Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /**********************/ /* */ /*Decoded by AtakanCan*/ /* ..
Decoded Output download
<?php
/**********************/
/* */
/*Decoded by AtakanCan*/
/* */
/**********************/
class users
{
public function users( $id = 0 )
{
global $db;
if ( $id )
{
$this->id = $id;
$this->array = array( );
$this->array = fetchAssoc( "select * from ".TABLE_USERS." where id=".$id );
foreach ( $this->array as $key => $value )
{
$this->array[$key] = clean( $value );
}
}
}
public function getid( )
{
return $this->id;
}
public function delete( $id = 0 )
{
global $db;
global $config_abs_path;
global $config_demo;
if ( $config_demo == 1 )
{
}
else
{
if ( !$id )
{
$id = $this->id;
}
$username = getUsername( $id );
$res_del = query( "delete from ".TABLE_USERS." where id=\"".$id."\"" );
$Var_792->listings( );
$listings = $Var_792;
deleteUser( $id );
auth::deleteLoginHistory( $username );
users_packages::deleteUser( $id );
global $ads_settings;
if ( $ads_settings['saved_searches_enabled'] )
{
require_once( $config_abs_path."/classes/searches.php" );
searches::deleteUser( $id );
}
require_once( $config_abs_path."/classes/actions.php" );
actions::deleteUser( $id );
require_once( $config_abs_path."/classes/coupons.php" );
coupons::deleteUser( $id );
$res_del = query( "delete from ".TABLE_OPTIONS." where `object_id`='{$id}' and `option`='store'" );
}
}
public function deleteusers( $group )
{
global $db;
$arr = fetchRowList( "select id from ".TABLE_USERS." where `group`={$group}" );
foreach ( $arr as $row )
{
delete( $row );
}
return 1;
}
public function enable( $id = 0 )
{
global $db;
global $config_demo;
if ( $config_demo == 1 )
{
}
else
{
$array = fetchAssoc( "select ".TABLE_USERS.".*, (".TABLE_USERS.".active=0 && ".TABLE_USER_GROUPS.".admin_verification=1 ) as pending from ".TABLE_USERS." left join ".TABLE_USER_GROUPS." on ".TABLE_USERS.".`group` = ".TABLE_USER_GROUPS.".`id` where ".TABLE_USERS.".`id` ={$id}" );
if ( !$id )
{
$id = $this->id;
}
$res = query( "update ".TABLE_USERS." set active=1 where id=\"".$id."\"" );
if ( $array['pending'] )
{
global $config_abs_path;
require_once( $config_abs_path."/classes/mails.php" );
require_once( $config_abs_path."/classes/mail_templates.php" );
$Var_1584->mails( );
$mail2send = $Var_1584;
init( $array['email'], $array['contact_name'] );
$array_subject = array( );
$array_message = array( "user" => $array, "username" => $array['username'] );
composeAndSend( "registration", $array_message, $array_subject );
}
}
}
public function enablestore( $id )
{
global $db;
query( "update ".TABLE_USERS." set `store` = 1 where `id`='{$id}'" );
global $ads_settings;
$days_expires = $ads_settings['store_availability'];
$timestamp = date( "Y-m-d H:i:s" );
if ( $days_expires )
{
$str_expires = " `date_expires` = date_add('{$timestamp}', interval '{$days_expires}' day)";
}
else
{
$str_expires = " `date_expires` = ''";
}
query( "delete from ".TABLE_OPTIONS." where `object_id` = {$id} and `option` like 'store'" );
query( "insert into ".TABLE_OPTIONS." set `object_id` = '{$id}', `option` = 'store', `date_added` = '{$timestamp}', {$str_expires} " );
return 1;
}
public function disablestore( $id )
{
global $db;
query( "update ".TABLE_USERS." set `store` = 0 where `id`='{$id}'" );
return 1;
}
public function enablependingstore( $id )
{
global $db;
global $lng;
global $ads_settings;
$days_expires = $ads_settings['store_availability'];
$timestamp = date( "Y-m-d H:i:s" );
if ( $days_expires )
{
$str_expires = "`date_expires` = date_add('{$timestamp}', interval '{$days_expires}' day)";
}
else
{
$str_expires = "`date_expires` = ''";
}
query( "update ".TABLE_USERS." set `store` = 1 where `id`='{$id}'" );
query( "delete from ".TABLE_OPTIONS." where `object_id` = {$id} and `option` like 'store'" );
query( "insert into ".TABLE_OPTIONS." set `object_id` = '{$id}', `option` = 'store', `date_added` = '{$timestamp}', {$str_expires} " );
query( "update ".TABLE_ACTIONS." set pending=0 where type='store' and `user_id` = {$id}" );
global $config_abs_path;
require_once( $config_abs_path."/classes/mails.php" );
require_once( $config_abs_path."/classes/mail_templates.php" );
$Var_1560->users( );
$user = $Var_1560;
$user_details = getUser( $id );
$username = $user_details['username'];
$user_email = $user_details['email'];
$user_contact = $user_details['contact_name'];
if ( !$user_contact )
{
$user_contact = $username;
}
$Var_2208->mails( );
$mail2send = $Var_2208;
init( $user_email, $user_contact );
$array_subject = array( );
$array_message = array( "id" => $id, "username" => $username, "contact_name" => $user_contact, "days" => $ads_settings['store_availability'], "admin_activated" => 1, "status" => $lng['general']['active'] );
composeAndSend( "buy_store_status", $array_message, $array_subject );
return 1;
}
public function enablebulkuploads( $id )
{
global $db;
query( "update ".TABLE_USERS." set `bulk_uploads` = 1 where `id`='{$id}'" );
return 1;
}
public function disablebulkuploads( $id )
{
global $db;
query( "update ".TABLE_USERS." set `bulk_uploads` = 0 where `id`='{$id}'" );
return 1;
}
public function disable( $id = 0 )
{
global $db;
global $config_demo;
if ( $config_demo == 1 )
{
}
else
{
if ( !$id )
{
$id = $this->id;
}
$res = query( "update ".TABLE_USERS." set active=0, `activation`=\"\" where id=\"".$id."\"" );
}
}
public function block( $id )
{
global $db;
global $config_demo;
if ( $config_demo == 1 )
{
}
else
{
$ip = getIp( $id );
$res = query( "delete from ".TABLE_BLOCKED_IPS." where ip like \"".$ip."\"" );
$res1 = query( "insert into ".TABLE_BLOCKED_IPS." values (\"".$ip."\")" );
}
}
public function unblock( $id )
{
global $db;
global $config_demo;
if ( $config_demo == 1 )
{
}
else
{
$ip = getIp( $id );
$res = query( "delete from ".TABLE_BLOCKED_IPS." where ip like \"".$ip."\"" );
}
}
public function activate_link( $username, $activation )
{
global $db;
global $lng;
$res = query( "select active from ".TABLE_USERS." where username like '{$username}'" );
if ( !numRows( $res ) )
{
addError( $lng['users']['errors']['invalid_account_or_activation'] );
return 0;
}
if ( fetchRow( ) == 1 )
{
addError( $lng['users']['errors']['account_already_active'] );
return 0;
}
$res = query( "select id from ".TABLE_USERS." where username like '{$username}' and activation like '{$activation}'" );
if ( !numRows( $res ) )
{
addError( $lng['users']['errors']['invalid_account_or_activation'] );
return 0;
}
$res = query( "update ".TABLE_USERS." set active=1, `activation`='' where username like '{$username}'" );
return 1;
}
public function getusername( $id = "" )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$uname = fetchRow( "select username from ".TABLE_USERS." where id=\"".$id."\"" );
return $uname;
}
public function getpasshash( $id = "" )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$pass = fetchRow( "select password from ".TABLE_USERS." where id=\"".$id."\"" );
return $pass;
}
public function getuserid( $username, $identity = "" )
{
global $db;
$str = "";
if ( $identity )
{
$str = " and `identity`='{$identity}'";
}
$id = fetchRow( "select id from ".TABLE_USERS." where username like \"".$username."\"".$str );
if ( !$id )
{
return 0;
}
return $id;
}
public function getgroup( $id )
{
global $db;
$id = fetchRow( "select `group` from ".TABLE_USERS." where id={$id}" );
if ( !$id )
{
return 0;
}
return $id;
}
public function getip( $id )
{
global $db;
$id = fetchRow( "select `ip` from ".TABLE_USERS." where id={$id}" );
if ( !$id )
{
return 0;
}
return $id;
}
public function getstorebanner( $id )
{
global $db;
$banner = fetchRow( "select `store_banner` from ".TABLE_USERS." where id={$id}" );
return $banner;
}
public function allowstorebanner( $id )
{
global $db;
$allow = fetchRow( "select `store` from ".TABLE_USERS." where id={$id}" );
return $allow;
}
public function getgroupname( $id )
{
global $db;
global $crt_lang;
$group_name = fetchRow( "select ".TABLE_USER_GROUPS."_lang.`name` from ".TABLE_USERS." left join ".TABLE_USER_GROUPS."_lang on ".TABLE_USER_GROUPS."_lang.`id`=".TABLE_USERS.".`group` where ".TABLE_USERS.".id={$id} and lang_id='{$crt_lang}'" );
if ( !$group_name )
{
return 0;
}
return $group_name;
}
public function getemail( $id = "" )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$email = fetchRow( "select email from ".TABLE_USERS." where id=\"".$id."\"" );
return $email;
}
public function getcontactname( $id = "" )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$name = fetchRow( "select contact_name from ".TABLE_USERS." where id=\"".$id."\"" );
return clean( $name );
}
public function getcontactdata( $id )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$result = fetchAssoc( "select `username`, `email`, `contact_name`, `language` from ".TABLE_USERS." where id=\"".$id."\"" );
if ( !$result )
{
return 0;
}
foreach ( $result as $key => $value )
{
$result[$key] = clean( $result[$key] );
}
return $result;
}
public function getuserbyusername( $username )
{
global $db;
$id = fetchRow( "select `id` from ".TABLE_USERS." where username like \"".$username."\"" );
if ( !$id )
{
return 0;
}
$result = getUser( $id );
return $result;
}
public function getuserinfo( $id )
{
global $db;
$result = fetchAssoc( "select * from ".TABLE_USERS." where id='{$id}'" );
return $result;
}
public function getuser( $id = "" )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
global $appearance_settings;
$date_format = $appearance_settings['date_format'];
$result = fetchAssoc( "select *, ".TABLE_USERS.".`ip` as register_ip, date_format(`registration_date`,'{$date_format}') as date_nice, ( ".TABLE_BLOCKED_IPS.".ip is not null ) as blocked from ".TABLE_USERS." left join ".TABLE_BLOCKED_IPS." on ".TABLE_USERS.".ip = ".TABLE_BLOCKED_IPS.".ip where id='{$id}'" );
if ( !$result )
{
return 0;
}
if ( $result['store'] )
{
$result['store_expires_nice'] = fetchRow( "select date_format(`date_expires`,'{$date_format}') from ".TABLE_OPTIONS." where `object_id` = {$id} and `option` = 'store'" );
}
else
{
$act = fetchAssoc( "select * from ".TABLE_ACTIONS." where `type` like 'store' and `user_id` = '{$id}' order by `date` desc limit 1" );
if ( $act )
{
$result['store_pending'] = $act['pending'];
}
}
if ( $result['contact_name'] )
{
$result['url_name'] = _urlencode( $result['contact_name'] );
}
else
{
$result['url_name'] = _urlencode( $result['username'] );
}
foreach ( $result as $key => $value )
{
$result[$key] = clean( $result[$key] );
}
$Var_2568->fields( "uf" );
$f = $Var_2568;
$fields = getFieldsArray( $result['group'] );
setFields( $fields );
foreach ( $fields as $field )
{
$fname = $field['caption'];
if ( $field['type'] == "checkbox_group" || $field['type'] == "multiselect" )
{
$result[$fname] = explode( "|", $result[$fname] );
}
else if ( $field['type'] == "date" )
{
if ( $result[$fname] && $result[$fname] != "0000-00-00" )
{
$result['vis'][$fname] = format_date_str( $result[$fname], $field['date_format'] );
}
else
{
$result[$fname] = "";
}
}
else if ( $field['type'] != "depending" && ( $field['validation_type'] == "numeric" || $field['type'] == "price" ) )
{
$result['formatted'][$fname] = format_numeric( $result[$fname] );
}
else if ( $field['type'] == "textarea" )
{
$result['formatted'][$fname] = str_replace( "
", "<br>", $result[$fname] );
}
else if ( $field['type'] == "youtube" && $result[$fname] )
{
global $config_abs_path;
require_once( $config_abs_path."/include/patterns.php" );
$result[$fname] = formatvideo( $result[$fname] );
}
}
global $crt_lang;
if ( $result['language'] != $crt_lang )
{
$Var_5448->languages( );
$language = $Var_5448;
$result = translateFieldsElements( $result, "uf" );
}
return $result;
}
public function getnolistings( $id = 0 )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$no = fetchRow( "select count(*) from ".TABLE_ADS." where user_id=\"".$id."\"" );
return $no;
}
public function count( $group = "" )
{
global $db;
$where = "";
if ( $group )
{
$where = " where `group` = {$group}";
}
$no = fetchRow( "select count(*) from ".TABLE_USERS.$where );
return $no;
}
public function getno( $search = "" )
{
global $db;
if ( $search != "" )
{
$where = " where username like '%{$search}%'";
}
else
{
$where = "";
}
$no = fetchRow( "select count(*) from ".TABLE_USERS.$where );
return $no;
}
public function getnoactive( )
{
global $db;
$no = fetchRow( "select count(*) from ".TABLE_USERS." where active=1" );
return $no;
}
public function getuserswithads( )
{
global $db;
$res = query( "select ".TABLE_USERS.".id from ".TABLE_USERS." right join ".TABLE_ADS." on ".TABLE_USERS.".id=".TABLE_ADS.".user_id group by ".TABLE_USERS.".id;" );
return numRows( $res );
}
public function getuserswithstore( )
{
global $db;
$no = fetchRow( "select count(*) from ".TABLE_USERS." where `store` = 1;" );
return $no;
}
public function getuserswithbulkuploads( )
{
global $db;
$no = fetchRow( "select count(*) from ".TABLE_USERS." where `bulk_uploads` = 1;" );
return $no;
}
public function getnoinactive( )
{
global $db;
$no = fetchRow( "select count(*) from ".TABLE_USERS." where active=0" );
return $no;
}
public function getnopages( $no_per_page )
{
$total = count( );
if ( $total == 0 )
{
return 1;
}
return ceil( $total / $no_per_page );
}
public function getall( $group = "" )
{
global $db;
if ( $group )
{
$where = " where `group` = {$group}";
}
else
{
$where = "";
}
$array = fetchAssocList( "select * from ".TABLE_USERS." {$where} order by username" );
$i = 0;
$array_usr = array( );
foreach ( $array as $result )
{
$array_usr[$i] = $result;
if ( $i % 2 )
{
$array_usr[$i]['style'] = "_odd";
}
else
{
$array_usr[$i]['style'] = "_even";
}
++$i;
}
return $array_usr;
}
public function getlatestusers( $no )
{
global $db;
global $appearance_settings;
$date_format = $appearance_settings['date_format'];
$sql = "select username, id, date_format(registration_date,\"".$date_format."\") as `date` from ".TABLE_USERS." order by registration_date desc limit ".$no;
$array_users = fetchAssocList( $sql );
$i = 0;
foreach ( $array_users as $row )
{
$array_users[$i]['listings'] = listings::getNoListings( $row['id'] );
++$i;
}
return $array_users;
}
public function getloginhistory( $page, $no_per_page, $search = "" )
{
global $db;
$start = ( $page - 1 ) * $no_per_page;
if ( $search != "" )
{
$where = " where username like '%{$search}%'";
}
else
{
$where = "";
}
$sql = "select username from ".TABLE_USERS." {$where} order by username asc limit {$start}, {$no_per_page}";
$array = fetchRowList( $sql );
$i = 0;
$array_users = array( );
$Var_960->auth( );
$auth = $Var_960;
if ( $page == 1 && !$search )
{
global $settings;
$admin_username = $settings['admin_username'];
$array_users[$i]['username'] = $admin_username;
$login_info = getLastLogin( $admin_username );
$array_users[$i]['login_info'] = $login_info;
if ( $i % 2 )
{
$array_users[$i]['style'] = "_odd";
}
else
{
$array_users[$i]['style'] = "_even";
}
++$i;
}
foreach ( $array as $result )
{
$array_users[$i]['username'] = $result;
$login_info = getLastLogin( $result );
$array_users[$i]['login_info'] = $login_info;
if ( $i % 2 )
{
$array_users[$i]['style'] = "_odd";
}
else
{
$array_users[$i]['style'] = "_even";
}
++$i;
}
return $array_users;
}
public function searchusers( $post_array, $page, $no_per_page, $order, $order_way )
{
global $db;
global $lng;
global $crt_lang;
global $appearance_settings;
$date_format = $appearance_settings['date_format'];
$start = ( $page - 1 ) * $no_per_page;
$where = "";
foreach ( $post_array as $key => $value )
{
if ( !$key || $value == "" )
{
continue;
}
switch ( $key )
{
case "id" :
break;
case "group" :
}
$where .= " and ".TABLE_USERS.".`{$key}` = '{$value}' ";
break;
switch ( $key )
{
case "username" :
break;
case "contact_name" :
break;
case "email" :
break;
case "ip" :
}
$where .= " and ".TABLE_USERS.".`{$key}` like '{$value}' ";
break;
switch ( $key )
{
case "date_from" :
$where .= " and ".TABLE_USERS.".`registration_date` >= '{$value}' ";
break;
case "date_to" :
$where .= " and ".TABLE_USERS.".`registration_date` <= '{$value}' ";
}
}
$no_users = getNoSearchUsers( $where );
setNoUsers( $no_users );
$group = "";
$join_ads = "";
$no_ads = "";
if ( $order == "listings" )
{
$group = "group by ".TABLE_USERS.".id";
$join_ads = "left join ".TABLE_ADS." on ".TABLE_USERS.".id=".TABLE_ADS.".user_id ";
$no_ads = " count(".TABLE_ADS.".user_id) as listings,";
}
$sql = "select ".TABLE_USERS.".*, date_format(registration_date,'".$date_format."') as date, ".TABLE_BLOCKED_IPS.".`ip` as blocked, {$no_ads} ".TABLE_USER_GROUPS."_lang.`name` as `group_name`, (".TABLE_USER_GROUPS.".admin_verification=1 and ".TABLE_USERS.".active=0) as pending, ".TABLE_ACTIONS.".`invoice` from ".TABLE_USERS."
{$join_ads}
left join ".TABLE_BLOCKED_IPS." on ".TABLE_USERS.".`ip`=".TABLE_BLOCKED_IPS.".ip
left join ".TABLE_USER_GROUPS."_lang on ".TABLE_USERS.".`group`=".TABLE_USER_GROUPS."_lang.`id`
left join ".TABLE_USER_GROUPS." on ".TABLE_USERS.".`group`=".TABLE_USER_GROUPS.".`id`
left join ".TABLE_ACTIONS." on ".TABLE_USERS.".id=".TABLE_ACTIONS.".`user_id` and ( ".TABLE_ACTIONS.".`type` = 'store' )
where ".TABLE_USER_GROUPS."_lang.`lang_id` = '".$crt_lang."' {$where}
{$group} order by `".$order."` ".$order_way." limit ".$start.", ".$no_per_page;
$array = fetchAssocList( $sql );
$i = 0;
$array_users = array( );
foreach ( $array as $result )
{
if ( $order != "listings" )
{
$array_users[$i]['listings'] = listings::getNoListings( $result['id'] );
}
foreach ( $result as $key => $value )
{
$array_users[$i][$key] = clean( $result[$key] );
}
if ( $array_users[$i]['blocked'] )
{
$array_users[$i]['blocked'] = 1;
}
else
{
$array_users[$i]['blocked'] = 0;
}
$array_users[$i]['pending_actions'] = array( );
$array_users[$i]['pending_info'] = "";
if ( $result['invoice'] )
{
$array_users[$i]['pending_actions'] = fetchAssocList( "select * from ".TABLE_ACTIONS." where `invoice` = ".$result['invoice']." and pending = 1" );
foreach ( $array_users[$i]['pending_actions'] as $action )
{
if ( $action['type'] == "store" )
{
$array_users[$i]['pending_info'] .= $lng['users']['pending_store']."<br />";
}
}
}
if ( $i % 2 )
{
$array_users[$i]['style'] = "_odd";
}
else
{
$array_users[$i]['style'] = "_even";
}
++$i;
}
return $array_users;
}
public function getnosearchusers( $where )
{
global $db;
if ( $where )
{
$where = " where ".substr( $where, 4 );
}
$total = fetchRow( "select count(*) from ".TABLE_USERS.$where );
return $total;
}
public function getnousers( )
{
return $this->no_users;
}
public function setnousers( $no )
{
$this->no_users = $no;
}
public function user_exists( $str, $id = "" )
{
global $db;
if ( $id )
{
$str_id = " and id!=".$id;
}
else
{
$str_id = "";
}
$res = query( "select * from ".TABLE_USERS." where username like '{$str}'".$str_id );
if ( numRows( $res ) )
{
return 1;
}
return 0;
}
public function exists( $id )
{
global $db;
$res = query( "select * from ".TABLE_USERS." where id='{$id}'" );
if ( numRows( $res ) )
{
return 1;
}
return 0;
}
public function email_exists( $str, $id = "" )
{
global $db;
if ( $id )
{
$str_id = " and id!=".$id;
}
else
{
$str_id = "";
}
$res = query( "select * from ".TABLE_USERS." where email like '{$str}'".$str_id );
if ( numRows( $res ) )
{
return 1;
}
return 0;
}
public function geterror( )
{
return $this->error;
}
public function adderror( $str )
{
$this->error .= $str;
}
public function seterror( $str )
{
$this->error = $str;
}
public function getinfo( )
{
return $this->info;
}
public function setinfo( $str )
{
$this->info = $str;
}
public function gettmp( )
{
return $this->tmp;
}
public function check_edit_info( $id )
{
global $lng;
$this->error = "";
$this->tmp = array( );
$Var_264->auth( );
$auth = $Var_264;
$is_admin = 0;
if ( adminLoggedIn( ) )
{
$is_admin = 1;
}
if ( $is_admin )
{
global $config_demo;
if ( $config_demo == 1 )
{
addError( $lng['general']['errors']['demo']."<br />" );
}
}
if ( !$_POST['email'] )
{
addError( $lng['users']['errors']['email_missing']."<br />" );
}
else if ( !validator::valid_email( $_POST['email'] ) )
{
addError( $lng['users']['errors']['invalid_email']."<br />" );
}
else if ( email_exists( escape( $_POST['email'] ), $id ) )
{
addError( $lng['users']['errors']['email_exists']."<br />" );
}
else if ( !$is_admin && blocked_emails::isBlocked( escape( $_POST['email'] ) ) )
{
addError( $lng['users']['errors']['email_not_permitted']."<br />" );
}
if ( isset( $_POST['group'] ) && $_POST['group'] != "" )
{
$group = escape( $_POST['group'] );
}
else
{
$group = getGroup( $id );
}
$Var_2496->fields_process( "uf" );
$fields = $Var_2496;
if ( $is_admin || usernameEditable( ) )
{
global $settings;
if ( !$_POST['username'] )
{
addError( $lng['users']['errors']['username_missing']."<br />" );
}
else if ( user_exists( escape( $_POST['username'] ), $id ) )
{
addError( $lng['users']['errors']['username_exists']."<br />" );
}
else if ( escape( $_POST['username'] ) == $settings['admin_username'] )
{
addError( $lng['users']['errors']['username_exists']."<br />" );
}
else if ( !validator::valid_username( $_POST['username'] ) )
{
addError( $lng['users']['errors']['invalid_username']."<br />" );
}
$this->tmp['username'] = clean( $_POST['username'] );
}
if ( $is_admin && isset( $_POST['credits'] ) && !is_numeric( $_POST['credits'] ) )
{
addError( $lng['users']['errors']['invalid_no_credits']."<br />" );
}
setEdit( 1 );
check_form_fields( $group );
if ( getError( ) != "" )
{
addError( getError( ) );
}
$old_data = getUser( $id );
$store = $old_data['store'];
$store_banner = $old_data['store_banner'];
if ( $store && isset( $_FILES['store_banner']['name'] ) && $_FILES['store_banner']['name'] )
{
global $config_abs_path;
$dir = $config_abs_path."/images/store";
$Var_5688->image( "store_banner", $dir, "store" );
$img = $Var_5688;
if ( !verify( ) )
{
addError( getError( ) );
}
}
if ( getError( ) != "" )
{
$this->tmp['id'] = $id;
if ( isset( $_POST['email'] ) )
{
$this->tmp['email'] = $_POST['email'];
}
else
{
$this->tmp['email'] = "";
}
if ( isset( $_POST['contact_name'] ) )
{
$this->tmp['contact_name'] = $_POST['contact_name'];
}
else
{
$this->tmp['contact_name'] = "";
}
if ( $is_admin )
{
$this->tmp['no_credits'] = $_POST['no_credits'];
}
$this->tmp['store'] = $store;
$this->tmp['store_banner'] = $store_banner;
$this->tmp['tmp_fields'] = getTmp( );
foreach ( $this->tmp['tmp_fields'] as $key => $value )
{
$this->tmp[$key] = $value;
}
}
return 1;
}
public function check_form( $group = "" )
{
global $db;
$Var_96->auth( );
$auth = $Var_96;
$is_admin = 0;
if ( adminLoggedIn( ) )
{
$is_admin = 1;
}
global $lng;
$this->error = "";
$this->tmp = array( );
global $settings;
$captcha = $settings['register_captcha'];
if ( $is_admin && ( !$_POST['group'] || !is_numeric( $_POST['group'] ) ) )
{
addError( $lng['users']['errors']['group_missing']."<br />" );
}
if ( $is_admin && isset( $_POST['credits'] ) && !is_numeric( $_POST['credits'] ) )
{
addError( $lng['users']['errors']['invalid_no_credits']."<br />" );
}
if ( !$_POST['username'] )
{
addError( $lng['users']['errors']['username_missing']."<br />" );
}
else if ( user_exists( escape( $_POST['username'] ) ) )
{
addError( $lng['users']['errors']['username_exists']."<br />" );
}
else if ( escape( $_POST['username'] ) == $settings['admin_username'] )
{
addError( $lng['users']['errors']['username_exists']."<br />" );
}
else if ( !validator::valid_username( $_POST['username'] ) )
{
addError( $lng['users']['errors']['invalid_username']."<br />" );
}
if ( !$_POST['email'] )
{
addError( $lng['users']['errors']['email_missing']."<br />" );
}
else if ( !validator::valid_email( $_POST['email'] ) )
{
addError( $lng['users']['errors']['invalid_email']."<br />" );
}
else if ( email_exists( escape( $_POST['email'] ) ) )
{
addError( $lng['users']['errors']['email_exists']."<br />" );
}
else if ( !$is_admin && blocked_emails::isBlocked( escape( $_POST['email'] ) ) )
{
addError( $lng['users']['errors']['email_not_permitted']."<br />" );
}
else if ( escape( $_POST['email'] ) == $settings['admin_email'] )
{
addError( $lng['users']['errors']['email_exists']."<br />" );
}
if ( !$_POST['password'] || !$_POST['password1'] )
{
addError( $lng['users']['errors']['password_missing']."<br />" );
}
else if ( strcmp( $_POST['password'], $_POST['password1'] ) )
{
addError( $lng['users']['errors']['passwords_dont_match']."<br />" );
}
if ( !$is_admin && $captcha && !checkvalidationimage( ) )
{
addError( $lng['users']['errors']['invalid_validation_string']."<br />" );
}
$Var_5280->fields_process( "uf" );
$fields = $Var_5280;
if ( !$group )
{
if ( isset( $_POST['group'] ) && $_POST['group'] != "" )
{
$group = escape( $_POST['group'] );
}
else
{
$group = "";
}
}
if ( $group )
{
check_form_fields( $group );
if ( getError( ) != "" )
{
addError( getError( ) );
}
$Var_6096->groups( );
$gr = $Var_6096;
$store = getStore( $group );
if ( 0 < $store && isset( $_FILES['store_banner']['name'] ) && $_FILES['store_banner']['name'] )
{
global $config_abs_path;
$dir = $config_abs_path."/images/store";
$Var_6696->image( "store_banner", $dir, "store" );
$img = $Var_6696;
if ( !verify( ) )
{
addError( getError( ) );
}
}
}
if ( getError( ) != "" )
{
$array_fields = array( "username", "email", "contact_name" );
if ( $is_admin && isset( $_POST['group'] ) )
{
$this->tmp['group'] = $_POST['group'];
}
else
{
$this->tmp['group'] = "";
}
if ( $is_admin )
{
$this->tmp['no_credits'] = $_POST['no_credits'];
}
foreach ( $array_fields as $f )
{
if ( isset( $_POST[$f] ) )
{
$this->tmp[$f] = clean( $_POST[$f] );
}
else
{
$this->tmp[$f] = "";
}
}
$this->tmp['tmp_fields'] = getTmp( );
foreach ( $this->tmp['tmp_fields'] as $key => $value )
{
$this->tmp[$key] = $value;
}
}
return 1;
}
public function check_change_password( )
{
global $lng;
$this->error = "";
global $config_demo;
if ( $config_demo == 1 )
{
addError( $lng['general']['errors']['demo']."<br />" );
}
if ( !$_POST['password'] || !$_POST['password1'] )
{
addError( $lng['users']['errors']['password_missing']."<br />" );
return 1;
}
if ( strcmp( $_POST['password'], $_POST['password1'] ) )
{
addError( $lng['users']['errors']['passwords_dont_match']."<br />" );
}
return 1;
}
public function add( $group = "" )
{
global $db;
global $lng;
$Var_144->auth( );
$auth = $Var_144;
$is_admin = adminLoggedIn( );
$this->clean = array( );
if ( $group )
{
check_form( $group );
}
else
{
check_form( );
}
if ( getError( ) != "" )
{
return 0;
}
if ( $is_admin )
{
$clean['group'] = escape( $_POST['group'] );
}
else
{
$clean['group'] = $group;
}
if ( $is_admin )
{
$clean['no_credits'] = escape( $_POST['no_credits'] );
}
$array_fields = array( "username", "email" );
foreach ( $array_fields as $f )
{
$clean[$f] = escape( $_POST[$f] );
}
$password = mysql_real_escape_string( $_POST['password'] );
$clean['password'] = encode( $password );
$clean['registration_date'] = date( "Y-m-d H:i:s" );
$clean['ip'] = $_SERVER['REMOTE_ADDR'];
$Var_2088->groups( );
$gr = $Var_2088;
$group_settings = getGroup( $clean['group'] );
$activate_account = $group_settings['activate_account'];
$admin_verification = $group_settings['admin_verification'];
if ( $group_settings['store'] == 2 )
{
$clean['store'] = 1;
}
else
{
$clean['store'] = 0;
}
if ( $group_settings['bulk_uploads'] == 1 )
{
$clean['bulk_uploads'] = 1;
}
else
{
$clean['bulk_uploads'] = 0;
}
$clean['store_banner'] = "";
if ( $clean['store'] && isset( $_FILES['store_banner']['name'] ) && $_FILES['store_banner']['name'] )
{
global $config_abs_path;
$dir = $config_abs_path."/images/store";
$Var_3408->image( "store_banner", $dir, "store" );
$img = $Var_3408;
setGenerate( 1 );
verify( );
if ( upload( ) )
{
$clean['store_banner'] = getUploadedFile( );
}
else
{
$clean['store_banner'] = "";
}
}
if ( $is_admin == 1 )
{
$clean['active'] = 1;
}
else if ( $activate_account || $admin_verification )
{
$clean['active'] = 0;
}
else
{
$clean['active'] = 1;
}
$insert_array = array( "group", "username", "email", "password", "ip", "registration_date", "active", "store", "store_banner", "bulk_uploads", "language" );
global $crt_lang;
$clean['language'] = $crt_lang;
$sql = "insert into ".TABLE_USERS." SET ";
$i = 0;
foreach ( $insert_array as $f )
{
if ( $i )
{
$sql .= ", ";
}
$sql .= "`{$f}` = '".$clean[$f]."'";
++$i;
}
if ( $is_admin && isset( $clean['no_credits'] ) )
{
$sql .= ", `no_credits` = '".$clean['no_credits']."'";
}
$Var_5424->fields_process( "uf" );
$fields = $Var_5424;
$sql .= add_fields( $clean['group'] );
$res = query( $sql );
$last_id = insertId( );
if ( $is_admin )
{
return 1;
}
if ( $activate_account )
{
setInfo( $lng['users']['info']['activate_account'] );
}
else if ( $admin_verification )
{
setInfo( $lng['users']['info']['awaiting_admin_verification'] );
}
else
{
setInfo( $lng['users']['info']['welcome_user'] );
}
if ( $activate_account || $clean['active'] )
{
global $mail_settings;
if ( empty( $mail_settings['mail_settings'] ) && $mail_settings['mail_settings'] )
{
$mail_settings = settings::getMailSettings( );
}
$html_mails = $mail_settings['html_mails'];
if ( isset( $clean['contact_name'] ) && $clean['contact_name'] )
{
$contact_name = $clean['contact_name'];
}
else
{
$contact_name = $clean['username'];
}
if ( $activate_account )
{
global $config_live_site;
$activation_code = generate_random( );
$res_act = query( "update ".TABLE_USERS." set activation='{$activation_code}' where username like '".$clean['username']."'" );
if ( !$html_mails )
{
$act_link = $config_live_site."/activate_account.php?user=".urlencode( $clean['username'] )."&activation=".$activation_code;
}
else
{
$lnk = $config_live_site."/activate_account.php?user=".urlencode( $clean['username'] )."&activation=".$activation_code;
$act_link = "<a href=\"".$lnk."\">".$lnk."</a>";
}
}
else
{
$act_link = "";
}
$Var_8496->mails( );
$mail2send = $Var_8496;
init( $clean['email'], $contact_name );
$array_subject = array( );
$array_message = array( "user" => $clean, "username" => $clean['username'], "password" => $password, "link" => $act_link, "activation" => $activate_account, "admin_verification" => $admin_verification );
composeAndSend( "registration", $array_message, $array_subject );
}
global $settings;
if ( $settings['send_mail_to_admin_when_registeres'] || $admin_verification )
{
if ( $clean['active'] )
{
$status = $lng['general']['active'];
}
else if ( $admin_verification )
{
$status = $lng['users']['waiting_admin_activation'];
}
else if ( $activate_account )
{
$status = $lng['users']['waiting_mail_activation'];
}
else
{
$status = $lng['general']['inactive'];
}
$Var_9888->mails( );
$mail2send = $Var_9888;
init( );
$array_subject = array( );
$array_message = array( "user" => $clean, "username" => $clean['username'], "admin_verification" => $admin_verification, "status" => $status, "group" => $group_settings['name'] );
composeAndSend( "admin_new_account", $array_message, $array_subject );
}
return 1;
}
public function edit_info( $id )
{
global $db;
global $lng;
$this->clean = array( );
$Var_240->auth( );
$auth = $Var_240;
$is_admin = 0;
if ( loggedIn( ) && crtUserId( ) != $id )
{
header( "Location: not_authorized.php" );
exit( 0 );
}
else if ( adminLoggedIn( ) )
{
$is_admin = 1;
}
else if ( !loggedIn( ) )
{
header( "Location: not_authorized.php" );
exit( 0 );
}
check_edit_info( $id );
if ( getError( ) != "" )
{
return 0;
}
if ( $is_admin )
{
$clean['group'] = escape( $_POST['group'] );
}
else
{
$clean['group'] = getGroup( $id );
}
$clean['email'] = escape( $_POST['email'] );
if ( $is_admin )
{
$clean['no_credits'] = escape( $_POST['no_credits'] );
}
$Var_1704->fields_process( "uf" );
$fields = $Var_1704;
$username_editable = usernameEditable( );
if ( $is_admin || $username_editable )
{
$clean['username'] = escape( $_POST['username'] );
}
$Var_2136->groups( );
$gr = $Var_2136;
$group_settings = getGroup( $clean['group'] );
$store = allowStoreBanner( $id );
$clean['store_banner'] = "";
if ( $store && isset( $_FILES['store_banner']['name'] ) && $_FILES['store_banner']['name'] )
{
global $config_abs_path;
$dir = $config_abs_path."/images/store";
$Var_2952->image( "store_banner", $dir, "store" );
$img = $Var_2952;
setGenerate( 1 );
verify( );
if ( upload( ) )
{
$clean['store_banner'] = getUploadedFile( );
}
else
{
$clean['store_banner'] = "";
}
}
if ( $is_admin )
{
$update_array = array( "group", "email", "username", "language" );
}
else
{
$update_array = array( "group", "email", "language" );
if ( $username_editable )
{
array_push( $update_array, "username" );
}
}
global $crt_lang;
$clean['language'] = $crt_lang;
$sql = "update ".TABLE_USERS." SET ";
$i = 0;
foreach ( $update_array as $f )
{
if ( $i )
{
$sql .= ", ";
}
$sql .= "`{$f}` = '".$clean[$f]."'";
++$i;
}
if ( $is_admin && isset( $clean['no_credits'] ) )
{
$sql .= ", `no_credits` = '".$clean['no_credits']."'";
}
if ( $clean['store_banner'] )
{
$sql .= ", `store_banner` = '".$clean['store_banner']."'";
}
setEdit( 1 );
$sql .= add_fields( $clean['group'] );
$sql .= " where `id` = {$id}";
$res = query( $sql );
setInfo( $lng['users']['info']['account_info_updated'] );
return 1;
}
public function change_password( $id )
{
global $db;
global $lng;
if ( !$id )
{
return 0;
}
$this->clean = array( );
check_change_password( );
if ( getError( ) != "" )
{
return 0;
}
$clean['password'] = encode( escape( $_POST['password'] ) );
$res = query( "update ".TABLE_USERS." set `password` = \"".$clean['password']."\" where id=".$id.";" );
$res = query( "delete from ".TABLE_PASSWORD_RECOVERY." where user_id='{$id}'" );
setInfo( $lng['users']['info']['password_changed'] );
return 1;
}
public function validaccount( $user, $passhash )
{
global $db;
$res = query( "select * from ".TABLE_USERS." where `username` like '{$user}' and `password` like '{$passhash}' and `active`=1" );
if ( numRows( $res ) )
{
return 1;
}
return 0;
}
public function checkidentity( $user, $identity )
{
global $db;
$res = query( "select * from ".TABLE_USERS." where `identity` like '{$identity}' and `active`=1" );
if ( numRows( $res ) )
{
return 1;
}
return 0;
}
public function getuserpasswithidentity( $identity, $auth_provider )
{
global $db;
$arr = fetchAssoc( "select `username`, `password` from ".TABLE_USERS." where `identity` like '{$identity}' and `auth_provider` like '{$auth_provider}' and `active`=1" );
return $arr;
}
public function generaterecoverykey( $id )
{
global $db;
$timestamp = date( "Y-m-d H:i:s" );
$activation_code = generate_random( );
$res = query( "delete from ".TABLE_PASSWORD_RECOVERY." where user_id='{$id}'" );
$res = query( "insert into ".TABLE_PASSWORD_RECOVERY." values ('{$id}', '{$activation_code}', '{$timestamp}')" );
return $activation_code;
}
public function getkeyuser( $key )
{
global $db;
$res = query( "select user_id from ".TABLE_PASSWORD_RECOVERY." where activation like '{$key}'" );
if ( !numRows( $res ) )
{
return 0 - 1;
}
return fetchRow( );
}
public function getidbyemail( $email )
{
global $db;
$res = query( "select id from ".TABLE_USERS." where email like '{$email}'" );
if ( !numRows( $res ) )
{
return 0;
}
return fetchRow( );
}
public function gettablefields( )
{
global $db;
$extra_fields = array( "registration_date_formatted", "listings", "blocked", "group_name", "pending", "invoice" );
$fields = getTableFields( TABLE_USERS );
$fields = array_merge( $fields, $extra_fields );
return $fields;
}
public function gettablecsvfields( $extra = 1 )
{
global $db;
$extra_fields = array( "registration_date_formatted", "listings", "blocked", "group_name", "pending", "invoice" );
$fields = getTableCSVFields( TABLE_USERS );
if ( !$extra )
{
return $fields;
}
foreach ( $extra_fields as $f )
{
$fields .= ",".$f;
}
return $fields;
}
public function exportusers( $type )
{
global $db;
global $lng;
global $appearance_settings;
global $ads_settings;
$date_format = $appearance_settings['date_format'];
$where = "";
$where_start = " where";
if ( isset( $_POST[$type."_group"] ) && is_numeric( $_POST[$type."_group"] ) )
{
$where .= $where_start." `group` = '".$_POST[$type."_group"]."'";
$where_start = " and";
}
if ( isset( $_POST[$type."_date_start"] ) && $_POST[$type."_date_start"] != "" )
{
$where .= $where_start." `registration_date` > '".escape( $_POST[$type."_date_start"] )."'";
$where_start = " and";
}
if ( isset( $_POST[$type."_date_end"] ) && $_POST[$type."_date_end"] != "" )
{
$where .= $where_start." `registration_date` < '".escape( $_POST[$type."_date_end"] )."'";
$where_start = " and";
}
if ( isset( $_POST[$type."_last"] ) )
{
$last = escape( $_POST[$type."_last"] );
}
else
{
$last = "";
}
if ( isset( $_POST[$type."_user_order_by"] ) && $_POST[$type."_user_order_by"] != "" )
{
$order_by = escape( $_POST[$type."_user_order_by"] );
}
else
{
$order_by = "registration_date";
}
if ( isset( $_POST[$type."_user_order_way"] ) && $_POST[$type."_user_order_way"] != "" )
{
$order_way = escape( $_POST[$type."_user_order_way"] );
}
else
{
$order_way = "desc";
}
global $crt_lang;
$sql = "select ".TABLE_USERS.".*, date_format(registration_date,'".$date_format."') as `registration_date_formatted`, count(".TABLE_ADS.".user_id) as listings, ".TABLE_BLOCKED_IPS.".`ip` as blocked, ".TABLE_USER_GROUPS."_lang.`name` as `group_name`, (".TABLE_USER_GROUPS.".admin_verification=1 and ".TABLE_USERS.".active=0) as pending, ".TABLE_ACTIONS.".`invoice` from ".TABLE_USERS."
left join ".TABLE_ADS." on ".TABLE_USERS.".id=".TABLE_ADS.".user_id
left join ".TABLE_BLOCKED_IPS." on ".TABLE_USERS.".`ip`=".TABLE_BLOCKED_IPS.".ip
left join ".TABLE_USER_GROUPS."_lang on ".TABLE_USERS.".`group`=".TABLE_USER_GROUPS."_lang.`id`
left join ".TABLE_USER_GROUPS." on ".TABLE_USERS.".`group`=".TABLE_USER_GROUPS.".`id`
left join ".TABLE_ACTIONS." on ".TABLE_USERS.".id=".TABLE_ACTIONS.".`user_id` and ( ".TABLE_ACTIONS.".`type` like 'store' )
where ".TABLE_USER_GROUPS."_lang.`lang_id` = '".$crt_lang."'
group by ".TABLE_USERS.".id
order by `".$order_by."` ".$order_way;
if ( 0 < $last )
{
$sql .= " limit ".$last;
}
return $sql;
}
public function moveusers( $from_group, $to_group )
{
global $db;
if ( !$from_group )
{
}
else if ( !$to_group )
{
}
else
{
query( "update ".TABLE_USERS." set `group` = {$to_group} where `group` = {$from_group}" );
return 1;
}
}
public function emptyfield( $crt_usr, $delete )
{
global $db;
query( "update ".TABLE_USERS." set `{$delete}` = '' where `id`={$crt_usr}" );
return 1;
}
public function setfields( $fields )
{
$this->fields = $fields;
}
public function getfields( )
{
return $this->fields;
}
public function getautocomplete( $term )
{
global $db;
$result = fetchRowList( "select `username` from ".TABLE_USERS." where `username` like '{$term}%' limit 10" );
return $result;
}
public function encode( $str )
{
return md5( $str );
}
public function getnocredits( $id )
{
global $db;
$no_credits = fetchRow( "select `no_credits` from ".TABLE_USERS." where `id`='{$id}'" );
if ( !$no_credits )
{
return 0;
}
return $no_credits;
}
}
?>
Did this file decode correctly?
Original Code
<?php
/**********************/
/* */
/*Decoded by AtakanCan*/
/* */
/**********************/
class users
{
public function users( $id = 0 )
{
global $db;
if ( $id )
{
$this->id = $id;
$this->array = array( );
$this->array = fetchAssoc( "select * from ".TABLE_USERS." where id=".$id );
foreach ( $this->array as $key => $value )
{
$this->array[$key] = clean( $value );
}
}
}
public function getid( )
{
return $this->id;
}
public function delete( $id = 0 )
{
global $db;
global $config_abs_path;
global $config_demo;
if ( $config_demo == 1 )
{
}
else
{
if ( !$id )
{
$id = $this->id;
}
$username = getUsername( $id );
$res_del = query( "delete from ".TABLE_USERS." where id=\"".$id."\"" );
$Var_792->listings( );
$listings = $Var_792;
deleteUser( $id );
auth::deleteLoginHistory( $username );
users_packages::deleteUser( $id );
global $ads_settings;
if ( $ads_settings['saved_searches_enabled'] )
{
require_once( $config_abs_path."/classes/searches.php" );
searches::deleteUser( $id );
}
require_once( $config_abs_path."/classes/actions.php" );
actions::deleteUser( $id );
require_once( $config_abs_path."/classes/coupons.php" );
coupons::deleteUser( $id );
$res_del = query( "delete from ".TABLE_OPTIONS." where `object_id`='{$id}' and `option`='store'" );
}
}
public function deleteusers( $group )
{
global $db;
$arr = fetchRowList( "select id from ".TABLE_USERS." where `group`={$group}" );
foreach ( $arr as $row )
{
delete( $row );
}
return 1;
}
public function enable( $id = 0 )
{
global $db;
global $config_demo;
if ( $config_demo == 1 )
{
}
else
{
$array = fetchAssoc( "select ".TABLE_USERS.".*, (".TABLE_USERS.".active=0 && ".TABLE_USER_GROUPS.".admin_verification=1 ) as pending from ".TABLE_USERS." left join ".TABLE_USER_GROUPS." on ".TABLE_USERS.".`group` = ".TABLE_USER_GROUPS.".`id` where ".TABLE_USERS.".`id` ={$id}" );
if ( !$id )
{
$id = $this->id;
}
$res = query( "update ".TABLE_USERS." set active=1 where id=\"".$id."\"" );
if ( $array['pending'] )
{
global $config_abs_path;
require_once( $config_abs_path."/classes/mails.php" );
require_once( $config_abs_path."/classes/mail_templates.php" );
$Var_1584->mails( );
$mail2send = $Var_1584;
init( $array['email'], $array['contact_name'] );
$array_subject = array( );
$array_message = array( "user" => $array, "username" => $array['username'] );
composeAndSend( "registration", $array_message, $array_subject );
}
}
}
public function enablestore( $id )
{
global $db;
query( "update ".TABLE_USERS." set `store` = 1 where `id`='{$id}'" );
global $ads_settings;
$days_expires = $ads_settings['store_availability'];
$timestamp = date( "Y-m-d H:i:s" );
if ( $days_expires )
{
$str_expires = " `date_expires` = date_add('{$timestamp}', interval '{$days_expires}' day)";
}
else
{
$str_expires = " `date_expires` = ''";
}
query( "delete from ".TABLE_OPTIONS." where `object_id` = {$id} and `option` like 'store'" );
query( "insert into ".TABLE_OPTIONS." set `object_id` = '{$id}', `option` = 'store', `date_added` = '{$timestamp}', {$str_expires} " );
return 1;
}
public function disablestore( $id )
{
global $db;
query( "update ".TABLE_USERS." set `store` = 0 where `id`='{$id}'" );
return 1;
}
public function enablependingstore( $id )
{
global $db;
global $lng;
global $ads_settings;
$days_expires = $ads_settings['store_availability'];
$timestamp = date( "Y-m-d H:i:s" );
if ( $days_expires )
{
$str_expires = "`date_expires` = date_add('{$timestamp}', interval '{$days_expires}' day)";
}
else
{
$str_expires = "`date_expires` = ''";
}
query( "update ".TABLE_USERS." set `store` = 1 where `id`='{$id}'" );
query( "delete from ".TABLE_OPTIONS." where `object_id` = {$id} and `option` like 'store'" );
query( "insert into ".TABLE_OPTIONS." set `object_id` = '{$id}', `option` = 'store', `date_added` = '{$timestamp}', {$str_expires} " );
query( "update ".TABLE_ACTIONS." set pending=0 where type='store' and `user_id` = {$id}" );
global $config_abs_path;
require_once( $config_abs_path."/classes/mails.php" );
require_once( $config_abs_path."/classes/mail_templates.php" );
$Var_1560->users( );
$user = $Var_1560;
$user_details = getUser( $id );
$username = $user_details['username'];
$user_email = $user_details['email'];
$user_contact = $user_details['contact_name'];
if ( !$user_contact )
{
$user_contact = $username;
}
$Var_2208->mails( );
$mail2send = $Var_2208;
init( $user_email, $user_contact );
$array_subject = array( );
$array_message = array( "id" => $id, "username" => $username, "contact_name" => $user_contact, "days" => $ads_settings['store_availability'], "admin_activated" => 1, "status" => $lng['general']['active'] );
composeAndSend( "buy_store_status", $array_message, $array_subject );
return 1;
}
public function enablebulkuploads( $id )
{
global $db;
query( "update ".TABLE_USERS." set `bulk_uploads` = 1 where `id`='{$id}'" );
return 1;
}
public function disablebulkuploads( $id )
{
global $db;
query( "update ".TABLE_USERS." set `bulk_uploads` = 0 where `id`='{$id}'" );
return 1;
}
public function disable( $id = 0 )
{
global $db;
global $config_demo;
if ( $config_demo == 1 )
{
}
else
{
if ( !$id )
{
$id = $this->id;
}
$res = query( "update ".TABLE_USERS." set active=0, `activation`=\"\" where id=\"".$id."\"" );
}
}
public function block( $id )
{
global $db;
global $config_demo;
if ( $config_demo == 1 )
{
}
else
{
$ip = getIp( $id );
$res = query( "delete from ".TABLE_BLOCKED_IPS." where ip like \"".$ip."\"" );
$res1 = query( "insert into ".TABLE_BLOCKED_IPS." values (\"".$ip."\")" );
}
}
public function unblock( $id )
{
global $db;
global $config_demo;
if ( $config_demo == 1 )
{
}
else
{
$ip = getIp( $id );
$res = query( "delete from ".TABLE_BLOCKED_IPS." where ip like \"".$ip."\"" );
}
}
public function activate_link( $username, $activation )
{
global $db;
global $lng;
$res = query( "select active from ".TABLE_USERS." where username like '{$username}'" );
if ( !numRows( $res ) )
{
addError( $lng['users']['errors']['invalid_account_or_activation'] );
return 0;
}
if ( fetchRow( ) == 1 )
{
addError( $lng['users']['errors']['account_already_active'] );
return 0;
}
$res = query( "select id from ".TABLE_USERS." where username like '{$username}' and activation like '{$activation}'" );
if ( !numRows( $res ) )
{
addError( $lng['users']['errors']['invalid_account_or_activation'] );
return 0;
}
$res = query( "update ".TABLE_USERS." set active=1, `activation`='' where username like '{$username}'" );
return 1;
}
public function getusername( $id = "" )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$uname = fetchRow( "select username from ".TABLE_USERS." where id=\"".$id."\"" );
return $uname;
}
public function getpasshash( $id = "" )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$pass = fetchRow( "select password from ".TABLE_USERS." where id=\"".$id."\"" );
return $pass;
}
public function getuserid( $username, $identity = "" )
{
global $db;
$str = "";
if ( $identity )
{
$str = " and `identity`='{$identity}'";
}
$id = fetchRow( "select id from ".TABLE_USERS." where username like \"".$username."\"".$str );
if ( !$id )
{
return 0;
}
return $id;
}
public function getgroup( $id )
{
global $db;
$id = fetchRow( "select `group` from ".TABLE_USERS." where id={$id}" );
if ( !$id )
{
return 0;
}
return $id;
}
public function getip( $id )
{
global $db;
$id = fetchRow( "select `ip` from ".TABLE_USERS." where id={$id}" );
if ( !$id )
{
return 0;
}
return $id;
}
public function getstorebanner( $id )
{
global $db;
$banner = fetchRow( "select `store_banner` from ".TABLE_USERS." where id={$id}" );
return $banner;
}
public function allowstorebanner( $id )
{
global $db;
$allow = fetchRow( "select `store` from ".TABLE_USERS." where id={$id}" );
return $allow;
}
public function getgroupname( $id )
{
global $db;
global $crt_lang;
$group_name = fetchRow( "select ".TABLE_USER_GROUPS."_lang.`name` from ".TABLE_USERS." left join ".TABLE_USER_GROUPS."_lang on ".TABLE_USER_GROUPS."_lang.`id`=".TABLE_USERS.".`group` where ".TABLE_USERS.".id={$id} and lang_id='{$crt_lang}'" );
if ( !$group_name )
{
return 0;
}
return $group_name;
}
public function getemail( $id = "" )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$email = fetchRow( "select email from ".TABLE_USERS." where id=\"".$id."\"" );
return $email;
}
public function getcontactname( $id = "" )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$name = fetchRow( "select contact_name from ".TABLE_USERS." where id=\"".$id."\"" );
return clean( $name );
}
public function getcontactdata( $id )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$result = fetchAssoc( "select `username`, `email`, `contact_name`, `language` from ".TABLE_USERS." where id=\"".$id."\"" );
if ( !$result )
{
return 0;
}
foreach ( $result as $key => $value )
{
$result[$key] = clean( $result[$key] );
}
return $result;
}
public function getuserbyusername( $username )
{
global $db;
$id = fetchRow( "select `id` from ".TABLE_USERS." where username like \"".$username."\"" );
if ( !$id )
{
return 0;
}
$result = getUser( $id );
return $result;
}
public function getuserinfo( $id )
{
global $db;
$result = fetchAssoc( "select * from ".TABLE_USERS." where id='{$id}'" );
return $result;
}
public function getuser( $id = "" )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
global $appearance_settings;
$date_format = $appearance_settings['date_format'];
$result = fetchAssoc( "select *, ".TABLE_USERS.".`ip` as register_ip, date_format(`registration_date`,'{$date_format}') as date_nice, ( ".TABLE_BLOCKED_IPS.".ip is not null ) as blocked from ".TABLE_USERS." left join ".TABLE_BLOCKED_IPS." on ".TABLE_USERS.".ip = ".TABLE_BLOCKED_IPS.".ip where id='{$id}'" );
if ( !$result )
{
return 0;
}
if ( $result['store'] )
{
$result['store_expires_nice'] = fetchRow( "select date_format(`date_expires`,'{$date_format}') from ".TABLE_OPTIONS." where `object_id` = {$id} and `option` = 'store'" );
}
else
{
$act = fetchAssoc( "select * from ".TABLE_ACTIONS." where `type` like 'store' and `user_id` = '{$id}' order by `date` desc limit 1" );
if ( $act )
{
$result['store_pending'] = $act['pending'];
}
}
if ( $result['contact_name'] )
{
$result['url_name'] = _urlencode( $result['contact_name'] );
}
else
{
$result['url_name'] = _urlencode( $result['username'] );
}
foreach ( $result as $key => $value )
{
$result[$key] = clean( $result[$key] );
}
$Var_2568->fields( "uf" );
$f = $Var_2568;
$fields = getFieldsArray( $result['group'] );
setFields( $fields );
foreach ( $fields as $field )
{
$fname = $field['caption'];
if ( $field['type'] == "checkbox_group" || $field['type'] == "multiselect" )
{
$result[$fname] = explode( "|", $result[$fname] );
}
else if ( $field['type'] == "date" )
{
if ( $result[$fname] && $result[$fname] != "0000-00-00" )
{
$result['vis'][$fname] = format_date_str( $result[$fname], $field['date_format'] );
}
else
{
$result[$fname] = "";
}
}
else if ( $field['type'] != "depending" && ( $field['validation_type'] == "numeric" || $field['type'] == "price" ) )
{
$result['formatted'][$fname] = format_numeric( $result[$fname] );
}
else if ( $field['type'] == "textarea" )
{
$result['formatted'][$fname] = str_replace( "\n", "<br>", $result[$fname] );
}
else if ( $field['type'] == "youtube" && $result[$fname] )
{
global $config_abs_path;
require_once( $config_abs_path."/include/patterns.php" );
$result[$fname] = formatvideo( $result[$fname] );
}
}
global $crt_lang;
if ( $result['language'] != $crt_lang )
{
$Var_5448->languages( );
$language = $Var_5448;
$result = translateFieldsElements( $result, "uf" );
}
return $result;
}
public function getnolistings( $id = 0 )
{
global $db;
if ( !$id )
{
$id = $this->id;
}
$no = fetchRow( "select count(*) from ".TABLE_ADS." where user_id=\"".$id."\"" );
return $no;
}
public function count( $group = "" )
{
global $db;
$where = "";
if ( $group )
{
$where = " where `group` = {$group}";
}
$no = fetchRow( "select count(*) from ".TABLE_USERS.$where );
return $no;
}
public function getno( $search = "" )
{
global $db;
if ( $search != "" )
{
$where = " where username like '%{$search}%'";
}
else
{
$where = "";
}
$no = fetchRow( "select count(*) from ".TABLE_USERS.$where );
return $no;
}
public function getnoactive( )
{
global $db;
$no = fetchRow( "select count(*) from ".TABLE_USERS." where active=1" );
return $no;
}
public function getuserswithads( )
{
global $db;
$res = query( "select ".TABLE_USERS.".id from ".TABLE_USERS." right join ".TABLE_ADS." on ".TABLE_USERS.".id=".TABLE_ADS.".user_id group by ".TABLE_USERS.".id;" );
return numRows( $res );
}
public function getuserswithstore( )
{
global $db;
$no = fetchRow( "select count(*) from ".TABLE_USERS." where `store` = 1;" );
return $no;
}
public function getuserswithbulkuploads( )
{
global $db;
$no = fetchRow( "select count(*) from ".TABLE_USERS." where `bulk_uploads` = 1;" );
return $no;
}
public function getnoinactive( )
{
global $db;
$no = fetchRow( "select count(*) from ".TABLE_USERS." where active=0" );
return $no;
}
public function getnopages( $no_per_page )
{
$total = count( );
if ( $total == 0 )
{
return 1;
}
return ceil( $total / $no_per_page );
}
public function getall( $group = "" )
{
global $db;
if ( $group )
{
$where = " where `group` = {$group}";
}
else
{
$where = "";
}
$array = fetchAssocList( "select * from ".TABLE_USERS." {$where} order by username" );
$i = 0;
$array_usr = array( );
foreach ( $array as $result )
{
$array_usr[$i] = $result;
if ( $i % 2 )
{
$array_usr[$i]['style'] = "_odd";
}
else
{
$array_usr[$i]['style'] = "_even";
}
++$i;
}
return $array_usr;
}
public function getlatestusers( $no )
{
global $db;
global $appearance_settings;
$date_format = $appearance_settings['date_format'];
$sql = "select username, id, date_format(registration_date,\"".$date_format."\") as `date` from ".TABLE_USERS." order by registration_date desc limit ".$no;
$array_users = fetchAssocList( $sql );
$i = 0;
foreach ( $array_users as $row )
{
$array_users[$i]['listings'] = listings::getNoListings( $row['id'] );
++$i;
}
return $array_users;
}
public function getloginhistory( $page, $no_per_page, $search = "" )
{
global $db;
$start = ( $page - 1 ) * $no_per_page;
if ( $search != "" )
{
$where = " where username like '%{$search}%'";
}
else
{
$where = "";
}
$sql = "select username from ".TABLE_USERS." {$where} order by username asc limit {$start}, {$no_per_page}";
$array = fetchRowList( $sql );
$i = 0;
$array_users = array( );
$Var_960->auth( );
$auth = $Var_960;
if ( $page == 1 && !$search )
{
global $settings;
$admin_username = $settings['admin_username'];
$array_users[$i]['username'] = $admin_username;
$login_info = getLastLogin( $admin_username );
$array_users[$i]['login_info'] = $login_info;
if ( $i % 2 )
{
$array_users[$i]['style'] = "_odd";
}
else
{
$array_users[$i]['style'] = "_even";
}
++$i;
}
foreach ( $array as $result )
{
$array_users[$i]['username'] = $result;
$login_info = getLastLogin( $result );
$array_users[$i]['login_info'] = $login_info;
if ( $i % 2 )
{
$array_users[$i]['style'] = "_odd";
}
else
{
$array_users[$i]['style'] = "_even";
}
++$i;
}
return $array_users;
}
public function searchusers( $post_array, $page, $no_per_page, $order, $order_way )
{
global $db;
global $lng;
global $crt_lang;
global $appearance_settings;
$date_format = $appearance_settings['date_format'];
$start = ( $page - 1 ) * $no_per_page;
$where = "";
foreach ( $post_array as $key => $value )
{
if ( !$key || $value == "" )
{
continue;
}
switch ( $key )
{
case "id" :
break;
case "group" :
}
$where .= " and ".TABLE_USERS.".`{$key}` = '{$value}' ";
break;
switch ( $key )
{
case "username" :
break;
case "contact_name" :
break;
case "email" :
break;
case "ip" :
}
$where .= " and ".TABLE_USERS.".`{$key}` like '{$value}' ";
break;
switch ( $key )
{
case "date_from" :
$where .= " and ".TABLE_USERS.".`registration_date` >= '{$value}' ";
break;
case "date_to" :
$where .= " and ".TABLE_USERS.".`registration_date` <= '{$value}' ";
}
}
$no_users = getNoSearchUsers( $where );
setNoUsers( $no_users );
$group = "";
$join_ads = "";
$no_ads = "";
if ( $order == "listings" )
{
$group = "group by ".TABLE_USERS.".id";
$join_ads = "left join ".TABLE_ADS." on ".TABLE_USERS.".id=".TABLE_ADS.".user_id ";
$no_ads = " count(".TABLE_ADS.".user_id) as listings,";
}
$sql = "select ".TABLE_USERS.".*, date_format(registration_date,'".$date_format."') as date, ".TABLE_BLOCKED_IPS.".`ip` as blocked, {$no_ads} ".TABLE_USER_GROUPS."_lang.`name` as `group_name`, (".TABLE_USER_GROUPS.".admin_verification=1 and ".TABLE_USERS.".active=0) as pending, ".TABLE_ACTIONS.".`invoice` from ".TABLE_USERS." \n{$join_ads}\nleft join ".TABLE_BLOCKED_IPS." on ".TABLE_USERS.".`ip`=".TABLE_BLOCKED_IPS.".ip \nleft join ".TABLE_USER_GROUPS."_lang on ".TABLE_USERS.".`group`=".TABLE_USER_GROUPS."_lang.`id` \nleft join ".TABLE_USER_GROUPS." on ".TABLE_USERS.".`group`=".TABLE_USER_GROUPS.".`id` \nleft join ".TABLE_ACTIONS." on ".TABLE_USERS.".id=".TABLE_ACTIONS.".`user_id` and ( ".TABLE_ACTIONS.".`type` = 'store' )\nwhere ".TABLE_USER_GROUPS."_lang.`lang_id` = '".$crt_lang."' {$where} \n{$group} order by `".$order."` ".$order_way." limit ".$start.", ".$no_per_page;
$array = fetchAssocList( $sql );
$i = 0;
$array_users = array( );
foreach ( $array as $result )
{
if ( $order != "listings" )
{
$array_users[$i]['listings'] = listings::getNoListings( $result['id'] );
}
foreach ( $result as $key => $value )
{
$array_users[$i][$key] = clean( $result[$key] );
}
if ( $array_users[$i]['blocked'] )
{
$array_users[$i]['blocked'] = 1;
}
else
{
$array_users[$i]['blocked'] = 0;
}
$array_users[$i]['pending_actions'] = array( );
$array_users[$i]['pending_info'] = "";
if ( $result['invoice'] )
{
$array_users[$i]['pending_actions'] = fetchAssocList( "select * from ".TABLE_ACTIONS." where `invoice` = ".$result['invoice']." and pending = 1" );
foreach ( $array_users[$i]['pending_actions'] as $action )
{
if ( $action['type'] == "store" )
{
$array_users[$i]['pending_info'] .= $lng['users']['pending_store']."<br />";
}
}
}
if ( $i % 2 )
{
$array_users[$i]['style'] = "_odd";
}
else
{
$array_users[$i]['style'] = "_even";
}
++$i;
}
return $array_users;
}
public function getnosearchusers( $where )
{
global $db;
if ( $where )
{
$where = " where ".substr( $where, 4 );
}
$total = fetchRow( "select count(*) from ".TABLE_USERS.$where );
return $total;
}
public function getnousers( )
{
return $this->no_users;
}
public function setnousers( $no )
{
$this->no_users = $no;
}
public function user_exists( $str, $id = "" )
{
global $db;
if ( $id )
{
$str_id = " and id!=".$id;
}
else
{
$str_id = "";
}
$res = query( "select * from ".TABLE_USERS." where username like '{$str}'".$str_id );
if ( numRows( $res ) )
{
return 1;
}
return 0;
}
public function exists( $id )
{
global $db;
$res = query( "select * from ".TABLE_USERS." where id='{$id}'" );
if ( numRows( $res ) )
{
return 1;
}
return 0;
}
public function email_exists( $str, $id = "" )
{
global $db;
if ( $id )
{
$str_id = " and id!=".$id;
}
else
{
$str_id = "";
}
$res = query( "select * from ".TABLE_USERS." where email like '{$str}'".$str_id );
if ( numRows( $res ) )
{
return 1;
}
return 0;
}
public function geterror( )
{
return $this->error;
}
public function adderror( $str )
{
$this->error .= $str;
}
public function seterror( $str )
{
$this->error = $str;
}
public function getinfo( )
{
return $this->info;
}
public function setinfo( $str )
{
$this->info = $str;
}
public function gettmp( )
{
return $this->tmp;
}
public function check_edit_info( $id )
{
global $lng;
$this->error = "";
$this->tmp = array( );
$Var_264->auth( );
$auth = $Var_264;
$is_admin = 0;
if ( adminLoggedIn( ) )
{
$is_admin = 1;
}
if ( $is_admin )
{
global $config_demo;
if ( $config_demo == 1 )
{
addError( $lng['general']['errors']['demo']."<br />" );
}
}
if ( !$_POST['email'] )
{
addError( $lng['users']['errors']['email_missing']."<br />" );
}
else if ( !validator::valid_email( $_POST['email'] ) )
{
addError( $lng['users']['errors']['invalid_email']."<br />" );
}
else if ( email_exists( escape( $_POST['email'] ), $id ) )
{
addError( $lng['users']['errors']['email_exists']."<br />" );
}
else if ( !$is_admin && blocked_emails::isBlocked( escape( $_POST['email'] ) ) )
{
addError( $lng['users']['errors']['email_not_permitted']."<br />" );
}
if ( isset( $_POST['group'] ) && $_POST['group'] != "" )
{
$group = escape( $_POST['group'] );
}
else
{
$group = getGroup( $id );
}
$Var_2496->fields_process( "uf" );
$fields = $Var_2496;
if ( $is_admin || usernameEditable( ) )
{
global $settings;
if ( !$_POST['username'] )
{
addError( $lng['users']['errors']['username_missing']."<br />" );
}
else if ( user_exists( escape( $_POST['username'] ), $id ) )
{
addError( $lng['users']['errors']['username_exists']."<br />" );
}
else if ( escape( $_POST['username'] ) == $settings['admin_username'] )
{
addError( $lng['users']['errors']['username_exists']."<br />" );
}
else if ( !validator::valid_username( $_POST['username'] ) )
{
addError( $lng['users']['errors']['invalid_username']."<br />" );
}
$this->tmp['username'] = clean( $_POST['username'] );
}
if ( $is_admin && isset( $_POST['credits'] ) && !is_numeric( $_POST['credits'] ) )
{
addError( $lng['users']['errors']['invalid_no_credits']."<br />" );
}
setEdit( 1 );
check_form_fields( $group );
if ( getError( ) != "" )
{
addError( getError( ) );
}
$old_data = getUser( $id );
$store = $old_data['store'];
$store_banner = $old_data['store_banner'];
if ( $store && isset( $_FILES['store_banner']['name'] ) && $_FILES['store_banner']['name'] )
{
global $config_abs_path;
$dir = $config_abs_path."/images/store";
$Var_5688->image( "store_banner", $dir, "store" );
$img = $Var_5688;
if ( !verify( ) )
{
addError( getError( ) );
}
}
if ( getError( ) != "" )
{
$this->tmp['id'] = $id;
if ( isset( $_POST['email'] ) )
{
$this->tmp['email'] = $_POST['email'];
}
else
{
$this->tmp['email'] = "";
}
if ( isset( $_POST['contact_name'] ) )
{
$this->tmp['contact_name'] = $_POST['contact_name'];
}
else
{
$this->tmp['contact_name'] = "";
}
if ( $is_admin )
{
$this->tmp['no_credits'] = $_POST['no_credits'];
}
$this->tmp['store'] = $store;
$this->tmp['store_banner'] = $store_banner;
$this->tmp['tmp_fields'] = getTmp( );
foreach ( $this->tmp['tmp_fields'] as $key => $value )
{
$this->tmp[$key] = $value;
}
}
return 1;
}
public function check_form( $group = "" )
{
global $db;
$Var_96->auth( );
$auth = $Var_96;
$is_admin = 0;
if ( adminLoggedIn( ) )
{
$is_admin = 1;
}
global $lng;
$this->error = "";
$this->tmp = array( );
global $settings;
$captcha = $settings['register_captcha'];
if ( $is_admin && ( !$_POST['group'] || !is_numeric( $_POST['group'] ) ) )
{
addError( $lng['users']['errors']['group_missing']."<br />" );
}
if ( $is_admin && isset( $_POST['credits'] ) && !is_numeric( $_POST['credits'] ) )
{
addError( $lng['users']['errors']['invalid_no_credits']."<br />" );
}
if ( !$_POST['username'] )
{
addError( $lng['users']['errors']['username_missing']."<br />" );
}
else if ( user_exists( escape( $_POST['username'] ) ) )
{
addError( $lng['users']['errors']['username_exists']."<br />" );
}
else if ( escape( $_POST['username'] ) == $settings['admin_username'] )
{
addError( $lng['users']['errors']['username_exists']."<br />" );
}
else if ( !validator::valid_username( $_POST['username'] ) )
{
addError( $lng['users']['errors']['invalid_username']."<br />" );
}
if ( !$_POST['email'] )
{
addError( $lng['users']['errors']['email_missing']."<br />" );
}
else if ( !validator::valid_email( $_POST['email'] ) )
{
addError( $lng['users']['errors']['invalid_email']."<br />" );
}
else if ( email_exists( escape( $_POST['email'] ) ) )
{
addError( $lng['users']['errors']['email_exists']."<br />" );
}
else if ( !$is_admin && blocked_emails::isBlocked( escape( $_POST['email'] ) ) )
{
addError( $lng['users']['errors']['email_not_permitted']."<br />" );
}
else if ( escape( $_POST['email'] ) == $settings['admin_email'] )
{
addError( $lng['users']['errors']['email_exists']."<br />" );
}
if ( !$_POST['password'] || !$_POST['password1'] )
{
addError( $lng['users']['errors']['password_missing']."<br />" );
}
else if ( strcmp( $_POST['password'], $_POST['password1'] ) )
{
addError( $lng['users']['errors']['passwords_dont_match']."<br />" );
}
if ( !$is_admin && $captcha && !checkvalidationimage( ) )
{
addError( $lng['users']['errors']['invalid_validation_string']."<br />" );
}
$Var_5280->fields_process( "uf" );
$fields = $Var_5280;
if ( !$group )
{
if ( isset( $_POST['group'] ) && $_POST['group'] != "" )
{
$group = escape( $_POST['group'] );
}
else
{
$group = "";
}
}
if ( $group )
{
check_form_fields( $group );
if ( getError( ) != "" )
{
addError( getError( ) );
}
$Var_6096->groups( );
$gr = $Var_6096;
$store = getStore( $group );
if ( 0 < $store && isset( $_FILES['store_banner']['name'] ) && $_FILES['store_banner']['name'] )
{
global $config_abs_path;
$dir = $config_abs_path."/images/store";
$Var_6696->image( "store_banner", $dir, "store" );
$img = $Var_6696;
if ( !verify( ) )
{
addError( getError( ) );
}
}
}
if ( getError( ) != "" )
{
$array_fields = array( "username", "email", "contact_name" );
if ( $is_admin && isset( $_POST['group'] ) )
{
$this->tmp['group'] = $_POST['group'];
}
else
{
$this->tmp['group'] = "";
}
if ( $is_admin )
{
$this->tmp['no_credits'] = $_POST['no_credits'];
}
foreach ( $array_fields as $f )
{
if ( isset( $_POST[$f] ) )
{
$this->tmp[$f] = clean( $_POST[$f] );
}
else
{
$this->tmp[$f] = "";
}
}
$this->tmp['tmp_fields'] = getTmp( );
foreach ( $this->tmp['tmp_fields'] as $key => $value )
{
$this->tmp[$key] = $value;
}
}
return 1;
}
public function check_change_password( )
{
global $lng;
$this->error = "";
global $config_demo;
if ( $config_demo == 1 )
{
addError( $lng['general']['errors']['demo']."<br />" );
}
if ( !$_POST['password'] || !$_POST['password1'] )
{
addError( $lng['users']['errors']['password_missing']."<br />" );
return 1;
}
if ( strcmp( $_POST['password'], $_POST['password1'] ) )
{
addError( $lng['users']['errors']['passwords_dont_match']."<br />" );
}
return 1;
}
public function add( $group = "" )
{
global $db;
global $lng;
$Var_144->auth( );
$auth = $Var_144;
$is_admin = adminLoggedIn( );
$this->clean = array( );
if ( $group )
{
check_form( $group );
}
else
{
check_form( );
}
if ( getError( ) != "" )
{
return 0;
}
if ( $is_admin )
{
$clean['group'] = escape( $_POST['group'] );
}
else
{
$clean['group'] = $group;
}
if ( $is_admin )
{
$clean['no_credits'] = escape( $_POST['no_credits'] );
}
$array_fields = array( "username", "email" );
foreach ( $array_fields as $f )
{
$clean[$f] = escape( $_POST[$f] );
}
$password = mysql_real_escape_string( $_POST['password'] );
$clean['password'] = encode( $password );
$clean['registration_date'] = date( "Y-m-d H:i:s" );
$clean['ip'] = $_SERVER['REMOTE_ADDR'];
$Var_2088->groups( );
$gr = $Var_2088;
$group_settings = getGroup( $clean['group'] );
$activate_account = $group_settings['activate_account'];
$admin_verification = $group_settings['admin_verification'];
if ( $group_settings['store'] == 2 )
{
$clean['store'] = 1;
}
else
{
$clean['store'] = 0;
}
if ( $group_settings['bulk_uploads'] == 1 )
{
$clean['bulk_uploads'] = 1;
}
else
{
$clean['bulk_uploads'] = 0;
}
$clean['store_banner'] = "";
if ( $clean['store'] && isset( $_FILES['store_banner']['name'] ) && $_FILES['store_banner']['name'] )
{
global $config_abs_path;
$dir = $config_abs_path."/images/store";
$Var_3408->image( "store_banner", $dir, "store" );
$img = $Var_3408;
setGenerate( 1 );
verify( );
if ( upload( ) )
{
$clean['store_banner'] = getUploadedFile( );
}
else
{
$clean['store_banner'] = "";
}
}
if ( $is_admin == 1 )
{
$clean['active'] = 1;
}
else if ( $activate_account || $admin_verification )
{
$clean['active'] = 0;
}
else
{
$clean['active'] = 1;
}
$insert_array = array( "group", "username", "email", "password", "ip", "registration_date", "active", "store", "store_banner", "bulk_uploads", "language" );
global $crt_lang;
$clean['language'] = $crt_lang;
$sql = "insert into ".TABLE_USERS." SET ";
$i = 0;
foreach ( $insert_array as $f )
{
if ( $i )
{
$sql .= ", ";
}
$sql .= "`{$f}` = '".$clean[$f]."'";
++$i;
}
if ( $is_admin && isset( $clean['no_credits'] ) )
{
$sql .= ", `no_credits` = '".$clean['no_credits']."'";
}
$Var_5424->fields_process( "uf" );
$fields = $Var_5424;
$sql .= add_fields( $clean['group'] );
$res = query( $sql );
$last_id = insertId( );
if ( $is_admin )
{
return 1;
}
if ( $activate_account )
{
setInfo( $lng['users']['info']['activate_account'] );
}
else if ( $admin_verification )
{
setInfo( $lng['users']['info']['awaiting_admin_verification'] );
}
else
{
setInfo( $lng['users']['info']['welcome_user'] );
}
if ( $activate_account || $clean['active'] )
{
global $mail_settings;
if ( empty( $mail_settings['mail_settings'] ) && $mail_settings['mail_settings'] )
{
$mail_settings = settings::getMailSettings( );
}
$html_mails = $mail_settings['html_mails'];
if ( isset( $clean['contact_name'] ) && $clean['contact_name'] )
{
$contact_name = $clean['contact_name'];
}
else
{
$contact_name = $clean['username'];
}
if ( $activate_account )
{
global $config_live_site;
$activation_code = generate_random( );
$res_act = query( "update ".TABLE_USERS." set activation='{$activation_code}' where username like '".$clean['username']."'" );
if ( !$html_mails )
{
$act_link = $config_live_site."/activate_account.php?user=".urlencode( $clean['username'] )."&activation=".$activation_code;
}
else
{
$lnk = $config_live_site."/activate_account.php?user=".urlencode( $clean['username'] )."&activation=".$activation_code;
$act_link = "<a href=\"".$lnk."\">".$lnk."</a>";
}
}
else
{
$act_link = "";
}
$Var_8496->mails( );
$mail2send = $Var_8496;
init( $clean['email'], $contact_name );
$array_subject = array( );
$array_message = array( "user" => $clean, "username" => $clean['username'], "password" => $password, "link" => $act_link, "activation" => $activate_account, "admin_verification" => $admin_verification );
composeAndSend( "registration", $array_message, $array_subject );
}
global $settings;
if ( $settings['send_mail_to_admin_when_registeres'] || $admin_verification )
{
if ( $clean['active'] )
{
$status = $lng['general']['active'];
}
else if ( $admin_verification )
{
$status = $lng['users']['waiting_admin_activation'];
}
else if ( $activate_account )
{
$status = $lng['users']['waiting_mail_activation'];
}
else
{
$status = $lng['general']['inactive'];
}
$Var_9888->mails( );
$mail2send = $Var_9888;
init( );
$array_subject = array( );
$array_message = array( "user" => $clean, "username" => $clean['username'], "admin_verification" => $admin_verification, "status" => $status, "group" => $group_settings['name'] );
composeAndSend( "admin_new_account", $array_message, $array_subject );
}
return 1;
}
public function edit_info( $id )
{
global $db;
global $lng;
$this->clean = array( );
$Var_240->auth( );
$auth = $Var_240;
$is_admin = 0;
if ( loggedIn( ) && crtUserId( ) != $id )
{
header( "Location: not_authorized.php" );
exit( 0 );
}
else if ( adminLoggedIn( ) )
{
$is_admin = 1;
}
else if ( !loggedIn( ) )
{
header( "Location: not_authorized.php" );
exit( 0 );
}
check_edit_info( $id );
if ( getError( ) != "" )
{
return 0;
}
if ( $is_admin )
{
$clean['group'] = escape( $_POST['group'] );
}
else
{
$clean['group'] = getGroup( $id );
}
$clean['email'] = escape( $_POST['email'] );
if ( $is_admin )
{
$clean['no_credits'] = escape( $_POST['no_credits'] );
}
$Var_1704->fields_process( "uf" );
$fields = $Var_1704;
$username_editable = usernameEditable( );
if ( $is_admin || $username_editable )
{
$clean['username'] = escape( $_POST['username'] );
}
$Var_2136->groups( );
$gr = $Var_2136;
$group_settings = getGroup( $clean['group'] );
$store = allowStoreBanner( $id );
$clean['store_banner'] = "";
if ( $store && isset( $_FILES['store_banner']['name'] ) && $_FILES['store_banner']['name'] )
{
global $config_abs_path;
$dir = $config_abs_path."/images/store";
$Var_2952->image( "store_banner", $dir, "store" );
$img = $Var_2952;
setGenerate( 1 );
verify( );
if ( upload( ) )
{
$clean['store_banner'] = getUploadedFile( );
}
else
{
$clean['store_banner'] = "";
}
}
if ( $is_admin )
{
$update_array = array( "group", "email", "username", "language" );
}
else
{
$update_array = array( "group", "email", "language" );
if ( $username_editable )
{
array_push( $update_array, "username" );
}
}
global $crt_lang;
$clean['language'] = $crt_lang;
$sql = "update ".TABLE_USERS." SET ";
$i = 0;
foreach ( $update_array as $f )
{
if ( $i )
{
$sql .= ", ";
}
$sql .= "`{$f}` = '".$clean[$f]."'";
++$i;
}
if ( $is_admin && isset( $clean['no_credits'] ) )
{
$sql .= ", `no_credits` = '".$clean['no_credits']."'";
}
if ( $clean['store_banner'] )
{
$sql .= ", `store_banner` = '".$clean['store_banner']."'";
}
setEdit( 1 );
$sql .= add_fields( $clean['group'] );
$sql .= " where `id` = {$id}";
$res = query( $sql );
setInfo( $lng['users']['info']['account_info_updated'] );
return 1;
}
public function change_password( $id )
{
global $db;
global $lng;
if ( !$id )
{
return 0;
}
$this->clean = array( );
check_change_password( );
if ( getError( ) != "" )
{
return 0;
}
$clean['password'] = encode( escape( $_POST['password'] ) );
$res = query( "update ".TABLE_USERS." set `password` = \"".$clean['password']."\" where id=".$id.";" );
$res = query( "delete from ".TABLE_PASSWORD_RECOVERY." where user_id='{$id}'" );
setInfo( $lng['users']['info']['password_changed'] );
return 1;
}
public function validaccount( $user, $passhash )
{
global $db;
$res = query( "select * from ".TABLE_USERS." where `username` like '{$user}' and `password` like '{$passhash}' and `active`=1" );
if ( numRows( $res ) )
{
return 1;
}
return 0;
}
public function checkidentity( $user, $identity )
{
global $db;
$res = query( "select * from ".TABLE_USERS." where `identity` like '{$identity}' and `active`=1" );
if ( numRows( $res ) )
{
return 1;
}
return 0;
}
public function getuserpasswithidentity( $identity, $auth_provider )
{
global $db;
$arr = fetchAssoc( "select `username`, `password` from ".TABLE_USERS." where `identity` like '{$identity}' and `auth_provider` like '{$auth_provider}' and `active`=1" );
return $arr;
}
public function generaterecoverykey( $id )
{
global $db;
$timestamp = date( "Y-m-d H:i:s" );
$activation_code = generate_random( );
$res = query( "delete from ".TABLE_PASSWORD_RECOVERY." where user_id='{$id}'" );
$res = query( "insert into ".TABLE_PASSWORD_RECOVERY." values ('{$id}', '{$activation_code}', '{$timestamp}')" );
return $activation_code;
}
public function getkeyuser( $key )
{
global $db;
$res = query( "select user_id from ".TABLE_PASSWORD_RECOVERY." where activation like '{$key}'" );
if ( !numRows( $res ) )
{
return 0 - 1;
}
return fetchRow( );
}
public function getidbyemail( $email )
{
global $db;
$res = query( "select id from ".TABLE_USERS." where email like '{$email}'" );
if ( !numRows( $res ) )
{
return 0;
}
return fetchRow( );
}
public function gettablefields( )
{
global $db;
$extra_fields = array( "registration_date_formatted", "listings", "blocked", "group_name", "pending", "invoice" );
$fields = getTableFields( TABLE_USERS );
$fields = array_merge( $fields, $extra_fields );
return $fields;
}
public function gettablecsvfields( $extra = 1 )
{
global $db;
$extra_fields = array( "registration_date_formatted", "listings", "blocked", "group_name", "pending", "invoice" );
$fields = getTableCSVFields( TABLE_USERS );
if ( !$extra )
{
return $fields;
}
foreach ( $extra_fields as $f )
{
$fields .= ",".$f;
}
return $fields;
}
public function exportusers( $type )
{
global $db;
global $lng;
global $appearance_settings;
global $ads_settings;
$date_format = $appearance_settings['date_format'];
$where = "";
$where_start = " where";
if ( isset( $_POST[$type."_group"] ) && is_numeric( $_POST[$type."_group"] ) )
{
$where .= $where_start." `group` = '".$_POST[$type."_group"]."'";
$where_start = " and";
}
if ( isset( $_POST[$type."_date_start"] ) && $_POST[$type."_date_start"] != "" )
{
$where .= $where_start." `registration_date` > '".escape( $_POST[$type."_date_start"] )."'";
$where_start = " and";
}
if ( isset( $_POST[$type."_date_end"] ) && $_POST[$type."_date_end"] != "" )
{
$where .= $where_start." `registration_date` < '".escape( $_POST[$type."_date_end"] )."'";
$where_start = " and";
}
if ( isset( $_POST[$type."_last"] ) )
{
$last = escape( $_POST[$type."_last"] );
}
else
{
$last = "";
}
if ( isset( $_POST[$type."_user_order_by"] ) && $_POST[$type."_user_order_by"] != "" )
{
$order_by = escape( $_POST[$type."_user_order_by"] );
}
else
{
$order_by = "registration_date";
}
if ( isset( $_POST[$type."_user_order_way"] ) && $_POST[$type."_user_order_way"] != "" )
{
$order_way = escape( $_POST[$type."_user_order_way"] );
}
else
{
$order_way = "desc";
}
global $crt_lang;
$sql = "select ".TABLE_USERS.".*, date_format(registration_date,'".$date_format."') as `registration_date_formatted`, count(".TABLE_ADS.".user_id) as listings, ".TABLE_BLOCKED_IPS.".`ip` as blocked, ".TABLE_USER_GROUPS."_lang.`name` as `group_name`, (".TABLE_USER_GROUPS.".admin_verification=1 and ".TABLE_USERS.".active=0) as pending, ".TABLE_ACTIONS.".`invoice` from ".TABLE_USERS." \n\t\tleft join ".TABLE_ADS." on ".TABLE_USERS.".id=".TABLE_ADS.".user_id \n\t\tleft join ".TABLE_BLOCKED_IPS." on ".TABLE_USERS.".`ip`=".TABLE_BLOCKED_IPS.".ip \n\t\tleft join ".TABLE_USER_GROUPS."_lang on ".TABLE_USERS.".`group`=".TABLE_USER_GROUPS."_lang.`id` \n\t\tleft join ".TABLE_USER_GROUPS." on ".TABLE_USERS.".`group`=".TABLE_USER_GROUPS.".`id` \n\t\tleft join ".TABLE_ACTIONS." on ".TABLE_USERS.".id=".TABLE_ACTIONS.".`user_id` and ( ".TABLE_ACTIONS.".`type` like 'store' )\n\t\twhere ".TABLE_USER_GROUPS."_lang.`lang_id` = '".$crt_lang."' \n\t\tgroup by ".TABLE_USERS.".id \n\t\torder by `".$order_by."` ".$order_way;
if ( 0 < $last )
{
$sql .= " limit ".$last;
}
return $sql;
}
public function moveusers( $from_group, $to_group )
{
global $db;
if ( !$from_group )
{
}
else if ( !$to_group )
{
}
else
{
query( "update ".TABLE_USERS." set `group` = {$to_group} where `group` = {$from_group}" );
return 1;
}
}
public function emptyfield( $crt_usr, $delete )
{
global $db;
query( "update ".TABLE_USERS." set `{$delete}` = '' where `id`={$crt_usr}" );
return 1;
}
public function setfields( $fields )
{
$this->fields = $fields;
}
public function getfields( )
{
return $this->fields;
}
public function getautocomplete( $term )
{
global $db;
$result = fetchRowList( "select `username` from ".TABLE_USERS." where `username` like '{$term}%' limit 10" );
return $result;
}
public function encode( $str )
{
return md5( $str );
}
public function getnocredits( $id )
{
global $db;
$no_credits = fetchRow( "select `no_credits` from ".TABLE_USERS." where `id`='{$id}'" );
if ( !$no_credits )
{
return 0;
}
return $no_credits;
}
}
?>
Function Calls
None |
Stats
MD5 | 38c0e1a710f9fed9b9bec99b9a9eac9b |
Eval Count | 0 |
Decode Time | 256 ms |