Я использую шаблон Smarty для запуска своего внешнего и внутреннего интерфейса моего веб-сайта, серверная часть за последние несколько недель начала выводить меня из системы, когда я сохраняю новый контент, просто интересно, есть ли способ принудительно оставаться в сеансе ? Ниже приведен мой серверный код.
<?php
require_once('includes/init.php');
$Register = Library::loadLibrary('Register');
$Users = Library::loadLibrary('Users');
$Listings = Library::loadLibrary('Listings');
$Categories = Library::loadLibrary('Categories');
Library::requireLibrary('Pagination');
Library::requireLibrary('wrapper/SuperglobalWrapper');
require_once(FILESYSTEM_PATH.
'includes/classes/kernel/Private.php');
$Private = new PrivateMessage();
if ($_SESSION['admin_users'] != "Y") {
$class_tpl - > assign('body', 'notallowed.tpl');
$class_tpl - > displayTemplate();
die();
}
// they have selected to change the status
if (isset($_POST['act']) && $_POST['act'] == "changestatus") {
$newstatus = $_POST["newstatus"];
foreach($_POST['userid'] as $key) {
if ($newstatus == 'Ban') {
$Users - > banUser($key);
}
elseif($newstatus == 'Delete') {
$Users - > deleteUser($key);
}
}
}
if (isset($_POST['action']) && $_POST['action'] == "add") {
//the form has been submitted so lets validate it and update the info
$modules - > call_hook('admin_users_add', ''); // Call any module functions
$password = trim($_POST['password']);
$passwordconfirm = trim($_POST['passwordconfirm']);
// Build an array from the submitted form values
$submitVars = array();
$submitVars['username'] = Filter::no_html($_POST['username']);
$submitVars['password'] = trim($_POST['password']);
$submitVars['email'] = Filter::no_html($_POST['email']);
$submitVars['firstname'] = Filter::no_html($_POST['firstname']);
$submitVars['lastname'] = Filter::no_html($_POST['lastname']);
$submitVars['address'] = Filter::no_html($_POST['address']);
$submitVars['city'] = Filter::no_html($_POST['city']);
$submitVars['state'] = Filter::no_html($_POST['state']);
$submitVars['zip'] = Filter::no_html($_POST['zip']);
$submitVars['country'] = Filter::no_html($_POST['country']);
$submitVars['email'] = Filter::no_html($_POST['email']);
$submitVars['phone'] = Filter::no_html($_POST['phone']);
$submitVars['b_same'] = isset($_POST['b_same']) ? 'Y' : 'N';
$submitVars['b_firstname'] = ($submitVars['b_same'] == 'Y') ? $submitVars['firstname'] : Filter::no_html($_POST['b_firstname']);
$submitVars['b_lastname'] = ($submitVars['b_same'] == 'Y') ? $submitVars['lastname'] : Filter::no_html($_POST['b_lastname']);
$submitVars['b_address'] = ($submitVars['b_same'] == 'Y') ? $submitVars['address'] : Filter::no_html($_POST['b_address']);
$submitVars['b_city'] = ($submitVars['b_same'] == 'Y') ? $submitVars['city'] : Filter::no_html($_POST['b_city']);
$submitVars['b_state'] = ($submitVars['b_same'] == 'Y') ? $submitVars['state'] : Filter::no_html($_POST['b_state']);
$submitVars['b_zip'] = ($submitVars['b_same'] == 'Y') ? $submitVars['zip'] : Filter::no_html($_POST['b_zip']);
$submitVars['b_country'] = ($submitVars['b_same'] == 'Y') ? $submitVars['country'] : Filter::no_html($_POST['b_country']);
$submitVars['b_phone'] = ($submitVars['b_same'] == 'Y') ? $submitVars['phone'] : Filter::no_html($_POST['b_phone']);
$submitVars['newsletter'] = 'N';
if (isset($_POST['newsletter'])) {
$submitVars['newsletter'] = Filter::equals($_POST['newsletter'], 'Y', 'N');
}
$submitVars['extra'] = isset($_POST['extra']) ? Filter::no_html($_POST['extra']) : '';
$submitVars['extra2'] = isset($_POST['extra2']) ? Filter::no_html($_POST['extra2']) : '';
$submitVars['extra3'] = isset($_POST['extra3']) ? Filter::no_html($_POST['extra3']) : '';
$submitVars['level'] = (int) $_POST['level'];
$submitVars['adminCapabilities'] = isset($_POST['adminCapabilities']) ? $_POST['adminCapabilities'] : '';
$location = "users.php";
$class_tpl - > assign('forward', FALSE);
switch ($Register - > createSignup($submitVars)) {
case 4:
$title = LANG_FORWARD_ERROR;
$msg = LANG_USER_BLACKLISTED;
break;
case 3:
$title = LANG_FORWARD_ERROR;
$msg = LANG_ALREADY_REGISTERED;
break;
case 1:
$title = LANG_FORWARD_SUCESS;
$class_tpl - > assign('forward', TRUE);
break;
default:
$title = LANG_FORWARD_ERROR;
}
$class_tpl - > assign('title', $title);
$class_tpl - > assign('location', $location);
$class_tpl - > assign('msg', $msg);
$class_tpl - > assign('body', 'forward.tpl');
}
elseif(isset($_POST['action']) && $_POST['action'] == "modify" && @$_POST['member'] != "") {
//the form has been submitted so lets validate it and update the info
$modules - > call_hook('admin_users_modify', ''); // Call any module functions
$password = trim(@$_POST['password']);
$passwordconfirm = trim($_POST['passwordconfirm']);
$user_group = (int) $_POST['level'];
$user_id = (int) $_POST['member'];
if ($user_group > 1) {
$sql = 'SELECT level from '.PREFIX.
'users WHERE id = '.Filter::mysql_quote($user_id);
$result = $db - > query($sql);
if ($result - > num_rows() > 0) {
$rs = $result - > fetch();
if ($rs['level'] == 1) {
if (defined('ADMIN_DEMO_MODE')) {
$_POST['level'] = 1;
$user_group = 1;
$_POST['password'] = '';
$_POST['passwordconfirm'] = '';
}
$sql = 'SELECT COUNT(*) as total from '.PREFIX.
'users WHERE level = 1';
$result = $db - > query($sql);
$row = $result - > fetch();
if ($row['total'] == 1) {
die('You can not change the group of the only administrator');
}
}
}
}
$submitVars = array();
$submitVars['username'] = Filter::no_html($_POST['username']);
$submitVars['password'] = trim($_POST['password']);
$submitVars['email'] = Filter::no_html($_POST['email']);
$submitVars['firstname'] = Filter::no_html($_POST['firstname']);
$submitVars['lastname'] = Filter::no_html($_POST['lastname']);
$submitVars['address'] = Filter::no_html($_POST['address']);
$submitVars['city'] = Filter::no_html($_POST['city']);
$submitVars['state'] = Filter::no_html($_POST['state']);
$submitVars['zip'] = Filter::no_html($_POST['zip']);
$submitVars['country'] = Filter::no_html($_POST['country']);
$submitVars['email'] = Filter::no_html($_POST['email']);
$submitVars['phone'] = Filter::no_html($_POST['phone']);
$submitVars['b_same'] = isset($_POST['b_same']) ? 'Y' : 'N';
$submitVars['b_firstname'] = ($submitVars['b_same'] == 'Y') ? $submitVars['firstname'] : Filter::no_html($_POST['b_firstname']);
$submitVars['b_lastname'] = ($submitVars['b_same'] == 'Y') ? $submitVars['lastname'] : Filter::no_html($_POST['b_lastname']);
$submitVars['b_address'] = ($submitVars['b_same'] == 'Y') ? $submitVars['address'] : Filter::no_html($_POST['b_address']);
$submitVars['b_city'] = ($submitVars['b_same'] == 'Y') ? $submitVars['city'] : Filter::no_html($_POST['b_city']);
$submitVars['b_state'] = ($submitVars['b_same'] == 'Y') ? $submitVars['state'] : Filter::no_html($_POST['b_state']);
$submitVars['b_zip'] = ($submitVars['b_same'] == 'Y') ? $submitVars['zip'] : Filter::no_html($_POST['b_zip']);
$submitVars['b_country'] = ($submitVars['b_same'] == 'Y') ? $submitVars['country'] : Filter::no_html($_POST['b_country']);
$submitVars['b_phone'] = ($submitVars['b_same'] == 'Y') ? $submitVars['phone'] : Filter::no_html($_POST['b_phone']);
$submitVars['newsletter'] = 'N';
if (isset($_POST['newsletter'])) {
$submitVars['newsletter'] = Filter::equals($_POST['newsletter'], 'Y', 'N');
}
$submitVars['extra'] = isset($_POST['extra']) ? Filter::no_html($_POST['extra']) : '';
$submitVars['extra2'] = isset($_POST['extra2']) ? Filter::no_html($_POST['extra2']) : '';
$submitVars['extra3'] = isset($_POST['extra3']) ? Filter::no_html($_POST['extra3']) : '';
$submitVars['level'] = (int) $_POST['level'];
$submitVars['id'] = (int) $_POST['member'];
$submitVars['notes'] = isset($_POST['notes']) ? Filter::no_html($_POST['notes']) : '';
$submitVars['adminCapabilities'] = isset($_POST['adminCapabilities']) ? $_POST['adminCapabilities'] : '';
if ($Register - > modifySignup($submitVars)) {
//sucess
$location = "users.php?view=".(int) $_POST['member'];
$class_tpl - > assign('title', LANG_FORWARD_SUCESS);
$class_tpl - > assign('forward', TRUE);
$class_tpl - > assign('location', $location);
$class_tpl - > assign('body', 'forward.tpl');
} else {
//no sucess
$location = "users.php?uid=".$member;
$class_tpl - > assign('title', LANG_FORWARD_ERROR);
$class_tpl - > assign('forward', FALSE);
$class_tpl - > assign('location', $location);
$class_tpl - > assign('body', 'forward.tpl');
}
}
elseif(isset($_GET['view'])) {
$pageNum = 1;
if (isset($_GET['page'])) {
$pageNum = (int) $_GET['page'];
}
$Users - > getUser($_GET['view']);
$Users - > getUserNotes($_GET['view']);
$options = array('owner' => $_GET['view']);
$list = $Listings - > getAllListings($options, $pageNum, 9999);
$class_tpl - > assign('results', $list["list"]);
$class_tpl - > assign('userlevels', $Users - > getUserGroupsList());
$class_tpl - > assign('showstates', $Users - > getStates());
$class_tpl - > assign('showcountries', $Users - > getCountries());
$class_tpl - > assign('numberoflistings', $Listings - > countByUser($_GET['view']));
$Register - > createJavascriptValidation();
$class_tpl - > assign('body', 'users/users_info.tpl');
$modules - > call_hook('admin_users_view', ''); // Call any module functions
}
elseif(isset($_GET['action']) && $_GET['action'] == "add") {
$class_tpl - > assign('userlevels', $Users - > getUserGroupsList());
$class_tpl - > assign('showstates', $Users - > getStates());
$class_tpl - > assign('showcountries', $Users - > getCountries());
$Register - > createJavascriptValidation();
$class_tpl - > assign('body', 'users/users_add.tpl');
}
elseif(isset($_GET['action']) && $_GET['action'] == "csv") {
$pageNum = 1;
$list = $Users - > getAllUsers($options, $pageNum, TRUE);
}
else {
$pageNum = 1;
if (isset($_GET['page'])) {
$pageNum = (int) $_GET['page'];
}
//$options = array('l_UID' => 1);
$options = '';
$list = $Users - > getAllUsers($options, $pageNum, true);
$class_tpl - > assign('results', $list["list"]);
$class_tpl - > assign('sqlsort', $list["info"]["sqlsort"]);
$class_tpl - > assign('sortorder', $list["info"]["sortorder"]);
$class_tpl - > assign('oppositesort', $list["info"]["oppositesort"]);
$sSQL = "SELECT uGroupID,uTitle FROM ".PREFIX.
"user_groups ORDER BY uGroupID";
$result = $db - > query($sSQL);
$data = array();
while ($rs = $result - > fetch()) {
$rs['uTitle'] = Filter::special_chars($rs['uTitle']);
switch ($rs['uGroupID']) {
case "1":
$rs['image'] = 'flag_blue.png';
break;
case "2":
$rs['image'] = 'flag_green.png';
break;
case 3:
$rs['image'] = 'flag_orange.png';
break;
case 4:
$rs['image'] = 'flag_red.png';
break;
case 5:
$rs['image'] = 'flag_yellow.png';
break;
default:
$rs['image'] = 'flag_purple.png';
}
$data[] = $rs;
}
$class_tpl - > assign('group', $data);
$class_tpl - > assign('body', 'users/users_browse.tpl');
}
$class_tpl - > displayTemplate();
Я могу изменить другие области моего внутреннего администратора, только не указанный файл c user. php, есть ли способ остановить его, выводя меня из системы каждый раз Я пытаюсь сохранить / изменить новый контент? Спасибо Джейсон