143 lines
5.7 KiB
PHP
143 lines
5.7 KiB
PHP
|
<?php
|
|||
|
class class_USERS{
|
|||
|
public $DB = NULL;
|
|||
|
public $URLS = NULL;
|
|||
|
public $Tusers = '';
|
|||
|
public $Tusers_statuses = '';
|
|||
|
public $Tteachers = '';
|
|||
|
public function __construct($html=1){
|
|||
|
GLOBAL $DB,$ST,$WorkDIR;
|
|||
|
$this->Tusers = $ST['dbpf'].'_users';
|
|||
|
$this->Tusers_statuses = $ST['dbpf'].'_users_statuses';
|
|||
|
$this->Tteachers = $ST['dbpf'].'_teachers';
|
|||
|
$this->chpu = new class_CHPU();
|
|||
|
$CHPU = new class_CHPU($WorkDIR);
|
|||
|
$this->URLS = $CHPU->uri();
|
|||
|
$this->DB = $DB;
|
|||
|
}
|
|||
|
|
|||
|
/**
|
|||
|
* Проверка на авторизацию пользователя
|
|||
|
* @throws SmartyException
|
|||
|
*/
|
|||
|
public function check(){
|
|||
|
GLOBAL $smarty,$WorkDIR;
|
|||
|
if($this->URLS[0]=='logout'){
|
|||
|
unset($_SESSION['user']);
|
|||
|
}
|
|||
|
if(!isset($_SESSION['user'])){
|
|||
|
if(isset($_POST['enter'])){
|
|||
|
$email = $_POST['email'];
|
|||
|
$passw = $_POST['password'];
|
|||
|
|
|||
|
$user = $this->check_user_auth($email,$passw);
|
|||
|
if(count($user)){
|
|||
|
header('Location: '.$WorkDIR);
|
|||
|
exit();
|
|||
|
}
|
|||
|
}
|
|||
|
$smarty->display('tpl_auth.html');
|
|||
|
exit();
|
|||
|
}else{
|
|||
|
$_SESSION['user']['statuses'] = $this->statuses($_SESSION['user']['id']);
|
|||
|
$_SESSION['user']['teachers'] = $this->teachers($_SESSION['user']['id']);
|
|||
|
}
|
|||
|
}
|
|||
|
public function check_user_auth($email,$passw){
|
|||
|
$out=array();
|
|||
|
$passw1=$passw;
|
|||
|
include_once '../inc/ps01salt.php';
|
|||
|
/**
|
|||
|
* @var array $ps01salt
|
|||
|
*/
|
|||
|
$passw = md5($ps01salt[1].$passw.$ps01salt[2]);
|
|||
|
$sql = 'SELECT * FROM '.$this->Tusers.' WHERE email="'.$this->DB->rescape($email).'" AND pass="'.$this->DB->rescape($passw).'"';
|
|||
|
$rez = $this->DB->QUR_SEL($sql);
|
|||
|
if(!$rez['err']&&$rez['kol']){
|
|||
|
$_SESSION['user'] = $rez['rez'][0];
|
|||
|
$_SESSION['user']['statuses'] = $this->statuses($_SESSION['user']['id']);
|
|||
|
$_SESSION['user']['teachers'] = $this->teachers($_SESSION['user']['id']);
|
|||
|
$_SESSION['user']['chdpwd']=1;
|
|||
|
unset($_SESSION['user']['pass']);
|
|||
|
$out = $_SESSION['user'];
|
|||
|
}
|
|||
|
return $out;
|
|||
|
}
|
|||
|
function enter_by_user($id){
|
|||
|
$out=array();
|
|||
|
$sql = 'SELECT * FROM '.$this->Tusers.' WHERE id='.$id.' LIMIT 1';
|
|||
|
$rez = $this->DB->QUR_SEL($sql);
|
|||
|
if(!$rez['err']&&$rez['kol']){
|
|||
|
$_SESSION['user'] = $rez['rez'][0];
|
|||
|
$_SESSION['user']['statuses'] = $this->statuses($_SESSION['user']['id']);
|
|||
|
$_SESSION['user']['teachers'] = $this->teachers($_SESSION['user']['id']);
|
|||
|
$_SESSION['user']['chdpwd']=1;
|
|||
|
unset($_SESSION['user']['pass']);
|
|||
|
$out = $_SESSION['user'];
|
|||
|
}
|
|||
|
return $out;
|
|||
|
}
|
|||
|
function statuses($id_user=0){
|
|||
|
$out=array();
|
|||
|
//TODO сделать выбор из главного файла конфига!
|
|||
|
$statuses = array('-1'=>'заблокирован',
|
|||
|
'0'=>'обычный',
|
|||
|
'9'=>'выпускник',
|
|||
|
'10'=>'трудоустройство',
|
|||
|
'20'=>'УМУ',
|
|||
|
'21'=>'Зам.декана',
|
|||
|
'22'=>'Аттестационная комиссия',
|
|||
|
'23'=>'Кафедра',
|
|||
|
'24'=>'Декан',
|
|||
|
'25'=>'Секретарь деканата',
|
|||
|
'26'=>'Управление студ-кадров',
|
|||
|
'27'=>'Ответственный за практику',
|
|||
|
'28'=>'Ведущий курсов ДПО',
|
|||
|
'29'=>'Библиотека',
|
|||
|
'30'=>'Зав.кафедрой',
|
|||
|
'31'=>'[Доп] Зам.декана ОФО',
|
|||
|
'32'=>'[Доп] Зам.декана ЗФО',
|
|||
|
'33'=>'[Доп] Зам.декана ОЗФО',
|
|||
|
'35'=>'Общежитие',
|
|||
|
'36'=>'БФУ',
|
|||
|
'37'=>'Здравпункт',
|
|||
|
'39'=>'Проверяющий кафедры',
|
|||
|
'41'=>'мат.помощь ЧленКомиссии',
|
|||
|
'42'=>'мат.помощь СекретарьКомиссии',
|
|||
|
'59'=>'эфф.контракт Админ',
|
|||
|
'60'=>'Управление научной деятельностью',
|
|||
|
'71'=>'Председатель аккредитационной комиссии',
|
|||
|
'72'=>'Центр аккредитации',
|
|||
|
'77'=>'Сотрудник ИТ-отдела',
|
|||
|
'78'=>'ДОП ДОСТУП',
|
|||
|
'79'=>'Проректор по УР',
|
|||
|
'80'=>'администратор учительской',
|
|||
|
'97'=>'редактор инструкций',
|
|||
|
'98'=>'администрирование пользователей',
|
|||
|
'99'=>'супер админ');
|
|||
|
if($id_user==0) $id_user = $_SESSION['user']['id'];
|
|||
|
$sql = 'SELECT statuses FROM '.$this->Tusers_statuses.' WHERE id_user='.$id_user;
|
|||
|
$rez = $this->DB->QUR_SEL($sql);
|
|||
|
if(!$rez['err']&&$rez['kol']){
|
|||
|
$stats = explode(',',$rez['rez'][0]['statuses']);
|
|||
|
foreach ($stats as $k => $v){
|
|||
|
//if($v!=79) {
|
|||
|
if (isset($statuses[$v])) $out[$v] = $statuses[$v];
|
|||
|
else $out[$v] = '-';
|
|||
|
//}
|
|||
|
}
|
|||
|
}
|
|||
|
return $out;
|
|||
|
}
|
|||
|
function teachers($id_user=0){
|
|||
|
$out=array();
|
|||
|
if($id_user==0) $id_user = $_SESSION['user']['id'];
|
|||
|
$sql = 'SELECT * FROM '.$this->Tteachers.' WHERE id_user='.$id_user;
|
|||
|
$rez = $this->DB->QUR_SEL($sql);
|
|||
|
if(!$rez['err']&&$rez['kol']){
|
|||
|
$out = $rez['rez'][0];
|
|||
|
}
|
|||
|
return $out;
|
|||
|
}
|
|||
|
}
|