Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include 'config.php';
- $ur_lico = '';
- $main .= '
- <style>
- .table_ff td {
- cursor: pointer;
- }
- </style>
- <script>
- function open_user(id_) {
- window.location.href = "/admin/user_manager/&id="+id_;
- }
- </script>';
- $url .= ' > <a href="/admin/user_manager/">Управление пользователями</a>';
- $main .= '<script type="text/javascript">document.getElementById("admin_left_panel").style.width = "200px";</script>';
- $left .= '<a href="/admin/user_manager/&xD=create_new_user"><img src="' . $icon_dir . 'user__plus.png" /> Создать нового пользователя</a>';
- $left .= '<br/><a href="/admin/user_manager/&xD=search_and_destroy"><img src="' . $icon_dir . 'find.png" /> Поиск пользователя</a>';
- $left .= '<br/><a href="/admin/user_manager/?list"><img src="' . $icon_dir . 'find.png" /> Список пользоателей</a>';
- $left .= '<br/><a href="/admin/user_manager/?rights"><img src="' . $icon_dir . 'find.png" />Управление правами</a>';
- $left .= '<br/><a href="/admin/user_manager/?questions">Анкета</a>';
- $left .= '<br/><a href="/admin/user_manager/?votes">Голосование</a>';
- if (isset($_GET['xD']) && $_GET['xD'] == "create_new_user") {
- if (isset($_POST['create'])) {
- $error = array();
- if (!preg_match("/^[a-zA-Z0-9]+$/", $_POST['login'])) {
- $error[] = "Логин должен состоять из латинских букв и цифр!";
- }
- if (strlen($_POST['login']) <= 3 or strlen($_POST['login']) >= 20) {
- $error[] = "Логин должен быть не меньше 3-х символов и не больше 20-и!";
- }
- if (!filter_var($_POST['mail'], FILTER_VALIDATE_EMAIL)) {
- $error[] = "Mail введен не верно!";
- }
- if (strlen($_POST['psswd']) <= 5 or strlen($_POST['psswd']) >= 20) {
- $error[] = "Пароль должен быть не меньше 5-и символов и не больше 20-и!";
- }
- $query = mysql_query("SELECT COUNT(id) FROM users WHERE login='" . mysql_real_escape_string($_POST['login']) . "'");
- if (mysql_result($query, 0) > 0) {
- $error[] = "Введенный вами логин уже используется!";
- }
- if ($_POST['login'] == $_POST['password']) {
- $error[] = "Логин не должен совпадать с паролем!";
- }
- if (count($error) == 0) {
- $psswd = md5(trim($_POST['psswd']));
- mysql_query("INSERT INTO `users` (login,name,last_name,psswd,mail,chown) VALUES('" . $_POST['login'] . "', '" . $_POST['name'] . "', '" . $_POST['last_name'] . "', '$psswd', '" . $_POST['mail'] . "', '" . $_POST['chown'] . "')");
- $main.='<script>alert(\'Пользователь успешно создан!\');window.location.href = "/admin/user_manager/"</script>';
- } else {
- $main.='<b class="error">При регистрации были обнаружены следующие ошибки:</b><br />';
- foreach ($error AS $error_) {
- $main.=$error_ . '<br />';
- }
- $main.='<br />';
- }
- }
- $url .= ' > <a href="">Создание нового пользователя</a>';
- $main .= '
- <script>
- function check() {
- if(document.getElementById(\'login\').value == ""){
- alert(\'Поле [Логин] не должно быть пустым!\');
- return false;
- } else if (document.getElementById(\'mail\').value == ""){
- alert(\'Поле [Mail] не должно быть пустым!\');
- return false;
- } else if (document.getElementById(\'psswd\').value == ""){
- alert(\'Поле [Пароль] не должно быть пустым!\');
- return false;
- } else if (document.getElementById(\'re_psswd\').value == ""){
- alert(\'Поле [Повтор пароля] не должно быть пустым!\');
- return false;
- } else if (document.getElementById(\'psswd\').value != document.getElementById(\'re_psswd\').value){
- alert(\'Поля [Пароль] и [Повтор пароля] должны быть одинаковыми!\');
- return false;
- } else if (document.getElementById(\'re_psswd\').value == ""){
- alert(\'Поле [Права доступа] не должно быть пустым!\');
- return false;
- }
- }
- </script>
- <form method="post" onSubmit="return check();">
- <table class="table_ff" style="width:400px;">
- <tr>
- <th colspan="2"><span class="window_icon"><img src="' . $icon_dir . 'user__plus.png" /></span> Создание нового пользователя</th>
- </tr>
- <tr>
- <td>Логин: *</td>
- <td><input type="text" name="login" id="login" /></td>
- </tr>
- <tr>
- <td>Mail: *</td>
- <td><input type="text" name="mail" id="mail" /></td>
- </tr>
- <tr>
- <td>Имя:</td>
- <td><input type="text" name="name" id="name" /></td>
- </tr>
- <tr>
- <td>Фамилия:</td>
- <td><input type="text" name="last_name" id="last_name" /></td>
- </tr>
- <tr>
- <td>Пароль: *</td>
- <td><input type="password" name="psswd" id="psswd" /></td>
- </tr>
- <tr>
- <td>Повтор пароля: *</td>
- <td><input type="password" name="re_psswd" id="re_psswd" /></td>
- </tr>
- <tr>
- <td>Права доступа: *</td>
- <td><input type="text" name="chown" size="1" maxlength="1" id="chown" value="1" /> От 1 до 9</td>
- </tr>
- <tr>
- <td colspan="2" style="text-align:center;"><input type="submit" name="create" value="Создать" /></td>
- </tr>
- </table>
- </form>
- ';
- }
- elseif (isset($_GET['xD']) && $_GET['xD'] == "search_and_destroy") {
- $url .= ' > <a href="">Поиск пользователя</a>';
- $main .= '
- <form method="post">
- <table class="table_ff" style="width:500px;">
- <tr>
- <th colspan="3"><span class="window_icon"><img src="' . $icon_dir . 'find.png" /></span> Поиск пользователя<input type="hidden" name="qbbr" value="OK" /></th>
- </tr>
- <tr>
- <td>По логину</td>
- <td><input type="text" name="login" style="width:100%;" /></td>
- <td><input type="submit" name="seach_login" value="Искать" /></td>
- </tr>
- <tr>
- <td>По Имени</td>
- <td><input type="text" name="name" style="width:100%;" /></td>
- <td><input type="submit" name="seach_name" value="Искать" /></td>
- </tr>
- <tr>
- <td>По Фамилии</td>
- <td><input type="text" name="last_name" style="width:100%;" /></td>
- <td><input type="submit" name="seach_last_name" value="Искать" /></td>
- </tr>
- <tr>
- <td>По почте(MAIL)</td>
- <td><input type="text" name="mail" style="width:100%;" /></td>
- <td><input type="submit" name="seach_mail" value="Искать" /></td>
- </tr>
- </table>
- </form>';
- if (isset($_POST['qbbr'])) {
- $main .='<table class="table_ff">
- <tr>
- <th style="width:30px;">id</th>
- <th>Логин</th>
- <th>Имя</th>
- <th>Фамилия</th>
- <th>Mail</th>
- <th style="width:30px;">Права</th>
- </tr>';
- if (isset($_POST['seach_login'])) {
- $q = mysql_query("SELECT * FROM `users` WHERE `login` LIKE '%" . $_POST['login'] . "%'");
- } elseif (isset($_POST['seach_name'])) {
- $q = mysql_query("SELECT * FROM `users` WHERE `name` LIKE '%" . $_POST['name'] . "%'");
- } elseif (isset($_POST['seach_last_name'])) {
- $q = mysql_query("SELECT * FROM `users` WHERE `last_name` LIKE '%" . $_POST['last_name'] . "%'");
- } elseif (isset($_POST['seach_mail'])) {
- $q = mysql_query("SELECT * FROM `users` WHERE `mail` LIKE '%" . $_POST['mail'] . "%'");
- }
- while ($row = mysql_fetch_array($q)) {
- $main .='
- <tr onclick="open_user(\'' . $row['id'] . '\');" style="cursor:pointer;">
- <td>' . $row['id'] . '</td>
- <td>' . $row['login'] . '</td>
- <td>' . $row['name'] . '</td>
- <td>' . $row['last_name'] . '</td>
- <td>' . $row['mail'] . '</td>
- <td>' . $row['chown'] . '</td>
- </tr>';
- }
- $main .= '</table>';
- }
- } elseif (isset($_GET['id'])) {
- $t = $_GET['id'];
- if (isset($_POST['save'])) {
- $update = '';
- if ($loboQdata['lico'] == 1){
- $update .='`company` = "'.mysql_real_escape_string($_POST['company']).'",';
- $update .='`ur_adress` = "'.mysql_real_escape_string($_POST['ur_adress']).'",';
- $update .='`inn` = "'.mysql_real_escape_string($_POST['inn']).'",';
- $update .='`kpp` = "'.mysql_real_escape_string($_POST['kpp']).'",';
- $update .='`bank` = "'.mysql_real_escape_string($_POST['bank']).'",';
- $update .='`bik` = "'.mysql_real_escape_string($_POST['bik']).'",';
- $update .='`rs` = "'.mysql_real_escape_string($_POST['rs']).'",';
- $update .='`kr` = "'.mysql_real_escape_string($_POST['kr']).'",';
- }
- $update .='`name` = "'.mysql_real_escape_string($_POST['name']).'",';
- $update .='`last_name` = "'.mysql_real_escape_string($_POST['last_name']).'",';
- $update .='`otchestvo` = "'.mysql_real_escape_string($_POST['otchestvo']).'",';
- $update .='`tel` = "'.mysql_real_escape_string($_POST['tel']).'",';
- $update .='`mobile_tel` = "'.mysql_real_escape_string($_POST['mobile_tel']).'",';
- $update .='`mail` = "'.mysql_real_escape_string($_POST['mail']).'",';
- $update .='`city` = "'.mysql_real_escape_string($_POST['city']).'",';
- $update .='`lico` = '.((int)isset($_POST['lico'])).',';
- $update .='`post` = "'.mysql_real_escape_string($_POST['post']).'",';
- $update .='`street` = "'.mysql_real_escape_string($_POST['street']).'",';
- $update .='`dom` = "'.mysql_real_escape_string($_POST['dom']).'",';
- $update .='`kvartira` = "'.mysql_real_escape_string($_POST['kvartira']).'",';
- $update .='`korpus` = "'.mysql_real_escape_string($_POST['korpus']).'",';
- mysql_query("UPDATE `users` SET
- ".$update."
- `chown`='" . $_POST['chown'] . "' WHERE `id`=".(int)$t);
- header('Location:/admin/user_manager?id='.$t);
- exit;
- }
- $query = mysql_query("SELECT * FROM `users` WHERE `id`='$t'");
- $loboQdata = mysql_fetch_assoc($query);
- if(isset($_POST['login'])){
- $hash = md5(SALT . $loboQdata['psswd'] . SALT);
- setcookie('login_', $loboQdata['login'], null, '/');
- setcookie('hash_', $hash, null, '/');
- header('Location:/profile');
- exit;
- }
- if ($loboQdata['lico'] == 1) {
- $ur_lico = '
- <table style="margin-left:50px;margin-bottom:30px;width:400px;float:left;" class="table_ff">
- <tr>
- <th colspan="2">Юридические данные клиента</th>
- </tr>
- <tr>
- <td class="author">Компания:</td>
- <td><input type="text" name="company" value="' . htmlspecialchars($loboQdata['company']) . '"/></td>
- </tr>
- <tr>
- <td class="author">Юр. Адрес:</td>
- <td><input type="text" name="ur_adress" value="' . htmlspecialchars($loboQdata['ur_adress']) . '"/></td>
- </tr>
- <tr>
- <td>ИНН:</td>
- <td><input type="text" name="inn" value="' . htmlspecialchars($loboQdata['inn']). '"/></td>
- </tr>
- <tr>
- <td>КПП:</td>
- <td><input type="text" name="kpp" value="' . htmlspecialchars($loboQdata['kpp'] ) . '"/></td>
- </tr>
- <tr>
- <td>Банк:</td>
- <td><input type="text" name="bank" value="' . htmlspecialchars($loboQdata['bank']) . '"/></td>
- </tr>
- <tr>
- <td>БИК:</td>
- <td><input type="text" name="bik" value="' . htmlspecialchars( $loboQdata['bik']) . '"/></td>
- </tr>
- <tr>
- <td>Р/С:</td>
- <td><input type="text" name="rs" value="' . htmlspecialchars($loboQdata['rs']) . '"/></td>
- </tr>
- <tr>
- <td>Корр/Счёт:</td>
- <td><input type="text" name="kr" value="' . htmlspecialchars( $loboQdata['kr']) . '"/></td>
- </tr>
- </table>';
- }
- $url .= ' > <a href="">' . $loboQdata['login'] . '</a>';
- $main .= '<form method="post"><table class="table_ff" style="width:500px;float:left;">';
- $main .= '<tr><th colspan="2">Просмотр пользователя</th></tr><tr>';
- $main .= '<td style="width:200px;">id:</td>';
- $main .= '<td>' . $loboQdata['id'] . '</td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Логин:</td>';
- $main .= '<td>' . $loboQdata['login'] . '</td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Имя:</td>';
- $main .= '<td><input type="text" name="name" value="' . htmlspecialchars( $loboQdata['name']) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Фамилия:</td>';
- $main .= '<td><input type="text" name="last_name" value="' . htmlspecialchars( $loboQdata['last_name'] ) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Отчество:</td>';
- $main .= '<td><input type="text" name="otchestvo" value="' . htmlspecialchars( $loboQdata['otchestvo'] ) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Телефон:</td>';
- $main .= '<td><input type="text" name="tel" value="' . htmlspecialchars( $loboQdata['tel']) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Доп. телефон:</td>';
- $main .= '<td><input type="text" name="mobile_tel" value="' . htmlspecialchars( $loboQdata['mobile_tel']) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Mail:</td>';
- $main .= '<td><input type="text" name="mail" value="' . htmlspecialchars( $loboQdata['mail'] ) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<th colspan="2">Адрес:</th>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Город:</td>';
- $main .= '<td><input type="text" name="city" value="' . htmlspecialchars( $loboQdata['city'] ) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Индекс:</td>';
- $main .= '<td><input type="text" name="post" value="' . htmlspecialchars( $loboQdata['post'] ) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Улица:</td>';
- $main .= '<td><input type="text" name="street" value="' . htmlspecialchars( $loboQdata['street'] ) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Квартира:</td>';
- $main .= '<td><input type="text" name="kvartira" value="' . htmlspecialchars( $loboQdata['kvartira'] ) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Корпус:</td>';
- $main .= '<td><input type="text" name="korpus" value="' . htmlspecialchars( $loboQdata['korpus'] ) . '"/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Дата регистации:</td>';
- $main .= '<td>' . $loboQdata['date'] . '</td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>ip:</td>';
- $main .= '<td>' . $loboQdata['ip'] . '</td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Юр. лицо:</td>';
- $main .= '<td><input type="checkbox" name="lico" '.($loboQdata['lico']?'checked="checked"':'').'/></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Права:</td>';
- $main .= '<td><input type="text" name="chown" size="2" maxlength="1" value="' . $loboQdata['chown'] . '" /></td>';
- $main .= '</tr>';
- $main .= '<tr>';
- $main .= '<td>Действия:</td>';
- $user_icon = '<img src="' . $icon_dir . 'user_off.png" />';
- if ($loboQdata['power'] == "1")
- $user_icon = '<img src="' . $icon_dir . 'user_on.png" />';
- $main .= '<td><a onclick="power_user(\'' . $loboQdata['id'] . '\',\'' . $loboQdata['power'] . '\');" title="вкл/выкл">' . $user_icon . '</a> <a onclick="delete_user(\'' . $loboQdata['id'] . '\',\'' . $loboQdata['login'] . '\')"><img src="' . $icon_dir . '/delete.png" title="Удалить" /></a></td>';
- $main .= '</tr><tr><td><input type="submit" name="login" value="Войти на сайт"/></td><td style="text-align:center;"><input type="submit" name="save" value="Сохранить изменения" /></td></tr>';
- $main .= '</table></form>';
- $main .= $ur_lico;
- }
- elseif (isset($_GET['list'])) {
- $main .= '<form action="" method="get"><input type="hidden" name="list" value=""/><table><tr>
- <td>Дата регистрации<select name="zreg">
- <option ' . (isset($_GET['zreg']) && $_GET['zreg'] == '>' ? 'selected="selected"' : '') . ' value=">">></option>
- <option ' . (isset($_GET['zreg']) && $_GET['zreg'] == '=' ? 'selected="selected"' : '') . ' value="=">=</option>
- <option ' . (isset($_GET['zreg']) && $_GET['zreg'] == '<' ? 'selected="selected"' : '') . ' value="<"><</option></select>
- <input type="text" class="input-date" name="registr" value="' . (empty($_GET['registr']) ? '' : $_GET['registr']) . '"/>
- <label><input type="checkbox" name="phone" '.(empty($_GET['phone']) ? '' :'checked="ckecked"') . '"/>Телефон</label>
- <select name="orders">
- <option ' . (isset($_GET['orders']) && $_GET['orders'] == 'all' ? 'selected="selected"' : '') . ' value="all">Все</option>
- <option ' . (isset($_GET['orders']) && $_GET['orders'] == 'no' ? 'selected="selected"' : '') . ' value="no">Без заказов</option>
- <option ' . (isset($_GET['orders']) && $_GET['orders'] == 'yes' ? 'selected="selected"' : '') . ' value="yes">С заказами</option></select>
- <label><input type="checkbox" name="download" '.(empty($_GET['download']) ? '' :'checked="ckecked"') . '"/>Скачать</label></td>
- <td><input type="submit" name="go" value="показать"/></tr></table></form>';
- if (isset($_GET['go'])) {
- $where = array();
- $group = $orders = '';
- if (!empty($_GET['registr']))
- $where [] = 'u.`date` ' . $_GET['zreg'] . ' \'' . mysql_real_escape_string($_GET['registr']) . '\'';
- if(isset($_GET['orders'])) {
- if($_GET['orders'] == 'no'){
- $orders = 'LEFT JOIN `zakazi` as z ON z.id_user = u.id ';
- $where [] =' z.id IS NULL';
- }
- elseif($_GET['orders'] == 'yes'){
- $orders = 'INNER JOIN `zakazi` as z ON z.id_user = u.id ';
- $group = ' GROUP BY u.id';
- }
- }
- if ($where)
- $where = 'WHERE ' . implode(',', $where);
- else
- $where = '';
- $all_users = mysql_fetch_assoc(mysql_query("SELECT COUNT(u.`id`) AS `cnt` FROM `users` as u $orders $where $group"));
- $all_users = $all_users['cnt'];
- $main .= '<div>Найдено пользователей: <b>' . $all_users . '</b></div>';
- $select = array('u.`id`','CONCAT(u.`last_name`," ",u.`name`)','u.`mail`','u.city');
- if(isset($_GET['phone']))
- $select[] = 'u.`mobile_tel`,u.`mobile_tel2`';
- $r = mysql_query('SELECT '.implode(',',$select).' FROM `users` as u '.$orders.' '. $where.' '.$group);
- if(isset($_GET['download'])){
- set_include_path(get_include_path() . PATH_SEPARATOR . CLASSES);
- require_once CLASSES . '/Spreadsheet/Excel/Writer.php';
- $workbook = new Spreadsheet_Excel_Writer();
- $format = & $workbook->addFormat();
- $format->setBold();
- $worksheet = & $workbook->addWorksheet('1');
- $i = 0;
- while ($row = mysql_fetch_row($r)) {
- if(empty($row[0]))
- continue;
- if(isset($_GET['phone'])){
- if(empty($row[4]))
- unset($row[4]);
- if(empty($row[5]) || (!empty($row[4]) && $row[4] == $row[5]))
- unset($row[5]);
- }
- $worksheet->write($i, 0, $row[0]);
- $worksheet->write($i, 1, extra::UTF8toCP1251($row[1]));
- $worksheet->write($i, 2, extra::UTF8toCP1251($row[2]));
- $worksheet->write($i, 3, extra::UTF8toCP1251($row[3]));
- $worksheet->write($i, 4, $row[4]);
- if(!empty($row[5]))
- $worksheet->write($i, 5, $row[5]);
- $i++;
- }
- $catalog = "Пользователи.xls";
- $workbook->send(extra::UTF8toCP1251($catalog));
- $workbook->close();
- exit();
- }
- $main .= '<textarea cols=150 rows=30>';
- while ($row = mysql_fetch_row($r)) {
- if(empty($row[0]))
- continue;
- if(isset($_GET['phone'])){
- if(empty($row[4]))
- unset($row[4]);
- if(empty($row[5]) || (!empty($row[4]) && $row[4] == $row[5]))
- unset($row[5]);
- }
- $main .= implode(';',$row).PHP_EOL;
- }
- $main .= '</textarea>';
- }
- } elseif (isset($_GET['rights'])) {
- if (!empty($_POST['modules'])) {
- foreach ($_POST['modules'] as $idUser => $modules) {
- mysql_query('UPDATE `users` SET `modules` = "' . mysql_real_escape_string(serialize($modules)) . '" WHERE `id`= ' . (int) $idUser);
- }
- }
- $r = mysql_query('SELECT `id`,`mail`,`name`,`login`,`modules` FROM `users` WHERE `chown` = 9 OR `chown` = 6');
- $main .='<form action="" method="post"><table class="table_ff">
- <tr>
- <th>id</th>
- <th>Имя</th>
- <th>Email</th>
- <th style="width:400px;">Права</th>
- </tr>';
- $cfg = parse_ini_file(ROOT . DS . 'init.conf', true);
- $modules = array();
- foreach ($cfg['modules'] as $k => $v) {
- if ($v) {
- list($mod_title) = $this->controller($k, 'admin_panel');
- $modules[$k] = $mod_title;
- }
- }
- foreach ($cfg['old_modules'] as $k => $v)
- if ($v)
- $modules[$k] = $v;
- while ($row = mysql_fetch_assoc($r)) {
- $main .= '<tr ><td>' . $row['id'] . '</td><td>' . ($row['name'] ? $row['name'] : $row['login']) . '</td><td>' . $row['mail'] . '</td><td><select style="height:200px;" multiple="multiple" name="modules[' . $row['id'] . '][]">';
- $um = unserialize($row['modules']);
- foreach ($modules as $id => $v)
- $main .= '<option value="' . $id . '" ' . (in_array($id, $um) ? 'selected="selected"' : '') . '>' . $v . '</option>';
- $main .= '</select></td></tr>';
- }
- $main .='</table><input type="submit" value="Сохранить"/></form>';
- }elseif (isset($_GET['questions'])) {
- if(isset($_GET['export'])){
- $csv = '"Как вы оцениваете наши условия поставки оборудования?";"Комментарий";"Как вы оцениваете наши условия поставки фурнитуры?";"Комментарий";"Как вы оцениваете наши условия поставки тканей?";"Комментарий";';
- $csv .= '"Какого товара Вам не хватает в нашем ассортименте?";"Всё ли Вас устраивает в нашей работе? На что нам нужно обратить особое внимание?";"Комментарий";';
- $csv .= '"Как Вы оцениваете сайт Веллтекс?";"Комментарий";"Выберите не более трёх наиболее важных для Вас критериев, которыми Вы пользуетесь, при выборе швейного оборудования:";"Выберите не более трёх наиболее важных для Вас критериев, которыми Вы пользуетесь, при выборе швейного оборудования:";"Выберите не более трёх наиболее важных для Вас критериев, которыми Вы пользуетесь, при выборе швейного оборудования:";"Логин";';
- $csv .= '"Населённый пункт из юридического адреса";"Адрес из адреса доставки";"География ip";"Количество заказов в интернет-магазине";"Общая сумму всех его заказов";"Дата заполнения";"Время заполнения"';
- $csv .= "\r\n";
- $query = mysql_query("SELECT * FROM `questions` ORDER BY `id` ASC");
- while ($row = mysql_fetch_array($query)) {
- $equipment = explode(';',$row['equipment']);
- $furniture = explode(';',$row['furniture']);
- $fabric = explode(';',$row['fabric']);
- $quality = mb_substr($row['quality'],0,mb_strpos($row['quality'],'устраивает') + mb_strlen('устраивает'));
- $quality_comm = mb_substr($row['quality'],mb_strpos($row['quality'],'устраивает') + mb_strlen('устраивает'));
- $site = explode(';',$row['site']);
- $choice = explode(';',$row['choice']);
- $datetime = explode(' ',$row['datetime']);
- $csv .= '"'.$equipment[0].'";"'.$equipment[1].'";"'.$furniture[0].'";"'.$furniture[1].'";"'.$fabric[0].'";"'.$fabric[1].'";';
- $csv .= '"'.$row['produce'].'";"'.$quality.'";"'.$quality_comm.' ";"'.$site[0].'";"'.$site[1].'";';
- $csv .= '"'.$choice[0].'";"'.$choice[1].'";"'.$choice[2].'";"'.$row['login'].'";"'.$row['city'].'";"'.$row['address'].'";';
- $csv .= '"'.$row['ip'].'";"'.$row['orders'].'";"'.$row['summ'].'";"'.$datetime[0].'";"'.$datetime[1].'";';
- $csv .= "\r\n";
- }
- ob_end_clean();
- $csv = iconv("utf-8", "windows-1251",$csv);
- header("Content-type: application/vnd.ms-excel");
- header("Content-Length: " . strlen($csv));
- header("Content-Disposition: attachment; filename=result.csv");
- echo $csv;
- exit;
- }
- $all = mysql_fetch_assoc(mysql_query("SELECT COUNT(`id`) AS `cnt` FROM `questions`"));
- $all = $all['cnt'];
- $max_row = 30;
- $page_d = 1;
- if (isset($_GET['p_d'])) {
- $page_d = $_GET['p_d'];
- }
- if ($all > $max_row) {
- $main .= '<div style="padding:5px 0;">';
- $total_pages = ceil($all / $max_row);
- $pages_in_line = 10;
- $current_ceil = ceil(($page_d / 10) - 1);
- if ($page_d > 10)
- $main .= '<span class="pages_"><a target="_blank" href="/admin/user_manager/?questions&p_d=' . ($page_d - 10) . '"><< Назад</a></span> ... ';
- for ($i = $current_ceil * $pages_in_line; $i < $current_ceil * $pages_in_line + $pages_in_line; $i++) {
- if ($i == $total_pages)
- break;
- if ($page_d == ($i + 1))
- $main .= '<span class="pages_curent" style="margin: 0 4px;">' . ($i + 1) . '</span>';
- else
- $main .= '<span class="pages_" style="margin: 0 2px;"><a href="/admin/user_manager/?questions&p_d=' . ($i + 1) . '">' . ($i + 1) . '</a></span>';
- }
- if ($total_pages > $i)
- $main .= ' ... <span class="pages_"><a href="/admin/user_manager/?questions&p_d=' . ($i + 1) . '">Дальше >></a></span>';
- $main .= ' Всего страниц: <span class="pages_">' . $total_pages . '</span>';
- $main .= '</div>';
- }
- $s_page = $max_row * ($page_d - 1);
- $main .= '<div>Всего анкет: <b>' . $all . '</b> <a href="/admin/user_manager/?questions&export">Экспорт в xls</a></div>';
- $main .= '<table class="table_ff">';
- $main .= '<tr>
- <th>Дата</th>
- <th>Условия поставки</th>
- <th>Не хватает</th>
- <th>Обслуживание</th>
- <th>Персонал</th>
- <th>Сайт</th>
- <th>Критерии выбора</th>
- <th>ip</th>
- </tr>';
- $query = mysql_query("SELECT * FROM `questions` ORDER by `id` DESC LIMIT $s_page,$max_row");
- while ($row = mysql_fetch_array($query)) {
- $main .= '<tr class="hover">';
- $main .= '<td>'.$row['datetime'].'</td>';
- $main .= '<td>Оборудование - ' . $row['equipment'] . '<br/>Фурнитура - ' . $row['furniture'] . '<br/>Ткани - ' . $row['fabric'] . '</td>';
- $main .= '<td>' . $row['produce'] . '</td>';
- $main .= '<td>' . $row['quality'] . '</td>';
- $main .= '<td>' . $row['personal'] . '</td>';
- $main .= '<td>' . $row['site'] . '</td>';
- $main .= '<td>' . $row['choice'] . '</td>';
- $main .= '<td>' . $row['ip'] . '</td>';
- $main .= '</tr>';
- }
- $main .= '</table>';
- } elseif (isset($_GET['votes'])) {
- if(!empty($_GET['vote'])){
- $all = mysql_fetch_assoc(mysql_query("SELECT COUNT(`id`) AS `cnt` FROM `votes` WHERE `idItem` = '".mysql_real_escape_string($_GET['vote'])."'"));
- $all = $all['cnt'];
- $max_row = 30;
- $page_d = 1;
- if (isset($_GET['p_d'])) {
- $page_d = $_GET['p_d'];
- }
- if ($all > $max_row) {
- $main .= '<div style="padding:5px 0;">';
- $total_pages = ceil($all / $max_row);
- $pages_in_line = 10;
- $current_ceil = ceil(($page_d / 10) - 1);
- if ($page_d > 10)
- $main .= '<span class="pages_"><a target="_blank" href="/admin/user_manager/?votes&vote='.$_GET['vote'].'&p_d=' . ($page_d - 10) . '"><< Назад</a></span> ... ';
- for ($i = $current_ceil * $pages_in_line; $i < $current_ceil * $pages_in_line + $pages_in_line; $i++) {
- if ($i == $total_pages)
- break;
- if ($page_d == ($i + 1))
- $main .= '<span class="pages_curent" style="margin: 0 4px;">' . ($i + 1) . '</span>';
- else
- $main .= '<span class="pages_" style="margin: 0 2px;"><a href="/admin/user_manager/?votes&vote='.$_GET['vote'].'&p_d=' . ($i + 1) . '">' . ($i + 1) . '</a></span>';
- }
- if ($total_pages > $i)
- $main .= ' ... <span class="pages_"><a href="/admin/user_manager/?votes&vote='.$_GET['vote'].'&p_d=' . ($i + 1) . '">Дальше >></a></span>';
- $main .= ' Всего страниц: <span class="pages_">' . $total_pages . '</span>';
- $main .= '</div>';
- return;
- }
- $s_page = $max_row * ($page_d - 1);
- $main .= '<div>Всего проголосовало: <b>' . $all . '</b></a></div>';
- $main .= '<table class="table_ff">';
- $main .= '<tr>
- <th>Email</th>
- <th>Дата</th>
- </tr>';
- $query = mysql_query("SELECT v.time,u.mail,u.id FROM `votes` as v
- INNER JOIN `users` as u on u.id = v.idUser
- WHERE v.`idItem` = '".mysql_real_escape_string($_GET['vote'])."' ORDER BY v.time DESC LIMIT $s_page,$max_row");
- while ($row = mysql_fetch_array($query)) {
- $main .= '<tr class="hover">';
- $main .= '<td><a href="/admin/user_manager/?id='.$row['id'].'">'.$row['mail'].'</a></td>';
- $main .= '<td>'.$row['time'].'</td>';
- $main .= '</tr>';
- }
- $main .= '</table>';
- return;
- }
- $all = mysql_fetch_assoc(mysql_query("SELECT COUNT(`id`) AS `cnt` FROM `votes`"));
- $all = $all['cnt'];
- $max_row = 30;
- $page_d = 1;
- if (isset($_GET['p_d'])) {
- $page_d = $_GET['p_d'];
- }
- if ($all > $max_row) {
- $main .= '<div style="padding:5px 0;">';
- $total_pages = ceil($all / $max_row);
- $pages_in_line = 10;
- $current_ceil = ceil(($page_d / 10) - 1);
- if ($page_d > 10)
- $main .= '<span class="pages_"><a target="_blank" href="/admin/user_manager/?votes&p_d=' . ($page_d - 10) . '"><< Назад</a></span> ... ';
- for ($i = $current_ceil * $pages_in_line; $i < $current_ceil * $pages_in_line + $pages_in_line; $i++) {
- if ($i == $total_pages)
- break;
- if ($page_d == ($i + 1))
- $main .= '<span class="pages_curent" style="margin: 0 4px;">' . ($i + 1) . '</span>';
- else
- $main .= '<span class="pages_" style="margin: 0 2px;"><a href="/admin/user_manager/?votes&p_d=' . ($i + 1) . '">' . ($i + 1) . '</a></span>';
- }
- if ($total_pages > $i)
- $main .= ' ... <span class="pages_"><a href="/admin/user_manager/?votes&p_d=' . ($i + 1) . '">Дальше >></a></span>';
- $main .= ' Всего страниц: <span class="pages_">' . $total_pages . '</span>';
- $main .= '</div>';
- }
- $s_page = $max_row * ($page_d - 1);
- $main .= '<div>Всего проголосовало: <b>' . $all . '</b></a></div>';
- $main .= '<table class="table_ff">';
- $main .= '<tr>
- <th>Название</th>
- <th>Открытка</th>
- <th>Голосов</th>
- </tr>';
- $query = mysql_query("SELECT i.name,i.url,i.id_item,count(v.id) as `votes`,p.`ext_small_picture`,p.`ext_picture`,p.`ext_popup_picture`,p.`announce`,p.`description`
- FROM `items` as i
- LEFT JOIN `items_props` as p ON p.id_external = i.id_item
- LEFT JOIN `votes` as v on v.idItem = i.id_item
- WHERE i.`id_group_0` ='99887701353' AND i.id_item != '' AND i.id_item IS NOT NULL GROUP BY i.id_item ORDER BY `votes` DESC LIMIT $s_page,$max_row");
- while ($row = mysql_fetch_array($query)) {
- $main .= '<tr class="hover">';
- $main .= '<td><a href="/'.$row['url'].'">'.$row['name'].'</a></td>';
- $main .= '<td><img src="/produce/' . $row['ext_small_picture'] . '"/></td>';
- $main .= '<td><a href="/admin/user_manager/?votes&vote='.$row['id_item'].'">' . $row['votes'] . '</a></td>';
- $main .= '</tr>';
- }
- $main .= '</table>';
- }else {
- $all_users = mysql_fetch_assoc(mysql_query("SELECT COUNT(`id`) AS `cnt` FROM `users`"));
- $all_users = $all_users['cnt'];
- $max_row_users = 30;
- $page_d = 1;
- if (isset($_GET['p_d'])) {
- $page_d = $_GET['p_d'];
- }
- if ($all_users > $max_row_users) {
- $main .= '<div style="padding:5px 0;">';
- $total_pages = ceil($all_users / $max_row_users);
- $pages_in_line = 10;
- $current_ceil = ceil(($page_d / 10) - 1);
- if ($page_d > 10)
- $main .= '<span class="pages_"><a href="/admin/user_manager/&p_d=' . ($page_d - 10) . '"><< Назад</a></span> ... ';
- for ($i = $current_ceil * $pages_in_line; $i < $current_ceil * $pages_in_line + $pages_in_line; $i++) {
- if ($i == $total_pages)
- break;
- if ($page_d == ($i + 1))
- $main .= '<span class="pages_curent" style="margin: 0 4px;">' . ($i + 1) . '</span>';
- else
- $main .= '<span class="pages_" style="margin: 0 2px;"><a href="/admin/user_manager/&p_d=' . ($i + 1) . '">' . ($i + 1) . '</a></span>';
- }
- if ($total_pages > $i)
- $main .= ' ... <span class="pages_"><a href="/admin/user_manager/&p_d=' . ($i + 1) . '">Дальше >></a></span>';
- $main .= ' Всего страниц: <span class="pages_">' . $total_pages . '</span>';
- $main .= '</div>';
- }
- $s_page_users = $max_row_users * ($page_d - 1);
- $main .= '
- <script>
- $(".hover").bind("mouseenter",function(){
- $(this).css({"color":"#eeffdd", "background": "#79ba29"});
- }).bind("mouseleave",function(){
- $(this).css({"color":"", "background": ""});
- });
- </script>';
- $main .= '<div>Всего пользователей: <b>' . $all_users . '</b></div>';
- $main .= '<table class="table_ff">';
- $main .= '<tr><th style="width:30px;">id</th><th>Логин</th><th>Имя</th><th>Фамилия</th><th>Телефон</th><th>Mail</th><th>Дата регистрации</th><th style="width:20px">Права</th><th style="width:70px;">Действия</th></tr>';
- $query = mysql_query("SELECT * FROM `users` ORDER by `id` DESC LIMIT $s_page_users,$max_row_users");
- while ($row = mysql_fetch_array($query)) {
- $user_icon = '<img src="' . $icon_dir . 'user_off.png" />';
- if ($row['power'] == "1")
- $user_icon = '<img src="' . $icon_dir . 'user_on.png" />';
- $row['tel'] = str_replace(",", ",<br />", $row['tel']);
- $js_event = 'onclick="open_user(' . $row['id'] . ');"';
- $main .= '<tr class="hover">';
- $main .= '<td ' . $js_event . '>' . $row['id'] . '</td>';
- $main .= '<td ' . $js_event . '>' . $row['login'] . '</td>';
- $main .= '<td ' . $js_event . '>' . $row['name'] . '</td>';
- $main .= '<td ' . $js_event . '>' . $row['last_name'] . '</td>';
- $main .= '<td style="width:110px;" ' . $js_event . '>' . $row['tel'] . '</td>';
- $main .= '<td ' . $js_event . '>' . $row['mail'] . '</td>';
- $main .= '<td ' . $js_event . '>' . $row['date'] . '</td>';
- $main .= '<td style="width:20px" ' . $js_event . '>' . $row['chown'] . '</td>';
- $main .= '<td class="center"><a href="/admin/user_manager/&id=' . $row['id'] . '" title="Редактировать"><img src="' . $icon_dir . 'edit.png"></a> <a onclick="power_user(\'' . $row['id'] . '\',\'' . $row['power'] . '\');" title="вкл/выкл">' . $user_icon . '</a> <a onclick="delete_user(\'' . $row['id'] . '\',\'' . $row['login'] . '\')"><img src="' . $icon_dir . '/delete.png" title="Удалить" /></a></td>';
- $main .= '</tr>';
- }
- $main .= '</table>';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement