/**
* Восстановление шаблона письма к состоянию по-умолчанию (из файла).
* @param string $sTemplateKey(tpl) ключ шаблона
*/
function template_restore()
{
if (!$this->haveAccessTo('templates-edit')) {
return $this->showAccessDenied();
}
$sTemplateKey = Func::POSTGET('tpl', true);
if (empty($sTemplateKey)) {
$this->adminRedirect(Errors::IMPOSSIBLE, 'template_listing');
}
$this->restoreMailTemplateFile($sTemplateKey);
$this->adminRedirect(Errors::SUCCESSFULL, 'template_edit&tpl=' . $sTemplateKey);
}
function ajax()
{
if (!$this->haveAccessTo('ban')) {
$this->ajaxResponse(Errors::ACCESSDENIED);
}
if (bff::$isAjax) {
switch (Func::POSTGET('action')) {
case 'delete':
if (!($nBanID = Func::POSTGET('rec', false, true))) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
$this->removeBan($nBanID);
$this->ajaxResponse(Errors::SUCCESSFULL);
break;
}
}
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
function cities_regions()
{
if (!$this->haveAccessTo('cities')) {
return $this->showAccessDenied();
}
$nCityID = $this->input->id('city');
if (bff::$isAjax) {
$nRegionID = $this->input->id('region', 'p');
if (!$nCityID || !$nRegionID) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
switch (func::GET('act')) {
case 'edit':
$aRegionData = $this->db->one_array('SELECT * FROM ' . TABLE_REGION . ' WHERE region_id=' . $nRegionID . ' AND city_id=' . $nCityID);
$this->ajaxResponse($aRegionData);
break;
case 'delete':
$this->db->execute('DELETE FROM ' . TABLE_REGION . ' WHERE region_id=' . $nRegionID . ' AND city_id=' . $nCityID);
$this->geoRegionsCacheDelete($nCityID);
$this->ajaxResponse(Errors::SUCCESS);
break;
}
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
if ($nCityID && func::isPostMethod()) {
switch (func::POSTGET('act')) {
case 'add':
$sYBounds = Func::POSTGET('ybounds', true);
$sYPoly = Func::POSTGET('ypoly', true);
$sTitle = func::POSTGET('title', true);
if (empty($sTitle)) {
$this->errors->set('empty:title');
}
if ($this->errors->no()) {
$this->db->execute('INSERT INTO ' . TABLE_REGION . ' (city_id, title, ybounds, ypoly)
VALUES(' . $nCityID . ',' . $this->db->str2sql($sTitle) . ',' . $this->db->str2sql($sYBounds) . ',' . $this->db->str2sql($sYPoly) . ')');
$this->geoRegionsCacheDelete($nCityID);
}
break;
case 'add_many':
$aRegionBounds = Func::POSTGET('regionbounds', false);
$aRegionPoly = Func::POSTGET('regionpoly', false);
if (!empty($aRegionBounds)) {
$aRegions = array();
foreach ($aRegionBounds as $k => $v) {
$aRegions[$k] = array('ybounds' => $v, 'ypoly' => isset($aRegionPoly[$k]) ? $aRegionPoly[$k] : '');
}
$aExistentRegions = $this->db->select_one_column('SELECT title FROM ' . TABLE_REGION . ' WHERE city_id=' . $nCityID);
$aQueryRegions = array();
foreach ($aRegions as $title => $v) {
if (!in_array($title, $aExistentRegions)) {
$aQueryRegions[] = '(' . $nCityID . ',' . $this->db->str2sql($title) . ',' . $this->db->str2sql($v['ybounds']) . ',' . $this->db->str2sql($v['ypoly']) . ')';
}
}
if (!empty($aQueryRegions)) {
$this->db->execute('INSERT INTO ' . TABLE_REGION . ' (city_id, title, ybounds, ypoly)
VALUES' . implode(',', $aQueryRegions));
$this->geoRegionsCacheDelete($nCityID);
}
}
break;
case 'edit':
$this->input->postm(array('region' => TYPE_UINT, 'title' => TYPE_STR, 'ybounds' => TYPE_STR, 'ypoly' => TYPE_STR), $aData, array('title'));
if (!$nRegionID) {
$this->errors->set(Errors::UNKNOWNRECORD);
}
if ($this->errors->no()) {
$this->db->execute('UPDATE ' . TABLE_REGION . '
SET title = ' . $this->db->str2sql($aData['title']) . ',
ybounds = ' . $this->db->str2sql($aData['ybounds']) . ',
ypoly = ' . $this->db->str2sql($aData['ypoly']) . '
WHERE region_id=' . $aData['region'] . ' AND city_id = ' . $nCityID);
$this->geoRegionsCacheDelete($nCityID);
}
break;
}
$this->adminRedirect('', 'cities_edit&rec=' . $nCityID);
}
$this->adminRedirect(Errors::IMPOSSIBLE, 'cities_edit&rec=' . $nCityID);
}
function actions()
{
if (!$this->haveAccessTo('edit')) {
return $this->showAccessDenied();
}
$sAction = Func::POSTGET('action');
$nRecordID = Func::POSTGET('rec', false, true);
if (!$nRecordID) {
$this->adminRedirect(Errors::IMPOSSIBLE);
}
switch ($sAction) {
case 'delete':
$aDeleteItemsID = $this->tree_deleteNode($nRecordID);
if (!$aDeleteItemsID) {
$this->adminRedirect(Errors::IMPOSSIBLE);
}
$this->db->execute('DELETE FROM ' . TABLE_SITEMAP . ' WHERE node_id IN (' . implode(',', $aDeleteItemsID) . ')');
break;
case 'enable':
$this->tree_toggleNodeEnabled($nRecordID, true);
break;
case 'move':
$bResult = false;
$sDirection = Func::POSTGET('dir');
if ($sDirection == 'up') {
$bResult = $this->tree_moveNodeUp($nRecordID);
} elseif ($sDirection == 'down') {
$bResult = $this->tree_moveNodeDown($nRecordID);
}
if (!$bResult) {
$this->adminRedirect(Errors::IMPOSSIBLE);
}
break;
}
$this->adminRedirect(Errors::SUCCESSFULL);
}
function regions_ajax()
{
if (!$this->haveAccessTo('regions')) {
return $this->showAccessDenied();
}
if (bff::$isAjax) {
switch (func::GET('act')) {
case 'region-add':
$this->input->postm(array('pid' => TYPE_UINT, 'numlevel' => TYPE_UINT, 'title' => TYPE_STR), $aData, array('title'));
if ($this->errors->no()) {
$nNum = (int) $this->db->one_data('SELECT MAX(num) FROM ' . TABLE_BBS_REGIONS . ' WHERE pid = ' . $aData['pid']);
$res = $this->db->execute('INSERT INTO ' . TABLE_BBS_REGIONS . ' (title, pid, numlevel, num)
VALUES(' . $this->db->str2sql($aData['title']) . ', ' . $aData['pid'] . ', ' . $aData['numlevel'] . ', ' . ($nNum + 1) . ')');
if ($res) {
$this->ajaxResponse(Errors::SUCCESS);
}
}
break;
case 'region-delete':
$nRecordID = Func::POSTGET('rec', false, true);
if (!$nRecordID) {
break;
}
$res = $this->db->execute('DELETE FROM ' . TABLE_BBS_REGIONS . ' WHERE (id = ' . $nRecordID . ' OR pid = ' . $nRecordID . ')');
if ($res) {
$this->ajaxResponse(Errors::SUCCESS);
}
break;
case 'region-toggle':
$nRecordID = Func::POSTGET('rec', false, true);
if (!$nRecordID) {
break;
}
$res = $this->db->execute('UPDATE ' . TABLE_BBS_REGIONS . '
SET enabled = (1 - enabled) WHERE id=' . $nRecordID);
if ($res) {
$this->ajaxResponse(Errors::SUCCESS);
}
break;
case 'region-toggle-main':
$nRecordID = Func::POSTGET('rec', false, true);
if (!$nRecordID) {
break;
}
$res = $this->db->execute('UPDATE ' . TABLE_BBS_REGIONS . ' SET main=(1-main) WHERE id=' . $nRecordID . ' AND pid>0 LIMIT 1');
if ($res) {
$this->ajaxResponse(Errors::SUCCESS);
}
break;
case 'region-save':
$this->input->postm(array('rec' => TYPE_UINT, 'title' => TYPE_STR), $aData, array('title'));
if ($aData['rec'] && $this->errors->no()) {
$this->db->execute('UPDATE ' . TABLE_BBS_REGIONS . ' SET title = ' . $this->db->str2sql($aData['title']) . ' WHERE id = ' . $aData['rec']);
$this->ajaxResponse(array('title' => $aData['title'], 'id' => $aData['rec']));
}
break;
case 'region-rotate':
$res = $this->db->rotateTablednd(TABLE_BBS_REGIONS, ' AND main = 1');
if ($res) {
$this->ajaxResponse(Errors::SUCCESS);
}
break;
case 'country-rotate':
$res = $this->db->rotateTablednd(TABLE_BBS_REGIONS, ' AND pid = 0');
if ($res) {
$this->ajaxResponse(Errors::SUCCESS);
}
break;
// case 'get-cities': // autocomplete
// {
// $nCountryID = func::SESSION('cid');
// $arr['query'] = func::GET('query', true);
//
// $aData = $this->db->select('SELECT R.id, R.title
// FROM ' . TABLE_REGION . ' R
// LEFT JOIN ' . TABLE_REGION . ' R ON R.id = C.region_id
// WHERE C.country_id = ' . $nCountryID . ' AND C.main = 0 AND C.title LIKE(' . $this->db->str2sql($arr['query'] . '%') . ')
// ORDER BY title');
//
// if($aData)
// {
// foreach($aData as $key => $value)
// {
// $arr['suggestions'][] = $value['title'] . ($value['region'] ? ' (' . $value['region'] . ')' : '');
// $arr['data'][] = $value['id'];
// }
// }
// else
// {
// $arr['suggestions'] = array();
// $arr['data'] = array();
// }
//
// echo json_encode($arr);
// exit;
// }break;
}
}
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
function user_ajax()
{
if (!($nRecordID = $this->input->id('rec', 'gp'))) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
if (func::isAjaxRequest(null)) {
switch (Func::GETPOST('action')) {
case 'avatar-delete':
if (!$this->haveAccessTo('users-edit')) {
$this->ajaxResponse(Errors::ACCESSDENIED);
}
$avatar = new CAvatar(TABLE_USERS, USERS_AVATAR_PATH, 'avatar', 'user_id');
$avatar->delete($nRecordID, true);
$this->ajaxResponse(Errors::SUCCESSFULL);
break;
case 'user-info':
$aData = $this->db->one_array('SELECT U.*, C.title as city, R.region_id, R.title as region
FROM ' . TABLE_USERS . ' U
LEFT JOIN ' . TABLE_CITY . ' C ON U.city_id=C.city_id
LEFT JOIN ' . TABLE_REGION . ' R ON C.region_id=R.region_id
WHERE U.user_id=' . $nRecordID . ' LIMIT 1');
$aData['tuid'] = $this->makeTUID($nRecordID);
$aData['sendmsg'] = 0;
//($this->security->isAdmin() || $aData['im_noreply'] == 0);
$this->tplAssignByRef('aData', $aData);
$this->adminCustomCenterArea();
$this->tplDisplay('admin.user.info.tpl');
exit;
break;
case 'user-block':
if (!$this->haveAccessTo('users-edit') || $this->security->isCurrentUser($nRecordID)) {
$this->ajaxResponse(Errors::ACCESSDENIED);
}
$sReason = mb_strcut(Func::POSTGET('blocked_reason', true), 0, 300);
$nBlocked = Func::POSTGET('blocked') ? 1 : 0;
$this->db->execute('UPDATE ' . TABLE_USERS . '
SET blocked_reason = ' . $this->db->str2sql($sReason) . ',
blocked = ' . $nBlocked . '
WHERE user_id = ' . $nRecordID);
$this->ajaxResponse(Errors::SUCCESSFULL);
break;
}
}
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
/** Режим FORDEV */
function isFORDEV()
{
$fordev = Func::POSTGET('fordev');
if (!$fordev) {
$fordev = Func::SESSION('fordev');
}
if ($fordev) {
if ($fordev === 'off') {
$fordev = false;
Func::setSESSION('fordev', false);
} else {
Func::setSESSION('fordev', true);
}
}
if ($fordev) {
return TRUE;
}
return FALSE;
}
function ajax()
{
switch (Func::POSTGET('act')) {
case 'position_toggle':
if (!$this->haveAccessTo('edit')) {
$this->ajaxResponse(Errors::ACCESSDENIED);
}
$sKey = Func::POST('keyword', true);
if (empty($sKey) || !isset($this->positions[$sKey])) {
$this->errors->set(Errors::IMPOSSIBLE);
$this->ajaxResponse(null);
} else {
$this->positions[$sKey]['enabled'] = $this->positions[$sKey]['enabled'] == 1 ? 0 : 1;
$this->savePositions($this->positions);
$this->ajaxResponse($this->positions[$sKey]['enabled'] == 1 ? 'Y' : 'N');
}
break;
case 'banner_toggle':
if (!$this->haveAccessTo('edit')) {
$this->ajaxResponse(Errors::ACCESSDENIED);
}
$nRecordID = Func::POSTGET('rec', false, true);
if (!$nRecordID) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
$aBnInfo = $this->db->one_array('SELECT position, enabled FROM ' . TABLE_BANNERS . ' WHERE id =' . $nRecordID);
/* Проверка возможно ли включить баннер( не используется ли на неротируемой позиции другой баннер) */
if ($aBnInfo['enabled'] == 0 && $this->checkRotation($aBnInfo['position'])) {
$this->db->execute('UPDATE ' . TABLE_BANNERS . ' SET enabled= 1 WHERE id=' . $nRecordID);
} elseif ($aBnInfo['enabled'] == 1) {
$this->db->execute('UPDATE ' . TABLE_BANNERS . ' SET enabled= 0 WHERE id=' . $nRecordID);
} else {
$this->errors->set('no_rotation');
$this->ajaxResponse(0);
}
$this->ajaxResponse($aBnInfo['enabled'] == 0 ? 'Y' : 'N');
break;
}
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
