function do_edit_save($aid, $params)
{
$pid = cf\api\admin\doAction($aid, $params);
if (array_key_exists('id', $params)) {
$pid = $params['id'];
}
//update categories
$pos = cf\query2arrays('SELECT group_id,sort_order FROM cf_products_in_groups WHERE product_id=:id', array('id' => $pid), false, 'group_id');
cf\execQuery('DELETE FROM cf_products_in_groups WHERE product_id=:id', array('id' => $pid));
$categories = cf\param::exist('category') ? cf\param::get('category') : array();
$q = cf\createQuery('INSERT INTO cf_products_in_groups (group_id,product_id,sort_order) VALUES(:groupId,:productId,:sortOrder)', array('productId' => $pid));
foreach ($categories as $catId) {
$q->setParam('groupId', $catId);
$q->setParam('sortOrder', array_key_exists($catId, $pos) ? $pos[$catId]['sort_order'] : 500);
$q->execute();
}
//update attributes
if (cf\param::exist('attributes')) {
$attrValues = cf\param::get('attributes');
$attributes = new cf\ProductAttributes($pid, true);
foreach ($attributes as $attr) {
if (array_key_exists($attr->id(), $attrValues)) {
$attr->setValue($attrValues[$attr->id()]);
}
}
$product = new cf\Product($pid);
$product->setAttributes($attributes);
}
}
function do_edit_save($aid, $params)
{
$uid = false;
if (array_key_exists('id', $params)) {
$uid = $params['id'];
$pass = trim($params['password']);
unset($params['password']);
cf\api\admin\doAction($aid, $params);
if ($pass) {
cf\User::setPassword($uid, $pass);
}
} else {
$uid = cf\User::register($params['login'], $params['password'], $params['name'], $params['email'], $params['descr']);
}
if (cf\param::exist('roles')) {
$roles = array_keys(cf\param::get('roles'));
cf\execQuery('DELETE FROM cf_user_roles WHERE user_id=:uid', array('uid' => $uid));
$q = cf\createQuery('INSERT INTO cf_user_roles (user_id,role_id) VALUES(:userId,:roleId)');
$q->setParam('userId', $uid);
foreach ($roles as $rid) {
$q->setParam('roleId', $rid);
$q->execute();
}
}
}
function do_edit_save($aid, $params)
{
$pid = cf\api\admin\doAction($aid, $params);
if (array_key_exists('id', $params)) {
$pid = $params['id'];
}
global $fk;
if (!$fk) {
//it's not an option
//update categories
$pos = cf\query2arrays('SELECT page_id,sort_order FROM cf_products_in_category WHERE product_id=:id', array('id' => $pid), false, 'page_id');
cf\execQuery('DELETE FROM cf_products_in_category WHERE product_id=:id', array('id' => $pid));
$categories = cf\param::exist('category') ? cf\param::get('category') : array();
$q = cf\createQuery('INSERT INTO cf_products_in_category (page_id,product_id,sort_order) VALUES(:categoryId,:productId,:sortOrder)', array('productId' => $pid));
foreach ($categories as $catId) {
$q->setParam('categoryId', $catId);
$q->setParam('sortOrder', array_key_exists($catId, $pos) ? $pos[$catId]['sort_order'] : 500);
$q->execute();
}
}
//update attributes
if (cf\param::exist('attributes')) {
cf\execQuery("DELETE FROM cf_product_attributes WHERE product_id=:id", array('id' => $pid));
$q = cf\createQuery("INSERT INTO cf_product_attributes (product_id, attribute_id, attribute_value) VALUES (:pid,:aid,:val)");
$attrValues = cf\param::get('attributes');
foreach ($attrValues as $id => $val) {
$q->setParam('pid', $pid);
$q->setParam('aid', $id);
$q->setParam('val', $val);
$q->execute();
}
}
}
function do_edit_save($aid, $params)
{
$channelId = cf\api\admin\doAction($aid, $params);
if (array_key_exists('id', $params)) {
$channelId = $params['id'];
}
//update categories
cf\execQuery('DELETE FROM cf_rss_channel_to_category WHERE channel_id=:id', array('id' => $channelId));
$cats = cf\param::exist('cat') ? cf\param::get('cat') : array();
$q = cf\createQuery('INSERT INTO cf_rss_channel_to_category (category_id,channel_id) VALUES(:catId,:channelId)', array('channelId' => $channelId));
foreach ($cats as $catId) {
$q->setParam('catId', $catId);
$q->execute();
}
}
function do_edit_save($aid, $params)
{
$iId = cf\api\admin\doAction($aid, $params);
if (array_key_exists('id', $params)) {
$iId = $params['id'];
}
//update albums
$pos = cf\query2arrays('SELECT album_id,sort_order FROM cf_gallery_image_in_album WHERE image_id=:id', array('id' => $iId), false, 'album_id');
cf\execQuery('DELETE FROM cf_gallery_image_in_album WHERE image_id=:id', array('id' => $iId));
$albums = cf\param::exist('album') ? cf\param::get('album') : array();
$q = cf\createQuery('INSERT INTO cf_gallery_image_in_album (album_id,image_id,sort_order) VALUES(:albumId,:imageId,:sortOrder)', array('imageId' => $iId));
foreach ($albums as $albumId) {
$q->setParam('albumId', $albumId);
$q->setParam('sortOrder', array_key_exists($albumId, $pos) ? $pos[$albumId]['sort_order'] : 500);
$q->execute();
}
}
}
require_once dirname(__FILE__) . '/../db.php';
require_once dirname(__FILE__) . '/../user.php';
if (array_key_exists('modules', $_POST)) {
foreach ($_POST['modules'] as $module) {
$sqlFiles[] = $module;
}
}
foreach ($sqlFiles as $f) {
$sql = 'SET storage_engine=MYISAM;' . file_get_contents(dirname(__FILE__) . "/{$f}.sql");
cf\execQuery($sql);
}
cf\User::register('admin', 'admin', 'Admin');
cf\execQuery("\r\n\t\tINSERT INTO cf_roles (id,name) VALUES('admin','Администраторы');\r\n\t\tINSERT INTO cf_user_roles (role_id,user_id) VALUES('admin',1);\r\n\t\tINSERT INTO cf_role_view_grants (view_id, role_id, can_read) VALUES (NULL,'admin',1);\r\n\t\tINSERT INTO cf_role_action_grants (action_id, role_id, can_execute) VALUES (NULL,'admin',1);\r\n\t");
if ($_REQUEST['run_install_sql']) {
cf\execQuery('SET storage_engine=MYISAM;' . file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/install.sql'));
}
if ($_REQUEST['run_install_php']) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/install.php';
}
} else {
if (array_key_exists('cf_install_db', $_SESSION)) {
$dbName = $_SESSION['cf_install_db'];
}
if (array_key_exists('cf_install_create_db', $_SESSION)) {
$createDB = (bool) $_SESSION['cf_install_create_db'];
}
if (array_key_exists('cf_install_host', $_SESSION)) {
$host = $_SESSION['cf_install_host'];
}
if (array_key_exists('cf_install_user', $_SESSION)) {
function doAction($id, $params = array())
{
$user = \cf\User::getLoggedIn();
//TODO check params by params_id
foreach ($params as $nm => $v) {
$params[$nm] = $v ? $v : null;
}
$query = \cf\query2var('SELECT query FROM cf_admin_action WHERE id=:id', array('id' => $id));
$sqlparts = preg_split('/\\s*;\\s*/', $query, -1, PREG_SPLIT_NO_EMPTY);
foreach ($sqlparts as &$sql) {
if (preg_match('/^\\s*INSERT\\s+INTO\\s+(\\w+)\\s*$/i', $sql, $match)) {
//INSERT INTO tname
$sql = 'INSERT INTO ' . $match[1] . ' (' . implode(',', array_keys($params)) . ') VALUES(:' . implode(',:', array_keys($params)) . ')';
} else {
if (preg_match('/^\\s*UPDATE\\s+(\\w+)\\s+(WHERE .+)/i', $sql, $match)) {
//UPDATE tname WHERE id=:id [AND ... AND ...]
$names = array();
foreach ($params as $nm => $v) {
$names[] = "{$nm}=:{$nm}";
}
$sql = 'UPDATE ' . $match[1] . ' SET ' . implode(',', $names) . ' ' . $match[2];
}
}
eval('$sql="' . $sql . '";');
}
$query = implode(';', $sqlparts);
$fileParams = \cf\query2arrays("\n\t\tSELECT cf_admin_action_param.name AS name, fmt\n\t\tFROM cf_admin_action_param\n\t\tINNER JOIN cf_admin_action_params ON cf_admin_action_param.params_id = cf_admin_action_params.id\n\t\tINNER JOIN cf_admin_action ON cf_admin_action_params.id = cf_admin_action.params_id\n\t\tWHERE cf_admin_action.id=:id AND cf_admin_action_param.type_id='File'", array('id' => $id));
foreach ($fileParams as $param) {
$nm = $param['name'];
if ($params[$nm][0] == "\t") {
//tab at the beginning: delete file
@unlink(\cf\Config::root_path . substr($params[$nm], 1));
$params[$nm] = null;
}
if (array_key_exists($nm, $_FILES)) {
list($uploadDir, $ext) = explode(';', $param['fmt']);
$fparams = $_FILES[$nm];
if ($fparams['type'] == 'url') {
//URL passed
$url = $fparams['name'];
$urlInfo = parse_url($url);
if (in_array($urlInfo['scheme'], stream_get_wrappers())) {
//are such URLs supported
$fname = pathinfo($urlInfo['path']);
if ($ext != '*' && !in_array(strtolower($fname['extension']), explode(',', strtolower($ext)))) {
continue;
//invalid file type
}
$path = "{$uploadDir}/" . uniqid($nm) . '.' . $fname['extension'];
if (copy($url, \cf\Config::root_path . "{$path}")) {
@unlink(\cf\Config::root_path . $params[$nm]);
chmod(\cf\Config::root_path . "{$path}", 0644);
$params[$nm] = $path;
}
}
} else {
//file uploaded
if (UPLOAD_ERR_OK != $fparams['error'] || !is_uploaded_file($fparams['tmp_name'])) {
continue;
//if a file is not uploaded check upload_max_filesize or post_max_size in php.ini
}
$fname = pathinfo($fparams['name']);
if ($ext != '*' && !in_array(strtolower($fname['extension']), explode(',', strtolower($ext)))) {
continue;
//invalid file type
}
$path = "{$uploadDir}/" . uniqid($nm) . '.' . $fname['extension'];
if (move_uploaded_file($fparams['tmp_name'], \cf\Config::root_path . "{$path}")) {
@unlink(\cf\Config::root_path . $params[$nm]);
chmod(\cf\Config::root_path . "{$path}", 0644);
$params[$nm] = $path;
}
}
}
}
\cf\execQuery($query, $params);
global $db;
return $db->lastInsertId();
}
}
}
xml_parser_free($parser);
fclose($f);
if ($sellerID) {
$qDelete = cf\createQuery("UPDATE cf_products SET price=0 WHERE id=:id");
//or "DELETE FROM cf_products WHERE id=:id"
$qDelState = cf\createQuery("UPDATE cf_products SET state=:state WHERE id=:id");
$delState = $settings['del_state'];
$qFindAllOfSeller = cf\createQuery("SELECT id FROM cf_products WHERE seller_id=:seller_id", array('seller_id' => $sellerID));
$qFindAllOfSeller->execute();
while ($qFindAllOfSeller->fetch()) {
$id = $qFindAllOfSeller->at('id');
if (!array_key_exists($id, $foundIDs)) {
$qDelete->setParam('id', $id)->execute();
if ($delState) {
$qDelState->setParam('state', $delState)->execute();
}
++$deletedCount;
}
}
}
if ($delFile) {
unlink($settings['url']);
}
cf\execQuery("\n\t\tUPDATE cf_import_yml \n\t\tSET \n\t\t\tlast_state=1,\n\t\t\tlast_error=NULL,\n\t\t\toffersCount={$offersCount},\n\t\t\taddedCount={$addedCount},\n\t\t\tupdatedCount={$updatedCount},\n\t\t\tdeletedCount={$deletedCount} \n\t\tWHERE id={$ymlID}\n\t");
} catch (Exception $e) {
cf\execQuery("\n\t\tUPDATE cf_import_yml \n\t\tSET \n\t\t\tlast_state=2,\n\t\t\tlast_error=:error,\n\t\t\toffersCount={$offersCount},\n\t\t\taddedCount={$addedCount},\n\t\t\tupdatedCount={$updatedCount},\n\t\t\tdeletedCount={$deletedCount} \n\t\tWHERE id={$ymlID}", array('error' => $e->getMessage()));
return 1;
}
return 0;
function updateChannel($channel)
{
if (!is_array($channel)) {
return;
}
$dt = time();
if (array_key_exists('lastbuilddate', $channel)) {
$dt = parseRfc822Date($channel['lastbuilddate']);
} elseif (array_key_exists('pubdate', $channel)) {
$dt = parseRfc822Date($channel['pubdate']);
}
global $channelID, $categories, $abort;
$lastUpdate = cf\query2var("SELECT UNIX_TIMESTAMP(last_upload) FROM cf_rss_channel WHERE id=:id", array('id' => $channelID));
if ($lastUpdate >= $dt) {
$abort = true;
return;
}
$channel['date'] = $dt;
cf\execQuery("UPDATE cf_rss_channel SET last_upload=FROM_UNIXTIME(:dt),added_count=0 WHERE id=:id", array('id' => $channelID, 'dt' => $dt));
//delete old
$catDel = cf\query2vector("SELECT cf_news_in_category.id FROM cf_news INNER JOIN cf_news_in_category ON cf_news.id=cf_news_in_category.news_id WHERE cf_news.rss_chanel_id={$channelID}");
$qDel = cf\createQuery('DELETE FROM cf_news_in_category WHERE id=:id');
foreach ($catDel as $cat) {
$qDel->setParam('id', $cat);
$qDel->execute();
$qDel->close();
}
cf\execQuery("DELETE FROM cf_news WHERE rss_chanel_id=:id", array('id' => $channelID));
$categories = cf\query2vector("SELECT category_id FROM cf_rss_channel_to_category WHERE channel_id=:id", array('id' => $channelID));
}
$q = new cf\Query($db);
$q->exec("\r\n\t\t\tDROP DATABASE IF EXISTS {$dbName};\r\n\t\t\tCREATE DATABASE {$dbName} DEFAULT CHARACTER SET utf8;\r\n\t\t\tUSE {$dbName};\r\n\t\t");
}
require_once dirname(__FILE__) . '/../db.php';
require_once dirname(__FILE__) . '/../user.php';
if (array_key_exists('modules', $_POST)) {
foreach ($_POST['modules'] as $module) {
$sqlFiles[] = $module;
}
}
foreach ($sqlFiles as $f) {
$sql = 'SET storage_engine=MYISAM;' . file_get_contents(dirname(__FILE__) . "/{$f}.sql");
cf\execQuery($sql);
}
cf\User::register('admin', 'admin', 'Admin');
cf\execQuery("\r\n\t\tINSERT INTO cf_roles (id,name) VALUES('admin','Администраторы');\r\n\t\tINSERT INTO cf_user_roles (role_id,user_id) VALUES('admin',1);\r\n\t\tINSERT INTO cf_role_view_grants (view_id, role_id, can_read) VALUES (NULL,'admin',1);\r\n\t\tINSERT INTO cf_role_action_grants (action_id, role_id, can_execute) VALUES (NULL,'admin',1);\r\n\t");
} else {
if (array_key_exists('cf_install_db', $_SESSION)) {
$dbName = $_SESSION['cf_install_db'];
}
if (array_key_exists('cf_install_create_db', $_SESSION)) {
$createDB = (bool) $_SESSION['cf_install_create_db'];
}
if (array_key_exists('cf_install_host', $_SESSION)) {
$host = $_SESSION['cf_install_host'];
}
if (array_key_exists('cf_install_user', $_SESSION)) {
$user = $_SESSION['cf_install_user'];
}
if (array_key_exists('cf_install_smarty_site', $_SESSION)) {
$smarty_path = $_SESSION['cf_install_smarty_site'];
function clear()
{
$user = \cf\User::getLoggedIn();
if ($user) {
\cf\execQuery('DELETE FROM cf_cart WHERE user_id=:uid', array('uid' => $user->id()));
} else {
$c = \cf\Cookie::retrieve('cyberfish_cart');
if ($c) {
$c->delParam('ready');
$c->setParam('ready', array());
$c->set();
}
}
return getList();
}
function doAction($id, $params = array())
{
$user = \cf\User::getLoggedIn();
$sql = \cf\query2var('SELECT query FROM cf_admin_action WHERE id=:id', array('id' => $id));
eval('$sql="' . $sql . '";');
foreach ($params as $nm => $v) {
$params[$nm] = $v ? $v : null;
}
$fileParams = \cf\query2arrays("\n\t\tSELECT cf_admin_action_param.name AS name, fmt\n\t\tFROM cf_admin_action_param\n\t\tINNER JOIN cf_admin_action_params ON cf_admin_action_param.params_id = cf_admin_action_params.id\n\t\tINNER JOIN cf_admin_action ON cf_admin_action_params.id = cf_admin_action.params_id\n\t\tWHERE cf_admin_action.id=:id AND cf_admin_action_param.type_id='File'", array('id' => $id));
foreach ($fileParams as $param) {
$nm = $param['name'];
if ($params[$nm][0] == "\t") {
//tab at the beginning: delete file
@unlink(\cf\Config::root_path . substr($params[$nm], 1));
$params[$nm] = null;
}
if (array_key_exists($nm, $_FILES)) {
list($uploadDir, $ext) = explode(';', $param['fmt']);
$fparams = $_FILES[$nm];
if ($fparams['type'] == 'url') {
//URL passed
$url = $fparams['name'];
$urlInfo = parse_url($url);
if (in_array($urlInfo['scheme'], stream_get_wrappers())) {
//are such URLs supported
$fname = pathinfo($urlInfo['path']);
if ($ext != '*' && !in_array(strtolower($fname['extension']), explode(',', strtolower($ext)))) {
continue;
//invalid file type
}
$path = "{$uploadDir}/" . uniqid($nm) . '.' . $fname['extension'];
if (copy($url, \cf\Config::root_path . "{$path}")) {
@unlink(\cf\Config::root_path . $params[$nm]);
chmod(\cf\Config::root_path . "{$path}", 0644);
$params[$nm] = $path;
}
}
} else {
//file uploaded
if (UPLOAD_ERR_OK != $fparams['error'] || !is_uploaded_file($fparams['tmp_name'])) {
continue;
//if a file is not uploaded check upload_max_filesize or post_max_size in php.ini
}
$fname = pathinfo($fparams['name']);
if ($ext != '*' && !in_array(strtolower($fname['extension']), explode(',', strtolower($ext)))) {
continue;
//invalid file type
}
$path = "{$uploadDir}/" . uniqid($nm) . '.' . $fname['extension'];
if (move_uploaded_file($fparams['tmp_name'], \cf\Config::root_path . "{$path}")) {
@unlink(\cf\Config::root_path . $params[$nm]);
chmod(\cf\Config::root_path . "{$path}", 0644);
$params[$nm] = $path;
}
}
}
}
\cf\execQuery($sql, $params);
global $db;
return $db->lastInsertId();
}
