Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/thietkeweb2/code/admin/users/ |
<?php
$CORE->page_title = 'Cập nhật user';
$staff_id = (isset($CORE->input['staff_id']) && $CORE->input['staff_id']>0) ? $CORE->input['staff_id']: 0;
if($staff_id>0) {
$row_user = $DB->fetch_row($DB->query("SELECT * FROM tb_user a LEFT JOIN tb_staff b ON a.user_id=b.user_id WHERE b.staff_id='$staff_id' "));
}else{
$row_user = $DB->get_colum_tb('tb_staff');
$row_user['user_image'] = '';
}
if(isset($CORE->input['submitbt'])){
$f = $CORE->input['f'];
$fullname = $f['staff_fullname'];
$v_name_order = $func->generate_pupil_order($fullname);
$arr_student_name = explode(' ',$fullname);
$v_ten = trim($arr_student_name[count($arr_student_name)-1]);
if($f['staff_fullname']!='') {
if(intval($f['staff_id'])>0){
$DB->query("UPDATE `tb_staff` SET `staff_fullname` = '".$f['staff_fullname']."', `staff_lastname` = '".$v_ten."', `staff_email` = '".$f['staff_email']."', `staff_email365` = '', `staff_gender` = '".$f['staff_gender']."', `staff_birthday` = '".date('Y-m-d')."', `staff_address` = '', `staff_dantoc` = 0, `staff_mobile` = '', `staff_cmnd` = '', `staff_trinhdohocvan` = '', `staff_marry` = 0,`staff_group` = '".$f['staff_group']."', `staff_joindate` = '".date('Y-m-d')."',`staff_order`='".$v_name_order."' WHERE `staff_id` = '".$f['staff_id']."';");
$v_staff_id = intval($f['staff_id']);
$row_check = $DB->fetch_row($DB->query("SELECT * FROM `tb_staff` WHERE `staff_id` = '$v_staff_id' "));
$row_user_check = $DB->fetch_row($DB->query("SELECT * FROM tb_user WHERE user_id='".$row_check['user_id']."' "));
$user_id = $row_user_check['user_id'];
}else {
//making order name
$v_name_order = $func->generate_pupil_order($f['staff_fullname']);
//making password
$password = $func->make_password();
$password_hash = password_hash($password, PASSWORD_DEFAULT, ['cost' => 12]);
//create username
$txt_sub_name = '';
$txt_first_name = '';
foreach ($arr_student_name as $val){
if(trim($val)!=$v_ten){
$txt_first_name = $func->format_string(trim($val));
$txt_sub_name .= strtolower(substr($txt_first_name,0,1));
}
}
$txt_user_name = $func->format_string($v_ten).$txt_sub_name;
$row_check_user = $DB->fetch_row($DB->query("SELECT count(*) as total FROM tb_user WHERE user_key LIKE '%$txt_user_name%'"));
$v_chr_start = 1;
$flag = 1;
$v_chr_start = $row_check_user['total'];
if($v_chr_start>0) {
$txt_user_name = $txt_user_name . $v_chr_start;
}
while($DB->get_num_rows($DB->query("SELECT * FROM tb_user WHERE user_key='$txt_user_name' "))){
$flag = $v_chr_start+1;
$txt_user_name = str_replace($v_chr_start,$flag,$txt_user_name);
}
$DB->query("INSERT INTO `tb_user` ( `user_key`,`user_password_default`,`user_password_hash`,`user_type`, `user_last_login`,`user_status`,user_jointime) VALUES ('$txt_user_name', '$password', '$password_hash','staff', '1970-01-01 00:00:00','active','".time()."');");
$user_id = $DB->insert_id();
//insert teacher
$DB->query("INSERT INTO `tb_staff` ( `company_id`, `user_id`, `staff_fullname`, `staff_lastname`, `staff_email`, `staff_email365`, `staff_gender`, `staff_birthday`, `staff_address`, `staff_dantoc`, `staff_mobile`, `staff_cmnd`, `staff_trinhdohocvan`, `staff_marry`, `staff_joindate`, `staff_function`, `staff_group`, `staff_order`,`staff_status`) VALUES ( '100', '".$user_id."', '".$f['staff_fullname']."', '".$v_ten."', '".$f['staff_email']."', '', '".$f['staff_gender']."', '".date('Y-m-d')."', '', '', '', '', '', '', '".date('Y-m-d')."','','".$f['staff_group']."', '".$v_name_order."','0');");
$v_staff_id = $DB->insert_id();
}
//upload image
if($_FILES['image_field']){
include 'lib/class.upload.php';
$v_folder = date('m-Y');
$handle = new upload($_FILES['image_field']);
if ($handle->uploaded) {
$v_image_name = $v_staff_id.'_'.time().'_'.uniqid();
$handle->allowed = array('image/*');
$handle->file_new_name_body = $v_image_name;
$handle->file_max_size = '1000000';
$handle->image_convert = 'png';
$year_now = date('Y');
$month_now = date('m');
if(!is_dir("upload/user")){
mkdir("upload/user", 0777);
}
if (is_dir("upload/user/" . $year_now)) {
if (!is_dir("upload/user/" . $year_now . "/" . $month_now)) {
mkdir("upload/user/" . $year_now . "/" . $month_now, 0777);
}
} else {
mkdir("upload/user/" . $year_now, 0777);
if (!is_dir("upload/user/" . $year_now . "/" . $month_now)) {
mkdir("upload/user/" . $year_now . "/" . $month_now, 0777);
}
}
$v_folder = $year_now . "/" . $month_now;
$handle->process(ROOT_PATH.'upload/user/'.$v_folder.'/');
$v_image_folder = $v_folder.'/'.$v_image_name.'.png';
if ($handle->processed) {
if(isset($row_user_check['user_image']) and $row_user_check['user_image']!='') {
@unlink(ROOT_PATH . 'upload/user/'.$row_user_check['user_image']);
}
$DB->query("UPDATE tb_user SET user_image='".$v_image_folder."' WHERE user_id='$user_id' ");
$handle->clean();
} else {
$handle->clean();
close_popup('!Upload Error: '.$handle->error);
}
}
}
close_popup('Đã cập nhật');
}
}
include 'include/block/header_popup.php';
?>
<div class="card">
<div class="card-header bg-success text-white">Cập nhật user</div>
<div class="card-body">
<?php
if($staff_id>0){
if($row_user['user_password_default']!=''){
$txt_user_password_default = $row_user['user_password_default'];
}else{
$txt_user_password_default = 'Đã đổi';
}
?>
<table class="table table-bordered mb-3">
<tr><td colspan="3">Thông tin đăng nhập</td></tr>
<tr><th>Username</th><th>Password default</th><th>#</th></tr>
<tr><td><?php echo $row_user['user_key'];?></td><td><?php echo $txt_user_password_default;?></td>
<td><a href="javascript:void(0);" class="reset_pass btn btn-sm btn-info" rel="<?php echo $staff_id;?>">Reset password</a></td>
</tr>
</table>
<?php } ?>
<form action="" method="post" enctype="multipart/form-data" id="form_hoan_tra">
<input type="hidden" value="<?php echo $staff_id;?>" name="f[staff_id]">
<div class="row">
<div class="col-sm-6">
<div class="form-group">
<label>Họ tên:</label>
<input type="text" value="<?php echo $row_user['staff_fullname'];?>" name="f[staff_fullname]" class="form-control" required>
</div>
</div>
<div class="col-sm-6">
<div class="form-group">
<label>Email:</label>
<input type="email" value="<?php echo $row_user['staff_email'];?>" name="f[staff_email]" class="form-control" required>
</div>
</div>
</div>
<div class="row">
<div class="col-sm-12">
<div class="form-group">
<label>Avatar</label>
<input type="file" class="dropify form-control" name="image_field" data-default-file="<?php
if($row_user['user_image']!='' and file_exists('upload/user/'.$row_user['user_image'])){
echo 'upload/user/'.$row_user['user_image'];
}
?>" data-max-file-size="1M" data-allowed-file-extensions="png jpg gif" data-height="100">
</div>
</div>
</div>
<div class="row">
<div class="col-sm-6">
<div class="form-group">
<label>Giới tính:</label>
<select class="form-control" name="f[staff_gender]" required>
<option value="">---</option>
<option value="1" <?php if($row_user['staff_gender']==1){ echo 'selected';}?>>Nam</option>
<option value="2" <?php if($row_user['staff_gender']==2){ echo 'selected';}?>>Nữ</option>
<option value="3" <?php if($row_user['staff_gender']==3){ echo 'selected';}?>>Khác</option>
</select>
</div>
</div>
<div class="col-sm-6">
<div class="form-group">
<label>Group:</label>
<select class="form-control" name="f[staff_group]" required>
<option value="">---</option>
<option value="1" <?php if($row_user['staff_group']==1){ echo 'selected';}?>>Validator</option>
<option value="2" <?php if($row_user['staff_group']==2){ echo 'selected';}?>>Members</option>
<option value="3" <?php if($row_user['staff_group']==3){ echo 'selected';}?>>Super moderator</option>
<option value="4" <?php if($row_user['staff_group']==4){ echo 'selected';}?>>Admins</option>
<option value="5" <?php if($row_user['staff_group']==5){ echo 'selected';}?>>Guests</option>
</select>
</div>
</div>
</div>
<input type="submit" class="submit" style="display:none;" name="submitbt">
</form>
</div>
<div class="card-footer">
<a class="gui_yeu_cau btn btn-danger" href="javascript:void(0);">Cập nhật</a>
<a class="dong m-l-5 btn btn-dark" href="javascript:void(0);">Đóng</a>
</div>
</div>
<script>
$('.mydatepicker, #datepicker').datepicker({
format: 'dd-mm-yyyy',
});
$('.gui_yeu_cau').click(function (){
$('#form_hoan_tra .submit').click();
return false;
});
$('.dong').click(function (){
window.close();
});
$('.reset_pass').click(function (){
var staff_id = $(this).attr('rel');
$.ajax({url: "?act=admin&code=users&type=reset_pass&staff_id="+staff_id, success: function(result){
alert('Đã đổi mật khẩu.');
location.reload();
}});
});
</script>
<?php
include 'include/block/footer_popup.php';
exit();
?>