4267 lines
172 KiB
PHP
4267 lines
172 KiB
PHP
<?php
|
||
|
||
class User {
|
||
|
||
public $id;
|
||
public $manager;
|
||
public $manager_users;
|
||
public $use_advert_budget;
|
||
public $agency;
|
||
// Делаю свойства публичными и с сохранением имени, т.к. в коде они много где используется без объявления
|
||
public $agencyName;
|
||
public $phoneAgency;
|
||
|
||
public $last_name;
|
||
public $first_name;
|
||
public $middle_name;
|
||
public $phone;
|
||
public $phone2;
|
||
public $role_developer;
|
||
public $api;
|
||
|
||
|
||
private $_serverPath = "/server/php/files/docs";
|
||
private $_serverUserpicPath = "/photos/agency";
|
||
private $_allowedFileTypes = [
|
||
"doc", "docx", "xls", "xlsx", "pdf",
|
||
"jpeg", "jpg", "gif", "png"
|
||
];
|
||
private $_user_can = [
|
||
'autosearch' => false,
|
||
'object-fields' => false,
|
||
'advert-stats' => false
|
||
];
|
||
|
||
public function getId()
|
||
{
|
||
return $this->id;
|
||
}
|
||
|
||
public function getAgencyName()
|
||
{
|
||
return "Агентство недвижимости ." . $this->agencyName;
|
||
}
|
||
|
||
public function getAgencyPhone()
|
||
{
|
||
return $this->phoneAgency;
|
||
}
|
||
|
||
public function getFullName()
|
||
{
|
||
return trim($this->last_name . ' ' . $this->first_name . ' ' . $this->middle_name);
|
||
}
|
||
|
||
public function getPhone()
|
||
{
|
||
return $this->phone;
|
||
}
|
||
|
||
public function get($id, $add_info = false, $add_budget = false) {
|
||
|
||
$sql = "SELECT *,
|
||
IF(birthday, DATE_FORMAT(birthday, '%d.%m.%Y'), NULL) as birthday
|
||
FROM users WHERE id=$id";
|
||
|
||
if ($rez = mysql_query($sql)) {
|
||
if (mysql_num_rows($rez)) {
|
||
|
||
$user = mysql_fetch_assoc($rez);
|
||
foreach ($user as $k => $v) {
|
||
$this->$k = $v;
|
||
}
|
||
|
||
$departmentClass = new Department;
|
||
$departmentUser = $departmentClass->getDepartment($id);
|
||
|
||
if ($departmentUser['role'] == 'manager_office' || $departmentUser['role'] == 'manager_office_menager') {
|
||
$this->manager = $_SESSION['manager'] = 1;
|
||
}
|
||
|
||
$this->agencyId = $id;
|
||
$this->agencyEgrnRequestCount = 0;
|
||
$this->agencyAntiznakRequestCount = 0;
|
||
$this->agencyEnableWazzap = $user['enable_wazzap'];
|
||
$this->agencyName = null;
|
||
$this->manager_users = null;
|
||
if ($user['role_developer']) {
|
||
// застройщик
|
||
$this->role_developer = $_SESSION['role_developer'] = 1;
|
||
} else {
|
||
$this->role_developer = $_SESSION['role_developer'] = 0;
|
||
}
|
||
$this->fio = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']);
|
||
if ($user['id_manager'] == 0 && $user['agency'] == 0) {
|
||
// частник
|
||
$this->individual = $_SESSION['individual'] = 1;
|
||
} else {
|
||
$this->individual = $_SESSION['individual'] = 0;
|
||
}
|
||
|
||
if (isset($user['phone2']))
|
||
$this->phone2 = $user['phone2'];
|
||
|
||
if ($user['id_manager']) {
|
||
|
||
$thisIdManager = $user['id_manager'];
|
||
if ($departmentUser['role'] == 'manager_office_menager' || $departmentUser['role'] == 'agent') {
|
||
if ($departmentUser['admin'] > 0) {
|
||
$thisIdManager = $departmentUser['admin'];
|
||
}
|
||
}
|
||
|
||
$sql = "SELECT * FROM users WHERE id= $thisIdManager";
|
||
$rez = mysql_query($sql);
|
||
$manager = mysql_fetch_assoc($rez);
|
||
|
||
if ($manager['id_manager']) {
|
||
$agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
|
||
if ($agency['id_manager']) {
|
||
$agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]"));
|
||
}
|
||
} else {
|
||
$agency = $manager;
|
||
}
|
||
|
||
$this->photo = $agency['photo'];
|
||
$this->agencyId = $agency['id'];
|
||
$this->agencyZipalLogin = $agency['zipal_login'];
|
||
$this->agencyZipalPassword = $agency['zipal_password'];
|
||
$this->agencyZipalBalance = $agency['zipal_balance'];
|
||
$this->agencyEgrnRequestCount = $agency['egrn_request_count'];
|
||
$this->agencyEnableWazzap = $agency['enable_wazzap'];
|
||
if($agency['id'] != 12061){
|
||
$this->agencyAntiznakRequestCount = $agency['antiznak_request_count'];
|
||
} else if($user['id'] == 12653 || $user['id'] == 12093) {
|
||
$this->agencyAntiznakRequestCount = $agency['antiznak_request_count'];
|
||
}
|
||
|
||
if (isset($agency['agency_name'])) {
|
||
$this->agencyName = $agency['agency_name'];
|
||
} else if (isset($user['agency_name'])) {
|
||
$this->agencyName = $user['agency_name'];
|
||
}
|
||
|
||
$this->phoneAgency = empty($agency['phoneAgency']) ? $agency['phone'] : $agency['phoneAgency'];
|
||
$this->sitename = $agency['sitename'];
|
||
$this->site = $agency['site'];
|
||
$this->adres = $agency['adres'];
|
||
} else {
|
||
|
||
if (isset($user['agency_name'])) {
|
||
$this->agencyName = $user['agency_name'];
|
||
} else {
|
||
$this->agencyName = null;
|
||
}
|
||
}
|
||
|
||
if ($this->manager > 0) { // Список пользователей в подчинении у менеджера
|
||
$agents = self::getAgentsOfManager($id, false);
|
||
if (!empty($agents) && is_array($agents)) {
|
||
$this->manager_users = [];
|
||
foreach ($agents as $agent) {
|
||
$this->manager_users[] = (int)$agent['id'];
|
||
}
|
||
}
|
||
}
|
||
|
||
if (isset($user['agency']) && $user['agency']) {
|
||
|
||
$this->director = trim($user['last_name'] . ' ' . $user['first_name'] . ' ' . $user['middle_name']);
|
||
|
||
if (isset($user['agency_name']))
|
||
$this->fio = $user['agency_name'];
|
||
|
||
}
|
||
|
||
$this->gmtmsk = (int)$user['gmtmsk'];
|
||
|
||
// Добавляем инфо о паспортных данных
|
||
if ($add_info) {
|
||
|
||
$sql1 = "SELECT *,
|
||
IF(passport_date, DATE_FORMAT(passport_date, '%d.%m.%Y'), NULL) as passport_date
|
||
FROM `users_info` WHERE user_id=$id";
|
||
|
||
$rez1 = mysql_query($sql1);
|
||
if (mysql_num_rows($rez1)) {
|
||
$info = mysql_fetch_assoc($rez1);
|
||
foreach ($info as $k => $v) {
|
||
$this->$k = $v;
|
||
}
|
||
}
|
||
|
||
$this->files = [];
|
||
$sql2 = "SELECT * FROM `users_files` WHERE user_id=$id";
|
||
$rez2 = mysql_query($sql2);
|
||
if (mysql_num_rows($rez2)) {
|
||
while ($file = mysql_fetch_assoc($rez2)) {
|
||
$this->files[] = $file;
|
||
}
|
||
}
|
||
}
|
||
|
||
// Добавляем инфо о рекламном бюджете
|
||
if ($add_budget) {
|
||
$advert_budgets = new AdvertBudgets();
|
||
|
||
$budget = $advert_budgets->getAdvertBudget($id);
|
||
|
||
$this->advert_budget = [
|
||
'avito' => $budget['avito'],
|
||
'avito_unlimited' => $budget['avito_unlimited'],
|
||
'avito_available' => $budget['avito_available'],
|
||
'cian' => $budget['cian'],
|
||
'cian_unlimited' => $budget['cian_unlimited'],
|
||
'cian_available' => $budget['cian_available'],
|
||
'domclick' => $budget['domclick'],
|
||
'domclick_unlimited' => $budget['domclick_unlimited'],
|
||
'domclick_available' => $budget['domclick_available'],
|
||
'jcat' => $budget['jcat'],
|
||
'jcat_unlimited' => $budget['jcat_unlimited'],
|
||
'jcat_available' => $budget['jcat_available'],
|
||
'yandex' => $budget['yandex'],
|
||
'yandex_unlimited' => $budget['yandex_unlimited'],
|
||
'yandex_available' => $budget['yandex_available'],
|
||
'personal' => $budget['personal'],
|
||
'total' => $budget['total'],
|
||
'amount' => $budget['amount'],
|
||
'balance' => $budget['balance'],
|
||
'do_not_reinit_monthly' => $budget['do_not_reinit_monthly'],
|
||
];
|
||
}
|
||
} else {
|
||
return false;
|
||
}
|
||
}
|
||
}
|
||
|
||
public function can($permission, $user_id = null) {
|
||
|
||
if (is_null($user_id))
|
||
$user_id = $_SESSION['id'];
|
||
|
||
$this->checkPermissions($user_id);
|
||
if (isset($this->_user_can[$permission])) {
|
||
if (boolval($this->_user_can[$permission]) === true) {
|
||
return true;
|
||
}
|
||
|
||
return false;
|
||
}
|
||
|
||
if (isset($_SESSION['user_can'][$permission])) {
|
||
if (boolval($_SESSION['user_can'][$permission]) === true) {
|
||
return true;
|
||
}
|
||
|
||
return false;
|
||
}
|
||
|
||
return false;
|
||
}
|
||
|
||
public function getMyManagers(){
|
||
|
||
$searchUserId = $_SESSION['id'];
|
||
|
||
if ($_SESSION['users_admin']) {
|
||
$searchUserId = $this->agencyId;
|
||
} else {
|
||
$departmentClass = new Department;
|
||
$departmentUser = $departmentClass->getDepartment($_SESSION['id']);
|
||
|
||
if($departmentUser['role'] == 'manager_office'){
|
||
$searchUserId = $departmentUser['admin'];
|
||
|
||
}
|
||
if($departmentUser['role'] == 'manager_office_menager'){
|
||
$searchUserId = $this->id_manager;
|
||
|
||
}
|
||
}
|
||
|
||
|
||
$sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$searchUserId AND blocked=0";
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
$managers = array();
|
||
|
||
while($manager = mysql_fetch_assoc($rez)) $managers[] = $manager;
|
||
|
||
return $managers;
|
||
|
||
}
|
||
|
||
|
||
public static function getAgentsOfManager($id_manager, $only_active = false) {
|
||
|
||
if (!$id_manager)
|
||
return [];
|
||
|
||
$sql = "SELECT *, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users WHERE manager=0 AND id_manager=$id_manager";
|
||
|
||
if ($only_active)
|
||
$sql .= " AND blocked=0";
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
$agents = array();
|
||
|
||
while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager;
|
||
|
||
return $agents;
|
||
|
||
}
|
||
|
||
public static function getAgentsOfManagers($id_manager, $only_active = false) {
|
||
|
||
if (!$id_manager)
|
||
return [];
|
||
|
||
$sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id_manager";
|
||
|
||
if ($only_active)
|
||
$sql .= " AND blocked=0";
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
$agents = array();
|
||
|
||
while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager;
|
||
|
||
return $agents;
|
||
|
||
}
|
||
|
||
|
||
public function getAgentsOfAgency($id_manager, $only_active = false) {
|
||
|
||
if (!$id_manager)
|
||
return [];
|
||
|
||
$sql = "SELECT * FROM users WHERE manager=0 AND id_manager=$id_manager";
|
||
|
||
if ($only_active)
|
||
$sql .= " AND blocked=0";
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
$agents = array();
|
||
|
||
while($manager = mysql_fetch_assoc($rez)) $agents[] = $manager;
|
||
|
||
return $agents;
|
||
|
||
}
|
||
|
||
public function whoWork($id) {
|
||
|
||
if (!$id)
|
||
return [];
|
||
|
||
$sql_who_work="SELECT * FROM clients WHERE who_work = $id";
|
||
$rez_who_work=mysql_query($sql_who_work);
|
||
$who_work=mysql_fetch_assoc($rez_who_work);
|
||
}
|
||
|
||
public function getMyUsers($self_include = false) {
|
||
|
||
$result = array();
|
||
|
||
if ($_GET['moder']) {
|
||
$str_url_add = "moder=0"; $bd_usl = "moder=0";
|
||
} else $bd_usl = "moder=1";
|
||
|
||
if ($_GET['blocked']) {
|
||
|
||
$bd_usl.=" AND blocked=1";
|
||
|
||
$str_url_add = "blocked=1";
|
||
|
||
} else $bd_usl .= " AND blocked=0";
|
||
|
||
if ($_GET['search']) {
|
||
|
||
$bd_usl.=" AND (users.agency_name LIKE '%$_GET[search]%' OR users.first_name LIKE '%$_GET[search]%' OR users.last_name LIKE '%$_GET[search]%' OR users.middle_name LIKE '%$_GET[search]%' OR users.phone LIKE '%$_GET[search]%' OR users.email LIKE '%$_GET[search]%')";
|
||
|
||
$str_url_add = "search=".$_GET['search'];
|
||
|
||
}
|
||
|
||
$searchUserId = $_SESSION['id'];
|
||
|
||
if ($_SESSION['users_admin'] || $_SESSION['id'] == 5817 || $_SESSION['id'] == 20293 || $_SESSION['id'] == 22915) {
|
||
$searchUserId = $this->agencyId;
|
||
} else {
|
||
|
||
$departmentClass = new Department;
|
||
$departmentUser = $departmentClass->getDepartment($_SESSION['id']);
|
||
|
||
if($departmentUser['role'] == 'manager_office'){
|
||
$searchUserId = $departmentUser['admin'];
|
||
|
||
}
|
||
if($departmentUser['role'] == 'manager_office_menager'){
|
||
$searchUserId = $this->id_manager;
|
||
|
||
}
|
||
}
|
||
|
||
$sql = "SELECT id FROM users WHERE id_manager = $searchUserId AND manager = 1";
|
||
$mmid[] = "users.id_manager = $searchUserId";
|
||
$rez = mysql_query($sql);
|
||
|
||
$menedgers = array();
|
||
while($mm = mysql_fetch_row($rez)) {
|
||
$mmid[] = "users.id_manager = ".$mm[0];
|
||
$menedgers[] = $mm[0];
|
||
}
|
||
|
||
//отделы для агенства
|
||
if ($_SESSION['agency'] == 1 || $_SESSION['users_admin'] == 1) {
|
||
$sql_dep = "SELECT id FROM `departments` where agency_id = ".$this->agencyId;
|
||
|
||
$q_dep = mysql_query($sql_dep);
|
||
while($r_dep = mysql_fetch_assoc($q_dep)){
|
||
$rez_dep = mysql_query("SELECT id FROM users WHERE department_id=$r_dep[id] AND manager=1");
|
||
while($mm_dep = mysql_fetch_row($rez_dep)) {
|
||
if(!in_array($mm_dep[0], $menedgers)){
|
||
$mmid[] = "users.id_manager = ".$mm_dep[0];
|
||
$menedgers[] = $mm_dep[0];
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|
||
$bd_usl .= $bd_usl_managers = " AND (".implode(" OR ",$mmid).")";
|
||
|
||
$sql22 = "SELECT online.id_user FROM online, users WHERE online.id_user=users.id AND id_user<>$_SESSION[id] $bd_usl_managers";
|
||
|
||
$rez = mysql_query($sql22);
|
||
|
||
$result['online'] = mysql_num_rows($rez);
|
||
|
||
while($onl = mysql_fetch_assoc($rez)) $onln[] = "users.id = ".$onl['id_user'];
|
||
|
||
$bd_usl_online = " AND (".implode(" OR ",$onln).")";
|
||
|
||
if ($_GET['online']) {
|
||
|
||
$bd_usl.=$bd_usl_online;
|
||
|
||
$str_url_add = "online=1";
|
||
|
||
}
|
||
|
||
$result['str_url_add'] = $str_url_add;
|
||
|
||
$kol_on_page = 20;
|
||
|
||
$sql_count = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] AND $bd_usl";
|
||
|
||
$result['vsego'] = $vsego = mysql_result(mysql_query($sql_count),0);
|
||
|
||
$sql_count_active = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=0";
|
||
|
||
$result['active'] = mysql_result(mysql_query($sql_count_active),0);
|
||
|
||
//$sql_count_online = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_online AND blocked=0";
|
||
|
||
//$result['online'] = mysql_result(mysql_query($sql_count_online),0);
|
||
|
||
$sql_count_blocked = "SELECT COUNT(*) FROM users WHERE id<>$_SESSION[id] $bd_usl_managers AND blocked=1";
|
||
|
||
$result['blocked'] = mysql_result(mysql_query($sql_count_blocked),0);
|
||
|
||
$all_pages = ceil($vsego/$kol_on_page);
|
||
|
||
if($_GET['page']) $page = $_GET['page']; else $page = 1;
|
||
|
||
$ot = ($page-1)*$kol_on_page;
|
||
|
||
$sql = "SELECT *, DATE_FORMAT(date_reg,'%d.%m.%Y %H:%i') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth FROM users";
|
||
|
||
if ($self_include) {
|
||
$sql .= " WHERE users.id = $_SESSION[id] OR ($bd_usl)";
|
||
} else {
|
||
$sql .= " WHERE users.id <> $_SESSION[id] AND $bd_usl";
|
||
}
|
||
|
||
$sql .= " ORDER BY users.manager desc, users.id DESC";
|
||
|
||
if (isset($_GET['dev']))
|
||
echo $sql;
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
while($users=mysql_fetch_assoc($rez)) $result['users'][] = $users;
|
||
|
||
return $result;
|
||
|
||
}
|
||
|
||
public function del($id) {
|
||
|
||
$sql="SELECT * FROM users WHERE id=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$manager = mysql_fetch_assoc($rez);
|
||
|
||
$userDel = new User;
|
||
$userDel->get($id);
|
||
|
||
$user_del = array();
|
||
$arrayCanKey = ['pwd','email','last_name','first_name','middle_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager'];
|
||
foreach($manager as $key => $val){
|
||
if($key != 'id' && !empty($val) && in_array($key, $arrayCanKey)){
|
||
$user_del[] = "`".$key."` = '".$val."'";
|
||
}
|
||
}
|
||
$sql_in = "INSERT INTO users_delete SET ".implode(',', $user_del).", agency_id = ".$userDel->agencyId . ", user_id = {$id}";
|
||
file_put_contents($_SERVER["DOCUMENT_ROOT"]."/callevents/user.txt", "1. ". print_r($sql_in, true) . "\n", FILE_APPEND);
|
||
mysql_query($sql_in);
|
||
|
||
$sql="DELETE FROM users WHERE id=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
if ($manager['id_manager'] > 0) {
|
||
$sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id";
|
||
mysql_query($sql);
|
||
} else {
|
||
$sql="SELECT id FROM users WHERE id_manager=$id";
|
||
$rez=mysql_query($sql);
|
||
while($us = mysql_fetch_assoc($rez)) {
|
||
User::del($us['id']);
|
||
}
|
||
}
|
||
|
||
$sql="DELETE FROM views WHERE id_user=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="DELETE FROM sended_pdf WHERE id_agent=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="DELETE FROM online WHERE id_user=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="DELETE FROM objects WHERE id_user=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="DELETE FROM favor WHERE id_user=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
// осиротевшие персональные листинг-данные ушедшего (избранное/просмотры/потенциальные) — гигиена
|
||
mysql_query("DELETE FROM external_listing_favorites WHERE user_id=$id");
|
||
mysql_query("DELETE FROM external_listing_views WHERE user_id=$id");
|
||
mysql_query("DELETE FROM external_listing_potential WHERE user_id=$id");
|
||
|
||
$sql="DELETE FROM clients WHERE id_agent=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="DELETE FROM user_client_events WHERE user_id=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="DELETE FROM user_object_events WHERE user_id=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
// Открытые задачи листингов ушедшего передаём его менеджеру (исполнитель ушёл — кто-то живой должен закрыть);
|
||
// авторство (from_id) НЕ трогаем; выполненные/заметки/комменты остаются за автором (видны через users_delete-scope).
|
||
if ($manager['id_manager'] > 0) {
|
||
mysql_query("UPDATE external_listing_events SET user_id = " . (int)$manager['id_manager'] . " WHERE user_id = $id AND calendar_view = 0");
|
||
}
|
||
|
||
//удаляем из чата и данные в таблице настроек
|
||
RocketChat::deleteChatUser($id);
|
||
$sql="DELETE FROM chat_settings_user WHERE user_id=$id";
|
||
$rez=mysql_query($sql);
|
||
}
|
||
|
||
public static function deleteWithRebindClient($newIdAgent, $id, $newWhoWork, $newWhoWorkObj, $newWhoWorkReq, $managerId) {
|
||
|
||
$sql="SELECT * FROM users WHERE id=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$manager = mysql_fetch_assoc($rez);
|
||
|
||
$userDel = new User;
|
||
$userDel->get($id);
|
||
|
||
$user_del = array();
|
||
$arrayCanKey = ['pwd','email','last_name','first_name','middle_name','moder','phone', 'last_auth', 'agent','id_manager','date_reg','is_pwd', 'date_tarif','birthday', 'telegramm_chat_id','telegramm_notice','telegramm_date', 'region_rf_id', 'agency', 'manager'];
|
||
foreach($manager as $key => $val){
|
||
if($key != 'id' && !empty($val) && in_array($key, $arrayCanKey)){
|
||
$user_del[] = "`".$key."` = '".$val."'";
|
||
}
|
||
}
|
||
|
||
$sql_in = "INSERT INTO users_delete SET ".implode(',', $user_del).", agency_id = " . $userDel->agencyId. ", user_id = {$id}";
|
||
file_put_contents($_SERVER["DOCUMENT_ROOT"]."/callevents/user.txt", print_r($sql_in, true) . "\n", FILE_APPEND);
|
||
mysql_query($sql_in);
|
||
|
||
$sql="DELETE FROM users WHERE id=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
if ($manager['id_manager'] > 0) {
|
||
$sql="UPDATE users SET id_manager=$manager[id_manager] WHERE id_manager=$id";
|
||
mysql_query($sql);
|
||
} else {
|
||
$sql="SELECT id FROM users WHERE id_manager=$id";
|
||
$rez=mysql_query($sql);
|
||
while($us = mysql_fetch_assoc($rez)) {
|
||
User::deleteWithRebindClient($newIdAgent, $us['id'], $newWhoWork, $newWhoWorkObj, $newWhoWorkReq, $managerId);
|
||
}
|
||
}
|
||
|
||
$sql="DELETE FROM views WHERE id_user=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="DELETE FROM sended_pdf WHERE id_agent=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="DELETE FROM online WHERE id_user=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="DELETE FROM favor WHERE id_user=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
// осиротевшие персональные листинг-данные ушедшего (избранное/просмотры/потенциальные) — гигиена
|
||
mysql_query("DELETE FROM external_listing_favorites WHERE user_id=$id");
|
||
mysql_query("DELETE FROM external_listing_views WHERE user_id=$id");
|
||
mysql_query("DELETE FROM external_listing_potential WHERE user_id=$id");
|
||
|
||
$confirm = 0;
|
||
if($newWhoWork == $_SESSION['id']){
|
||
$confirm = 1;
|
||
}
|
||
|
||
$sql="UPDATE clients SET who_work=$newWhoWork, confirm=$confirm, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 0";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="UPDATE clients SET who_work=$newWhoWork, confirm=1, id_agent=$newIdAgent WHERE who_work=$id AND deleted = 1";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
// перенос всех событий тому, кому отдаем клиентов
|
||
$sql="UPDATE user_client_events SET user_id=$newWhoWork WHERE user_id=$id AND client_id>0";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
// перенос всех событий менеджеру или агентству
|
||
$sql="UPDATE user_object_events SET user_id=$managerId WHERE user_id=$id";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
// Открытые задачи листингов — тому же менеджеру (как own-object события выше); авторство (from_id) сохраняем
|
||
mysql_query("UPDATE external_listing_events SET user_id=$managerId WHERE user_id=$id AND calendar_view = 0");
|
||
|
||
//Заявки
|
||
$sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=$confirm, user_id=$newIdAgent WHERE who_work=$id AND deleted = 0";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
$sql="UPDATE requisitions SET who_work=$newWhoWorkReq, confirm=1, user_id=$newIdAgent WHERE who_work=$id AND deleted = 1";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
// перенос всех событий тому, кому отдаем заявки
|
||
$sql="UPDATE user_client_events SET user_id=$newWhoWorkReq WHERE user_id=$id AND req_id>0";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
|
||
$sqlNewObjUser = "SELECT * FROM users WHERE id=$newWhoWorkObj";
|
||
$rezNewObjUser = mysql_query($sqlNewObjUser);
|
||
$newObjUser = mysql_fetch_assoc($rezNewObjUser);
|
||
|
||
$phone = $newObjUser['phone'];
|
||
$num_search = User::num_search($newObjUser['phone']);
|
||
$sobstv = trim($newObjUser['last_name'] . ' ' . $newObjUser['first_name'] . ' ' . $newObjUser['middle_name']);
|
||
|
||
if ($newObjUser['agency'] == 0) {
|
||
$sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]";
|
||
$rez=mysql_query($sql);
|
||
$manager = mysql_fetch_assoc($rez);
|
||
|
||
if($manager['id_manager']) {
|
||
$agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
|
||
} else {
|
||
$agency = $manager;
|
||
}
|
||
if ($agency) {
|
||
$sobstv = $sobstv . ", агентство " . $agency['agency_name'];
|
||
}
|
||
}
|
||
|
||
$webHookIn = new WebHookIn(null, $userDel->agencyId);
|
||
|
||
$is_send_webhook = $webHookIn->check_hook('object_update', 'object');
|
||
|
||
if($is_send_webhook){
|
||
$webHookIn->save_webhook_cron_many($_SESSION['id'], $id, $newWhoWorkObj);
|
||
}
|
||
|
||
$dataWhook = array('action'=>'employee_delete', 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$userDel->agencyId);
|
||
$webHookIn->check_send($dataWhook);
|
||
// перенос всех объектов
|
||
$sql = "UPDATE objects SET is_main = 0, id_add_user=$newWhoWorkObj, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$id";
|
||
$rez = mysql_query($sql);
|
||
//Запись переноса в сфинкс
|
||
$db_sphinx = new MysqlPdo(hstsph2, null, null, null, true, '9306');
|
||
$sql = "UPDATE objects SET id_add_user=$newWhoWorkObj, phone_search = '$num_search' WHERE id_add_user=$id";
|
||
$db_sphinx->query($sql,true);
|
||
|
||
// перенос Зипал
|
||
$sql = "UPDATE zipal_objects SET user_id=$newWhoWorkObj, send_to_update=1 WHERE object_id in (SELECT id from objects where id_add_user=$id)";
|
||
mysql_query($sql);
|
||
|
||
$sqlPack = "UPDATE advertising_package_object_publish SET send_to_update = '1', error_when_send_to_update = '' WHERE object_id in (SELECT id from objects where id_add_user=$id)";
|
||
mysql_query($sqlPack);
|
||
|
||
// в передаче объектов затираем передачи, которые адресованы удаляемому пользователю
|
||
$sql = "UPDATE objects_to_send SET accept_state='REJECTED', accept_date=NOW() WHERE new_user_id=$id";
|
||
mysql_query($sql);
|
||
|
||
// переносим комменты
|
||
$sqlObjN = "UPDATE object_notes SET created_by=$newWhoWorkObj WHERE created_by=$id";
|
||
mysql_query($sqlObjN);
|
||
|
||
//удаляем из чата и данные в таблице настроек
|
||
RocketChat::deleteChatUser($id);
|
||
$sql="DELETE FROM chat_settings_user WHERE user_id=$id";
|
||
$rez=mysql_query($sql);
|
||
}
|
||
|
||
public static function num_search($num) {
|
||
$num_search = str_replace("+", "", $num);
|
||
$num_search = str_replace("(", "", $num_search);
|
||
$num_search = str_replace(")", "", $num_search);
|
||
$num_search = str_replace(" ", "", $num_search);
|
||
$num_search = str_replace("-", "", $num_search);
|
||
$num_search = trim($num_search);
|
||
|
||
if (mb_strlen($num_search) > 7)
|
||
$num_search = mb_substr($num_search, 1);
|
||
|
||
return $num_search;
|
||
}
|
||
|
||
public function checkPermissions($userID = false, $useRedirect = true) {
|
||
|
||
if ($userID === false && isset($_SESSION['id'])) {
|
||
$userId = $_SESSION['id'];
|
||
} else if (isset($userID)) {
|
||
$userId = $userID;
|
||
} else {
|
||
if ($useRedirect)
|
||
$this->quit("ИД пользователя не указан", $useRedirect);
|
||
else
|
||
return ['error' => "ИД пользователя не указан"];
|
||
}
|
||
|
||
$sql = "SELECT users.*, online.ip, online.user_agent FROM users,online WHERE users.id=online.id_user AND users.id=$userId";
|
||
$rez = mysql_query($sql);
|
||
$users = mysql_fetch_assoc($rez);
|
||
|
||
if ($useRedirect && !$users)
|
||
$this->quit("Пользователь не авторизован", $useRedirect);
|
||
else if (!$users)
|
||
return ['error' => "Пользователь не авторизован"];
|
||
|
||
|
||
if ($useRedirect && $users['blocked'])
|
||
$this->quit("Ваш аккаунт заблокирован", $useRedirect);
|
||
else if ($users['blocked'])
|
||
return ['error' => "Ваш аккаунт заблокирован"];
|
||
|
||
/*if ($users['ip'] != $_SERVER['REMOTE_ADDR'] || $users['user_agent'] != $_SERVER['HTTP_USER_AGENT']) {
|
||
if ($useRedirect)
|
||
$this->quit("Сессия завершена. Авторизуйтесь заново. Если проблема повторяется, возможно ваш аккаунт используется другим человеком.", $useRedirect);
|
||
else
|
||
return ['error' => "Сессия завершена. Авторизуйтесь заново. Если проблема повторяется, возможно ваш аккаунт используется другим человеком."];
|
||
}*/
|
||
|
||
$tarif = new \Tarif;
|
||
$this->agencyId = $userId;
|
||
$this->show_zipal_balance = $users['show_zipal_balance'];
|
||
$this->zipal_balance = $users['zipal_balance'];
|
||
$this->agencyEgrnRequestCount = 0;
|
||
$this->agencyAntiznakRequestCount = 0;
|
||
$this->agencyEnableWazzap = $users['enable_wazzap'];
|
||
$departmentClass = new Department;
|
||
$departmentUser = $departmentClass->getDepartment($userId);
|
||
|
||
$payForTariff = false;
|
||
|
||
if ($users['id_manager']) {
|
||
$id_menager = $users['id_manager'];
|
||
if ($departmentUser['role'] == 'manager_office_menager' || $departmentUser['role'] == 'agent') {
|
||
if ($departmentUser['admin'] > 0) {
|
||
$id_menager = $departmentUser['admin'];
|
||
}
|
||
}
|
||
$agency = new User;
|
||
$agency->get($id_menager);
|
||
if ($agency->id_manager) {
|
||
$agency->get($agency->id_manager);
|
||
if ($agency->id_manager) {
|
||
$agency->get($agency->id_manager);
|
||
}
|
||
}
|
||
$id_tarif = $agency->id_tarif;
|
||
$this->agencyId = $agency->id;
|
||
$this->agencyZipalLogin = $agency->zipal_login;
|
||
$this->agencyZipalPassword = $agency->zipal_password;
|
||
$this->agencyZipalBalance = $agency->zipal_balance;
|
||
$this->agencyEgrnRequestCount = $agency->egrn_request_count;
|
||
$this->agencyAntiznakRequestCount = $agency->antiznak_request_count;
|
||
$this->agencyEnableWazzap = $agency->enable_wazzap;
|
||
$date_tarif = $agency->date_tarif;
|
||
|
||
if ($agency->date_reg < $agency->date_tarif) {
|
||
$payForTariff = true;
|
||
}
|
||
|
||
if ($userID === false) $_SESSION['photo'] = $agency->photo;
|
||
} else {
|
||
$id_tarif = $users['id_tarif'];
|
||
$date_tarif = $users['date_tarif'];
|
||
$_SESSION['photo'] = $users['photo'];
|
||
if ($users['date_reg'] < $users['date_tarif']) {
|
||
$payForTariff = true;
|
||
}
|
||
}
|
||
|
||
$tarif->get($id_tarif);
|
||
$date_tarif = strtotime($date_tarif);
|
||
$date_end = $date_tarif + $tarif->period * 3600 * 24;
|
||
$date_end_f = date("d.m.Y H:i", $date_end);
|
||
$dney = ceil(($date_end - time()) / 24 / 3600);
|
||
|
||
if ($dney <= 0) {
|
||
$_SESSION['pay'] = 1;
|
||
|
||
$_SESSION['paidEnded'] = 0;
|
||
|
||
if ($payForTariff) {
|
||
$_SESSION['paidEnded'] = 1;
|
||
}
|
||
|
||
if ($users['agency'])
|
||
$new_id_tarif = 67;
|
||
else
|
||
$new_id_tarif = 66;
|
||
|
||
if ($id_tarif == 5 || $id_tarif == 7) {
|
||
$new_tarif = new Tarif;
|
||
$new_tarif->get($new_id_tarif);
|
||
$one_day_plus = $new_tarif->period + 1;
|
||
mysql_query("UPDATE users SET test_tarif=1, date_tarif= DATE_SUB(NOW(), INTERVAL $one_day_plus DAY), id_tarif=$new_id_tarif WHERE id=$_SESSION[id]");
|
||
}
|
||
|
||
} else {
|
||
$_SESSION['pay'] = 0;
|
||
$_SESSION['paidEnded'] = 0;
|
||
}
|
||
|
||
$_SESSION['fio'] = trim($users['last_name'] . ' ' . $users['first_name'] . ' ' . $users['middle_name']);
|
||
$_SESSION['first_name'] = $users['first_name'];
|
||
$_SESSION['last_name'] = $users['last_name'];
|
||
$_SESSION['middle_name'] = $users['middle_name'];
|
||
$_SESSION['phone'] = $users['phone'];
|
||
$_SESSION['email'] = $users['email'];
|
||
|
||
if ($users['superadmin']) {
|
||
// Админ
|
||
$_SESSION['superadmin'] = 1;
|
||
} else {
|
||
$_SESSION['superadmin'] = 0;
|
||
}
|
||
|
||
if ($users['manager']) {
|
||
// менеджер
|
||
$this->manager = $_SESSION['manager'] = 1;
|
||
} else {
|
||
if ($departmentUser['role'] == 'manager_office' || $departmentUser['role'] == 'manager_office_menager') {
|
||
$this->manager = $_SESSION['manager'] = 1;
|
||
} else {
|
||
$this->manager = $_SESSION['manager'] = 0;
|
||
}
|
||
}
|
||
|
||
if ($users['id_manager'] == 0 && $users['agency'] == 0) {
|
||
// частник
|
||
$this->individual = $_SESSION['individual'] = 1;
|
||
} else {
|
||
$this->individual = $_SESSION['individual'] = 0;
|
||
}
|
||
|
||
if ($users['agent']) {
|
||
// агент
|
||
$this->agent = $_SESSION['agent'] = 1;
|
||
} else {
|
||
$this->agent = $_SESSION['agent'] = 0;
|
||
}
|
||
|
||
if ($users['agency']) {
|
||
// агентство
|
||
$this->agency = $_SESSION['agency'] = 1;
|
||
$this->agencyName = $_SESSION['agency_name'] = $users['agency_name'];
|
||
} else {
|
||
$this->agency = $_SESSION['agency'] = 0;
|
||
$this->agencyName = $_SESSION['agency_name'] = null;
|
||
}
|
||
|
||
if ($users['role_developer']) {
|
||
// застройщик
|
||
$this->role_developer = $_SESSION['role_developer'] = 1;
|
||
} else {
|
||
$this->role_developer = $_SESSION['role_developer'] = 0;
|
||
}
|
||
|
||
// пользователь, который может управлять другими
|
||
if ($users['users_admin']) {
|
||
$_SESSION['users_admin'] = 1;
|
||
} else {
|
||
$_SESSION['users_admin'] = 0;
|
||
}
|
||
|
||
//Предмодерация рекламы по объектам
|
||
$_SESSION['use_advert_moderation'] = 0;
|
||
$q_moderation = mysql_query("SELECT * FROM advert_moderation_agency WHERE agency_id = {$this->agencyId}");
|
||
if(mysql_num_rows($q_moderation) > 0){
|
||
$_SESSION['use_advert_moderation'] = 1;
|
||
}
|
||
|
||
// Рекламный бюджет и ограничение публикации
|
||
$_SESSION['use_advert_budget'] = 0;
|
||
|
||
if (!$this->agency) {
|
||
$sql = "SELECT use_advert_budget FROM users WHERE id=$this->agencyId";
|
||
if ($rez = mysql_query($sql)) {
|
||
$row = mysql_fetch_assoc($rez);
|
||
$_SESSION['use_advert_budget'] = $row['use_advert_budget'];
|
||
}
|
||
}
|
||
|
||
if ($this->use_advert_budget) {
|
||
$_SESSION['use_advert_budget'] = 1;
|
||
}
|
||
|
||
$sessionTime = 86400;
|
||
|
||
$this->region = $users['region_rf_id'];
|
||
$this->id = $_SESSION['id'] = $users['id'];
|
||
$this->id_manager = $_SESSION['id_manager'] = $users['id_manager'];
|
||
$this->agency_id = $_SESSION['agency_id'] = self::getUserAgencyID();
|
||
// куки-зеркало сессии для совместимости. Фронт читает права из API/стора, не из кук;
|
||
// гард — чтобы на after-output страницах setcookie не падал «headers already sent» (флуд в лог).
|
||
if (!headers_sent()) {
|
||
setcookie('user_id', $_SESSION['id'], time() + 360, "/");
|
||
setcookie('agency_id', $_SESSION['agency_id'], time() + 360, "/");
|
||
setcookie('id_manager', $_SESSION['id_manager'], time() + 360, "/");
|
||
setcookie('is_agency', $_SESSION['agency'], time() + 360, "/");
|
||
setcookie('is_manager', $_SESSION['manager'], time() + 360, "/");
|
||
setcookie('is_users_admin', $_SESSION['users_admin'], time() + 360, "/");
|
||
setcookie('is_agent', $_SESSION['agent'], time() + 360, "/");
|
||
setcookie('PHPSESSID_EXPIRATION', $sessionTime + time(), time() + 360, "/");
|
||
}
|
||
$this->_user_can['autosearch'] = true;
|
||
$this->_user_can['object-fields'] = boolval($this->agency || $this->manager || $this->users_admin);
|
||
//$this->_user_can['advert-stats'] = boolval($this->agency || $this->users_admin);
|
||
$this->_user_can['advert-stats'] = true;
|
||
$_SESSION['user_can'] = $this->_user_can;
|
||
if (!headers_sent()) {
|
||
setcookie('user_can', json_encode($_SESSION['user_can']), time() + 360, "/");
|
||
}
|
||
}
|
||
|
||
public function checkMenuPermissions($permissionName = null) {
|
||
$userId = $_SESSION['id'];
|
||
$sql_d = "SELECT * FROM `user_permissions` WHERE `user_id` = ".$userId;
|
||
|
||
if ($permissionName) {
|
||
$sql_d .= " AND {$permissionName} = 1";
|
||
}
|
||
|
||
$result = mysql_query($sql_d);
|
||
return mysql_fetch_assoc($result);
|
||
}
|
||
|
||
public function check_sms($post, $pwd = false, $use_redirect = true)
|
||
{
|
||
if ($_SESSION['sms'] == $post['sms'] || $pwd) {
|
||
|
||
$sql = "SELECT * FROM `users` WHERE `phone`='+{$post['phone']}'";
|
||
if (!$rez = mysql_query($sql))
|
||
$msg = mysqli_error();
|
||
|
||
if (mysql_num_rows($rez)) {
|
||
|
||
$users = mysql_fetch_assoc($rez);
|
||
if ($pwd && md5($post['pwd'] . SALT) != $users['pwd']) {
|
||
if ($use_redirect)
|
||
return "Неверный пароль";
|
||
else
|
||
return [
|
||
'success' => false,
|
||
'message' => "Неверный пароль",
|
||
];
|
||
}
|
||
|
||
if ($users['moder']) {
|
||
if (!$users['blocked']) {
|
||
|
||
$this->agency_id = self::getUserAgencyID($users['id']);
|
||
|
||
$sql_enable = "SELECT * FROM auth_enable_ip WHERE id_agency = {$this->agency_id}";
|
||
|
||
$q_enable = mysql_query($sql_enable);
|
||
|
||
//если есть строки в таблице, значит есть ограничение по IP
|
||
if(mysql_num_rows($q_enable) > 0) {
|
||
$ipEnabled = false;
|
||
|
||
while ($ip = mysql_fetch_assoc($q_enable)) {
|
||
if ($ip['ip'] == $_SERVER['REMOTE_ADDR']) {
|
||
$ipEnabled = true;
|
||
}
|
||
}
|
||
|
||
if (!$ipEnabled) {
|
||
//проверяем разрешение на фход с любого IP
|
||
$sql_select_permissions = "SELECT allow_any_ip FROM user_permissions WHERE user_id=$users[id]";
|
||
$permissions_result = mysql_query($sql_select_permissions);
|
||
|
||
if (mysql_num_rows($permissions_result) > 0) {
|
||
$r_u = mysql_fetch_assoc($permissions_result);
|
||
$allowAnyIp = $r_u["allow_any_ip"];
|
||
if ($allowAnyIp) {
|
||
$ipEnabled = true;
|
||
}
|
||
}
|
||
}
|
||
|
||
if (!$ipEnabled) {
|
||
|
||
if ($use_redirect)
|
||
return "Вход с вашим IP адресом запрещен";
|
||
else
|
||
return [
|
||
'success' => false,
|
||
'message' => "Вход с вашим IP адресом запрещен",
|
||
];
|
||
}
|
||
}
|
||
|
||
// регенерация ИД сессии для установки новых кук
|
||
$sessionTime = 86400;
|
||
session_set_cookie_params($sessionTime);
|
||
session_regenerate_id(false);
|
||
|
||
$_SESSION['agency_id'] = $this->agency_id;
|
||
|
||
$_SESSION['fio'] = trim($users['last_name'] . ' ' . $users['first_name'] . ' ' . $users['middle_name']);
|
||
$_SESSION['phone'] = $users['phone'];
|
||
$_SESSION['id'] = $users['id'];
|
||
$_SESSION['email'] = $users['email'];
|
||
|
||
if ($users['manager'])
|
||
$this->manager = $_SESSION['manager'] = 1;
|
||
else
|
||
$this->manager = $_SESSION['manager'] = 0;
|
||
|
||
if ($users['id_manager'] == 0)
|
||
$this->individual = $_SESSION['individual'] = 1; // частник
|
||
else
|
||
$this->individual = $_SESSION['individual'] = 0;
|
||
|
||
if ($users['agent'])
|
||
$this->agent = $_SESSION['agent'] = 1;
|
||
else
|
||
$this->agent = $_SESSION['agent'] = 0;
|
||
|
||
if ($users['agency'])
|
||
$this->agency = $_SESSION['agency'] = 1;
|
||
else
|
||
$this->agency = $_SESSION['agency'] = 0;
|
||
|
||
//пользователь, который может управлять другими
|
||
if ($users['users_admin'])
|
||
$_SESSION['users_admin'] = 1;
|
||
else
|
||
$_SESSION['users_admin'] = 0;
|
||
|
||
$this->id = $_SESSION['id'] = $users['id'];
|
||
|
||
mysql_query("UPDATE users SET last_auth=NOW() WHERE id=$users[id]");
|
||
|
||
mysql_query("DELETE FROM online WHERE id_user=$users[id]");
|
||
|
||
mysql_query("INSERT INTO online(id_user, last_activity, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')");
|
||
|
||
mysql_query("INSERT INTO auth_log(id_user, entry, ip, user_agent) VALUES($_SESSION[id], NOW(), '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "')");
|
||
|
||
//Для Laravel
|
||
$allowed_users_deal = [117, 4];
|
||
if (in_array((int)$_SESSION['agency_id'], $allowed_users_deal)) {
|
||
$sessionData = [
|
||
'id' => session_id(),
|
||
'user_id' => $users['id'],
|
||
'payload' => json_encode([
|
||
'fio' => $_SESSION['fio'],
|
||
'phone' => $_SESSION['phone'],
|
||
'roles' => [
|
||
'manager' => $_SESSION['manager'],
|
||
'agent' => $_SESSION['agent'],
|
||
'agency' => $_SESSION['agency'],
|
||
'superadmin' => $_SESSION['superadmin']
|
||
]
|
||
]),
|
||
'last_activity' => time(),
|
||
'ip_address' => $_SERVER['REMOTE_ADDR'],
|
||
'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''
|
||
];
|
||
|
||
$sql_session = "REPLACE INTO sessions (id, user_id, payload, last_activity, ip_address, user_agent) VALUES (
|
||
'" . mysql_real_escape_string($sessionData['id']) . "',
|
||
{$sessionData['user_id']},
|
||
'" . mysql_real_escape_string($sessionData['payload']) . "',
|
||
{$sessionData['last_activity']},
|
||
'" . mysql_real_escape_string($sessionData['ip_address']) . "',
|
||
'" . mysql_real_escape_string($sessionData['user_agent']) . "'
|
||
)";
|
||
mysql_query($sql_session);
|
||
}
|
||
|
||
if ($users['superadmin']) {
|
||
|
||
$_SESSION['superadmin'] = 1;
|
||
if ($use_redirect)
|
||
header("location:/admin/index.php");
|
||
else
|
||
return [
|
||
'success' => true
|
||
];
|
||
} else {
|
||
|
||
$agenciesHaveAccessToNewComplexes = [4, 5261, 12028, 12061, 17328, 11325, 13735, 19093, 16378, 19467, 20197, 19909, 19646];
|
||
|
||
$user_id = $_SESSION['id'];
|
||
|
||
$check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $user_id";
|
||
$check_permissions_result = mysql_query($check_permissions_sql);
|
||
|
||
if (!$check_permissions_result || mysql_num_rows($check_permissions_result) == 0) {
|
||
|
||
$permissions = [
|
||
$user_id,
|
||
1, 1, 1, // menu_office, menu_search, menu_objects
|
||
0, 0, // menu_all_objects, menu_all_objects_edit
|
||
0, // menu_ads
|
||
1, 0, 0, 0, // menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export
|
||
1, 0, 0, 0, // menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export
|
||
0, 1, 1, // menu_partners, menu_docs, menu_settings
|
||
0, // menu_complexes (по умолчанию отключено)
|
||
1, 0, // menu_can_transfer_to_common (по умолчанию включено), menu_can_take_from_closed (по умолчанию отключено)
|
||
0, // menu_can_transfer_closed_to_others (может передавать закрытые заявки другим сотрудникам)
|
||
];
|
||
|
||
$is_admin = !empty($users['users_admin']);
|
||
$in_agency_list = in_array($user_id, $agenciesHaveAccessToNewComplexes);
|
||
$is_agent = $users['agent'] == '1' && $users['agency'] != '1' && $users['manager'] != '1' && $users['id_manager'] == 0;
|
||
$is_supervisor = $users['agency'] == '1' && $users['manager'] == '1';
|
||
$is_developer = $users['role_developer'] == '1';
|
||
|
||
$default_can_transfer_to_common = 1;
|
||
if ($this->agency_id == 19895) {
|
||
$default_can_transfer_to_common = 0;
|
||
}
|
||
|
||
$default_cannot_create_req_manually = 0;
|
||
if ($this->agency_id == 19895) {
|
||
$default_cannot_create_req_manually = 1;
|
||
}
|
||
|
||
// Если admin или частный агент или руководитель и в списке с комплексами
|
||
if (
|
||
($is_admin && $in_agency_list) ||
|
||
($is_agent && $in_agency_list) ||
|
||
($is_supervisor && $in_agency_list) ||
|
||
($is_developer)
|
||
) {
|
||
$permissions = [
|
||
$user_id,
|
||
1, 1, 1,
|
||
1, 1,
|
||
1,
|
||
1, 1, 1, 1,
|
||
1, 1, 1, 1,
|
||
1, 1, 1,
|
||
1, // комплексы включены
|
||
$default_can_transfer_to_common, 1,
|
||
1,
|
||
$default_cannot_create_req_manually
|
||
];
|
||
}
|
||
// Если просто admin или частный агент или руководитель
|
||
elseif ($is_admin || $is_agent || $is_supervisor ) {
|
||
$permissions = [
|
||
$user_id,
|
||
1, 1, 1,
|
||
1, 1,
|
||
1,
|
||
1, 1, 1, 1,
|
||
1, 1, 1, 1,
|
||
1, 1, 1,
|
||
0, // комплексы выключены
|
||
$default_can_transfer_to_common, 1,
|
||
1,
|
||
$default_cannot_create_req_manually
|
||
];
|
||
}
|
||
$values_str = implode(',', $permissions);
|
||
|
||
$insert_sql = "INSERT INTO user_permissions
|
||
(user_id, menu_office, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit,
|
||
menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export,
|
||
menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export,
|
||
menu_partners, menu_docs, menu_settings, menu_complexes, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others, cannot_create_req_manually)
|
||
VALUES ($values_str)";
|
||
|
||
mysql_query($insert_sql);
|
||
}
|
||
|
||
$_SESSION['superadmin'] = 0;
|
||
$first_page_query = "SELECT jp.page_url FROM users
|
||
JOIN jw_pages jp ON users.jw_page_id = jp.id
|
||
WHERE users.id = " . $_SESSION['id'];
|
||
$first_page_result = mysql_query($first_page_query);
|
||
$first_page = mysql_fetch_assoc($first_page_result);
|
||
$redirect_page = !empty($first_page['page_url']) ? $first_page['page_url'] : "/sale.php";
|
||
if ($use_redirect)
|
||
if ($redirect_page) {
|
||
header("location:$redirect_page");
|
||
} else {
|
||
header("location:/sale.php");
|
||
}
|
||
else
|
||
return [
|
||
'success' => true
|
||
];
|
||
}
|
||
|
||
} else $msg = "Аккаунт заблокирован!";
|
||
|
||
} else $msg = "Аккаунт ещё не подтверждён.";
|
||
|
||
} else $msg = "Этот номер телефона не зарегистрирован в JoyWork.";
|
||
|
||
} else $msg = "Неверный код подтверждения!";
|
||
|
||
if ($use_redirect)
|
||
return $msg;
|
||
else
|
||
return [
|
||
'success' => false,
|
||
'message' => $msg,
|
||
];
|
||
}
|
||
|
||
|
||
public function auth($post) {
|
||
$msg = 0;
|
||
if(!empty($post['phone'])) {
|
||
$phone = $post['phone'];
|
||
$sql = "SELECT * FROM users WHERE phone = '{$phone}'";
|
||
$rez = mysql_query($sql);
|
||
|
||
if (mysql_num_rows($rez)) {
|
||
$users = mysql_fetch_assoc($rez);
|
||
|
||
if ($users['moder']) {
|
||
if (!$users['blocked']) {
|
||
$PHP_SELF = $_SERVER['PHP_SELF'];
|
||
if ($users['is_pwd']) {
|
||
header("location:$PHP_SELF?phone2=$phone");
|
||
}
|
||
else {
|
||
require_once($_SERVER['DOCUMENT_ROOT']."/engine/mobilGroupApi.php");
|
||
$_SESSION['sms'] = $code_sms = ok_code($phone);
|
||
$r = sendCode($phone, $code_sms);
|
||
if ($r[1] > 0) {
|
||
header("location:$PHP_SELF?phone=$phone");
|
||
} else {
|
||
$msg = "Робот не может дозвониться по номеру $phone. Проверьте корректность номера или попробуйте выполнить вход позже.";
|
||
mailClient("ellada-an@mail.ru","Робот не может дозвониться по номеру ".$_SERVER['SERVER_NAME'], "Ответ сервера: $r[0]");
|
||
}
|
||
}
|
||
} else $msg = "Аккаунт заблокирован!";
|
||
} else $msg="Аккаунт ещё не подтверждён.";
|
||
} else $msg="Этот номер телефона не зарегистрирован в JoyWork";
|
||
} else $msg="Не заполнены поля формы!";
|
||
return $msg;
|
||
}
|
||
|
||
|
||
|
||
public function destroy_session() {
|
||
|
||
$_SESSION = array();
|
||
|
||
// If it's desired to kill the session, also delete the session cookie.
|
||
// Note: This will destroy the session, and not just the session data!
|
||
if (ini_get("session.use_cookies")) {
|
||
$params = session_get_cookie_params();
|
||
setcookie(session_name(), '', time() - 42000,
|
||
$params["path"], $params["domain"],
|
||
$params["secure"], $params["httponly"]
|
||
);
|
||
}
|
||
|
||
session_destroy();
|
||
}
|
||
|
||
|
||
|
||
public function quit($msg = "", $useRedirect = true) {
|
||
|
||
$this->destroy_session();
|
||
$this->id = false;
|
||
$this->manager = false;
|
||
$this->agent = false;
|
||
|
||
if ($useRedirect)
|
||
header("location:/index.php?msg=$msg");
|
||
|
||
}
|
||
|
||
|
||
|
||
public function reg($post) {
|
||
$post_data = http_build_query(
|
||
array(
|
||
'secret' => '6Le30z8UAAAAALHfN7ZJoLcA5sPUZYmfwC1teREV',
|
||
'response' => $post['g-recaptcha-response'],
|
||
'remoteip' => $_SERVER['REMOTE_ADDR']
|
||
)
|
||
);
|
||
$opts = array('http' =>
|
||
array(
|
||
'method' => 'POST',
|
||
'header' => 'Content-type: application/x-www-form-urlencoded',
|
||
'content' => $post_data
|
||
)
|
||
);
|
||
$context = stream_context_create($opts);
|
||
$response = file_get_contents('https://www.google.com/recaptcha/api/siteverify', false, $context);
|
||
$result = json_decode($response);
|
||
|
||
/*if (!$result->success) {
|
||
$msg_user = "Проверка капчи не пройдена. ";
|
||
} else {*/
|
||
if (!empty($post['email'])) {
|
||
if (!empty($post['phone'])) {
|
||
if(!empty($post['region']) && $post['region'] > 0){
|
||
|
||
if (substr($post['phone'], 0, 2) !== "+7") {
|
||
return "Телефон должен начинаться с +7";
|
||
}
|
||
$sql = "SELECT * FROM users WHERE phone='$post[phone]'";
|
||
$rez = mysql_query($sql);
|
||
|
||
if (!empty($post['last_name']) || !empty($post['first_name'])) {
|
||
|
||
if (mysql_num_rows($rez) == 0) {
|
||
|
||
$msg_user = "";
|
||
$agent = 0;
|
||
$agency = 0;
|
||
$developer = 0;
|
||
$adMenuVisible = 0;
|
||
$manager = 0;
|
||
|
||
// ставим всем нормальный тариф сразу
|
||
if ($post['type'] == 1)
|
||
{
|
||
$agency = 1;
|
||
$manager = 1;
|
||
$agent = 1;
|
||
$tarif = 67;
|
||
$adMenuVisible = 1;
|
||
}
|
||
else if ($post['type'] == 3)
|
||
{
|
||
$developer = 1;
|
||
$agent = 0;
|
||
$agency = 0;
|
||
$manager = 1;
|
||
$tarif = 107;
|
||
}
|
||
else
|
||
{
|
||
$agent = 1;
|
||
$tarif = 97;
|
||
}
|
||
|
||
$new_tarif = new Tarif;
|
||
$new_tarif->get($tarif);
|
||
$one_day_plus = $new_tarif->period + 1;
|
||
|
||
if (empty($post['fio']))
|
||
$post['fio'] = trim(($post['last_name'] . " " . $post['first_name'] . " " . $post['middle_name']));
|
||
|
||
try {
|
||
$sql = "INSERT INTO
|
||
users (
|
||
`fio`,
|
||
`region_rf_id`,
|
||
`email`,
|
||
`phone`,
|
||
`agency_name`,
|
||
`first_name`,
|
||
`last_name`,
|
||
`middle_name`,
|
||
`agency`,
|
||
`agent`,
|
||
`manager`,
|
||
`moder`,
|
||
`date_reg`,
|
||
`show_all_objects_page`,
|
||
`id_tarif`,
|
||
`date_tarif`,
|
||
`role_developer`
|
||
) VALUES (
|
||
'$post[fio]',
|
||
'$post[region]',
|
||
'" . trim($post['email']) . "',
|
||
'$post[phone]',
|
||
'$post[agency_name]',
|
||
'$post[first_name]',
|
||
'$post[last_name]',
|
||
'$post[middle_name]',
|
||
'$agency',
|
||
'$agent',
|
||
'$manager',
|
||
'1',
|
||
NOW(),
|
||
'$adMenuVisible',
|
||
'$tarif',
|
||
DATE_SUB(NOW(),INTERVAL $one_day_plus DAY),
|
||
$developer
|
||
)";
|
||
mysql_query($sql);
|
||
|
||
$user_id = mysql_insert_id();
|
||
|
||
mysql_query("UPDATE users SET company_id = $user_id WHERE id = $user_id");
|
||
|
||
// письмо с шаблоном
|
||
/* $f1 = file("https://joywork.ru/template_mail/afterreg.html");
|
||
$text = implode("", $f1);
|
||
|
||
mailClient($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text);
|
||
|
||
mailClientFromJoywork("service@joywork.ru", "Новый пользователь на сайте JoyWork",
|
||
"Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']);
|
||
|
||
mailClientFromJoywork("iganus@joywork.ru", "Новый пользователь на сайте JoyWork",
|
||
"Зарегистрирован новый пользователь - " . ($agency ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone']);
|
||
|
||
*/
|
||
$agency_or_developer = $agency ? $agency : $developer;
|
||
$funnel = 0;
|
||
$fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
|
||
$name_agent = '';
|
||
if($agency_or_developer){
|
||
|
||
if ($developer)
|
||
{
|
||
mysql_query(
|
||
"INSERT INTO `user_permissions`
|
||
(
|
||
user_id,
|
||
menu_office,
|
||
menu_complexes,
|
||
menu_search,
|
||
menu_objects,
|
||
menu_all_objects,
|
||
menu_all_objects_edit,
|
||
menu_ads,
|
||
menu_clients,
|
||
menu_all_clients,
|
||
menu_all_clients_edit,
|
||
menu_all_clients_export,
|
||
menu_submissions,
|
||
menu_all_submissions,
|
||
menu_all_submissions_edit,
|
||
menu_all_submissions_export,
|
||
menu_docs,
|
||
menu_settings,
|
||
menu_partners,
|
||
menu_can_transfer_to_common,
|
||
menu_can_take_from_closed,
|
||
menu_can_transfer_closed_to_others
|
||
) VALUES (
|
||
$user_id,
|
||
1,
|
||
1,
|
||
0,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
1,
|
||
)
|
||
"
|
||
);
|
||
}
|
||
|
||
$funnel = 118;
|
||
$name_agent = $post['agency_name'];
|
||
|
||
} else {
|
||
$funnel = 1141;
|
||
$name_agent = $fio_jw;
|
||
}
|
||
|
||
//$fio_jw = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
|
||
|
||
$sql_jw = "INSERT INTO clients SET phone='{$post['phone']}', ".
|
||
"fio = '{$name_agent}', email = '{$post['email']}', ".
|
||
"opis='{$fio_jw}', ".
|
||
"id_agent = 4, who_work = 0, ".
|
||
"date_add = NOW(), stage=1, confirm=0, funnel_id={$funnel}, `developer` = $developer";
|
||
|
||
if(mysql_query($sql_jw)){
|
||
$id_cl = mysql_insert_id();
|
||
$cl = new Clients();
|
||
$cl->get_class_etap($id_cl, $funnel);
|
||
|
||
$reg = mysql_fetch_assoc(mysql_query("SELECT name FROM rf_regions WHERE id=$post[region]"));
|
||
|
||
$actyvites = mysql_fetch_assoc(mysql_query("SELECT id FROM activities WHERE user_id=4 AND name='".$reg['name']."'"));
|
||
if(isset($actyvites['id'])){
|
||
|
||
mysql_query("INSERT INTO clients_activities (activity_id, client_id) VALUES ({$actyvites['id']}, {$id_cl})");
|
||
}
|
||
$comment = "Новый пользователь - " . ($agency_or_developer ? "агентство $post[agency_name]. " : "агент. ФИО: " . trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']) . ". ") . "Email: " . $post['email'] . ". Телефон: " . $post['phone'];
|
||
|
||
$newTime = date("Y-m-d H:i:s", strtotime('+30 minutes'));
|
||
$sql_in_ev = "INSERT INTO user_client_events (user_id, client_id, create_date, schedule_date, `type`, comment, calendar_view, from_id) ".
|
||
"VALUES (4, {$id_cl}, '".date('Y-m-d H:i:s')."', '".$newTime."', 'call', '".$comment."', 0, 4)";
|
||
|
||
mysql_query($sql_in_ev);
|
||
}
|
||
|
||
require_once($_SERVER['DOCUMENT_ROOT'] . "/engine/mobilGroupApi.php");
|
||
$_SESSION['sms'] = $code_sms = ok_code($post["phone"]);
|
||
|
||
$r = sendCode($post["phone"], $code_sms);
|
||
$phone = $post['phone'];
|
||
if ($r[1] > 0) {
|
||
header("location:index.php?phone=$phone");
|
||
} else {
|
||
$msg_user = "Робот не может дозвониться по номеру $phone. Проверьте корректность номера или попробуйте выполнить вход позже.";
|
||
mailClient("ellada-an@mail.ru", "Робот не может дозвониться по номеру " . $_SERVER['SERVER_NAME'], "Ответ сервера: $r[0]");
|
||
}
|
||
} catch (Exception $e) {
|
||
$msg_user .= "Выброшено исключение: " . $e->getMessage();
|
||
}
|
||
|
||
$this->get($user_id);
|
||
$this->getNewUserPackages();
|
||
|
||
$status_text = "\nагент. ФИО: ";
|
||
|
||
if ($agency)
|
||
{
|
||
$status_text = "агентство $post[agency_name]. ";
|
||
}
|
||
else if ($developer)
|
||
{
|
||
$status_text = "\nзастройщик. $post[agency_name] ФИО: ";
|
||
}
|
||
|
||
$text_reg = "";
|
||
$text_reg .= "<b>Новый пользователь на сайте JoyWork</b>";
|
||
$text_reg .= "\nЗарегистрирован новый пользователь - "
|
||
. ($status_text . trim($post['last_name']
|
||
. ' '
|
||
. $post['first_name']
|
||
. ' '
|
||
. $post['middle_name'])
|
||
. ". ")
|
||
. "\nEmail: "
|
||
. $post['email']
|
||
. ".\nТелефон: "
|
||
. $post['phone'];
|
||
|
||
$tel = new Telegram(false);
|
||
$max = new MaxClass();
|
||
|
||
$chatId = 255183898;
|
||
try{
|
||
$tel->send($text_reg, $chatId);
|
||
} catch (Exception $e) {
|
||
//$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
|
||
}
|
||
|
||
$max_user_id = 125565439;
|
||
try{
|
||
$max->send_messages_to_user($max_user_id, $text_reg);
|
||
|
||
} catch (Exception $e){}
|
||
|
||
$chatId = 1313658538;
|
||
try{
|
||
$tel->send($text_reg, $chatId);
|
||
} catch (Exception $e) {
|
||
//$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
|
||
}
|
||
$max_user_id = 238784061;
|
||
try{
|
||
$max->send_messages_to_user($max_user_id, $text_reg);
|
||
|
||
} catch (Exception $e){}
|
||
|
||
$chatId = 161649599;
|
||
try{
|
||
$tel->send($text_reg, $chatId);
|
||
} catch (Exception $e) {
|
||
//$msg_user .= "Выброшено исключение телеграмм: " . $e->getMessage();
|
||
}
|
||
|
||
|
||
} else $msg_user = "Пользователь с таким номером телефона уже существует.";
|
||
} else $msg_user = "Не указана Фамилия и/или Имя пользователя.";
|
||
} else $msg_user = "Не указан регион";
|
||
} else $msg_user = "Не указан номер телефона.";
|
||
} else $msg_user = "Не указан адрес электронной почты.";
|
||
//}
|
||
|
||
return $msg_user;
|
||
}
|
||
|
||
public function remind_pass($post) {
|
||
|
||
$msg = 0;
|
||
|
||
if(!empty($post['email'])) // проверяем обязательные поля
|
||
|
||
{
|
||
|
||
$sql="SELECT * FROM users WHERE email='$post[email]'";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
if(mysql_num_rows($rez))
|
||
|
||
{
|
||
|
||
$users=mysql_fetch_array($rez);
|
||
|
||
$pwd = generatePass();
|
||
|
||
$pwd_enc = md5($pwd.SALT);
|
||
|
||
$sql = "UPDATE users SET pwd='$pwd_enc' WHERE id=$users[id]";
|
||
|
||
mysql_query($sql);
|
||
|
||
mailClient($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],"Ваш новый пароль: $pwd");
|
||
|
||
header("location:remind_pass.php?success=1");
|
||
|
||
} else $msg="Неверный адрес почты!";
|
||
|
||
} else $msg="Не заполнены поля формы!";
|
||
|
||
return $msg;
|
||
|
||
}
|
||
|
||
|
||
|
||
public function change_pwd($post) {
|
||
|
||
$msg = 0;
|
||
|
||
if(!empty($post['pwd']) and !empty($post['old_pwd']) and !empty($post['pwd2']))
|
||
|
||
{
|
||
|
||
$sql="SELECT * FROM users WHERE id='$_SESSION[id]'";
|
||
|
||
$rez=mysql_query($sql);
|
||
|
||
if($users=mysql_fetch_assoc($rez))
|
||
|
||
{
|
||
|
||
if(md5($post['old_pwd'].SALT)==$users['pwd'])
|
||
|
||
{
|
||
|
||
if($post['pwd']==$post['pwd2'])
|
||
|
||
{
|
||
|
||
$pwd = md5($post['pwd'].SALT);
|
||
|
||
$sql = "UPDATE users SET pwd='$pwd' WHERE id=$_SESSION[id]";
|
||
|
||
mysql_query($sql);
|
||
|
||
$f1=file("https://joywork.ru/template_mail/changepassword.html");
|
||
$text = implode("",$f1);
|
||
|
||
$text = str_replace("<%login%>", $users['phone'], $text);
|
||
$text = str_replace("<%pass%>", $post['pwd'], $text);
|
||
|
||
mailClientFromJoywork($users['email'],"Новый пароль на сайте ".$_SERVER['SERVER_NAME'],$text);
|
||
|
||
header("location:settings.php?success=ok");
|
||
|
||
} else $msg="Пароль и подтверждение пароля не совпадают!";
|
||
|
||
} else $msg="Неверный пароль!";
|
||
|
||
} else $msg="Пользователь не существует!";
|
||
|
||
} else $msg="Не заполнены поля формы!";
|
||
|
||
return $msg;
|
||
|
||
}
|
||
|
||
|
||
|
||
public function edit($post) {
|
||
|
||
$postf=clearInputData($_POST);
|
||
|
||
$postf['txt'] = strip_tags(mysql_real_escape_string($post['txt']));
|
||
|
||
$post['agency_name'] = htmlspecialchars($post['agency_name']);
|
||
$post['first_name'] = htmlspecialchars($post['first_name']);
|
||
$post['last_name'] = htmlspecialchars($post['last_name']);
|
||
$post['middle_name'] = htmlspecialchars($post['middle_name']);
|
||
$post['is_dispatcher'] = 0;
|
||
if(isset($post['vpbx_id'])){
|
||
if($post['vpbx_id'] == $post['phone']){
|
||
$post['is_dispatcher'] = 1;
|
||
}
|
||
} else {
|
||
$post['vpbx_id'] = "";
|
||
}
|
||
|
||
$this->edit_api_ids($post, $_SESSION['id']);
|
||
$gmtmsk = 0;
|
||
if(isset($post['utc_edit'])){
|
||
$gmtmsk = $post['utc_edit'] - 3;
|
||
}
|
||
|
||
|
||
if ($_SESSION['individual'] == 1) {
|
||
$sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', txt='$postf[txt]', email='".trim($post['email'])."', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]";
|
||
} else {
|
||
$sql = "SELECT * FROM users WHERE phone='$post[phone]' and id <> $_SESSION[id]";
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
if (mysql_num_rows($rez) > 0) {
|
||
return "Пользователь с таким номером телефона уже существует.";
|
||
} else {
|
||
$sql = "UPDATE users SET jw_page_id = '$post[first_page]', region_rf_id = $post[region], agency_name='$post[agency_name]', first_name='$post[first_name]', last_name='$post[last_name]', middle_name='$post[middle_name]', phone='$post[phone]', phone2='$post[phone2_user]', txt='$postf[txt]', email='" . trim($post['email']) . "', site='$post[site]', sitename='$post[sitename]', adres='$post[adres]', phoneAgency='$post[phoneAgency]', is_dispatcher=$post[is_dispatcher], vpbx_id='$post[vpbx_id]', gmtmsk = '$gmtmsk' WHERE id=$_SESSION[id]";
|
||
}
|
||
|
||
if($post['all_update_utc']){
|
||
$agency_id = $this->getAgencyIdForUser($_SESSION['id']);
|
||
$usersIds[] = $agency_id;
|
||
$sql_users = "SELECT id FROM users WHERE id in (select id from users where id=$agency_id or id_manager=$agency_id or id_manager in
|
||
(select id from users where id_manager=$agency_id or id_manager in
|
||
(select id from users where id_manager=$agency_id)))";
|
||
$q_users = mysql_query($sql_users);
|
||
while($r_users = mysql_fetch_assoc($q_users)){
|
||
$usersIds[] = (int)$r_users['id'];
|
||
}
|
||
if(!empty($usersIds)) {
|
||
$sqlAll = "UPDATE users SET gmtmsk = '$gmtmsk' WHERE id in (".implode(',',$usersIds).")";
|
||
}
|
||
}
|
||
}
|
||
|
||
|
||
if (mysql_query($sql)) {
|
||
if(isset($sqlAll)){
|
||
mysql_query($sqlAll);
|
||
|
||
}
|
||
$sqlNewObjUser = "SELECT * FROM users WHERE id=$_SESSION[id]";
|
||
$rezNewObjUser = mysql_query($sqlNewObjUser);
|
||
$newObjUser = mysql_fetch_assoc($rezNewObjUser);
|
||
|
||
$sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
|
||
if ($newObjUser['agency'] == 0) {
|
||
$sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]";
|
||
$rez=mysql_query($sql);
|
||
$manager = mysql_fetch_assoc($rez);
|
||
|
||
if ($manager['id_manager']) {
|
||
$agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
|
||
} else {
|
||
$agency = $manager;
|
||
}
|
||
if ($agency) {
|
||
$sobstv = $sobstv . ", агентство " . $agency['agency_name'];
|
||
}
|
||
}
|
||
|
||
if ($_SESSION['agency']) {
|
||
if (!isset($post['on_agency_any_ip'])) {
|
||
$post['on_agency_any_ip'] = 0;
|
||
}
|
||
$check_permissions_sql = "SELECT * FROM `user_permissions` WHERE `user_id` = $_SESSION[id]";
|
||
$check_permissions_result = mysql_query($check_permissions_sql);
|
||
|
||
if (mysql_num_rows($check_permissions_result) > 0) {
|
||
$sql_update_permissions = "UPDATE user_permissions SET allow_any_ip = '$post[on_agency_any_ip]' WHERE user_id=$_SESSION[id]";
|
||
mysql_query($sql_update_permissions);
|
||
} else {
|
||
$permissions = [
|
||
$_SESSION['id'],
|
||
1, 1, 1,
|
||
1, 1,
|
||
1,
|
||
1, 1, 1, 1,
|
||
1, 1, 1, 1,
|
||
1, 1, 1,
|
||
0, // комплексы выключены
|
||
1,
|
||
1,
|
||
1,
|
||
$post['on_agency_any_ip'] ? 1 : 0
|
||
];
|
||
|
||
$values_str = implode(',', $permissions);
|
||
|
||
$insert_sql = "INSERT INTO user_permissions
|
||
(user_id, menu_office, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit,
|
||
menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export,
|
||
menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export,
|
||
menu_partners, menu_docs, menu_settings, menu_complexes, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others, allow_any_ip)
|
||
VALUES ($values_str)";
|
||
|
||
mysql_query($insert_sql);
|
||
}
|
||
|
||
}
|
||
|
||
//обновляем объекты пользователя
|
||
$phone = $post['phone'];
|
||
|
||
$sqlUpdateObj = "UPDATE objects SET is_main = 0, phone = '$phone', sobstv = '$sobstv' WHERE id_add_user=$_SESSION[id]";
|
||
mysql_query($sqlUpdateObj);
|
||
|
||
$_SESSION['fio'] = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
|
||
$_SESSION['agency_name'] = $post['agency_name'];
|
||
$_SESSION['first_name'] = $post['first_name'];
|
||
$_SESSION['last_name'] = $post['last_name'];
|
||
$_SESSION['middle_name'] = $post['middle_name'];
|
||
}
|
||
|
||
header("location:settings.php?success2=ok");
|
||
|
||
}
|
||
|
||
public function edit_api_ids($post, $user_id) {
|
||
$id=0;
|
||
$sql = "SELECT * FROM user_api_keys WHERE user_id = {$user_id}";
|
||
$q = mysql_query($sql);
|
||
if(mysql_num_rows($q) == 0){
|
||
$id = $this->gen_token($user_id);
|
||
} else {
|
||
|
||
$apis = mysql_fetch_assoc($q);
|
||
$id = $apis['id'];
|
||
}
|
||
if($id > 0){
|
||
$cian_id = (int)$post['cian_id'];
|
||
$avito_id = (int)str_replace(' ', '', $post['avito_id']);
|
||
$is_all_cian = 0;
|
||
if($post['is_all_cian']){
|
||
$is_all_cian = (int)$post['is_all_cian'];
|
||
}
|
||
$is_all_avito = 0;
|
||
if($post['is_all_avito']){
|
||
$is_all_avito = (int)$post['is_all_avito'];
|
||
}
|
||
$is_id_object = 0;
|
||
if($post['is_id_object']){
|
||
$is_id_object = (int)$post['is_id_object'];
|
||
}
|
||
|
||
$is_id_object_cian = 0;
|
||
if($post['is_id_object_cian']){
|
||
$is_id_object_cian = (int)$post['is_id_object_cian'];
|
||
}
|
||
|
||
$sql_up = "UPDATE user_api_keys SET cian_id = {$cian_id}, avito_id = {$avito_id}, is_all_cian={$is_all_cian}, is_all_avito={$is_all_avito}, is_id_object={$is_id_object}, is_id_object_cian={$is_id_object_cian} WHERE id = {$id}";
|
||
mysql_query($sql_up);
|
||
}
|
||
}
|
||
|
||
public function edit_vk($postUi) {
|
||
|
||
$post=clearInputData($postUi);
|
||
|
||
$flag = isset($post['vkFromGroup']) ? 1 : 0;
|
||
|
||
$sql = "UPDATE users SET vk_group_id='$post[vkGroup]', vk_post_as_group=$flag WHERE id=$_SESSION[id]";
|
||
|
||
mysql_query($sql);
|
||
|
||
header("location:settings.php?success2=ok");
|
||
|
||
}
|
||
|
||
public function edit_zipal($postUi) {
|
||
|
||
$post=clearInputData($postUi);
|
||
|
||
$sql = "UPDATE users SET zipal_login='$post[zipalLogin]', zipal_password='$post[zipalPass]' WHERE id=$_SESSION[id]";
|
||
|
||
mysql_query($sql);
|
||
|
||
header("location:settings.php?success2=ok");
|
||
|
||
}
|
||
|
||
public function edit_jcat($postUi) {
|
||
|
||
$post=clearInputData($postUi);
|
||
|
||
$sql = "UPDATE users SET jcat_api_key='$post[jcatApiKey]' WHERE id=$_SESSION[id]";
|
||
|
||
mysql_query($sql);
|
||
|
||
header("location:settings.php?success2=ok");
|
||
|
||
}
|
||
|
||
|
||
public function set_blocked($block, $id) {
|
||
$id = (int)$id;
|
||
$block = (int)$block;
|
||
|
||
// Блокируем/разблокируем основного пользователя
|
||
mysql_query("UPDATE users SET blocked = $block WHERE id = $id")
|
||
or die("Ошибка обновления статуса: " . mysql_error());
|
||
|
||
// Получаем данные пользователя
|
||
$result = mysql_query("SELECT * FROM users WHERE id = $id");
|
||
if (!$result) die("Ошибка запроса: " . mysql_error());
|
||
|
||
$user = mysql_fetch_assoc($result);
|
||
if (!$user) die("Пользователь не найден");
|
||
|
||
$agencyId = self::getUserAgencyID($id);
|
||
$action = ($block == 1) ? "employee_block" : "employee_unblock";
|
||
$dataWhook = array('action'=>$action, 'employee_id'=>$id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agencyId);
|
||
|
||
$w_in = new WebHookIn(null, $agencyId);
|
||
$w_in->check_send($dataWhook);
|
||
|
||
|
||
// Если статус меняется на "разблокирован" и пользователь — агент (не менеджер)
|
||
if ($block == 0 && !$user['manager']) {
|
||
|
||
if ($agencyId) {
|
||
mysql_query("UPDATE users SET id_manager = $agencyId WHERE id = $id")
|
||
or die("Ошибка обновления id_manager: " . mysql_error());
|
||
}
|
||
}
|
||
|
||
// Определяем действие для уведомления
|
||
$act = ($block == 1) ? "заблокирован" : "разблокирован";
|
||
|
||
// Если пользователь — менеджер, меняем статус всех подчиненных
|
||
if ($user['manager']) {
|
||
$queue = [$id]; // Очередь менеджеров для обработки
|
||
$processed = []; // Уже обработанные ID (защита от циклов)
|
||
|
||
while (!empty($queue)) {
|
||
$current_manager_id = array_shift($queue);
|
||
|
||
// Защита от зацикливания
|
||
if (in_array($current_manager_id, $processed)) continue;
|
||
$processed[] = $current_manager_id;
|
||
|
||
// Находим всех подчиненных текущего менеджера
|
||
$subordinates = mysql_query("
|
||
SELECT id, email, manager
|
||
FROM users
|
||
WHERE id_manager = $current_manager_id
|
||
");
|
||
|
||
if (!$subordinates) {
|
||
error_log("Ошибка SQL: " . mysql_error());
|
||
continue;
|
||
}
|
||
|
||
while ($subordinate = mysql_fetch_assoc($subordinates)) {
|
||
// Меняем статус подчиненного
|
||
mysql_query("UPDATE users SET blocked = $block WHERE id = {$subordinate['id']}");
|
||
|
||
// Отправляем уведомление
|
||
if (!empty($subordinate['email'])) {
|
||
mail(
|
||
$subordinate['email'],
|
||
"Аккаунт на сайте " . $_SERVER['SERVER_NAME'],
|
||
"Ваш аккаунт заблокирован, так как ваш менеджер был заблокирован"
|
||
);
|
||
}
|
||
|
||
// Если подчиненный — тоже менеджер, добавляем его в очередь
|
||
if ($subordinate['manager']) {
|
||
$queue[] = $subordinate['id'];
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|
||
// Отправляем уведомление основному пользователю
|
||
if (!empty($user['email'])) {
|
||
mail(
|
||
$user['email'],
|
||
"Аккаунт на сайте " . $_SERVER['SERVER_NAME'],
|
||
"Ваш аккаунт был $act"
|
||
);
|
||
}
|
||
|
||
return true;
|
||
}
|
||
|
||
|
||
|
||
/*public function set_moder($id,$mdb) {
|
||
|
||
$sql="UPDATE users SET moder=1 WHERE id=$id";
|
||
|
||
mysql_query($sql,$mdb);
|
||
|
||
$sql="SELECT * FROM users WHERE id=$id";
|
||
|
||
$rez=mysql_query($sql,$mdb);
|
||
|
||
$users=mysql_fetch_assoc($rez);
|
||
|
||
mailClient($users['email'],"Аккаунт на сайте ".$_SERVER['SERVER_NAME'],"Ваш аккаунт был подтверждён администратором ресурса. Вы можете начать пользоваться системой.");
|
||
|
||
}*/
|
||
|
||
|
||
|
||
public function set_manager($id_mngr, $id_user) {
|
||
|
||
$id_agency = $_SESSION['id'];
|
||
|
||
$curUser = new User;
|
||
|
||
$curUser->checkPermissions();
|
||
|
||
if ($_SESSION['users_admin']) {
|
||
$id_agency = $curUser->agencyId;
|
||
}
|
||
|
||
|
||
if($id_mngr == 0) // делаем юзера менеджером
|
||
|
||
{
|
||
|
||
$sql = "UPDATE users SET manager=1, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id=$id_user";
|
||
|
||
mysql_query($sql);
|
||
|
||
} elseif($id_mngr == -1) // разжаловать и сбросить всех агентов
|
||
|
||
{
|
||
$id_agency = $curUser->agencyId;
|
||
$sql = "UPDATE users SET manager=0, id_manager=$id_agency, photo='$_SESSION[photo]', department_id = 0, role_id = 0 WHERE id_manager=$id_user OR id=$id_user";
|
||
|
||
mysql_query($sql);
|
||
|
||
} else // установить агенту менеджера
|
||
|
||
{
|
||
|
||
$sql = "UPDATE users SET id_manager=$id_mngr, photo='$_SESSION[photo]' WHERE id=$id_user";
|
||
|
||
mysql_query($sql);
|
||
|
||
}
|
||
|
||
//return $this->getMyManagers();
|
||
|
||
}
|
||
|
||
public function set_role($roleId, $userId, $depId){
|
||
$id_agency = $_SESSION['id'];
|
||
|
||
$curUser = new User;
|
||
|
||
$curUser->checkPermissions();
|
||
|
||
if ($_SESSION['users_admin']) {
|
||
$id_agency = $curUser->agencyId;
|
||
}
|
||
$sql = "SELECT `id`, `role` FROM roles WHERE id = ".$roleId;
|
||
$q = mysql_query($sql);
|
||
$role = mysql_fetch_array($q);
|
||
|
||
if($role['role'] == 'agent'){
|
||
$managerId = $id_agency;
|
||
//Ищем менеджера отдела
|
||
$sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND (role = 'admin_department' or role = 'manager') order by role";
|
||
|
||
$q_a = mysql_query($sql_a);
|
||
if(mysql_num_rows($q_a) > 0){
|
||
while($r_a = mysql_fetch_assoc($q_a)){
|
||
|
||
$sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1";
|
||
|
||
$q_u = mysql_query($sql_u);
|
||
if(mysql_num_rows($q_u) > 0){
|
||
$r_u = mysql_fetch_assoc($q_u);
|
||
$managerId = (int)$r_u['id'];
|
||
break;
|
||
}
|
||
}
|
||
}
|
||
//Делаем пользователя агентом отдела
|
||
mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleId}, agent = 1, id_manager=$managerId, manager = 0 WHERE id = {$userId}");
|
||
//если пользователь был менеджером, то сбрасываем его пользователь к агенству
|
||
mysql_query("UPDATE users SET id_manager = {$id_agency}, department_id = 0, role_id = 0 WHERE id_manager = {$userId}");
|
||
} else if($role['role'] == 'manager'){
|
||
//Поиск админа отдела
|
||
$menager_id = $id_agency;
|
||
//echo $menager_id;
|
||
$sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1";
|
||
$q_a = mysql_query($sql_a);
|
||
if(mysql_num_rows($q_a) > 0){
|
||
$r_a = mysql_fetch_assoc($q_a);
|
||
$sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1";
|
||
//echo $sql_u;
|
||
$q_u = mysql_query($sql_u);
|
||
if(mysql_num_rows($q_u) > 0){
|
||
$r_u = mysql_fetch_assoc($q_u);
|
||
$menager_id = (int)$r_u['id'];
|
||
}
|
||
}
|
||
//Делаем пользователя менеджером отдела
|
||
$sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 1, id_manager = {$menager_id} WHERE id = {$userId}";
|
||
|
||
mysql_query($sql_up);
|
||
//Делаем всех пользователей этого менеджера агентами отдела
|
||
$sql = "SELECT `id` FROM roles WHERE department_id = {$depId} and role = 'agent'";
|
||
$q = mysql_query($sql);
|
||
$roleBase = 0;
|
||
if(mysql_num_rows($q) > 0){
|
||
$role = mysql_fetch_array($q);
|
||
$roleBase = $role['id'];
|
||
}
|
||
mysql_query("UPDATE users SET department_id = {$depId}, role_id = {$roleBase} WHERE id_manager = {$userId} and manager = 0");
|
||
//Делаем всех свободных сотрудников отдела агентами этого менеджера
|
||
//mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND manager=0 AND (id_manager=0 or id_manager={$id_agency})");*/
|
||
} else if($role['role'] == 'user_admin'){
|
||
//Делаем пользователя псевдо руководителем
|
||
mysql_query("UPDATE users SET users_admin = 1, department_id = {$depId}, role_id = {$roleId} WHERE id = {$userId}");
|
||
} else if($role['role'] == 'admin_department'){
|
||
mysql_query("UPDATE users SET department_id = {$depId}, manager = 1, id_manager = {$id_agency}, role_id = {$roleId} WHERE id = {$userId}");
|
||
//Переводим всех менеджеров и агентов отдела, привязанных к руководителю, к админу
|
||
mysql_query("UPDATE users SET id_manager = {$userId} WHERE department_id = {$depId} AND id_manager = {$id_agency} AND id != {$userId}");
|
||
|
||
} else if($role['role'] == 'manager_office'){
|
||
//Поиск админа отдела
|
||
$menager_id = $id_agency;
|
||
//echo $menager_id;
|
||
$sql_a = "SELECT id FROM roles WHERE department_id = {$depId} AND role = 'admin_department' LIMIT 1";
|
||
$q_a = mysql_query($sql_a);
|
||
if(mysql_num_rows($q_a) > 0){
|
||
$r_a = mysql_fetch_assoc($q_a);
|
||
$sql_u = "SELECT id FROM users WHERE role_id = $r_a[id] LIMIT 1";
|
||
//echo $sql_u;
|
||
$q_u = mysql_query($sql_u);
|
||
if(mysql_num_rows($q_u) > 0){
|
||
$r_u = mysql_fetch_assoc($q_u);
|
||
$menager_id = (int)$r_u['id'];
|
||
}
|
||
}
|
||
//Делаем пользователя офис менеджером отдела
|
||
$sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0, id_manager = {$menager_id} WHERE id = {$userId}";
|
||
|
||
mysql_query($sql_up);
|
||
} else if($role['role'] == 'manager_office_menager'){
|
||
//Делаем пользователя офис менеджером наблюдателем отдела
|
||
$sql_up = "UPDATE users SET department_id = {$depId}, role_id = {$roleId}, manager = 0 WHERE id = {$userId}";
|
||
|
||
mysql_query($sql_up);
|
||
}
|
||
}
|
||
|
||
public function getDepManagers($dep_id){
|
||
|
||
if (!$dep_id)
|
||
return [];
|
||
|
||
$res = array();
|
||
$sql = "SELECT * FROM users WHERE manager=1 AND department_id = {$dep_id}";
|
||
|
||
$q = mysql_query($sql);
|
||
while($r = mysql_fetch_assoc($q)){
|
||
$res[] = $r;
|
||
}
|
||
return $res;
|
||
}
|
||
|
||
public function settings_email() {
|
||
|
||
$this->get($_SESSION['id']);
|
||
|
||
$post=clearInputData($_POST);
|
||
|
||
|
||
|
||
$smtpSsl = $post['smtp_ssl'];
|
||
|
||
$type = $post['type'];
|
||
|
||
if ($type != 5) {
|
||
|
||
$smtpSsl = "1";
|
||
|
||
}
|
||
|
||
|
||
|
||
$sql = "UPDATE users SET smtp_from='$post[smtp_from]', smtp_fromname='$post[smtp_fromname]', smtp='$post[smtp]', smtp_ssl='$smtpSsl', smtp_port='$post[smtp_port]', smtp_lg='$post[smtp_lg]', smtp_pwd='$post[smtp_pwd]' WHERE id=$_SESSION[id]";
|
||
|
||
mysql_query($sql);
|
||
|
||
$f1=file("https://joywork.ru/template_mail/changemailsettings.html");
|
||
$text = implode("",$f1);
|
||
|
||
$try = checkMail($this->email, "Тестовое письмо", $text);
|
||
|
||
if($try===true) $s=1; else $s=2;
|
||
|
||
$sql = "UPDATE users SET smtp_check='$s' WHERE id=$_SESSION[id]";
|
||
|
||
mysql_query($sql);
|
||
|
||
if($s == 2) return "Ошибка отправки тестового письма на почту ".$this->email.". Проверьте настройки.<br><small>$try</small><br><b> Для успешной настройки почты обратитесь в службу поддержки по тел. +7 812 981 56 17</b>";
|
||
|
||
else header("location:settings.php?success3=$s");
|
||
|
||
}
|
||
|
||
public function add_agent($get) {
|
||
$msg_user = '';
|
||
if (!empty($get['email'])) {
|
||
if(!empty($get['phone'])) {
|
||
$sql = "SELECT * FROM users WHERE phone='$get[phone]'";
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
if (mysql_num_rows($rez) == 0) {
|
||
$sql="INSERT INTO users(fio, email, phone, agency_name, first_name, last_name, middle_name, agent, moder, date_reg, id_manager) VALUES('$get[fio]', '$get[email]', '$get[phone]', '$get[agency_name]', '$get[first_name]', '$get[last_name]', '$get[middle_name]', '1', '1', NOW(), '$_SESSION[id]')";
|
||
|
||
mysql_query($sql);
|
||
|
||
mailClient($get['email'],"Регистрация на сайте ".$_SERVER['SERVER_NAME'],"Вы зарегистрированы на сайте ".$_SERVER['SERVER_NAME'].". Для входа используйте номер телефона $get[phone] и пароль в смс.");
|
||
|
||
} else $msg_user="Агент с таким номером телефона уже существует!";
|
||
} else $msg_user="Не указан номер телефона!";
|
||
} else $msg_user="Не указан E-Mail!";
|
||
|
||
return $msg_user;
|
||
}
|
||
|
||
public function add_agent_with_password($post) {
|
||
$msg_user = '';
|
||
if (!empty($post['email'])) {
|
||
if (!empty($post['phone'])) {
|
||
|
||
$sql = "SELECT * FROM users WHERE phone='$post[phone]'";
|
||
$rez = mysql_query($sql);
|
||
|
||
if (mysql_num_rows($rez) == 0) {
|
||
|
||
$id_agency = $_SESSION['id'];
|
||
|
||
$curUser = new User;
|
||
$curUser->checkPermissions();
|
||
if ($_SESSION['users_admin']) {
|
||
$id_agency = $curUser->agencyId;
|
||
} else{
|
||
$departmentClass = new Department;
|
||
$departmentUser = $departmentClass->getDepartment($_SESSION['id']);
|
||
|
||
if($departmentUser['role'] == 'manager_office'){
|
||
if($departmentUser['admin'] > 0){
|
||
$id_agency = $departmentUser['admin'];
|
||
}
|
||
}
|
||
|
||
}
|
||
|
||
$pwd = generatePass();
|
||
$pwd_enc = md5($pwd . SALT);
|
||
|
||
if(isset($post['pass']) && ! empty(trim($post['pass']))){
|
||
$pwd = trim($post['pass']);
|
||
$pwd_enc = md5($pwd . SALT);
|
||
}
|
||
|
||
if (isset($post['is_dispatcher']) && $post['is_dispatcher'] == 1) {
|
||
$vpbx_id = $post['phone'];
|
||
$is_dis = 1;
|
||
} else {
|
||
$is_dis = 0;
|
||
if (!empty($post['vpbx_id'])) {
|
||
$vpbx_id = $post['vpbx_id'];
|
||
} else {
|
||
$vpbx_id = "";
|
||
}
|
||
}
|
||
|
||
$role_developer = (int)($post['role_developer'] ? $post['role_developer'] : 0);
|
||
|
||
$agency_name = "";
|
||
if (!empty($post['agency_name']))
|
||
$agency_name = $post['agency_name'];
|
||
|
||
$last_name = "";
|
||
if (!empty($post['last_name']))
|
||
$last_name = $post['last_name'];
|
||
|
||
$first_name = "";
|
||
if (!empty($post['first_name']))
|
||
$first_name = $post['first_name'];
|
||
|
||
$middle_name = "";
|
||
if (!empty($post['middle_name']))
|
||
$middle_name = $post['middle_name'];
|
||
|
||
$birthday = "";
|
||
if (!empty($post['birthday']))
|
||
$birthday = date("Y-m-d H:i:s", strtotime($post['birthday']));
|
||
|
||
// Определяем agency_id
|
||
$company_id = self::getUserAgencyID($_SESSION['id']);
|
||
|
||
$sql_company_id = is_numeric($company_id) && $company_id > 0
|
||
? (int)$company_id
|
||
: 'NULL';
|
||
|
||
$sql = "INSERT INTO users(
|
||
fio,
|
||
company_id,
|
||
email,
|
||
phone,
|
||
phone2,
|
||
agency_name,
|
||
last_name,
|
||
first_name,
|
||
middle_name,
|
||
txt,
|
||
agent,
|
||
moder,
|
||
admin,
|
||
superadmin,
|
||
blocked,
|
||
date_reg,
|
||
id_manager,
|
||
is_pwd,
|
||
pwd,
|
||
region_rf_id,
|
||
is_dispatcher,
|
||
birthday,
|
||
vpbx_id,
|
||
role_developer
|
||
) VALUES(
|
||
'$post[fio]',
|
||
$sql_company_id,
|
||
'$post[email]',
|
||
'$post[phone]',
|
||
'$post[phone2]',
|
||
'$agency_name',
|
||
'$last_name',
|
||
'$first_name',
|
||
'$middle_name',
|
||
'',
|
||
'1',
|
||
'1',
|
||
'0',
|
||
'0',
|
||
'0',
|
||
NOW(),
|
||
'$id_agency',
|
||
1,
|
||
'$pwd_enc',
|
||
$curUser->region,
|
||
$is_dis,
|
||
'$birthday',
|
||
'$vpbx_id',
|
||
$role_developer
|
||
)";
|
||
|
||
if (mysql_query($sql)) {
|
||
|
||
$user_id = mysql_insert_id();
|
||
|
||
// Устанавливаем menu_can_transfer_to_common по умолчанию для Домрил
|
||
$default_can_transfer_to_common = 1;
|
||
if ($company_id == 19895) {
|
||
$default_can_transfer_to_common = 0;
|
||
}
|
||
|
||
$default_cannot_create_req_manually = 0;
|
||
if ($company_id == 19895) {
|
||
$default_cannot_create_req_manually = 1;
|
||
}
|
||
|
||
// Базовые права по умолчанию
|
||
$permissions = [
|
||
$user_id,
|
||
1, 1, 1, // menu_office, menu_search, menu_objects
|
||
0, 0, // menu_all_objects, menu_all_objects_edit
|
||
0, // menu_ads
|
||
1, 0, 0, 0, // menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export
|
||
1, 0, 0, 0, // menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export
|
||
0, 1, 1, // menu_partners, menu_docs, menu_settings
|
||
0, // menu_complexes (по умолчанию отключено)
|
||
$default_can_transfer_to_common, 0, // menu_can_transfer_to_common, menu_can_take_from_closed
|
||
0, // menu_can_transfer_closed_to_others
|
||
$default_cannot_create_req_manually
|
||
];
|
||
|
||
$values_str = implode(',', $permissions);
|
||
$insert_sql = "INSERT INTO user_permissions
|
||
(user_id, menu_office, menu_search, menu_objects, menu_all_objects, menu_all_objects_edit,
|
||
menu_ads, menu_clients, menu_all_clients, menu_all_clients_edit, menu_all_clients_export,
|
||
menu_submissions, menu_all_submissions, menu_all_submissions_edit, menu_all_submissions_export,
|
||
menu_partners, menu_docs, menu_settings, menu_complexes, menu_can_transfer_to_common, menu_can_take_from_closed, menu_can_transfer_closed_to_others, cannot_create_req_manually)
|
||
VALUES ($values_str)";
|
||
|
||
mysql_query($insert_sql);
|
||
|
||
$passport_date = "NULL";
|
||
if (!empty($post['passport_date']))
|
||
$passport_date = date("Y-m-d H:i:s", strtotime($post['passport_date']));
|
||
|
||
$wa_enabled = (int)$post['wa_enabled'];
|
||
$sql2 = "INSERT INTO `users_info` (
|
||
user_id,
|
||
passport_serial,
|
||
passport_number,
|
||
passport_date,
|
||
passport_emited,
|
||
passport_adress,
|
||
adress_postal,
|
||
soc_vk,
|
||
soc_tg,
|
||
soc_fb,
|
||
soc_inst,
|
||
soc_tw,
|
||
soc_wa,
|
||
wa_enabled
|
||
) VALUES (
|
||
'$user_id',
|
||
'$post[passport_serial]',
|
||
'$post[passport_number]',
|
||
'$passport_date',
|
||
'$post[passport_emited]',
|
||
'$post[passport_adress]',
|
||
'$post[adress_postal]',
|
||
'$post[soc_vk]',
|
||
'$post[soc_tg]',
|
||
'$post[soc_fb]',
|
||
'$post[soc_inst]',
|
||
'$post[soc_tw]',
|
||
'$post[soc_wa]',
|
||
'$wa_enabled'
|
||
)";
|
||
|
||
mysql_query($sql2);
|
||
|
||
if (!($_FILES['avatar']['size'] == 0 && $_FILES['avatar']['error'] == 0)) {
|
||
$curUser->setUserpic($user_id);
|
||
}
|
||
|
||
if (!($_FILES['files']['size'] == 0 && $_FILES['files']['error'] == 0)) {
|
||
$curUser->uploadFiles($user_id);
|
||
}
|
||
|
||
$f1 = file("https://joywork.ru/template_mail/setpassword.html");
|
||
$text = implode("", $f1);
|
||
$text = str_replace("<%login%>", $post['phone'], $text);
|
||
$text = str_replace("<%pass%>", $pwd, $text);
|
||
|
||
// mailClientFromJoywork($post['email'], "Регистрация на сайте " . $_SERVER['SERVER_NAME'], $text);
|
||
|
||
if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) {
|
||
|
||
$advert_budget_total = 0;
|
||
if (isset($post['advert_budget_total']))
|
||
$advert_budget_total = (double)$post['advert_budget_total'];
|
||
|
||
$advert_budget_personal = 0;
|
||
if (isset($post['advert_budget_personal']))
|
||
$advert_budget_personal = $post['advert_budget_personal'];
|
||
|
||
$advert_budget_avito = 0;
|
||
if (isset($post['advert_budget_avito']))
|
||
$advert_budget_avito = (double)$post['advert_budget_avito'];
|
||
|
||
$advert_budget_cian = 0;
|
||
if (isset($post['advert_budget_cian']))
|
||
$advert_budget_cian = (double)$post['advert_budget_cian'];
|
||
|
||
$advert_budget_domclick = 0;
|
||
if (isset($post['advert_budget_domclick']))
|
||
$advert_budget_domclick = (double)$post['advert_budget_domclick'];
|
||
|
||
$advert_budget_jcat = 0;
|
||
if (isset($post['advert_budget_jcat']))
|
||
$advert_budget_jcat = (double)$post['advert_budget_jcat'];
|
||
|
||
$advert_budget_yandex = 0;
|
||
if (isset($post['advert_budget_yandex']))
|
||
$advert_budget_yandex = (double)$post['advert_budget_yandex'];
|
||
|
||
$advert_budget_avito_unlimited = 0;
|
||
if (isset($post['advert_budget_avito_unlimited']))
|
||
$advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited'];
|
||
|
||
$advert_budget_cian_unlimited = 0;
|
||
if (isset($post['advert_budget_cian_unlimited']))
|
||
$advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited'];
|
||
|
||
$advert_budget_domclick_unlimited = 0;
|
||
if (isset($post['advert_budget_domclick_unlimited']))
|
||
$advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited'];
|
||
|
||
$advert_budget_jcat_unlimited = 0;
|
||
if (isset($post['advert_budget_jcat_unlimited']))
|
||
$advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited'];
|
||
|
||
$advert_budget_yandex_unlimited = 0;
|
||
if (isset($post['advert_budget_yandex_unlimited']))
|
||
$advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited'];
|
||
|
||
$advert_budgets = new AdvertBudgets();
|
||
$advert_budgets->setAdvertBudget([
|
||
'user_id' => $user_id,
|
||
'total' => $advert_budget_total,
|
||
'personal' => $advert_budget_personal,
|
||
'avito' => $advert_budget_avito,
|
||
'avito_unlimited' => $advert_budget_avito_unlimited,
|
||
'cian' => $advert_budget_cian,
|
||
'cian_unlimited' => $advert_budget_cian_unlimited,
|
||
'domclick' => $advert_budget_domclick,
|
||
'domclick_unlimited' => $advert_budget_domclick_unlimited,
|
||
'jcat' => $advert_budget_jcat,
|
||
'jcat_unlimited' => $advert_budget_jcat_unlimited,
|
||
'yandex' => $advert_budget_yandex,
|
||
'yandex_unlimited' => $advert_budget_yandex_unlimited,
|
||
]);
|
||
}
|
||
|
||
$dataWhook = array('action'=>'employee_create', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$sql_company_id);
|
||
$w_in = new WebHookIn(null, $sql_company_id);
|
||
$w_in->check_send($dataWhook);
|
||
} else $msg_user = mysql_error() . "Произошла ошибка при добавлении пользователя!";
|
||
} else $msg_user = "Агент с таким номером телефона уже существует!";
|
||
} else $msg_user = "Не указан номер телефона!";
|
||
} else $msg_user = "Не указан E-Mail!";
|
||
|
||
return $msg_user;
|
||
}
|
||
|
||
public function edit_agent_password($post)
|
||
{
|
||
if(isset($post['new_password']) && !empty(trim($post['new_password']))){
|
||
$pwd = trim($post['new_password']);
|
||
$pwd_enc = md5($pwd . SALT);
|
||
|
||
$user_id = $post['user_id'];
|
||
|
||
$sql = "UPDATE users SET pwd = '{$pwd_enc}', is_pwd=1 WHERE id = $user_id";
|
||
|
||
mysql_query($sql);
|
||
|
||
return ["success" => true];
|
||
}
|
||
}
|
||
|
||
public function edit_agent_budget($post) {
|
||
$user_id = (int)$post['ok_agent_id'];
|
||
|
||
$msg_user = '';
|
||
|
||
if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) {
|
||
|
||
$advert_budget_total = 0;
|
||
if (isset($post['advert_budget_total']))
|
||
$advert_budget_total = (double)$post['advert_budget_total'];
|
||
|
||
$advert_budget_personal = 0;
|
||
if (isset($post['advert_budget_personal']))
|
||
$advert_budget_personal = $post['advert_budget_personal'];
|
||
|
||
$advert_budget_avito = 0;
|
||
if (isset($post['advert_budget_avito']))
|
||
$advert_budget_avito = (double)$post['advert_budget_avito'];
|
||
|
||
$advert_budget_cian = 0;
|
||
if (isset($post['advert_budget_cian']))
|
||
$advert_budget_cian = (double)$post['advert_budget_cian'];
|
||
|
||
$advert_budget_domclick = 0;
|
||
if (isset($post['advert_budget_domclick']))
|
||
$advert_budget_domclick = (double)$post['advert_budget_domclick'];
|
||
|
||
$advert_budget_jcat = 0;
|
||
if (isset($post['advert_budget_jcat']))
|
||
$advert_budget_jcat = (double)$post['advert_budget_jcat'];
|
||
|
||
$advert_budget_yandex = 0;
|
||
if (isset($post['advert_budget_yandex']))
|
||
$advert_budget_yandex = (double)$post['advert_budget_yandex'];
|
||
|
||
$advert_budget_avito_unlimited = 0;
|
||
if (isset($post['advert_budget_avito_unlimited']))
|
||
$advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited'];
|
||
|
||
$advert_budget_cian_unlimited = 0;
|
||
if (isset($post['advert_budget_cian_unlimited']))
|
||
$advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited'];
|
||
|
||
$advert_budget_domclick_unlimited = 0;
|
||
if (isset($post['advert_budget_domclick_unlimited']))
|
||
$advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited'];
|
||
|
||
$advert_budget_jcat_unlimited = 0;
|
||
if (isset($post['advert_budget_jcat_unlimited']))
|
||
$advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited'];
|
||
|
||
$advert_budget_yandex_unlimited = 0;
|
||
if (isset($post['advert_budget_yandex_unlimited']))
|
||
$advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited'];
|
||
|
||
$advert_do_not_reinit_monthly = 0;
|
||
if (isset($post['do_not_reinit_monthly']))
|
||
$advert_do_not_reinit_monthly = (int)$post['do_not_reinit_monthly'];
|
||
|
||
$advert_budgets_inst = new AdvertBudgets();
|
||
$advert_budget = $advert_budgets_inst->setAdvertBudget([
|
||
'user_id' => $user_id,
|
||
'total' => $advert_budget_total,
|
||
'personal' => $advert_budget_personal,
|
||
'avito' => $advert_budget_avito,
|
||
'avito_unlimited' => $advert_budget_avito_unlimited,
|
||
'cian' => $advert_budget_cian,
|
||
'cian_unlimited' => $advert_budget_cian_unlimited,
|
||
'domclick' => $advert_budget_domclick,
|
||
'domclick_unlimited' => $advert_budget_domclick_unlimited,
|
||
'jcat' => $advert_budget_jcat,
|
||
'jcat_unlimited' => $advert_budget_jcat_unlimited,
|
||
'yandex' => $advert_budget_yandex,
|
||
'yandex_unlimited' => $advert_budget_yandex_unlimited,
|
||
'do_not_reinit_monthly' => $advert_do_not_reinit_monthly,
|
||
]);
|
||
|
||
$data = [
|
||
'id' => $user_id
|
||
];
|
||
|
||
if (!is_null($advert_budget)) {
|
||
if ($advert_budget['success'] == true) {
|
||
$data['advert_budget'] = [
|
||
'total' => $advert_budget['total'],
|
||
'amount' => $advert_budget['amount'],
|
||
'balance' => $advert_budget['balance'],
|
||
];
|
||
} else {
|
||
$msg_user = implode('<br/>', $advert_budget['errors']);
|
||
}
|
||
}
|
||
|
||
if (empty($msg_user)) {
|
||
return $data;
|
||
}
|
||
}
|
||
|
||
return ['error' => $msg_user];
|
||
}
|
||
|
||
public function edit_agent($post) {
|
||
$msg_user = '';
|
||
if (!empty($post['email'])) {
|
||
if (!empty($post['phone'])) {
|
||
if (!empty($post['last_name'])) {
|
||
if (!empty($post['first_name'])) {
|
||
$sql = "SELECT * FROM users WHERE phone='$post[phone]' AND id != $post[ok_agent_id]";
|
||
$rez = mysql_query($sql);
|
||
|
||
if (mysql_num_rows($rez) == 0) {
|
||
|
||
if (isset($post['is_dispatcher']) && $post['is_dispatcher'] == 1) {
|
||
$vpbx_id = $post['phone'];
|
||
$is_dis = 1;
|
||
} else {
|
||
$is_dis = 0;
|
||
if (!empty($post['vpbx_id'])) {
|
||
$vpbx_id = $post['vpbx_id'];
|
||
} else {
|
||
$vpbx_id = "";
|
||
}
|
||
}
|
||
|
||
if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){
|
||
$pwd = trim($post['pass-edit']);
|
||
$pwd_enc = md5($pwd . SALT);
|
||
}
|
||
|
||
$advert_budget = null;
|
||
$user_id = (int)$post['ok_agent_id'];
|
||
$birthday = "";
|
||
if (!empty($post['birthday']))
|
||
$birthday = date("Y-m-d H:i:s", strtotime($post['birthday']));
|
||
$gmtmsk = 0;
|
||
if(isset($post['utc-edit'])){
|
||
$gmtmsk = $post['utc-edit'] - 3;
|
||
}
|
||
|
||
$agency_id = self::getUserAgencyID($_SESSION['id']);
|
||
$webHookIn = new WebHookIn(null, $agency_id);
|
||
|
||
$is_send_webhook = $webHookIn->check_hook('employee_update', 'employee');
|
||
if($is_send_webhook){
|
||
$webHookIn->save_temp_employee($user_id);
|
||
}
|
||
|
||
$sql = "UPDATE users
|
||
SET email='$post[email]',
|
||
phone='$post[phone]',
|
||
agency_name='$post[agency_name]',
|
||
last_name='$post[last_name]',
|
||
first_name='$post[first_name]',
|
||
middle_name='$post[middle_name]',
|
||
phone2='$post[phone2_user]',
|
||
users_admin='$post[is_two_admin]',
|
||
is_dispatcher=$is_dis,
|
||
vpbx_id='$vpbx_id',
|
||
birthday='$birthday',
|
||
gmtmsk = '$gmtmsk'";
|
||
|
||
if (isset($pwd_enc)) {
|
||
$sql .= ", pwd = '{$pwd_enc}', is_pwd=1";
|
||
}
|
||
$sql .= " WHERE id = $user_id";
|
||
|
||
if (mysql_query($sql)) {
|
||
if($is_send_webhook){
|
||
$dataWhook = array('action'=>'employee_update', 'employee_id'=>$user_id, 'section'=>'employee', 'user_id'=>$_SESSION['id'], 'agency_id'=>$agency_id);
|
||
$webHookIn->check_send($dataWhook);
|
||
}
|
||
|
||
$this->edit_api_ids($post, $user_id);
|
||
|
||
$sqlNewObjUser = "SELECT * FROM users WHERE id=$user_id";
|
||
$rezNewObjUser = mysql_query($sqlNewObjUser);
|
||
$newObjUser = mysql_fetch_assoc($rezNewObjUser);
|
||
|
||
$phone = $post['phone'];
|
||
|
||
$num_search = User::num_search($post['phone']);
|
||
$sobstv = trim($post['last_name'] . ' ' . $post['first_name'] . ' ' . $post['middle_name']);
|
||
|
||
if ($newObjUser['agency'] == 0) {
|
||
$sql="SELECT * FROM users WHERE id=$newObjUser[id_manager]";
|
||
$rez=mysql_query($sql);
|
||
$manager = mysql_fetch_assoc($rez);
|
||
|
||
if($manager['id_manager']) {
|
||
$agency = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$manager[id_manager]"));
|
||
} else {
|
||
$agency = $manager;
|
||
}
|
||
if ($agency) {
|
||
$sobstv = $sobstv . ", агентство " . $agency['agency_name'];
|
||
}
|
||
}
|
||
|
||
//обновляем объекты пользователя
|
||
$sql = "UPDATE objects SET is_main = 0, phone = '$phone', phone_search = '$num_search', sobstv = '$sobstv' WHERE id_add_user=$user_id";
|
||
mysql_query($sql);
|
||
|
||
$this->agency_name = $post['agency_name'];
|
||
$this->last_name = $post['last_name'];
|
||
$this->first_name = $post['first_name'];
|
||
$this->middle_name = $post['middle_name'];
|
||
$this->phone = $post['phone'];
|
||
$this->email = $post['email'];
|
||
$this->birthday = $birthday;
|
||
|
||
$passport_date = "NULL";
|
||
if (!empty($post['passport_date']))
|
||
$passport_date = date("Y-m-d H:i:s", strtotime($post['passport_date']));
|
||
|
||
$wa_enabled = (int)$post['wa_enabled'];
|
||
|
||
$sql1 = "SELECT count(id) FROM `users_info` WHERE user_id = $user_id";
|
||
$rez = mysql_query($sql1);
|
||
if (mysql_result($rez,0)) {
|
||
$sql2 = "UPDATE `users_info`
|
||
SET passport_serial='$post[passport_serial]',
|
||
passport_number='$post[passport_number]',
|
||
passport_date='$passport_date',
|
||
passport_emited='$post[passport_emited]',
|
||
passport_adress='$post[passport_adress]',
|
||
adress_postal='$post[adress_postal]',
|
||
soc_vk='$post[soc_vk]',
|
||
soc_tg='$post[soc_tg]',
|
||
soc_fb='$post[soc_fb]',
|
||
soc_inst='$post[soc_inst]',
|
||
soc_tw='$post[soc_tw]',
|
||
soc_wa='$post[soc_wa]',
|
||
wa_enabled='$wa_enabled'
|
||
WHERE user_id = $user_id";
|
||
} else {
|
||
$sql2 = "INSERT INTO `users_info` (
|
||
user_id,
|
||
passport_serial,
|
||
passport_number,
|
||
passport_date,
|
||
passport_emited,
|
||
passport_adress,
|
||
adress_postal,
|
||
soc_vk,
|
||
soc_tg,
|
||
soc_fb,
|
||
soc_inst,
|
||
soc_tw,
|
||
soc_wa,
|
||
wa_enabled
|
||
) VALUES (
|
||
'$user_id',
|
||
'$post[passport_serial]',
|
||
'$post[passport_number]',
|
||
'$passport_date',
|
||
'$post[passport_emited]',
|
||
'$post[passport_adress]',
|
||
'$post[adress_postal]',
|
||
'$post[soc_vk]',
|
||
'$post[soc_tg]',
|
||
'$post[soc_fb]',
|
||
'$post[soc_inst]',
|
||
'$post[soc_tw]',
|
||
'$post[soc_wa]',
|
||
'$wa_enabled'
|
||
)";
|
||
}
|
||
|
||
mysql_query($sql2);
|
||
|
||
if (!($_FILES['avatar']['size'] == 0 && $_FILES['avatar']['error'] == 0)) {
|
||
if ($user_logo = $this->setUserpic($user_id))
|
||
if ($user_logo) {
|
||
$this->user_logo = $this->_serverUserpicPath . '/' . $user_logo;
|
||
}
|
||
} else {
|
||
$user_logo = mysql_fetch_assoc(mysql_query("SELECT user_logo FROM users WHERE id=$user_id"))['user_logo'];
|
||
if ($user_logo) {
|
||
$this->user_logo = $this->_serverUserpicPath . '/' . $user_logo;
|
||
}
|
||
}
|
||
|
||
if (!($_FILES['files']['size'] == 0 && $_FILES['files']['error'] == 0)) {
|
||
if ($files = $this->uploadFiles($user_id)) {
|
||
$this->files = $files;
|
||
}
|
||
}
|
||
|
||
if(isset($post['pass-edit']) && !empty(trim($post['pass-edit']))){
|
||
$pwd = trim($post['pass-edit']);
|
||
$pwd_enc = md5($pwd . SALT);
|
||
}
|
||
|
||
//отключаем, так как по отдельной кнопке обновляем
|
||
/*if (isset($post['advert_budget_total']) || isset($post['advert_budget_personal'])) {
|
||
|
||
$advert_budget_total = 0;
|
||
if (isset($post['advert_budget_total']))
|
||
$advert_budget_total = (double)$post['advert_budget_total'];
|
||
|
||
$advert_budget_personal = 0;
|
||
if (isset($post['advert_budget_personal']))
|
||
$advert_budget_personal = $post['advert_budget_personal'];
|
||
|
||
$advert_budget_avito = 0;
|
||
if (isset($post['advert_budget_avito']))
|
||
$advert_budget_avito = (double)$post['advert_budget_avito'];
|
||
|
||
$advert_budget_cian = 0;
|
||
if (isset($post['advert_budget_cian']))
|
||
$advert_budget_cian = (double)$post['advert_budget_cian'];
|
||
|
||
$advert_budget_domclick = 0;
|
||
if (isset($post['advert_budget_domclick']))
|
||
$advert_budget_domclick = (double)$post['advert_budget_domclick'];
|
||
|
||
$advert_budget_jcat = 0;
|
||
if (isset($post['advert_budget_jcat']))
|
||
$advert_budget_jcat = (double)$post['advert_budget_jcat'];
|
||
|
||
$advert_budget_yandex = 0;
|
||
if (isset($post['advert_budget_yandex']))
|
||
$advert_budget_yandex = (double)$post['advert_budget_yandex'];
|
||
|
||
$advert_budget_avito_unlimited = 0;
|
||
if (isset($post['advert_budget_avito_unlimited']))
|
||
$advert_budget_avito_unlimited = (int)$post['advert_budget_avito_unlimited'];
|
||
|
||
$advert_budget_cian_unlimited = 0;
|
||
if (isset($post['advert_budget_cian_unlimited']))
|
||
$advert_budget_cian_unlimited = (int)$post['advert_budget_cian_unlimited'];
|
||
|
||
$advert_budget_domclick_unlimited = 0;
|
||
if (isset($post['advert_budget_domclick_unlimited']))
|
||
$advert_budget_domclick_unlimited = (int)$post['advert_budget_domclick_unlimited'];
|
||
|
||
$advert_budget_jcat_unlimited = 0;
|
||
if (isset($post['advert_budget_jcat_unlimited']))
|
||
$advert_budget_jcat_unlimited = (int)$post['advert_budget_jcat_unlimited'];
|
||
|
||
$advert_budget_yandex_unlimited = 0;
|
||
if (isset($post['advert_budget_yandex_unlimited']))
|
||
$advert_budget_yandex_unlimited = (int)$post['advert_budget_yandex_unlimited'];
|
||
|
||
$advert_do_not_reinit_monthly = 0;
|
||
if (isset($post['do_not_reinit_monthly']))
|
||
$advert_do_not_reinit_monthly = (int)$post['do_not_reinit_monthly'];
|
||
|
||
$advert_budgets_inst = new AdvertBudgets();
|
||
$advert_budget = $advert_budgets_inst->setAdvertBudget([
|
||
'user_id' => $user_id,
|
||
'total' => $advert_budget_total,
|
||
'personal' => $advert_budget_personal,
|
||
'avito' => $advert_budget_avito,
|
||
'avito_unlimited' => $advert_budget_avito_unlimited,
|
||
'cian' => $advert_budget_cian,
|
||
'cian_unlimited' => $advert_budget_cian_unlimited,
|
||
'domclick' => $advert_budget_domclick,
|
||
'domclick_unlimited' => $advert_budget_domclick_unlimited,
|
||
'jcat' => $advert_budget_jcat,
|
||
'jcat_unlimited' => $advert_budget_jcat_unlimited,
|
||
'yandex' => $advert_budget_yandex,
|
||
'yandex_unlimited' => $advert_budget_yandex_unlimited,
|
||
'do_not_reinit_monthly' => $advert_do_not_reinit_monthly,
|
||
]);
|
||
}*/
|
||
|
||
if (!isset($post["on_any_ip"])) {
|
||
$post["on_any_ip"] = 0;
|
||
}
|
||
|
||
if (!isset($post["on_hide_client_contacts"])) {
|
||
$post["on_hide_client_contacts"] = 0;
|
||
}
|
||
|
||
//Update permissions
|
||
$sql_check_perm = "SELECT count(id) FROM `user_permissions` WHERE user_id = $user_id";
|
||
$rez_check_perm = mysql_query($sql_check_perm);
|
||
if (mysql_result($rez_check_perm,0)) {
|
||
$sql_update_permissions = "UPDATE user_permissions SET menu_office = '$post[on_office]',
|
||
menu_complexes = '$post[on_complexes]',
|
||
menu_search = '$post[on_search]',
|
||
menu_objects = '$post[on_objects]',
|
||
menu_all_objects = '$post[on_objects_all]',
|
||
menu_all_objects_edit = '$post[on_objects_all_edit]',
|
||
menu_ads = '$post[on_ads]',
|
||
menu_clients = '$post[on_clients]',
|
||
menu_all_clients = '$post[on_clients_all]',
|
||
menu_all_clients_edit = '$post[on_clients_all_edit]',
|
||
menu_all_clients_export = '$post[on_clients_all_export]',
|
||
menu_submissions = '$post[on_submissions]',
|
||
menu_all_submissions = '$post[on_submissions_all]',
|
||
menu_all_submissions_edit = '$post[on_submissions_all_edit]',
|
||
menu_all_submissions_export = '$post[on_submissions_all_export]',
|
||
menu_docs = '$post[on_docs]',
|
||
menu_settings = '$post[on_settings]',
|
||
menu_can_transfer_to_common = '$post[on_can_transfer_to_common]',
|
||
menu_can_take_from_closed = '$post[on_can_take_from_closed]',
|
||
daily_closed_req_limit = '$post[on_daily_closed_req_limit]',
|
||
menu_can_transfer_closed_to_others = '$post[on_can_transfer_closed_to_others]',
|
||
daily_closed_transfer_limit = '$post[on_daily_closed_transfer_limit]',
|
||
cannot_create_req_manually = '$post[on_cannot_create_req_manually]',
|
||
search_company_objects_only = '$post[on_search_company_objects_only]',
|
||
allow_any_ip = '$post[on_any_ip]',
|
||
hide_client_contacts = '$post[on_hide_client_contacts]'
|
||
WHERE user_id=$user_id";
|
||
} else {
|
||
$sql_update_permissions = "INSERT INTO `user_permissions` (
|
||
user_id,
|
||
menu_office,
|
||
menu_complexes,
|
||
menu_search,
|
||
menu_objects,
|
||
menu_all_objects,
|
||
menu_all_objects_edit,
|
||
menu_ads,
|
||
menu_clients,
|
||
menu_all_clients,
|
||
menu_all_clients_edit,
|
||
menu_all_clients_export,
|
||
menu_submissions,
|
||
menu_all_submissions,
|
||
menu_all_submissions_edit,
|
||
menu_all_submissions_export,
|
||
menu_docs,
|
||
menu_settings,
|
||
menu_can_transfer_to_common,
|
||
menu_can_take_from_closed,
|
||
daily_closed_req_limit,
|
||
menu_can_transfer_closed_to_others,
|
||
daily_closed_transfer_limit,
|
||
cannot_create_req_manually,
|
||
search_company_objects_only,
|
||
allow_any_ip,
|
||
hide_client_contacts
|
||
) VALUES (
|
||
'$user_id',
|
||
'$post[on_office]',
|
||
'$post[on_complexes]',
|
||
'$post[on_search]',
|
||
'$post[on_objects]',
|
||
'$post[on_objects_all]',
|
||
'$post[on_objects_all_edit]',
|
||
'$post[on_ads]',
|
||
'$post[on_clients]',
|
||
'$post[on_clients_all]',
|
||
'$post[on_clients_all_edit]',
|
||
'$post[on_clients_all_export]',
|
||
'$post[on_submissions]',
|
||
'$post[on_submissions_all]',
|
||
'$post[on_submissions_all_edit]',
|
||
'$post[on_submissions_all_export]',
|
||
'$post[on_docs]',
|
||
'$post[on_settings]',
|
||
'$post[on_can_transfer_to_common]',
|
||
'$post[on_menu_can_take_from_closed]',
|
||
'$post[on_daily_closed_req_limit]',
|
||
'$post[on_menu_can_transfer_closed_to_others]',
|
||
'$post[on_daily_closed_transfer_limit]',
|
||
'$post[on_cannot_create_req_manually]',
|
||
'$post[on_search_company_objects_only]',
|
||
'$post[on_any_ip]',
|
||
'$post[on_hide_client_contacts]'
|
||
)";
|
||
}
|
||
// echo($sql_update_permissions);die;
|
||
mysql_query($sql_update_permissions);
|
||
|
||
$data = [
|
||
'id' => $user_id,
|
||
'agency_name' => $this->agency_name,
|
||
'last_name' => $this->last_name,
|
||
'first_name' => $this->first_name,
|
||
'middle_name' => $this->middle_name,
|
||
'phone' => $this->phone,
|
||
'email' => $this->email,
|
||
'user_logo' => $this->user_logo,
|
||
'passport_date' => $passport_date,
|
||
];
|
||
|
||
if (!is_null($advert_budget)) {
|
||
if ($advert_budget['success'] == true) {
|
||
$data['advert_budget'] = [
|
||
'total' => $advert_budget['total'],
|
||
'amount' => $advert_budget['amount'],
|
||
'balance' => $advert_budget['balance'],
|
||
];
|
||
} else {
|
||
$msg_user = implode('<br/>', $advert_budget['errors']);
|
||
}
|
||
}
|
||
|
||
if (empty($msg_user)) {
|
||
return $data;
|
||
}
|
||
} else $msg_user = "Произошла ошибка при сохранении пользователя.!";
|
||
|
||
} else $msg_user = "Агент с таким номером телефона уже существует!";
|
||
} else $msg_user = "Не указано Имя пользователя!";
|
||
} else $msg_user = "Не указана Фамилия пользователя!";
|
||
} else $msg_user = "Не указан номер телефона!";
|
||
} else $msg_user = "Не указан E-Mail!";
|
||
|
||
return ['error' => $msg_user];
|
||
}
|
||
|
||
public static function getAllAgencyUsers($agencyId = false) {
|
||
|
||
$agentIds = [];
|
||
if (isset($_SESSION['id']))
|
||
$agentIds[] = $_SESSION['id'];
|
||
|
||
if ($agencyId) {
|
||
$agentIds[] = $agencyId;
|
||
|
||
$agentsOfAgency = self::getAllAgents($agencyId);
|
||
foreach ($agentsOfAgency as $agent) {
|
||
if (!in_array($agent['id'], $agentIds)) {
|
||
$agentIds[] = $agent['id'];
|
||
}
|
||
}
|
||
|
||
$agentsOfManager = self::getAllManagers($agencyId);
|
||
foreach ($agentsOfManager as $agent) {
|
||
if (!in_array($agent['id'], $agentIds)) {
|
||
$agentIds[] = $agent['id'];
|
||
}
|
||
}
|
||
}
|
||
|
||
return array_unique($agentIds);
|
||
}
|
||
|
||
public static function getAgencyIdForUser($userId) {
|
||
return self::getUserAgencyID($userId);
|
||
}
|
||
|
||
public static function getUserAgencyID($user_id = null) {
|
||
|
||
if (is_null($user_id) && isset($_SESSION['id']))
|
||
$user_id = $_SESSION['id'];
|
||
|
||
if (!$user_id)
|
||
return false;
|
||
|
||
$agency_id = false;
|
||
$sql = "SELECT * FROM `users` WHERE `id` = '$user_id'";
|
||
$res = mysql_query($sql);
|
||
$user = mysql_fetch_assoc($res);
|
||
|
||
if ($user['agency']) {
|
||
$agency_id = intval($user['id']);
|
||
} else if ($user['id_manager']) {
|
||
$id_manager = $user['id_manager'];
|
||
$agency = mysql_fetch_assoc(mysql_query("SELECT id, id_manager, agency FROM `users` WHERE `id`='$id_manager'"));
|
||
if ($agency['agency']) {
|
||
$agency_id = intval($agency['id']);
|
||
} else {
|
||
if ($agency['id_manager']) {
|
||
$agency2 = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id=$agency[id_manager]"));
|
||
if($agency2['id_manager'])
|
||
$agency_id = intval($agency2['id_manager']);
|
||
else
|
||
$agency_id = intval($agency['id_manager']);
|
||
|
||
}
|
||
else if ($user['id_manager'])
|
||
$agency_id = intval($user['id_manager']);
|
||
else
|
||
$agency_id = intval($user['id']);
|
||
}
|
||
} else if (isset($_SESSION['id'])) {
|
||
$agency_id = intval($_SESSION['id']);
|
||
}
|
||
|
||
return $agency_id;
|
||
}
|
||
|
||
public static function getAllAgency($agent = false, $block = false, $active = false, $from = 0, $to = 1000){
|
||
|
||
if($agent) {
|
||
if ($block) {
|
||
$usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1";
|
||
} else {
|
||
$usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0";
|
||
}
|
||
} else {
|
||
if ($block) {
|
||
$usl = "agency=1 AND blocked = 1";
|
||
} else {
|
||
$usl = "agency=1 AND blocked = 0";
|
||
}
|
||
}
|
||
|
||
if ($active) {
|
||
$usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)";
|
||
}
|
||
|
||
$sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to";
|
||
|
||
if (isset($_GET['dev'])) {
|
||
echo $sql;
|
||
}
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
$agency = array();
|
||
|
||
while($ag = mysql_fetch_assoc($rez))
|
||
|
||
{
|
||
|
||
if($ag['id_tarif']) {
|
||
$ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0);
|
||
}
|
||
|
||
else $ag['tarif'] = "";
|
||
|
||
$agency[] = $ag;
|
||
|
||
}
|
||
|
||
return $agency;
|
||
|
||
}
|
||
|
||
|
||
public static function getAllDeveloper($block = false, $active = false, $from = 0, $to = 1000){
|
||
$usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0";
|
||
if ($block) {
|
||
$usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 1";
|
||
} else {
|
||
$usl = "role_developer = 1 AND agency = 0 AND agent = 0 AND id_manager = 0 AND blocked = 0";
|
||
}
|
||
|
||
if ($active) {
|
||
$usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)";
|
||
}
|
||
|
||
$sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to";
|
||
|
||
if (isset($_GET['dev']))
|
||
{
|
||
echo $sql;
|
||
}
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
$developers = array();
|
||
|
||
while($dev = mysql_fetch_assoc($rez))
|
||
{
|
||
if($id_tarif = $dev['id_tarif'])
|
||
{
|
||
$dev['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id = $id_tarif"),0);
|
||
}
|
||
|
||
else $dev['tarif'] = "";
|
||
$developers[] = $dev;
|
||
}
|
||
|
||
return $developers;
|
||
}
|
||
|
||
public static function countAllAgency($agent = false, $block = false, $active = false){
|
||
|
||
if($agent) {
|
||
if ($block) {
|
||
$usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 1";
|
||
} else {
|
||
$usl = "agent=1 AND agency=0 AND id_manager=0 AND blocked = 0";
|
||
}
|
||
} else {
|
||
if ($block) {
|
||
$usl = "agency=1 AND blocked = 1";
|
||
} else {
|
||
$usl = "agency=1 AND blocked = 0";
|
||
}
|
||
}
|
||
|
||
if ($active) {
|
||
$usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)";
|
||
}
|
||
|
||
$sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC";
|
||
|
||
if (isset($_GET['dev'])) {
|
||
echo $sql;
|
||
}
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
return mysql_result($rez,0);
|
||
|
||
}
|
||
|
||
public static function searchUsers($agent = false, $from = 0, $to = 1000){
|
||
|
||
$usl = "1";
|
||
|
||
if($_GET['search']) {
|
||
|
||
$usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')";
|
||
|
||
}
|
||
|
||
$sql = "SELECT users.*, DATE_FORMAT(date_reg,'%d.%m.%Y') AS date_reg, DATE_FORMAT(last_auth,'%d.%m.%Y %H:%i') AS last_auth, UNIX_TIMESTAMP(date_tarif) AS date_tarif, rf_regions.name as name FROM users left join rf_regions on rf_regions.id = users.region_rf_id WHERE $usl ORDER BY `users`.`last_auth` DESC LIMIT $from, $to";
|
||
|
||
if (isset($_GET['dev'])) {
|
||
echo $sql;
|
||
}
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
$agency = array();
|
||
|
||
while($ag = mysql_fetch_assoc($rez))
|
||
|
||
{
|
||
|
||
if($ag[id_tarif]) $ag['tarif'] = mysql_result(mysql_query("SELECT nazv FROM tariffs WHERE id=$ag[id_tarif]"),0);
|
||
|
||
else $ag['tarif'] = "";
|
||
|
||
$agency[] = $ag;
|
||
|
||
}
|
||
|
||
return $agency;
|
||
|
||
}
|
||
|
||
public static function countUsers($agent = false){
|
||
|
||
$usl = "1";
|
||
|
||
if($_GET['search']) {
|
||
|
||
$usl .= " AND (LCASE(agency_name) LIKE '%$_GET[search]%' OR LCASE(first_name) LIKE '%$_GET[search]%' OR LCASE(last_name) LIKE '%$_GET[search]%' OR LCASE(middle_name) LIKE '%$_GET[search]%' OR LCASE(phone) LIKE '%$_GET[search]%' OR LCASE(email) LIKE '%$_GET[search]%')";
|
||
|
||
}
|
||
|
||
$sql = "SELECT count(*) FROM users WHERE $usl ORDER BY `users`.`last_auth` DESC";
|
||
|
||
if (isset($_GET['dev'])) {
|
||
echo $sql;
|
||
}
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
return mysql_result($rez,0);
|
||
|
||
}
|
||
|
||
public static function getCountAgency($agent = false, $block = false, $active = false){
|
||
|
||
if($agent) {
|
||
$usl = "agent=1 AND agency=0 AND role_developer=0 AND id_manager=0";
|
||
if ($block) {
|
||
$usl = $usl." AND blocked = 1";
|
||
} else {
|
||
$usl = $usl." AND blocked = 0";
|
||
}
|
||
} else {
|
||
$usl = "agency=1 AND role_developer=0";
|
||
if ($block) {
|
||
$usl = $usl." AND blocked = 1";
|
||
} else {
|
||
$usl = $usl." AND blocked = 0";
|
||
}
|
||
}
|
||
|
||
if ($active) {
|
||
$usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id=id_tarif LIMIT 1) DAY)";
|
||
}
|
||
|
||
$sql = "SELECT COUNT(*) FROM users WHERE $usl";
|
||
if (isset($_GET['dev'])) {
|
||
echo $sql;
|
||
}
|
||
$rez = mysql_query($sql);
|
||
|
||
return mysql_result($rez,0);
|
||
|
||
}
|
||
|
||
public static function getCountDeveloper($block = false, $active = false)
|
||
{
|
||
$usl = "role_developer = 1 AND agent = 0 AND agency = 0 AND id_manager = 0";
|
||
|
||
if ($block)
|
||
{
|
||
$usl = $usl." AND blocked = 1";
|
||
}
|
||
else
|
||
{
|
||
$usl = $usl." AND blocked = 0";
|
||
}
|
||
|
||
if ($active)
|
||
{
|
||
$usl = $usl." AND now() <= DATE_ADD(date_tarif, INTERVAL (select t.period FROM tariffs t where t.id = id_tarif LIMIT 1) DAY)";
|
||
}
|
||
|
||
$sql = "SELECT COUNT(*) FROM users WHERE $usl";
|
||
|
||
if (isset($_GET['dev']))
|
||
{
|
||
echo $sql;
|
||
}
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
return mysql_result($rez, 0);
|
||
}
|
||
|
||
public static function countAllAdmins($id, $only_active = false) {
|
||
$sql = "SELECT count(*) FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id";
|
||
|
||
if ($only_active)
|
||
$sql .= " AND users.blocked=0";
|
||
|
||
$res = mysql_query($sql);
|
||
return mysql_result($res,0);
|
||
}
|
||
|
||
public static function getAllAdmins($id, $only_active = false) {
|
||
|
||
if (!$id)
|
||
return [];
|
||
|
||
$sql = "SELECT * FROM `users` AS users WHERE users.users_admin=1 AND users.id_manager=$id";
|
||
|
||
if ($only_active)
|
||
$sql .= " AND users.blocked=0";
|
||
|
||
$res = mysql_query($sql);
|
||
$admins = [];
|
||
while ($admin = mysql_fetch_assoc($res)) {
|
||
$admins[] = $admin;
|
||
}
|
||
return $admins;
|
||
}
|
||
|
||
public static function countAllManagers($id, $only_active = false) {
|
||
$total = 0;
|
||
$sql = "SELECT id, manager FROM users WHERE manager=1 AND id_manager=$id AND blocked=0";
|
||
if ($only_active)
|
||
$sql .= " AND users.blocked=0";
|
||
|
||
|
||
$rez = mysql_query($sql);
|
||
$total = mysql_num_rows($rez);
|
||
while($res = mysql_fetch_assoc($rez)){
|
||
if($res['manager'] == 1){
|
||
$sql_m = "SELECT count(*) FROM users WHERE manager=1 AND id_manager=$res[id] AND blocked=0";
|
||
$rez_m = mysql_query($sql_m);
|
||
$total += mysql_result($rez_m,0);
|
||
}
|
||
}
|
||
|
||
return $total;
|
||
|
||
}
|
||
|
||
public static function getAllManagers($id, $only_active = true) {
|
||
|
||
if (!$id)
|
||
return [];
|
||
|
||
$sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id";
|
||
|
||
if ($only_active)
|
||
$sql .= " AND blocked=0";
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
$managers = array();
|
||
|
||
while($manager = mysql_fetch_assoc($rez)) {
|
||
$managers[] = $manager;
|
||
|
||
$sql3 = "SELECT * FROM users WHERE manager=1 AND id_manager=$manager[id]";
|
||
|
||
if ($only_active)
|
||
$sql3 .= " AND blocked=0";
|
||
|
||
$rez3 = mysql_query($sql3);
|
||
|
||
while($agent3 = mysql_fetch_assoc($rez3)) {
|
||
$managers[] = $agent3;
|
||
}
|
||
}
|
||
|
||
// Удаляем дублирующиеся записи по 'id'
|
||
$managers = array_unique($managers, SORT_REGULAR);
|
||
|
||
return $managers;
|
||
|
||
}
|
||
|
||
public static function countAllAgents($id, $only_active = false) {
|
||
|
||
if (!$id)
|
||
return [];
|
||
|
||
$sql = "SELECT id, manager FROM users WHERE manager=1 AND id_manager=$id AND blocked=0";
|
||
|
||
if (!$only_active)
|
||
$sql .= " AND blocked=0";
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
$agentsCount = 0;
|
||
|
||
while($agent = mysql_fetch_assoc($rez))
|
||
|
||
{
|
||
|
||
$sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$agent[id] AND blocked=0";
|
||
|
||
$rez2 = mysql_query($sql2);
|
||
|
||
$agentsCount = $agentsCount + (int) mysql_result($rez2,0);
|
||
|
||
|
||
|
||
}
|
||
|
||
$sql2 = "SELECT count(*) FROM users WHERE manager=0 AND id_manager=$id AND blocked=0";
|
||
|
||
$rez2 = mysql_query($sql2);
|
||
|
||
$agentsCount = $agentsCount + (int) mysql_result($rez2,0);
|
||
|
||
return $agentsCount;
|
||
|
||
}
|
||
|
||
public static function getAllAgents($id, $only_active = false) {
|
||
|
||
if (!$id)
|
||
return [];
|
||
|
||
$sql = "SELECT * FROM users WHERE manager=1 AND id_manager=$id";
|
||
|
||
if ($only_active)
|
||
$sql .= " AND blocked=0";
|
||
|
||
$rez = mysql_query($sql);
|
||
|
||
$agents = array();
|
||
|
||
while($agent = mysql_fetch_assoc($rez))
|
||
|
||
{
|
||
|
||
$sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$agent[id]";
|
||
|
||
$rez2 = mysql_query($sql2);
|
||
|
||
while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2;
|
||
|
||
$sql3 = "SELECT * FROM users WHERE manager=1 AND id_manager=$agent[id]";
|
||
|
||
$rez3 = mysql_query($sql3);
|
||
|
||
while($agent3 = mysql_fetch_assoc($rez3)) {
|
||
$sql4 = "SELECT * FROM users WHERE manager=0 AND id_manager=$agent3[id]";
|
||
|
||
$rez4 = mysql_query($sql4);
|
||
|
||
while($agent4 = mysql_fetch_assoc($rez4)) $agents[] = $agent4;
|
||
}
|
||
|
||
}
|
||
|
||
$sql2 = "SELECT * FROM users WHERE manager=0 AND id_manager=$id";
|
||
|
||
$rez2 = mysql_query($sql2);
|
||
|
||
while($agent2 = mysql_fetch_assoc($rez2)) $agents[] = $agent2;
|
||
|
||
return $agents;
|
||
|
||
}
|
||
|
||
public function changeTarif() {
|
||
$sql = "UPDATE users SET id_tarif='$_GET[id_tarif]', date_tarif=NOW() WHERE id=$_GET[id_user]";
|
||
mysql_query($sql);
|
||
}
|
||
|
||
|
||
/**
|
||
* @return array
|
||
*/
|
||
public function getFilesList($user_id = null) {
|
||
if (!is_null($user_id)) {
|
||
$sql = "SELECT *
|
||
FROM `users_files` AS files
|
||
WHERE files.user_id = " . trim($user_id);
|
||
|
||
$files = [];
|
||
$res = mysql_query($sql);
|
||
if (mysql_num_rows($res)) {
|
||
while ($file = mysql_fetch_assoc($res)) {
|
||
$files[] = $file;
|
||
}
|
||
}
|
||
|
||
return $files;
|
||
}
|
||
|
||
return [];
|
||
}
|
||
|
||
/**
|
||
* @return array
|
||
*/
|
||
public function getFile($file_id = null) {
|
||
if (!is_null($file_id)) {
|
||
$sql = "SELECT *
|
||
FROM `users_files` AS files
|
||
WHERE files.id = " . trim($file_id) . " LIMIT 1";
|
||
|
||
$res = mysql_query($sql);
|
||
return mysql_fetch_assoc($res);
|
||
}
|
||
|
||
return [];
|
||
}
|
||
|
||
/**
|
||
* @param null $file_id
|
||
* @return bool
|
||
*/
|
||
public function deleteFile($file_id = null) {
|
||
if (!is_null($file_id)) {
|
||
if ($file = $this->getFile($file_id)) {
|
||
$sql = "DELETE FROM `users_files` WHERE `users_files`.`id` = " . $file['id'] . " LIMIT 1";
|
||
if (mysql_query($sql)) {
|
||
unlink($_SERVER['DOCUMENT_ROOT'] . $file['path']);
|
||
return true;
|
||
}
|
||
}
|
||
}
|
||
|
||
return mysql_error();
|
||
}
|
||
|
||
/**
|
||
* @param null $user_id
|
||
* @return bool|string
|
||
*/
|
||
public function delUserPic($user_id = null) {
|
||
if (!is_null($user_id)) {
|
||
|
||
$user = new self;
|
||
$user->get($user_id);
|
||
|
||
if ($user_logo = $user->user_logo) {
|
||
$sql = "UPDATE users SET user_logo='' WHERE id='$user_id' LIMIT 1";
|
||
if (mysql_query($sql)) {
|
||
unlink($this->_serverUserpicPath . '/' . $user_logo);
|
||
return true;
|
||
}
|
||
}
|
||
}
|
||
|
||
return false;
|
||
}
|
||
|
||
/**
|
||
* @param $str
|
||
* @param $config
|
||
* @param bool $is_folder
|
||
* @return string
|
||
*/
|
||
private function fixFilename($str, $config, $is_folder = false) {
|
||
$str = strip_tags(htmlspecialchars($str));
|
||
if ($config['convert_spaces'])
|
||
$str = str_replace(' ', $config['replace_with'], $str);
|
||
|
||
if ($config['transliteration']) {
|
||
if (!mb_detect_encoding($str, 'UTF-8', true))
|
||
$str = utf8_encode($str);
|
||
if (function_exists('transliterator_transliterate'))
|
||
$str = transliterator_transliterate('Any-Latin; Latin-ASCII', $str);
|
||
else
|
||
$str = iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $str);
|
||
|
||
$str = preg_replace("/[^a-zA-Z0-9\.\[\]_| -]/", '', $str);
|
||
}
|
||
|
||
$str = str_replace(array( '"', "'", "/", "\\" ), "", $str);
|
||
$str = strip_tags($str);
|
||
|
||
// Empty or incorrectly transliterated filename.
|
||
// Here is a point: a good file UNKNOWN_LANGUAGE.jpg could become .jpg in previous code.
|
||
// So we add that default 'file' name to fix that issue.
|
||
if (!$config['empty_filename'] && strpos($str, '.') === 0 && $is_folder === false)
|
||
{
|
||
$str = 'file' . $str;
|
||
}
|
||
|
||
if ($config['lowercase'])
|
||
return (mb_strtolower(trim($str)));
|
||
else
|
||
return trim($str);
|
||
}
|
||
|
||
/**
|
||
* @param $path
|
||
* @param $filename
|
||
* @return string
|
||
*/
|
||
private function newFilename($path, $filename) {
|
||
$res = "$path/$filename";
|
||
if (!file_exists($res))
|
||
return $res;
|
||
|
||
$fnameNoExt = pathinfo($filename,PATHINFO_FILENAME);
|
||
$ext = pathinfo($filename, PATHINFO_EXTENSION);
|
||
|
||
$i = 1;
|
||
while(file_exists("$path/$fnameNoExt-$i.$ext")) $i++;
|
||
return "$path/$fnameNoExt-$i.$ext";
|
||
}
|
||
|
||
/**
|
||
* @param null $user_id
|
||
* @return array|bool
|
||
*/
|
||
private function setUserpic($user_id = null) {
|
||
|
||
if (!$user_id || is_null($user_id))
|
||
return false;
|
||
|
||
if ($_FILES['avatar']['name']) {
|
||
list($a, $ext) = explode("/", $_FILES['avatar']['type']);
|
||
if ($ext == "pjpeg") {
|
||
$ext = "jpeg";
|
||
}
|
||
|
||
$ext = mb_strtolower($ext);
|
||
|
||
if (in_array($ext, $this->_allowedFileTypes)) {
|
||
|
||
$name = md5($_FILES['avatar']['tmp_name'] . time()) . "." . $ext;
|
||
$photo = $_SERVER['DOCUMENT_ROOT'] . $this->_serverUserpicPath . "/" . $name;
|
||
move_uploaded_file($_FILES['avatar']['tmp_name'], $photo);
|
||
|
||
if (square_crop($photo, $photo, 272, 90)) {
|
||
$sql = "UPDATE `users` SET user_logo='$name' WHERE id=$user_id";
|
||
mysql_query($sql);
|
||
|
||
return $name;
|
||
}
|
||
}
|
||
}
|
||
|
||
return false;
|
||
}
|
||
|
||
/**
|
||
* @param null $user_id
|
||
* @return array|bool
|
||
*/
|
||
private function uploadFiles($user_id = null) {
|
||
|
||
if (!$user_id || is_null($user_id))
|
||
return false;
|
||
|
||
list($success, $errors) = [[],[]];
|
||
$user_id = intval($user_id);
|
||
$post = clearInputData($_POST);
|
||
|
||
$created_by = intval($_SESSION['id']);
|
||
if (isset($_FILES['files'])) {
|
||
|
||
$count = count($_FILES['files']['name']);
|
||
|
||
$agency_id = self::getUserAgencyID();
|
||
$users_id = $this->getAllAgencyUsers($agency_id);
|
||
|
||
for ($i = 0; $i < $count; $i++) {
|
||
if (in_array($user_id, $users_id) && $user_id && $_FILES['files']['error'][$i] == 0) {
|
||
|
||
$extension = mb_strtolower(pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION));
|
||
if (in_array($extension, $this->_allowedFileTypes)) {
|
||
|
||
$real_filename = $_FILES['files']['name'][$i];
|
||
$description = ((isset($post['description'][$i])) ? trim($post['description'][$i]) : null);
|
||
$filename = $this->fixFilename($real_filename, [
|
||
'convert_spaces' => true,
|
||
'replace_with' => '_',
|
||
'transliteration' => true,
|
||
'empty_filename' => true,
|
||
'lowercase' => true
|
||
]);
|
||
|
||
$tmp_path = $_FILES['files']['tmp_name'][$i];
|
||
$save_path = $this->newFilename($_SERVER['DOCUMENT_ROOT'] . $this->_serverPath, $filename);
|
||
$path = str_replace($_SERVER['DOCUMENT_ROOT'], '', $save_path);
|
||
|
||
if (empty($description))
|
||
$description = $real_filename;
|
||
|
||
if (move_uploaded_file($tmp_path, $save_path)) {
|
||
$sql = "INSERT INTO `users_files` (`user_id`, `filename`, `path`, `created_by`) VALUES
|
||
('$user_id', '$description', '$path', '$created_by')";
|
||
if (mysql_query($sql)) {
|
||
$id = mysql_insert_id();
|
||
$success[$id] = [
|
||
'filename' => $real_filename,
|
||
'path' => $path,
|
||
];
|
||
} else {
|
||
$errors[] = [$filename => mysql_error()];
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|
||
if (!empty($success))
|
||
return $success;
|
||
else
|
||
return $errors;
|
||
|
||
}
|
||
|
||
/**
|
||
* Генирация и сохранение токенов
|
||
*/
|
||
public function gen_token($user_id) {
|
||
$token = md5(microtime() . 'user' . $user_id . time());
|
||
$sql = "REPLACE INTO user_api_keys (user_id, api_key) VALUES ({$user_id}, '{$token}')";
|
||
mysql_query($sql);
|
||
$id = mysql_insert_id();
|
||
return $id;
|
||
|
||
}
|
||
|
||
|
||
public static function getUserTarif($user_id) {
|
||
$sgl = "SELECT id_tarif FROM users WHERE id={$user_id}";
|
||
$user = mysql_query($sgl);
|
||
$userTarrif = mysql_fetch_assoc($user);
|
||
|
||
if($userTarrif['id_tarif'] == 0) {
|
||
$sqlManager = "SELECT id_manager FROM users WHERE id={$user_id}";
|
||
$userManager = mysql_query($sqlManager);
|
||
$userIdManager = mysql_fetch_assoc($userManager);
|
||
$sgl = "SELECT id_tarif FROM users WHERE id={$userIdManager['id_manager']}";
|
||
$user = mysql_query($sgl);
|
||
$userTarrif = mysql_fetch_assoc($user);
|
||
}
|
||
$sql2 = "SELECT max_worker FROM tariffs WHERE id={$userTarrif['id_tarif']}";
|
||
$tarif = mysql_query($sql2);
|
||
$maxWorker = mysql_fetch_assoc($tarif);
|
||
if ($maxWorker == 0) {$maxWorker = array('max_worker' => 9999);}
|
||
return $maxWorker;
|
||
|
||
}
|
||
|
||
public static function getUserTarifCount($user_id) {
|
||
$res = array();
|
||
$res2 = array();
|
||
$res3 = array();
|
||
$sgl = "SELECT COUNT(*) FROM users WHERE id_manager={$user_id} AND blocked=0" ;
|
||
$user = mysql_query($sgl);
|
||
$userAgency = mysql_fetch_assoc($user);
|
||
|
||
$sgl3 = "SELECT id FROM users WHERE id_manager={$user_id} AND blocked=0";
|
||
$user3 = mysql_query($sgl3);
|
||
while ($r = mysql_fetch_assoc($user3)) {
|
||
$res[] = $r;
|
||
}
|
||
foreach ($res as $value) {
|
||
$i = reset($value);
|
||
$sgl2 = "SELECT id FROM users WHERE id_manager={$i } AND blocked=0";
|
||
$userA2 = mysql_query($sgl2);
|
||
while ($r = mysql_fetch_assoc($userA2)) {
|
||
$res2[] = $r;
|
||
}
|
||
}
|
||
|
||
|
||
$sgl4 = "SELECT department_id FROM users WHERE id_manager={$user_id} AND blocked=0";
|
||
$user4 = mysql_query($sgl4);
|
||
while ($r = mysql_fetch_assoc($user4)) {
|
||
$res3[] = $r;
|
||
}
|
||
|
||
foreach ($res3 as $value) {
|
||
$i = reset($value);
|
||
if ($i != 0){
|
||
$sgl2 = "SELECT id FROM users WHERE department_id={$i } AND blocked=0 AND id_manager!={$user_id}";
|
||
$userA2 = mysql_query($sgl2);
|
||
while ($r = mysql_fetch_assoc($userA2)) {
|
||
$res2[] = $r;
|
||
}
|
||
}
|
||
}
|
||
$result = array();
|
||
foreach ($res2 as $k => $v) {
|
||
$result[] = reset($v);
|
||
}
|
||
$userCount = (reset($userAgency));
|
||
$userCount2 = count(array_unique($result));
|
||
$userCountSum = $userCount + $userCount2;
|
||
return $userCountSum;
|
||
}
|
||
|
||
public static function isCurrentUserShowAdvertButton() {
|
||
$showAds = true;
|
||
|
||
if ($_SESSION['id'] == 5812 || $_SESSION['id'] == 7076) {
|
||
$showAds = false;
|
||
}
|
||
|
||
if ((in_array($_SESSION['agency_id'], array(8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434, 19011))) && !in_array($_SESSION['id'], array(8373, 8353, 8375, 8376, 8399, 8867, 8910, 9082, 9072, 9077, 9110, 9588, 9805, 9973, 7864, 10203, 10041, 10493, 4873, 10876, 10982, 11086, 10933, 11456, 11501, 11397, 7507, 8826, 10429, 12061, 10041, 10732, 11417, 12556, 13338, 10387, 14134, 13735, 13792, 15401, 16182, 14493, 18438, 18708, 19476, 19821, 17157, 19111, 19750, 22666, 22432, 22434, 19011))) {
|
||
$showAds = false;
|
||
}
|
||
|
||
if ($_SESSION['agency_id'] == 8435 && (!in_array($_SESSION['id'], array(8435, 8532, 8541, 8555))))
|
||
$showAds = false;
|
||
|
||
if ($_SESSION['agency_id'] == 8649 && (!in_array($_SESSION['id'], array(8649, 8653)))) {
|
||
$showAds = false;
|
||
}
|
||
|
||
if ($_SESSION['agency_id'] == 8867 && (!in_array($_SESSION['id'], array(8867, 8910, 9082, 9072, 9077)))) {
|
||
$showAds = false;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 9170) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 19750 || $_SESSION['id'] == 22196 || $_SESSION['id'] == 22280 || $_SESSION['id'] == 22195) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 19821) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 18708) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 9588 || $_SESSION['id'] == 9904) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 9110 || $_SESSION['id'] == 9892) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 9805 || $_SESSION['id'] == 9927) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 18438 || $_SESSION['id'] == 18446) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 9973) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 13338) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 10203) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 10041 || $_SESSION['id'] == 10966 || $_SESSION['id'] == 10869 || $_SESSION['id'] == 13845) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 7864 || $_SESSION['id'] == 8118 || $_SESSION['id'] == 7866 || $_SESSION['id'] == 8432 || $_SESSION['id'] == 9152 || $_SESSION['id'] == 9426) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 10493 || $_SESSION['id'] == 10606) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 4873) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 10876) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 10982 || $_SESSION['id'] == 10992 || $_SESSION['id'] == 11299 || $_SESSION['id'] == 14572 || $_SESSION['id'] == 21355) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 11086) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 10933 || $_SESSION['id'] == 11547 || $_SESSION['id'] == 11538) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 11456 || $_SESSION['id'] == 11552) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 11501 || $_SESSION['id'] == 11549) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 11397 || $_SESSION['id'] == 11583) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if (in_array((int)$_SESSION['id'], [11378,11688,11690,11691,11694,11696,11698,11700,11702,11864,11865,11873,8829,11799,11801,11803,11806,11808,11810,11812,11814,11816,11818,11819,11821,11822,11824,11825,11827,11830,11831,11833,11835,11850,11837,11839,11840,11841,11843,11845,11847,11849,11851,11854,11856,11859,11861,11683,11877,11879,11880,11882,11705,11709,11711,11713,11715,11720,11722,11723,11725,11726,11728,11731,11733,11735,11737,11739,11741,11743,11745,11747,11749,11753,11763,11765,11769,11770,11771,11772,11773,11774,11775,11776,11777,11779,11781,11784,11786,11788,11791,11793,11795,11796,11797,11798,11800,11802,11804,11807,11809,11811,11813,11815,11817,11820,11823,11826,11828,11829,11832,11834,11836,11838,11842,11844,11846,11848,11852,11853,11855,11857,11858,11860,11862,11863,11866,11869,11871,11872,11875,11876,11878,11881,11703,11704,11706,11708,11710,11712,11714,11716,11717,11718,11719,11721,11724,11727,11729,11730,11732,11734,11736,11738,11740,11742,11744,11746,11748,11750,11751,11752,11754,11755,11756,11757,11758,11759,11760,11761,11762,11764,11766,11767,11768,11778,11780,11782,11783,11785,11787,11789,11790,11792,11794,11883,11884,11885,11886,11887,11888,11889,11890,11891,11892,11893,11894,11895,11679,11680,11681,11682,11684,11685,11686,11687,11689,11692,11693,11695,11697,11699,11701,11896,11897,11898,11899,11900,11901,11902,11903,11904,11905,11906])) {
|
||
$showAds = false;
|
||
}
|
||
|
||
if (in_array((int)$_SESSION['id'], [8826, 8827, 11867, 11870, 11874, 12444, 11868, 16929])) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if (in_array((int)$_SESSION['id'], [7507,7719,7513,8787,9878,10483,10815,7514,7517,7518,7519,7614,7762,8364,10484,9047,9928,10386,10522,10530,10531,7931,8893,9048,9809,11039,11805,10589,11329,11516,9770,10338,7905,8569,11641,11707,7520,7540,7541,7826,8729,8737,9861,10156,11034,7508,7509,7510,7512,7515,7543,7553,10499])) // АН ООО МИДОМ
|
||
$showAds = false;
|
||
|
||
if (in_array((int)$_SESSION['id'], [7507, 7508, 7509, 7543, 7905, 8364, 11707, 10499, 8569, 8569, 11930, 12052, 11641, 7553, 8787, 7510, 7548, 7516]))
|
||
$showAds = true;
|
||
|
||
if ($_SESSION['id'] == 10429) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 12061 || $_SESSION['id'] == 12071 || $_SESSION['id'] == 12073 || $_SESSION['id'] == 12093 || $_SESSION['id'] == 12077 || $_SESSION['id'] == 12090 || $_SESSION['id'] == 12649 || $_SESSION['id'] == 12129 || $_SESSION['id'] == 12171 || $_SESSION['id'] == 12098 || $_SESSION['id'] == 1219 || $_SESSION['id'] == 12624 || $_SESSION['id'] == 12641 || $_SESSION['id'] == 16725 || $_SESSION['id'] == 12192 || $_SESSION['id'] == 12654 || $_SESSION['id'] == 12617 || $_SESSION['id'] == 12634 || $_SESSION['id'] == 12132 || $_SESSION['id'] == 21063 || $_SESSION['id'] == 21124 || $_SESSION['id'] == 12653 || $_SESSION['id'] == 12616) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 10732 || $_SESSION['id'] == 12405 || $_SESSION['id'] == 13064) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 11417 || $_SESSION['id'] == 12363 || $_SESSION['id'] == 12353 || $_SESSION['id'] == 13690) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 12556 || $_SESSION['id'] == 12910 || $_SESSION['id'] == 12909) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if($_SESSION['id'] == 14290 || $_SESSION['id'] == 14424 || $_SESSION['id'] == 14437 || $_SESSION['id'] == 16141 || $_SESSION['id'] == 16022 || $_SESSION['id'] == 15846 || $_SESSION['id'] == 16841){
|
||
$showAds = true;
|
||
}
|
||
|
||
if($_SESSION['id'] == 14435 || $_SESSION['id'] == 15068 || $_SESSION['id'] == 15531 || $_SESSION['id'] == 15532 || $_SESSION['id'] == 15529 || $_SESSION['id'] == 13023){
|
||
$showAds = true;
|
||
}
|
||
|
||
if($_SESSION['id'] == 12995 || $_SESSION['id'] == 12999 || $_SESSION['id'] == 12996 || $_SESSION['id'] == 13025 || $_SESSION['id'] == 13026 || $_SESSION['id'] == 13034 || $_SESSION['id'] == 13035 || $_SESSION['id'] == 13040 || $_SESSION['id'] == 17202){
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 10387 || $_SESSION['id'] == 10388 || $_SESSION['id'] == 10389 || $_SESSION['id'] == 10412 || $_SESSION['id'] == 10414 || $_SESSION['id'] == 10910 || $_SESSION['id'] == 12746 || $_SESSION['id'] == 12748 || $_SESSION['id'] == 10785 || $_SESSION['id'] == 10567) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 8889) {
|
||
$showAds = false;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 14134 || $_SESSION['id'] == 14199) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 13735 || $_SESSION['id'] == 13851 || $_SESSION['id'] == 13882 || $_SESSION['id'] == 13902 || $_SESSION['id'] == 13884 || $_SESSION['id'] == 13885 || $_SESSION['id'] == 18001 || $_SESSION['id'] == 18131 || $_SESSION['id'] == 19035 || $_SESSION['id'] == 18613) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 13792 || $_SESSION['id'] == 14066) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['agency_id'] == 14493) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['agency_id'] == 19111) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 15401) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 19476 || $_SESSION['id'] == 19491) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 17157 || $_SESSION['id'] == 17943 || $_SESSION['id'] == 17546) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 16182 || $_SESSION['id'] == 16281 || $_SESSION['id'] == 16270) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['agency_id'] == 22746 && (!in_array($_SESSION['id'], array(22746, 22823)))) {
|
||
$showAds = false;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 22666 || $_SESSION['id'] == 22694 || $_SESSION['id'] == 22687) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 22432 || $_SESSION['id'] == 22642) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 22434 || $_SESSION['id'] == 22447 || $_SESSION['id'] == 22451) {
|
||
$showAds = true;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 21484) {
|
||
$showAds = false;
|
||
}
|
||
|
||
if ($_SESSION['id'] == 19011) {
|
||
$showAds = true;
|
||
}
|
||
|
||
return $showAds;
|
||
}
|
||
|
||
public static function getSubordinatesJson($managerId) {
|
||
$sql = "SELECT id, last_name, first_name, middle_name, blocked, manager FROM users
|
||
WHERE id IN (
|
||
SELECT id FROM users WHERE id_manager = $managerId
|
||
OR id_manager IN (
|
||
SELECT id FROM users WHERE id_manager = $managerId
|
||
OR id_manager IN (
|
||
SELECT id FROM users WHERE id_manager = $managerId
|
||
)
|
||
)
|
||
) AND blocked = 0";
|
||
|
||
$result = mysql_query($sql);
|
||
|
||
$users = [];
|
||
if ($result) {
|
||
while ($row = mysql_fetch_assoc($result)) {
|
||
$users[] = [
|
||
'id' => $row['id'],
|
||
'name' => trim($row['last_name'] . ' ' . $row['first_name'] . ' ' . $row['middle_name']),
|
||
'is_manager' => $row['manager'] == 1
|
||
];
|
||
}
|
||
} else {
|
||
return json_encode([
|
||
'error' => 'SQL execution failed',
|
||
'sql' => $sql,
|
||
'mysql_error' => mysql_error()
|
||
], JSON_UNESCAPED_UNICODE);
|
||
}
|
||
if (empty($users)) {
|
||
return json_encode([
|
||
'error' => 'No subordinates found',
|
||
'sql' => $sql
|
||
], JSON_UNESCAPED_UNICODE);
|
||
}
|
||
|
||
return json_encode($users, JSON_UNESCAPED_UNICODE);
|
||
}
|
||
|
||
/**
|
||
* получение пакета настроек для новой компании (новой регистрации)
|
||
*/
|
||
public function getNewUserPackages(){
|
||
|
||
$is_agent = (int)$this->individual;
|
||
$is_agency = (int)$this->agency;
|
||
$is_dev = (int)$this->role_developer;
|
||
|
||
$where = '';
|
||
if($is_dev > 0){
|
||
$is_agency = 0;
|
||
$is_agent = 0;
|
||
$where = "is_dev = 1";
|
||
} else if($is_agency > 0){
|
||
$where = "is_agency = 1";
|
||
} else if($is_agent > 0){
|
||
$where = "is_agent = 1";
|
||
}
|
||
|
||
$funnels = [];
|
||
|
||
$sql = "SELECT * FROM funnel_admin where $where and deleted = 0 order by id";
|
||
$q = mysql_query($sql);
|
||
while($r = mysql_fetch_assoc($q)) {
|
||
$funnels[] = $r['id'];
|
||
}
|
||
|
||
if(!empty($funnels)){
|
||
$funnelClass = new Funnel();
|
||
$f = $funnelClass->set_template_funnels($this->agencyId, $this->id, $funnels);
|
||
}
|
||
|
||
//Дефолтные настройки
|
||
$sql = "INSERT INTO `funnel_default` (`name`, `agency_id`, `is_client`, `is_req`, `is_filter`, `is_stage`, `is_show_funnels`, `order_number`) VALUES
|
||
('Список клиентов', {$this->agencyId}, 1, 0, 1, 0, 1, 0)";
|
||
mysql_query($sql);
|
||
|
||
$sql_in = "INSERT INTO user_views_page (user_id, view_req, view_client) values ({$this->id}, 'kanban', 'list')";
|
||
mysql_query($sql_in);
|
||
|
||
|
||
}
|
||
}
|