function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'delete':
$ids = Params::getParam("id");
if ($ids != '') {
foreach ($ids as $id) {
osc_deleteResource($id);
}
$this->resourcesManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $ids) . ')'));
}
osc_add_flash_message(_m('Resource deleted'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=media");
break;
default:
$resourceId = Params::getParam("id");
if ($resourceId != '') {
$resources = $this->resourcesManager->getAllResources($resourceId);
} else {
$resources = $this->resourcesManager->getAllResources(NULL);
}
//calling the view...
$this->_exportVariableToView("resources", $resources);
$this->_exportVariableToView("resourceId", $resourceId);
$this->doView('media/index.php');
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
switch (Params::getParam('bulk_actions')) {
case 'delete_all':
$ids = Params::getParam("id");
if (is_array($ids)) {
foreach ($ids as $id) {
osc_deleteResource($id, true);
}
$log_ids = substr(implode(",", $ids), 0, 250);
Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id());
$this->resourcesManager->deleteResourcesIds($ids);
}
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
break;
default:
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=media');
break;
case 'delete':
$ids = Params::getParam('id');
if (is_array($ids)) {
foreach ($ids as $id) {
osc_deleteResource($id, true);
}
$log_ids = substr(implode(",", $ids), 0, 250);
Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id());
$this->resourcesManager->deleteResourcesIds($ids);
}
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=media');
break;
default:
$this->doView('media/index.php');
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
switch (Params::getParam('bulk_actions')) {
case 'delete_all':
$ids = Params::getParam("id");
if ($ids != '') {
foreach ($ids as $id) {
osc_deleteResource($id);
}
$this->resourcesManager->deleteResourcesIds($ids);
}
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
break;
default:
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=media");
break;
case 'delete':
$ids = Params::getParam("id");
if ($ids != '') {
foreach ($ids as $id) {
osc_deleteResource($id);
}
$this->resourcesManager->deleteResourcesIds($ids);
}
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=media");
break;
default:
$this->doView('media/index.php');
}
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
Session::newInstance()->_setReferer(osc_item_post_url());
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
if (Session::newInstance()->_getForm('countryId') != "") {
$countryId = Session::newInstance()->_getForm('countryId');
$regions = Region::newInstance()->findByCountry($countryId);
$this->_exportVariableToView('regions', $regions);
if (Session::newInstance()->_getForm('regionId') != "") {
$regionId = Session::newInstance()->_getForm('regionId');
$cities = City::newInstance()->findByRegion($regionId);
$this->_exportVariableToView('cities', $cities);
}
}
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
osc_csrf_check();
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
$this->redirectTo(osc_base_url(true));
}
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(true);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (!osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByEmail($mItems->data['contactEmail']);
// The user exists but it's not logged
if (isset($user['pk_i_id'])) {
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_keepForm($key);
}
osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in'));
$this->redirectTo(osc_user_login_url());
}
}
$banned = osc_is_banned($mItems->data['contactEmail']);
if ($banned == 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
$this->redirectTo(osc_item_post_url());
} else {
if ($banned == 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
$this->redirectTo(osc_item_post_url());
}
}
// POST ITEM ( ADD ITEM )
$success = $mItems->add();
if ($success != 1 && $success != 2) {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_post_url());
} else {
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_dropKeepForm('meta_' . $key);
}
}
Session::newInstance()->_clearVariables();
if ($success == 1) {
osc_add_flash_ok_message(_m('Check your inbox to validate your listing'));
} else {
osc_add_flash_ok_message(_m('Your listing has been published'));
}
$itemId = Params::getParam('itemId');
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
}
break;
case 'item_edit':
// edit item
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView('item', $item);
osc_run_hook("before_item_edit", $item);
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID"));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
osc_csrf_check();
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_edit_url($secret, $id));
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$success = $mItems->edit();
if ($success == 1) {
osc_add_flash_ok_message(_m("Great! We've just updated your listing"));
View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id));
$this->redirectTo(osc_item_url());
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_edit_url($secret, $id));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
// item doesn't exist
if (count($item) == 0) {
$this->do404();
return;
}
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['b_active'] == 0) {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_ok_message(_m('The listing has been validated'));
} else {
osc_add_flash_error_message(_m("The listing can't be validated"));
}
} else {
osc_add_flash_warning_message(_m('The listing has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_ok_message(_m('Your listing has been deleted'));
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
$this->redirectTo(osc_base_url());
}
break;
case 'deleteResources':
// Delete images via AJAX
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
if (Session::newInstance()->_get('userId') != '') {
$userId = Session::newInstance()->_get('userId');
$user = User::newInstance()->findByPrimaryKey($userId);
} else {
$userId = null;
$user = null;
}
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
osc_add_flash_error_message(_m("The selected photo couldn't be deleted, the url doesn't exist"));
$this->redirectTo(osc_item_edit_url($secret, $item));
}
$aItem = Item::newInstance()->findByPrimaryKey($item);
if (count($aItem) == 0) {
osc_add_flash_error_message(_m("The listing doesn't exist"));
$this->redirectTo(osc_item_edit_url($secret, $item));
}
if (!osc_is_admin_user_logged_in()) {
if ($userId != null && $userId != $aItem['fk_i_user_id']) {
osc_add_flash_error_message(_m("The listing doesn't belong to you"));
$this->redirectTo(osc_item_edit_url($secret, $item));
}
if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
osc_add_flash_error_message(_m("The listing doesn't belong to you"));
$this->redirectTo(osc_item_edit_url($secret, $item));
}
}
$result = ItemResource::newInstance()->existResource($id, $code);
if ($result > 0) {
$resource = ItemResource::newInstance()->findByPrimaryKey($id);
if ($resource['fk_i_item_id'] == $item) {
osc_deleteResource($id, false);
Log::newInstance()->insertLog('item', 'deleteResource', $id, $id, 'user', osc_logged_user_id());
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
osc_add_flash_ok_message(_m('The selected photo has been successfully deleted'));
} else {
osc_add_flash_error_message(_m("The selected photo does not belong to you"));
}
} else {
osc_add_flash_error_message(_m("The selected photo couldn't be deleted"));
}
$this->redirectTo(osc_item_edit_url($secret, $item));
break;
case 'mark':
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) {
// mark item if it's not a bot
$mItem = new ItemActions(false);
$mItem->mark($id, $as);
break;
}
}
osc_add_flash_ok_message(_m("Thanks! That's very helpful"));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
osc_csrf_check();
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
if (osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_send_friend_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
osc_run_hook('pre_item_send_friend_post', $item);
$mItem = new ItemActions(false);
$success = $mItem->send_friend();
osc_run_hook('post_item_send_friend_post', $item);
if ($success) {
Session::newInstance()->_clearVariables();
$this->redirectTo(osc_item_url());
} else {
$this->redirectTo(osc_item_send_friend_url());
}
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
if (empty($item)) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
} else {
$this->_exportVariableToView('item', $item);
if (osc_item_is_expired()) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
$this->doView('item-contact.php');
} else {
osc_add_flash_error_message(_m("You can't contact the seller, only registered users can"));
$this->redirectTo(osc_item_url());
}
}
break;
case 'contact_post':
osc_csrf_check();
if (osc_reg_user_can_contact() && !osc_is_web_user_logged_in()) {
osc_add_flash_warning_message(_m("You can't contact the seller, only registered users can"));
$this->redirectTo(osc_base_url(true));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$banned = osc_is_banned(Params::getParam('yourEmail'));
if ($banned == 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
$this->redirectTo(osc_item_url());
} else {
if ($banned == 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
$this->redirectTo(osc_item_url());
}
}
if (osc_isExpired($item['dt_expiration'])) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
osc_run_hook('pre_item_contact_post', $item);
$mItem = new ItemActions(false);
$result = $mItem->contact();
osc_run_hook('post_item_contact_post', $item);
if (is_string($result)) {
osc_add_flash_error_message($result);
} else {
osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller"));
}
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
osc_csrf_check();
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
osc_add_flash_error_message($msg);
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
osc_add_flash_info_message($msg);
break;
case 2:
$msg = _m('Your comment has been approved');
osc_add_flash_ok_message($msg);
break;
case 3:
$msg = _m('Please fill the required field (email)');
osc_add_flash_warning_message($msg);
break;
case 4:
$msg = _m('Please type a comment');
osc_add_flash_warning_message($msg);
break;
case 5:
$msg = _m('Your comment has been marked as spam');
osc_add_flash_error_message($msg);
break;
case 6:
$msg = _m('You need to be logged to comment');
osc_add_flash_error_message($msg);
break;
case 7:
$msg = _m('Sorry, comments are disabled');
osc_add_flash_error_message($msg);
break;
}
//View::newInstance()->_exportVariableToView('item', Item::newInstance()->findByPrimaryKey(Params::getParam('id')));
$this->redirectTo(osc_item_url());
break;
case 'delete_comment':
osc_csrf_check();
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
// @TOFIX @FIXME $status never used + ?? need to add_comment() before deleting it??
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_error_message(_m("The comment doesn't exist"));
$this->redirectTo(osc_item_url());
}
if ($aComment['b_active'] != 1) {
osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_ok_message(_m('The comment has been deleted'));
$this->redirectTo(osc_item_url());
break;
default:
// if there isn't ID, show an error 404
if (Params::getParam('id') == '') {
$this->do404();
return;
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = osc_apply_filter('pre_show_item', $this->itemManager->findByPrimaryKey(Params::getParam('id')));
// if item doesn't exist show an error 410
if (count($item) == 0) {
$this->do410();
return;
}
if ($item['b_active'] != 1) {
if ($this->userId == $item['fk_i_user_id'] && $this->userId != '' || osc_is_admin_user_logged_in()) {
osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public"));
} else {
$this->do400();
return;
}
} else {
if ($item['b_enabled'] == 0) {
if (osc_is_admin_user_logged_in()) {
osc_add_flash_warning_message(_m("The listing hasn't been enabled. Please enable it in order to make it public"));
} else {
if (osc_is_web_user_logged_in() && osc_logged_user_id() == $item['fk_i_user_id']) {
osc_add_flash_warning_message(_m("The listing has been blocked or is awaiting moderation from the admin"));
} else {
$this->do400();
return;
}
}
}
}
if (!osc_is_admin_user_logged_in() && !($item['fk_i_user_id'] != '' && $item['fk_i_user_id'] == osc_logged_user_id())) {
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) {
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
break;
}
}
}
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
if ($item['fk_i_user_id'] != '') {
$user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
$this->_exportVariableToView('user', $user);
}
$this->_exportVariableToView('item', $item);
osc_run_hook('show_item', $item);
// redirect to the correct url just in case it has changed
$itemURI = str_replace(osc_base_url(), '', osc_item_url());
$URI = preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false));
// do not clean QUERY_STRING if permalink is not enabled
if (osc_rewrite_enabled()) {
$URI = str_replace('?' . Params::getServerParam('QUERY_STRING', false, false), '', $URI);
} else {
$params_keep = array('page', 'id');
$params = array();
foreach (Params::getParamsAsArray('get') as $k => $v) {
if (in_array($k, $params_keep)) {
$params[] = "{$k}={$v}";
}
}
$URI = 'index.php?' . implode('&', $params);
}
// redirect to the correct url
if ($itemURI != $URI) {
$this->redirectTo(osc_base_url() . $itemURI, 301);
}
$this->doView('item.php');
break;
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'location_countries':
// This is the autocomplete AJAX
$countries = Country::newInstance()->ajax(Params::getParam("term"));
echo json_encode($countries);
break;
case 'location_regions':
// This is the autocomplete AJAX
$regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country"));
echo json_encode($regions);
break;
case 'location_cities':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region"));
echo json_encode($cities);
break;
case 'delete_image':
// Delete images via AJAX
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
$json = array();
if (Session::newInstance()->_get('userId') != '') {
$userId = Session::newInstance()->_get('userId');
$user = User::newInstance()->findByPrimaryKey($userId);
} else {
$userId = null;
$user = null;
}
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
$json['success'] = false;
$json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist");
echo json_encode($json);
return false;
}
$aItem = Item::newInstance()->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
$json['success'] = false;
$json['msg'] = _m('The item doesn\'t exist');
echo json_encode($json);
return false;
}
// Check if the item belong to the user
if ($userId != null && $userId != $aItem['fk_i_user_id']) {
$json['success'] = false;
$json['msg'] = _m('The item doesn\'t belong to you');
echo json_encode($json);
return false;
}
// Check if the secret passphrase match with the item
if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
$json['success'] = false;
$json['msg'] = _m('The item doesn\'t belong to you');
echo json_encode($json);
return false;
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->existResource($id, $code);
if ($result > 0) {
// Delete: file, db table entry
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
$json['msg'] = _m('The selected photo has been successfully deleted');
$json['success'] = 'true';
} else {
$json['msg'] = _m("The selected photo couldn't be deleted");
$json['success'] = 'false';
}
echo json_encode($json);
return true;
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$alert = Params::getParam("alert");
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if ($alert != '' && $email != '') {
if (preg_match("/^[_a-z0-9-+]+(\\.[_a-z0-9-+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", $email)) {
$secret = osc_genRandomPassword();
if (Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) {
if ((int) $userid > 0) {
$user = User::newInstance()->findByPrimaryKey($userid);
if ($user['b_active'] == 1 && $user['b_enabled'] == 1) {
Alerts::newInstance()->activate($email, $secret);
echo '1';
return true;
} else {
echo '-1';
return false;
}
} else {
osc_run_hook('hook_email_alert_validation', $alert, $email, $secret);
}
echo "1";
} else {
echo "0";
}
return true;
} else {
echo '-1';
return false;
}
}
echo '0';
return false;
break;
case 'runhook':
//Run hooks
$hook = Params::getParam("hook");
switch ($hook) {
case 'item_form':
$catId = Params::getParam("catId");
if ($catId != '') {
osc_run_hook("item_form", $catId);
} else {
osc_run_hook("item_form");
}
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
if ($hook == '') {
return false;
} else {
osc_run_hook($hook);
}
break;
}
break;
case 'custom':
// Execute via AJAX custom file
$ajaxfile = Params::getParam("ajaxfile");
if ($ajaxfile != '') {
require_once osc_plugins_path() . $ajaxfile;
} else {
echo json_encode(array('error' => __('no action defined')));
}
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
function doModel()
{
parent::doModel();
if (osc_is_moderator() && ($this->action == 'settings' || $this->action == 'settings_post')) {
osc_add_flash_error_message(_m("You don't have enough permissions"), "admin");
$this->redirectTo(osc_admin_base_url());
}
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
osc_csrf_check();
$mItems = new ItemActions(true);
switch (Params::getParam('bulk_actions')) {
case 'enable_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->enable($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been enabled', '%d listings have been enabled', $numSuccess), $numSuccess), 'admin');
}
break;
case 'disable_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->disable((int) $_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been disabled', '%d listings have been disabled', $numSuccess), $numSuccess), 'admin');
}
break;
case 'activate_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->activate($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been activated', '%d listings have been activated', $numSuccess), $numSuccess), 'admin');
}
break;
case 'deactivate_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->deactivate($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_m('%d listing has been deactivated', '%d listings have been deactivated', $numSuccess), $numSuccess), 'admin');
}
break;
case 'premium_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->premium($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been marked as premium', '%d listings have been marked as premium', $numSuccess), $numSuccess), 'admin');
}
break;
case 'depremium_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->premium($_id, false)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin');
}
break;
case 'spam_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->spam($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been marked as spam', '%d listings have been marked as spam', $numSuccess), $numSuccess), 'admin');
}
break;
case 'despam_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->spam($_id, false)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin');
}
break;
case 'delete_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$item = $this->itemManager->findByPrimaryKey($i);
$success = $mItems->delete($item['s_secret'], $item['pk_i_id']);
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been deleted', '%d listings have been deleted', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_spam_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'spam');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as spam', '%d listings have been unmarked as spam', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_bad_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'bad');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as missclassified', '%d listings have been unmarked as missclassified', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_dupl_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'duplicated');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as duplicated', '%d listings have been unmarked as duplicated', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_expi_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'expired');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as expired', '%d listings have been unmarked as expired', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_offe_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'offensive');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as offensive', '%d listings have been unmarked as offensive', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'all');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked', '%d listings have been unmarked', $numSuccess), $numSuccess), 'admin');
}
break;
default:
if (Params::getParam("bulk_actions") != "") {
osc_run_hook("item_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id'));
}
break;
}
$this->redirectTo($_SERVER['HTTP_REFERER']);
break;
case 'delete':
//delete
osc_csrf_check();
$id = Params::getParam('id');
$success = false;
foreach ($id as $i) {
if ($i) {
$aItem = $this->itemManager->findByPrimaryKey($i);
$mItems = new ItemActions(true);
$success = $mItems->delete($aItem['s_secret'], $aItem['pk_i_id']);
}
}
if ($success) {
osc_add_flash_ok_message(_m('The listing has been deleted'), 'admin');
} else {
osc_add_flash_error_message(_m("The listing couldn't be deleted"), 'admin');
}
$this->redirectTo($_SERVER['HTTP_REFERER']);
break;
case 'status':
//status
osc_csrf_check();
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) {
return false;
}
$item = $this->itemManager->findByPrimaryKey($id);
$mItems = new ItemActions(true);
switch ($value) {
case 'ACTIVE':
$success = $mItems->activate($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The listing has been activated'), 'admin');
} else {
if (!$success) {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
} else {
osc_add_flash_error_message(_m("The listing can't be activated because it's blocked"), 'admin');
}
}
break;
case 'INACTIVE':
$success = $mItems->deactivate($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The listing has been deactivated'), 'admin');
} else {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
}
break;
case 'ENABLE':
$success = $mItems->enable($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The listing has been enabled'), 'admin');
} else {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
}
break;
case 'DISABLE':
$success = $mItems->disable($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The listing has been disabled'), 'admin');
} else {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
}
break;
}
$this->redirectTo($_SERVER['HTTP_REFERER']);
break;
case 'status_premium':
//status premium
osc_csrf_check();
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array(0, 1))) {
return false;
}
$mItems = new ItemActions(true);
if ($mItems->premium($id, $value == 1 ? true : false)) {
osc_add_flash_ok_message(_m('Changes have been applied'), 'admin');
} else {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
}
$this->redirectTo($_SERVER['HTTP_REFERER']);
break;
case 'status_spam':
//status spam
osc_csrf_check();
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array(0, 1))) {
return false;
}
$mItems = new ItemActions(true);
if ($mItems->spam($id, $value == 1 ? true : false)) {
osc_add_flash_ok_message(_m('Changes have been applied'), 'admin');
} else {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
}
$this->redirectTo($_SERVER['HTTP_REFERER']);
break;
case 'clear_stat':
osc_csrf_check();
$id = Params::getParam('id');
$stat = Params::getParam('stat');
if (!$id) {
return false;
}
if (!$stat) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
$success = $this->itemManager->clearStat($id, $stat);
if ($success) {
osc_add_flash_ok_message(_m('The listing has been unmarked as') . " {$stat}", 'admin');
} else {
osc_add_flash_error_message(_m("The listing hasn't been unmarked as") . " {$stat}", 'admin');
}
$this->redirectTo($_SERVER['HTTP_REFERER']);
break;
case 'item_edit':
// edit item
$id = Params::getParam('id');
$item = Item::newInstance()->findByPrimaryKey($id);
if (count($item) <= 0) {
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
}
$csrf_token = osc_csrf_token_url();
if ($item['b_active']) {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=INACTIVE">' . __('Deactivate') . '</a>';
} else {
$actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=ACTIVE">' . __('Activate') . '</a>';
}
if ($item['b_enabled']) {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=DISABLE">' . __('Block') . '</a>';
} else {
$actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=ENABLE">' . __('Unblock') . '</a>';
}
if ($item['b_premium']) {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=0">' . __('Unmark as premium') . '</a>';
} else {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=1">' . __('Mark as premium') . '</a>';
}
if ($item['b_spam']) {
$actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=0">' . __('Unmark as spam') . '</a>';
} else {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=1">' . __('Mark as spam') . '</a>';
}
$this->_exportVariableToView("actions", $actions);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
// save referer if belongs to manage items
// redirect only if ManageItems or ReportedListngs
if (isset($_SERVER['HTTP_REFERER'])) {
$referer = $_SERVER['HTTP_REFERER'];
if (preg_match('/page=items/', $referer)) {
if (preg_match("/action=([\\p{L}|_|-]+)/u", $referer, $matches)) {
if ($matches[1] == 'items_reported') {
Session::newInstance()->_set('osc_admin_referer', $referer);
}
} else {
// no actions - Manage Listings
Session::newInstance()->_set('osc_admin_referer', $referer);
}
}
}
$this->_exportVariableToView("item", $item);
$this->_exportVariableToView("new_item", FALSE);
osc_run_hook("before_item_edit", $item);
$this->doView('items/frm.php');
break;
case 'item_edit_post':
osc_csrf_check();
$mItems = new ItemActions(true);
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
$success = $mItems->edit();
if ($success == 1) {
osc_add_flash_ok_message(_m('Changes saved correctly'), 'admin');
$url = osc_admin_base_url(true) . "?page=items";
// if Referer is saved that means referer is ManageListings or ReportListings
if (Session::newInstance()->_get('osc_admin_referer') != '') {
$url = Session::newInstance()->_get('osc_admin_referer');
}
Session::newInstance()->_clearVariables();
$this->redirectTo($url);
} else {
osc_add_flash_error_message($success, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items&action=item_edit&id=" . Params::getParam('id'));
}
break;
case 'deleteResource':
//delete resource
osc_csrf_check();
$id = Params::getParam('id');
$name = Params::getParam('name');
$fkid = Params::getParam('fkid');
// delete files
osc_deleteResource($id, true);
Log::newInstance()->insertLog('items', 'deleteResource', $id, $id, 'admin', osc_logged_admin_id());
$result = ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name));
if ($result === false) {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
} else {
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'post':
// add item
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView("new_item", TRUE);
osc_run_hook('post_item');
$this->doView('items/frm.php');
break;
case 'post_item':
//post item
osc_csrf_check();
$mItem = new ItemActions(true);
$mItem->prepareData(true);
// set all parameters into session
foreach ($mItem->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
$success = $mItem->add();
if ($success == 1 || $success == 2) {
$url = osc_admin_base_url(true) . "?page=items";
// if Referer is saved that means referer is ManageListings or ReportListings
if (Session::newInstance()->_get('osc_admin_referer') != '') {
Session::newInstance()->_drop('osc_admin_referer');
$url = Session::newInstance()->_get('osc_admin_referer');
}
Session::newInstance()->_clearVariables();
osc_add_flash_ok_message(_m('A new listing has been added'), 'admin');
$this->redirectTo($url);
} else {
osc_add_flash_error_message($success, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items&action=post");
}
break;
case 'settings':
// calling the items settings view
$this->doView('items/settings.php');
break;
case 'settings_post':
// update item settings
osc_csrf_check();
$iUpdated = 0;
$enabledRecaptchaItems = Params::getParam('enabled_recaptcha_items');
$enabledRecaptchaItems = $enabledRecaptchaItems == '1' ? true : false;
$moderateItems = Params::getParam('moderate_items');
$moderateItems = $moderateItems != '' ? true : false;
$numModerateItems = Params::getParam('num_moderate_items');
$itemsWaitTime = Params::getParam('items_wait_time');
$loggedUserItemValidation = Params::getParam('logged_user_item_validation');
$loggedUserItemValidation = $loggedUserItemValidation != '' ? true : false;
$regUserPost = Params::getParam('reg_user_post');
$regUserPost = $regUserPost != '' ? true : false;
$notifyNewItem = Params::getParam('notify_new_item');
$notifyNewItem = $notifyNewItem != '' ? true : false;
$notifyContactItem = Params::getParam('notify_contact_item');
$notifyContactItem = $notifyContactItem != '' ? true : false;
$notifyContactFriends = Params::getParam('notify_contact_friends');
$notifyContactFriends = $notifyContactFriends != '' ? true : false;
$enabledFieldPriceItems = Params::getParam('enableField#f_price@items');
$enabledFieldPriceItems = $enabledFieldPriceItems != '' ? true : false;
$enabledFieldImagesItems = Params::getParam('enableField#images@items');
$enabledFieldImagesItems = $enabledFieldImagesItems != '' ? true : false;
$numImagesItems = Params::getParam('numImages@items');
if ($numImagesItems == '') {
$numImagesItems = 0;
}
$regUserCanContact = Params::getParam('reg_user_can_contact');
$regUserCanContact = $regUserCanContact != '' ? true : false;
$contactItemAttachment = Params::getParam('item_attachment');
$contactItemAttachment = $contactItemAttachment != '' ? true : false;
$msg = '';
if (!osc_validate_int(Params::getParam("items_wait_time"))) {
$msg .= _m("Wait time must only contain numeric characters") . "<br/>";
}
if (Params::getParam("num_moderate_items") != '' && !osc_validate_int(Params::getParam("num_moderate_items"))) {
$msg .= _m("Number of moderated listings must only contain numeric characters") . "<br/>";
}
if (!osc_validate_int($numImagesItems)) {
$msg .= _m("Images per listing must only contain numeric characters") . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings');
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $enabledRecaptchaItems), array('s_name' => 'enabled_recaptcha_items'));
if ($moderateItems) {
$iUpdated += Preference::newInstance()->update(array('s_value' => $numModerateItems), array('s_name' => 'moderate_items'));
} else {
$iUpdated += Preference::newInstance()->update(array('s_value' => '-1'), array('s_name' => 'moderate_items'));
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $loggedUserItemValidation), array('s_name' => 'logged_user_item_validation'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $regUserPost), array('s_name' => 'reg_user_post'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewItem), array('s_name' => 'notify_new_item'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactItem), array('s_name' => 'notify_contact_item'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactFriends), array('s_name' => 'notify_contact_friends'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldPriceItems), array('s_name' => 'enableField#f_price@items'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldImagesItems), array('s_name' => 'enableField#images@items'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $itemsWaitTime), array('s_name' => 'items_wait_time'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $numImagesItems), array('s_name' => 'numImages@items'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $regUserCanContact), array('s_name' => 'reg_user_can_contact'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $contactItemAttachment), array('s_name' => 'item_attachment'));
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m("Listings' settings have been updated"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings');
break;
case 'items_reported':
require_once osc_lib_path() . "osclass/classes/datatables/ItemsDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray("get");
$itemsDataTable = new ItemsDataTable();
$itemsDataTable->tableReported($params);
$aData = $itemsDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $itemsDataTable->rawRows());
//calling the view...
$this->doView('items/reported.php');
break;
default:
// default
require_once osc_lib_path() . "osclass/classes/datatables/ItemsDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray("get");
$itemsDataTable = new ItemsDataTable();
$itemsDataTable->table($params);
$aData = $itemsDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('withFilters', $itemsDataTable->withFilters());
$this->_exportVariableToView('aRawRows', $itemsDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Delete'))), 'label' => __('Delete')), array('value' => 'activate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'disable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'enable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unblock'))), 'label' => __('Unblock')), array('value' => 'premium_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Mark as premium'))), 'label' => __('Mark as premium')), array('value' => 'depremium_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unmark as premium'))), 'label' => __('Unmark as premium')), array('value' => 'spam_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Mark as spam'))), 'label' => __('Mark as spam')), array('value' => 'despam_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unmark as spam'))), 'label' => __('Unmark as spam')));
$bulk_options = osc_apply_filter("item_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
//calling the view...
$this->doView('items/index.php');
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
osc_csrf_check();
switch (Params::getParam('bulk_actions')) {
case 'delete':
$ids = Params::getParam("id");
if (is_array($ids)) {
foreach ($ids as $id) {
osc_deleteResource($id, true);
}
$log_ids = substr(implode(",", $ids), 0, 250);
Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id());
$this->resourcesManager->deleteResourcesIds($ids);
}
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
break;
default:
if (Params::getParam("bulk_actions") != "") {
osc_run_hook("media_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id'));
}
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=media');
break;
case 'delete':
osc_csrf_check();
$ids = Params::getParam('id');
if (is_array($ids)) {
foreach ($ids as $id) {
osc_deleteResource($id, true);
}
$log_ids = substr(implode(",", $ids), 0, 250);
Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id());
$this->resourcesManager->deleteResourcesIds($ids);
}
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=media');
break;
default:
require_once osc_lib_path() . "osclass/classes/datatables/MediaDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$mediaDataTable = new MediaDataTable();
$mediaDataTable->table($params);
$aData = $mediaDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $mediaDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected media files?'), strtolower(__('Delete'))), 'label' => __('Delete')));
$bulk_options = osc_apply_filter("media_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
$this->doView('media/index.php');
break;
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
foreach ($cities as $k => $city) {
$cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")";
}
echo json_encode($cities);
break;
case 'location_countries':
// This is the autocomplete AJAX
$countries = Country::newInstance()->ajax(Params::getParam("term"));
echo json_encode($countries);
break;
case 'location_regions':
// This is the autocomplete AJAX
$regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country"));
echo json_encode($regions);
break;
case 'location_cities':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region"));
echo json_encode($cities);
break;
case 'delete_image':
// Delete images via AJAX
$ajax_photo = Params::getParam('ajax_photo');
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
$json = array();
if ($ajax_photo != '') {
$files = Session::newInstance()->_get('ajax_files');
$success = false;
foreach ($files as $uuid => $file) {
if ($file == $ajax_photo) {
$filename = $files[$uuid];
unset($files[$uuid]);
Session::newInstance()->_set('ajax_files', $files);
$success = @unlink(osc_content_path() . 'uploads/temp/' . $filename);
break;
}
}
echo json_encode(array('success' => $success, 'msg' => $success ? _m('The selected photo has been successfully deleted') : _m("The selected photo couldn't be deleted")));
return false;
}
if (Session::newInstance()->_get('userId') != '') {
$userId = Session::newInstance()->_get('userId');
$user = User::newInstance()->findByPrimaryKey($userId);
} else {
$userId = null;
$user = null;
}
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
$json['success'] = false;
$json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist");
echo json_encode($json);
return false;
}
$aItem = Item::newInstance()->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't exist");
echo json_encode($json);
return false;
}
if (!osc_is_admin_user_logged_in()) {
// Check if the item belong to the user
if ($userId != null && $userId != $aItem['fk_i_user_id']) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't belong to you");
echo json_encode($json);
return false;
}
// Check if the secret passphrase match with the item
if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't belong to you");
echo json_encode($json);
return false;
}
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->existResource($id, $code);
if ($result > 0) {
$resource = ItemResource::newInstance()->findByPrimaryKey($id);
if ($resource['fk_i_item_id'] == $item) {
// Delete: file, db table entry
if (defined(OC_ADMIN)) {
osc_deleteResource($id, true);
Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id());
} else {
osc_deleteResource($id, false);
Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id());
}
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
$json['msg'] = _m('The selected photo has been successfully deleted');
$json['success'] = 'true';
} else {
$json['msg'] = _m("The selected photo does not belong to you");
$json['success'] = 'false';
}
} else {
$json['msg'] = _m("The selected photo couldn't be deleted");
$json['success'] = 'false';
}
echo json_encode($json);
return true;
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$encoded_alert = Params::getParam("alert");
$alert = osc_decrypt_alert(base64_decode($encoded_alert));
// check alert integrity / signature
$stringToSign = osc_get_alert_public_key() . $encoded_alert;
$signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign));
$server_signature = Session::newInstance()->_get('alert_signature');
if ($server_signature != $signature) {
echo '-2';
return false;
}
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if (osc_is_web_user_logged_in()) {
$userid = osc_logged_user_id();
$user = User::newInstance()->findByPrimaryKey($userid);
$email = $user['s_email'];
}
if ($alert != '' && $email != '') {
if (osc_validate_email($email)) {
$secret = osc_genRandomPassword();
if ($alertID = Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) {
if ((int) $userid > 0) {
$user = User::newInstance()->findByPrimaryKey($userid);
if ($user['b_active'] == 1 && $user['b_enabled'] == 1) {
Alerts::newInstance()->activate($alertID);
echo '1';
return true;
} else {
echo '-1';
return false;
}
} else {
$aAlert = Alerts::newInstance()->findByPrimaryKey($alertID);
osc_run_hook('hook_email_alert_validation', $aAlert, $email, $secret);
}
echo "1";
} else {
echo "0";
}
return true;
} else {
echo '-1';
return false;
}
}
echo '0';
return false;
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_' . $hook);
break;
}
break;
case 'custom':
// Execute via AJAX custom file
if (Params::existParam('route')) {
$routes = Rewrite::newInstance()->getRoutes();
$rid = Params::getParam('route');
$file = '../';
if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
$file = $routes[$rid]['file'];
}
} else {
// DEPRECATED: Disclosed path in URL is deprecated, use routes instead
// This will be REMOVED in 3.4
$file = Params::getParam('ajaxfile');
}
if ($file == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (strpos($file, '../') !== false || strpos($file, '..\\') !== false || stripos($file, '/admin/') !== false) {
//If the file is inside an "admin" folder, it should NOT be opened in frontend
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $file)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $file;
break;
case 'check_username_availability':
$username = osc_sanitize_username(Params::getParam('s_username'));
if (!osc_is_username_blacklisted($username)) {
$user = User::newInstance()->findByUsername($username);
if (isset($user['s_username'])) {
echo json_encode(array('exists' => 1, 's_username' => $username));
} else {
echo json_encode(array('exists' => 0, 's_username' => $username));
}
} else {
echo json_encode(array('exists' => 1, 's_username' => $username));
}
break;
case 'ajax_upload':
// Include the uploader class
require_once LIB_PATH . "AjaxUploader.php";
$uploader = new AjaxUploader();
$original = pathinfo($uploader->getOriginalName());
$filename = uniqid("qqfile_") . "." . $original['extension'];
$result = $uploader->handleUpload(osc_content_path() . 'uploads/temp/' . $filename);
$result['uploadName'] = $filename;
echo htmlspecialchars(json_encode($result), ENT_NOQUOTES);
break;
case 'ajax_validate':
$id = Params::getParam('id');
if (!is_numeric($id)) {
echo json_encode(array('success' => false));
die;
}
$secret = Params::getParam('secret');
$item = Item::newInstance()->findByPrimaryKey($id);
if ($item['s_secret'] != $secret) {
echo json_encode(array('success' => false));
die;
}
$nResources = ItemResource::newInstance()->countResources($id);
$result = array('success' => $nResources < osc_max_images_per_item(), 'count' => $nResources);
echo json_encode($result);
break;
case 'delete_ajax_upload':
$files = Session::newInstance()->_get('ajax_files');
$success = false;
$filename = '';
if (isset($files[Params::getParam('qquuid')]) && $files[Params::getParam('qquuid')] != '') {
$filename = $files[Params::getParam('qquuid')];
unset($files[Params::getParam('qquuid')]);
Session::newInstance()->_set('ajax_files', $files);
$success = @unlink(osc_content_path() . 'uploads/temp/' . $filename);
}
echo json_encode(array('success' => $success, 'uploadName' => $filename));
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
function doModel()
{
switch ($this->action) {
case 'dashboard':
//dashboard...
$max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
$aItems = Item::newInstance()->findByUserIDEnabled(Session::newInstance()->_get('userId'), 0, $max_items);
//calling the view...
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('max_items', $max_items);
$this->doView('user-dashboard.php');
break;
case 'profile':
//profile...
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($user['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
} elseif (count($aCountries) > 0) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
$aCities = array();
if ($user['fk_i_region_id'] != '') {
$aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
}
//calling the view...
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('user', $user);
$this->doView('user-profile.php');
break;
case 'profile_post':
//profile post...
$userId = Session::newInstance()->_get('userId');
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->edit($userId);
osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
$this->redirectTo(osc_user_profile_url());
break;
case 'alerts':
//alerts
$aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'));
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
foreach ($aAlerts as $k => $a) {
$search = osc_unserialize(base64_decode($a['s_search']));
$search->limit(0, 3);
$aAlerts[$k]['items'] = $search->doSearch();
}
$this->_exportVariableToView('alerts', $aAlerts);
View::newInstance()->_reset('alerts');
$this->_exportVariableToView('user', $user);
$this->doView('user-alerts.php');
break;
case 'change_email':
//change email
$this->doView('user-change_email.php');
break;
case 'change_email_post':
//change email post
if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) {
osc_add_flash_error_message(_m('The specified e-mail is not valid'));
$this->redirectTo(osc_change_user_email_url());
} else {
$user = User::newInstance()->findByEmail(Params::getParam('new_email'));
if (!isset($user['pk_i_id'])) {
$userEmailTmp = array();
$userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
$userEmailTmp['s_new_email'] = Params::getParam('new_email');
UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
$code = osc_genRandomPassword(30);
$date = date('Y-m-d H:i:s');
$userManager = new User();
$userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
$validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified e-mail is already in use'));
$this->redirectTo(osc_change_user_email_url());
}
}
break;
case 'change_password':
//change password
$this->doView('user-change_password.php');
break;
case 'change_password_post':
//change password post
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
if (Params::getParam('password') == '' || Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_change_user_password_url());
}
if ($user['s_password'] != sha1(Params::getParam('password'))) {
osc_add_flash_error_message(_m('Current password doesn\'t match'));
$this->redirectTo(osc_change_user_password_url());
}
if (!Params::getParam('new_password')) {
osc_add_flash_error_message(_m('Passwords can\'t be empty'));
$this->redirectTo(osc_change_user_password_url());
}
if (Params::getParam('new_password') != Params::getParam('new_password2')) {
osc_add_flash_error_message(_m('Passwords don\'t match'));
$this->redirectTo(osc_change_user_password_url());
}
User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('Password has been changed'));
$this->redirectTo(osc_user_profile_url());
break;
case 'items':
// view items user
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5;
$page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0;
$total_items = Item::newInstance()->countByUserIDEnabled($_SESSION['userId']);
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findByUserIDEnabled($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('list_total_pages', $total_pages);
$this->_exportVariableToView('list_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('list_page', $page);
$this->doView('user-items.php');
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator'));
}
$this->redirectTo(osc_base_url(true));
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
if ($email != '' && $secret != '') {
Alerts::newInstance()->delete(array('s_email' => $email, 's_secret' => $secret));
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator'));
}
$this->redirectTo(osc_user_alerts_url());
break;
case 'deleteResource':
$id = Params::getParam('id');
$name = Params::getParam('name');
$fkid = Params::getParam('fkid');
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name));
$this->redirectTo(osc_base_url(true) . "?page=item&action=item_edit&id=" . $fkid);
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
$mItems = new ItemActions(true);
switch (Params::getParam('bulk_actions')) {
case 'enable_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->enable($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been enabled', '%d items have been enabled', $numSuccess), $numSuccess), 'admin');
}
break;
case 'disable_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->disable((int) $_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been disabled', '%d items have been disabled', $numSuccess), $numSuccess), 'admin');
}
break;
case 'activate_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->activate($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been activated', '%d items have been activated', $numSuccess), $numSuccess), 'admin');
}
break;
case 'deactivate_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->deactivate($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_m('%d item has been deactivated', '%d items have been deactivated', $numSuccess), $numSuccess), 'admin');
}
break;
case 'premium_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->premium($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been marked as premium', '%d items have been marked as premium', $numSuccess), $numSuccess), 'admin');
}
break;
case 'depremium_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->premium($_id, false)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin');
}
break;
case 'spam_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->spam($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been marked as spam', '%d items have been marked as spam', $numSuccess), $numSuccess), 'admin');
}
break;
case 'despam_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->spam($_id, false)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d change have been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin');
}
break;
case 'delete_all':
$id = Params::getParam('id');
$success = false;
if ($id != '') {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$item = $this->itemManager->findByPrimaryKey($i);
$success = $mItems->delete($item['s_secret'], $item['pk_i_id']);
if ($success) {
$numSuccess++;
}
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been deleted', '%d items have been deleted', $numSuccess), $numSuccess), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'delete':
//delete
$id = Params::getParam('id');
$success = false;
foreach ($id as $i) {
if ($i) {
$aItem = $this->itemManager->findByPrimaryKey($i);
$mItems = new ItemActions(true);
$success = $mItems->delete($aItem['s_secret'], $aItem['pk_i_id']);
}
}
if ($success) {
osc_add_flash_ok_message(_m('The item has been deleted'), 'admin');
} else {
osc_add_flash_error_message(_m('The item couldn\'t be deleted'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'status':
//status
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) {
return false;
}
$item = $this->itemManager->findByPrimaryKey($id);
$mItems = new ItemActions(true);
switch ($value) {
case 'ACTIVE':
$success = $mItems->activate($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The item has been activated'), 'admin');
} else {
if (!$success) {
osc_add_flash_error_message(_m('Some error has occurred'), 'admin');
} else {
osc_add_flash_error_message(_m('The item cannot be activated, because it is blocked'), 'admin');
}
}
break;
case 'INACTIVE':
$success = $mItems->deactivate($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The item has been deactivated'), 'admin');
} else {
osc_add_flash_error_message(_m('Some error has occurred'), 'admin');
}
break;
case 'ENABLE':
$success = $mItems->enable($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The item has been enabled'), 'admin');
} else {
osc_add_flash_error_message(_m('Some error has occurred'), 'admin');
}
break;
case 'DISABLE':
$success = $mItems->disable($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The item has been disabled'), 'admin');
} else {
osc_add_flash_error_message(_m('Some error has occurred'), 'admin');
}
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'status_premium':
//status premium
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array(0, 1))) {
return false;
}
$mItems = new ItemActions(true);
if ($mItems->premium($id, $value == 1 ? true : false)) {
osc_add_flash_ok_message(_m('Changes have been applied'), 'admin');
} else {
osc_add_flash_error_message(_m('Some error has occurred'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'status_spam':
//status spam
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array(0, 1))) {
return false;
}
$mItems = new ItemActions(true);
if ($mItems->spam($id, $value == 1 ? true : false)) {
osc_add_flash_ok_message(_m('Changes have been applied'), 'admin');
} else {
osc_add_flash_error_message(_m('Some error has occurred'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'clear_stat':
$id = Params::getParam('id');
$stat = Params::getParam('stat');
if (!$id) {
return false;
}
if (!$stat) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
$success = $this->itemManager->clearStat($id, $stat);
if ($success) {
osc_add_flash_ok_message(_m('The item has been unmarked as') . " {$stat}", 'admin');
} else {
osc_add_flash_error_message(_m('The item hasn\'t been unmarked as') . " {$stat}", 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items&stat=" . $stat);
break;
case 'item_edit':
// edit item
$id = Params::getParam('id');
$item = Item::newInstance()->findByPrimaryKey($id);
if (count($item) <= 0) {
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
}
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView("item", $item);
$this->_exportVariableToView("new_item", FALSE);
$this->doView('items/frm.php');
break;
case 'item_edit_post':
$mItems = new ItemActions(true);
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
$success = $mItems->edit();
if ($success == 1) {
Session::newInstance()->_clearVariables();
osc_add_flash_ok_message(_m('Changes saved correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
} else {
osc_add_flash_error_message($success, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items&action=item_edit&id=" . Params::getParam('id'));
}
break;
case 'deleteResource':
//delete resource
$id = Params::getParam('id');
$name = Params::getParam('name');
$fkid = Params::getParam('fkid');
// delete files
osc_deleteResource($id, true);
Log::newInstance()->insertLog('items', 'deleteResource', $id, $id, 'admin', osc_logged_admin_id());
$result = ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name));
if ($result === false) {
osc_add_flash_error_message(_m('Some error has occurred'), 'admin');
} else {
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'post':
// add item
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView("new_item", TRUE);
$this->doView('items/frm.php');
break;
case 'post_item':
//post item
$mItem = new ItemActions(true);
$mItem->prepareData(true);
// set all parameters into session
foreach ($mItem->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
$success = $mItem->add();
if ($success == 1 || $success == 2) {
Session::newInstance()->_clearVariables();
osc_add_flash_ok_message(_m('A new item has been added'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
} else {
osc_add_flash_error_message($success, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items&action=post");
}
break;
case 'settings':
// calling the items settings view
$this->doView('items/settings.php');
break;
case 'settings_post':
// update item settings
$iUpdated = 0;
$enabledRecaptchaItems = Params::getParam('enabled_recaptcha_items');
$enabledRecaptchaItems = $enabledRecaptchaItems == '1' ? true : false;
$moderateItems = Params::getParam('moderate_items');
$moderateItems = $moderateItems != '' ? true : false;
$numModerateItems = Params::getParam('num_moderate_items');
$itemsWaitTime = Params::getParam('items_wait_time');
$loggedUserItemValidation = Params::getParam('logged_user_item_validation');
$loggedUserItemValidation = $loggedUserItemValidation != '' ? true : false;
$regUserPost = Params::getParam('reg_user_post');
$regUserPost = $regUserPost != '' ? true : false;
$notifyNewItem = Params::getParam('notify_new_item');
$notifyNewItem = $notifyNewItem != '' ? true : false;
$notifyContactItem = Params::getParam('notify_contact_item');
$notifyContactItem = $notifyContactItem != '' ? true : false;
$notifyContactFriends = Params::getParam('notify_contact_friends');
$notifyContactFriends = $notifyContactFriends != '' ? true : false;
$enabledFieldPriceItems = Params::getParam('enableField#f_price@items');
$enabledFieldPriceItems = $enabledFieldPriceItems != '' ? true : false;
$enabledFieldImagesItems = Params::getParam('enableField#images@items');
$enabledFieldImagesItems = $enabledFieldImagesItems != '' ? true : false;
$numImagesItems = Params::getParam('numImages@items');
if ($numImagesItems == '') {
$numImagesItems = 0;
}
$regUserCanContact = Params::getParam('reg_user_can_contact');
$regUserCanContact = $regUserCanContact != '' ? true : false;
$contactItemAttachment = Params::getParam('item_attachment');
$contactItemAttachment = $contactItemAttachment != '' ? true : false;
$msg = '';
if (!osc_validate_int(Params::getParam("items_wait_time"))) {
$msg .= _m("Wait time has to be numeric only") . "<br/>";
}
if (!osc_validate_int(Params::getParam("num_moderate_items"))) {
$msg .= _m("Number of moderated items has to be numeric only") . "<br/>";
}
if (!osc_validate_int($numImagesItems)) {
$msg .= _m("Images per item has to be numeric only") . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings');
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $enabledRecaptchaItems), array('s_name' => 'enabled_recaptcha_items'));
if ($moderateItems) {
$iUpdated += Preference::newInstance()->update(array('s_value' => $numModerateItems), array('s_name' => 'moderate_items'));
} else {
$iUpdated += Preference::newInstance()->update(array('s_value' => '-1'), array('s_name' => 'moderate_items'));
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $loggedUserItemValidation), array('s_name' => 'logged_user_item_validation'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $regUserPost), array('s_name' => 'reg_user_post'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewItem), array('s_name' => 'notify_new_item'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactItem), array('s_name' => 'notify_contact_item'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactFriends), array('s_name' => 'notify_contact_friends'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldPriceItems), array('s_name' => 'enableField#f_price@items'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldImagesItems), array('s_name' => 'enableField#images@items'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $itemsWaitTime), array('s_name' => 'items_wait_time'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $numImagesItems), array('s_name' => 'numImages@items'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $regUserCanContact), array('s_name' => 'reg_user_can_contact'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $contactItemAttachment), array('s_name' => 'item_attachment'));
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m('Items\' settings have been updated'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings');
break;
default:
//default
$catId = Params::getParam('catId');
$countries = Country::newInstance()->listAll();
$regions = array();
if (count($countries) > 0) {
$regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
}
$cities = array();
if (count($regions) > 0) {
$cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
}
//preparing variables for the view
$this->_exportVariableToView("users", User::newInstance()->listAll());
$this->_exportVariableToView("catId", $catId);
$this->_exportVariableToView("stat", Params::getParam('stat'));
$this->_exportVariableToView("countries", $countries);
$this->_exportVariableToView("regions", $regions);
$this->_exportVariableToView("cities", $cities);
//calling the view...
$this->doView('items/index.php');
}
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (!osc_users_enabled()) {
osc_add_flash_message(_m('Users not enabled'));
$this->redirectTo(osc_base_url(true));
}
if (osc_reg_user_post() && $this->user == null) {
// CHANGEME: This text
osc_add_flash_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (!osc_users_enabled()) {
osc_add_flash_message(_m('Users not allowed'));
$this->redirectTo(osc_base_url(true));
}
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_base_url(true));
}
// POST ITEM ( ADD ITEM )
$mItems = new ItemActions(false);
$success = $mItems->add();
if ($success) {
$PcontactName = Params::getParam('contactName');
$PcontactEmail = Params::getParam('contactEmail');
$itemId = Params::getParam('itemId');
$item = array();
if (Session::newInstance()->_get('userId') == '') {
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_new_item_non_register_user');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item = $this->itemManager->findByPrimaryKey($itemId);
$item_url = osc_item_url();
// before page = user , action = item_edit
$edit_url = osc_item_edit_url($item['s_secret'], $itemId);
// before page = user , action = item_delete
$delete_url = osc_item_delete_url($item['s_secret'], $itemId);
$words = array();
$words[] = array('{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{EDIT_LINK}', '{EDIT_URL}', '{DELETE_LINK}', '{DELETE_URL}');
$words[] = array($itemId, $PcontactName, $PcontactEmail, osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $edit_url . '">' . $edit_url . '</a>', $edit_url, '<a href="' . $delete_url . '">' . $delete_url . '</a>', $delete_url);
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $PcontactEmail, 'to_name' => $PcontactName, 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
} else {
$this->redirectTo(osc_item_post_url());
}
break;
case 'item_edit':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$categories = Category::newInstance()->toTree();
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$currencies = Currency::newInstance()->listAll();
$this->_exportVariableToView('item', $item);
//$this->_exportVariableToView('user', $this->user) ;
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
//$this->redirectTo(osc_base_url(true));
osc_add_flash_message(_m('Sorry, we don\'t have any items with that ID'));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
$success = $mItems->edit();
if ($success) {
osc_add_flash_message(_m('Great! We\'ve just updated your item'));
$this->redirectTo(osc_base_url(true) . "?page=item&id={$id}");
} else {
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['e_status'] == 'INACTIVE') {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_message(_m('The item has been validated'));
} else {
osc_add_flash_message(_m('The item can\'t be validated'));
}
} else {
osc_add_flash_message(_m('The item has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_message(_m('Your item has been deleted'));
} else {
osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
$this->redirectTo(osc_base_url());
}
break;
case 'deleteResource':
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
osc_add_flash_message(_m("The selected photo couldn't be deleted, the url doesn't exist"));
if ($this->userId == null) {
$this->redirectTo(osc_base_url());
} else {
$this->redirectTo(osc_user_dashboard_url());
}
}
$aItem = $this->itemManager->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
osc_add_flash_message(_m('The item doesn\'t exist'));
$this->redirectTo(osc_base_url());
}
// Check if the item belong to the user
if ($this->userId != null && $this->userId != $aItem['fk_i_user_id']) {
osc_add_flash_message(_m('The item doesn\'t belong to you'));
$this->redirectTo(osc_item_url_ns($item));
}
// Check if the secret passphrase match with the item
if ($this->userId == null && $secret != $aItem['s_secret']) {
osc_add_flash_message(_m('The item doesn\'t belong to you'));
$this->redirectTo(osc_item_url_ns($item));
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->getResourceSecure($id, $code);
if ($result > 0) {
// Delete: file, db table entry
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
osc_add_flash_message(_m('The selected photo has been successfully deleted'));
} else {
osc_add_flash_message(_m("The selected photo couldn't be deleted"));
}
// Redirect to item_edit. If unregistered user, include $secret.
$this->redirectTo(osc_item_edit_url($secret, $item));
break;
case 'mark':
$mItem = new ItemActions(false);
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
$mItem->mark($id, $as);
osc_add_flash_message(_m('Thanks! That\'s very helpful'));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$mItem = new ItemActions(false);
$mItem->send_friend();
$item_url = Params::getParam('item_url');
$this->redirectTo($item_url);
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date) {
// The item is expired, we can not contact the seller
osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_create_item_url($item));
}
}
$this->_exportVariableToView('item', $item);
$this->doView('item-contact.php');
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date) {
// The item is expired, we can not contact the seller
osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
}
$mItem = new ItemActions(false);
$mItem->contact();
osc_add_flash_message(_m('We\'ve just sent an e-mail to the seller'));
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
break;
case 2:
$msg = _m('Your comment has been approved');
break;
case 3:
$msg = _m('Please fill the required fields (name, email)');
break;
case 4:
$msg = _m('Please type a comment');
break;
case 5:
$msg = _m('Your comment has been marked as spam');
break;
}
osc_add_flash_message($msg);
$this->redirectTo(Params::getParam('itemURL'));
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_message(_m('You have to be logged to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_message(_m('The comment doesn\'t exist'));
$this->redirectTo(osc_item_url());
}
if ($aComment['e_status'] != 'ACTIVE') {
osc_add_flash_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_message(_m('You cannot delete the comment'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_message(_m('The comment has been deleted correctly'));
$this->redirectTo(osc_item_url());
break;
default:
if (Params::getParam('id') == '') {
$this->redirectTo(osc_base_url());
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist redirect to base url
if (count($item) == 0) {
osc_add_flash_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
if ($item['e_status'] != 'ACTIVE') {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users'));
} else {
osc_add_flash_message(_m('This item hasn\'t been validated'));
$this->redirectTo(osc_base_url(true));
}
}
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
$this->_exportVariableToView('items', array($item));
osc_run_hook('show_item', $item);
$this->doView('item.php');
}
break;
case 'dashboard':
//dashboard...
break;
}
}
/**
* Delete resources from the hard drive
* @param <type> $itemId
*/
public function deleteResourcesFromHD($itemId)
{
$resources = ItemResource::newInstance()->getAllResources($itemId);
foreach ($resources as $resource) {
osc_deleteResource($resource['pk_i_id']);
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
switch (Params::getParam('bulk_actions')) {
case 'enable_all':
$id = Params::getParam('id');
$value = 1;
try {
if ($id) {
$count = count($id);
foreach ($id as $_id) {
$this->itemManager->update(array('b_enabled' => $value), array('pk_i_id' => $_id));
$item = $this->itemManager->findByPrimaryKey($_id);
CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']);
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been enabled', '%d items have been enabled', $count), $count), 'admin');
}
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
break;
case 'disable_all':
$id = Params::getParam('id');
$value = 0;
try {
if ($id) {
$count = count($id);
foreach ($id as $_id) {
$this->itemManager->update(array('b_enabled' => $value), array('pk_i_id' => $_id));
$item = $this->itemManager->findByPrimaryKey($_id);
CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']);
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been disabled', '%d items have been disabled', $count), $count), 'admin');
}
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
break;
case 'activate_all':
$id = Params::getParam('id');
$value = 1;
try {
if ($id) {
$count = count($id);
foreach ($id as $_id) {
$this->itemManager->update(array('b_active' => $value), array('pk_i_id' => $_id));
$item = $this->itemManager->findByPrimaryKey($_id);
CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']);
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been activated', '%d items have been activated', $count), $count), 'admin');
}
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
break;
case 'deactivate_all':
$id = Params::getParam('id');
$value = 0;
try {
if ($id) {
$count = count($id);
foreach ($id as $_id) {
$this->itemManager->update(array('b_active' => $value), array('pk_i_id' => $_id));
$item = $this->itemManager->findByPrimaryKey($_id);
CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']);
}
osc_add_flash_ok_message(sprintf(_m('%d item has been deactivated', '%d items have been deactivated', $count), $count), 'admin');
}
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
break;
case 'premium_all':
$id = Params::getParam('id');
$value = 1;
try {
if ($id) {
$count = count($id);
$mItems = new ItemActions(true);
foreach ($id as $_id) {
$mItems->premium($_id);
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been marked as premium', '%d items have been marked as premium', $count), $count), 'admin');
}
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
break;
case 'depremium_all':
$id = Params::getParam('id');
$value = 0;
try {
if ($id) {
$count = count($id);
$mItems = new ItemActions(true);
foreach ($id as $_id) {
$mItems->premium($_id, false);
}
osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $count), $count), 'admin');
}
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
break;
case 'spam_all':
$id = Params::getParam('id');
$value = 1;
try {
if ($id) {
$count = count($id);
foreach ($id as $_id) {
$this->itemManager->update(array('b_spam' => $value), array('pk_i_id' => $_id));
}
osc_add_flash_ok_message(sprintf(_mn('%d item has been marked as spam', '%d items have been marked as spam', $count), $count), 'admin');
}
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
break;
case 'despam_all':
$id = Params::getParam('id');
$value = 0;
try {
if ($id) {
$count = count($id);
foreach ($id as $_id) {
$this->itemManager->update(array('b_spam' => $value), array('pk_i_id' => $_id));
}
osc_add_flash_ok_message(sprintf(_mn('%d change have been made', '%d changes have been made', $count), $count), 'admin');
}
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
break;
case 'delete_all':
$id = Params::getParam('id');
$success = false;
if ($id != '') {
$count = count($id);
foreach ($id as $i) {
if ($i) {
$item = $this->itemManager->findByPrimaryKey($i);
$mItems = new ItemActions(true);
$success = $mItems->delete($item['s_secret'], $item['pk_i_id']);
}
}
}
if ($success) {
osc_add_flash_ok_message(sprintf(_mn('%d item has been deleted', '%d items have been deleted', $count), $count), 'admin');
} else {
osc_add_flash_error_message(_m('The item couldn\'t be deleted'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'delete':
//delete
$id = Params::getParam('id');
$success = false;
foreach ($id as $i) {
if ($i) {
$item = $this->itemManager->findByPrimaryKey($i);
$mItems = new ItemActions(true);
$success = $mItems->delete($item['s_secret'], $item['pk_i_id']);
}
}
if ($success) {
osc_add_flash_ok_message(_m('The item has been deleted'), 'admin');
} else {
osc_add_flash_error_message(_m('The item couldn\'t be deleted'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'status':
//status
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) {
return false;
}
try {
$item = $this->itemManager->findByPrimaryKey($id);
switch ($value) {
case 'ACTIVE':
$this->itemManager->update(array('b_active' => 1), array('pk_i_id' => $id));
osc_add_flash_ok_message(_m('The item has been activated'), 'admin');
if ($item['b_enabled'] == 1 && $item['b_active'] == 0) {
CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']);
if ($item['fk_i_user_id'] != null) {
$user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
if ($user) {
User::newInstance()->update(array('i_items' => $user['i_items'] + 1), array('pk_i_id' => $user['pk_i_id']));
}
}
}
break;
case 'INACTIVE':
$this->itemManager->update(array('b_active' => 0), array('pk_i_id' => $id));
osc_add_flash_ok_message(_m('The item has been deactivated'), 'admin');
if ($item['b_enabled'] == 1 && $item['b_active'] == 1) {
CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']);
if ($item['fk_i_user_id'] != null) {
$user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
if ($user) {
User::newInstance()->update(array('i_items' => $user['i_items'] - 1), array('pk_i_id' => $user['pk_i_id']));
}
}
}
break;
case 'ENABLE':
$this->itemManager->update(array('b_enabled' => 1), array('pk_i_id' => $id));
osc_add_flash_ok_message(_m('The item has been enabled'), 'admin');
if ($item['b_enabled'] == 0 && $item['b_active'] == 1) {
CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']);
if ($item['fk_i_user_id'] != null) {
$user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
if ($user) {
User::newInstance()->update(array('i_items' => $user['i_items'] + 1), array('pk_i_id' => $user['pk_i_id']));
}
}
}
break;
case 'DISABLE':
$this->itemManager->update(array('b_enabled' => 0), array('pk_i_id' => $id));
osc_add_flash_ok_message(_m('The item has been disabled'), 'admin');
if ($item['b_enabled'] == 1 && $item['b_active'] == 1) {
CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']);
if ($item['fk_i_user_id'] != null) {
$user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
if ($user) {
User::newInstance()->update(array('i_items' => $user['i_items'] - 1), array('pk_i_id' => $user['pk_i_id']));
}
}
}
break;
}
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'status_premium':
//status premium
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array(0, 1))) {
return false;
}
try {
$mItems = new ItemActions(true);
$mItems->premium($id, $value == 1 ? true : false);
/*$this->itemManager->update(
array('b_premium' => $value),
array('pk_i_id' => $id)
);*/
osc_add_flash_ok_message(_m('Changes have been applied'), 'admin');
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'status_spam':
//status spam
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array(0, 1))) {
return false;
}
try {
$this->itemManager->update(array('b_spam' => $value), array('pk_i_id' => $id));
osc_add_flash_ok_message(_m('Changes have been applied'), 'admin');
} catch (Exception $e) {
osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'clear_stat':
$id = Params::getParam('id');
$stat = Params::getParam('stat');
if (!$id) {
return false;
}
if (!$stat) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
$success = $this->itemManager->clearStat($id, $stat);
if ($success) {
osc_add_flash_ok_message(_m('The item has been unmarked as') . " {$stat}", 'admin');
} else {
osc_add_flash_error_message(_m('The item hasn\'t been unmarked as') . " {$stat}", 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items&stat=" . $stat);
break;
case 'item_edit':
// edit item
$id = Params::getParam('id');
$item = Item::newInstance()->findByPrimaryKey($id);
if (count($item) <= 0) {
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
}
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView("item", $item);
$this->_exportVariableToView("new_item", FALSE);
$this->doView('items/frm.php');
break;
case 'item_edit_post':
$mItems = new ItemActions(true);
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
$success = $mItems->edit();
if ($success == 1) {
$id = Params::getParam('userId');
if ($id != '') {
$user = User::newInstance()->findByPrimaryKey($id);
Item::newInstance()->update(array('fk_i_user_id' => $id, 's_contact_name' => $user['s_name'], 's_contact_email' => $user['s_email']), array('pk_i_id' => Params::getParam('id'), 's_secret' => Params::getParam('secret')));
} else {
Item::newInstance()->update(array('fk_i_user_id' => NULL, 's_contact_name' => Params::getParam('contactName'), 's_contact_email' => Params::getParam('contactEmail')), array('pk_i_id' => Params::getParam('id'), 's_secret' => Params::getParam('secret')));
}
osc_add_flash_ok_message(_m('Changes saved correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
} else {
osc_add_flash_error_message($success, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items&action=item_edit&id=" . Params::getParam('id'));
}
break;
case 'deleteResource':
//delete resource
$id = Params::getParam('id');
$name = Params::getParam('name');
$fkid = Params::getParam('fkid');
// delete files
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name));
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'post':
// add item
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView("new_item", TRUE);
$this->doView('items/frm.php');
break;
case 'post_item':
//post item
$mItem = new ItemActions(true);
$mItem->prepareData(true);
// set all parameters into session
foreach ($mItem->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
$success = $mItem->add();
if ($success == 1 || $success == 2) {
osc_add_flash_ok_message(_m('A new item has been added'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
} else {
osc_add_flash_error_message($success, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items&action=post");
}
break;
case 'settings':
// calling the items settings view
$this->doView('items/settings.php');
break;
case 'settings_post':
// update item settings
$iUpdated = 0;
$enabledRecaptchaItems = Params::getParam('enabled_recaptcha_items');
$enabledRecaptchaItems = $enabledRecaptchaItems != '' ? true : false;
$moderateItems = Params::getParam('moderate_items');
$moderateItems = $moderateItems != '' ? true : false;
$numModerateItems = Params::getParam('num_moderate_items');
$itemsWaitTime = Params::getParam('items_wait_time');
$loggedUserItemValidation = Params::getParam('logged_user_item_validation');
$loggedUserItemValidation = $loggedUserItemValidation != '' ? true : false;
$regUserPost = Params::getParam('reg_user_post');
$regUserPost = $regUserPost != '' ? true : false;
$notifyNewItem = Params::getParam('notify_new_item');
$notifyNewItem = $notifyNewItem != '' ? true : false;
$notifyContactItem = Params::getParam('notify_contact_item');
$notifyContactItem = $notifyContactItem != '' ? true : false;
$notifyContactFriends = Params::getParam('notify_contact_friends');
$notifyContactFriends = $notifyContactFriends != '' ? true : false;
$enabledFieldPriceItems = Params::getParam('enableField#f_price@items');
$enabledFieldPriceItems = $enabledFieldPriceItems != '' ? true : false;
$enabledFieldImagesItems = Params::getParam('enableField#images@items');
$enabledFieldImagesItems = $enabledFieldImagesItems != '' ? true : false;
$numImagesItems = Params::getParam('numImages@items');
if ($numImagesItems == '') {
$numImagesItems = 0;
}
$regUserCanContact = Params::getParam('reg_user_can_contact');
$regUserCanContact = $regUserCanContact != '' ? true : false;
$iUpdated += Preference::newInstance()->update(array('s_value' => $enabledRecaptchaItems), array('s_name' => 'enabled_recaptcha_items'));
if ($moderateItems) {
$iUpdated += Preference::newInstance()->update(array('s_value' => $numModerateItems), array('s_name' => 'moderate_items'));
} else {
$iUpdated += Preference::newInstance()->update(array('s_value' => '-1'), array('s_name' => 'moderate_items'));
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $loggedUserItemValidation), array('s_name' => 'logged_user_item_validation'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $regUserPost), array('s_name' => 'reg_user_post'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewItem), array('s_name' => 'notify_new_item'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactItem), array('s_name' => 'notify_contact_item'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactFriends), array('s_name' => 'notify_contact_friends'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldPriceItems), array('s_name' => 'enableField#f_price@items'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldImagesItems), array('s_name' => 'enableField#images@items'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $itemsWaitTime), array('s_name' => 'items_wait_time'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $numImagesItems), array('s_name' => 'numImages@items'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $regUserCanContact), array('s_name' => 'reg_user_can_contact'));
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m('Items\' settings have been updated'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings');
break;
default:
//default
$catId = Params::getParam('catId');
$countries = Country::newInstance()->listAll();
$regions = array();
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
$cities = array();
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
//preparing variables for the view
$this->_exportVariableToView("users", User::newInstance()->listAll());
$this->_exportVariableToView("catId", $catId);
$this->_exportVariableToView("stat", Params::getParam('stat'));
$this->_exportVariableToView("countries", $countries);
$this->_exportVariableToView("regions", $regions);
$this->_exportVariableToView("cities", $cities);
//calling the view...
$this->doView('items/index.php');
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
foreach ($cities as $k => $city) {
$cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")";
}
echo json_encode($cities);
break;
case 'location_countries':
// This is the autocomplete AJAX
$countries = Country::newInstance()->ajax(Params::getParam("term"));
echo json_encode($countries);
break;
case 'location_regions':
// This is the autocomplete AJAX
$regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country"));
echo json_encode($regions);
break;
case 'location_cities':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region"));
echo json_encode($cities);
break;
case 'delete_image':
// Delete images via AJAX
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
$json = array();
if (Session::newInstance()->_get('userId') != '') {
$userId = Session::newInstance()->_get('userId');
$user = User::newInstance()->findByPrimaryKey($userId);
} else {
$userId = null;
$user = null;
}
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
$json['success'] = false;
$json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist");
echo json_encode($json);
return false;
}
$aItem = Item::newInstance()->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't exist");
echo json_encode($json);
return false;
}
if (!osc_is_admin_user_logged_in()) {
// Check if the item belong to the user
if ($userId != null && $userId != $aItem['fk_i_user_id']) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't belong to you");
echo json_encode($json);
return false;
}
// Check if the secret passphrase match with the item
if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't belong to you");
echo json_encode($json);
return false;
}
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->existResource($id, $code);
if ($result > 0) {
$resource = ItemResource::newInstance()->findByPrimaryKey($id);
if ($resource['fk_i_item_id'] == $item) {
// Delete: file, db table entry
if (defined(OC_ADMIN)) {
osc_deleteResource($id, true);
Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id());
} else {
osc_deleteResource($id, false);
Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id());
}
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
$json['msg'] = _m('The selected photo has been successfully deleted');
$json['success'] = 'true';
} else {
$json['msg'] = _m("The selected photo does not belong to you");
$json['success'] = 'false';
}
} else {
$json['msg'] = _m("The selected photo couldn't be deleted");
$json['success'] = 'false';
}
echo json_encode($json);
return true;
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$alert = Params::getParam("alert");
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if ($alert != '' && $email != '') {
if (osc_validate_email($email)) {
$secret = osc_genRandomPassword();
if ($alertID = Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) {
if ((int) $userid > 0) {
$user = User::newInstance()->findByPrimaryKey($userid);
if ($user['b_active'] == 1 && $user['b_enabled'] == 1) {
Alerts::newInstance()->activate($alertID);
echo '1';
return true;
} else {
echo '-1';
return false;
}
} else {
$aAlert = Alerts::newInstance()->findByPrimaryKey($alertID);
osc_run_hook('hook_email_alert_validation', $aAlert, $email, $secret);
}
echo "1";
} else {
echo "0";
}
return true;
} else {
echo '-1';
return false;
}
}
echo '0';
return false;
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_' . $hook);
break;
}
break;
case 'custom':
// Execute via AJAX custom file
$ajaxFile = Params::getParam("ajaxfile");
if ($ajaxFile == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (stripos($ajaxFile, '../') !== false) {
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $ajaxFile)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $ajaxFile;
break;
case 'check_username_availability':
$username = osc_sanitize_username(Params::getParam('s_username'));
if (!osc_is_username_blacklisted($username)) {
$user = User::newInstance()->findByUsername($username);
if (isset($user['s_username'])) {
echo json_encode(array('exists' => 1, 's_username' => $username));
} else {
echo json_encode(array('exists' => 0, 's_username' => $username));
}
} else {
echo json_encode(array('exists' => 1, 's_username' => $username));
}
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
switch (Params::getParam('bulk_actions')) {
case 'activate_all':
$id = Params::getParam('id');
$value = 'ACTIVE';
try {
if ($id) {
foreach ($id as $_id) {
$this->itemManager->update(array('e_status' => $value), array('pk_i_id' => $_id));
$item = $this->itemManager->findByPrimaryKey($_id);
CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']);
}
}
osc_add_flash_message(_m('The items have been activated'), 'admin');
} catch (Exception $e) {
osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin');
}
break;
case 'deactivate_all':
$id = Params::getParam('id');
$value = 'INACTIVE';
try {
if ($id) {
foreach ($id as $_id) {
$this->itemManager->update(array('e_status' => $value), array('pk_i_id' => $_id));
$item = $this->itemManager->findByPrimaryKey($_id);
CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']);
}
}
osc_add_flash_message(_m('The items have been deactivated'), 'admin');
} catch (Exception $e) {
osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin');
}
break;
case 'premium_all':
$id = Params::getParam('id');
$value = 1;
try {
if ($id) {
foreach ($id as $_id) {
$this->itemManager->update(array('b_premium' => $value), array('pk_i_id' => $_id));
}
}
osc_add_flash_message(_m('The items have been marked as premium'), 'admin');
} catch (Exception $e) {
osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin');
}
break;
case 'depremium_all':
$id = Params::getParam('id');
$value = 0;
try {
if ($id) {
foreach ($id as $_id) {
$this->itemManager->update(array('b_premium' => $value), array('pk_i_id' => $_id));
}
}
osc_add_flash_message(_m('The changes have been made'), 'admin');
} catch (Exception $e) {
osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin');
}
break;
case 'delete_all':
$id = Params::getParam('id');
$success = false;
foreach ($id as $i) {
if ($i) {
$item = $this->itemManager->findByPrimaryKey($i);
$mItems = new ItemActions(true);
$success = $mItems->delete($item['s_secret'], $item['pk_i_id']);
}
}
if ($success) {
osc_add_flash_message(_m('The item has been deleted'), 'admin');
} else {
osc_add_flash_message(_m('The item couldn\'t be deleted'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'delete':
//delete
$id = Params::getParam('id');
$success = false;
foreach ($id as $i) {
if ($i) {
$item = $this->itemManager->findByPrimaryKey($i);
$mItems = new ItemActions(true);
$success = $mItems->delete($item['s_secret'], $item['pk_i_id']);
}
}
if ($success) {
osc_add_flash_message(_m('The item has been deleted'), 'admin');
} else {
osc_add_flash_message(_m('The item couldn\'t be deleted'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'status':
//status
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array('ACTIVE', 'INACTIVE'))) {
return false;
}
try {
$this->itemManager->update(array('e_status' => $value), array('pk_i_id' => $id));
$item = $this->itemManager->findByPrimaryKey($id);
switch ($value) {
case 'ACTIVE':
osc_add_flash_message(_m('The item has been activated'), 'admin');
CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']);
break;
case 'INACTIVE':
osc_add_flash_message(_m('The item has been deactivated'), 'admin');
CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']);
break;
}
} catch (Exception $e) {
osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'status_premium':
//status premium
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array(0, 1))) {
return false;
}
try {
$this->itemManager->update(array('b_premium' => $value), array('pk_i_id' => $id));
osc_add_flash_message(_m('Changes have been applied'), 'admin');
} catch (Exception $e) {
osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'item_edit':
//require_once LIB_PATH . 'osclass/itemActions.php';
$id = Params::getParam('id');
$item = Item::newInstance()->findByPrimaryKey($id);
if (count($item) <= 0) {
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($item['fk_c_country_code']);
}
$cities = array();
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $item['fk_i_region_id']);
}
$resources = Item::newInstance()->findResourcesByID($id);
$this->_exportVariableToView("users", User::newInstance()->listAll());
$this->_exportVariableToView("categories", Category::newInstance()->toTree());
$this->_exportVariableToView("countries", $countries);
$this->_exportVariableToView("regions", $regions);
$this->_exportVariableToView("cities", $cities);
$this->_exportVariableToView("currencies", Currency::newInstance()->listAll());
$this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
$this->_exportVariableToView("item", $item);
$this->_exportVariableToView("resources", $resources);
$this->_exportVariableToView("new_item", FALSE);
$this->doView('items/frm.php');
break;
case 'item_edit_post':
$mItems = new ItemActions(true);
$success = $mItems->edit();
$id = Params::getParam('userId');
if ($id != '') {
$user = User::newInstance()->findByPrimaryKey($id);
Item::newInstance()->update(array('fk_i_user_id' => $id, 's_contact_name' => $user['s_name'], 's_contact_email' => $user['s_email']), array('pk_i_id' => Params::getParam('id'), 's_secret' => Params::getParam('secret')));
} else {
Item::newInstance()->update(array('fk_i_user_id' => NULL, 's_contact_name' => Params::getParam('contactName'), 's_contact_email' => Params::getParam('contactEmail')), array('pk_i_id' => Params::getParam('id'), 's_secret' => Params::getParam('secret')));
}
osc_add_flash_message(_m('Changes saved correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'deleteResource':
//delete resource
$id = Params::getParam('id');
$name = Params::getParam('name');
$fkid = Params::getParam('fkid');
// delete files
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name));
osc_add_flash_message(_m('Resource deleted'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'post':
//post
$countries = Country::newInstance()->listAll();
$regions = array();
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
$cities = array();
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
$this->_exportVariableToView("users", User::newInstance()->listAll());
$this->_exportVariableToView("categories", Category::newInstance()->toTree());
$this->_exportVariableToView("countries", $countries);
$this->_exportVariableToView("regions", $regions);
$this->_exportVariableToView("cities", $cities);
$this->_exportVariableToView("currencies", Currency::newInstance()->listAll());
$this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
$this->_exportVariableToView("item", array());
$this->_exportVariableToView("resources", array());
$this->_exportVariableToView("new_item", TRUE);
$this->doView('items/frm.php');
break;
case 'post_item':
//post item
$mItem = new ItemActions(true);
$success = $mItem->add();
if ($success) {
osc_add_flash_message(_m('A new item has been added'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
} else {
osc_add_flash_message(_m('The item can\'t be added'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
}
break;
default:
//default
$catId = Params::getParam('catId');
//preparing variables for the view
$this->_exportVariableToView("items", $catId ? $this->itemManager->findByCategoryID($catId) : $this->itemManager->listAllWithCategories());
$this->_exportVariableToView("catId", $catId);
$this->_exportVariableToView("stat", Params::getParam('stat'));
//calling the view...
$this->doView('items/index.php');
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
switch (Params::getParam('bulk_actions')) {
case 'delete_all':
$ids = Params::getParam("id");
if (is_array($ids)) {
foreach ($ids as $id) {
osc_deleteResource($id, true);
}
$log_ids = substr(implode(",", $ids), 0, 250);
Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id());
$this->resourcesManager->deleteResourcesIds($ids);
}
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
break;
default:
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=media');
break;
case 'delete':
$ids = Params::getParam('id');
if (is_array($ids)) {
foreach ($ids as $id) {
osc_deleteResource($id, true);
}
$log_ids = substr(implode(",", $ids), 0, 250);
Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id());
$this->resourcesManager->deleteResourcesIds($ids);
}
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=media');
break;
default:
if (Params::getParam('iDisplayLength') == '') {
Params::setParam('iDisplayLength', 10);
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
require_once osc_admin_base_path() . 'ajax/media_processing.php';
$params = Params::getParamsAsArray("get");
$media_processing = new MediaProcessingAjax($params);
$aData = $media_processing->result($params);
$page = (int) Params::getParam('iPage');
if (count($aData['aaData']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aMedia', $aData);
$this->doView('media/index.php');
break;
}
}
/**
* Delete resources from the hard drive
* @param <type> $itemId
*/
public function deleteResourcesFromHD( $itemId )
{
$resources = ItemResource::newInstance()->getAllResourcesFromItem($itemId);
Log::newInstance()->insertLog('itemActions', 'deleteResourcesFromHD', $itemId, $itemId, $this->is_admin?'admin':'user', $this->is_admin?osc_logged_admin_id():osc_logged_user_id());
$log_ids = '';
foreach($resources as $resource) {
osc_deleteResource($resource['pk_i_id'], $this->is_admin);
$log_ids .= $resource['pk_i_id'].",";
}
Log::newInstance()->insertLog('itemActions', 'deleteResourcesFromHD', $itemId, substr($log_ids,0, 250), $this->is_admin?'admin':'user', $this->is_admin?osc_logged_admin_id():osc_logged_user_id());
}
function doModel()
{
switch ($this->action) {
case 'dashboard':
//dashboard...
$max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
$aItems = Item::newInstance()->findByUserIDEnabled(Session::newInstance()->_get('userId'), 0, $max_items);
//calling the view...
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('max_items', $max_items);
$this->doView('user-dashboard.php');
break;
case 'profile':
//profile...
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($user['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
} elseif (count($aCountries) > 0) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
$aCities = array();
if ($user['fk_i_region_id'] != '') {
$aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
}
//calling the view...
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('user', $user);
$this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
$this->doView('user-profile.php');
break;
case 'profile_post':
//profile post...
osc_csrf_check();
$userId = Session::newInstance()->_get('userId');
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->edit($userId);
osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
$this->redirectTo(osc_user_profile_url());
break;
case 'alerts':
//alerts
$aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'), false);
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
foreach ($aAlerts as $k => $a) {
$json = base64_decode($a['s_search']);
$array_conditions = (array) json_decode($json);
// $search = Search::newInstance();
$search = new Search();
$search->setJsonAlert($array_conditions);
$search->limit(0, 3);
$aAlerts[$k]['items'] = $search->doSearch();
}
$this->_exportVariableToView('alerts', $aAlerts);
View::newInstance()->_reset('alerts');
$this->_exportVariableToView('user', $user);
$this->doView('user-alerts.php');
break;
case 'change_email':
//change email
$this->doView('user-change_email.php');
break;
case 'change_email_post':
//change email post
osc_csrf_check();
if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) {
osc_add_flash_error_message(_m('The specified e-mail is not valid'));
$this->redirectTo(osc_change_user_email_url());
} else {
$user = User::newInstance()->findByEmail(Params::getParam('new_email'));
if (!isset($user['pk_i_id'])) {
$userEmailTmp = array();
$userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
$userEmailTmp['s_new_email'] = Params::getParam('new_email');
UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
$code = osc_genRandomPassword(30);
$date = date('Y-m-d H:i:s');
$userManager = new User();
$userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
$validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified e-mail is already in use'));
$this->redirectTo(osc_change_user_email_url());
}
}
break;
case 'change_username':
//change username
$this->doView('user-change_username.php');
break;
case 'change_username_post':
//change username
$username = osc_sanitize_username(Params::getParam('s_username'));
osc_run_hook('before_username_change', Session::newInstance()->_get('userId'), $username);
if ($username != '') {
$user = User::newInstance()->findByUsername($username);
if (isset($user['s_username'])) {
osc_add_flash_error_message(_m('The specified username is already in use'));
} else {
if (!osc_is_username_blacklisted($username)) {
User::newInstance()->update(array('s_username' => $username), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('The username was updated'));
osc_run_hook('after_username_change', Session::newInstance()->_get('userId'), Params::getParam('s_username'));
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified username is not valid, it contains some invalid words'));
}
}
} else {
osc_add_flash_error_message(_m('The specified username could not be empty'));
}
$this->redirectTo(osc_change_user_username_url());
break;
case 'change_password':
//change password
$this->doView('user-change_password.php');
break;
case 'change_password_post':
//change password post
osc_csrf_check();
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_change_user_password_url());
}
if ($user['s_password'] != sha1(Params::getParam('password', false, false))) {
osc_add_flash_error_message(_m("Current password doesn't match"));
$this->redirectTo(osc_change_user_password_url());
}
if (!Params::getParam('new_password', false, false)) {
osc_add_flash_error_message(_m("Passwords can't be empty"));
$this->redirectTo(osc_change_user_password_url());
}
if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) {
osc_add_flash_error_message(_m("Passwords don't match"));
$this->redirectTo(osc_change_user_password_url());
}
User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('Password has been changed'));
$this->redirectTo(osc_user_profile_url());
break;
case 'items':
// view items user
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5;
$page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0;
$total_items = Item::newInstance()->countByUserIDEnabled($_SESSION['userId']);
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findByUserIDEnabled($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('list_total_pages', $total_pages);
$this->_exportVariableToView('list_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('list_page', $page);
$this->doView('user-items.php');
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator'));
}
$this->redirectTo(osc_base_url());
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$alert = Alerts::newInstance()->findByPrimaryKey($id);
$result = 0;
if (!empty($alert)) {
if ($email == $alert['s_email'] && $secret == $alert['s_secret']) {
$result = Alerts::newInstance()->unsub($id);
}
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator'));
}
$this->redirectTo(osc_user_alerts_url());
break;
case 'deleteResource':
$id = Params::getParam('id');
$name = Params::getParam('name');
$fkid = Params::getParam('fkid');
$resource = ItemResource::newInstance()->findByPrimaryKey($id);
$item = Item::newInstance()->findByPrimaryKey($fkid);
if ($resource && $item) {
if ($resource['fk_i_item_id'] == $fkid && $item['fk_i_user_id'] == osc_logged_user_id()) {
// Delete: file, db table entry
osc_deleteResource($id, false);
Log::newInstance()->insertLog('user', 'deleteResource', $id, $id, 'user', osc_logged_user_id());
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $name));
osc_add_flash_ok_message(_m('The selected photo has been successfully deleted'));
} else {
osc_add_flash_error_message(_m("The selected photo does not belong to you"));
}
} else {
osc_add_flash_error_message(_m("The selected photo couldn't be deleted"));
}
$this->redirectTo(osc_base_url(true) . "?page=item&action=item_edit&id=" . $fkid);
break;
case 'delete':
$id = Params::getParam('id');
$secret = Params::getParam('secret');
if (osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
View::newInstance()->_exportVariableToView('user', $user);
if (!empty($user) && osc_logged_user_id() == $id && $secret == $user['s_secret']) {
User::newInstance()->deleteUser(osc_logged_user_id());
Session::newInstance()->_drop('userId');
Session::newInstance()->_drop('userName');
Session::newInstance()->_drop('userEmail');
Session::newInstance()->_drop('userPhone');
Cookie::newInstance()->pop('oc_userId');
Cookie::newInstance()->pop('oc_userSecret');
Cookie::newInstance()->set();
osc_add_flash_ok_message(_m("Your account have been deleted"));
$this->redirectTo(osc_base_url());
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_user_dashboard_url());
}
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_base_url());
}
break;
}
}
