ACC SHELL
<?php
class User
{
//private $id = array();
private $id;
//private $username = array();
private $username;
//private $password = array();
private $password;
//private $email = array();
private $email;
private $profil;
private $pocetZaznamu = 0;
//private $offset = 0; // ukazuje na hodnotu pole
public $currentpage = 0;
public $totalpages = 0;
public $pagesize = 100;
// ukazuje na hodnotu pole
public $uzivatele = array('1', '2', '3');
public $userModules = array();
function __construct()
{
}
public function isImportant($id)
{
if (in_array($id, $this->uzivatele))
{
return true;
} else
{
return false;
}
}
public function insert($arr)
{
$result = dibi::query('INSERT INTO `users` ', $arr);
if ($result)
{
return dibi::insertId();
} else
{
return false;
}
}
public function doRegistration($arr)
{
$isUniq = dibi::select('*')
->from('users_login')
->where('email=%s', $arr['email'])
->or('login=%s', $arr['login'])
->count();
if ($isUniq > 0)
{
Tools::message('Takový email nebo login už je registrován', 'ERR');
return false;
}
$result = dibi::query('INSERT INTO `users_login` ', $arr);
if ($result)
{
return dibi::insertId();
} else
{
return false;
}
}
/**
*
* @param type $arr login, pwd = password
* @return type
*/
public function login($arr)
{
$user = dibi::select('*')
->from('users_login')
->where('login=%s', $arr['login'])
->and('password=%s', Tools::getPassword($arr['password']))
->fetch();
return $user;
}
/**
*
* @param type $arr login, pwd = password
* @return type
*/
public function permanentLogin($arr)
{
$user = dibi::select('*')
->from('users_login')
->where('login=%s', $arr['login'])
->and('password=%s', Tools::getPassword($arr['password']))
->and('token=%s', $arr['token'])
->fetch();
if ($user != false)
{
return $user;
} else
{
//Tools::message('Neplatné přihlašovací údaje', 'ERR');
return false;
}
}
public function update($arr)
{
$result = dibi::query('UPDATE `users` SET ', $arr, 'WHERE `id`=%i', $arr['id']);
if ($result)
{
return true;
} else
{
return false;
}
}
/**
* Updatuje prihlasovaci tabulku
* @param type $arr update Tokenu
* @return type
*/
public function updateLogin($arr)
{
$result = dibi::query('UPDATE `users_login` SET ', $arr, 'WHERE `id`=%i', $arr['id']);
if ($result)
{
return true;
} else
{
return false;
}
}
/**
* Nastavi prihlasovaci cookie
* @param type $arr update Tokenu
* @return type
*/
public function setCookie($arr)
{
setcookie($arr['name'], $arr['value'], $arr['expiry']);
}
/*
public function deleteUser($id, $table='users') {
if ($table == 'user_admin') {
return false;
}
$query = "DELETE FROM {$table} WHERE id='$id'";
if (dibi::query($query)) {
Tools::message('Vymazání proběhlo v pořádku.', 'OK');
} else {
Tools::message('Vymazání se nepovedlo.', 'ERR');
}
}
*/
public function updateUserNewsletteru($id, $email = "", $table = "user_admin")
{
$id = intval($id);
$email = mysql_real_escape_string($email);
$valid = true;
if (!empty($email))
{
$Validate = new Validate();
if (!$Validate->validateMail($email))
{
$valid = false;
}
}
if ($valid == true)
{
$select = mysql_query("SELECT id FROM {$table} WHERE email = '$email' AND id!='$id' LIMIT 1");
$this->setPocetZaznamuUser($select);
if ($this->getPocetZaznamuUser() == '0')
{
$query = "UPDATE $table SET email='$email' WHERE id = '$id'";
$result = mysql_query($query);
if ($result)
{
Tools::message('Úprava emailu odběratele newsletteru proběhla v pořádku.', 'OK');
} else
{
Tools::message('Úprava emailu odběratele newsletteru neproběhla v pořádku.', 'ERR');
}
} else
{
Tools::message('Odběratel newsletteru s takovým emailem už existuje.', 'ERR');
}
}
}
public function pridatUzivateleNewsletteru($email = "", $table = "users_newsletter")
{
$valid = true;
if (!empty($email))
{
$Validate = new Validate();
if (!$Validate->validateMail($email))
{
$valid = false;
}
$this->setEmail($email);
} else
{
$_SESSION['message_ko'][] = "Nebyl zadán platný email .";
}
if ($valid == true)
{
$query = "INSERT INTO {$table} (email, hash, datum_zalozeni) VALUES('$email', '" . md5($email) . "', now())";
$select = mysql_query("SELECT id FROM {$table} WHERE email = '$email' LIMIT 1");
$this->setPocetZaznamuUser($select);
if ($this->getPocetZaznamuUser() == '0')
{
$result = mysql_query($query);
if ($result)
{
Tools::message($_MSG['SAVED_OK']);
return mysql_insert_id();
}
} else
{
$_SESSION['message_ko'][] = "Uživatel s takovým emailem už existuje.";
}
}
}
//public function pridatUzivatele($login="", $password="", $email="", $profil = 1, $table="user_admin") {
public function pridatUzivatele($arr)
{
//Check na unikatnost loginu
$is_uniq = dibi::query('SELECT COUNT(id) FROM users WHERE login=%s', $login, ' LIMIT 1')->fetchSingle();
if ($is_uniq)
{
Tools::message('Uživatel s takovým jménem už existuje, vyberte jiné.', 'ERR');
return false;
}
if (dibi::query('INSERT INTO [users]', $arr))
{
Tools::message($_MSG['SAVED_OK']);
return dibi::insertId();
} else
{
Tools::message($_MSG['SAVED_NOK']);
return false;
}
}
public function getAdminTable()
{
if (isset($_SESSION['listuj']))
$this->pagesize = $_SESSION['listuj'];
if (isset($_GET['recordstart']))
{
$recordstart = (isset($_GET['recordstart'])) ? (int) $_GET['recordstart'] : 0;
}
else
$recordstart = 0;
$query = 'SELECT a.id, a.jmeno, a.prijmeni, a.email, a.registrovany, a.last_login, a.registrovany, a.group_id, c.name FROM users a ';
$query .= 'LEFT JOIN users_login b ON a.id_login = b.id ';
$query .= 'LEFT JOIN users_group c ON a.group_id = c.id ';
//$query .= 'WHERE a.registrovany=1 ';
$query .= 'ORDER BY id ASC';
$sql = dibi::query($query);
$num_rows = $sql->count();
if ($num_rows > $this->pagesize)
{
$query .= " LIMIT $recordstart, $this->pagesize";
$rows = dibi::query($query)->fetchAll();
} else
{
$rows = $sql->fetchAll();
}
//NDebugger::dump($rows);
$this->totalpages = ceil($num_rows / $this->pagesize);
$this->currentpage = ($recordstart / $this->pagesize) + 1;
if ($num_rows == 0)
{
echo "<tr>";
echo "<td colspan='8'>Žádný záznam</td>";
echo "</tr>";
} else
{
foreach ($rows as $row)
{
echo '<tr>';
echo '<td><input type="checkbox" name="checkbox[]" value="' . $row->id . '" /></td>';
echo '<td><a href="uzivatele_edit.php?id=' . $row->id . '" title="Editovat">' . $row->jmeno . ' ' . $row->prijmeni . '</td>';
echo '<td><a href="mailto:" title="Napsat">' . $row->email . '</td>';
echo '<td>' . datum_i_cas($row->last_login) . '</td>';
echo '<td>';
echo $row->registrovany == 1 ? 'Ano' : 'Ne';
echo '</td>';
echo '<td><a href="usergroup_edit.php?id=' . $row->group_id . '" title="Editovat">' . $row->name . '</td>';
echo '<td><a href="uzivatele_edit.php?id=' . $row->id . '" title="Editovat"><img src="images/iko/note_edit.png" alt="Editovat" /></a>';
echo '<a href="?smazat=' . $row->id . '" class="potvrzujiciLink" title="Smazat"><img src="images/iko/remove.png" alt="Smazat" /></a></td>';
echo '</tr>';
}
}
}
public function getAdminNewsletterTable($id = 0, $table = 'users_newsletter')
{
if (isset($_SESSION['listuj']))
$this->pagesize = $_SESSION['listuj'];
if (isset($_GET['recordstart']))
{
$recordstart = (isset($_GET['recordstart'])) ? (int) $_GET['recordstart'] : 0;
}
else
$recordstart = 0;
$query = "SELECT a.id, a.email, a.datum_zalozeni FROM {$table} a ORDER BY a.id ASC";
//echo $query;
//$this->debug($query);
$result = mysql_query($query);
if ($result)
{
$num_rows = mysql_num_rows($result);
} else
{
$num_rows = 0;
}
if ($num_rows > $this->pagesize)
{
$query .= " LIMIT $recordstart, $this->pagesize";
$result = mysql_query($query);
}
//$this->debug($query);
//echo "<br />celkem zaznamu: " . $num_rows . "<br />\n";
$this->totalpages = ceil($num_rows / $this->pagesize);
//echo "celkem stranek: " . $totalpages . "<br />\n";
$this->currentpage = ($recordstart / $this->pagesize) + 1;
if ($num_rows == 0)
{
echo "<tr>";
echo "<td colspan='4'>Není žádný registrovaný email pro newsletter.</td>";
echo "</tr>";
} else
{
while ($row = mysql_fetch_assoc($result))
{
echo '<tr>';
echo '<td><input type="checkbox" name="checkbox[]" value="' . $row['id'] . '" id="" ></td>';
echo '<td><a href="uzivatele_newsletter_edit.php?id=' . $row['id'] . '" title="Editovat">' . $row['email'] . '</td>';
echo '<td>' . datum_i_cas($row['datum_zalozeni']) . '</td>';
echo '<td><a href="uzivatele_newsletter_edit.php?id=' . $row['id'] . '" title="Editovat"><img src="images/iko/note_edit.png" alt="Editovat" /></a>';
echo '<a href="?smazat=' . $row['id'] . '" class="potvrzujiciLink" title="Smazat"><img src="images/iko/remove.png" alt="Smazat" /></a></td>';
echo '</tr>';
}
}
}
public function getInfoNewsletter($id = '', $table = 'users_newsletter')
{
//$id = intval($id);
if (!empty($id))
{
$query = "SELECT id, email, datum_zalozeni FROM $table WHERE id = '$id' LIMIT 1";
//$this->debug($query);
$result = mysql_query($query);
$this->setPocetZaznamuUser($result);
while ($row = mysql_fetch_object($result))
{
$this->setIdUzivatele($row->id);
$this->setEmail($row->email);
}
} else
{
$this->setIdUzivatele('');
$this->setEmail('');
}
}
public function fetchSingleById($id = false)
{
if ($id)
{
$row = dibi::query('SELECT a.*, b.id group_id
FROM users a
LEFT JOIN users_group b
ON a.group_id = b.id
WHERE a.id=%i', $id)->fetch();
return $row;
}
return false;
}
public function fetchSingle($id = false)
{
if ($id)
{
$row = dibi::query('SELECT a.*, b.id group_id, b.sleva
FROM users a
LEFT JOIN users_group b
ON a.group_id = b.id
WHERE a.id_login=%i', $id)->fetch();
return $row;
}
return false;
}
public function isLogged()
{
if (isset($_SESSION['user']) && $_SESSION['user'] != null)
{
return true;
}
return false;
}
public function zapomenuteHeslo($email)
{
if (!Validate::validateMail($email))
{
return false;
} else
{
$result = dibi::query('SELECT * FROM users_login WHERE email="' . $email . '" LIMIT 1')->fetchSingle();
if ($result)
{
$Tools = new Tools();
$password = $Tools->generujHeslo();
$mail = new NMail;
$mail->setFrom(EMAIL_FROM);
$mail->addTo($email);
if (MARTIN)
{
$mail->addBcc(MARTIN);
}
$mail->setSubject('Vygenerování nového hesla');
$mail_text = "Dobrý den,<br /><br /> někdo (pravděpodobně Vy) zažádal o vygenerování nového hesla.<br /><br />";
$mail_text .= "Heslo: " . $password . "<br /><br />";
$mail_text .= "Toto heslo si můžete změnit v editaci svého profilu.<br />";
$mail->setHTMLBody($mail_text);
$mail->send();
$query = "UPDATE users_login SET password= '" . Tools::getPassword($password) . "' WHERE email='" . $email . "'";
dibi::query($query);
Tools::message('Na Váš email bylo odesláno nově vygenerované heslo.', 'OK');
//exit;
Tools::redirect($_SERVER['HTTP_REFERER']);
} else
{
Tools::message('Nezadal jste platný email.', 'ERR');
}
}
}
}
ACC SHELL 2018