Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/netphim/code/admin/users/ |
<?php
global $func,$CORE,$DB;
$CORE->page_title = 'Update user';
$user_id = (isset($CORE->input['user_id']) && $CORE->input['user_id']>0) ? $CORE->input['user_id']: 0;
if($user_id>0) {
$row_user = $DB->fetch_row($DB->query("SELECT * FROM tb_user a LEFT JOIN tb_guest b ON a.user_id=b.user_id WHERE b.user_id='$user_id' "));
}else{
$row_user = $DB->get_colum_tb('tb_user');
$row_guest = $DB->get_colum_tb('tb_guest');
$row_user = array_merge($row_user,$row_guest);
$row_user['user_image'] = '';
}
if(isset($CORE->input['submitbt'])){
$user_id = (isset($CORE->input['user_id']) && $CORE->input['user_id']>0) ? $CORE->input['user_id']: 0;
$f = $CORE->input['f'];
$fullname = $f['guest_fullname'];
$guest_email = trim($f['guest_email']);
if($f['guest_email']!='') {
if(intval($user_id)>0){
$row_check_guest = $DB->fetch_row($DB->query("SELECT * FROM tb_guest WHERE guest_email='".$guest_email."' AND user_id!='$user_id' "));
if(!$row_check_guest){
$arr_update_guest = array('guest_fullname'=>trim($f['guest_fullname']),'guest_email'=>$guest_email);
$DB->do_update('tb_guest',$arr_update_guest," WHERE user_id='$user_id' ");
$arr_update_user = array('user_key'=>$guest_email,'user_type'=>$f['user_type']);
$DB->do_update(' tb_user ',$arr_update_user," WHERE user_id='$user_id' ");
}else{
close_popup('Email '.$guest_email.' already exists');
}
}else {
$row_check_guest = $DB->fetch_row($DB->query("SELECT * FROM tb_guest WHERE guest_email='".$guest_email."' "));
if(!$row_check_guest) {
//making password
$password = $func->make_password();
$password_hash = password_hash($password, PASSWORD_DEFAULT, ['cost' => 12]);
$arr_insert = array('user_key' => $guest_email, 'user_password_default' => $password, 'user_password_hash' => $password_hash, 'user_type' => $f['user_type'], 'user_status' => 'active', 'user_jointime' => time());
$user_id = $DB->do_insert('tb_user', $arr_insert);
//insert guest
$arr_guest = array('user_id' => $user_id, 'guest_fullname' => trim($f['guest_fullname']), 'guest_email' => $guest_email);
$v_guest_id = $DB->do_insert('tb_guest', $arr_guest);
}else{
close_popup('Email '.$guest_email.' already exists');
}
}
//upload image
if($_FILES['image_field']){
include 'lib/class.upload.php';
$v_folder = date('m-Y');
$handle = new upload($_FILES['image_field']);
if ($handle->uploaded) {
$v_image_name = $user_id.'_'.time().'_'.uniqid();
$handle->allowed = array('image/*');
$handle->file_new_name_body = $v_image_name;
$handle->file_max_size = '1000000';
$handle->image_convert = 'webp';
$year_now = date('Y');
$month_now = date('m');
$v_folder = "upload/user/".$year_now . "/" . $month_now;
if (!is_dir($v_folder)) {
mkdir($v_folder, 0755,true);
}
$handle->process(ROOT_PATH.$v_folder.'/');
$v_image_folder = $v_folder.'/'.$v_image_name.'.webp';
if ($handle->processed) {
if(isset($row_user_check['user_image']) and $row_user_check['user_image']!='') {
@unlink(ROOT_PATH .$row_user_check['user_image']);
}
smart_resize_image($v_image_folder, null, 200 , 200 , false , $v_image_folder , false , false ,100 );
$DB->query("UPDATE tb_user SET user_image='".$v_image_folder."' WHERE user_id='$user_id' ");
$DB->query("UPDATE tb_guest SET guest_avatar='".$v_image_folder."' WHERE user_id='$user_id' ");
$handle->clean();
} else {
$handle->clean();
close_popup('!Upload Error: '.$handle->error);
}
}
}
close_popup('Updated');
}
}
include 'include/block/header_popup.php';
?>
<div class="card">
<div class="card-header bg-success text-white">Update user</div>
<div class="card-body">
<?php
if($user_id>0){
if($row_user['user_password_default']!=''){
$txt_user_password_default = $row_user['user_password_default'];
}else{
$txt_user_password_default = 'Changed';
}
?>
<table class="table table-bordered mb-3">
<tr><td colspan="3">Username/password</td></tr>
<tr><th>Username</th><th>Password default</th><th>#</th></tr>
<tr><td><?php echo $row_user['user_key'];?></td><td><?php echo $txt_user_password_default;?></td>
<td><a href="javascript:void(0);" class="reset_pass btn btn-sm btn-info" rel="<?php echo $user_id;?>">Reset password</a></td>
</tr>
</table>
<?php } ?>
<form action="" method="post" enctype="multipart/form-data" id="form_hoan_tra">
<input type="hidden" value="<?php echo $user_id;?>" name="user_id">
<div class="row">
<div class="col-sm-4">
<div class="form-group">
<label>Fullname:</label>
<input type="text" value="<?php echo $row_user['guest_fullname'];?>" name="f[guest_fullname]" class="form-control" required>
</div>
</div>
<div class="col-sm-4">
<div class="form-group">
<label>Email:</label>
<input type="email" value="<?php echo $row_user['guest_email'];?>" name="f[guest_email]" class="form-control" required>
</div>
</div>
<div class="col-sm-4">
<div class="form-group">
<label>User type:</label>
<select class="form-control" name="f[user_type]" required>
<option value="">---</option>
<option value="cbnv" <?php if($row_user['user_type']=='cbnv'){ echo 'selected';}?>>Admin</option>
<option value="staff" <?php if($row_user['user_type']=='staff'){ echo 'selected';}?>>Staff</option>
<option value="guest" <?php if($row_user['user_type']=='guest'){ echo 'selected';}?>>Member</option>
</select>
</div>
</div>
</div>
<div class="row">
<div class="col-sm-12">
<div class="form-group">
<label>Avatar</label>
<input type="file" class="dropify form-control" name="image_field" data-default-file="<?php
if($row_user['guest_avatar']!='' and file_exists($row_user['guest_avatar'])){
echo $row_user['guest_avatar'];
}
?>" data-max-file-size="1M" data-allowed-file-extensions="png jpg gif webp" data-height="100">
</div>
</div>
</div>
<input type="submit" class="submit" style="display:none;" name="submitbt">
</form>
</div>
<div class="card-footer">
<a class="gui_yeu_cau btn btn-danger" href="javascript:void(0);">Submit</a>
<a class="dong m-l-5 btn btn-dark" href="javascript:void(0);">Close</a>
</div>
</div>
<script>
$('.mydatepicker, #datepicker').datepicker({
format: 'dd-mm-yyyy',
});
$('.gui_yeu_cau').click(function (){
$('#form_hoan_tra .submit').click();
return false;
});
$('.dong').click(function (){
window.close();
});
$('.reset_pass').click(function (){
var user_id = $(this).attr('rel');
$.ajax({url: "?act=admin&code=users&type=reset_pass&user_id="+user_id, success: function(result){
alert('Password changed!');
location.reload();
}});
});
</script>
<?php
include 'include/block/footer_popup.php';
exit();
?>