*/ } else if($role['role'] == 'user_admin'){ //Делаем пользователя псевдо руководителем mysql_query("UPDATE users SET users_admin = 1, department_id = {$depId}, role_id = {$roleId} WHERE id = {$userId}"); } else if($role['role'] == 'admin_department'){ mysql_query("UPDATE users SET department_id = {$depId}, manager = 1, id_manager = {$id_agency}, role_id = {$roleId} WHERE id = {$userId}"); //Переводим всех менеджеров и агентов отдела, привязанных к руководителю, к админу mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND id_manager = {$id_agency} AND id != {$userId}"); } else if($role['role'] == 'manager_office'){ //Поиск админа отдела $menager_id = $id_agency; //echo $menager_id; $sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1"; $q_a = mysql_query($sql_a); if(mysql_num_rows($q_a) > 0){ $r_a = mysql_fetch_assoc($q_a); $sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1"; //echo $sql_u; $q_u = mysql_query($sql_u); if(mysql_num_rows($q_u) > 0){ $r_u = mysql_fetch_assoc($q_u); $menager_id = (int)$r_u['id']; } } //Делаем пользователя офис менеджером отдела $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0, id_manager = {$menager_id} WHERE id = {$userId}"; mysql_query($sql_up); } else if($role['role'] == 'manager_office_menager'){ //Делаем пользователя офис менеджером наблюдателем отдела $sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0 WHERE id = {$userId}"; mysql_query($sql_up); } } public function getDepManagers($dep_id){ if (!$dep_id) return []; $res = array(); $sql = "SELECT * FROM users WHERE manager=1 AND department_id = {$dep_id}"; $q = mysql_query($sql); while($r = mysql_fetch_assoc($q)){ $res[] = $r; } return $res; } public function settings_email() { $this->get($_SESSION['id']); $post=clearInputData($_POST); $smtpSsl = $post['smtp_ssl']; $type = $post['type']; if ($type != 5) { $smtpSsl = "1"; } $sql = "UPDATE users SET smtp_from='$post[smtp_from]', smtp_fromname='$post[smtp_fromname]', smtp='$post[smtp]', smtp_ssl='$smtpSsl', smtp_port='$post[smtp_port]', smtp_lg='$post[smtp_lg]', smtp_pwd='$post[smtp_pwd]' WHERE id=$_SESSION[id]"; mysql_query($sql); $f1=file("https://joywork.ru/template_mail/changemailsettings.html"); $text = implode("",$f1); $try = checkMail($this->email, "Тестовое письмо", $text); if($try===true) $s=1; else $s=2; $sql = "UPDATE users SET smtp_check='$s' WHERE id=$_SESSION[id]"; mysql_query($sql); if($s == 2) return "Ошибка отправки тестового письма на почту ".$this->email.". Проверьте настройки.
$try
Для успешной настройки почты обратитесь в службу поддержки по тел. +7 812 981 56 17"; else header("location:settings.php?success3=$s"); } public function add_agent($get) { $msg_user = ''; if (!empty($get['email'])) { if(!empty($get['phone'])) { $sql = "SELECT * FROM users WHERE phone='$get[phone]'"; $rez = mysql_query($sql); if (mysql_num_rows($rez) == 0) { $sql="INSERT INTO users(fio, email, phone, agency_name, first_name, last_name, middle_name, agent, moder, date_reg, id_manager) VALUES('$get[fio]', '$get[email]', '$get[phone]', '$get[agency_name]', '$get[first_name]', '$get[last_name]', '$get[middle_name]', '1', '1', NOW(), '$_SESSION[id]')"; mysql_query($sql); mailClient($get['email'],"Регистрация на сайте ".$_SERVER['SERVER_NAME'],"Вы зарегистрированы на сайте ".$_SERVER['SERVER_NAME'].". Для входа используйте номер телефона $get[phone] и пароль в смс."); } else $msg_user="Агент с таким номером телефона уже существует!"; } else $msg_user="Не указан номер телефона!"; } else $msg_user="Не указан E-Mail!"; return $msg_user; } public function add_agent_with_password($post) { $msg_user = ''; if (!empty($post['email'])) { if (!empty($post['phone'])) { $sql = "SELECT * FROM users WHERE phone='$post[phone]'"; $rez = mysql_query($sql); if (mysql_num_rows($rez) == 0) { $id_agency = $_SESSION['id']; $curUser = new User; $curUser->checkPermissions(); if ($_SESSION['users_admin']) { $id_agency = $curUser->agencyId; } else{ $departmentClass = new Department; $departmentUser = $departmentClass->getDepartment($_SESSION['id']); if($departmentUser['role'] == 'manager_office'){ if($departmentUser['admin'] > 0){ $id_agency = $departmentUser['admin']; } } } $pwd = generatePass(); $pwd_enc = md5($pwd . SALT); if(isset($post['pass']) && ! empty(trim($post['pass']))){ $pwd = trim($post['pass']); $pwd_enc = md5($pwd . SALT); } if (isset($post['is_dispatcher']) && $post['is_dispatcher'] == 1) { $vpbx_id = $post['phone']; $is_dis = 1; } else { $is_dis = 0; if (!empty($post['vpbx_id'])) { $vpbx_id = $post['vpbx_id']; } else { $vpbx_id = ""; } } $role_developer = (int)($post['role_developer'] ? $post['role_developer'] : 0); $agency_name = ""; if (!empty($post['agency_name'])) $agency_name = $post['agency_name']; $last_name = ""; if (!empty($post['last_name'])) $last_name = $post['last_name']; $first_name = ""; if (!empty($post['first_name'])) $first_name = $post['first_name']; $middle_name = ""; if (!empty($post['middle_name'])) $middle_name = $post['middle_name']; $birthday = ""; if (!empty($post['birthday'])) $birthday = date("Y-m-d H:i:s", strtotime($post['birthday'])); // Определяем agency_id $company_id = self::getUserAgencyID($_SESSION['id']); $sql_company_id = is_numeric($company_id) && $company_id > 0 ? (int)$company_id : 'NULL'; $sql = "INSERT INTO users( fio, company_id, email, phone, phone2, agency_name, last_name, first_name, middle_name, txt, agent, moder, admin, superadmin, blocked, date_reg, id_manager, is_pwd, pwd, region_rf_id, is_dispatcher, birthday, vpbx_id, role_developer ) VALUES( '$post[fio]', $sql_company_id, '$post[email]', '$post[phone]', '$post[phone2]', '$agency_name', '$last_name', '$first_name', '$middle_name', '', '1', '1', '0', '0', '0', NOW(), '$id_agency', 1, '$pwd_enc', $curUser->region, $is_dis, '$birthday', '$vpbx_id', $role_developer )"; if (mysql_query($sql)) { $user_id = mysql_insert_id(); // Устанавливаем menu_can_transfer_to_common по умолчанию для Домрил $default_can_transfer_to_common = 1; if ($company_id == 19895) { $default_can_transfer_to_common = 0; } $default_cannot_create_req_manually = 0; if ($company_id == 19895) { $default_cannot_create_req_manually = 1; } // Базовые права по умолчанию $permissions = [ $user_id, 1, 1, 1, // menu_office, menu_search, menu_objects 0, 0, // menu_all_objects, menu_all_objects_edit 0, // menu_ads 1, 0, 0, 0, // menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export 1, 0, 0, 0, // menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export 0, 1, 1, // menu_partners, menu_docs, menu_settings 0, // menu_complexes (по умолчанию отключено) $default_can_transfer_to_common, 0, // menu_can_transfer_to_common, menu_can_take_from_closed 0, // menu_can_transfer_closed_to_others $default_cannot_create_req_manually ]; $values_str = implode(',', $permissions); $insert_sql = "INSERT INTO user_permissions (user_id, menu_office, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit, menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export, menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export, menu_partners, menu_docs, menu_settings, menu_complexes, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others, cannot_create_req_manually) VALUES ($values_str)"; mysql_query($insert_sql); $passport_date = "NULL"; if (!empty($post['passport_date'])) $passport_date = date("Y-m-d H:i:s", strtotime($post['passport_date'])); $wa_enabled = (int)$post['wa_enabled']; $sql2 = "INSERT INTO `users_info` ( user_id, passport_serial, passport_number, passport_date, passport_emited, passport_adress, adress_postal, soc_vk, soc_tg, soc_fb, soc_inst, soc_tw, soc_wa, wa_enabled ) VALUES ( '$user_id', '$post[passport_serial]', '$post[passport_number]', '$passport_date', '$post[passport_emited]', '$post[passport_adress]', '$post[adress_postal]', '$post[soc_vk]', '$post[soc_tg]', '$post[soc_fb]', '$post[soc_inst]', '$post[soc_tw]', '$post[soc_wa]', '$wa_enabled' )"; mysql_query($sql2); if (!($_FILES['avatar']['size'] == 0 && $_FILES['avatar']['error'] == 0)) { $curUser->setUserpic($user_id); } if (!($_FILES['files']['size'] == 0 && $_FILES['files']['error'] == 0)) { $curUser->uploadFiles($user_id); } $f1 = file("https://joywork.ru/template_mail/setpassword.html"); $text = implode("", $f1); $text = str_replace("<%login%>", $post['phone'], $text); $text = str_replace("<%pass%>", $pwd, $text); // mailClientFromJoywork($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text); if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) { $advert_budget_total = 0; if (isset($post['advert_budget_total'])) $advert_budget_total = (double)$post['advert_budget_total']; $advert_budget_personal = 0; if (isset($post['advert_budget_personal'])) $advert_budget_personal = $post['advert_budget_personal']; $advert_budget_avito = 0; if (isset($post['advert_budget_avito'])) $advert_budget_avito = (double)$post['advert_budget_avito']; $advert_budget_cian = 0; if (isset($post['advert_budget_cian'])) $advert_budget_cian = (double)$post['advert_budget_cian']; $advert_budget_domclick = 0; if (isset($post['advert_budget_domclick'])) $advert_budget_domclick = (double)$post['advert_budget_domclick']; $advert_budget_jcat = 0; if (isset($post['advert_budget_jcat'])) $advert_budget_jcat = (double)$post['advert_budget_jcat']; $advert_budget_yandex = 0; if (isset($post['advert_budget_yandex'])) $advert_budget_yandex = (double)$post['advert_budget_yandex']; $advert_budget_avito_unlimited = 0; if (isset($post['advert_budget_avito_unlimited'])) $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited']; $advert_budget_cian_unlimited = 0; if (isset($post['advert_budget_cian_unlimited'])) $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited']; $advert_budget_domclick_unlimited = 0; if (isset($post['advert_budget_domclick_unlimited'])) $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited']; $advert_budget_jcat_unlimited = 0; if (isset($post['advert_budget_jcat_unlimited'])) $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited']; $advert_budget_yandex_unlimited = 0; if (isset($post['advert_budget_yandex_unlimited'])) $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited']; $advert_budgets = new AdvertBudgets(); $advert_budgets->setAdvertBudget([ 'user_id' => $user_id, 'total' => $advert_budget_total, 'personal' => $advert_budget_personal, 'avito' => $advert_budget_avito, 'avito_unlimited' => $advert_budget_avito_unlimited, 'cian' => $advert_budget_cian, 'cian_unlimited' => $advert_budget_cian_unlimited, 'domclick' => $advert_budget_domclick, 'domclick_unlimited' => $advert_budget_domclick_unlimited, 'jcat' => $advert_budget_jcat, 'jcat_unlimited' => $advert_budget_jcat_unlimited, 'yandex' => $advert_budget_yandex, 'yandex_unlimited' => $advert_budget_yandex_unlimited, ]); } $dataWhook = array('action'=>'employee_create', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$sql_company_id); $w_in = new WebHookIn(null, $sql_company_id); $w_in->check_send($dataWhook); } else $msg_user = mysql_error() . "Произошла ошибка при добавлении пользователя!"; } else $msg_user = "Агент с таким номером телефона уже существует!"; } else $msg_user = "Не указан номер телефона!"; } else $msg_user = "Не указан E-Mail!"; return $msg_user; } public function edit_agent_password($post) { if(isset($post['new_password']) && !empty(trim($post['new_password']))){ $pwd = trim($post['new_password']); $pwd_enc = md5($pwd . SALT); $user_id = $post['user_id']; $sql = "UPDATE users SET pwd = '{$pwd_enc}', is_pwd=1 WHERE id = $user_id"; mysql_query($sql); return ["success" => true]; } } public function edit_agent_budget($post) { $user_id = (int)$post['ok_agent_id']; $msg_user = ''; if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) { $advert_budget_total = 0; if (isset($post['advert_budget_total'])) $advert_budget_total = (double)$post['advert_budget_total']; $advert_budget_personal = 0; if (isset($post['advert_budget_personal'])) $advert_budget_personal = $post['advert_budget_personal']; $advert_budget_avito = 0; if (isset($post['advert_budget_avito'])) $advert_budget_avito = (double)$post['advert_budget_avito']; $advert_budget_cian = 0; if (isset($post['advert_budget_cian'])) $advert_budget_cian = (double)$post['advert_budget_cian']; $advert_budget_domclick = 0; if (isset($post['advert_budget_domclick'])) $advert_budget_domclick = (double)$post['advert_budget_domclick']; $advert_budget_jcat = 0; if (isset($post['advert_budget_jcat'])) $advert_budget_jcat = (double)$post['advert_budget_jcat']; $advert_budget_yandex = 0; if (isset($post['advert_budget_yandex'])) $advert_budget_yandex = (double)$post['advert_budget_yandex']; $advert_budget_avito_unlimited = 0; if (isset($post['advert_budget_avito_unlimited'])) $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited']; $advert_budget_cian_unlimited = 0; if (isset($post['advert_budget_cian_unlimited'])) $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited']; $advert_budget_domclick_unlimited = 0; if (isset($post['advert_budget_domclick_unlimited'])) $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited']; $advert_budget_jcat_unlimited = 0; if (isset($post['advert_budget_jcat_unlimited'])) $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited']; $advert_budget_yandex_unlimited = 0; if (isset($post['advert_budget_yandex_unlimited'])) $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited']; $advert_do_not_reinit_monthly = 0; if (isset($post['do_not_reinit_monthly'])) $advert_do_not_reinit_monthly = (int)$post['do_not_reinit_monthly']; $advert_budgets_inst = new AdvertBudgets(); $advert_budget = $advert_budgets_inst->setAdvertBudget([ 'user_id' => $user_id, 'total' => $advert_budget_total, 'personal' => $advert_budget_personal, 'avito' => $advert_budget_avito, 'avito_unlimited' => $advert_budget_avito_unlimited, 'cian' => $advert_budget_cian, 'cian_unlimited' => $advert_budget_cian_unlimited, 'domclick' => $advert_budget_domclick, 'domclick_unlimited' => $advert_budget_domclick_unlimited, 'jcat' => $advert_budget_jcat, 'jcat_unlimited' => $advert_budget_jcat_unlimited, 'yandex' => $advert_budget_yandex, 'yandex_unlimited' => $advert_budget_yandex_unlimited, 'do_not_reinit_monthly' => $advert_do_not_reinit_monthly, ]); $data = [ 'id' => $user_id ]; if (!is_null($advert_budget)) { if ($advert_budget['success'] == true) { $data['advert_budget'] = [ 'total' => $advert_budget['total'], 'amount' => $advert_budget['amount'], 'balance' => $advert_budget['balance'], ]; } else { $msg_user = implode('
', $advert_budget['errors']); } } if (empty($msg_user)) { return $data; } } return ['error' => $msg_user]; } public function edit_agent($post) { $msg_user = ''; if (!empty($post['email'])) { if (!empty($post['phone'])) { if (!empty($post['last_name'])) { if (!empty($post['first_name'])) { $sql = "SELECT * FROM users WHERE phone='$post[phone]' AND id != $post[ok_agent_id]"; $rez = mysql_query($sql); if (mysql_num_rows($rez) == 0) { if (isset($post['is_dispatcher']) && $post['is_dispatcher'] == 1) { $vpbx_id = $post['phone']; $is_dis = 1; } else { $is_dis = 0; if (!empty($post['vpbx_id'])) { $vpbx_id = $post['vpbx_id']; } else { $vpbx_id = ""; } } if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){ $pwd = trim($post['pass-edit']); $pwd_enc = md5($pwd . SALT); } $advert_budget = null; $user_id = (int)$post['ok_agent_id']; $birthday = ""; if (!empty($post['birthday'])) $birthday = date("Y-m-d H:i:s", strtotime($post['birthday'])); $gmtmsk = 0; if(isset($post['utc-edit'])){ $gmtmsk = $post['utc-edit'] - 3; } $agency_id = self::getUserAgencyID($_SESSION['id']); $webHookIn = new WebHookIn(null, $agency_id); $is_send_webhook = $webHookIn->check_hook('employee_update', 'employee'); if($is_send_webhook){ $webHookIn->save_temp_employee($user_id); } $sql = "UPDATE users SET email='$post[email]', phone='$post[phone]', agency_name='$post[agency_name]', last_name='$post[last_name]', first_name='$post[first_name]', middle_name='$post[middle_name]', phone2='$post[phone2_user]', users_admin='$post[is_two_admin]', is_dispatcher=$is_dis, vpbx_id='$vpbx_id', birthday='$birthday', gmtmsk = '$gmtmsk'"; if (isset($pwd_enc)) { $sql .= ", pwd = '{$pwd_enc}', is_pwd=1"; } $sql .= " WHERE id = $user_id"; if (mysql_query($sql)) { if($is_send_webhook){ $dataWhook = array('action'=>'employee_update', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agency_id); $webHookIn->check_send($dataWhook); } $this->edit_api_ids($post, $user_id); $sqlNewObjUser = "SELECT * FROM users WHERE id=$user_id"; $rezNewObjUser = mysql_query($sqlNewObjUser); $newObjUser = mysql_fetch_assoc($rezNewObjUser); $phone = $post['phone']; $num_search = User::num_search($post['phone']); $sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']); if ($newObjUser['agency'] == 0) { $sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]"; $rez=mysql_query($sql); $manager = mysql_fetch_assoc($rez); if($manager['id_manager']) { $agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]")); } else { $agency = $manager; } if ($agency) { $sobstv = $sobstv . ", агентство " . $agency['agency_name']; } } //обновляем объекты пользователя $sql = "UPDATE objects SET is_main = 0, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$user_id"; mysql_query($sql); $this->agency_name = $post['agency_name']; $this->last_name = $post['last_name']; $this->first_name = $post['first_name']; $this->middle_name = $post['middle_name']; $this->phone = $post['phone']; $this->email = $post['email']; $this->birthday = $birthday; $passport_date = "NULL"; if (!empty($post['passport_date'])) $passport_date = date("Y-m-d H:i:s", strtotime($post['passport_date'])); $wa_enabled = (int)$post['wa_enabled']; $sql1 = "SELECT count(id) FROM `users_info` WHERE user_id = $user_id"; $rez = mysql_query($sql1); if (mysql_result($rez,0)) { $sql2 = "UPDATE `users_info` SET passport_serial='$post[passport_serial]', passport_number='$post[passport_number]', passport_date='$passport_date', passport_emited='$post[passport_emited]', passport_adress='$post[passport_adress]', adress_postal='$post[adress_postal]', soc_vk='$post[soc_vk]', soc_tg='$post[soc_tg]', soc_fb='$post[soc_fb]', soc_inst='$post[soc_inst]', soc_tw='$post[soc_tw]', soc_wa='$post[soc_wa]', wa_enabled='$wa_enabled' WHERE user_id = $user_id"; } else { $sql2 = "INSERT INTO `users_info` ( user_id, passport_serial, passport_number, passport_date, passport_emited, passport_adress, adress_postal, soc_vk, soc_tg, soc_fb, soc_inst, soc_tw, soc_wa, wa_enabled ) VALUES ( '$user_id', '$post[passport_serial]', '$post[passport_number]', '$passport_date', '$post[passport_emited]', '$post[passport_adress]', '$post[adress_postal]', '$post[soc_vk]', '$post[soc_tg]', '$post[soc_fb]', '$post[soc_inst]', '$post[soc_tw]', '$post[soc_wa]', '$wa_enabled' )"; } mysql_query($sql2); if (!($_FILES['avatar']['size'] == 0 && $_FILES['avatar']['error'] == 0)) { if ($user_logo = $this->setUserpic($user_id)) if ($user_logo) { $this->user_logo = $this->_serverUserpicPath . '/' . $user_logo; } } else { $user_logo = mysql_fetch_assoc(mysql_query("SELECT user_logo FROM users WHERE id=$user_id"))['user_logo']; if ($user_logo) { $this->user_logo = $this->_serverUserpicPath . '/' . $user_logo; } } if (!($_FILES['files']['size'] == 0 && $_FILES['files']['error'] == 0)) { if ($files = $this->uploadFiles($user_id)) { $this->files = $files; } } if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){ $pwd = trim($post['pass-edit']); $pwd_enc = md5($pwd . SALT); } //отключаем, так как по отдельной кнопке обновляем /*if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) { $advert_budget_total = 0; if (isset($post['advert_budget_total'])) $advert_budget_total = (double)$post['advert_budget_total']; $advert_budget_personal = 0; if (isset($post['advert_budget_personal'])) $advert_budget_personal = $post['advert_budget_personal']; $advert_budget_avito = 0; if (isset($post['advert_budget_avito'])) $advert_budget_avito = (double)$post['advert_budget_avito']; $advert_budget_cian = 0; if (isset($post['advert_budget_cian'])) $advert_budget_cian = (double)$post['advert_budget_cian']; $advert_budget_domclick = 0; if (isset($post['advert_budget_domclick'])) $advert_budget_domclick = (double)$post['advert_budget_domclick']; $advert_budget_jcat = 0; if (isset($post['advert_budget_jcat'])) $advert_budget_jcat = (double)$post['advert_budget_jcat']; $advert_budget_yandex = 0; if (isset($post['advert_budget_yandex'])) $advert_budget_yandex = (double)$post['advert_budget_yandex']; $advert_budget_avito_unlimited = 0; if (isset($post['advert_budget_avito_unlimited'])) $advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited']; $advert_budget_cian_unlimited = 0; if (isset($post['advert_budget_cian_unlimited'])) $advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited']; $advert_budget_domclick_unlimited = 0; if (isset($post['advert_budget_domclick_unlimited'])) $advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited']; $advert_budget_jcat_unlimited = 0; if (isset($post['advert_budget_jcat_unlimited'])) $advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited']; $advert_budget_yandex_unlimited = 0; if (isset($post['advert_budget_yandex_unlimited'])) $advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited']; $advert_do_not_reinit_monthly = 0; if (isset($post['do_not_reinit_monthly'])) $advert_do_not_reinit_monthly = (int)$post['do_not_reinit_monthly']; $advert_budgets_inst = new AdvertBudgets(); $advert_budget = $advert_budgets_inst->setAdvertBudget([ 'user_id' => $user_id, 'total' => $advert_budget_total, 'personal' => $advert_budget_personal, 'avito' => $advert_budget_avito, 'avito_unlimited' => $advert_budget_avito_unlimited, 'cian' => $advert_budget_cian, 'cian_unlimited' => $advert_budget_cian_unlimited, 'domclick' => $advert_budget_domclick, 'domclick_unlimited' => $advert_budget_domclick_unlimited, 'jcat' => $advert_budget_jcat, 'jcat_unlimited' => $advert_budget_jcat_unlimited, 'yandex' => $advert_budget_yandex, 'yandex_unlimited' => $advert_budget_yandex_unlimited, 'do_not_reinit_monthly' => $advert_do_not_reinit_monthly, ]); }*/ if (!isset($post["on_any_ip"])) { $post["on_any_ip"] = 0; } if (!isset($post["on_hide_client_contacts"])) { $post["on_hide_client_contacts"] = 0; } //Update permissions $sql_check_perm = "SELECT count(id) FROM `user_permissions` WHERE user_id = $user_id"; $rez_check_perm = mysql_query($sql_check_perm); if (mysql_result($rez_check_perm,0)) { $sql_update_permissions = "UPDATE user_permissions SET menu_office = '$post[on_office]', menu_complexes = '$post[on_complexes]', menu_search = '$post[on_search]', menu_objects = '$post[on_objects]', menu_all_objects = '$post[on_objects_all]', menu_all_objects_edit = '$post[on_objects_all_edit]', menu_ads = '$post[on_ads]', menu_clients = '$post[on_clients]', menu_all_clients = '$post[on_clients_all]', menu_all_clients_edit = '$post[on_clients_all_edit]', menu_all_clients_export = '$post[on_clients_all_export]', menu_submissions = '$post[on_submissions]', menu_all_submissions = '$post[on_submissions_all]', menu_all_submissions_edit = '$post[on_submissions_all_edit]', menu_all_submissions_export = '$post[on_submissions_all_export]', menu_docs = '$post[on_docs]', menu_settings = '$post[on_settings]', menu_can_transfer_to_common = '$post[on_can_transfer_to_common]', menu_can_take_from_closed = '$post[on_can_take_from_closed]', daily_closed_req_limit = '$post[on_daily_closed_req_limit]', menu_can_transfer_closed_to_others = '$post[on_can_transfer_closed_to_others]', daily_closed_transfer_limit = '$post[on_daily_closed_transfer_limit]', cannot_create_req_manually = '$post[on_cannot_create_req_manually]', search_company_objects_only = '$post[on_search_company_objects_only]', allow_any_ip = '$post[on_any_ip]', hide_client_contacts = '$post[on_hide_client_contacts]' WHERE user_id=$user_id"; } else { $sql_update_permissions = "INSERT INTO `user_permissions` ( user_id, menu_office, menu_complexes, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit, menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export, menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export, menu_docs, menu_settings, menu_can_transfer_to_common, menu_can_take_from_closed, daily_closed_req_limit, menu_can_transfer_closed_to_others, daily_closed_transfer_limit, cannot_create_req_manually, search_company_objects_only, allow_any_ip, hide_client_contacts ) VALUES ( '$user_id', '$post[on_office]', '$post[on_complexes]', '$post[on_search]', '$post[on_objects]', '$post[on_objects_all]', '$post[on_objects_all_edit]', '$post[on_ads]', '$post[on_clients]', '$post[on_clients_all]', '$post[on_clients_all_edit]', '$post[on_clients_all_export]', '$post[on_submissions]', '$post[on_submissions_all]', '$post[on_submissions_all_edit]', '$post[on_submissions_all_export]', '$post[on_docs]', '$post[on_settings]', '$post[on_can_transfer_to_common]', '$post[on_menu_can_take_from_closed]', '$post[on_daily_closed_req_limit]', '$post[on_menu_can_transfer_closed_to_others]', '$post[on_daily_closed_transfer_limit]', '$post[on_cannot_create_req_manually]', '$post[on_search_company_objects_only]', '$post[on_any_ip]', '$post[on_hide_client_contacts]' )"; } // echo($sql_update_permissions);die; mysql_query($sql_update_permissions); $data = [ 'id' => $user_id, 'agency_name' => $this->agency_name, 'last_name' => $this->last_name, 'first_name' => $this->first_name, 'middle_name' => $this->middle_name, 'phone' => $this->phone, 'email' => $this->email, 'user_logo' => $this->user_logo, 'passport_date' => $passport_date, ]; if (!is_null($advert_budget)) { if ($advert_budget['success'] == true) { $data['advert_budget'] = [ 'total' => $advert_budget['total'], 'amount' => $advert_budget['amount'], 'balance' => $advert_budget['balance'], ]; } else { $msg_user = implode('
', $advert_budget['errors']); } } if (empty($msg_user)) { return $data; } } else $msg_user = "Произошла ошибка при сохранении пользователя.!"; } else $msg_user = "Агент с таким номером телефона уже существует!"; } else $msg_user = "Не указано Имя пользователя!"; } else $msg_user = "Не указана Фамилия пользователя!"; } else $msg_user = "Не указан номер телефона!"; } else $msg_user = "Не указан E-Mail!"; return ['error' => $msg_user]; } public static function getAllAgencyUsers($agencyId = false) { $agentIds = []; if (isset($_SESSION['id'])) $agentIds[] = $_SESSION['id']; if ($agencyId) { $agentIds[] = $agencyId; $agentsOfAgency = self::getAllAgents($agencyId); foreach ($agentsOfAgency as $agent) { if (!in_array($agent['id'], $agentIds)) { $agentIds[] = $agent['id']; } } $agentsOfManager = self::getAllManagers($agencyId); foreach ($agentsOfManager as $agent) { if (!in_array($agent['id'], $agentIds)) { $agentIds[] = $agent['id']; } } } return array_unique($agentIds); } public static function getAgencyIdForUser($userId) { return self::getUserAgencyID($userId); } public static function getUserAgencyID($user_id = null) { if (is_null($user_id) && isset($_SESSION['id'])) $user_id = $_SESSION['id']; if (!$user_id) return false; $agency_id = false; $sql = "SELECT * FROM `users` WHERE `id` = '$user_id'"; $res = mysql_query($sql); $user = mysql_fetch_assoc($res); if ($user['agency']) { $agency_id = intval($user['id']); } else if ($user['id_manager']) { $id_manager = $user['id_manager']; $agency = mysql_fetch_assoc(mysql_query("SELECT id, id_manager, agency FROM `users` WHERE `id`='$id_manager'")); if ($agency['agency']) { $agency_id = intval($agency['id']); } else { if ($agency['id_manager']) { $agency2 = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]")); if($agency2['id_manager']) $agency_id = intval($agency2['id_manager']); else $agency_id = intval($agency['id_manager']); } else if ($user['id_manager']) $agency_id = intval($user['id_manager']); else $agency_id = intval($user['id']); } } else if (isset($_SESSION['id'])) { $agency_id = intval($_SESSION['id']); } return $agency_id; } public static function getAllAgency($agent = false, $block = false, $active = false, $from = 0, $to = 1000){ if($agent) { if ($block) { $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1"; } else { $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0"; } } else { if ($block) { $usl = "agency=1 AND blocked = 1"; } else { $usl = "agency=1 AND blocked = 0"; } } if ($active) { $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)"; } $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to"; if (isset($_GET['dev'])) { echo $sql; } $rez = mysql_query($sql); $agency = array(); while($ag = mysql_fetch_assoc($rez)) { if($ag['id_tarif']) { $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0); } else $ag['tarif'] = ""; $agency[] = $ag; } return $agency; } public static function getAllDeveloper($block = false, $active = false, $from = 0, $to = 1000){ $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0"; if ($block) { $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 1"; } else { $usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 0"; } if ($active) { $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)"; } $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to"; if (isset($_GET['dev'])) { echo $sql; } $rez = mysql_query($sql); $developers = array(); while($dev = mysql_fetch_assoc($rez)) { if($id_tarif = $dev['id_tarif']) { $dev['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id = $id_tarif"),0); } else $dev['tarif'] = ""; $developers[] = $dev; } return $developers; } public static function countAllAgency($agent = false, $block = false, $active = false){ if($agent) { if ($block) { $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1"; } else { $usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0"; } } else { if ($block) { $usl = "agency=1 AND blocked = 1"; } else { $usl = "agency=1 AND blocked = 0"; } } if ($active) { $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)"; } $sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC"; if (isset($_GET['dev'])) { echo $sql; } $rez = mysql_query($sql); return mysql_result($rez,0); } public static function searchUsers($agent = false, $from = 0, $to = 1000){ $usl = "1"; if($_GET['search']) { $usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')"; } $sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to"; if (isset($_GET['dev'])) { echo $sql; } $rez = mysql_query($sql); $agency = array(); while($ag = mysql_fetch_assoc($rez)) { if($ag[id_tarif]) $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0); else $ag['tarif'] = ""; $agency[] = $ag; } return $agency; } public static function countUsers($agent = false){ $usl = "1"; if($_GET['search']) { $usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')"; } $sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC"; if (isset($_GET['dev'])) { echo $sql; } $rez = mysql_query($sql); return mysql_result($rez,0); } public static function getCountAgency($agent = false, $block = false, $active = false){ if($agent) { $usl = "agent=1 AND agency=0 AND role_developer=0 AND id_manager=0"; if ($block) { $usl = $usl." AND blocked = 1"; } else { $usl = $usl." AND blocked = 0"; } } else { $usl = "agency=1 AND role_developer=0"; if ($block) { $usl = $usl." AND blocked = 1"; } else { $usl = $usl." AND blocked = 0"; } } if ($active) { $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)"; } $sql = "SELECT COUNT(*) FROM users WHERE $usl"; if (isset($_GET['dev'])) { echo $sql; } $rez = mysql_query($sql); return mysql_result($rez,0); } public static function getCountDeveloper($block = false, $active = false) { $usl = "role_developer = 1 AND agent = 0 AND agency = 0 AND id_manager = 0"; if ($block) { $usl = $usl." AND blocked = 1"; } else { $usl = $usl." AND blocked = 0"; } if ($active) { $usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)"; } $sql = "SELECT COUNT(*) FROM users WHERE $usl"; if (isset($_GET['dev'])) { echo $sql; } $rez = mysql_query($sql); return mysql_result($rez, 0); } public static function countAllAdmins($id, $only_active = false) { $sql = "SELECT count(*) FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id"; if ($only_active) $sql .= " AND users.blocked=0"; $res = mysql_query($sql); return mysql_result($res,0); } public static function getAllAdmins($id, $only_active = false) { if (!$id) return []; $sql = "SELECT * FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id"; if ($only_active) $sql .= " AND users.blocked=0"; $res = mysql_query($sql); $admins = []; while ($admin = mysql_fetch_assoc($res)) { $admins[] = $admin; } return $admins; } public static function countAllManagers($id, $only_active = false) { $total = 0; $sql = "SELECT id, manager FROM users WHERE manager=1 AND id_manager=$id AND blocked=0"; if ($only_active) $sql .= " AND users.blocked=0"; $rez = mysql_query($sql); $total = mysql_num_rows($rez); while($res = mysql_fetch_assoc($rez)){ if($res['manager'] == 1){ $sql_m = "SELECT count(*) FROM users WHERE manager=1 AND id_manager=$res[id] AND blocked=0"; $rez_m = mysql_query($sql_m); $total += mysql_result($rez_m,0); } } return $total; } public static function getAllManagers($id, $only_active = true) { if (!$id) return []; $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id"; if ($only_active) $sql .= " AND blocked=0"; $rez = mysql_query($sql); $managers = array(); while($manager = mysql_fetch_assoc($rez)) { $managers[] = $manager; $sql3 = "SELECT * FROM users WHERE manager=1 AND id_manager=$manager[id]"; if ($only_active) $sql3 .= " AND blocked=0"; $rez3 = mysql_query($sql3); while($agent3 = mysql_fetch_assoc($rez3)) { $managers[] = $agent3; } } // Удаляем дублирующиеся записи по 'id' $managers = array_unique($managers, SORT_REGULAR); return $managers; } public static function countAllAgents($id, $only_active = false) { if (!$id) return []; $sql = "SELECT id, manager FROM users WHERE manager=1 AND id_manager=$id AND blocked=0"; if (!$only_active) $sql .= " AND blocked=0"; $rez = mysql_query($sql); $agentsCount = 0; while($agent = mysql_fetch_assoc($rez)) { $sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$agent[id] AND blocked=0"; $rez2 = mysql_query($sql2); $agentsCount = $agentsCount + (int) mysql_result($rez2,0); } $sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$id AND blocked=0"; $rez2 = mysql_query($sql2); $agentsCount = $agentsCount + (int) mysql_result($rez2,0); return $agentsCount; } public static function getAllAgents($id, $only_active = false) { if (!$id) return []; $sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id"; if ($only_active) $sql .= " AND blocked=0"; $rez = mysql_query($sql); $agents = array(); while($agent = mysql_fetch_assoc($rez)) { $sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$agent[id]"; $rez2 = mysql_query($sql2); while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2; $sql3 = "SELECT * FROM users WHERE manager=1 AND id_manager=$agent[id]"; $rez3 = mysql_query($sql3); while($agent3 = mysql_fetch_assoc($rez3)) { $sql4 = "SELECT * FROM users WHERE manager=0 AND id_manager=$agent3[id]"; $rez4 = mysql_query($sql4); while($agent4 = mysql_fetch_assoc($rez4)) $agents[] = $agent4; } } $sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$id"; $rez2 = mysql_query($sql2); while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2; return $agents; } public function changeTarif() { $sql = "UPDATE users SET id_tarif='$_GET[id_tarif]', date_tarif=NOW() WHERE id=$_GET[id_user]"; mysql_query($sql); } /** * @return array */ public function getFilesList($user_id = null) { if (!is_null($user_id)) { $sql = "SELECT * FROM `users_files` AS files WHERE files.user_id = " . trim($user_id); $files = []; $res = mysql_query($sql); if (mysql_num_rows($res)) { while ($file = mysql_fetch_assoc($res)) { $files[] = $file; } } return $files; } return []; } /** * @return array */ public function getFile($file_id = null) { if (!is_null($file_id)) { $sql = "SELECT * FROM `users_files` AS files WHERE files.id = " . trim($file_id) . " LIMIT 1"; $res = mysql_query($sql); return mysql_fetch_assoc($res); } return []; } /** * @param null $file_id * @return bool */ public function deleteFile($file_id = null) { if (!is_null($file_id)) { if ($file = $this->getFile($file_id)) { $sql = "DELETE FROM `users_files` WHERE `users_files`.`id` = " . $file['id'] . " LIMIT 1"; if (mysql_query($sql)) { unlink($_SERVER['DOCUMENT_ROOT'] . $file['path']); return true; } } } return mysql_error(); } /** * @param null $user_id * @return bool|string */ public function delUserPic($user_id = null) { if (!is_null($user_id)) { $user = new self; $user->get($user_id); if ($user_logo = $user->user_logo) { $sql = "UPDATE users SET user_logo='' WHERE id='$user_id' LIMIT 1"; if (mysql_query($sql)) { unlink($this->_serverUserpicPath . '/' . $user_logo); return true; } } } return false; } /** * @param $str * @param $config * @param bool $is_folder * @return string */ private function fixFilename($str, $config, $is_folder = false) { $str = strip_tags(htmlspecialchars($str)); if ($config['convert_spaces']) $str = str_replace(' ', $config['replace_with'], $str); if ($config['transliteration']) { if (!mb_detect_encoding($str, 'UTF-8', true)) $str = utf8_encode($str); if (function_exists('transliterator_transliterate')) $str = transliterator_transliterate('Any-Latin; Latin-ASCII', $str); else $str = iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $str); $str = preg_replace("/[^a-zA-Z0-9\.\[\]_| -]/", '', $str); } $str = str_replace(array( '"', "'", "/", "\\" ), "", $str); $str = strip_tags($str); // Empty or incorrectly transliterated filename. // Here is a point: a good file UNKNOWN_LANGUAGE.jpg could become .jpg in previous code. // So we add that default 'file' name to fix that issue. if (!$config['empty_filename'] && strpos($str, '.') === 0 && $is_folder === false) { $str = 'file' . $str; } if ($config['lowercase']) return (mb_strtolower(trim($str))); else return trim($str); } /** * @param $path * @param $filename * @return string */ private function newFilename($path, $filename) { $res = "$path/$filename"; if (!file_exists($res)) return $res; $fnameNoExt = pathinfo($filename,PATHINFO_FILENAME); $ext = pathinfo($filename, PATHINFO_EXTENSION); $i = 1; while(file_exists("$path/$fnameNoExt-$i.$ext")) $i++; return "$path/$fnameNoExt-$i.$ext"; } /** * @param null $user_id * @return array|bool */ private function setUserpic($user_id = null) { if (!$user_id || is_null($user_id)) return false; if ($_FILES['avatar']['name']) { list($a, $ext) = explode("/", $_FILES['avatar']['type']); if ($ext == "pjpeg") { $ext = "jpeg"; } $ext = mb_strtolower($ext); if (in_array($ext, $this->_allowedFileTypes)) { $name = md5($_FILES['avatar']['tmp_name'] . time()) . "." . $ext; $photo = $_SERVER['DOCUMENT_ROOT'] . $this->_serverUserpicPath . "/" . $name; move_uploaded_file($_FILES['avatar']['tmp_name'], $photo); if (square_crop($photo, $photo, 272, 90)) { $sql = "UPDATE `users` SET user_logo='$name' WHERE id=$user_id"; mysql_query($sql); return $name; } } } return false; } /** * @param null $user_id * @return array|bool */ private function uploadFiles($user_id = null) { if (!$user_id || is_null($user_id)) return false; list($success, $errors) = [[],[]]; $user_id = intval($user_id); $post = clearInputData($_POST); $created_by = intval($_SESSION['id']); if (isset($_FILES['files'])) { $count = count($_FILES['files']['name']); $agency_id = self::getUserAgencyID(); $users_id = $this->getAllAgencyUsers($agency_id); for ($i = 0; $i < $count; $i++) { if (in_array($user_id, $users_id) && $user_id && $_FILES['files']['error'][$i] == 0) { $extension = mb_strtolower(pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION)); if (in_array($extension, $this->_allowedFileTypes)) { $real_filename = $_FILES['files']['name'][$i]; $description = ((isset($post['description'][$i])) ? trim($post['description'][$i]) : null); $filename = $this->fixFilename($real_filename, [ 'convert_spaces' => true, 'replace_with' => '_', 'transliteration' => true, 'empty_filename' => true, 'lowercase' => true ]); $tmp_path = $_FILES['files']['tmp_name'][$i]; $save_path = $this->newFilename($_SERVER['DOCUMENT_ROOT'] . $this->_serverPath, $filename); $path = str_replace($_SERVER['DOCUMENT_ROOT'], '', $save_path); if (empty($description)) $description = $real_filename; if (move_uploaded_file($tmp_path, $save_path)) { $sql = "INSERT INTO `users_files` (`user_id`, `filename`, `path`, `created_by`) VALUES ('$user_id', '$description', '$path', '$created_by')"; if (mysql_query($sql)) { $id = mysql_insert_id(); $success[$id] = [ 'filename' => $real_filename, 'path' => $path, ]; } else { $errors[] = [$filename => mysql_error()]; } } } } } } if (!empty($success)) return $success; else return $errors; } /** * Генирация и сохранение токенов */ public function gen_token($user_id) { $token = md5(microtime() . 'user' . $user_id . time()); $sql = "REPLACE INTO user_api_keys (user_id, api_key) VALUES ({$user_id}, '{$token}')"; mysql_query($sql); $id = mysql_insert_id(); return $id; } public static function getUserTarif($user_id) { $sgl = "SELECT id_tarif FROM users WHERE id={$user_id}"; $user = mysql_query($sgl); $userTarrif = mysql_fetch_assoc($user); if($userTarrif['id_tarif'] == 0) { $sqlManager = "SELECT id_manager FROM users WHERE id={$user_id}"; $userManager = mysql_query($sqlManager); $userIdManager = mysql_fetch_assoc($userManager); $sgl = "SELECT id_tarif FROM users WHERE id={$userIdManager['id_manager']}"; $user = mysql_query($sgl); $userTarrif = mysql_fetch_assoc($user); } $sql2 = "SELECT max_worker FROM tariffs WHERE id={$userTarrif['id_tarif']}"; $tarif = mysql_query($sql2); $maxWorker = mysql_fetch_assoc($tarif); if ($maxWorker == 0) {$maxWorker = array('max_worker' => 9999);} return $maxWorker; } public static function getUserTarifCount($user_id) { $res = array(); $res2 = array(); $res3 = array(); $sgl = "SELECT COUNT(*) FROM users WHERE id_manager={$user_id} AND blocked=0" ; $user = mysql_query($sgl); $userAgency = mysql_fetch_assoc($user); $sgl3 = "SELECT id FROM users WHERE id_manager={$user_id} AND blocked=0"; $user3 = mysql_query($sgl3); while ($r = mysql_fetch_assoc($user3)) { $res[] = $r; } foreach ($res as $value) { $i = reset($value); $sgl2 = "SELECT id FROM users WHERE id_manager={$i } AND blocked=0"; $userA2 = mysql_query($sgl2); while ($r = mysql_fetch_assoc($userA2)) { $res2[] = $r; } } $sgl4 = "SELECT department_id FROM users WHERE id_manager={$user_id} AND blocked=0"; $user4 = mysql_query($sgl4); while ($r = mysql_fetch_assoc($user4)) { $res3[] = $r; } foreach ($res3 as $value) { $i = reset($value); if ($i != 0){ $sgl2 = "SELECT id FROM users WHERE department_id={$i } AND blocked=0 AND id_manager!={$user_id}"; $userA2 = mysql_query($sgl2); while ($r = mysql_fetch_assoc($userA2)) { $res2[] = $r; } } } $result = array(); foreach ($res2 as $k => $v) { $result[] = reset($v); } $userCount = (reset($userAgency)); $userCount2 = count(array_unique($result)); $userCountSum = $userCount + $userCount2; return $userCountSum; } public static function isCurrentUserShowAdvertButton() { $showAds = true; if ($_SESSION['id'] == 5812 || $_SESSION['id'] == 7076) { $showAds = false; } if ((in_array($_SESSION['agency_id'], array(8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434))) && !in_array($_SESSION['id'], array(8373, 8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434))) { $showAds = false; } if ($_SESSION['agency_id'] == 8435 && (!in_array($_SESSION['id'], array(8435, 8532, 8541, 8555)))) $showAds = false; if ($_SESSION['agency_id'] == 8649 && (!in_array($_SESSION['id'], array(8649, 8653)))) { $showAds = false; } if ($_SESSION['agency_id'] == 8867 && (!in_array($_SESSION['id'], array(8867, 8910, 9082, 9072, 9077)))) { $showAds = false; } if ($_SESSION['id'] == 9170) { $showAds = true; } if ($_SESSION['id'] == 19750 || $_SESSION['id'] == 22196 || $_SESSION['id'] == 22280 || $_SESSION['id'] == 22195) { $showAds = true; } if ($_SESSION['id'] == 19821) { $showAds = true; } if ($_SESSION['id'] == 18708) { $showAds = true; } if ($_SESSION['id'] == 9588 || $_SESSION['id'] == 9904) { $showAds = true; } if ($_SESSION['id'] == 9110 || $_SESSION['id'] == 9892) { $showAds = true; } if ($_SESSION['id'] == 9805 || $_SESSION['id'] == 9927) { $showAds = true; } if ($_SESSION['id'] == 18438 || $_SESSION['id'] == 18446) { $showAds = true; } if ($_SESSION['id'] == 9973) { $showAds = true; } if ($_SESSION['id'] == 13338) { $showAds = true; } if ($_SESSION['id'] == 10203) { $showAds = true; } if ($_SESSION['id'] == 10041 || $_SESSION['id'] == 10966 || $_SESSION['id'] == 10869 || $_SESSION['id'] == 13845) { $showAds = true; } if ($_SESSION['id'] == 7864 || $_SESSION['id'] == 8118 || $_SESSION['id'] == 7866 || $_SESSION['id'] == 8432 || $_SESSION['id'] == 9152 || $_SESSION['id'] == 9426) { $showAds = true; } if ($_SESSION['id'] == 10493 || $_SESSION['id'] == 10606) { $showAds = true; } if ($_SESSION['id'] == 4873) { $showAds = true; } if ($_SESSION['id'] == 10876) { $showAds = true; } if ($_SESSION['id'] == 10982 || $_SESSION['id'] == 10992 || $_SESSION['id'] == 11299 || $_SESSION['id'] == 14572 || $_SESSION['id'] == 21355) { $showAds = true; } if ($_SESSION['id'] == 11086) { $showAds = true; } if ($_SESSION['id'] == 10933 || $_SESSION['id'] == 11547 || $_SESSION['id'] == 11538) { $showAds = true; } if ($_SESSION['id'] == 11456 || $_SESSION['id'] == 11552) { $showAds = true; } if ($_SESSION['id'] == 11501 || $_SESSION['id'] == 11549) { $showAds = true; } if ($_SESSION['id'] == 11397 || $_SESSION['id'] == 11583) { $showAds = true; } if (in_array((int)$_SESSION['id'], [11378,11688,11690,11691,11694,11696,11698,11700,11702,11864,11865,11873,8829,11799,11801,11803,11806,11808,11810,11812,11814,11816,11818,11819,11821,11822,11824,11825,11827,11830,11831,11833,11835,11850,11837,11839,11840,11841,11843,11845,11847,11849,11851,11854,11856,11859,11861,11683,11877,11879,11880,11882,11705,11709,11711,11713,11715,11720,11722,11723,11725,11726,11728,11731,11733,11735,11737,11739,11741,11743,11745,11747,11749,11753,11763,11765,11769,11770,11771,11772,11773,11774,11775,11776,11777,11779,11781,11784,11786,11788,11791,11793,11795,11796,11797,11798,11800,11802,11804,11807,11809,11811,11813,11815,11817,11820,11823,11826,11828,11829,11832,11834,11836,11838,11842,11844,11846,11848,11852,11853,11855,11857,11858,11860,11862,11863,11866,11869,11871,11872,11875,11876,11878,11881,11703,11704,11706,11708,11710,11712,11714,11716,11717,11718,11719,11721,11724,11727,11729,11730,11732,11734,11736,11738,11740,11742,11744,11746,11748,11750,11751,11752,11754,11755,11756,11757,11758,11759,11760,11761,11762,11764,11766,11767,11768,11778,11780,11782,11783,11785,11787,11789,11790,11792,11794,11883,11884,11885,11886,11887,11888,11889,11890,11891,11892,11893,11894,11895,11679,11680,11681,11682,11684,11685,11686,11687,11689,11692,11693,11695,11697,11699,11701,11896,11897,11898,11899,11900,11901,11902,11903,11904,11905,11906])) { $showAds = false; } if (in_array((int)$_SESSION['id'], [8826, 8827, 11867, 11870, 11874, 12444, 11868, 16929])) { $showAds = true; } if (in_array((int)$_SESSION['id'], [7507,7719,7513,8787,9878,10483,10815,7514,7517,7518,7519,7614,7762,8364,10484,9047,9928,10386,10522,10530,10531,7931,8893,9048,9809,11039,11805,10589,11329,11516,9770,10338,7905,8569,11641,11707,7520,7540,7541,7826,8729,8737,9861,10156,11034,7508,7509,7510,7512,7515,7543,7553,10499])) // АН ООО МИДОМ $showAds = false; if (in_array((int)$_SESSION['id'], [7507, 7508, 7509, 7543, 7905, 8364, 11707, 10499, 8569, 8569, 11930, 12052, 11641, 7553, 8787, 7510, 7548, 7516])) $showAds = true; if ($_SESSION['id'] == 10429) { $showAds = true; } if ($_SESSION['id'] == 12061 || $_SESSION['id'] == 12071 || $_SESSION['id'] == 12073 || $_SESSION['id'] == 12093 || $_SESSION['id'] == 12077 || $_SESSION['id'] == 12090 || $_SESSION['id'] == 12649 || $_SESSION['id'] == 12129 || $_SESSION['id'] == 12171 || $_SESSION['id'] == 12098 || $_SESSION['id'] == 1219 || $_SESSION['id'] == 12624 || $_SESSION['id'] == 12641 || $_SESSION['id'] == 16725 || $_SESSION['id'] == 12192 || $_SESSION['id'] == 12654 || $_SESSION['id'] == 12617 || $_SESSION['id'] == 12634 || $_SESSION['id'] == 12132 || $_SESSION['id'] == 21063 || $_SESSION['id'] == 21124 || $_SESSION['id'] == 12653 || $_SESSION['id'] == 12616) { $showAds = true; } if ($_SESSION['id'] == 10732 || $_SESSION['id'] == 12405 || $_SESSION['id'] == 13064) { $showAds = true; } if ($_SESSION['id'] == 11417 || $_SESSION['id'] == 12363 || $_SESSION['id'] == 12353 || $_SESSION['id'] == 13690) { $showAds = true; } if ($_SESSION['id'] == 12556 || $_SESSION['id'] == 12910 || $_SESSION['id'] == 12909) { $showAds = true; } if($_SESSION['id'] == 14290 || $_SESSION['id'] == 14424 || $_SESSION['id'] == 14437 || $_SESSION['id'] == 16141 || $_SESSION['id'] == 16022 || $_SESSION['id'] == 15846 || $_SESSION['id'] == 16841){ $showAds = true; } if($_SESSION['id'] == 14435 || $_SESSION['id'] == 15068 || $_SESSION['id'] == 15531 || $_SESSION['id'] == 15532 || $_SESSION['id'] == 15529 || $_SESSION['id'] == 13023){ $showAds = true; } if($_SESSION['id'] == 12995 || $_SESSION['id'] == 12999 || $_SESSION['id'] == 12996 || $_SESSION['id'] == 13025 || $_SESSION['id'] == 13026 || $_SESSION['id'] == 13034 || $_SESSION['id'] == 13035 || $_SESSION['id'] == 13040 || $_SESSION['id'] == 17202){ $showAds = true; } if ($_SESSION['id'] == 10387 || $_SESSION['id'] == 10388 || $_SESSION['id'] == 10389 || $_SESSION['id'] == 10412 || $_SESSION['id'] == 10414 || $_SESSION['id'] == 10910 || $_SESSION['id'] == 12746 || $_SESSION['id'] == 12748 || $_SESSION['id'] == 10785 || $_SESSION['id'] == 10567) { $showAds = true; } if ($_SESSION['id'] == 8889) { $showAds = false; } if ($_SESSION['id'] == 14134 || $_SESSION['id'] == 14199) { $showAds = true; } if ($_SESSION['id'] == 13735 || $_SESSION['id'] == 13851 || $_SESSION['id'] == 13882 || $_SESSION['id'] == 13902 || $_SESSION['id'] == 13884 || $_SESSION['id'] == 13885 || $_SESSION['id'] == 18001 || $_SESSION['id'] == 18131 || $_SESSION['id'] == 19035 || $_SESSION['id'] == 18613) { $showAds = true; } if ($_SESSION['id'] == 13792 || $_SESSION['id'] == 14066) { $showAds = true; } if ($_SESSION['agency_id'] == 14493) { $showAds = true; } if ($_SESSION['agency_id'] == 19111) { $showAds = true; } if ($_SESSION['id'] == 15401) { $showAds = true; } if ($_SESSION['id'] == 19476 || $_SESSION['id'] == 19491) { $showAds = true; } if ($_SESSION['id'] == 17157 || $_SESSION['id'] == 17943 || $_SESSION['id'] == 17546) { $showAds = true; } if ($_SESSION['id'] == 16182 || $_SESSION['id'] == 16281 || $_SESSION['id'] == 16270) { $showAds = true; } if ($_SESSION['agency_id'] == 22746 && (!in_array($_SESSION['id'], array(22746, 22823)))) { $showAds = false; } if ($_SESSION['id'] == 22666 || $_SESSION['id'] == 22694 || $_SESSION['id'] == 22687) { $showAds = true; } if ($_SESSION['id'] == 22432 || $_SESSION['id'] == 22642) { $showAds = true; } if ($_SESSION['id'] == 22434 || $_SESSION['id'] == 22447) { $showAds = true; } if ($_SESSION['id'] == 21484) { $showAds = false; } return $showAds; } public static function getSubordinatesJson($managerId) { $sql = "SELECT id, last_name, first_name, middle_name, blocked, manager FROM users WHERE id IN ( SELECT id FROM users WHERE id_manager = $managerId OR id_manager IN ( SELECT id FROM users WHERE id_manager = $managerId OR id_manager IN ( SELECT id FROM users WHERE id_manager = $managerId ) ) ) AND blocked = 0"; $result = mysql_query($sql); $users = []; if ($result) { while ($row = mysql_fetch_assoc($result)) { $users[] = [ 'id' => $row['id'], 'name' => trim($row['last_name'] . ' ' . $row['first_name'] . ' ' . $row['middle_name']), 'is_manager' => $row['manager'] == 1 ]; } } else { return json_encode([ 'error' => 'SQL execution failed', 'sql' => $sql, 'mysql_error' => mysql_error() ], JSON_UNESCAPED_UNICODE); } if (empty($users)) { return json_encode([ 'error' => 'No subordinates found', 'sql' => $sql ], JSON_UNESCAPED_UNICODE); } return json_encode($users, JSON_UNESCAPED_UNICODE); } /** * получение пакета настроек для новой компании (новой регистрации) */ public function getNewUserPackages(){ $is_agent = (int)$this->individual; $is_agency = (int)$this->agency; $is_dev = (int)$this->role_developer; $where = ''; if($is_dev > 0){ $is_agency = 0; $is_agent = 0; $where = "is_dev = 1"; } else if($is_agency > 0){ $where = "is_agency = 1"; } else if($is_agent > 0){ $where = "is_agent = 1"; } $funnels = []; $sql = "SELECT * FROM funnel_admin where $where and deleted = 0 order by id"; $q = mysql_query($sql); while($r = mysql_fetch_assoc($q)) { $funnels[] = $r['id']; } if(!empty($funnels)){ $funnelClass = new Funnel(); $f = $funnelClass->set_template_funnels($this->agencyId, $this->id, $funnels); } //Дефолтные настройки $sql = "INSERT INTO `funnel_default` (`name`, `agency_id`, `is_client`, `is_req`, `is_filter`, `is_stage`, `is_show_funnels`, `order_number`) VALUES ('Список клиентов', {$this->agencyId}, 1, 0, 1, 0, 1, 0)"; mysql_query($sql); $sql_in = "INSERT INTO user_views_page (user_id, view_req, view_client) values ({$this->id}, 'kanban', 'list')"; mysql_query($sql_in); } }