<?php
if(!defined('IN_DZZ')) {
exit('Access Denied');
}
require_once libfile('function/mail');
$navtitle = lang('user_import').' - '.lang('appname');
if($_G['adminid']!=1) showmessage('orguser_import_user',dreferer());
require_once libfile('function/organization');
$do=trim($_GET['do']);
if($do=='importing'){
require_once libfile('function/user','','user');
$email=trim($_GET['email']);
$_GET['username']=addslashes(trim(stripslashes(trim($_GET['username']))));
$_GET['username']=str_replace('...','',getstr($_GET['username'],30));
$_GET['password']=empty($_GET['password'])?trim($_GET['pswdefault']):trim($_GET['password']);
$_GET['weixinid']=addslashes(trim(stripslashes(trim($_GET['weixinid']))));
$_GET['mobile']=addslashes(trim(stripslashes(trim($_GET['mobile']))));
if(empty($email) || empty($_GET['username'])) exit(json_encode(array('error'=>lang('name_email_empty'))));
if(!isemail($email)) exit(json_encode(array('error'=>'email'.lang('format_error'))));
$isappend=intval($_GET['append']);
$exist=0;
if(($user=C::t('user')->fetch_by_email($email)) || ($user=C::t('user')->fetch_by_username($_GET['username']))) $uid=$user['uid'];
$exist=1;
if($isfounder=C::t('user')->checkfounder($user)) $isappend=1 if($isappend) $sitename=$_G['setting']['sitename'];
$appendfield=array();
if($_GET['mobile'] && empty($user['phone'])){
if(!preg_match("/^\d+$/",$_GET['mobile'])){
exit(json_encode(array('error'=>lang('phone_number_illegal'))));
}
if(C::t('user')->fetch_by_phone($_GET['mobile']) ) {
exit(json_encode(array('error'=>lang('user_phone_exist'))));
}
$appendfield['phone']=$_GET['mobile'];
}
if($_GET['weixinid'] && empty($user['weixinid'])){
if(!preg_match("/^[a-zA-Z\d_]{5,}$/i",$_GET['weixinid'])){
exit(json_encode(array('error'=>lang('weixin_illegal'))));
}
if(C::t('user')->fetch_by_weixinid($_GET['weixinid']) ) {
exit(json_encode(array('error'=>lang('weixin_exist'))));
}
$appendfield['weixinid']=$_GET['weixinid'];
}
if($appendfield) C::t('user')->update($uid,$appendfield);
}else{ $sitename=$_G['setting']['sitename'];
$salt=substr(uniqid(rand()), -6);
if(!check_username($_GET['username'])) exit(json_encode(array('error'=>lang('user_name_sensitive'))));
$setarr=array('username'=>$_GET['username'],
'password'=>md5(md5($_GET['password']).$salt),
'salt'=>$salt
);
if($_GET['mobile'] && $_GET['mobile']!=$user['phone']){
if(!preg_match("/^\d+$/",$_GET['mobile'])){
exit(json_encode(array('error'=>lang('phone_number_illegal'))));
}
if(C::t('user')->fetch_by_phone($_GET['mobile']) ) {
exit(json_encode(array('error'=>lang('user_phone_exist'))));
}
$setarr['phone']=$_GET['mobile'];
}
if($_GET['weixinid'] && $_GET['weixinid']!=$user['weixinid']){
if(!preg_match("/^[a-zA-Z\d_]{5,}$/i",$_GET['weixinid'])){
exit(json_encode(array('error'=>lang('weixin_illegal'))));
}
if(C::t('user')->fetch_by_weixinid($_GET['weixinid']) ) {
exit(json_encode(array('error'=>lang('weixin_exist'))));
}
$setarr['weixinid']=$_GET['weixinid'];
}
C::t('user')->update($uid,$setarr);
if($sendmail){ $email_password_message = <<<EOT
<p style="font-size:14px;color:#333; line-height:24px; margin:0;">尊敬的用户$member[username],您好!</p>
<p style="line-height: 24px; margin: 6px 0px 0px; overflow-wrap: break-word; word-break: break-all;"><span style="color: rgb(51, 51, 51); font-size: 14px;">您收到这封邮件,是由于 $sitename 的管理员编辑成员信息时使用了这个邮箱地址。如果您不知道 $sitename 请忽略这封邮件。您不需要退订或进行其他进一步的操作。</span></p>
<p style="line-height: 24px; margin: 6px 0px 0px; overflow-wrap: break-word; word-break: break-all;"><span style="color: rgb(51, 51, 51); font-size: 14px;font-weight:bold;">登录帐号和密码</span></p>
<p style="line-height: 24px; margin: 6px 0px 0px; overflow-wrap: break-word; word-break: break-all;"><span style="color: rgb(51, 51, 51); font-size: 12px;">登录帐号:$email</span></p>
<p style="line-height: 24px; margin: 6px 0px 0px; overflow-wrap: break-word; word-break: break-all;"><span style="color: rgb(51, 51, 51); font-size: 14px;">登录密码:$_GET[password]</span></p>
<p style="line-height: 24px; margin: 6px 0px 0px; overflow-wrap: break-word; word-break: break-all;"><span style="color: rgb(51, 51, 51); font-size: 14px;">感谢您的访问,祝您使用愉快!</span></p>
EOT;
if(!sendmail_cron("$_GET[username] <$email>", lang('email_password_subject'), $email_password_message)) {
runlog('sendmail', "$email 发送失败");
}
}
}
}else{ if(!check_username($_GET['username'])) exit(json_encode(array('error'=>lang('user_name_sensitive'))));
$user=uc_add_user($_GET['username'], $_GET['password'], $email);
$uid=$user['uid'];
if($uid<1) exit(json_encode(array('error'=>lang('import_failure'))));
$base = array(
'uid' => $uid,
'adminid' => 0,
'groupid' =>9,
'regdate' => TIMESTAMP,
'emailstatus' => 1,
);
if($_GET['mobile']){
if(!preg_match("/^\d+$/",$_GET['mobile'])){
}elseif(C::t('user')->fetch_by_phone($_GET['mobile']) ) {
}else{
$base['phone']=$_GET['mobile'];
}
}
if($_GET['weixinid']){
if(!preg_match("/^[a-zA-Z\d_]{5,}$/i",$_GET['weixinid'])){
}elseif(C::t('user')->fetch_by_weixinid($_GET['weixinid'])) {
}else{
$base['weixinid']=$_GET['weixinid'];
}
}
$sitename=$_G['setting']['sitename'];
C::t('user')->update($uid,$base);
if($sendmail){ $email_password_message = <<<EOT
<p style="font-size:14px;color:#333; line-height:24px; margin:0;">尊敬的用户$member[username],您好!</p>
<p style="line-height: 24px; margin: 6px 0px 0px; overflow-wrap: break-word; word-break: break-all;"><span style="color: rgb(51, 51, 51); font-size: 14px;">您收到这封邮件,是由于 $sitename 的管理员添加成员时使用了这个邮箱地址。如果您不知道 $sitename 请忽略这封邮件。您不需要退订或进行其他进一步的操作。</span></p>
<p style="line-height: 24px; margin: 6px 0px 0px; overflow-wrap: break-word; word-break: break-all;"><span style="color: rgb(51, 51, 51); font-size: 14px;font-weight:bold;">登录帐号和密码</span></p>
<p style="line-height: 24px; margin: 6px 0px 0px; overflow-wrap: break-word; word-break: break-all;"><span style="color: rgb(51, 51, 51); font-size: 12px;">登录帐号:$email</span></p>
<p style="line-height: 24px; margin: 6px 0px 0px; overflow-wrap: break-word; word-break: break-all;"><span style="color: rgb(51, 51, 51); font-size: 14px;">登录密码:$_GET[password]</span></p>
<p style="line-height: 24px; margin: 6px 0px 0px; overflow-wrap: break-word; word-break: break-all;"><span style="color: rgb(51, 51, 51); font-size: 14px;">感谢您的访问,祝您使用愉快!</span></p>
EOT;
if(!sendmail_cron("$_GET[username] <$email>", lang('email_password_subject'), $email_password_message)) {
runlog('sendmail', "$email 发送失败");
}
}
}
$_GET['gender']=trim($_GET['gender']);
$_GET['birth']=trim($_GET['birth']);
$_GET['telephone']=trim($_GET['telephone']);
if($exist && $isappend){ $oldprofile=C::t('user_profile')->fetch($uid);
$profile=array();
if(!empty($_GET['birth']) && empty($oldprofile['birthyear'])){
$birth=strtotime($_GET['birth']);
if($birth<TIMESTAMP && $birth>0){
$arr=getdate($birth);
$profile['birthyear']=$arr['year'];
$profile['birthmonth']=$arr['mon'];
$profile['birthday']=$arr['mday'];
}
}
if(!empty($_GET['gender']) && empty($oldprofile['gender'])){
if($_GET['gender']==lang('man')) $profile['gender']=1;
elseif($_GET['gender']==lang('woman')) $profile['gender']=2;
else $profile['gender']=0;
}
if(!empty($_GET['telephone']) && empty($oldprofile['telephone'])){
$profile['telephone']=$_GET['telephone'];
}
foreach($_GET as $key=>$value){
if(!empty($_GET[$key]) && empty($oldprofile[$key])){
if(checkprofile($key,$value)) $profile[$key]=$value;
}
}
if($profile){
$profile['uid']=$uid;
C::t('user_profile')->insert($profile);
}
}else{
$profile=array();
if(!empty($_GET['birth'])){
$birth=strtotime(trim($_GET['birth']));
if($birth<TIMESTAMP && $birth>0){
$arr=getdate($birth);
$profile['birthyear']=$arr['year'];
$profile['birthmonth']=$arr['mon'];
$profile['birthday']=$arr['mday'];
}
}
if(!empty($_GET['gender'])){
if($_GET['gender']==lang('man')) $profile['gender']=1;
elseif($_GET['gender']==lang('woman')) $profile['gender']=2;
else $profile['gender']=0;
}
if(!empty($_GET['telephone'])){
$profile['telephone']=$_GET['telephone'];
}
foreach($_GET as $key=>$value){
if(checkprofile($key,$value)) $profile[$key]=$value;
}
$profile['uid']=$uid;
C::t('user_profile')->insert($profile);
$status = array(
'uid' => $uid,
'regip' => '',
'lastip' => '',
'lastvisit' => '',
'lastactivity' => '',
'lastsendmail' => 0
);
C::t('user_status')->insert($status, false, true);
}
$orgid=intval($_GET['orgid']);
$_GET['orgname']=!empty($_GET['orgname'])?explode('/',$_GET['orgname']):array();
$_GET['job']=!empty($_GET['job'])?explode('/',$_GET['job']):array();
foreach($_GET['orgname'] as $key => $orgname){
if(empty($orgname)) continue;
if($porgid=DB::result_first("select orgid from %t where forgid=%d and orgname=%s",array('organization',$orgid,$orgname))){
$orgid=$porgid;
}else{
$setarr=array('forgid'=>$orgid,
'orgname'=>$orgname,
'fid'=>0,
'disp'=>100,
'indesk'=>0,
'dateline'=>TIMESTAMP,
);
if($porgid=C::t('organization')->insert_by_orgid($setarr)){
$orgid=$porgid;
}
}
}
if($isappend) C::t('organization_user')->insert_by_orgid($orgid,$uid);
}else{
C::t('organization_user')->delete_by_uid($uid,0);
C::t('organization_user')->insert_by_orgid($orgid,$uid);
}
if($orgid){
foreach($_GET['job'] as $key =>$jobname){ $jobid=0;
if($pjobid=DB::result_first("select jobid from %t where orgid=%d and name=%s",array('organization_job',$orgid,$jobname))){
$jobid=$pjobid;
}else{
$setarr=array('orgid'=>$orgid,
'name'=>$_GET['job'][$key],
'dateline'=>TIMESTAMP,
'opuid'=>$_G['uid']
);
if($pjobid=C::t('organization_job')->insert($setarr,1)){
$jobid=$pjobid;
}
}
if($jobid){
if($isappend) if(!DB::result_first("select COUNT(*) from %t where uid=%d and orgid=%d and jobid>0 ",array('organization_user',$uid,$orgid))){
DB::update('organization_user',array('jobid'=>$jobid),"uid='{$uid}' and orgid='{$orgid}'");
}
}else DB::update('organization_user',array('jobid'=>$jobid),"uid='{$uid}' and orgid='{$orgid}'");
}
}
}
}
exit(json_encode(array('msg'=>'success')));
}elseif($do=='list'){
require_once DZZ_ROOT.'./core/class/class_PHPExcel.php';
$inputFileName = $_G['setting']['attachdir'].$_GET['file'];
if(!is_file($inputFileName)){
showmessage('orguser_import_user_table',MOD_URL.'&op=import');
}
$inputFileType = PHPExcel_IOFactory::identify($inputFileName);
$objReader = PHPExcel_IOFactory::createReader($inputFileType);
$objPHPExcel = $objReader->load($inputFileName);
$sheetData = $objPHPExcel->getActiveSheet()->toArray(null,true,true,true);
$h0=array('username'=>lang('compellation'),'email'=>lang('email'),'nickname'=>lang('username'),'birth'=>lang('date_birth'),'gender'=>lang('gender'),'mobile'=>lang('cellphone'),'weixinid'=>lang('weixin'),'orgname'=>lang('category_department'),'job'=>lang('department_position'),'password'=>lang('user_login_password'));
$h1=getProfileForImport();
$h0=array_merge($h0,$h1);
$h=array();
foreach($sheetData[1] as $key =>$value){
$value=trim($value);
foreach($h0 as $fieldid=>$title){
if($title==$value){
$h[$key]=$fieldid;
break;
}
}
}
if(!in_array('username',$h)){
showmessage('lack_required_fields_name');
}elseif(!in_array('email',$h) && !in_array('username',$h)){
showmessage('lack_required_fields_name_email');
}
if(!in_array('email',$h)){
$h=array_merge(array('_'=>'email'),$h);
}
$list=array();
foreach($sheetData as $key=> $value){
if($key<=1) continue;
$temp=array();
foreach($value as $col =>$val){
if(trim($val)=='') continue;
if($h[$col]=='orgname'){
$temp[$h[$col]][]=$val;
}elseif($h[$col]=='job'){
$temp[$h[$col]][]=$val;
}elseif($key1=='birth'){
$arr=explode('-',$value[$value1]);
if(count($arr)==3){
$temp[$key1]=dgmdate(strtotime($arr[2].'-'.$arr[0].'-'.$arr[1]),'Y-m-d');
}else{
$temp[$key1]=$val;
}
}else{
if($h[$col]) $temp[$h[$col]]=$val;
}
}
if(empty($temp['email'])) $temp['email']=random(10,true).'@163.com';
if(isset($list[$temp['email']])){
foreach($h as $key1 => $value1){
if(!empty($temp[$key1])){
$list[$temp['email']][$key1]=$temp[$key1];
}
}
}else{
if($temp) $list[$temp['email']]=$temp;
}
}
$h=array_unique($h);
$orgpath=C::t('organization')->getPathByOrgid($orgid);
if(empty($orgpath)) $orgpath=lang('choose_import_agency_department');
$open=array();
$patharr=getPathByOrgid($orgid);
$arr=(array_keys($patharr));
array_pop($arr);
$count=count($arr);
if($open[$arr[$count-1]]){
if(count($open[$arr[$count-1]])>$count) $open[$arr[count($arr)-1]]=$arr;
}else{
$open[$arr[$count-1]]=$arr;
}
$openarr=json_encode(array('orgid'=>$open));
include template('import_list');
}else{
if(submitcheck('importfilesubmit')){
if($_FILES['importfile']['tmp_name']){
$allowext=array('xls','xlsx');
$ext=strtolower(substr(strrchr($_FILES['importfile']['name'], '.'), 1, 10));
if(!in_array($ext,$allowext)) showmessage('orguser_import_xls_xlsx',dreferer());
if($file=uploadtolocal($_FILES['importfile'],'cache','',array('xls','xlsx'))){
$url=outputurl($_G['siteurl'].MOD_URL.'&op=import&do=list&file='.urlencode($file));
@header("Location: $url");
exit();
showmessage('orguser_import_user_message',outputurl($_G['siteurl'].MOD_URL.'&op=import&do=list&file='.urlencode($file)));
}else{
showmessage('orguser_import_tautology',dreferer());
}
}else{
showmessage('orguser_import_user_message_table',dreferer());
}
}else{
include template('import_guide');
}
}
function checkprofile($fieldid,&$value){
global $_G;
if(empty($_G['cache']['profilesetting'])) {
loadcache('profilesetting');
}
$field = $_G['cache']['profilesetting'][$fieldid];
if(empty($field) || in_array($fieldid, array('department','realname','gender','birthyear','birthmonth','birthday','birth','constellation','zodiac','email','nickname','password','orgname','job','username'))) {
return false;
}
if($field['choices']) {
$field['choices'] = explode("\n", $field['choices']);
}
if($field['formtype'] == 'text' || $field['formtype'] == 'textarea') {
$value = getstr($value);
if($field['size'] && strlen($value) > $field['size']) {
return false;
} else {
$field['validate'] = !empty($field['validate']) ? $field['validate'] : ($_G['profilevalidate'][$fieldid] ? $_G['profilevalidate'][$fieldid] : '');
if($field['validate'] && !preg_match($field['validate'], $value)) {
return false;
}
}
} elseif($field['formtype'] == 'checkbox' || $field['formtype'] == 'list') {
$arr = array();
$value=explode('\n',$value);
foreach ($value as $op) {
if(in_array(trim($op), trim($field['choices']))) {
$arr[] = trim($op);
}
}
$value = implode("\n", $arr);
if($field['size'] && count($arr) > $field['size']) {
return false;
}
} elseif($field['formtype'] == 'radio' || $field['formtype'] == 'select') {
if(!in_array($value, $field['choices'])){
return false;
}
}
return true;
}
function getProfileForImport(){
global $_G;
if(empty($_G['cache']['profilesetting'])) {
loadcache('profilesetting');
}
$profilesetting=$_G['cache']['profilesetting'];
$ret=array();
foreach($profilesetting as $key=> $value){
if(in_array($key,array('department','realname','gender','birthyear','birthmonth','birthday','constellation','zodiac'))) continue;
elseif($value['formtype']=='file') continue;
elseif($value['formtype']=='select' || $value['formtype']=='radio'){
$ret[$key]=$value['title'];
}elseif( $value['formtype']=='checkbox'){
$ret[$key]=$value['title'];
}else{
$ret[$key]=$value['title'];
}
}
return $ret;
}
?>