QUR_SEL($sql0);
if ($rez0 && $rez0[0]) {//нашли емаил
$id_user = $rez0[1]['id'];
$sql1 = 'SELECT id FROM '.$ST['dbpf'].'_users_pass WHERE id_user='.$id_user.' LIMIT 1';
$rez1=$DB->QUR_SEL($sql1);
if($rez1&&$rez1[0]) {//Пользователь менял пароль!
$hash = $rez0[1]['pass'] . 'a3Dсс';
}else{//пользователь не менял пароль надо обновить
$pass = passw_generate($rez0[1]['pass']);
$hash = $pass . 'a3Dсс';
$DB->QUR('UPDATE '.$ST['dbpf'].'_users SET pass = "'.$pass.'" WHERE id='.$id_user.' LIMIT 1');
}
$message = 'Вы запрашивали пароль на сайте eios.mkgtu.ru
';
$message .= 'Для восстановления пароля пройдите по ссылке восстановить';
$rezemail = send_email('Восстановление пароля eios.mkgtu.ru',$message,$rez0[1]['email']);
if($rezemail==false)
$out['msg'] = 'Не смогли отправить на почту!';
else
$out['msg'] = 'На почту отправлена инструкция';
//file_put_contents('wtf01.txt',date('H:i d.m.Y').':email:'.$id_user.':'.$rez0[1]['email']."\n",FILE_APPEND);
} else {
$out['msg'] = 'Такого email не существует!';
}
}
if(isset($_POST['answer'])&&$_POST['answer']=='html'){
$_SESSION['login']['msg'] = $out['msg'];
header('location: /login/');
}else{
echo json_encode($out);
exit();
}
}
//unset($_SESSION['user']);
//Заставим пользователей сменить пароль!
if(isset($_SESSION['user']['id'])){
$err = ''; //unset($_SESSION['user']['chdpwd']);
if(isset($_POST['changepassw'])){
$passw0 = get_data_fu($_POST['pass0']);
$passw1 = get_data_fu($_POST['pass1']);
$passw2 = get_data_fu($_POST['pass2']);
//file_put_contents('wtf01.txt',date('H:i d.m.Y').':chng:'.$_SESSION['user']['id'].':'.$passw0.':'.$passw1.':'.$passw2."\n",FILE_APPEND);
$sql = 'SELECT pass FROM '.$ST['dbpf'].'_users WHERE id='.$_SESSION['user']['id'].' LIMIT 1';
$rez=$DB->QUR_SEL($sql);
if($rez){
$passw = $rez[1]['pass'];
if($passw!=$passw0) $err = 'Текущий пароль не совпадает!';
else{
if($passw1!=$passw2) $err = 'Новый пароль не подтвержден!';
if($passw0==$passw1) $err = 'Новый пароль не может совпадать с текущим!';
if(strlen($passw1)<8) $err = 'Новый пароль должен содержать 8 или более символов!';
}
}else $err = 'Сначала авторизуйтесь';
if($err==''){
$time = time();
//отметим в БД что меняли!
$sql = 'INSERT INTO '.$ST['dbpf'].'_users_pass VALUES(0,'.$time.','.$_SESSION['user']['id'].')';
$rez=$DB->QUR($sql);
if (!$rez['err']){
//Обновим пароль
$sql = 'UPDATE '.$ST['dbpf'].'_users SET pass="'.passw_generate($passw1).'" WHERE id='.$_SESSION['user']['id'].' LIMIT 1';
$rez=$DB->QUR($sql);
$_SESSION['user']['chdpwd'] = $time;
}
}
}
//Пользователь авторизован
if(!isset($_SESSION['user']['chdpwd'])){
//unset($_SESSION['user']);
$_SESSION['user']['chdpwd']=1;
//echo '
'.print_r($_SESSION,1).'';exit(); //Пользователь не менял пароль $smarty->assign('msg',$msg); $smarty->assign('err',$err); $smarty->display('tpl_cnange_password.html'); exit(); } } function passw_generate($passw){ //include_once 'ps01salt.php'; return md5('MkGTU_'.$passw.'$_2010!'); } if(isset($_GET['logout'])) { unset($_SESSION['user']); unset($_SESSION['pm']); } if (isset($_POST['forgot'])){ $email=get_data_fu($_POST['email']); $sql = 'SELECT * FROM '.$ST['dbpf'].'_users WHERE email="'.$email.'" LIMIT 1'; $rez=$DB->QUR_SEL($sql); //echo '
'.print_r($rez,1).''; if($rez){ send_email('Восстановление пароля eios.mkgtu.ru','Вы запрашивали пароль на сайте eios.mkgtu.ru
'.print_r($rez0,1).'';exit(); if($rez0&&$rez0[0]){//нашли емаил $id_user = $rez0[1]['id']; $sql1 = 'SELECT id FROM '.$ST['dbpf'].'_users_pass WHERE id_user='.$id_user.' LIMIT 1'; $rez1=$DB->QUR_SEL($sql1); if($rez1&&$rez1[0]){//Пользователь менял пароль! $CHNGPSW=1; $pass = passw_generate($pass); $sql = 'SELECT * FROM '.$ST['dbpf'].'_users WHERE email="'.$email.'" AND pass="'.$pass.'" AND status>-1 LIMIT 1'; }else{//пользователь не менял пароль! $CHNGPSW=0; $sql = 'SELECT * FROM '.$ST['dbpf'].'_users WHERE email="'.$email.'" AND pass="'.$pass.'" AND status>-1 LIMIT 1'; } } //echo '3.'.$sql.'
'.print_r($rez,1).''; if($rez&&$rez[0]){ //если нет военного билета if ($rez[1]['status'] == 1){ $_SESSION['login']['msg']='Учетная запись временно заблокирована, для разблокировки обратитесь в деканат!'; $_GET['login']=1; } else{ //unset($rez[1]['pass']); $rez[1]['avatar'] = ''; if(file_exists('upload/users/ava/'.$rez[1]['id'].'_ava_150.jpg')){ $rez[1]['avatar'] = '/upload/users/ava/'.$rez[1]['id'].'_ava_150.jpg'; } $_SESSION['user']=$rez[1]; if($CHNGPSW==1) $_SESSION['user']['chdpwd']=1; //echo '
'.print_r($_SESSION,1).'';exit(); $sql1='SELECT * FROM '.$ST['dbpf'].'_users_statuses WHERE id_user='.$rez[1]['id'].''; $rez1=$DB->QUR_SEL($sql1); if($rez1){ $t=explode(',',$rez1[1]['statuses']); foreach($t as $k => $v) $_SESSION['user']['statuses'][$v]=$v; } $rez=$DB->QUR('UPDATE '.$ST['dbpf'].'_users SET data_u='.mktime().' WHERE id='.$_SESSION['user']['id'].' LIMIT 1'); save_logs('Вошел пользователь '.$_SESSION['user']['id'].' : '.$_SESSION['user']['fio'].''); $_SESSION['iamonline']=time(); $sql = 'SELECT * FROM '.$ST['dbpf'].'_teachers WHERE id_user='.$_SESSION['user']['id'].' AND status=1 LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez){ $_SESSION['user']['teacher']['id']=out_data_fu($rez[1]['id']); $_SESSION['user']['teacher']['zvanie']=out_data_fu($rez[1]['zvanie']); $_SESSION['user']['teacher']['dolgnost']=out_data_fu($rez[1]['dolgnost']); $_SESSION['user']['teacher']['stepen']=out_data_fu($rez[1]['stepen']); $_SESSION['user']['teacher']['fakultet']=out_data_fu($rez[1]['fakultet']); $_SESSION['user']['teacher']['kafedra']=out_data_fu($rez[1]['kafedra']); $_SESSION['user']['teacher']['data_u']=date('H:i:s d.m.Y',$rez[1]['data_u']); $_SESSION['user']['teacher']['status']=$rez[1]['status']; } $sql = 'SELECT * FROM '.$ST['dbpf'].'_students WHERE id_user='.$_SESSION['user']['id'].' AND status=1 LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez){ $_SESSION['user']['student']['id']=out_data_fu($rez[1]['id']); $_SESSION['user']['student']['grupp']=get_grupp($rez[1]['id_grupp']); $_SESSION['user']['student']['num_zach']=out_data_fu($rez[1]['num_zach']); $_SESSION['user']['student']['num_stud']=out_data_fu($rez[1]['num_stud']); $_SESSION['user']['student']['data_u']=date('H:i:s d.m.Y',$rez[1]['data_u']); $_SESSION['user']['student']['status']=$rez[1]['status']; $_SESSION['user']['student']['id_grupp']=$rez[1]['id_grupp']; $_SESSION['user']['student']['num_grupp']=$rez[1]['num_grupp']; $_SESSION['user']['student']['kod_podgotovki']=$rez[1]['kod_podgotovki']; } $sql = 'SELECT * FROM '.$ST['dbpf'].'_blogs_users WHERE id_user='.$_SESSION['user']['id'].''; $rez=$DB->QUR_SEL($sql); if($rez){ $_SESSION['user']['blog']['status']=1; foreach($rez as $key => $val)if($key){ $_SESSION['user']['blog']['id_blog_category'][]=$val['id_category']; } } json_get_ssid(); unset($_SESSION['login']['msg']); } }else { $_SESSION['login']['msg']='ОШИБКА АВТОРИЗАЦИИ!'; $_GET['login']=1; } } //echo '
'.print_r($_SESSION,1).'';exit(); } if (isset($_POST['register'])){ //когда регистрируем удаляем полис и телефон из сессии человека, который регистрирует (деканат) unlink($_SESSION['user']['phone']); unlink($_SESSION['user']['polis']); //далее получаем данные $email = get_data_fu($_POST['email']); $pass = get_data_fu($_POST['pass']); $pass1 = get_data_fu($_POST['pass1']); $fio = get_data_fu($_POST['fio']); $num = get_data_fu($_POST['num']); $high_school = get_data_fu($_POST['high_school']); //МГТУ или его филиал $grupp = get_data_fu($_POST['grupp']); //МГТУ или его филиал $err=array(); if ($pass!=$pass1) $err[]='Пароли не совпадают!'; if (strlen($fio)<4)$err[]='Заполните правильно ФИО'; //if (strlen($email)<4)$err[]='Заполните правильно email'; if (!email_format($email)) { $err[]='Заполните правильно email'; }else{ $rez=$DB->QUR_SEL('SELECT id FROM '.$ST['dbpf'].'_users WHERE email="'.$email.'" LIMIT 1'); if($rez) $err[]='такой email уже зарегистрирован!'; $rez=$DB->QUR_SEL('SELECT id FROM '.$ST['dbpf'].'_users WHERE fio="'.$fio.'" LIMIT 1'); if($rez) $err[]='пользователь с такими именем уже есть в системе!'; } if($num!=''){ //$rez=$DB->QUR_SEL('SELECT id FROM '.$ST['dbpf'].'_students WHERE num_zach="'.$num.'" OR num_stud="'.$num.'" LIMIT 1'); //здесь проходит дополнительная проверка МГТУ или филиал МГТУ $rez=$DB->QUR_SEL('SELECT s.id, u.* FROM '.$ST['dbpf'].'_students AS s, '.$ST['dbpf'].'_users AS u WHERE (s.num_zach="'.$num.'" ) AND (u.high_school = "'.$high_school.'") LIMIT 1'); if($rez) $err[]='Такой номер зачетной книжки уже есть! обратитесь на кафедру для восстановления пароля!'; } $_GET['loginnew']=1; if (!count($err)){ //$sql = 'INSERT INTO '.$ST['dbpf'].'_users VALUES (0,'.mktime().','.mktime().',"'.$email.'","'.$pass.'",0,"'.$fio.'","")'; $sql = 'INSERT INTO '.$ST['dbpf'].'_users VALUES (0,'.mktime().','.mktime().',"'.$email.'","'.passw_generate($pass).'",0,"'.$fio.'","", "'.$high_school.'", NULL, NULL)'; $rez=$DB->QUR($sql); if (!$rez['err']){ $_SESSION['user']['id']=mysql_insert_id(); $sql4 = 'INSERT INTO '.$ST['dbpf'].'_users_pass VALUES(0,'.$time.','.$_SESSION['user']['id'].')'; $rez4=$DB->QUR($sql4); $_SESSION['user']['email']=$email; $_SESSION['user']['fio']=$fio; $_SESSION['user']['data_u']=mktime(); //$_SESSION['user']['teacher']['id']=0; //$_SESSION['user']['student']['id']=0; unset($_SESSION['register']['msg']); unset($_GET['loginnew']); save_logs('Пользователь зарегистрировался '.$_SESSION['user']['id'].' : '.$fio.''); //$rez=$DB->QUR('INSERT INTO '.$ST['dbpf'].'_students VALUES (0,'.mktime().','.mktime().','.$grupp.','.$_SESSION['user']['id'].',1,"'.$num.'","'.$num.'",0,"")'); $rez=$DB->QUR('INSERT INTO '.$ST['dbpf'].'_students VALUES (0,'.mktime().','.mktime().','.$grupp.','.$_SESSION['user']['id'].',1,"'.$num.'",0,"","0")'); $mass=array('id'=>$_SESSION['user']['id'],'username'=>$_SESSION['user']['email'],'email'=>$_SESSION['user']['email'],'name'=>$_SESSION['user']['fio'],'password'=>$pass); send_in_libmkgtu($mass); }else $_SESSION['register']['msg']='ошибка регистрации!'; }else $_SESSION['register']['msg']='ошибка регистрации! '.implode('; ',$err); } if(isset($_GET['user'])&&isset($_GET['id'])){ //надо взять от пользователя все данные $id = (int)$_GET['id']; $user=array(); $sql = 'SELECT * FROM '.$ST['dbpf'].'_users WHERE id='.$id.' LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez){ $val = $rez[1]; $user = $val; $user['student'] = array(); $sql = 'SELECT * FROM '.$ST['dbpf'].'_students WHERE id_user='.$id.' LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez){ $val = $rez[1]; $user['student'] = $val; $sql = 'SELECT * FROM '.$ST['dbpf'].'_grupp WHERE id='.$user['student']['id_grupp'].' LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez){ $user['student']['grups'] = $rez[1]; $user['student']['grupp'] = $rez[1]['sokr'].'-'.$rez[1]['kurs'].$user['student']['num_grupp'].' '.$rez[1]['fo']; $sql = 'SELECT l.* FROM '.$ST['dbpf'].'_lections as l,'.$ST['dbpf'].'_lections_grupp as lg WHERE lg.id_grupp='.$user['student']['grups']['id'].' AND lg.id_lections=l.id ORDER BY l.kurs,l.name'; $rez=$DB->QUR_SEL($sql); if($rez){ foreach($rez as $key => $val)if($key){ $val['practich']=array(); $sql1 = 'SELECT * FROM '.$ST['dbpf'].'_practich WHERE id_lection='.$val['id'].' ORDER BY name'; $rez1=$DB->QUR_SEL($sql1); if($rez1){ foreach($rez1 as $key1 => $val1)if($key1){ $val['practich'][]=$val1; } } $val['controln']=array(); $sql1 = 'SELECT * FROM '.$ST['dbpf'].'_controln WHERE id_lection='.$val['id'].' ORDER BY name'; $rez1=$DB->QUR_SEL($sql1); if($rez1){ foreach($rez1 as $key1 => $val1)if($key1){ $val['controln'][]=$val1; } } $user['student']['lections'][] = $val; } } $sql = 'SELECT l.* FROM '.$ST['dbpf'].'_workprogram as l,'.$ST['dbpf'].'_workprogram_grupp as lg WHERE lg.id_grupp='.$user['student']['grups']['id'].' AND lg.id_lections=l.id ORDER BY l.kurs,l.name'; $rez=$DB->QUR_SEL($sql); if($rez){ foreach($rez as $key => $val)if($key){ $user['student']['workprogram'][] = $val; } } //ОП $grname=$user['student']['grups']['sokr'].'-'.$user['student']['grups']['kurs']; $grnume=$user['student']['num_grupp']; $url = 'http://local.mkgtu.ru/calchour_2016/calchour_sht/export.php?step=get_up_by_grupp&grupp='.urlencode($grname).$grnume.''; $json=json_decode(file_get_contents($url),1); //отдельно выведем ДБНИКУ $dir_edu = 'tmp/education/'; $filesd=scandir($dir_edu); $files=array(); // //необходимо искать в учебных программах!!! $_SESSION['user']['student']['kod_podgotovki'] $json['dbnika']=array(); foreach($filesd as $k => $v)if($v!='.'&&$v!='..') { $t = explode('_',$v); if($t[0]==$user['student']['kod_podgotovki']){//нашли файл для направления $dbnica = json_decode(file_get_contents($dir_edu.$v),1); $json['dbnika'][$k]=$dbnica; } } //echo '
'.print_r($json['dbnika'],1).''; $smarty->assign('up',$json['up']); $smarty->assign('dbnika',$json['dbnika']); } } } //echo '
'.print_r($user,1).''; $smarty->assign('user',$user); $maincontent = $smarty->fetch('tpl_user_profil.html'); } if(isset($_GET['des'])){ if($_GET['des']=='profile'){ if(!isset($_SESSION['user']['id'])) { header('Location: https://eios.mkgtu.ru/'); exit(); } $maincontent=''; //echo '
'.print_r($_SESSION['user'],1).''; if (isset($_POST['profile_save'])){//СОХРАНЯЕМ ДАННЫЕ ПОЛЬЗОВАТЕЛЯ $fio=get_data_fu($_POST['fio']); $pass=get_data_fu($_POST['pass']); $pass1=get_data_fu($_POST['pass1']); $pass2=get_data_fu($_POST['pass2']); $school=get_data_fu($_POST['school']); $phone=get_data_fu($_POST['phone']); $polis=get_data_fu($_POST['polis']); ///echo $pass.' - '.$pass1.' - '.$pass2; $sql = 'SELECT * FROM '.$ST['dbpf'].'_users WHERE id='.$_SESSION['user']['id'].' LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez){ $sp='';$sf=''; $err=array(); if ($pass!=''){ $sql1 = 'SELECT id FROM '.$ST['dbpf'].'_users_pass WHERE id_user='.$_SESSION['user']['id'].' LIMIT 1'; $rez1=$DB->QUR_SEL($sql1); if($rez1&&$rez1[0]){ $pass = passw_generate($pass); } if($pass==$rez[1]['pass']){ if($pass1!=''){ if($pass1!=$pass2) $err[]='Новый пароль не совпадает с проверочным!'; else { $sp=', pass="'.passw_generate($pass1).'"'; $sql4 = 'INSERT INTO '.$ST['dbpf'].'_users_pass VALUES(0,'.$time.','.$_SESSION['user']['id'].')'; $rez4=$DB->QUR($sql4); } }else $err[]='Новый пароль не может быть пустым!'; }else $err[]='Неверный старый пароль!'; } $foto=upload_file_ava('foto','upload/users/ava/',$_SESSION['user']['id']); if ($foto!='') $sf=',foto="'.$foto.'"'; if(!count($err)){ $rez=$DB->QUR('UPDATE '.$ST['dbpf'].'_users SET phone = "'.$phone.'", polis = "'.$polis.'", fio="'.$fio.'"'.$sp.''.$sf.', high_school = "'.$school.'" WHERE id='.$_SESSION['user']['id'].' LIMIT 1'); $_SESSION['user']['fio']=$fio; $_SESSION['user']['phone']=$phone; $_SESSION['user']['polis']=$polis; $_SESSION['user']['snils']=$snils; if ($sf) $_SESSION['user']['foto']=$foto; $smarty->assign('msg','Изменения сохранены!'); }else $smarty->assign('err',$err); }else $smarty->assign('err',array('ошибка выбора пользователя')); } $teacher=array(); if (isset($_POST['teacher_save'])){//СОХРАНЯЕМ ДАННЫЕ УЧИТЕЛЯ $err=array(); $zvanie=get_data_fu($_POST['zvanie']); $fakultet=$_SESSION['user']['teacher']['fakultet']=get_data_fu($_POST['fakultet']); $kafedra=$_SESSION['user']['teacher']['kafedra']=get_data_fu($_POST['kafedra']); $dolgnost=get_data_fu($_POST['dolgnost']); if ($dolgnost=='') $err[]='Необходимо указать должность!'; $stepen=get_data_fu($_POST['stepen']); if(!count($err)){ $sql = 'SELECT * FROM '.$ST['dbpf'].'_teachers WHERE id_user='.$_SESSION['user']['id'].' LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez){ $status = $rez[1]['status']; $rez=$DB->QUR('UPDATE '.$ST['dbpf'].'_teachers SET data_u='.mktime().',zvanie="'.$zvanie.'",dolgnost="'.$dolgnost.'",stepen="'.$stepen.'",status='.$status.',fakultet="'.$fakultet.'",kafedra="'.$kafedra.'" WHERE id_user='.$_SESSION['user']['id'].' LIMIT 1'); $teacher['zvanie']=$zvanie; $teacher['dolgnost']=$dolgnost; $teacher['stepen']=$stepen; $teacher['msg']='Изменения сохранены!'; $teacher['data_u']=date('H:i:s d.m.Y'); }else { $status=0; $rez=$DB->QUR('INSERT INTO '.$ST['dbpf'].'_teachers VALUES (0,'.mktime().','.mktime().','.$_SESSION['user']['id'].',"'.$zvanie.'","'.$dolgnost.'","'.$stepen.'",'.$status.',"'.$fakultet.'","'.$kafedra.'","0","0","","")'); //предпредпоследние два нуля - стаж работы //echo 'INSERT INTO '.$ST['dbpf'].'_teachers VALUES (0,'.mktime().','.mktime().','.$_SESSION['user']['id'].',"'.$zvanie.'","'.$dolgnost.'","'.$stepen.'",'.$status.',"'.$fakultet.'","'.$kafedra.'","0","0","","")'; if(!$rez['err']) { $teacher['msg'] = 'Данные сохранены!'; if($status==1){ $_SESSION['user']['teacher']['id']=mysql_insert_id(); $_SESSION['user']['teacher']['zvanie']=$zvanie; $_SESSION['user']['teacher']['dolgnost']=$dolgnost; $_SESSION['user']['teacher']['stepen']=$stepen; $_SESSION['user']['teacher']['fakultet']=$fakultet; $_SESSION['user']['teacher']['kafedra']=$kafedra; $_SESSION['user']['teacher']['data_u']=date('H:i:s d.m.Y'); $_SESSION['user']['teacher']['status']=$status; } }else $teacher['err'] = array('ошибка при сохранении данных учителя'); send_email('Заявка на преподавателя','пользователь '.$_SESSION['user']['fio'].' подал заявку на регистрацию преподавателя'); } }else $teacher['err']=$err; } //ВЫБЕРЕМ ДАННЫЕ УЧИТЕЛЯ $sql = 'SELECT * FROM '.$ST['dbpf'].'_teachers WHERE id_user='.$_SESSION['user']['id'].' LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez){ $teacher['zvanie']=out_data_fu($rez[1]['zvanie']); $teacher['dolgnost']=out_data_fu($rez[1]['dolgnost']); $teacher['stepen']=out_data_fu($rez[1]['stepen']); $teacher['fakultet']=out_data_fu($rez[1]['fakultet']); $teacher['kafedra']=out_data_fu($rez[1]['kafedra']); $teacher['data_u']=date('H:i:s d.m.Y',$rez[1]['data_u']); if ($rez[1]['status']==0) $teacher['status'] = 'не подтвержден'; if ($rez[1]['status']==1) $teacher['status'] = 'подтвержден'; } $smarty->assign('teacher',$teacher); $student=array(); if (isset($_POST['student_save'])){//СОХРАНЯЕМ ДАННЫЕ СТУДЕНТА $err=array(); $id_grupp=get_data_fu($_POST['id_grupp']); $id_newgrupp=0; $num_zach=get_data_fu($_POST['num_zach']); //$num_stud=get_data_fu($_POST['num_stud']); $num_grupp=get_data_fu($_POST['num_grupp']); $kod_podgotovki=get_data_fu($_POST['kod_podgotovki']); if(!count($err)){ $sql = 'SELECT * FROM '.$ST['dbpf'].'_students WHERE id_user='.$_SESSION['user']['id'].' LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez){ $status = $rez[1]['status']; //$rez=$DB->QUR('UPDATE '.$ST['dbpf'].'_students SET data_u='.mktime().',id_grupp='.$id_grupp.',num_zach="'.$num_zach.'",num_stud="'.$num_stud.'",num_grupp="'.$num_grupp.'",kod_podgotovki="'.$kod_podgotovki.'",status='.$status.' WHERE id_user='.$_SESSION['user']['id'].' LIMIT 1'); $rez=$DB->QUR('UPDATE '.$ST['dbpf'].'_students SET id_grupp='.$id_grupp.',data_u='.mktime().',num_zach="'.$num_zach.'",num_grupp="'.$num_grupp.'",kod_podgotovki="'.$kod_podgotovki.'",status='.$status.' WHERE id_user='.$_SESSION['user']['id'].' LIMIT 1'); $student['num_zach']=$num_zach; //$student['num_stud']=$num_stud; $student['num_grupp']=$num_grupp; $student['kod_podgotovki']=$kod_podgotovki; $student['grupps']=get_sel_grupp($id_grupp); $student['msg']='Изменения сохранены!'; $student['data_u']=date('H:i:s d.m.Y'); }else{ //$rez=$DB->QUR('INSERT INTO '.$ST['dbpf'].'_students VALUES (0,'.mktime().','.mktime().','.$id_grupp.','.$_SESSION['user']['id'].',1,"'.$num_zach.'","'.$num_stud.'","'.$num_grupp.'","'.$kod_podgotovki.'")'); $rez=$DB->QUR('INSERT INTO '.$ST['dbpf'].'_students VALUES (0,'.mktime().','.mktime().','.$id_grupp.','.$_SESSION['user']['id'].',1,"'.$num_zach.'","'.$num_grupp.'","'.$kod_podgotovki.'","'.$id_newgrupp.'")'); if(!$rez['err']) $student['msg'] = 'Данные сохранены!'; else $student['err'] = array('ошибка при сохранении данных студента'); //send_email('Заявка на студента','пользователь '.$_SESSION['user']['fio'].' подал заявку на регистрацию студента'); } }else $student['err']=$err; } //ВЫБЕРЕМ ДАННЫЕ СТУДЕНТА $sql = 'SELECT * FROM '.$ST['dbpf'].'_students WHERE id_user='.$_SESSION['user']['id'].' LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez){ $student['num_zach']=out_data_fu($rez[1]['num_zach']); //$student['num_stud']=out_data_fu($rez[1]['num_stud']); $student['num_grupp']=out_data_fu($rez[1]['num_grupp']); $student['kod_podgotovki']=out_data_fu($rez[1]['kod_podgotovki']); $student['grupps']=get_sel_grupp($rez[1]['id_grupp']); $group = $rez[1]['id_grupp']; $gr_sel = $student['grupps']; $student['data_u']=date('H:i:s d.m.Y',$rez[1]['data_u']); if ($rez[1]['status']==0) $student['status'] = 'не подтвержден'; if ($rez[1]['status']==1) { //если подтвержден обновим сессии $_SESSION['user']['student']['grupp']=get_grupp($rez[1]['id_grupp']); $_SESSION['user']['student']['num_zach']=out_data_fu($rez[1]['num_zach']); //$_SESSION['user']['student']['num_stud']=out_data_fu($rez[1]['num_stud']); $_SESSION['user']['student']['data_u']=date('H:i:s d.m.Y',$rez[1]['data_u']); $_SESSION['user']['student']['status']=$rez[1]['status']; $_SESSION['user']['student']['id_grupp']=$rez[1]['id_grupp']; $_SESSION['user']['student']['num_grupp']=$rez[1]['num_grupp']; $_SESSION['user']['student']['kod_podgotovki']=$rez[1]['kod_podgotovki']; $student['status'] = 'подтвержден'; } }else{ $student['num_zach']=''; //$student['num_stud']=''; $student['num_grupp']=''; $student['kod_podgotovki']=''; $student['grupps']=get_sel_grupp(); $student['status'] = ''; } //ВЫБЕРЕМ ДАННЫЕ о ВУЗЕ $vyz = array(); $sql = 'SELECT * FROM '.$ST['dbpf'].'_schools'; $rez = $DB->QUR_SEL($sql); if ($rez){ foreach ($rez as $key => $value) if ($key){ $vyz[] = $value; } } $sql = 'SELECT * FROM '.$ST['dbpf'].'_users WHERE id='.$_SESSION['user']['id'].' LIMIT 1'; $rez=$DB->QUR_SEL($sql); $id = out_data_fu($rez[1]['high_school']); $sql_school = 'SELECT * FROM '.$ST['dbpf'].'_schools WHERE `id` = "'.$id.'"'; $rez_school = $DB->QUR_SEL($sql_school); $id_school = $rez_school[1]["id"]; //направления подготовки $areas = array(); $sql = 'SELECT * FROM '.$ST['dbpf'].'_areas '; //$sql = 'SELECT ar.id,ar.code,ar.name,ar.id_kafedra,ka.name as kname,ka.code as kcode,fa.name as fname,fa.abbreviated as fabbr FROM '.$ST['dbpf'].'_areas as ar, '.$ST['dbpf'].'_kafedres as ka, '.$ST['dbpf'].'_faculties fa ka WHERE ka.id=ar.id_kafedra AND ka.id_facult=fa.id'; $rez = $DB->QUR_SEL($sql); if ($rez){ foreach ($rez as $key => $val) if ($key){ $areas[] = $val; } } $new_fakult = lists_fakultets(); $new_kaf = lists_kafedres(); $fakultets = iup_get_fakultets(); $Jnew_kaf=array(); foreach($new_kaf as $k => $v) $Jnew_kaf[$v['id']]=$v; $Jnew_fakult=array(); foreach($new_fakult as $k => $v) $Jnew_fakult[$v['id']]=$v; $Jfakultets=array(); foreach($fakultets as $k => $v) $Jfakultets[$v['id']]=$v; $smarty->assign('fakultets',$fakultets); $smarty->assign('new_fakult',$new_fakult); $smarty->assign('new_kaf',$new_kaf); $smarty->assign('Jnew_kaf',json_encode($Jnew_kaf,JSON_UNESCAPED_UNICODE)); $smarty->assign('Jnew_fakult',json_encode($Jnew_fakult,JSON_UNESCAPED_UNICODE)); $smarty->assign('Jfakultets',json_encode($Jfakultets,JSON_UNESCAPED_UNICODE)); $smarty->assign('uch_step',uch_step()); $smarty->assign('uch_zv',uch_zvan()); $kafedras = iup_get_kafedras(); $smarty->assign('kafedras',$kafedras); $smarty->assign('areas',$areas); $smarty->assign('student',$student); $smarty->assign('profile',$_SESSION['user']); $smarty->assign('vyz',$vyz); $smarty->assign('id_vyz',$id); $smarty->assign('group',$group); $tg = telegram_get(); $smarty->assign('tg',$tg); $maincontent = $smarty->fetch('tpl_user_profile.html'); } } function telegram_get(){ GLOBAL $ST,$DB; $out=array(); $out['auth'] = ''; $tg = array(); if(isset($_SESSION['user']['id'])){ //acs_users_telegram: id int(11), data_c int(11), id_user int(11), passfraze varchar(255), dops text $id_user = $_SESSION['user']['id']; $sql = 'SELECT * FROM '.$ST['dbpf'].'_users_telegram WHERE id_user='.$id_user.' LIMIT 1'; $rez=$DB->QUR_SEL($sql); if($rez) { $tg = $rez[1]; $tg['dops'] = json_decode($tg['dops'],1); //{"user":{"id":"1","fio":"ФАМИЛИЯ","status":"99","statuses":{"10":"10","20":"20","21":"21","22":"22","23":"23","24":"24","25":"25","26":"26","27":"27","28":"28","29":"29","30":"30","35":"35","36":"36","39":"39","41":"41","42":"42","59":"59","60":"60","79":"79","98":"98","99":"99"},"teacher":{"id":"6","zvanie":"нет","dolgnost":"на...","stepen":"нет","fakultet":"Фак...","kafedra":"Инф...","data_u":"08:53:42 06.09.2022","status":"1"},"student":{"id":"7998","grupp":[],"num_zach":"","num_stud":"","data_u":"23:39:21 24.09.2020","status":"1","id_grupp":"0","num_grupp":"1","kod_podgotovki":"09.03.03"}},"telegram":[{"data_c":1690277550,"user_id":14...,"user_fio":"Пользоватлеь телеги"}]} //echo $sql.'
'.print_r($tg,1).''; if($tg['data_c']<(time()-3600)){ $passfraze = gen_password_new(8); $sql = 'UPDATE '.$ST['dbpf'].'_users_telegram SET data_c='.time().', passfraze="'.$passfraze.'" WHERE id='.$tg['id']; $rez=$DB->QUR($sql); if(!$rez['err']){ $tg['passfraze'] = $passfraze; } //Обновляем данные $dops = $tg['dops']; $dops['user']['teacher'] = $_SESSION['user']['teacher']; $dops['user']['student'] = $_SESSION['user']['student']; $sql = 'UPDATE '.$ST['dbpf'].'_users_telegram SET dops="'.$DB->rescape(json_encode($dops,JSON_UNESCAPED_UNICODE)).'" WHERE id_user='.$id_user.';'; $rez=$DB->QUR($sql); //echo $sql.'
'.print_r($rez,1).''; if(!$rez['err']){} } } if(!count($tg)){ $passfraze = gen_password_new(8); $dops['user']['id'] = $_SESSION['user']['id']; $dops['user']['fio'] = $_SESSION['user']['fio']; $dops['user']['status'] = $_SESSION['user']['status']; $dops['user']['statuses'] = $_SESSION['user']['statuses']; $dops['user']['teacher'] = $_SESSION['user']['teacher']; $dops['user']['student'] = $_SESSION['user']['student']; //{"user":{ // "id":"1","fio":"ФИО пользователя","status":"99", // "statuses":{"10":"10","20":"20"...}, // "teacher":{"id":"6","zvanie":"нет","dolgnost":"нач..","stepen":"нет","fakultet":"Фак...","kafedra":"Инфо...","data_u":"08:53:42 06.09.2022","status":"1"}, // "student":{"id":"7998","grupp":[],"num_zach":"","num_stud":"","data_u":"23:39:21 24.09.2020","status":"1","id_grupp":"0","num_grupp":"1","kod_podgotovki":"09.03.03"} //}} $sql = 'INSERT INTO '.$ST['dbpf'].'_users_telegram VALUES (0,'.time().','.$id_user.',"'.$passfraze.'","'.$DB->rescape(json_encode($dops,JSON_UNESCAPED_UNICODE)).'")'; $rez=$DB->QUR($sql); if(!$rez['err']){ $tg['passfraze'] = $passfraze; $tg['dops'] = array(); } } $out = $tg; return $out; } return $out; } function gen_password_new($length = 6){ $chars = 'абвгдежзиклмнопрстуфхцчшщэюяАБВГДЕЖЗИКЛМНПРСТУФХЦЧШЩЭЮЯ123456789!-'; $password = ''; //$arr = array( // 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', // 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', // 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', // 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', // '1', '2', '3', '4', '5', '6', '7', '8', '9', '0' //); $arr = mb_str_split($chars); for ($i = 0; $i < $length; $i++) { $password .= $arr[random_int(0, count($arr) - 1)]; } return $password; } function email_format($email) { if((preg_match("~^([a-z0-9_\-\.])+@([a-z0-9_\-\.])+\.([a-z0-9])+$~i", $email) !== 0) and (strlen($email) >= 6)) return TRUE; else return FALSE; } function get_sel_grupp($id=0){ GLOBAL $ST,$DB; $out=array(); $sql = 'SELECT * FROM '.$ST['dbpf'].'_grupp WHERE sokr!="" AND sokr NOT LIKE "%Выпуск%" AND `year_start`>='.(date('Y')-7).' ORDER BY sokr,kurs'; $rez=$DB->QUR_SEL($sql); if($rez){ foreach($rez as $key => $val)if($key){ $out[$key]=$val; if($id==$val['id']) $out[$key]['active']=1; } } return $out; } if(isset($_GET['dump'])) { $mass=array('id'=>'-1','username'=>'test','email'=>'test@test.ru','name'=>'Test','password'=>'Passw'); send_in_libmkgtu($mass); } function send_in_libmkgtu($mass){//Шлем на регистрацию БИБЛИОТЕКУ /* $secret = "deb71f5a7830011a7aaddabb77705115"; $time = time(); //$sign = md5("{$email}|{$time}|{$secret}"); $sign = md5($email.'|'.$time.'|'.$secret); //$url = "http://lib.mkgtu.ru/?task=trustauth&email={$email}&time={$time}&sign={$sign}"; $pm = array('learnmgtu-createuser'=>$mass,'task'=>'trustauth','email'=>$mass['email'],'time'=>$time,'sign'=>$sign); */ $pm = array('learnmgtu-createuser'=>$mass); $vars = http_build_query($pm); $options = array( 'http' => array( 'method' => 'POST', // метод передачи данных 'header' => 'Content-type: application/x-www-form-urlencoded', // заголовок 'content' => $vars, // переменные ) ); $context = stream_context_create($options); // создаём контекст потока $result = file_get_contents('http://lib.mkgtu.ru/index.php', false, $context); //отправляем запрос if(isset($_GET['dump'])) { echo 'Шлем:
'.print_r($pm,1).''; //echo 'Опции:
'.print_r($options,1).''; //echo 'context:
'.print_r($context,1).''; echo 'результат: '.$result; // вывод результата } $mess = 'username=>'.$mass['email'].'