function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'delete': $ids = Params::getParam("id"); if ($ids != '') { foreach ($ids as $id) { osc_deleteResource($id); } $this->resourcesManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $ids) . ')')); } osc_add_flash_message(_m('Resource deleted'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=media"); break; default: $resourceId = Params::getParam("id"); if ($resourceId != '') { $resources = $this->resourcesManager->getAllResources($resourceId); } else { $resources = $this->resourcesManager->getAllResources(NULL); } //calling the view... $this->_exportVariableToView("resources", $resources); $this->_exportVariableToView("resourceId", $resourceId); $this->doView('media/index.php'); } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': switch (Params::getParam('bulk_actions')) { case 'delete_all': $ids = Params::getParam("id"); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); break; default: break; } $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; case 'delete': $ids = Params::getParam('id'); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; default: $this->doView('media/index.php'); break; } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': switch (Params::getParam('bulk_actions')) { case 'delete_all': $ids = Params::getParam("id"); if ($ids != '') { foreach ($ids as $id) { osc_deleteResource($id); } $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); break; default: break; } $this->redirectTo(osc_admin_base_url(true) . "?page=media"); break; case 'delete': $ids = Params::getParam("id"); if ($ids != '') { foreach ($ids as $id) { osc_deleteResource($id); } $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=media"); break; default: $this->doView('media/index.php'); } }
function doModel() { //calling the view... $locales = OSCLocale::newInstance()->listAllEnabled(); $this->_exportVariableToView('locales', $locales); switch ($this->action) { case 'item_add': // post if (osc_reg_user_post() && $this->user == null) { osc_add_flash_warning_message(_m('Only registered users are allowed to post listings')); Session::newInstance()->_setReferer(osc_item_post_url()); $this->redirectTo(osc_user_login_url()); } $countries = Country::newInstance()->listAll(); $regions = array(); if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') { $regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']); } else { if (count($countries) > 0) { $regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']); } } $cities = array(); if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') { $cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']); } else { if (count($regions) > 0) { $cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']); } } $this->_exportVariableToView('countries', $countries); $this->_exportVariableToView('regions', $regions); $this->_exportVariableToView('cities', $cities); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } if (Session::newInstance()->_getForm('countryId') != "") { $countryId = Session::newInstance()->_getForm('countryId'); $regions = Region::newInstance()->findByCountry($countryId); $this->_exportVariableToView('regions', $regions); if (Session::newInstance()->_getForm('regionId') != "") { $regionId = Session::newInstance()->_getForm('regionId'); $cities = City::newInstance()->findByRegion($regionId); $this->_exportVariableToView('cities', $cities); } } $this->_exportVariableToView('user', $this->user); osc_run_hook('post_item'); $this->doView('item-post.php'); break; case 'item_add_post': //post_item osc_csrf_check(); if (osc_reg_user_post() && $this->user == null) { osc_add_flash_warning_message(_m('Only registered users are allowed to post listings')); $this->redirectTo(osc_base_url(true)); } $mItems = new ItemActions(false); // prepare data for ADD ITEM $mItems->prepareData(true); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_post_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } if (!osc_is_web_user_logged_in()) { $user = User::newInstance()->findByEmail($mItems->data['contactEmail']); // The user exists but it's not logged if (isset($user['pk_i_id'])) { foreach ($mItems->data as $key => $value) { Session::newInstance()->_keepForm($key); } osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in')); $this->redirectTo(osc_user_login_url()); } } $banned = osc_is_banned($mItems->data['contactEmail']); if ($banned == 1) { osc_add_flash_error_message(_m('Your current email is not allowed')); $this->redirectTo(osc_item_post_url()); } else { if ($banned == 2) { osc_add_flash_error_message(_m('Your current IP is not allowed')); $this->redirectTo(osc_item_post_url()); } } // POST ITEM ( ADD ITEM ) $success = $mItems->add(); if ($success != 1 && $success != 2) { osc_add_flash_error_message($success); $this->redirectTo(osc_item_post_url()); } else { if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_dropKeepForm('meta_' . $key); } } Session::newInstance()->_clearVariables(); if ($success == 1) { osc_add_flash_ok_message(_m('Check your inbox to validate your listing')); } else { osc_add_flash_ok_message(_m('Your listing has been published')); } $itemId = Params::getParam('itemId'); $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId')); View::newInstance()->_exportVariableToView('category', $category); $this->redirectTo(osc_search_category_url()); } break; case 'item_edit': // edit item $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId); if (count($item) == 1) { $item = Item::newInstance()->findByPrimaryKey($id); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView('item', $item); osc_run_hook("before_item_edit", $item); $this->doView('item-edit.php'); } else { // add a flash message [ITEM NO EXISTE] osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID")); if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } break; case 'item_edit_post': osc_csrf_check(); $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId); if (count($item) == 1) { $this->_exportVariableToView('item', $item[0]); $mItems = new ItemActions(false); // prepare data for ADD ITEM $mItems->prepareData(false); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_edit_url($secret, $id)); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $success = $mItems->edit(); if ($success == 1) { osc_add_flash_ok_message(_m("Great! We've just updated your listing")); View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id)); $this->redirectTo(osc_item_url()); } else { osc_add_flash_error_message($success); $this->redirectTo(osc_item_edit_url($secret, $id)); } } break; case 'activate': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId); // item doesn't exist if (count($item) == 0) { $this->do404(); return; } View::newInstance()->_exportVariableToView('item', $item[0]); if ($item[0]['b_active'] == 0) { // ACTIVETE ITEM $mItems = new ItemActions(false); $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']); if ($success) { osc_add_flash_ok_message(_m('The listing has been validated')); } else { osc_add_flash_error_message(_m("The listing can't be validated")); } } else { osc_add_flash_warning_message(_m('The listing has already been validated')); } $this->redirectTo(osc_item_url()); break; case 'item_delete': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId); if (count($item) == 1) { $mItems = new ItemActions(false); $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']); if ($success) { osc_add_flash_ok_message(_m('Your listing has been deleted')); } else { osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted")); } if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted")); $this->redirectTo(osc_base_url()); } break; case 'deleteResources': // Delete images via AJAX $id = Params::getParam('id'); $item = Params::getParam('item'); $code = Params::getParam('code'); $secret = Params::getParam('secret'); if (Session::newInstance()->_get('userId') != '') { $userId = Session::newInstance()->_get('userId'); $user = User::newInstance()->findByPrimaryKey($userId); } else { $userId = null; $user = null; } if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) { osc_add_flash_error_message(_m("The selected photo couldn't be deleted, the url doesn't exist")); $this->redirectTo(osc_item_edit_url($secret, $item)); } $aItem = Item::newInstance()->findByPrimaryKey($item); if (count($aItem) == 0) { osc_add_flash_error_message(_m("The listing doesn't exist")); $this->redirectTo(osc_item_edit_url($secret, $item)); } if (!osc_is_admin_user_logged_in()) { if ($userId != null && $userId != $aItem['fk_i_user_id']) { osc_add_flash_error_message(_m("The listing doesn't belong to you")); $this->redirectTo(osc_item_edit_url($secret, $item)); } if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) { osc_add_flash_error_message(_m("The listing doesn't belong to you")); $this->redirectTo(osc_item_edit_url($secret, $item)); } } $result = ItemResource::newInstance()->existResource($id, $code); if ($result > 0) { $resource = ItemResource::newInstance()->findByPrimaryKey($id); if ($resource['fk_i_item_id'] == $item) { osc_deleteResource($id, false); Log::newInstance()->insertLog('item', 'deleteResource', $id, $id, 'user', osc_logged_user_id()); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code)); osc_add_flash_ok_message(_m('The selected photo has been successfully deleted')); } else { osc_add_flash_error_message(_m("The selected photo does not belong to you")); } } else { osc_add_flash_error_message(_m("The selected photo couldn't be deleted")); } $this->redirectTo(osc_item_edit_url($secret, $item)); break; case 'mark': $id = Params::getParam('id'); $as = Params::getParam('as'); $item = Item::newInstance()->findByPrimaryKey($id); View::newInstance()->_exportVariableToView('item', $item); require_once osc_lib_path() . 'osclass/user-agents.php'; foreach ($user_agents as $ua) { if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) { // mark item if it's not a bot $mItem = new ItemActions(false); $mItem->mark($id, $as); break; } } osc_add_flash_ok_message(_m("Thanks! That's very helpful")); $this->redirectTo(osc_item_url()); break; case 'send_friend': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); $this->doView('item-send-friend.php'); break; case 'send_friend_post': osc_csrf_check(); $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("friendName", Params::getParam('friendName')); Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); if (osc_recaptcha_private_key() != '') { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_send_friend_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } osc_run_hook('pre_item_send_friend_post', $item); $mItem = new ItemActions(false); $success = $mItem->send_friend(); osc_run_hook('post_item_send_friend_post', $item); if ($success) { Session::newInstance()->_clearVariables(); $this->redirectTo(osc_item_url()); } else { $this->redirectTo(osc_item_send_friend_url()); } break; case 'contact': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); if (empty($item)) { osc_add_flash_error_message(_m("This listing doesn't exist")); $this->redirectTo(osc_base_url(true)); } else { $this->_exportVariableToView('item', $item); if (osc_item_is_expired()) { osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller")); $this->redirectTo(osc_item_url()); } if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) { $this->doView('item-contact.php'); } else { osc_add_flash_error_message(_m("You can't contact the seller, only registered users can")); $this->redirectTo(osc_item_url()); } } break; case 'contact_post': osc_csrf_check(); if (osc_reg_user_can_contact() && !osc_is_web_user_logged_in()) { osc_add_flash_warning_message(_m("You can't contact the seller, only registered users can")); $this->redirectTo(osc_base_url(true)); } $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); if (osc_recaptcha_private_key() != '') { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); $this->redirectTo(osc_item_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $banned = osc_is_banned(Params::getParam('yourEmail')); if ($banned == 1) { osc_add_flash_error_message(_m('Your current email is not allowed')); $this->redirectTo(osc_item_url()); } else { if ($banned == 2) { osc_add_flash_error_message(_m('Your current IP is not allowed')); $this->redirectTo(osc_item_url()); } } if (osc_isExpired($item['dt_expiration'])) { osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller")); $this->redirectTo(osc_item_url()); } osc_run_hook('pre_item_contact_post', $item); $mItem = new ItemActions(false); $result = $mItem->contact(); osc_run_hook('post_item_contact_post', $item); if (is_string($result)) { osc_add_flash_error_message($result); } else { osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller")); } $this->redirectTo(osc_item_url()); break; case 'add_comment': osc_csrf_check(); $mItem = new ItemActions(false); $status = $mItem->add_comment(); switch ($status) { case -1: $msg = _m('Sorry, we could not save your comment. Try again later'); osc_add_flash_error_message($msg); break; case 1: $msg = _m('Your comment is awaiting moderation'); osc_add_flash_info_message($msg); break; case 2: $msg = _m('Your comment has been approved'); osc_add_flash_ok_message($msg); break; case 3: $msg = _m('Please fill the required field (email)'); osc_add_flash_warning_message($msg); break; case 4: $msg = _m('Please type a comment'); osc_add_flash_warning_message($msg); break; case 5: $msg = _m('Your comment has been marked as spam'); osc_add_flash_error_message($msg); break; case 6: $msg = _m('You need to be logged to comment'); osc_add_flash_error_message($msg); break; case 7: $msg = _m('Sorry, comments are disabled'); osc_add_flash_error_message($msg); break; } //View::newInstance()->_exportVariableToView('item', Item::newInstance()->findByPrimaryKey(Params::getParam('id'))); $this->redirectTo(osc_item_url()); break; case 'delete_comment': osc_csrf_check(); $mItem = new ItemActions(false); $status = $mItem->add_comment(); // @TOFIX @FIXME $status never used + ?? need to add_comment() before deleting it?? $itemId = Params::getParam('id'); $commentId = Params::getParam('comment'); $item = Item::newInstance()->findByPrimaryKey($itemId); if (count($item) == 0) { osc_add_flash_error_message(_m("This listing doesn't exist")); $this->redirectTo(osc_base_url(true)); } View::newInstance()->_exportVariableToView('item', $item); if ($this->userId == null) { osc_add_flash_error_message(_m('You must be logged in to delete a comment')); $this->redirectTo(osc_item_url()); } $commentManager = ItemComment::newInstance(); $aComment = $commentManager->findByPrimaryKey($commentId); if (count($aComment) == 0) { osc_add_flash_error_message(_m("The comment doesn't exist")); $this->redirectTo(osc_item_url()); } if ($aComment['b_active'] != 1) { osc_add_flash_error_message(_m('The comment is not active, you cannot delete it')); $this->redirectTo(osc_item_url()); } if ($aComment['fk_i_user_id'] != $this->userId) { osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it')); $this->redirectTo(osc_item_url()); } $commentManager->deleteByPrimaryKey($commentId); osc_add_flash_ok_message(_m('The comment has been deleted')); $this->redirectTo(osc_item_url()); break; default: // if there isn't ID, show an error 404 if (Params::getParam('id') == '') { $this->do404(); return; } if (Params::getParam('lang') != '') { Session::newInstance()->_set('userLocale', Params::getParam('lang')); } $item = osc_apply_filter('pre_show_item', $this->itemManager->findByPrimaryKey(Params::getParam('id'))); // if item doesn't exist show an error 410 if (count($item) == 0) { $this->do410(); return; } if ($item['b_active'] != 1) { if ($this->userId == $item['fk_i_user_id'] && $this->userId != '' || osc_is_admin_user_logged_in()) { osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public")); } else { $this->do400(); return; } } else { if ($item['b_enabled'] == 0) { if (osc_is_admin_user_logged_in()) { osc_add_flash_warning_message(_m("The listing hasn't been enabled. Please enable it in order to make it public")); } else { if (osc_is_web_user_logged_in() && osc_logged_user_id() == $item['fk_i_user_id']) { osc_add_flash_warning_message(_m("The listing has been blocked or is awaiting moderation from the admin")); } else { $this->do400(); return; } } } } if (!osc_is_admin_user_logged_in() && !($item['fk_i_user_id'] != '' && $item['fk_i_user_id'] == osc_logged_user_id())) { require_once osc_lib_path() . 'osclass/user-agents.php'; foreach ($user_agents as $ua) { if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) { $mStats = new ItemStats(); $mStats->increase('i_num_views', $item['pk_i_id']); break; } } } foreach ($item['locale'] as $k => $v) { $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']); $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description'])); } if ($item['fk_i_user_id'] != '') { $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']); $this->_exportVariableToView('user', $user); } $this->_exportVariableToView('item', $item); osc_run_hook('show_item', $item); // redirect to the correct url just in case it has changed $itemURI = str_replace(osc_base_url(), '', osc_item_url()); $URI = preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false)); // do not clean QUERY_STRING if permalink is not enabled if (osc_rewrite_enabled()) { $URI = str_replace('?' . Params::getServerParam('QUERY_STRING', false, false), '', $URI); } else { $params_keep = array('page', 'id'); $params = array(); foreach (Params::getParamsAsArray('get') as $k => $v) { if (in_array($k, $params_keep)) { $params[] = "{$k}={$v}"; } } $URI = 'index.php?' . implode('&', $params); } // redirect to the correct url if ($itemURI != $URI) { $this->redirectTo(osc_base_url() . $itemURI, 301); } $this->doView('item.php'); break; } }
function doModel() { //specific things for this class switch ($this->action) { case 'bulk_actions': break; case 'regions': //Return regions given a countryId $regions = Region::newInstance()->findByCountry(Params::getParam("countryId")); echo json_encode($regions); break; case 'cities': //Returns cities given a regionId $cities = City::newInstance()->findByRegion(Params::getParam("regionId")); echo json_encode($cities); break; case 'location': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term")); echo json_encode($cities); break; case 'location_countries': // This is the autocomplete AJAX $countries = Country::newInstance()->ajax(Params::getParam("term")); echo json_encode($countries); break; case 'location_regions': // This is the autocomplete AJAX $regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country")); echo json_encode($regions); break; case 'location_cities': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region")); echo json_encode($cities); break; case 'delete_image': // Delete images via AJAX $id = Params::getParam('id'); $item = Params::getParam('item'); $code = Params::getParam('code'); $secret = Params::getParam('secret'); $json = array(); if (Session::newInstance()->_get('userId') != '') { $userId = Session::newInstance()->_get('userId'); $user = User::newInstance()->findByPrimaryKey($userId); } else { $userId = null; $user = null; } // Check for required fields if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) { $json['success'] = false; $json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist"); echo json_encode($json); return false; } $aItem = Item::newInstance()->findByPrimaryKey($item); // Check if the item exists if (count($aItem) == 0) { $json['success'] = false; $json['msg'] = _m('The item doesn\'t exist'); echo json_encode($json); return false; } // Check if the item belong to the user if ($userId != null && $userId != $aItem['fk_i_user_id']) { $json['success'] = false; $json['msg'] = _m('The item doesn\'t belong to you'); echo json_encode($json); return false; } // Check if the secret passphrase match with the item if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) { $json['success'] = false; $json['msg'] = _m('The item doesn\'t belong to you'); echo json_encode($json); return false; } // Does id & code combination exist? $result = ItemResource::newInstance()->existResource($id, $code); if ($result > 0) { // Delete: file, db table entry osc_deleteResource($id); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code)); $json['msg'] = _m('The selected photo has been successfully deleted'); $json['success'] = 'true'; } else { $json['msg'] = _m("The selected photo couldn't be deleted"); $json['success'] = 'false'; } echo json_encode($json); return true; break; case 'alerts': // Allow to register to an alert given (not sure it's used on admin) $alert = Params::getParam("alert"); $email = Params::getParam("email"); $userid = Params::getParam("userid"); if ($alert != '' && $email != '') { if (preg_match("/^[_a-z0-9-+]+(\\.[_a-z0-9-+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", $email)) { $secret = osc_genRandomPassword(); if (Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) { if ((int) $userid > 0) { $user = User::newInstance()->findByPrimaryKey($userid); if ($user['b_active'] == 1 && $user['b_enabled'] == 1) { Alerts::newInstance()->activate($email, $secret); echo '1'; return true; } else { echo '-1'; return false; } } else { osc_run_hook('hook_email_alert_validation', $alert, $email, $secret); } echo "1"; } else { echo "0"; } return true; } else { echo '-1'; return false; } } echo '0'; return false; break; case 'runhook': //Run hooks $hook = Params::getParam("hook"); switch ($hook) { case 'item_form': $catId = Params::getParam("catId"); if ($catId != '') { osc_run_hook("item_form", $catId); } else { osc_run_hook("item_form"); } break; case 'item_edit': $catId = Params::getParam("catId"); $itemId = Params::getParam("itemId"); osc_run_hook("item_edit", $catId, $itemId); break; default: if ($hook == '') { return false; } else { osc_run_hook($hook); } break; } break; case 'custom': // Execute via AJAX custom file $ajaxfile = Params::getParam("ajaxfile"); if ($ajaxfile != '') { require_once osc_plugins_path() . $ajaxfile; } else { echo json_encode(array('error' => __('no action defined'))); } break; default: echo json_encode(array('error' => __('no action defined'))); break; } // clear all keep variables into session Session::newInstance()->_dropKeepForm(); Session::newInstance()->_clearVariables(); }
function doModel() { parent::doModel(); if (osc_is_moderator() && ($this->action == 'settings' || $this->action == 'settings_post')) { osc_add_flash_error_message(_m("You don't have enough permissions"), "admin"); $this->redirectTo(osc_admin_base_url()); } //specific things for this class switch ($this->action) { case 'bulk_actions': osc_csrf_check(); $mItems = new ItemActions(true); switch (Params::getParam('bulk_actions')) { case 'enable_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->enable($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been enabled', '%d listings have been enabled', $numSuccess), $numSuccess), 'admin'); } break; case 'disable_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->disable((int) $_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been disabled', '%d listings have been disabled', $numSuccess), $numSuccess), 'admin'); } break; case 'activate_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->activate($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been activated', '%d listings have been activated', $numSuccess), $numSuccess), 'admin'); } break; case 'deactivate_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->deactivate($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_m('%d listing has been deactivated', '%d listings have been deactivated', $numSuccess), $numSuccess), 'admin'); } break; case 'premium_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->premium($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been marked as premium', '%d listings have been marked as premium', $numSuccess), $numSuccess), 'admin'); } break; case 'depremium_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->premium($_id, false)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin'); } break; case 'spam_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->spam($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been marked as spam', '%d listings have been marked as spam', $numSuccess), $numSuccess), 'admin'); } break; case 'despam_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->spam($_id, false)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin'); } break; case 'delete_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $item = $this->itemManager->findByPrimaryKey($i); $success = $mItems->delete($item['s_secret'], $item['pk_i_id']); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been deleted', '%d listings have been deleted', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_spam_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'spam'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as spam', '%d listings have been unmarked as spam', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_bad_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'bad'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as missclassified', '%d listings have been unmarked as missclassified', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_dupl_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'duplicated'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as duplicated', '%d listings have been unmarked as duplicated', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_expi_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'expired'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as expired', '%d listings have been unmarked as expired', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_offe_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'offensive'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as offensive', '%d listings have been unmarked as offensive', $numSuccess), $numSuccess), 'admin'); } break; case 'clear_all': $id = Params::getParam('id'); $success = false; if ($id) { $numSuccess = 0; foreach ($id as $i) { if ($i) { $success = $this->itemManager->clearStat($i, 'all'); if ($success) { $numSuccess++; } } } osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked', '%d listings have been unmarked', $numSuccess), $numSuccess), 'admin'); } break; default: if (Params::getParam("bulk_actions") != "") { osc_run_hook("item_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id')); } break; } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'delete': //delete osc_csrf_check(); $id = Params::getParam('id'); $success = false; foreach ($id as $i) { if ($i) { $aItem = $this->itemManager->findByPrimaryKey($i); $mItems = new ItemActions(true); $success = $mItems->delete($aItem['s_secret'], $aItem['pk_i_id']); } } if ($success) { osc_add_flash_ok_message(_m('The listing has been deleted'), 'admin'); } else { osc_add_flash_error_message(_m("The listing couldn't be deleted"), 'admin'); } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'status': //status osc_csrf_check(); $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) { return false; } $item = $this->itemManager->findByPrimaryKey($id); $mItems = new ItemActions(true); switch ($value) { case 'ACTIVE': $success = $mItems->activate($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The listing has been activated'), 'admin'); } else { if (!$success) { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } else { osc_add_flash_error_message(_m("The listing can't be activated because it's blocked"), 'admin'); } } break; case 'INACTIVE': $success = $mItems->deactivate($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The listing has been deactivated'), 'admin'); } else { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } break; case 'ENABLE': $success = $mItems->enable($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The listing has been enabled'), 'admin'); } else { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } break; case 'DISABLE': $success = $mItems->disable($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The listing has been disabled'), 'admin'); } else { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } break; } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'status_premium': //status premium osc_csrf_check(); $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } $mItems = new ItemActions(true); if ($mItems->premium($id, $value == 1 ? true : false)) { osc_add_flash_ok_message(_m('Changes have been applied'), 'admin'); } else { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'status_spam': //status spam osc_csrf_check(); $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } $mItems = new ItemActions(true); if ($mItems->spam($id, $value == 1 ? true : false)) { osc_add_flash_ok_message(_m('Changes have been applied'), 'admin'); } else { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'clear_stat': osc_csrf_check(); $id = Params::getParam('id'); $stat = Params::getParam('stat'); if (!$id) { return false; } if (!$stat) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } $success = $this->itemManager->clearStat($id, $stat); if ($success) { osc_add_flash_ok_message(_m('The listing has been unmarked as') . " {$stat}", 'admin'); } else { osc_add_flash_error_message(_m("The listing hasn't been unmarked as") . " {$stat}", 'admin'); } $this->redirectTo($_SERVER['HTTP_REFERER']); break; case 'item_edit': // edit item $id = Params::getParam('id'); $item = Item::newInstance()->findByPrimaryKey($id); if (count($item) <= 0) { $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } $csrf_token = osc_csrf_token_url(); if ($item['b_active']) { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=INACTIVE">' . __('Deactivate') . '</a>'; } else { $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=ACTIVE">' . __('Activate') . '</a>'; } if ($item['b_enabled']) { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=DISABLE">' . __('Block') . '</a>'; } else { $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=ENABLE">' . __('Unblock') . '</a>'; } if ($item['b_premium']) { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=0">' . __('Unmark as premium') . '</a>'; } else { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=1">' . __('Mark as premium') . '</a>'; } if ($item['b_spam']) { $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=0">' . __('Unmark as spam') . '</a>'; } else { $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=1">' . __('Mark as spam') . '</a>'; } $this->_exportVariableToView("actions", $actions); $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } // save referer if belongs to manage items // redirect only if ManageItems or ReportedListngs if (isset($_SERVER['HTTP_REFERER'])) { $referer = $_SERVER['HTTP_REFERER']; if (preg_match('/page=items/', $referer)) { if (preg_match("/action=([\\p{L}|_|-]+)/u", $referer, $matches)) { if ($matches[1] == 'items_reported') { Session::newInstance()->_set('osc_admin_referer', $referer); } } else { // no actions - Manage Listings Session::newInstance()->_set('osc_admin_referer', $referer); } } } $this->_exportVariableToView("item", $item); $this->_exportVariableToView("new_item", FALSE); osc_run_hook("before_item_edit", $item); $this->doView('items/frm.php'); break; case 'item_edit_post': osc_csrf_check(); $mItems = new ItemActions(true); $mItems->prepareData(false); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } $success = $mItems->edit(); if ($success == 1) { osc_add_flash_ok_message(_m('Changes saved correctly'), 'admin'); $url = osc_admin_base_url(true) . "?page=items"; // if Referer is saved that means referer is ManageListings or ReportListings if (Session::newInstance()->_get('osc_admin_referer') != '') { $url = Session::newInstance()->_get('osc_admin_referer'); } Session::newInstance()->_clearVariables(); $this->redirectTo($url); } else { osc_add_flash_error_message($success, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=item_edit&id=" . Params::getParam('id')); } break; case 'deleteResource': //delete resource osc_csrf_check(); $id = Params::getParam('id'); $name = Params::getParam('name'); $fkid = Params::getParam('fkid'); // delete files osc_deleteResource($id, true); Log::newInstance()->insertLog('items', 'deleteResource', $id, $id, 'admin', osc_logged_admin_id()); $result = ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name)); if ($result === false) { osc_add_flash_error_message(_m('An error has occurred'), 'admin'); } else { osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'post': // add item $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView("new_item", TRUE); osc_run_hook('post_item'); $this->doView('items/frm.php'); break; case 'post_item': //post item osc_csrf_check(); $mItem = new ItemActions(true); $mItem->prepareData(true); // set all parameters into session foreach ($mItem->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } $success = $mItem->add(); if ($success == 1 || $success == 2) { $url = osc_admin_base_url(true) . "?page=items"; // if Referer is saved that means referer is ManageListings or ReportListings if (Session::newInstance()->_get('osc_admin_referer') != '') { Session::newInstance()->_drop('osc_admin_referer'); $url = Session::newInstance()->_get('osc_admin_referer'); } Session::newInstance()->_clearVariables(); osc_add_flash_ok_message(_m('A new listing has been added'), 'admin'); $this->redirectTo($url); } else { osc_add_flash_error_message($success, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=post"); } break; case 'settings': // calling the items settings view $this->doView('items/settings.php'); break; case 'settings_post': // update item settings osc_csrf_check(); $iUpdated = 0; $enabledRecaptchaItems = Params::getParam('enabled_recaptcha_items'); $enabledRecaptchaItems = $enabledRecaptchaItems == '1' ? true : false; $moderateItems = Params::getParam('moderate_items'); $moderateItems = $moderateItems != '' ? true : false; $numModerateItems = Params::getParam('num_moderate_items'); $itemsWaitTime = Params::getParam('items_wait_time'); $loggedUserItemValidation = Params::getParam('logged_user_item_validation'); $loggedUserItemValidation = $loggedUserItemValidation != '' ? true : false; $regUserPost = Params::getParam('reg_user_post'); $regUserPost = $regUserPost != '' ? true : false; $notifyNewItem = Params::getParam('notify_new_item'); $notifyNewItem = $notifyNewItem != '' ? true : false; $notifyContactItem = Params::getParam('notify_contact_item'); $notifyContactItem = $notifyContactItem != '' ? true : false; $notifyContactFriends = Params::getParam('notify_contact_friends'); $notifyContactFriends = $notifyContactFriends != '' ? true : false; $enabledFieldPriceItems = Params::getParam('enableField#f_price@items'); $enabledFieldPriceItems = $enabledFieldPriceItems != '' ? true : false; $enabledFieldImagesItems = Params::getParam('enableField#images@items'); $enabledFieldImagesItems = $enabledFieldImagesItems != '' ? true : false; $numImagesItems = Params::getParam('numImages@items'); if ($numImagesItems == '') { $numImagesItems = 0; } $regUserCanContact = Params::getParam('reg_user_can_contact'); $regUserCanContact = $regUserCanContact != '' ? true : false; $contactItemAttachment = Params::getParam('item_attachment'); $contactItemAttachment = $contactItemAttachment != '' ? true : false; $msg = ''; if (!osc_validate_int(Params::getParam("items_wait_time"))) { $msg .= _m("Wait time must only contain numeric characters") . "<br/>"; } if (Params::getParam("num_moderate_items") != '' && !osc_validate_int(Params::getParam("num_moderate_items"))) { $msg .= _m("Number of moderated listings must only contain numeric characters") . "<br/>"; } if (!osc_validate_int($numImagesItems)) { $msg .= _m("Images per listing must only contain numeric characters") . "<br/>"; } if ($msg != '') { osc_add_flash_error_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings'); } $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledRecaptchaItems), array('s_name' => 'enabled_recaptcha_items')); if ($moderateItems) { $iUpdated += Preference::newInstance()->update(array('s_value' => $numModerateItems), array('s_name' => 'moderate_items')); } else { $iUpdated += Preference::newInstance()->update(array('s_value' => '-1'), array('s_name' => 'moderate_items')); } $iUpdated += Preference::newInstance()->update(array('s_value' => $loggedUserItemValidation), array('s_name' => 'logged_user_item_validation')); $iUpdated += Preference::newInstance()->update(array('s_value' => $regUserPost), array('s_name' => 'reg_user_post')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewItem), array('s_name' => 'notify_new_item')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactItem), array('s_name' => 'notify_contact_item')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactFriends), array('s_name' => 'notify_contact_friends')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldPriceItems), array('s_name' => 'enableField#f_price@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldImagesItems), array('s_name' => 'enableField#images@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $itemsWaitTime), array('s_name' => 'items_wait_time')); $iUpdated += Preference::newInstance()->update(array('s_value' => $numImagesItems), array('s_name' => 'numImages@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $regUserCanContact), array('s_name' => 'reg_user_can_contact')); $iUpdated += Preference::newInstance()->update(array('s_value' => $contactItemAttachment), array('s_name' => 'item_attachment')); if ($iUpdated > 0) { osc_add_flash_ok_message(_m("Listings' settings have been updated"), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings'); break; case 'items_reported': require_once osc_lib_path() . "osclass/classes/datatables/ItemsDataTable.php"; // set default iDisplayLength if (Params::getParam('iDisplayLength') != '') { Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength')); Cookie::newInstance()->set(); } else { // set a default value if it's set in the cookie if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') { Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength')); } else { Params::setParam('iDisplayLength', 10); } } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); // Table header order by related if (Params::getParam('sort') == '') { Params::setParam('sort', 'date'); } if (Params::getParam('direction') == '') { Params::setParam('direction', 'desc'); } $page = (int) Params::getParam('iPage'); if ($page == 0) { $page = 1; } Params::setParam('iPage', $page); $params = Params::getParamsAsArray("get"); $itemsDataTable = new ItemsDataTable(); $itemsDataTable->tableReported($params); $aData = $itemsDataTable->getData(); if (count($aData['aRows']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aData', $aData); $this->_exportVariableToView('aRawRows', $itemsDataTable->rawRows()); //calling the view... $this->doView('items/reported.php'); break; default: // default require_once osc_lib_path() . "osclass/classes/datatables/ItemsDataTable.php"; // set default iDisplayLength if (Params::getParam('iDisplayLength') != '') { Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength')); Cookie::newInstance()->set(); } else { // set a default value if it's set in the cookie if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') { Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength')); } else { Params::setParam('iDisplayLength', 10); } } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); // Table header order by related if (Params::getParam('sort') == '') { Params::setParam('sort', 'date'); } if (Params::getParam('direction') == '') { Params::setParam('direction', 'desc'); } $page = (int) Params::getParam('iPage'); if ($page == 0) { $page = 1; } Params::setParam('iPage', $page); $params = Params::getParamsAsArray("get"); $itemsDataTable = new ItemsDataTable(); $itemsDataTable->table($params); $aData = $itemsDataTable->getData(); if (count($aData['aRows']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aData', $aData); $this->_exportVariableToView('withFilters', $itemsDataTable->withFilters()); $this->_exportVariableToView('aRawRows', $itemsDataTable->rawRows()); $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Delete'))), 'label' => __('Delete')), array('value' => 'activate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'disable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'enable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unblock'))), 'label' => __('Unblock')), array('value' => 'premium_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Mark as premium'))), 'label' => __('Mark as premium')), array('value' => 'depremium_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unmark as premium'))), 'label' => __('Unmark as premium')), array('value' => 'spam_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Mark as spam'))), 'label' => __('Mark as spam')), array('value' => 'despam_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unmark as spam'))), 'label' => __('Unmark as spam'))); $bulk_options = osc_apply_filter("item_bulk_filter", $bulk_options); $this->_exportVariableToView('bulk_options', $bulk_options); //calling the view... $this->doView('items/index.php'); } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': osc_csrf_check(); switch (Params::getParam('bulk_actions')) { case 'delete': $ids = Params::getParam("id"); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); break; default: if (Params::getParam("bulk_actions") != "") { osc_run_hook("media_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id')); } break; } $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; case 'delete': osc_csrf_check(); $ids = Params::getParam('id'); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; default: require_once osc_lib_path() . "osclass/classes/datatables/MediaDataTable.php"; // set default iDisplayLength if (Params::getParam('iDisplayLength') != '') { Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength')); Cookie::newInstance()->set(); } else { // set a default value if it's set in the cookie if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') { Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength')); } else { Params::setParam('iDisplayLength', 10); } } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); // Table header order by related if (Params::getParam('sort') == '') { Params::setParam('sort', 'date'); } if (Params::getParam('direction') == '') { Params::setParam('direction', 'desc'); } $page = (int) Params::getParam('iPage'); if ($page == 0) { $page = 1; } Params::setParam('iPage', $page); $params = Params::getParamsAsArray(); $mediaDataTable = new MediaDataTable(); $mediaDataTable->table($params); $aData = $mediaDataTable->getData(); if (count($aData['aRows']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false); if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aData', $aData); $this->_exportVariableToView('aRawRows', $mediaDataTable->rawRows()); $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected media files?'), strtolower(__('Delete'))), 'label' => __('Delete'))); $bulk_options = osc_apply_filter("media_bulk_filter", $bulk_options); $this->_exportVariableToView('bulk_options', $bulk_options); $this->doView('media/index.php'); break; } }
function doModel() { //specific things for this class switch ($this->action) { case 'bulk_actions': break; case 'regions': //Return regions given a countryId $regions = Region::newInstance()->findByCountry(Params::getParam("countryId")); echo json_encode($regions); break; case 'cities': //Returns cities given a regionId $cities = City::newInstance()->findByRegion(Params::getParam("regionId")); echo json_encode($cities); break; case 'location': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term")); foreach ($cities as $k => $city) { $cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")"; } echo json_encode($cities); break; case 'location_countries': // This is the autocomplete AJAX $countries = Country::newInstance()->ajax(Params::getParam("term")); echo json_encode($countries); break; case 'location_regions': // This is the autocomplete AJAX $regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country")); echo json_encode($regions); break; case 'location_cities': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region")); echo json_encode($cities); break; case 'delete_image': // Delete images via AJAX $ajax_photo = Params::getParam('ajax_photo'); $id = Params::getParam('id'); $item = Params::getParam('item'); $code = Params::getParam('code'); $secret = Params::getParam('secret'); $json = array(); if ($ajax_photo != '') { $files = Session::newInstance()->_get('ajax_files'); $success = false; foreach ($files as $uuid => $file) { if ($file == $ajax_photo) { $filename = $files[$uuid]; unset($files[$uuid]); Session::newInstance()->_set('ajax_files', $files); $success = @unlink(osc_content_path() . 'uploads/temp/' . $filename); break; } } echo json_encode(array('success' => $success, 'msg' => $success ? _m('The selected photo has been successfully deleted') : _m("The selected photo couldn't be deleted"))); return false; } if (Session::newInstance()->_get('userId') != '') { $userId = Session::newInstance()->_get('userId'); $user = User::newInstance()->findByPrimaryKey($userId); } else { $userId = null; $user = null; } // Check for required fields if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) { $json['success'] = false; $json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist"); echo json_encode($json); return false; } $aItem = Item::newInstance()->findByPrimaryKey($item); // Check if the item exists if (count($aItem) == 0) { $json['success'] = false; $json['msg'] = _m("The listing doesn't exist"); echo json_encode($json); return false; } if (!osc_is_admin_user_logged_in()) { // Check if the item belong to the user if ($userId != null && $userId != $aItem['fk_i_user_id']) { $json['success'] = false; $json['msg'] = _m("The listing doesn't belong to you"); echo json_encode($json); return false; } // Check if the secret passphrase match with the item if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) { $json['success'] = false; $json['msg'] = _m("The listing doesn't belong to you"); echo json_encode($json); return false; } } // Does id & code combination exist? $result = ItemResource::newInstance()->existResource($id, $code); if ($result > 0) { $resource = ItemResource::newInstance()->findByPrimaryKey($id); if ($resource['fk_i_item_id'] == $item) { // Delete: file, db table entry if (defined(OC_ADMIN)) { osc_deleteResource($id, true); Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id()); } else { osc_deleteResource($id, false); Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id()); } ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code)); $json['msg'] = _m('The selected photo has been successfully deleted'); $json['success'] = 'true'; } else { $json['msg'] = _m("The selected photo does not belong to you"); $json['success'] = 'false'; } } else { $json['msg'] = _m("The selected photo couldn't be deleted"); $json['success'] = 'false'; } echo json_encode($json); return true; break; case 'alerts': // Allow to register to an alert given (not sure it's used on admin) $encoded_alert = Params::getParam("alert"); $alert = osc_decrypt_alert(base64_decode($encoded_alert)); // check alert integrity / signature $stringToSign = osc_get_alert_public_key() . $encoded_alert; $signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign)); $server_signature = Session::newInstance()->_get('alert_signature'); if ($server_signature != $signature) { echo '-2'; return false; } $email = Params::getParam("email"); $userid = Params::getParam("userid"); if (osc_is_web_user_logged_in()) { $userid = osc_logged_user_id(); $user = User::newInstance()->findByPrimaryKey($userid); $email = $user['s_email']; } if ($alert != '' && $email != '') { if (osc_validate_email($email)) { $secret = osc_genRandomPassword(); if ($alertID = Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) { if ((int) $userid > 0) { $user = User::newInstance()->findByPrimaryKey($userid); if ($user['b_active'] == 1 && $user['b_enabled'] == 1) { Alerts::newInstance()->activate($alertID); echo '1'; return true; } else { echo '-1'; return false; } } else { $aAlert = Alerts::newInstance()->findByPrimaryKey($alertID); osc_run_hook('hook_email_alert_validation', $aAlert, $email, $secret); } echo "1"; } else { echo "0"; } return true; } else { echo '-1'; return false; } } echo '0'; return false; break; case 'runhook': // run hooks $hook = Params::getParam('hook'); if ($hook == '') { echo json_encode(array('error' => 'hook parameter not defined')); break; } switch ($hook) { case 'item_form': osc_run_hook('item_form', Params::getParam('catId')); break; case 'item_edit': $catId = Params::getParam("catId"); $itemId = Params::getParam("itemId"); osc_run_hook("item_edit", $catId, $itemId); break; default: osc_run_hook('ajax_' . $hook); break; } break; case 'custom': // Execute via AJAX custom file if (Params::existParam('route')) { $routes = Rewrite::newInstance()->getRoutes(); $rid = Params::getParam('route'); $file = '../'; if (isset($routes[$rid]) && isset($routes[$rid]['file'])) { $file = $routes[$rid]['file']; } } else { // DEPRECATED: Disclosed path in URL is deprecated, use routes instead // This will be REMOVED in 3.4 $file = Params::getParam('ajaxfile'); } if ($file == '') { echo json_encode(array('error' => 'no action defined')); break; } // valid file? if (strpos($file, '../') !== false || strpos($file, '..\\') !== false || stripos($file, '/admin/') !== false) { //If the file is inside an "admin" folder, it should NOT be opened in frontend echo json_encode(array('error' => 'no valid ajaxFile')); break; } if (!file_exists(osc_plugins_path() . $file)) { echo json_encode(array('error' => "ajaxFile doesn't exist")); break; } require_once osc_plugins_path() . $file; break; case 'check_username_availability': $username = osc_sanitize_username(Params::getParam('s_username')); if (!osc_is_username_blacklisted($username)) { $user = User::newInstance()->findByUsername($username); if (isset($user['s_username'])) { echo json_encode(array('exists' => 1, 's_username' => $username)); } else { echo json_encode(array('exists' => 0, 's_username' => $username)); } } else { echo json_encode(array('exists' => 1, 's_username' => $username)); } break; case 'ajax_upload': // Include the uploader class require_once LIB_PATH . "AjaxUploader.php"; $uploader = new AjaxUploader(); $original = pathinfo($uploader->getOriginalName()); $filename = uniqid("qqfile_") . "." . $original['extension']; $result = $uploader->handleUpload(osc_content_path() . 'uploads/temp/' . $filename); $result['uploadName'] = $filename; echo htmlspecialchars(json_encode($result), ENT_NOQUOTES); break; case 'ajax_validate': $id = Params::getParam('id'); if (!is_numeric($id)) { echo json_encode(array('success' => false)); die; } $secret = Params::getParam('secret'); $item = Item::newInstance()->findByPrimaryKey($id); if ($item['s_secret'] != $secret) { echo json_encode(array('success' => false)); die; } $nResources = ItemResource::newInstance()->countResources($id); $result = array('success' => $nResources < osc_max_images_per_item(), 'count' => $nResources); echo json_encode($result); break; case 'delete_ajax_upload': $files = Session::newInstance()->_get('ajax_files'); $success = false; $filename = ''; if (isset($files[Params::getParam('qquuid')]) && $files[Params::getParam('qquuid')] != '') { $filename = $files[Params::getParam('qquuid')]; unset($files[Params::getParam('qquuid')]); Session::newInstance()->_set('ajax_files', $files); $success = @unlink(osc_content_path() . 'uploads/temp/' . $filename); } echo json_encode(array('success' => $success, 'uploadName' => $filename)); break; default: echo json_encode(array('error' => __('no action defined'))); break; } // clear all keep variables into session Session::newInstance()->_dropKeepForm(); Session::newInstance()->_clearVariables(); }
function doModel() { switch ($this->action) { case 'dashboard': //dashboard... $max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5; $aItems = Item::newInstance()->findByUserIDEnabled(Session::newInstance()->_get('userId'), 0, $max_items); //calling the view... $this->_exportVariableToView('items', $aItems); $this->_exportVariableToView('max_items', $max_items); $this->doView('user-dashboard.php'); break; case 'profile': //profile... $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); $aCountries = Country::newInstance()->listAll(); $aRegions = array(); if ($user['fk_c_country_code'] != '') { $aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']); } elseif (count($aCountries) > 0) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } $aCities = array(); if ($user['fk_i_region_id'] != '') { $aCities = City::newInstance()->findByRegion($user['fk_i_region_id']); } else { if (count($aRegions) > 0) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } } //calling the view... $this->_exportVariableToView('countries', $aCountries); $this->_exportVariableToView('regions', $aRegions); $this->_exportVariableToView('cities', $aCities); $this->_exportVariableToView('user', $user); $this->doView('user-profile.php'); break; case 'profile_post': //profile post... $userId = Session::newInstance()->_get('userId'); require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(false); $success = $userActions->edit($userId); osc_add_flash_ok_message(_m('Your profile has been updated successfully')); $this->redirectTo(osc_user_profile_url()); break; case 'alerts': //alerts $aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId')); $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); foreach ($aAlerts as $k => $a) { $search = osc_unserialize(base64_decode($a['s_search'])); $search->limit(0, 3); $aAlerts[$k]['items'] = $search->doSearch(); } $this->_exportVariableToView('alerts', $aAlerts); View::newInstance()->_reset('alerts'); $this->_exportVariableToView('user', $user); $this->doView('user-alerts.php'); break; case 'change_email': //change email $this->doView('user-change_email.php'); break; case 'change_email_post': //change email post if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) { osc_add_flash_error_message(_m('The specified e-mail is not valid')); $this->redirectTo(osc_change_user_email_url()); } else { $user = User::newInstance()->findByEmail(Params::getParam('new_email')); if (!isset($user['pk_i_id'])) { $userEmailTmp = array(); $userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId'); $userEmailTmp['s_new_email'] = Params::getParam('new_email'); UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp); $code = osc_genRandomPassword(30); $date = date('Y-m-d H:i:s'); $userManager = new User(); $userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId'))); $validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code); osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('The specified e-mail is already in use')); $this->redirectTo(osc_change_user_email_url()); } } break; case 'change_password': //change password $this->doView('user-change_password.php'); break; case 'change_password_post': //change password post $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); if (Params::getParam('password') == '' || Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') { osc_add_flash_warning_message(_m('Password cannot be blank')); $this->redirectTo(osc_change_user_password_url()); } if ($user['s_password'] != sha1(Params::getParam('password'))) { osc_add_flash_error_message(_m('Current password doesn\'t match')); $this->redirectTo(osc_change_user_password_url()); } if (!Params::getParam('new_password')) { osc_add_flash_error_message(_m('Passwords can\'t be empty')); $this->redirectTo(osc_change_user_password_url()); } if (Params::getParam('new_password') != Params::getParam('new_password2')) { osc_add_flash_error_message(_m('Passwords don\'t match')); $this->redirectTo(osc_change_user_password_url()); } User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => Session::newInstance()->_get('userId'))); osc_add_flash_ok_message(_m('Password has been changed')); $this->redirectTo(osc_user_profile_url()); break; case 'items': // view items user $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5; $page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0; $total_items = Item::newInstance()->countByUserIDEnabled($_SESSION['userId']); $total_pages = ceil($total_items / $itemsPerPage); $items = Item::newInstance()->findByUserIDEnabled($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage); $this->_exportVariableToView('items', $items); $this->_exportVariableToView('list_total_pages', $total_pages); $this->_exportVariableToView('list_total_items', $total_items); $this->_exportVariableToView('items_per_page', $itemsPerPage); $this->_exportVariableToView('list_page', $page); $this->doView('user-items.php'); break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $result = 0; if ($email != '' && $secret != '') { $result = Alerts::newInstance()->activate($email, $secret); } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator')); } $this->redirectTo(osc_base_url(true)); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); if ($email != '' && $secret != '') { Alerts::newInstance()->delete(array('s_email' => $email, 's_secret' => $secret)); osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator')); } $this->redirectTo(osc_user_alerts_url()); break; case 'deleteResource': $id = Params::getParam('id'); $name = Params::getParam('name'); $fkid = Params::getParam('fkid'); osc_deleteResource($id); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name)); $this->redirectTo(osc_base_url(true) . "?page=item&action=item_edit&id=" . $fkid); break; } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': $mItems = new ItemActions(true); switch (Params::getParam('bulk_actions')) { case 'enable_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->enable($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d item has been enabled', '%d items have been enabled', $numSuccess), $numSuccess), 'admin'); } break; case 'disable_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->disable((int) $_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d item has been disabled', '%d items have been disabled', $numSuccess), $numSuccess), 'admin'); } break; case 'activate_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->activate($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d item has been activated', '%d items have been activated', $numSuccess), $numSuccess), 'admin'); } break; case 'deactivate_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->deactivate($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_m('%d item has been deactivated', '%d items have been deactivated', $numSuccess), $numSuccess), 'admin'); } break; case 'premium_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->premium($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d item has been marked as premium', '%d items have been marked as premium', $numSuccess), $numSuccess), 'admin'); } break; case 'depremium_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->premium($_id, false)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin'); } break; case 'spam_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->spam($_id)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d item has been marked as spam', '%d items have been marked as spam', $numSuccess), $numSuccess), 'admin'); } break; case 'despam_all': $id = Params::getParam('id'); if ($id) { $numSuccess = 0; foreach ($id as $_id) { if ($mItems->spam($_id, false)) { $numSuccess++; } } osc_add_flash_ok_message(sprintf(_mn('%d change have been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin'); } break; case 'delete_all': $id = Params::getParam('id'); $success = false; if ($id != '') { $numSuccess = 0; foreach ($id as $i) { if ($i) { $item = $this->itemManager->findByPrimaryKey($i); $success = $mItems->delete($item['s_secret'], $item['pk_i_id']); if ($success) { $numSuccess++; } } } } osc_add_flash_ok_message(sprintf(_mn('%d item has been deleted', '%d items have been deleted', $numSuccess), $numSuccess), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'delete': //delete $id = Params::getParam('id'); $success = false; foreach ($id as $i) { if ($i) { $aItem = $this->itemManager->findByPrimaryKey($i); $mItems = new ItemActions(true); $success = $mItems->delete($aItem['s_secret'], $aItem['pk_i_id']); } } if ($success) { osc_add_flash_ok_message(_m('The item has been deleted'), 'admin'); } else { osc_add_flash_error_message(_m('The item couldn\'t be deleted'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status': //status $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) { return false; } $item = $this->itemManager->findByPrimaryKey($id); $mItems = new ItemActions(true); switch ($value) { case 'ACTIVE': $success = $mItems->activate($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The item has been activated'), 'admin'); } else { if (!$success) { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } else { osc_add_flash_error_message(_m('The item cannot be activated, because it is blocked'), 'admin'); } } break; case 'INACTIVE': $success = $mItems->deactivate($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The item has been deactivated'), 'admin'); } else { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } break; case 'ENABLE': $success = $mItems->enable($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The item has been enabled'), 'admin'); } else { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } break; case 'DISABLE': $success = $mItems->disable($id); if ($success && $success > 0) { osc_add_flash_ok_message(_m('The item has been disabled'), 'admin'); } else { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } break; } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status_premium': //status premium $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } $mItems = new ItemActions(true); if ($mItems->premium($id, $value == 1 ? true : false)) { osc_add_flash_ok_message(_m('Changes have been applied'), 'admin'); } else { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status_spam': //status spam $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } $mItems = new ItemActions(true); if ($mItems->spam($id, $value == 1 ? true : false)) { osc_add_flash_ok_message(_m('Changes have been applied'), 'admin'); } else { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'clear_stat': $id = Params::getParam('id'); $stat = Params::getParam('stat'); if (!$id) { return false; } if (!$stat) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } $success = $this->itemManager->clearStat($id, $stat); if ($success) { osc_add_flash_ok_message(_m('The item has been unmarked as') . " {$stat}", 'admin'); } else { osc_add_flash_error_message(_m('The item hasn\'t been unmarked as') . " {$stat}", 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items&stat=" . $stat); break; case 'item_edit': // edit item $id = Params::getParam('id'); $item = Item::newInstance()->findByPrimaryKey($id); if (count($item) <= 0) { $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView("item", $item); $this->_exportVariableToView("new_item", FALSE); $this->doView('items/frm.php'); break; case 'item_edit_post': $mItems = new ItemActions(true); $mItems->prepareData(false); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } $success = $mItems->edit(); if ($success == 1) { Session::newInstance()->_clearVariables(); osc_add_flash_ok_message(_m('Changes saved correctly'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } else { osc_add_flash_error_message($success, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=item_edit&id=" . Params::getParam('id')); } break; case 'deleteResource': //delete resource $id = Params::getParam('id'); $name = Params::getParam('name'); $fkid = Params::getParam('fkid'); // delete files osc_deleteResource($id, true); Log::newInstance()->insertLog('items', 'deleteResource', $id, $id, 'admin', osc_logged_admin_id()); $result = ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name)); if ($result === false) { osc_add_flash_error_message(_m('Some error has occurred'), 'admin'); } else { osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'post': // add item $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView("new_item", TRUE); $this->doView('items/frm.php'); break; case 'post_item': //post item $mItem = new ItemActions(true); $mItem->prepareData(true); // set all parameters into session foreach ($mItem->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } $success = $mItem->add(); if ($success == 1 || $success == 2) { Session::newInstance()->_clearVariables(); osc_add_flash_ok_message(_m('A new item has been added'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } else { osc_add_flash_error_message($success, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=post"); } break; case 'settings': // calling the items settings view $this->doView('items/settings.php'); break; case 'settings_post': // update item settings $iUpdated = 0; $enabledRecaptchaItems = Params::getParam('enabled_recaptcha_items'); $enabledRecaptchaItems = $enabledRecaptchaItems == '1' ? true : false; $moderateItems = Params::getParam('moderate_items'); $moderateItems = $moderateItems != '' ? true : false; $numModerateItems = Params::getParam('num_moderate_items'); $itemsWaitTime = Params::getParam('items_wait_time'); $loggedUserItemValidation = Params::getParam('logged_user_item_validation'); $loggedUserItemValidation = $loggedUserItemValidation != '' ? true : false; $regUserPost = Params::getParam('reg_user_post'); $regUserPost = $regUserPost != '' ? true : false; $notifyNewItem = Params::getParam('notify_new_item'); $notifyNewItem = $notifyNewItem != '' ? true : false; $notifyContactItem = Params::getParam('notify_contact_item'); $notifyContactItem = $notifyContactItem != '' ? true : false; $notifyContactFriends = Params::getParam('notify_contact_friends'); $notifyContactFriends = $notifyContactFriends != '' ? true : false; $enabledFieldPriceItems = Params::getParam('enableField#f_price@items'); $enabledFieldPriceItems = $enabledFieldPriceItems != '' ? true : false; $enabledFieldImagesItems = Params::getParam('enableField#images@items'); $enabledFieldImagesItems = $enabledFieldImagesItems != '' ? true : false; $numImagesItems = Params::getParam('numImages@items'); if ($numImagesItems == '') { $numImagesItems = 0; } $regUserCanContact = Params::getParam('reg_user_can_contact'); $regUserCanContact = $regUserCanContact != '' ? true : false; $contactItemAttachment = Params::getParam('item_attachment'); $contactItemAttachment = $contactItemAttachment != '' ? true : false; $msg = ''; if (!osc_validate_int(Params::getParam("items_wait_time"))) { $msg .= _m("Wait time has to be numeric only") . "<br/>"; } if (!osc_validate_int(Params::getParam("num_moderate_items"))) { $msg .= _m("Number of moderated items has to be numeric only") . "<br/>"; } if (!osc_validate_int($numImagesItems)) { $msg .= _m("Images per item has to be numeric only") . "<br/>"; } if ($msg != '') { osc_add_flash_error_message($msg, 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings'); } $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledRecaptchaItems), array('s_name' => 'enabled_recaptcha_items')); if ($moderateItems) { $iUpdated += Preference::newInstance()->update(array('s_value' => $numModerateItems), array('s_name' => 'moderate_items')); } else { $iUpdated += Preference::newInstance()->update(array('s_value' => '-1'), array('s_name' => 'moderate_items')); } $iUpdated += Preference::newInstance()->update(array('s_value' => $loggedUserItemValidation), array('s_name' => 'logged_user_item_validation')); $iUpdated += Preference::newInstance()->update(array('s_value' => $regUserPost), array('s_name' => 'reg_user_post')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewItem), array('s_name' => 'notify_new_item')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactItem), array('s_name' => 'notify_contact_item')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactFriends), array('s_name' => 'notify_contact_friends')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldPriceItems), array('s_name' => 'enableField#f_price@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldImagesItems), array('s_name' => 'enableField#images@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $itemsWaitTime), array('s_name' => 'items_wait_time')); $iUpdated += Preference::newInstance()->update(array('s_value' => $numImagesItems), array('s_name' => 'numImages@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $regUserCanContact), array('s_name' => 'reg_user_can_contact')); $iUpdated += Preference::newInstance()->update(array('s_value' => $contactItemAttachment), array('s_name' => 'item_attachment')); if ($iUpdated > 0) { osc_add_flash_ok_message(_m('Items\' settings have been updated'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings'); break; default: //default $catId = Params::getParam('catId'); $countries = Country::newInstance()->listAll(); $regions = array(); if (count($countries) > 0) { $regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']); } $cities = array(); if (count($regions) > 0) { $cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']); } //preparing variables for the view $this->_exportVariableToView("users", User::newInstance()->listAll()); $this->_exportVariableToView("catId", $catId); $this->_exportVariableToView("stat", Params::getParam('stat')); $this->_exportVariableToView("countries", $countries); $this->_exportVariableToView("regions", $regions); $this->_exportVariableToView("cities", $cities); //calling the view... $this->doView('items/index.php'); } }
function doModel() { //calling the view... $locales = OSCLocale::newInstance()->listAllEnabled(); $this->_exportVariableToView('locales', $locales); switch ($this->action) { case 'item_add': // post if (!osc_users_enabled()) { osc_add_flash_message(_m('Users not enabled')); $this->redirectTo(osc_base_url(true)); } if (osc_reg_user_post() && $this->user == null) { // CHANGEME: This text osc_add_flash_message(_m('Only registered users are allowed to post items')); $this->redirectTo(osc_user_login_url()); } $countries = Country::newInstance()->listAll(); $regions = array(); if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') { $regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']); } else { if (count($countries) > 0) { $regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']); } } $cities = array(); if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']); } else { if (count($regions) > 0) { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']); } } $this->_exportVariableToView('countries', $countries); $this->_exportVariableToView('regions', $regions); $this->_exportVariableToView('cities', $cities); $this->_exportVariableToView('user', $this->user); osc_run_hook('post_item'); $this->doView('item-post.php'); break; case 'item_add_post': //post_item if (!osc_users_enabled()) { osc_add_flash_message(_m('Users not allowed')); $this->redirectTo(osc_base_url(true)); } if (osc_reg_user_post() && $this->user == null) { osc_add_flash_message(_m('Only registered users are allowed to post items')); $this->redirectTo(osc_base_url(true)); } // POST ITEM ( ADD ITEM ) $mItems = new ItemActions(false); $success = $mItems->add(); if ($success) { $PcontactName = Params::getParam('contactName'); $PcontactEmail = Params::getParam('contactEmail'); $itemId = Params::getParam('itemId'); $item = array(); if (Session::newInstance()->_get('userId') == '') { $mPages = new Page(); $aPage = $mPages->findByInternalName('email_new_item_non_register_user'); $locale = osc_current_user_locale(); $content = array(); if (isset($aPage['locale'][$locale]['s_title'])) { $content = $aPage['locale'][$locale]; } else { $content = current($aPage['locale']); } $item = $this->itemManager->findByPrimaryKey($itemId); $item_url = osc_item_url(); // before page = user , action = item_edit $edit_url = osc_item_edit_url($item['s_secret'], $itemId); // before page = user , action = item_delete $delete_url = osc_item_delete_url($item['s_secret'], $itemId); $words = array(); $words[] = array('{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{EDIT_LINK}', '{EDIT_URL}', '{DELETE_LINK}', '{DELETE_URL}'); $words[] = array($itemId, $PcontactName, $PcontactEmail, osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $edit_url . '">' . $edit_url . '</a>', $edit_url, '<a href="' . $delete_url . '">' . $delete_url . '</a>', $delete_url); $title = osc_mailBeauty($content['s_title'], $words); $body = osc_mailBeauty($content['s_text'], $words); $emailParams = array('subject' => $title, 'to' => $PcontactEmail, 'to_name' => $PcontactName, 'body' => $body, 'alt_body' => $body); osc_sendMail($emailParams); } osc_run_hook('posted_item', $item); $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId')); View::newInstance()->_exportVariableToView('category', $category); $this->redirectTo(osc_search_category_url()); } else { $this->redirectTo(osc_item_post_url()); } break; case 'item_edit': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); if (count($item) == 1) { $item = Item::newInstance()->findByPrimaryKey($id); $categories = Category::newInstance()->toTree(); $countries = Country::newInstance()->listAll(); $regions = array(); if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') { $regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']); } else { if (count($countries) > 0) { $regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']); } } $cities = array(); if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']); } else { if (count($regions) > 0) { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']); } } $currencies = Currency::newInstance()->listAll(); $this->_exportVariableToView('item', $item); //$this->_exportVariableToView('user', $this->user) ; $this->doView('item-edit.php'); } else { // add a flash message [ITEM NO EXISTE] //$this->redirectTo(osc_base_url(true)); osc_add_flash_message(_m('Sorry, we don\'t have any items with that ID')); if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } break; case 'item_edit_post': // recoger el secret y el $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); if (count($item) == 1) { $this->_exportVariableToView('item', $item[0]); $mItems = new ItemActions(false); $success = $mItems->edit(); if ($success) { osc_add_flash_message(_m('Great! We\'ve just updated your item')); $this->redirectTo(osc_base_url(true) . "?page=item&id={$id}"); } else { $this->redirectTo(osc_item_edit_url($secret)); } } break; case 'activate': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); View::newInstance()->_exportVariableToView('item', $item[0]); if ($item[0]['e_status'] == 'INACTIVE') { // ACTIVETE ITEM $mItems = new ItemActions(false); $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']); if ($success) { osc_add_flash_message(_m('The item has been validated')); } else { osc_add_flash_message(_m('The item can\'t be validated')); } } else { osc_add_flash_message(_m('The item has already been validated')); } $this->redirectTo(osc_item_url()); break; case 'item_delete': $secret = Params::getParam('secret'); $id = Params::getParam('id'); $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId); if (count($item) == 1) { $mItems = new ItemActions(false); $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']); if ($success) { osc_add_flash_message(_m('Your item has been deleted')); } else { osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted')); } if ($this->user != null) { $this->redirectTo(osc_user_list_items_url()); } else { $this->redirectTo(osc_base_url()); } } else { osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted')); $this->redirectTo(osc_base_url()); } break; case 'deleteResource': $id = Params::getParam('id'); $item = Params::getParam('item'); $code = Params::getParam('code'); $secret = Params::getParam('secret'); // Check for required fields if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) { osc_add_flash_message(_m("The selected photo couldn't be deleted, the url doesn't exist")); if ($this->userId == null) { $this->redirectTo(osc_base_url()); } else { $this->redirectTo(osc_user_dashboard_url()); } } $aItem = $this->itemManager->findByPrimaryKey($item); // Check if the item exists if (count($aItem) == 0) { osc_add_flash_message(_m('The item doesn\'t exist')); $this->redirectTo(osc_base_url()); } // Check if the item belong to the user if ($this->userId != null && $this->userId != $aItem['fk_i_user_id']) { osc_add_flash_message(_m('The item doesn\'t belong to you')); $this->redirectTo(osc_item_url_ns($item)); } // Check if the secret passphrase match with the item if ($this->userId == null && $secret != $aItem['s_secret']) { osc_add_flash_message(_m('The item doesn\'t belong to you')); $this->redirectTo(osc_item_url_ns($item)); } // Does id & code combination exist? $result = ItemResource::newInstance()->getResourceSecure($id, $code); if ($result > 0) { // Delete: file, db table entry osc_deleteResource($id); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code)); osc_add_flash_message(_m('The selected photo has been successfully deleted')); } else { osc_add_flash_message(_m("The selected photo couldn't be deleted")); } // Redirect to item_edit. If unregistered user, include $secret. $this->redirectTo(osc_item_edit_url($secret, $item)); break; case 'mark': $mItem = new ItemActions(false); $id = Params::getParam('id'); $as = Params::getParam('as'); $item = Item::newInstance()->findByPrimaryKey($id); View::newInstance()->_exportVariableToView('item', $item); $mItem->mark($id, $as); osc_add_flash_message(_m('Thanks! That\'s very helpful')); $this->redirectTo(osc_item_url()); break; case 'send_friend': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); $this->doView('item-send-friend.php'); break; case 'send_friend_post': $mItem = new ItemActions(false); $mItem->send_friend(); $item_url = Params::getParam('item_url'); $this->redirectTo($item_url); break; case 'contact': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']); if ($category['i_expiration_days'] > 0) { $item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600); $date = time(); if ($item_date < $date) { // The item is expired, we can not contact the seller osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller')); $this->redirectTo(osc_create_item_url($item)); } } $this->_exportVariableToView('item', $item); $this->doView('item-contact.php'); break; case 'contact_post': $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); $this->_exportVariableToView('item', $item); if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_message(_m('The Recaptcha code is wrong')); $this->redirectTo(osc_item_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']); if ($category['i_expiration_days'] > 0) { $item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600); $date = time(); if ($item_date < $date) { // The item is expired, we can not contact the seller osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller')); $this->redirectTo(osc_item_url()); } } $mItem = new ItemActions(false); $mItem->contact(); osc_add_flash_message(_m('We\'ve just sent an e-mail to the seller')); $this->redirectTo(osc_item_url()); break; case 'add_comment': $mItem = new ItemActions(false); $status = $mItem->add_comment(); switch ($status) { case -1: $msg = _m('Sorry, we could not save your comment. Try again later'); break; case 1: $msg = _m('Your comment is awaiting moderation'); break; case 2: $msg = _m('Your comment has been approved'); break; case 3: $msg = _m('Please fill the required fields (name, email)'); break; case 4: $msg = _m('Please type a comment'); break; case 5: $msg = _m('Your comment has been marked as spam'); break; } osc_add_flash_message($msg); $this->redirectTo(Params::getParam('itemURL')); break; case 'delete_comment': $mItem = new ItemActions(false); $status = $mItem->add_comment(); $itemId = Params::getParam('id'); $commentId = Params::getParam('comment'); $item = Item::newInstance()->findByPrimaryKey($itemId); if (count($item) == 0) { osc_add_flash_message(_m('This item doesn\'t exist')); $this->redirectTo(osc_base_url(true)); } View::newInstance()->_exportVariableToView('item', $item); if ($this->userId == null) { osc_add_flash_message(_m('You have to be logged to delete a comment')); $this->redirectTo(osc_item_url()); } $commentManager = ItemComment::newInstance(); $aComment = $commentManager->findByPrimaryKey($commentId); if (count($aComment) == 0) { osc_add_flash_message(_m('The comment doesn\'t exist')); $this->redirectTo(osc_item_url()); } if ($aComment['e_status'] != 'ACTIVE') { osc_add_flash_message(_m('The comment is not active, you cannot delete it')); $this->redirectTo(osc_item_url()); } if ($aComment['fk_i_user_id'] != $this->userId) { osc_add_flash_message(_m('You cannot delete the comment')); $this->redirectTo(osc_item_url()); } $commentManager->deleteByPrimaryKey($commentId); osc_add_flash_message(_m('The comment has been deleted correctly')); $this->redirectTo(osc_item_url()); break; default: if (Params::getParam('id') == '') { $this->redirectTo(osc_base_url()); } if (Params::getParam('lang') != '') { Session::newInstance()->_set('userLocale', Params::getParam('lang')); } $item = $this->itemManager->findByPrimaryKey(Params::getParam('id')); // if item doesn't exist redirect to base url if (count($item) == 0) { osc_add_flash_message(_m('This item doesn\'t exist')); $this->redirectTo(osc_base_url(true)); } else { if ($item['e_status'] != 'ACTIVE') { if ($this->userId == $item['fk_i_user_id']) { osc_add_flash_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users')); } else { osc_add_flash_message(_m('This item hasn\'t been validated')); $this->redirectTo(osc_base_url(true)); } } $mStats = new ItemStats(); $mStats->increase('i_num_views', $item['pk_i_id']); foreach ($item['locale'] as $k => $v) { $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']); $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description'])); } $this->_exportVariableToView('items', array($item)); osc_run_hook('show_item', $item); $this->doView('item.php'); } break; case 'dashboard': //dashboard... break; } }
/** * Delete resources from the hard drive * @param <type> $itemId */ public function deleteResourcesFromHD($itemId) { $resources = ItemResource::newInstance()->getAllResources($itemId); foreach ($resources as $resource) { osc_deleteResource($resource['pk_i_id']); } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': switch (Params::getParam('bulk_actions')) { case 'enable_all': $id = Params::getParam('id'); $value = 1; try { if ($id) { $count = count($id); foreach ($id as $_id) { $this->itemManager->update(array('b_enabled' => $value), array('pk_i_id' => $_id)); $item = $this->itemManager->findByPrimaryKey($_id); CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']); } osc_add_flash_ok_message(sprintf(_mn('%d item has been enabled', '%d items have been enabled', $count), $count), 'admin'); } } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } break; case 'disable_all': $id = Params::getParam('id'); $value = 0; try { if ($id) { $count = count($id); foreach ($id as $_id) { $this->itemManager->update(array('b_enabled' => $value), array('pk_i_id' => $_id)); $item = $this->itemManager->findByPrimaryKey($_id); CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']); } osc_add_flash_ok_message(sprintf(_mn('%d item has been disabled', '%d items have been disabled', $count), $count), 'admin'); } } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } break; case 'activate_all': $id = Params::getParam('id'); $value = 1; try { if ($id) { $count = count($id); foreach ($id as $_id) { $this->itemManager->update(array('b_active' => $value), array('pk_i_id' => $_id)); $item = $this->itemManager->findByPrimaryKey($_id); CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']); } osc_add_flash_ok_message(sprintf(_mn('%d item has been activated', '%d items have been activated', $count), $count), 'admin'); } } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } break; case 'deactivate_all': $id = Params::getParam('id'); $value = 0; try { if ($id) { $count = count($id); foreach ($id as $_id) { $this->itemManager->update(array('b_active' => $value), array('pk_i_id' => $_id)); $item = $this->itemManager->findByPrimaryKey($_id); CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']); } osc_add_flash_ok_message(sprintf(_m('%d item has been deactivated', '%d items have been deactivated', $count), $count), 'admin'); } } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } break; case 'premium_all': $id = Params::getParam('id'); $value = 1; try { if ($id) { $count = count($id); $mItems = new ItemActions(true); foreach ($id as $_id) { $mItems->premium($_id); } osc_add_flash_ok_message(sprintf(_mn('%d item has been marked as premium', '%d items have been marked as premium', $count), $count), 'admin'); } } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } break; case 'depremium_all': $id = Params::getParam('id'); $value = 0; try { if ($id) { $count = count($id); $mItems = new ItemActions(true); foreach ($id as $_id) { $mItems->premium($_id, false); } osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $count), $count), 'admin'); } } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } break; case 'spam_all': $id = Params::getParam('id'); $value = 1; try { if ($id) { $count = count($id); foreach ($id as $_id) { $this->itemManager->update(array('b_spam' => $value), array('pk_i_id' => $_id)); } osc_add_flash_ok_message(sprintf(_mn('%d item has been marked as spam', '%d items have been marked as spam', $count), $count), 'admin'); } } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } break; case 'despam_all': $id = Params::getParam('id'); $value = 0; try { if ($id) { $count = count($id); foreach ($id as $_id) { $this->itemManager->update(array('b_spam' => $value), array('pk_i_id' => $_id)); } osc_add_flash_ok_message(sprintf(_mn('%d change have been made', '%d changes have been made', $count), $count), 'admin'); } } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } break; case 'delete_all': $id = Params::getParam('id'); $success = false; if ($id != '') { $count = count($id); foreach ($id as $i) { if ($i) { $item = $this->itemManager->findByPrimaryKey($i); $mItems = new ItemActions(true); $success = $mItems->delete($item['s_secret'], $item['pk_i_id']); } } } if ($success) { osc_add_flash_ok_message(sprintf(_mn('%d item has been deleted', '%d items have been deleted', $count), $count), 'admin'); } else { osc_add_flash_error_message(_m('The item couldn\'t be deleted'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'delete': //delete $id = Params::getParam('id'); $success = false; foreach ($id as $i) { if ($i) { $item = $this->itemManager->findByPrimaryKey($i); $mItems = new ItemActions(true); $success = $mItems->delete($item['s_secret'], $item['pk_i_id']); } } if ($success) { osc_add_flash_ok_message(_m('The item has been deleted'), 'admin'); } else { osc_add_flash_error_message(_m('The item couldn\'t be deleted'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status': //status $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) { return false; } try { $item = $this->itemManager->findByPrimaryKey($id); switch ($value) { case 'ACTIVE': $this->itemManager->update(array('b_active' => 1), array('pk_i_id' => $id)); osc_add_flash_ok_message(_m('The item has been activated'), 'admin'); if ($item['b_enabled'] == 1 && $item['b_active'] == 0) { CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']); if ($item['fk_i_user_id'] != null) { $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']); if ($user) { User::newInstance()->update(array('i_items' => $user['i_items'] + 1), array('pk_i_id' => $user['pk_i_id'])); } } } break; case 'INACTIVE': $this->itemManager->update(array('b_active' => 0), array('pk_i_id' => $id)); osc_add_flash_ok_message(_m('The item has been deactivated'), 'admin'); if ($item['b_enabled'] == 1 && $item['b_active'] == 1) { CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']); if ($item['fk_i_user_id'] != null) { $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']); if ($user) { User::newInstance()->update(array('i_items' => $user['i_items'] - 1), array('pk_i_id' => $user['pk_i_id'])); } } } break; case 'ENABLE': $this->itemManager->update(array('b_enabled' => 1), array('pk_i_id' => $id)); osc_add_flash_ok_message(_m('The item has been enabled'), 'admin'); if ($item['b_enabled'] == 0 && $item['b_active'] == 1) { CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']); if ($item['fk_i_user_id'] != null) { $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']); if ($user) { User::newInstance()->update(array('i_items' => $user['i_items'] + 1), array('pk_i_id' => $user['pk_i_id'])); } } } break; case 'DISABLE': $this->itemManager->update(array('b_enabled' => 0), array('pk_i_id' => $id)); osc_add_flash_ok_message(_m('The item has been disabled'), 'admin'); if ($item['b_enabled'] == 1 && $item['b_active'] == 1) { CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']); if ($item['fk_i_user_id'] != null) { $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']); if ($user) { User::newInstance()->update(array('i_items' => $user['i_items'] - 1), array('pk_i_id' => $user['pk_i_id'])); } } } break; } } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status_premium': //status premium $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } try { $mItems = new ItemActions(true); $mItems->premium($id, $value == 1 ? true : false); /*$this->itemManager->update( array('b_premium' => $value), array('pk_i_id' => $id) );*/ osc_add_flash_ok_message(_m('Changes have been applied'), 'admin'); } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status_spam': //status spam $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } try { $this->itemManager->update(array('b_spam' => $value), array('pk_i_id' => $id)); osc_add_flash_ok_message(_m('Changes have been applied'), 'admin'); } catch (Exception $e) { osc_add_flash_error_message(sprintf(_m('Error: %s'), $e->getMessage()), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'clear_stat': $id = Params::getParam('id'); $stat = Params::getParam('stat'); if (!$id) { return false; } if (!$stat) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } $success = $this->itemManager->clearStat($id, $stat); if ($success) { osc_add_flash_ok_message(_m('The item has been unmarked as') . " {$stat}", 'admin'); } else { osc_add_flash_error_message(_m('The item hasn\'t been unmarked as') . " {$stat}", 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items&stat=" . $stat); break; case 'item_edit': // edit item $id = Params::getParam('id'); $item = Item::newInstance()->findByPrimaryKey($id); if (count($item) <= 0) { $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView("item", $item); $this->_exportVariableToView("new_item", FALSE); $this->doView('items/frm.php'); break; case 'item_edit_post': $mItems = new ItemActions(true); $mItems->prepareData(false); // set all parameters into session foreach ($mItems->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } $success = $mItems->edit(); if ($success == 1) { $id = Params::getParam('userId'); if ($id != '') { $user = User::newInstance()->findByPrimaryKey($id); Item::newInstance()->update(array('fk_i_user_id' => $id, 's_contact_name' => $user['s_name'], 's_contact_email' => $user['s_email']), array('pk_i_id' => Params::getParam('id'), 's_secret' => Params::getParam('secret'))); } else { Item::newInstance()->update(array('fk_i_user_id' => NULL, 's_contact_name' => Params::getParam('contactName'), 's_contact_email' => Params::getParam('contactEmail')), array('pk_i_id' => Params::getParam('id'), 's_secret' => Params::getParam('secret'))); } osc_add_flash_ok_message(_m('Changes saved correctly'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } else { osc_add_flash_error_message($success, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=item_edit&id=" . Params::getParam('id')); } break; case 'deleteResource': //delete resource $id = Params::getParam('id'); $name = Params::getParam('name'); $fkid = Params::getParam('fkid'); // delete files osc_deleteResource($id); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name)); osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'post': // add item $form = count(Session::newInstance()->_getForm()); $keepForm = count(Session::newInstance()->_getKeepForm()); if ($form == 0 || $form == $keepForm) { Session::newInstance()->_dropKeepForm(); } $this->_exportVariableToView("new_item", TRUE); $this->doView('items/frm.php'); break; case 'post_item': //post item $mItem = new ItemActions(true); $mItem->prepareData(true); // set all parameters into session foreach ($mItem->data as $key => $value) { Session::newInstance()->_setForm($key, $value); } $meta = Params::getParam('meta'); if (is_array($meta)) { foreach ($meta as $key => $value) { Session::newInstance()->_setForm('meta_' . $key, $value); Session::newInstance()->_keepForm('meta_' . $key); } } $success = $mItem->add(); if ($success == 1 || $success == 2) { osc_add_flash_ok_message(_m('A new item has been added'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } else { osc_add_flash_error_message($success, 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=post"); } break; case 'settings': // calling the items settings view $this->doView('items/settings.php'); break; case 'settings_post': // update item settings $iUpdated = 0; $enabledRecaptchaItems = Params::getParam('enabled_recaptcha_items'); $enabledRecaptchaItems = $enabledRecaptchaItems != '' ? true : false; $moderateItems = Params::getParam('moderate_items'); $moderateItems = $moderateItems != '' ? true : false; $numModerateItems = Params::getParam('num_moderate_items'); $itemsWaitTime = Params::getParam('items_wait_time'); $loggedUserItemValidation = Params::getParam('logged_user_item_validation'); $loggedUserItemValidation = $loggedUserItemValidation != '' ? true : false; $regUserPost = Params::getParam('reg_user_post'); $regUserPost = $regUserPost != '' ? true : false; $notifyNewItem = Params::getParam('notify_new_item'); $notifyNewItem = $notifyNewItem != '' ? true : false; $notifyContactItem = Params::getParam('notify_contact_item'); $notifyContactItem = $notifyContactItem != '' ? true : false; $notifyContactFriends = Params::getParam('notify_contact_friends'); $notifyContactFriends = $notifyContactFriends != '' ? true : false; $enabledFieldPriceItems = Params::getParam('enableField#f_price@items'); $enabledFieldPriceItems = $enabledFieldPriceItems != '' ? true : false; $enabledFieldImagesItems = Params::getParam('enableField#images@items'); $enabledFieldImagesItems = $enabledFieldImagesItems != '' ? true : false; $numImagesItems = Params::getParam('numImages@items'); if ($numImagesItems == '') { $numImagesItems = 0; } $regUserCanContact = Params::getParam('reg_user_can_contact'); $regUserCanContact = $regUserCanContact != '' ? true : false; $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledRecaptchaItems), array('s_name' => 'enabled_recaptcha_items')); if ($moderateItems) { $iUpdated += Preference::newInstance()->update(array('s_value' => $numModerateItems), array('s_name' => 'moderate_items')); } else { $iUpdated += Preference::newInstance()->update(array('s_value' => '-1'), array('s_name' => 'moderate_items')); } $iUpdated += Preference::newInstance()->update(array('s_value' => $loggedUserItemValidation), array('s_name' => 'logged_user_item_validation')); $iUpdated += Preference::newInstance()->update(array('s_value' => $regUserPost), array('s_name' => 'reg_user_post')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewItem), array('s_name' => 'notify_new_item')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactItem), array('s_name' => 'notify_contact_item')); $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyContactFriends), array('s_name' => 'notify_contact_friends')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldPriceItems), array('s_name' => 'enableField#f_price@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledFieldImagesItems), array('s_name' => 'enableField#images@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $itemsWaitTime), array('s_name' => 'items_wait_time')); $iUpdated += Preference::newInstance()->update(array('s_value' => $numImagesItems), array('s_name' => 'numImages@items')); $iUpdated += Preference::newInstance()->update(array('s_value' => $regUserCanContact), array('s_name' => 'reg_user_can_contact')); if ($iUpdated > 0) { osc_add_flash_ok_message(_m('Items\' settings have been updated'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings'); break; default: //default $catId = Params::getParam('catId'); $countries = Country::newInstance()->listAll(); $regions = array(); if (count($countries) > 0) { $regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']); } $cities = array(); if (count($regions) > 0) { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']); } //preparing variables for the view $this->_exportVariableToView("users", User::newInstance()->listAll()); $this->_exportVariableToView("catId", $catId); $this->_exportVariableToView("stat", Params::getParam('stat')); $this->_exportVariableToView("countries", $countries); $this->_exportVariableToView("regions", $regions); $this->_exportVariableToView("cities", $cities); //calling the view... $this->doView('items/index.php'); } }
function doModel() { //specific things for this class switch ($this->action) { case 'bulk_actions': break; case 'regions': //Return regions given a countryId $regions = Region::newInstance()->findByCountry(Params::getParam("countryId")); echo json_encode($regions); break; case 'cities': //Returns cities given a regionId $cities = City::newInstance()->findByRegion(Params::getParam("regionId")); echo json_encode($cities); break; case 'location': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term")); foreach ($cities as $k => $city) { $cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")"; } echo json_encode($cities); break; case 'location_countries': // This is the autocomplete AJAX $countries = Country::newInstance()->ajax(Params::getParam("term")); echo json_encode($countries); break; case 'location_regions': // This is the autocomplete AJAX $regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country")); echo json_encode($regions); break; case 'location_cities': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region")); echo json_encode($cities); break; case 'delete_image': // Delete images via AJAX $id = Params::getParam('id'); $item = Params::getParam('item'); $code = Params::getParam('code'); $secret = Params::getParam('secret'); $json = array(); if (Session::newInstance()->_get('userId') != '') { $userId = Session::newInstance()->_get('userId'); $user = User::newInstance()->findByPrimaryKey($userId); } else { $userId = null; $user = null; } // Check for required fields if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) { $json['success'] = false; $json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist"); echo json_encode($json); return false; } $aItem = Item::newInstance()->findByPrimaryKey($item); // Check if the item exists if (count($aItem) == 0) { $json['success'] = false; $json['msg'] = _m("The listing doesn't exist"); echo json_encode($json); return false; } if (!osc_is_admin_user_logged_in()) { // Check if the item belong to the user if ($userId != null && $userId != $aItem['fk_i_user_id']) { $json['success'] = false; $json['msg'] = _m("The listing doesn't belong to you"); echo json_encode($json); return false; } // Check if the secret passphrase match with the item if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) { $json['success'] = false; $json['msg'] = _m("The listing doesn't belong to you"); echo json_encode($json); return false; } } // Does id & code combination exist? $result = ItemResource::newInstance()->existResource($id, $code); if ($result > 0) { $resource = ItemResource::newInstance()->findByPrimaryKey($id); if ($resource['fk_i_item_id'] == $item) { // Delete: file, db table entry if (defined(OC_ADMIN)) { osc_deleteResource($id, true); Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id()); } else { osc_deleteResource($id, false); Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id()); } ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code)); $json['msg'] = _m('The selected photo has been successfully deleted'); $json['success'] = 'true'; } else { $json['msg'] = _m("The selected photo does not belong to you"); $json['success'] = 'false'; } } else { $json['msg'] = _m("The selected photo couldn't be deleted"); $json['success'] = 'false'; } echo json_encode($json); return true; break; case 'alerts': // Allow to register to an alert given (not sure it's used on admin) $alert = Params::getParam("alert"); $email = Params::getParam("email"); $userid = Params::getParam("userid"); if ($alert != '' && $email != '') { if (osc_validate_email($email)) { $secret = osc_genRandomPassword(); if ($alertID = Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) { if ((int) $userid > 0) { $user = User::newInstance()->findByPrimaryKey($userid); if ($user['b_active'] == 1 && $user['b_enabled'] == 1) { Alerts::newInstance()->activate($alertID); echo '1'; return true; } else { echo '-1'; return false; } } else { $aAlert = Alerts::newInstance()->findByPrimaryKey($alertID); osc_run_hook('hook_email_alert_validation', $aAlert, $email, $secret); } echo "1"; } else { echo "0"; } return true; } else { echo '-1'; return false; } } echo '0'; return false; break; case 'runhook': // run hooks $hook = Params::getParam('hook'); if ($hook == '') { echo json_encode(array('error' => 'hook parameter not defined')); break; } switch ($hook) { case 'item_form': osc_run_hook('item_form', Params::getParam('catId')); break; case 'item_edit': $catId = Params::getParam("catId"); $itemId = Params::getParam("itemId"); osc_run_hook("item_edit", $catId, $itemId); break; default: osc_run_hook('ajax_' . $hook); break; } break; case 'custom': // Execute via AJAX custom file $ajaxFile = Params::getParam("ajaxfile"); if ($ajaxFile == '') { echo json_encode(array('error' => 'no action defined')); break; } // valid file? if (stripos($ajaxFile, '../') !== false) { echo json_encode(array('error' => 'no valid ajaxFile')); break; } if (!file_exists(osc_plugins_path() . $ajaxFile)) { echo json_encode(array('error' => "ajaxFile doesn't exist")); break; } require_once osc_plugins_path() . $ajaxFile; break; case 'check_username_availability': $username = osc_sanitize_username(Params::getParam('s_username')); if (!osc_is_username_blacklisted($username)) { $user = User::newInstance()->findByUsername($username); if (isset($user['s_username'])) { echo json_encode(array('exists' => 1, 's_username' => $username)); } else { echo json_encode(array('exists' => 0, 's_username' => $username)); } } else { echo json_encode(array('exists' => 1, 's_username' => $username)); } break; default: echo json_encode(array('error' => __('no action defined'))); break; } // clear all keep variables into session Session::newInstance()->_dropKeepForm(); Session::newInstance()->_clearVariables(); }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': switch (Params::getParam('bulk_actions')) { case 'activate_all': $id = Params::getParam('id'); $value = 'ACTIVE'; try { if ($id) { foreach ($id as $_id) { $this->itemManager->update(array('e_status' => $value), array('pk_i_id' => $_id)); $item = $this->itemManager->findByPrimaryKey($_id); CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']); } } osc_add_flash_message(_m('The items have been activated'), 'admin'); } catch (Exception $e) { osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin'); } break; case 'deactivate_all': $id = Params::getParam('id'); $value = 'INACTIVE'; try { if ($id) { foreach ($id as $_id) { $this->itemManager->update(array('e_status' => $value), array('pk_i_id' => $_id)); $item = $this->itemManager->findByPrimaryKey($_id); CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']); } } osc_add_flash_message(_m('The items have been deactivated'), 'admin'); } catch (Exception $e) { osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin'); } break; case 'premium_all': $id = Params::getParam('id'); $value = 1; try { if ($id) { foreach ($id as $_id) { $this->itemManager->update(array('b_premium' => $value), array('pk_i_id' => $_id)); } } osc_add_flash_message(_m('The items have been marked as premium'), 'admin'); } catch (Exception $e) { osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin'); } break; case 'depremium_all': $id = Params::getParam('id'); $value = 0; try { if ($id) { foreach ($id as $_id) { $this->itemManager->update(array('b_premium' => $value), array('pk_i_id' => $_id)); } } osc_add_flash_message(_m('The changes have been made'), 'admin'); } catch (Exception $e) { osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin'); } break; case 'delete_all': $id = Params::getParam('id'); $success = false; foreach ($id as $i) { if ($i) { $item = $this->itemManager->findByPrimaryKey($i); $mItems = new ItemActions(true); $success = $mItems->delete($item['s_secret'], $item['pk_i_id']); } } if ($success) { osc_add_flash_message(_m('The item has been deleted'), 'admin'); } else { osc_add_flash_message(_m('The item couldn\'t be deleted'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'delete': //delete $id = Params::getParam('id'); $success = false; foreach ($id as $i) { if ($i) { $item = $this->itemManager->findByPrimaryKey($i); $mItems = new ItemActions(true); $success = $mItems->delete($item['s_secret'], $item['pk_i_id']); } } if ($success) { osc_add_flash_message(_m('The item has been deleted'), 'admin'); } else { osc_add_flash_message(_m('The item couldn\'t be deleted'), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status': //status $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array('ACTIVE', 'INACTIVE'))) { return false; } try { $this->itemManager->update(array('e_status' => $value), array('pk_i_id' => $id)); $item = $this->itemManager->findByPrimaryKey($id); switch ($value) { case 'ACTIVE': osc_add_flash_message(_m('The item has been activated'), 'admin'); CategoryStats::newInstance()->increaseNumItems($item['fk_i_category_id']); break; case 'INACTIVE': osc_add_flash_message(_m('The item has been deactivated'), 'admin'); CategoryStats::newInstance()->decreaseNumItems($item['fk_i_category_id']); break; } } catch (Exception $e) { osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'status_premium': //status premium $id = Params::getParam('id'); $value = Params::getParam('value'); if (!$id) { return false; } $id = (int) $id; if (!is_numeric($id)) { return false; } if (!in_array($value, array(0, 1))) { return false; } try { $this->itemManager->update(array('b_premium' => $value), array('pk_i_id' => $id)); osc_add_flash_message(_m('Changes have been applied'), 'admin'); } catch (Exception $e) { osc_add_flash_message(_m('Error: ') . $e->getMessage(), 'admin'); } $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'item_edit': //require_once LIB_PATH . 'osclass/itemActions.php'; $id = Params::getParam('id'); $item = Item::newInstance()->findByPrimaryKey($id); if (count($item) <= 0) { $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } $countries = Country::newInstance()->listAll(); $regions = array(); if (count($countries) > 0) { $regions = Region::newInstance()->getByCountry($item['fk_c_country_code']); } $cities = array(); if (count($regions) > 0) { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $item['fk_i_region_id']); } $resources = Item::newInstance()->findResourcesByID($id); $this->_exportVariableToView("users", User::newInstance()->listAll()); $this->_exportVariableToView("categories", Category::newInstance()->toTree()); $this->_exportVariableToView("countries", $countries); $this->_exportVariableToView("regions", $regions); $this->_exportVariableToView("cities", $cities); $this->_exportVariableToView("currencies", Currency::newInstance()->listAll()); $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled()); $this->_exportVariableToView("item", $item); $this->_exportVariableToView("resources", $resources); $this->_exportVariableToView("new_item", FALSE); $this->doView('items/frm.php'); break; case 'item_edit_post': $mItems = new ItemActions(true); $success = $mItems->edit(); $id = Params::getParam('userId'); if ($id != '') { $user = User::newInstance()->findByPrimaryKey($id); Item::newInstance()->update(array('fk_i_user_id' => $id, 's_contact_name' => $user['s_name'], 's_contact_email' => $user['s_email']), array('pk_i_id' => Params::getParam('id'), 's_secret' => Params::getParam('secret'))); } else { Item::newInstance()->update(array('fk_i_user_id' => NULL, 's_contact_name' => Params::getParam('contactName'), 's_contact_email' => Params::getParam('contactEmail')), array('pk_i_id' => Params::getParam('id'), 's_secret' => Params::getParam('secret'))); } osc_add_flash_message(_m('Changes saved correctly'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'deleteResource': //delete resource $id = Params::getParam('id'); $name = Params::getParam('name'); $fkid = Params::getParam('fkid'); // delete files osc_deleteResource($id); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name)); osc_add_flash_message(_m('Resource deleted'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); break; case 'post': //post $countries = Country::newInstance()->listAll(); $regions = array(); if (count($countries) > 0) { $regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']); } $cities = array(); if (count($regions) > 0) { $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']); } $this->_exportVariableToView("users", User::newInstance()->listAll()); $this->_exportVariableToView("categories", Category::newInstance()->toTree()); $this->_exportVariableToView("countries", $countries); $this->_exportVariableToView("regions", $regions); $this->_exportVariableToView("cities", $cities); $this->_exportVariableToView("currencies", Currency::newInstance()->listAll()); $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled()); $this->_exportVariableToView("item", array()); $this->_exportVariableToView("resources", array()); $this->_exportVariableToView("new_item", TRUE); $this->doView('items/frm.php'); break; case 'post_item': //post item $mItem = new ItemActions(true); $success = $mItem->add(); if ($success) { osc_add_flash_message(_m('A new item has been added'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } else { osc_add_flash_message(_m('The item can\'t be added'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . "?page=items"); } break; default: //default $catId = Params::getParam('catId'); //preparing variables for the view $this->_exportVariableToView("items", $catId ? $this->itemManager->findByCategoryID($catId) : $this->itemManager->listAllWithCategories()); $this->_exportVariableToView("catId", $catId); $this->_exportVariableToView("stat", Params::getParam('stat')); //calling the view... $this->doView('items/index.php'); } }
function doModel() { parent::doModel(); //specific things for this class switch ($this->action) { case 'bulk_actions': switch (Params::getParam('bulk_actions')) { case 'delete_all': $ids = Params::getParam("id"); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); break; default: break; } $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; case 'delete': $ids = Params::getParam('id'); if (is_array($ids)) { foreach ($ids as $id) { osc_deleteResource($id, true); } $log_ids = substr(implode(",", $ids), 0, 250); Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id()); $this->resourcesManager->deleteResourcesIds($ids); } osc_add_flash_ok_message(_m('Resource deleted'), 'admin'); $this->redirectTo(osc_admin_base_url(true) . '?page=media'); break; default: if (Params::getParam('iDisplayLength') == '') { Params::setParam('iDisplayLength', 10); } $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength')); require_once osc_admin_base_path() . 'ajax/media_processing.php'; $params = Params::getParamsAsArray("get"); $media_processing = new MediaProcessingAjax($params); $aData = $media_processing->result($params); $page = (int) Params::getParam('iPage'); if (count($aData['aaData']) == 0 && $page != 1) { $total = (int) $aData['iTotalDisplayRecords']; $maxPage = ceil($total / (int) $aData['iDisplayLength']); $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING']; if ($maxPage == 0) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url); $this->redirectTo($url); } if ($page > 1) { $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url); $this->redirectTo($url); } } $this->_exportVariableToView('aMedia', $aData); $this->doView('media/index.php'); break; } }
/** * Delete resources from the hard drive * @param <type> $itemId */ public function deleteResourcesFromHD( $itemId ) { $resources = ItemResource::newInstance()->getAllResourcesFromItem($itemId); Log::newInstance()->insertLog('itemActions', 'deleteResourcesFromHD', $itemId, $itemId, $this->is_admin?'admin':'user', $this->is_admin?osc_logged_admin_id():osc_logged_user_id()); $log_ids = ''; foreach($resources as $resource) { osc_deleteResource($resource['pk_i_id'], $this->is_admin); $log_ids .= $resource['pk_i_id'].","; } Log::newInstance()->insertLog('itemActions', 'deleteResourcesFromHD', $itemId, substr($log_ids,0, 250), $this->is_admin?'admin':'user', $this->is_admin?osc_logged_admin_id():osc_logged_user_id()); }
function doModel() { switch ($this->action) { case 'dashboard': //dashboard... $max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5; $aItems = Item::newInstance()->findByUserIDEnabled(Session::newInstance()->_get('userId'), 0, $max_items); //calling the view... $this->_exportVariableToView('items', $aItems); $this->_exportVariableToView('max_items', $max_items); $this->doView('user-dashboard.php'); break; case 'profile': //profile... $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); $aCountries = Country::newInstance()->listAll(); $aRegions = array(); if ($user['fk_c_country_code'] != '') { $aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']); } elseif (count($aCountries) > 0) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } $aCities = array(); if ($user['fk_i_region_id'] != '') { $aCities = City::newInstance()->findByRegion($user['fk_i_region_id']); } else { if (count($aRegions) > 0) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } } //calling the view... $this->_exportVariableToView('countries', $aCountries); $this->_exportVariableToView('regions', $aRegions); $this->_exportVariableToView('cities', $aCities); $this->_exportVariableToView('user', $user); $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled()); $this->doView('user-profile.php'); break; case 'profile_post': //profile post... osc_csrf_check(); $userId = Session::newInstance()->_get('userId'); require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(false); $success = $userActions->edit($userId); osc_add_flash_ok_message(_m('Your profile has been updated successfully')); $this->redirectTo(osc_user_profile_url()); break; case 'alerts': //alerts $aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'), false); $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); foreach ($aAlerts as $k => $a) { $json = base64_decode($a['s_search']); $array_conditions = (array) json_decode($json); // $search = Search::newInstance(); $search = new Search(); $search->setJsonAlert($array_conditions); $search->limit(0, 3); $aAlerts[$k]['items'] = $search->doSearch(); } $this->_exportVariableToView('alerts', $aAlerts); View::newInstance()->_reset('alerts'); $this->_exportVariableToView('user', $user); $this->doView('user-alerts.php'); break; case 'change_email': //change email $this->doView('user-change_email.php'); break; case 'change_email_post': //change email post osc_csrf_check(); if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) { osc_add_flash_error_message(_m('The specified e-mail is not valid')); $this->redirectTo(osc_change_user_email_url()); } else { $user = User::newInstance()->findByEmail(Params::getParam('new_email')); if (!isset($user['pk_i_id'])) { $userEmailTmp = array(); $userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId'); $userEmailTmp['s_new_email'] = Params::getParam('new_email'); UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp); $code = osc_genRandomPassword(30); $date = date('Y-m-d H:i:s'); $userManager = new User(); $userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId'))); $validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code); osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('The specified e-mail is already in use')); $this->redirectTo(osc_change_user_email_url()); } } break; case 'change_username': //change username $this->doView('user-change_username.php'); break; case 'change_username_post': //change username $username = osc_sanitize_username(Params::getParam('s_username')); osc_run_hook('before_username_change', Session::newInstance()->_get('userId'), $username); if ($username != '') { $user = User::newInstance()->findByUsername($username); if (isset($user['s_username'])) { osc_add_flash_error_message(_m('The specified username is already in use')); } else { if (!osc_is_username_blacklisted($username)) { User::newInstance()->update(array('s_username' => $username), array('pk_i_id' => Session::newInstance()->_get('userId'))); osc_add_flash_ok_message(_m('The username was updated')); osc_run_hook('after_username_change', Session::newInstance()->_get('userId'), Params::getParam('s_username')); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('The specified username is not valid, it contains some invalid words')); } } } else { osc_add_flash_error_message(_m('The specified username could not be empty')); } $this->redirectTo(osc_change_user_username_url()); break; case 'change_password': //change password $this->doView('user-change_password.php'); break; case 'change_password_post': //change password post osc_csrf_check(); $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') { osc_add_flash_warning_message(_m('Password cannot be blank')); $this->redirectTo(osc_change_user_password_url()); } if ($user['s_password'] != sha1(Params::getParam('password', false, false))) { osc_add_flash_error_message(_m("Current password doesn't match")); $this->redirectTo(osc_change_user_password_url()); } if (!Params::getParam('new_password', false, false)) { osc_add_flash_error_message(_m("Passwords can't be empty")); $this->redirectTo(osc_change_user_password_url()); } if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) { osc_add_flash_error_message(_m("Passwords don't match")); $this->redirectTo(osc_change_user_password_url()); } User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId'))); osc_add_flash_ok_message(_m('Password has been changed')); $this->redirectTo(osc_user_profile_url()); break; case 'items': // view items user $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5; $page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0; $total_items = Item::newInstance()->countByUserIDEnabled($_SESSION['userId']); $total_pages = ceil($total_items / $itemsPerPage); $items = Item::newInstance()->findByUserIDEnabled($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage); $this->_exportVariableToView('items', $items); $this->_exportVariableToView('list_total_pages', $total_pages); $this->_exportVariableToView('list_total_items', $total_items); $this->_exportVariableToView('items_per_page', $itemsPerPage); $this->_exportVariableToView('list_page', $page); $this->doView('user-items.php'); break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $result = 0; if ($email != '' && $secret != '') { $result = Alerts::newInstance()->activate($email, $secret); } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator')); } $this->redirectTo(osc_base_url()); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $id = Params::getParam('id'); $alert = Alerts::newInstance()->findByPrimaryKey($id); $result = 0; if (!empty($alert)) { if ($email == $alert['s_email'] && $secret == $alert['s_secret']) { $result = Alerts::newInstance()->unsub($id); } } if ($result == 1) { osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator')); } $this->redirectTo(osc_user_alerts_url()); break; case 'deleteResource': $id = Params::getParam('id'); $name = Params::getParam('name'); $fkid = Params::getParam('fkid'); $resource = ItemResource::newInstance()->findByPrimaryKey($id); $item = Item::newInstance()->findByPrimaryKey($fkid); if ($resource && $item) { if ($resource['fk_i_item_id'] == $fkid && $item['fk_i_user_id'] == osc_logged_user_id()) { // Delete: file, db table entry osc_deleteResource($id, false); Log::newInstance()->insertLog('user', 'deleteResource', $id, $id, 'user', osc_logged_user_id()); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $name)); osc_add_flash_ok_message(_m('The selected photo has been successfully deleted')); } else { osc_add_flash_error_message(_m("The selected photo does not belong to you")); } } else { osc_add_flash_error_message(_m("The selected photo couldn't be deleted")); } $this->redirectTo(osc_base_url(true) . "?page=item&action=item_edit&id=" . $fkid); break; case 'delete': $id = Params::getParam('id'); $secret = Params::getParam('secret'); if (osc_is_web_user_logged_in()) { $user = User::newInstance()->findByPrimaryKey(osc_logged_user_id()); View::newInstance()->_exportVariableToView('user', $user); if (!empty($user) && osc_logged_user_id() == $id && $secret == $user['s_secret']) { User::newInstance()->deleteUser(osc_logged_user_id()); Session::newInstance()->_drop('userId'); Session::newInstance()->_drop('userName'); Session::newInstance()->_drop('userEmail'); Session::newInstance()->_drop('userPhone'); Cookie::newInstance()->pop('oc_userId'); Cookie::newInstance()->pop('oc_userSecret'); Cookie::newInstance()->set(); osc_add_flash_ok_message(_m("Your account have been deleted")); $this->redirectTo(osc_base_url()); } else { osc_add_flash_error_message(_m("Oops! you can not do that")); $this->redirectTo(osc_user_dashboard_url()); } } else { osc_add_flash_error_message(_m("Oops! you can not do that")); $this->redirectTo(osc_base_url()); } break; } }