Beispiel #1
1
 function doModel()
 {
     switch ($this->action) {
         case 'login_post':
             //post execution for the login
             if (!osc_users_enabled()) {
                 osc_add_flash_error_message(_m('Users are not enabled'));
                 $this->redirectTo(osc_base_url());
             }
             osc_csrf_check();
             osc_run_hook('before_validating_login');
             // e-mail or/and password is/are empty or incorrect
             $wrongCredentials = false;
             $email = Params::getParam('email');
             $password = Params::getParam('password', false, false);
             if ($email == '') {
                 osc_add_flash_error_message(_m('Please provide an email address'));
                 $wrongCredentials = true;
             }
             if ($password == '') {
                 osc_add_flash_error_message(_m('Empty passwords are not allowed. Please provide a password'));
                 $wrongCredentials = true;
             }
             if ($wrongCredentials) {
                 $this->redirectTo(osc_user_login_url());
             }
             if (osc_validate_email($email)) {
                 $user = User::newInstance()->findByEmail($email);
             }
             if (empty($user)) {
                 $user = User::newInstance()->findByUsername($email);
             }
             if (empty($user)) {
                 osc_add_flash_error_message(_m("The user doesn't exist"));
                 $this->redirectTo(osc_user_login_url());
             }
             if (!osc_verify_password($password, isset($user['s_password']) ? $user['s_password'] : '')) {
                 osc_add_flash_error_message(_m('The password is incorrect'));
                 $this->redirectTo(osc_user_login_url());
                 // @TODO if valid user, send email parameter back to the login form
             } else {
                 if (@$user['s_password'] != '') {
                     if (preg_match('|\\$2y\\$([0-9]{2})\\$|', $user['s_password'], $cost)) {
                         if ($cost[1] != BCRYPT_COST) {
                             User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
                         }
                     } else {
                         User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
                     }
                 }
             }
             // e-mail or/and IP is/are banned
             $banned = osc_is_banned($email);
             // int 0: not banned or unknown, 1: email is banned, 2: IP is banned, 3: both email & IP are banned
             if ($banned & 1) {
                 osc_add_flash_error_message(_m('Your current email is not allowed'));
             }
             if ($banned & 2) {
                 osc_add_flash_error_message(_m('Your current IP is not allowed'));
             }
             if ($banned !== 0) {
                 $this->redirectTo(osc_user_login_url());
             }
             osc_run_hook('before_login');
             $url_redirect = osc_get_http_referer();
             $page_redirect = '';
             if (osc_rewrite_enabled()) {
                 if ($url_redirect != '') {
                     $request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $url_redirect));
                     $tmp_ar = explode("?", $request_uri);
                     $request_uri = $tmp_ar[0];
                     $rules = Rewrite::newInstance()->listRules();
                     foreach ($rules as $match => $uri) {
                         if (preg_match('#' . $match . '#', $request_uri, $m)) {
                             $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
                             if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
                                 $page_redirect = $match[2];
                                 if ($page_redirect == '' || $page_redirect == 'login') {
                                     $url_redirect = osc_user_dashboard_url();
                                 }
                             }
                             break;
                         }
                     }
                 }
             }
             require_once LIB_PATH . 'osclass/UserActions.php';
             $uActions = new UserActions(false);
             $logged = $uActions->bootstrap_login($user['pk_i_id']);
             if ($logged == 0) {
                 osc_add_flash_error_message(_m("The user doesn't exist"));
             } else {
                 if ($logged == 1) {
                     if (time() - strtotime($user['dt_access_date']) > 1200) {
                         // EACH 20 MINUTES
                         osc_add_flash_error_message(sprintf(_m('The user has not been validated yet. Would you like to re-send your <a href="%s">activation?</a>'), osc_user_resend_activation_link($user['pk_i_id'], $user['s_email'])));
                     } else {
                         osc_add_flash_error_message(_m('The user has not been validated yet'));
                     }
                 } else {
                     if ($logged == 2) {
                         osc_add_flash_error_message(_m('The user has been suspended'));
                     } else {
                         if ($logged == 3) {
                             if (Params::getParam('remember') == 1) {
                                 //this include contains de osc_genRandomPassword function
                                 require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
                                 $secret = osc_genRandomPassword();
                                 User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
                                 Cookie::newInstance()->set_expires(osc_time_cookie());
                                 Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
                                 Cookie::newInstance()->push('oc_userSecret', $secret);
                                 Cookie::newInstance()->set();
                             }
                             if ($url_redirect == '') {
                                 $url_redirect = osc_user_dashboard_url();
                             }
                             osc_run_hook("after_login", $user, $url_redirect);
                             $this->redirectTo(osc_apply_filter('correct_login_url_redirect', $url_redirect));
                         } else {
                             osc_add_flash_error_message(_m('This should never happen'));
                         }
                     }
                 }
             }
             if (!$user['b_enabled']) {
                 $this->redirectTo(osc_user_login_url());
             }
             $this->redirectTo(osc_user_login_url());
             break;
         case 'resend':
             $id = Params::getParam('id');
             $email = Params::getParam('email');
             $user = User::newInstance()->findByPrimaryKey($id);
             if ($id == '' || $email == '' || !isset($user) || $user['b_active'] == 1 || $email != $user['s_email']) {
                 osc_add_flash_error_message(_m('Incorrect link'));
                 $this->redirectTo(osc_user_login_url());
             }
             if (time() - strtotime($user['dt_access_date']) > 1200) {
                 // EACH 20 MINUTES
                 if (osc_notify_new_user()) {
                     osc_run_hook('hook_email_admin_new_user', $user);
                 }
                 if (osc_user_validation_enabled()) {
                     osc_run_hook('hook_email_user_validation', $user, $user);
                 }
                 User::newInstance()->update(array('dt_access_date' => date('Y-m-d H:i:s')), array('pk_i_id' => $user['pk_i_id']));
                 osc_add_flash_ok_message(_m('Validation email re-sent'));
             } else {
                 osc_add_flash_warning_message(_m('We have just sent you an email to validate your account, you will have to wait a few minutes to resend it again'));
             }
             $this->redirectTo(osc_user_login_url());
             break;
         case 'recover':
             //form to recover the password (in this case we have the form in /gui/)
             $this->doView('user-recover.php');
             break;
         case 'recover_post':
             //post execution to recover the password
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             // e-mail is incorrect
             if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
                 osc_add_flash_error_message(_m('Invalid email address'));
                 $this->redirectTo(osc_recover_user_password_url());
             }
             $userActions = new UserActions(false);
             $success = $userActions->recover_password();
             switch ($success) {
                 case 0:
                     // recover ok
                     osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
                     $this->redirectTo(osc_base_url());
                     break;
                 case 1:
                     // e-mail does not exist
                     osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
                     $this->redirectTo(osc_recover_user_password_url());
                     break;
                 case 2:
                     // recaptcha wrong
                     osc_add_flash_error_message(_m('The recaptcha code is wrong'));
                     $this->redirectTo(osc_recover_user_password_url());
                     break;
             }
             break;
         case 'forgot':
             //form to recover the password (in this case we have the form in /gui/)
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user) {
                 $this->doView('user-forgot_password.php');
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'forgot_post':
             osc_csrf_check();
             if (Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
                 osc_add_flash_warning_message(_m('Password cannot be blank'));
                 $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
             }
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user['b_enabled'] == 1) {
                 if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) {
                     User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => Params::getServerParam('REMOTE_ADDR'), 's_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => $user['pk_i_id']));
                     osc_add_flash_ok_message(_m('The password has been changed'));
                     $this->redirectTo(osc_user_login_url());
                 } else {
                     osc_add_flash_error_message(_m("Error, the password don't match"));
                     $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
                 }
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
             }
             $this->redirectTo(osc_base_url());
             break;
         default:
             //login
             Session::newInstance()->_setReferer(osc_get_http_referer());
             if (osc_logged_user_id() != '') {
                 $this->redirectTo(osc_user_dashboard_url());
             }
             $this->doView('user-login.php');
     }
 }
Beispiel #2
0
 function __construct()
 {
     // this is necessary because if HTTP_HOST doesn't have the PORT the parse_url is null
     $current_host = parse_url(Params::getServerParam('HTTP_HOST'), PHP_URL_HOST);
     if ($current_host === null) {
         $current_host = Params::getServerParam('HTTP_HOST');
     }
     if (parse_url(osc_base_url(), PHP_URL_HOST) !== $current_host) {
         // first check if it's http or https
         $url = 'http://';
         if (osc_is_ssl()) {
             $url = 'https://';
         }
         // append the domain
         $url .= parse_url(osc_base_url(), PHP_URL_HOST);
         // append the port number if it's necessary
         $http_port = parse_url(Params::getServerParam('HTTP_HOST'), PHP_URL_PORT);
         if ($http_port !== 80) {
             $url .= ':' . parse_url(Params::getServerParam('HTTP_HOST'), PHP_URL_PORT);
         }
         // append the request
         $url .= Params::getServerParam('REQUEST_URI', false, false);
         $this->redirectTo($url);
     }
     $this->subdomain_params($current_host);
     $this->page = Params::getParam('page');
     $this->action = Params::getParam('action');
     $this->ajax = false;
     $this->time = list($sm, $ss) = explode(' ', microtime());
     WebThemes::newInstance();
     osc_run_hook('init');
 }
 function showAuthFailPage()
 {
     if (Params::getParam('page') == 'ajax') {
         echo json_encode(array('error' => 1, 'msg' => __('Session timed out')));
         exit;
     } else {
         //Session::newInstance()->session_start();
         Session::newInstance()->_setReferer(osc_base_url() . preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false)));
         header("Location: " . osc_admin_base_url(true) . "?page=login");
         exit;
     }
 }
Beispiel #4
0
 function doModel()
 {
     $locale = Params::getParam('locale');
     if (preg_match('/.{2}_.{2}/', $locale)) {
         Session::newinstance()->_set('userLocale', $locale);
     }
     $redirect_url = '';
     if (Params::getServerParam('HTTP_REFERER', false, false) != '') {
         $redirect_url = Params::getServerParam('HTTP_REFERER', false, false);
     } else {
         $redirect_url = osc_base_url(true);
     }
     $this->redirectTo($redirect_url);
 }
Beispiel #5
0
function basic_info()
{
    require_once LIB_PATH . 'osclass/model/Admin.php';
    require_once LIB_PATH . 'osclass/helpers/hSecurity.php';
    $admin = Params::getParam('s_name');
    if ($admin == '') {
        $admin = 'admin';
    }
    $password = Params::getParam('s_passwd', false, false);
    if ($password == '') {
        $password = osc_genRandomPassword();
    }
    Admin::newInstance()->insert(array('s_name' => 'Administrator', 's_username' => $admin, 's_password' => osc_hash_password($password), 's_email' => Params::getParam('email')));
    $mPreference = Preference::newInstance();
    $mPreference->insert(array('s_section' => 'osclass', 's_name' => 'pageTitle', 's_value' => Params::getParam('webtitle'), 'e_type' => 'STRING'));
    $mPreference->insert(array('s_section' => 'osclass', 's_name' => 'contactEmail', 's_value' => Params::getParam('email'), 'e_type' => 'STRING'));
    $body = sprintf(__('Hi %s,'), Params::getParam('webtitle')) . "<br/><br/>";
    $body .= sprintf(__('Your Osclass installation at %s is up and running. You can access the administration panel with these details:'), WEB_PATH) . '<br/>';
    $body .= '<ul>';
    $body .= '<li>' . sprintf(__('username: %s'), $admin) . '</li>';
    $body .= '<li>' . sprintf(__('password: %s'), $password) . '</li>';
    $body .= '</ul>';
    $body .= sprintf(__('Remember that for any doubts you might have you can consult our <a href="%1$s">documentation</a>, <a href="%2$s">forum</a> or <a href="%3$s">blog</a>.'), 'http://doc.osclass.org/', 'http://forums.osclass.org/', 'http://blog.osclass.org/');
    $body .= sprintf(' ' . __('Osclass doesn’t run any developments but we can put you in touch with third party developers through a Premium Support. And hey, if you would like to contribute to Osclass - learn how <a href="%1$s">here</a>!'), 'http://blog.osclass.org/2012/11/22/how-to-collaborate-to-osclass/') . '<br/><br/>';
    $body .= __('Cheers,') . "<br/>";
    $body .= __('The <a href="http://osclass.org/">Osclass</a> team');
    $sitename = strtolower(Params::getServerParam('SERVER_NAME'));
    if (substr($sitename, 0, 4) == 'www.') {
        $sitename = substr($sitename, 4);
    }
    try {
        require_once LIB_PATH . 'phpmailer/class.phpmailer.php';
        $mail = new PHPMailer(true);
        $mail->CharSet = "utf-8";
        $mail->Host = "localhost";
        $mail->From = 'osclass@' . $sitename;
        $mail->FromName = 'Osclass';
        $mail->Subject = 'Osclass successfully installed!';
        $mail->AddAddress(Params::getParam('email'), 'Osclass administrator');
        $mail->Body = $body;
        $mail->AltBody = $body;
        if (!$mail->Send()) {
            return array('email_status' => Params::getParam('email') . "<br>" . $mail->ErrorInfo, 's_password' => $password);
        }
        return array('email_status' => '', 's_password' => $password);
    } catch (phpmailerException $exception) {
        return array('email_status' => Params::getParam('email') . "<br>" . $exception->errorMessage(), 's_password' => $password);
    }
}
Beispiel #6
0
 /**
  *	@param	string	$blogURL			The URL of your blog.
  *	@param	string	$wordPressAPIKey	WordPress API key.
  */
 public function __construct($blogURL, $wordPressAPIKey)
 {
     $this->blogURL = $blogURL;
     $this->wordPressAPIKey = $wordPressAPIKey;
     // Set some default values
     $this->apiPort = 80;
     $this->akismetServer = 'rest.akismet.com';
     $this->akismetVersion = '1.1';
     // Start to populate the comment data
     $this->comment['blog'] = $blogURL;
     $this->comment['user_agent'] = Params::getServerParam('HTTP_USER_AGENT');
     if (Params::existServerParam('HTTP_REFERER')) {
         $this->comment['referrer'] = Params::getServerParam('HTTP_REFERER', false, false);
     }
     /* 
      * This is necessary if the server PHP5 is running on has been set up to run PHP4 and
      * PHP5 concurently and is actually running through a separate proxy al a these instructions:
      * http://www.schlitt.info/applications/blog/archives/83_How_to_run_PHP4_and_PHP_5_parallel.html
      * and http://wiki.coggeshall.org/37.html
      * Otherwise the user_ip appears as the IP address of the PHP4 server passing the requests to the 
      * PHP5 one...
      */
     $this->comment['user_ip'] = Params::getServerParam('REMOTE_ADDR') != getenv('SERVER_ADDR') ? Params::getServerParam('REMOTE_ADDR') : getenv('HTTP_X_FORWARDED_FOR');
 }
Beispiel #7
0
 function doModel()
 {
     parent::doModel();
     if (osc_is_moderator() && ($this->action == 'settings' || $this->action == 'settings_post')) {
         osc_add_flash_error_message(_m("You don't have enough permissions"), "admin");
         $this->redirectTo(osc_admin_base_url());
     }
     //specific things for this class
     switch ($this->action) {
         case 'bulk_actions':
             osc_csrf_check();
             $mItems = new ItemActions(true);
             switch (Params::getParam('bulk_actions')) {
                 case 'enable_all':
                     $id = Params::getParam('id');
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $_id) {
                             if ($mItems->enable($_id)) {
                                 $numSuccess++;
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been enabled', '%d listings have been enabled', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'disable_all':
                     $id = Params::getParam('id');
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $_id) {
                             if ($mItems->disable((int) $_id)) {
                                 $numSuccess++;
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been disabled', '%d listings have been disabled', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'activate_all':
                     $id = Params::getParam('id');
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $_id) {
                             if ($mItems->activate($_id)) {
                                 $numSuccess++;
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been activated', '%d listings have been activated', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'deactivate_all':
                     $id = Params::getParam('id');
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $_id) {
                             if ($mItems->deactivate($_id)) {
                                 $numSuccess++;
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_m('%d listing has been deactivated', '%d listings have been deactivated', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'premium_all':
                     $id = Params::getParam('id');
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $_id) {
                             if ($mItems->premium($_id)) {
                                 $numSuccess++;
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been marked as premium', '%d listings have been marked as premium', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'depremium_all':
                     $id = Params::getParam('id');
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $_id) {
                             if ($mItems->premium($_id, false)) {
                                 $numSuccess++;
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'spam_all':
                     $id = Params::getParam('id');
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $_id) {
                             if ($mItems->spam($_id)) {
                                 $numSuccess++;
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been marked as spam', '%d listings have been marked as spam', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'despam_all':
                     $id = Params::getParam('id');
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $_id) {
                             if ($mItems->spam($_id, false)) {
                                 $numSuccess++;
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'delete_all':
                     $id = Params::getParam('id');
                     $success = false;
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $i) {
                             if ($i) {
                                 $item = $this->itemManager->findByPrimaryKey($i);
                                 $success = $mItems->delete($item['s_secret'], $item['pk_i_id']);
                                 if ($success) {
                                     $numSuccess++;
                                 }
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been deleted', '%d listings have been deleted', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'clear_spam_all':
                     $id = Params::getParam('id');
                     $success = false;
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $i) {
                             if ($i) {
                                 $success = $this->itemManager->clearStat($i, 'spam');
                                 if ($success) {
                                     $numSuccess++;
                                 }
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as spam', '%d listings have been unmarked as spam', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'clear_bad_all':
                     $id = Params::getParam('id');
                     $success = false;
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $i) {
                             if ($i) {
                                 $success = $this->itemManager->clearStat($i, 'bad');
                                 if ($success) {
                                     $numSuccess++;
                                 }
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as missclassified', '%d listings have been unmarked as missclassified', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'clear_dupl_all':
                     $id = Params::getParam('id');
                     $success = false;
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $i) {
                             if ($i) {
                                 $success = $this->itemManager->clearStat($i, 'duplicated');
                                 if ($success) {
                                     $numSuccess++;
                                 }
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as duplicated', '%d listings have been unmarked as duplicated', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'clear_expi_all':
                     $id = Params::getParam('id');
                     $success = false;
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $i) {
                             if ($i) {
                                 $success = $this->itemManager->clearStat($i, 'expired');
                                 if ($success) {
                                     $numSuccess++;
                                 }
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as expired', '%d listings have been unmarked as expired', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'clear_offe_all':
                     $id = Params::getParam('id');
                     $success = false;
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $i) {
                             if ($i) {
                                 $success = $this->itemManager->clearStat($i, 'offensive');
                                 if ($success) {
                                     $numSuccess++;
                                 }
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as offensive', '%d listings have been unmarked as offensive', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 case 'clear_all':
                     $id = Params::getParam('id');
                     $success = false;
                     if ($id) {
                         $numSuccess = 0;
                         foreach ($id as $i) {
                             if ($i) {
                                 $success = $this->itemManager->clearStat($i, 'all');
                                 if ($success) {
                                     $numSuccess++;
                                 }
                             }
                         }
                         osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked', '%d listings have been unmarked', $numSuccess), $numSuccess), 'admin');
                     }
                     break;
                 default:
                     if (Params::getParam("bulk_actions") != "") {
                         osc_run_hook("item_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id'));
                     }
                     break;
             }
             $this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
             break;
         case 'delete':
             //delete
             osc_csrf_check();
             $id = Params::getParam('id');
             $success = false;
             foreach ($id as $i) {
                 if ($i) {
                     $aItem = $this->itemManager->findByPrimaryKey($i);
                     $mItems = new ItemActions(true);
                     $success = $mItems->delete($aItem['s_secret'], $aItem['pk_i_id']);
                 }
             }
             if ($success) {
                 osc_add_flash_ok_message(_m('The listing has been deleted'), 'admin');
             } else {
                 osc_add_flash_error_message(_m("The listing couldn't be deleted"), 'admin');
             }
             $this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
             break;
         case 'status':
             //status
             osc_csrf_check();
             $id = Params::getParam('id');
             $value = Params::getParam('value');
             if (!$id) {
                 return false;
             }
             $id = (int) $id;
             if (!is_numeric($id)) {
                 return false;
             }
             if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) {
                 return false;
             }
             $item = $this->itemManager->findByPrimaryKey($id);
             $mItems = new ItemActions(true);
             switch ($value) {
                 case 'ACTIVE':
                     $success = $mItems->activate($id);
                     if ($success && $success > 0) {
                         osc_add_flash_ok_message(_m('The listing has been activated'), 'admin');
                     } else {
                         if (!$success) {
                             osc_add_flash_error_message(_m('An error has occurred'), 'admin');
                         } else {
                             osc_add_flash_error_message(_m("The listing can't be activated because it's blocked"), 'admin');
                         }
                     }
                     break;
                 case 'INACTIVE':
                     $success = $mItems->deactivate($id);
                     if ($success && $success > 0) {
                         osc_add_flash_ok_message(_m('The listing has been deactivated'), 'admin');
                     } else {
                         osc_add_flash_error_message(_m('An error has occurred'), 'admin');
                     }
                     break;
                 case 'ENABLE':
                     $success = $mItems->enable($id);
                     if ($success && $success > 0) {
                         osc_add_flash_ok_message(_m('The listing has been enabled'), 'admin');
                     } else {
                         osc_add_flash_error_message(_m('An error has occurred'), 'admin');
                     }
                     break;
                 case 'DISABLE':
                     $success = $mItems->disable($id);
                     if ($success && $success > 0) {
                         osc_add_flash_ok_message(_m('The listing has been disabled'), 'admin');
                     } else {
                         osc_add_flash_error_message(_m('An error has occurred'), 'admin');
                     }
                     break;
             }
             $this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
             break;
         case 'status_premium':
             //status premium
             osc_csrf_check();
             $id = Params::getParam('id');
             $value = Params::getParam('value');
             if (!$id) {
                 return false;
             }
             $id = (int) $id;
             if (!is_numeric($id)) {
                 return false;
             }
             if (!in_array($value, array(0, 1))) {
                 return false;
             }
             $mItems = new ItemActions(true);
             if ($mItems->premium($id, $value == 1 ? true : false)) {
                 osc_add_flash_ok_message(_m('Changes have been applied'), 'admin');
             } else {
                 osc_add_flash_error_message(_m('An error has occurred'), 'admin');
             }
             $this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
             break;
         case 'status_spam':
             //status spam
             osc_csrf_check();
             $id = Params::getParam('id');
             $value = Params::getParam('value');
             if (!$id) {
                 return false;
             }
             $id = (int) $id;
             if (!is_numeric($id)) {
                 return false;
             }
             if (!in_array($value, array(0, 1))) {
                 return false;
             }
             $mItems = new ItemActions(true);
             if ($mItems->spam($id, $value == 1 ? true : false)) {
                 osc_add_flash_ok_message(_m('Changes have been applied'), 'admin');
             } else {
                 osc_add_flash_error_message(_m('An error has occurred'), 'admin');
             }
             $this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
             break;
         case 'clear_stat':
             osc_csrf_check();
             $id = Params::getParam('id');
             $stat = Params::getParam('stat');
             if (!$id) {
                 return false;
             }
             if (!$stat) {
                 return false;
             }
             $id = (int) $id;
             if (!is_numeric($id)) {
                 return false;
             }
             $success = $this->itemManager->clearStat($id, $stat);
             if ($success) {
                 osc_add_flash_ok_message(_m('The listing has been unmarked as') . " {$stat}", 'admin');
             } else {
                 osc_add_flash_error_message(_m("The listing hasn't been unmarked as") . " {$stat}", 'admin');
             }
             $this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
             break;
         case 'item_edit':
             // edit item
             $id = Params::getParam('id');
             $item = Item::newInstance()->findByPrimaryKey($id);
             if (count($item) <= 0) {
                 $this->redirectTo(osc_admin_base_url(true) . "?page=items");
             }
             $csrf_token = osc_csrf_token_url();
             if ($item['b_active']) {
                 $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&amp;action=status&amp;id=' . $item['pk_i_id'] . '&amp;' . $csrf_token . '&amp;value=INACTIVE">' . __('Deactivate') . '</a>';
             } else {
                 $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&amp;action=status&amp;id=' . $item['pk_i_id'] . '&amp;' . $csrf_token . '&amp;value=ACTIVE">' . __('Activate') . '</a>';
             }
             if ($item['b_enabled']) {
                 $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&amp;action=status&amp;id=' . $item['pk_i_id'] . '&amp;' . $csrf_token . '&amp;value=DISABLE">' . __('Block') . '</a>';
             } else {
                 $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&amp;action=status&amp;id=' . $item['pk_i_id'] . '&amp;' . $csrf_token . '&amp;value=ENABLE">' . __('Unblock') . '</a>';
             }
             if ($item['b_premium']) {
                 $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&amp;action=status_premium&amp;id=' . $item['pk_i_id'] . '&amp;' . $csrf_token . '&amp;value=0">' . __('Unmark as premium') . '</a>';
             } else {
                 $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&amp;action=status_premium&amp;id=' . $item['pk_i_id'] . '&amp;' . $csrf_token . '&amp;value=1">' . __('Mark as premium') . '</a>';
             }
             if ($item['b_spam']) {
                 $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&amp;action=status_spam&amp;id=' . $item['pk_i_id'] . '&amp;' . $csrf_token . '&amp;value=0">' . __('Unmark as spam') . '</a>';
             } else {
                 $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&amp;action=status_spam&amp;id=' . $item['pk_i_id'] . '&amp;' . $csrf_token . '&amp;value=1">' . __('Mark as spam') . '</a>';
             }
             $this->_exportVariableToView("actions", $actions);
             $form = count(Session::newInstance()->_getForm());
             $keepForm = count(Session::newInstance()->_getKeepForm());
             if ($form == 0 || $form == $keepForm) {
                 Session::newInstance()->_dropKeepForm();
             }
             // save referer if belongs to manage items
             // redirect only if ManageItems or ReportedListngs
             if (Params::existServerParam('HTTP_REFERER')) {
                 $referer = Params::getServerParam('HTTP_REFERER', false, false);
                 if (preg_match('/page=items/', $referer)) {
                     if (preg_match("/action=([\\p{L}|_|-]+)/u", $referer, $matches)) {
                         if ($matches[1] == 'items_reported') {
                             Session::newInstance()->_set('osc_admin_referer', $referer);
                         }
                     } else {
                         // no actions - Manage Listings
                         Session::newInstance()->_set('osc_admin_referer', $referer);
                     }
                 }
             }
             $this->_exportVariableToView("item", $item);
             $this->_exportVariableToView("new_item", FALSE);
             osc_run_hook("before_item_edit", $item);
             $this->doView('items/frm.php');
             break;
         case 'item_edit_post':
             osc_csrf_check();
             $mItems = new ItemActions(true);
             $mItems->prepareData(false);
             // set all parameters into session
             foreach ($mItems->data as $key => $value) {
                 Session::newInstance()->_setForm($key, $value);
             }
             $meta = Params::getParam('meta');
             if (is_array($meta)) {
                 foreach ($meta as $key => $value) {
                     Session::newInstance()->_setForm('meta_' . $key, $value);
                     Session::newInstance()->_keepForm('meta_' . $key);
                 }
             }
             $success = $mItems->edit();
             if ($success == 1) {
                 osc_add_flash_ok_message(_m('Changes saved correctly'), 'admin');
                 $url = osc_admin_base_url(true) . "?page=items";
                 // if Referer is saved that means referer is ManageListings or ReportListings
                 if (Session::newInstance()->_get('osc_admin_referer') != '') {
                     $url = Session::newInstance()->_get('osc_admin_referer');
                 }
                 Session::newInstance()->_clearVariables();
                 if (is_array($meta)) {
                     foreach ($meta as $key => $value) {
                         Session::newInstance()->_dropKeepForm('meta_' . $key);
                     }
                 }
                 $this->redirectTo($url);
             } else {
                 osc_add_flash_error_message($success, 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=item_edit&id=" . Params::getParam('id'));
             }
             break;
         case 'deleteResource':
             //delete resource
             osc_csrf_check();
             $id = Params::getParam('id');
             $name = Params::getParam('name');
             $fkid = Params::getParam('fkid');
             // delete files
             osc_deleteResource($id, true);
             Log::newInstance()->insertLog('items', 'deleteResource', $id, $id, 'admin', osc_logged_admin_id());
             $result = ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name));
             if ($result === false) {
                 osc_add_flash_error_message(_m('An error has occurred'), 'admin');
             } else {
                 osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=items");
             break;
         case 'post':
             // add item
             $form = count(Session::newInstance()->_getForm());
             $keepForm = count(Session::newInstance()->_getKeepForm());
             if ($form == 0 || $form == $keepForm) {
                 Session::newInstance()->_dropKeepForm();
             }
             $this->_exportVariableToView("new_item", TRUE);
             osc_run_hook('post_item');
             $this->doView('items/frm.php');
             break;
         case 'post_item':
             //post item
             osc_csrf_check();
             $mItem = new ItemActions(true);
             $mItem->prepareData(true);
             // set all parameters into session
             foreach ($mItem->data as $key => $value) {
                 Session::newInstance()->_setForm($key, $value);
             }
             $meta = Params::getParam('meta');
             if (is_array($meta)) {
                 foreach ($meta as $key => $value) {
                     Session::newInstance()->_setForm('meta_' . $key, $value);
                     Session::newInstance()->_keepForm('meta_' . $key);
                 }
             }
             $success = $mItem->add();
             if ($success == 1 || $success == 2) {
                 $url = osc_admin_base_url(true) . "?page=items";
                 // if Referer is saved that means referer is ManageListings or ReportListings
                 if (Session::newInstance()->_get('osc_admin_referer') != '') {
                     $url = Session::newInstance()->_get('osc_admin_referer');
                     Session::newInstance()->_drop('osc_admin_referer');
                 }
                 Session::newInstance()->_clearVariables();
                 if (is_array($meta)) {
                     foreach ($meta as $key => $value) {
                         Session::newInstance()->_dropKeepForm('meta_' . $key);
                     }
                 }
                 osc_add_flash_ok_message(_m('A new listing has been added'), 'admin');
                 $this->redirectTo($url);
             } else {
                 osc_add_flash_error_message($success, 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=items&action=post");
             }
             break;
         case 'settings':
             // calling the items settings view
             $this->doView('items/settings.php');
             break;
         case 'settings_post':
             // update item settings
             osc_csrf_check();
             $iUpdated = 0;
             $enabledRecaptchaItems = Params::getParam('enabled_recaptcha_items');
             $enabledRecaptchaItems = $enabledRecaptchaItems == '1' ? true : false;
             $moderateItems = Params::getParam('moderate_items');
             $moderateItems = $moderateItems != '' ? true : false;
             $numModerateItems = Params::getParam('num_moderate_items');
             $itemsWaitTime = Params::getParam('items_wait_time');
             $loggedUserItemValidation = Params::getParam('logged_user_item_validation');
             $loggedUserItemValidation = $loggedUserItemValidation != '' ? true : false;
             $regUserPost = Params::getParam('reg_user_post');
             $regUserPost = $regUserPost != '' ? true : false;
             $notifyNewItem = Params::getParam('notify_new_item');
             $notifyNewItem = $notifyNewItem != '' ? true : false;
             $notifyContactItem = Params::getParam('notify_contact_item');
             $notifyContactItem = $notifyContactItem != '' ? true : false;
             $notifyContactFriends = Params::getParam('notify_contact_friends');
             $notifyContactFriends = $notifyContactFriends != '' ? true : false;
             $enabledFieldPriceItems = Params::getParam('enableField#f_price@items');
             $enabledFieldPriceItems = $enabledFieldPriceItems != '' ? true : false;
             $enabledFieldImagesItems = Params::getParam('enableField#images@items');
             $enabledFieldImagesItems = $enabledFieldImagesItems != '' ? true : false;
             $numImagesItems = Params::getParam('numImages@items');
             if ($numImagesItems == '') {
                 $numImagesItems = 0;
             }
             $regUserCanContact = Params::getParam('reg_user_can_contact');
             $regUserCanContact = $regUserCanContact != '' ? true : false;
             $contactItemAttachment = Params::getParam('item_attachment');
             $contactItemAttachment = $contactItemAttachment != '' ? true : false;
             $warnExpiration = Params::getParam('warn_expiration');
             $warnExpiration = (int) $warnExpiration;
             $titleLength = Params::getParam('max_chars_per_title');
             $descriptionLength = Params::getParam('max_chars_per_description');
             $msg = '';
             if (!osc_validate_int(Params::getParam("items_wait_time"))) {
                 $msg .= _m("Wait time must only contain numeric characters") . "<br/>";
             }
             if (Params::getParam("num_moderate_items") != '' && !osc_validate_int(Params::getParam("num_moderate_items"))) {
                 $msg .= _m("Number of moderated listings must only contain numeric characters") . "<br/>";
             }
             if (!osc_validate_int($numImagesItems)) {
                 $msg .= _m("Images per listing must only contain numeric characters") . "<br/>";
             }
             if (!osc_validate_int($warnExpiration)) {
                 $msg .= _m("Number of expiration days has to be a numeric value") . "<br/>";
             }
             if (!osc_validate_int($titleLength)) {
                 $msg .= _m("Title Length has to be a numeric value") . "<br/>";
             }
             if (!osc_validate_int($descriptionLength)) {
                 $msg .= _m("Description Length has to be a numeric value") . "<br/>";
             }
             if ($msg != '') {
                 osc_add_flash_error_message($msg, 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings');
             }
             $iUpdated += osc_set_preference('enabled_recaptcha_items', $enabledRecaptchaItems);
             if ($moderateItems) {
                 $iUpdated += osc_set_preference('moderate_items', $numModerateItems);
             } else {
                 $iUpdated += osc_set_preference('moderate_items', '-1');
             }
             $iUpdated += osc_set_preference('logged_user_item_validation', $loggedUserItemValidation);
             $iUpdated += osc_set_preference('reg_user_post', $regUserPost);
             $iUpdated += osc_set_preference('notify_new_item', $notifyNewItem);
             $iUpdated += osc_set_preference('notify_contact_item', $notifyContactItem);
             $iUpdated += osc_set_preference('notify_contact_friends', $notifyContactFriends);
             $iUpdated += osc_set_preference('enableField#f_price@items', $enabledFieldPriceItems);
             $iUpdated += osc_set_preference('enableField#images@items', $enabledFieldImagesItems);
             $iUpdated += osc_set_preference('items_wait_time', $itemsWaitTime);
             $iUpdated += osc_set_preference('numImages@items', $numImagesItems);
             $iUpdated += osc_set_preference('reg_user_can_contact', $regUserCanContact);
             $iUpdated += osc_set_preference('item_attachment', $contactItemAttachment);
             $iUpdated += osc_set_preference('warn_expiration', $warnExpiration);
             $iUpdated += osc_set_preference('title_character_length', $titleLength);
             $iUpdated += osc_set_preference('description_character_length', $descriptionLength);
             if ($iUpdated > 0) {
                 osc_add_flash_ok_message(_m("Listings' settings have been updated"), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings');
             break;
         case 'items_reported':
             require_once osc_lib_path() . "osclass/classes/datatables/ItemsDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
                     Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
                 } else {
                     Params::setParam('iDisplayLength', 10);
                 }
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $itemsDataTable = new ItemsDataTable();
             $itemsDataTable->tableReported($params);
             $aData = $itemsDataTable->getData();
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('aRawRows', $itemsDataTable->rawRows());
             //calling the view...
             $this->doView('items/reported.php');
             break;
         default:
             // default
             require_once osc_lib_path() . "osclass/classes/datatables/ItemsDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
                     Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
                 } else {
                     Params::setParam('iDisplayLength', 10);
                 }
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $itemsDataTable = new ItemsDataTable();
             $aData = $itemsDataTable->table($params);
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('withFilters', $itemsDataTable->withFilters());
             $this->_exportVariableToView('aRawRows', $itemsDataTable->rawRows());
             $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Delete'))), 'label' => __('Delete')), array('value' => 'activate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'disable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'enable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unblock'))), 'label' => __('Unblock')), array('value' => 'premium_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Mark as premium'))), 'label' => __('Mark as premium')), array('value' => 'depremium_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unmark as premium'))), 'label' => __('Unmark as premium')), array('value' => 'spam_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Mark as spam'))), 'label' => __('Mark as spam')), array('value' => 'despam_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unmark as spam'))), 'label' => __('Unmark as spam')));
             $bulk_options = osc_apply_filter("item_bulk_filter", $bulk_options);
             $this->_exportVariableToView('bulk_options', $bulk_options);
             //calling the view...
             $this->doView('items/index.php');
     }
 }
Beispiel #8
0
 public function init()
 {
     if (Params::existServerParam('REQUEST_URI')) {
         if (preg_match('|[\\?&]{1}http_referer=(.*)$|', urldecode(Params::getServerParam('REQUEST_URI', false, false)), $ref_match)) {
             $this->http_referer = $ref_match[1];
             $_SERVER['REQUEST_URI'] = preg_replace('|[\\?&]{1}http_referer=(.*)$|', "", urldecode(Params::getServerParam('REQUEST_URI', false, false)));
         }
         $request_uri = preg_replace('@^' . REL_WEB_URL . '@', "", urldecode(Params::getServerParam('REQUEST_URI', false, false)));
         $this->raw_request_uri = $request_uri;
         $route_used = false;
         foreach ($this->routes as $id => $route) {
             // UNCOMMENT TO DEBUG
             //echo 'Request URI: '.$request_uri." # Match : ".$route['regexp']." # URI to go : ".$route['url']." <br />";
             if (preg_match('#^' . $route['regexp'] . '#', $request_uri, $m)) {
                 if (!preg_match_all('#\\{([^\\}]+)\\}#', $route['url'], $args)) {
                     $args[1] = array();
                 }
                 $l = count($m);
                 for ($p = 1; $p < $l; $p++) {
                     if (isset($args[1][$p - 1])) {
                         Params::setParam($args[1][$p - 1], $m[$p]);
                     } else {
                         Params::setParam('route_param_' . $p, $m[$p]);
                     }
                 }
                 Params::setParam('page', 'custom');
                 Params::setParam('route', $id);
                 $route_used = true;
                 $this->location = $route['location'];
                 $this->section = $route['section'];
                 $this->title = $route['title'];
                 break;
             }
         }
         if (!$route_used) {
             if (osc_rewrite_enabled()) {
                 $tmp_ar = explode("?", $request_uri);
                 $request_uri = $tmp_ar[0];
                 // if try to access directly to a php file
                 if (preg_match('#^(.+?)\\.php(.*)$#', $request_uri)) {
                     $file = explode("?", $request_uri);
                     if (!file_exists(ABS_PATH . $file[0])) {
                         Rewrite::newInstance()->set_location('error');
                         header('HTTP/1.1 404 Not Found');
                         osc_current_web_theme_path('404.php');
                         exit;
                     }
                 }
                 foreach ($this->rules as $match => $uri) {
                     // UNCOMMENT TO DEBUG
                     // echo 'Request URI: '.$request_uri." # Match : ".$match." # URI to go : ".$uri." <br />";
                     if (preg_match('#^' . $match . '#', $request_uri, $m)) {
                         $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
                         break;
                     }
                 }
             }
             $this->extractParams($request_uri);
             $this->request_uri = $request_uri;
             if (Params::getParam('page') != '') {
                 $this->location = Params::getParam('page');
             }
             if (Params::getParam('action') != '') {
                 $this->section = Params::getParam('action');
             }
         }
     }
 }
Beispiel #9
0
function osc_show_pagination_admin($aData)
{
    $pageActual = isset($aData['iPage']) ? $aData['iPage'] : Params::getParam('iPage');
    $urlActual = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
    $urlActual = preg_replace('/&iPage=(\\d+)?/', '', $urlActual);
    $pageTotal = ceil($aData['iTotalDisplayRecords'] / $aData['iDisplayLength']);
    $params = array('total' => $pageTotal, 'selected' => $pageActual - 1, 'url' => $urlActual . '&iPage={PAGE}', 'sides' => 5);
    ?>
    <div class="has-pagination">
        <?php 
    osc_run_hook('before_show_pagination_admin');
    ?>
        <?php 
    if ($pageTotal > 1) {
        ?>
        <form method="get" action="<?php 
        echo $urlActual;
        ?>
" style="display:inline;">
            <?php 
        foreach (Params::getParamsAsArray('get') as $key => $value) {
            ?>
            <?php 
            if ($key != 'iPage') {
                ?>
            <input type="hidden" name="<?php 
                echo osc_esc_html($key);
                ?>
" value="<?php 
                echo osc_esc_html($value);
                ?>
" />
            <?php 
            }
        }
        ?>
            <ul>
                <li>
                    <span class="list-first"><?php 
        _e('Page');
        ?>
</span>
                </li>
                <li class="pagination-input">
                    <input id="gotoPage" type="text" name="iPage" value="<?php 
        echo osc_esc_html($pageActual);
        ?>
"/><button type="submit"><?php 
        _e('Go!');
        ?>
</button>
                </li>
            </ul>
        </form>
        <?php 
        $pagination = new Pagination($params);
        $aux = $pagination->doPagination();
        echo $aux;
    }
    osc_run_hook('after_show_pagination_admin');
    ?>
    </div>
    <?php 
}
Beispiel #10
0
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'bulk_actions':
             osc_csrf_check();
             switch (Params::getParam('bulk_actions')) {
                 case 'delete':
                     $ids = Params::getParam("id");
                     if (is_array($ids)) {
                         foreach ($ids as $id) {
                             osc_deleteResource($id, true);
                         }
                         $log_ids = substr(implode(",", $ids), 0, 250);
                         Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id());
                         $this->resourcesManager->deleteResourcesIds($ids);
                     }
                     osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
                     break;
                 default:
                     if (Params::getParam("bulk_actions") != "") {
                         osc_run_hook("media_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id'));
                     }
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=media');
             break;
         case 'delete':
             osc_csrf_check();
             $ids = Params::getParam('id');
             if (is_array($ids)) {
                 foreach ($ids as $id) {
                     osc_deleteResource($id, true);
                 }
                 $log_ids = substr(implode(",", $ids), 0, 250);
                 Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id());
                 $this->resourcesManager->deleteResourcesIds($ids);
             }
             osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=media');
             break;
         default:
             require_once osc_lib_path() . "osclass/classes/datatables/MediaDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
                     Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
                 } else {
                     Params::setParam('iDisplayLength', 10);
                 }
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $mediaDataTable = new MediaDataTable();
             $mediaDataTable->table($params);
             $aData = $mediaDataTable->getData();
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('aRawRows', $mediaDataTable->rawRows());
             $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected media files?'), strtolower(__('Delete'))), 'label' => __('Delete')));
             $bulk_options = osc_apply_filter("media_bulk_filter", $bulk_options);
             $this->_exportVariableToView('bulk_options', $bulk_options);
             $this->doView('media/index.php');
             break;
     }
 }
Beispiel #11
0
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'edit':
             if (Params::getParam("id") == '') {
                 $this->redirectTo(osc_admin_base_url(true) . "?page=emails");
             }
             $form = count(Session::newInstance()->_getForm());
             $keepForm = count(Session::newInstance()->_getKeepForm());
             if ($form == 0 || $form == $keepForm) {
                 Session::newInstance()->_dropKeepForm();
             }
             $this->_exportVariableToView("email", $this->emailManager->findByPrimaryKey(Params::getParam("id")));
             $this->doView("emails/frm.php");
             break;
         case 'edit_post':
             osc_csrf_check();
             $id = Params::getParam("id");
             $s_internal_name = Params::getParam("s_internal_name");
             $aFieldsDescription = array();
             $postParams = Params::getParamsAsArray('', false);
             $not_empty = false;
             foreach ($postParams as $k => $v) {
                 if (preg_match('|(.+?)#(.+)|', $k, $m)) {
                     if ($m[2] == 's_title' && $v != '') {
                         $not_empty = true;
                     }
                     $aFieldsDescription[$m[1]][$m[2]] = $v;
                 }
             }
             Session::newInstance()->_setForm('s_internal_name', $s_internal_name);
             Session::newInstance()->_setForm('aFieldsDescription', $aFieldsDescription);
             if ($not_empty) {
                 foreach ($aFieldsDescription as $k => $_data) {
                     $this->emailManager->updateDescription($id, $k, $_data['s_title'], $_data['s_text']);
                 }
                 if (!$this->emailManager->internalNameExists($id, $s_internal_name)) {
                     if (!$this->emailManager->isIndelible($id)) {
                         $this->emailManager->updateInternalName($id, $s_internal_name);
                     }
                     Session::newInstance()->_clearVariables();
                     osc_add_flash_ok_message(_m('The email/alert has been updated'), 'admin');
                     $this->redirectTo(osc_admin_base_url(true) . "?page=emails");
                 }
                 osc_add_flash_error_message(_m('You can\'t repeat internal name'), 'admin');
             } else {
                 osc_add_flash_error_message(_m('The email couldn\'t be updated, at least one title should not be empty'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=emails&action=edit&id=" . $id);
             break;
         default:
             //-
             if (Params::getParam('iDisplayLength') == '') {
                 Params::setParam('iDisplayLength', 10);
             }
             $p_iPage = 1;
             if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
                 $p_iPage = Params::getParam('iPage');
             }
             Params::setParam('iPage', $p_iPage);
             $prefLocale = osc_current_admin_locale();
             $emails = $this->emailManager->listAll(1);
             // pagination
             $start = ($p_iPage - 1) * Params::getParam('iDisplayLength');
             $limit = Params::getParam('iDisplayLength');
             $count = count($emails);
             $displayRecords = $limit;
             if ($start + $limit > $count) {
                 $displayRecords = $start + $limit - $count;
             }
             // ----
             $aData = array();
             $max = $start + $limit;
             if ($max > $count) {
                 $max = $count;
             }
             for ($i = $start; $i < $max; $i++) {
                 $email = $emails[$i];
                 if (isset($email['locale'][$prefLocale]) && !empty($email['locale'][$prefLocale]['s_title'])) {
                     $title = $email['locale'][$prefLocale];
                 } else {
                     $title = current($email['locale']);
                 }
                 $options = array();
                 $options[] = '<a href="' . osc_admin_base_url(true) . '?page=emails&amp;action=edit&amp;id=' . $email["pk_i_id"] . '">' . __('Edit') . '</a>';
                 $auxOptions = '<ul>' . PHP_EOL;
                 foreach ($options as $actual) {
                     $auxOptions .= '<li>' . $actual . '</li>' . PHP_EOL;
                 }
                 $actions = '<div class="actions">' . $auxOptions . '</div>' . PHP_EOL;
                 $row = array();
                 $row[] = $email['s_internal_name'] . $actions;
                 $row[] = $title['s_title'];
                 $aData[] = $row;
             }
             // ----
             $array['iTotalRecords'] = $displayRecords;
             $array['iTotalDisplayRecords'] = count($emails);
             $array['iDisplayLength'] = $limit;
             $array['aaData'] = $aData;
             $page = (int) Params::getParam('iPage');
             if (count($array['aaData']) == 0 && $page != 1) {
                 $total = (int) $array['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $array['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aEmails', $array);
             $this->doView("emails/index.php");
     }
 }
Beispiel #12
0
 function recover_password()
 {
     $user = User::newInstance()->findByEmail(Params::getParam('s_email'));
     Session::newInstance()->_set('recover_time', time());
     if (osc_recaptcha_private_key() != '') {
         if (!osc_check_recaptcha()) {
             return 2;
             // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
         }
     }
     if (!$user || $user['b_enabled'] == 0) {
         return 1;
     }
     $code = osc_genRandomPassword(30);
     $date = date('Y-m-d H:i:s');
     User::newInstance()->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => Params::getServerParam('REMOTE_ADDR')), array('pk_i_id' => $user['pk_i_id']));
     $password_url = osc_forgot_user_password_confirm_url($user['pk_i_id'], $code);
     osc_run_hook('hook_email_user_forgot_password', $user, $password_url);
     return 0;
 }
Beispiel #13
0
function get_ip()
{
    if (Params::getServerParam('HTTP_CLIENT_IP') != '') {
        return Params::getServerParam('HTTP_CLIENT_IP');
    }
    if (Params::getServerParam('HTTP_X_FORWARDED_FOR') != '') {
        $ip_array = explode(',', Params::getServerParam('HTTP_X_FORWARDED_FOR'));
        foreach ($ip_array as $ip) {
            return trim($ip);
        }
    }
    return Params::getServerParam('REMOTE_ADDR');
}
Beispiel #14
0
 function doModel()
 {
     switch ($this->action) {
         case 'add':
             // caliing add view
             $this->doView('languages/add.php');
             break;
         case 'add_post':
             // adding a new language
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             }
             osc_csrf_check();
             $filePackage = Params::getFiles('package');
             if (isset($filePackage['size']) && $filePackage['size'] != 0) {
                 $path = osc_translations_path();
                 (int) ($status = osc_unzip_file($filePackage['tmp_name'], $path));
                 @unlink($filePackage['tmp_name']);
             } else {
                 $status = 3;
             }
             switch ($status) {
                 case 0:
                     $msg = _m('The translation folder is not writable');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
                 case 1:
                     if (osc_checkLocales()) {
                         $msg = _m('The language has been installed correctly');
                         osc_add_flash_ok_message($msg, 'admin');
                     } else {
                         $msg = _m('There was a problem adding the language');
                         osc_add_flash_error_message($msg, 'admin');
                     }
                     break;
                 case 2:
                     $msg = _m('The zip file is not valid');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
                 case 3:
                     $msg = _m('No file was uploaded');
                     osc_add_flash_warning_message($msg, 'admin');
                     $this->redirectTo(osc_admin_base_url(true) . "?page=languages&action=add");
                     break;
                 case -1:
                 default:
                     $msg = _m('There was a problem adding the language');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             break;
         case 'edit':
             // editing a language
             $sLocale = Params::getParam('id');
             if (!preg_match('/.{2}_.{2}/', $sLocale)) {
                 osc_add_flash_error_message(_m('Language id isn\'t in the correct format'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             }
             $aLocale = $this->localeManager->findByPrimaryKey($sLocale);
             if (count($aLocale) == 0) {
                 osc_add_flash_error_message(_m('Language id doesn\'t exist'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             }
             $this->_exportVariableToView("aLocale", $aLocale);
             $this->doView('languages/frm.php');
             break;
         case 'edit_post':
             // edit language post
             osc_csrf_check();
             $iUpdated = 0;
             $languageCode = Params::getParam('pk_c_code');
             $enabledWebstie = Params::getParam('b_enabled');
             $enabledBackoffice = Params::getParam('b_enabled_bo');
             $languageName = Params::getParam('s_name');
             $languageShortName = Params::getParam('s_short_name');
             $languageDescription = Params::getParam('s_description');
             $languageCurrencyFormat = Params::getParam('s_currency_format');
             $languageDecPoint = Params::getParam('s_dec_point');
             $languageNumDec = Params::getParam('i_num_dec');
             $languageThousandsSep = Params::getParam('s_thousands_sep');
             $languageDateFormat = Params::getParam('s_date_format');
             $languageStopWords = Params::getParam('s_stop_words');
             // formatting variables
             if (!preg_match('/.{2}_.{2}/', $languageCode)) {
                 osc_add_flash_error_message(_m('Language id isn\'t in the correct format'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             }
             $enabledWebstie = $enabledWebstie != '' ? true : false;
             $enabledBackoffice = $enabledBackoffice != '' ? true : false;
             $languageName = strip_tags($languageName);
             $languageName = trim($languageName);
             $languageShortName = strip_tags($languageShortName);
             $languageShortName = trim($languageShortName);
             $languageDescription = strip_tags($languageDescription);
             $languageDescription = trim($languageDescription);
             $languageCurrencyFormat = strip_tags($languageCurrencyFormat);
             $languageCurrencyFormat = trim($languageCurrencyFormat);
             $languageDateFormat = strip_tags($languageDateFormat);
             $languageDateFormat = trim($languageDateFormat);
             $languageStopWords = strip_tags($languageStopWords);
             $languageStopWords = trim($languageStopWords);
             $msg = '';
             if (!osc_validate_text($languageName)) {
                 $msg .= _m("Language name field is required") . "<br/>";
             }
             if (!osc_validate_text($languageShortName)) {
                 $msg .= _m("Language short name field is required") . "<br/>";
             }
             if (!osc_validate_text($languageDescription)) {
                 $msg .= _m("Language description field is required") . "<br/>";
             }
             if (!osc_validate_text($languageCurrencyFormat)) {
                 $msg .= _m("Currency format field is required") . "<br/>";
             }
             if (!osc_validate_int($languageNumDec)) {
                 $msg .= _m("Number of decimals must only contain numeric characters") . "<br/>";
             }
             if ($msg != '') {
                 osc_add_flash_error_message($msg, 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=languages&action=edit&id=' . $languageCode);
             }
             $array = array('b_enabled' => $enabledWebstie, 'b_enabled_bo' => $enabledBackoffice, 's_name' => $languageName, 's_short_name' => $languageShortName, 's_description' => $languageDescription, 's_currency_format' => $languageCurrencyFormat, 's_dec_point' => $languageDecPoint, 'i_num_dec' => $languageNumDec, 's_thousands_sep' => $languageThousandsSep, 's_date_format' => $languageDateFormat, 's_stop_words' => $languageStopWords);
             $iUpdated = $this->localeManager->update($array, array('pk_c_code' => $languageCode));
             if ($iUpdated > 0) {
                 osc_add_flash_ok_message(sprintf(_m('%s has been updated'), $languageShortName), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             break;
         case 'enable_selected':
             osc_csrf_check();
             $msg = _m('Selected languages have been enabled for the website');
             $iUpdated = 0;
             $aValues = array('b_enabled' => 1);
             $id = Params::getParam('id');
             if (!is_array($id)) {
                 osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             }
             foreach ($id as $i) {
                 osc_translate_categories($i);
                 $iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
             }
             if ($iUpdated > 0) {
                 osc_add_flash_ok_message($msg, 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             break;
         case 'disable_selected':
             osc_csrf_check();
             $msg = _m('Selected languages have been disabled for the website');
             $msg_warning = '';
             $iUpdated = 0;
             $aValues = array('b_enabled' => 0);
             $id = Params::getParam('id');
             if (!is_array($id)) {
                 osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             }
             foreach ($id as $i) {
                 if (osc_language() == $i) {
                     $msg_warning = sprintf(_m("%s can't be disabled because it's the default language"), osc_language());
                     continue;
                 }
                 $iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
             }
             if ($msg_warning != '') {
                 if ($iUpdated > 0) {
                     osc_add_flash_warning_message($msg . '</p><p>' . $msg_warning, 'admin');
                 } else {
                     osc_add_flash_warning_message($msg_warning, 'admin');
                 }
             } else {
                 osc_add_flash_ok_message($msg, 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             break;
         case 'enable_bo_selected':
             osc_csrf_check();
             $msg = _m('Selected languages have been enabled for the backoffice (oc-admin)');
             $iUpdated = 0;
             $aValues = array('b_enabled_bo' => 1);
             $id = Params::getParam('id');
             if (!is_array($id)) {
                 osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             }
             foreach ($id as $i) {
                 osc_translate_categories($i);
                 $iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
             }
             if ($iUpdated > 0) {
                 osc_add_flash_ok_message($msg, 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             break;
         case 'disable_bo_selected':
             osc_csrf_check();
             $msg = _m('Selected languages have been disabled for the backoffice (oc-admin)');
             $msg_warning = '';
             $iUpdated = 0;
             $aValues = array('b_enabled_bo' => 0);
             $id = Params::getParam('id');
             if (!is_array($id)) {
                 osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             }
             foreach ($id as $i) {
                 if (osc_language() == $i) {
                     $msg_warning = sprintf(_m("%s can't be disabled because it's the default language"), osc_language());
                     continue;
                 }
                 $iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
             }
             if ($msg_warning != '') {
                 if ($iUpdated > 0) {
                     osc_add_flash_warning_message($msg . '</p><p>' . $msg_warning, 'admin');
                 } else {
                     osc_add_flash_warning_message($msg_warning, 'admin');
                 }
             } else {
                 osc_add_flash_ok_message($msg, 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             break;
         case 'delete':
             osc_csrf_check();
             if (is_array(Params::getParam('id'))) {
                 $default_lang = osc_language();
                 foreach (Params::getParam('id') as $code) {
                     if ($default_lang != $code) {
                         if ($this->localeManager->deleteLocale($code)) {
                             if (!osc_deleteDir(osc_translations_path() . $code)) {
                                 osc_add_flash_error_message(sprintf(_m("Directory '%s' couldn't be removed"), $code), 'admin');
                             } else {
                                 osc_add_flash_ok_message(sprintf(_m('Directory "%s" has been successfully removed'), $code), 'admin');
                             }
                         } else {
                             osc_add_flash_error_message(sprintf(_m("Directory '%s' couldn't be removed;)"), $code), 'admin');
                         }
                     } else {
                         osc_add_flash_error_message(sprintf(_m("Directory '%s' couldn't be removed because it's the default language. Set another language as default first and try again"), $code), 'admin');
                     }
                 }
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=languages');
             break;
         default:
             if (Params::getParam('checkUpdated') != '') {
                 osc_admin_toolbar_update_languages(true);
             }
             if (Params::getParam("action") != "") {
                 osc_run_hook("language_bulk_" . Params::getParam("action"), Params::getParam('id'));
             }
             // -----
             if (Params::getParam('iDisplayLength') == '') {
                 Params::setParam('iDisplayLength', 10);
             }
             // ?
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             $p_iPage = 1;
             if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
                 $p_iPage = Params::getParam('iPage');
             }
             Params::setParam('iPage', $p_iPage);
             $aLanguages = OSCLocale::newInstance()->listAll();
             // pagination
             $start = ($p_iPage - 1) * Params::getParam('iDisplayLength');
             $limit = Params::getParam('iDisplayLength');
             $count = count($aLanguages);
             $displayRecords = $limit;
             if ($start + $limit > $count) {
                 $displayRecords = $start + $limit - $count;
             }
             // ----
             $aLanguagesToUpdate = json_decode(osc_get_preference('languages_to_update'));
             $bLanguagesToUpdate = is_array($aLanguagesToUpdate) ? true : false;
             // ----
             $aData = array();
             $max = $start + $limit;
             if ($max > $count) {
                 $max = $count;
             }
             for ($i = $start; $i < $max; $i++) {
                 $l = $aLanguages[$i];
                 $row = array();
                 $row[] = '<input type="checkbox" name="id[]" value="' . $l['pk_c_code'] . '" />';
                 $options = array();
                 $options[] = '<a href="' . osc_admin_base_url(true) . '?page=languages&amp;action=edit&amp;id=' . $l['pk_c_code'] . '">' . __('Edit') . '</a>';
                 $options[] = '<a href="' . osc_admin_base_url(true) . '?page=languages&amp;action=' . ($l['b_enabled'] == 1 ? 'disable_selected' : 'enable_selected') . '&amp;id[]=' . $l['pk_c_code'] . '&amp;' . osc_csrf_token_url() . '">' . ($l['b_enabled'] == 1 ? __('Disable (website)') : __('Enable (website)')) . '</a> ';
                 $options[] = '<a href="' . osc_admin_base_url(true) . '?page=languages&amp;action=' . ($l['b_enabled_bo'] == 1 ? 'disable_bo_selected' : 'enable_bo_selected') . '&amp;id[]=' . $l['pk_c_code'] . '&amp;' . osc_csrf_token_url() . '">' . ($l['b_enabled_bo'] == 1 ? __('Disable (oc-admin)') : __('Enable (oc-admin)')) . '</a>';
                 $options[] = '<a onclick="return delete_dialog(\'' . $l['pk_c_code'] . '\');"  href="' . osc_admin_base_url(true) . '?page=languages&amp;action=delete&amp;id[]=' . $l['pk_c_code'] . '&amp;' . osc_csrf_token_url() . '">' . __('Delete') . '</a>';
                 $auxOptions = '<ul>' . PHP_EOL;
                 foreach ($options as $actual) {
                     $auxOptions .= '<li>' . $actual . '</li>' . PHP_EOL;
                 }
                 $actions = '<div class="actions">' . $auxOptions . '</div>' . PHP_EOL;
                 $sUpdate = '';
                 // get languages to update from t_preference
                 if ($bLanguagesToUpdate) {
                     if (in_array($l['pk_c_code'], $aLanguagesToUpdate)) {
                         $sUpdate = '<a class="btn-market-update btn-market-popup" href="#' . htmlentities($l['pk_c_code']) . '">' . __("Update here") . '</a>';
                     }
                 }
                 $row[] = $l['s_name'] . $sUpdate . $actions;
                 $row[] = $l['s_short_name'];
                 $row[] = $l['s_description'];
                 $row[] = $l['b_enabled'] ? __('Yes') : __('No');
                 $row[] = $l['b_enabled_bo'] ? __('Yes') : __('No');
                 $aData[] = $row;
             }
             // ----
             $array['iTotalRecords'] = $displayRecords;
             $array['iTotalDisplayRecords'] = count($aLanguages);
             $array['iDisplayLength'] = $limit;
             $array['aaData'] = $aData;
             $page = (int) Params::getParam('iPage');
             if (count($array['aaData']) == 0 && $page != 1) {
                 $total = (int) $array['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $array['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aLanguages', $array);
             $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'enable_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Enable (Website)'))), 'label' => __('Enable (Website)')), array('value' => 'disable_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Disable (Website)'))), 'label' => __('Disable (Website)')), array('value' => 'enable_bo_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Enable (oc-admin)'))), 'label' => __('Enable (oc-admin)')), array('value' => 'disable_bo_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Disable (oc-admin)'))), 'label' => __('Disable (oc-admin)')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Delete'))), 'label' => __('Delete')));
             $bulk_options = osc_apply_filter("language_bulk_filter", $bulk_options);
             $this->_exportVariableToView('bulk_options', $bulk_options);
             $this->doView('languages/index.php');
             break;
     }
 }
Beispiel #15
0
/**
 * Check is an email and IP are banned
 *
 * @param string $email
 * @param string $ip
 * @since 3.1
 * @return int 0: not banned, 1: email is banned, 2: IP is banned
 */
function osc_is_banned($email = '', $ip = null)
{
    if ($ip == null) {
        $ip = Params::getServerParam('REMOTE_ADDR');
    }
    $rules = BanRule::newInstance()->listAll();
    if (!osc_is_ip_banned($ip, $rules)) {
        if ($email != '') {
            return osc_is_email_banned($email, $rules) ? 1 : 0;
            // 1:Email is banned, 0:not banned
        }
        return 0;
    }
    return 2;
    //IP is banned
}
Beispiel #16
0
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'create':
             // calling create view
             $aRegions = array();
             $aCities = array();
             $aCountries = Country::newInstance()->listAll();
             if (isset($aCountries[0]['pk_c_code'])) {
                 $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
             }
             if (isset($aRegions[0]['pk_i_id'])) {
                 $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
             }
             $this->_exportVariableToView('user', null);
             $this->_exportVariableToView('countries', $aCountries);
             $this->_exportVariableToView('regions', $aRegions);
             $this->_exportVariableToView('cities', $aCities);
             $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/frm.php");
             break;
         case 'create_post':
             // creating the user...
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(true);
             $success = $userActions->add();
             switch ($success) {
                 case 1:
                     osc_add_flash_ok_message(_m("The user has been created. We've sent an activation e-mail"), 'admin');
                     break;
                 case 2:
                     osc_add_flash_ok_message(_m('The user has been created successfully'), 'admin');
                     break;
                 default:
                     osc_add_flash_error_message($success, 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'edit':
             // calling the edit view
             $aUser = $this->userManager->findByPrimaryKey(Params::getParam("id"));
             $aCountries = Country::newInstance()->listAll();
             $aRegions = array();
             if ($aUser['fk_c_country_code'] != '') {
                 $aRegions = Region::newInstance()->findByCountry($aUser['fk_c_country_code']);
             } else {
                 if (count($aCountries) > 0) {
                     $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
                 }
             }
             $aCities = array();
             if ($aUser['fk_i_region_id'] != '') {
                 $aCities = City::newInstance()->findByRegion($aUser['fk_i_region_id']);
             } else {
                 if (count($aRegions) > 0) {
                     $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
                 }
             }
             $csrf_token = osc_csrf_token_url();
             if ($aUser['b_active']) {
                 $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=users&action=deactivate&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=INACTIVE">' . __('Deactivate') . '</a>';
             } else {
                 $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=users&action=activate&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=ACTIVE">' . __('Activate') . '</a>';
             }
             if ($aUser['b_enabled']) {
                 $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=users&action=disable&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=DISABLE">' . __('Block') . '</a>';
             } else {
                 $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=users&action=enable&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=ENABLE">' . __('Unblock') . '</a>';
             }
             $this->_exportVariableToView("actions", $actions);
             $this->_exportVariableToView("user", $aUser);
             $this->_exportVariableToView("countries", $aCountries);
             $this->_exportVariableToView("regions", $aRegions);
             $this->_exportVariableToView("cities", $aCities);
             $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/frm.php");
             break;
         case 'edit_post':
             // edit post
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(true);
             $success = $userActions->edit(Params::getParam("id"));
             if ($success == 1) {
                 osc_add_flash_ok_message(_m('The user has been updated'), 'admin');
             } else {
                 if ($success == 2) {
                     osc_add_flash_ok_message(_m('The user has been updated and activated'), 'admin');
                 } else {
                     osc_add_flash_error_message($success);
                     $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('id'));
                 }
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'resend_activation':
             //activate
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->resend_activation($id);
             }
             if ($iUpdated == 0) {
                 osc_add_flash_error_message(_m('No users have been selected'), 'admin');
             } else {
                 osc_add_flash_ok_message(sprintf(_mn('Activation email sent to one user', 'Activation email sent to %s users', $iUpdated), $iUpdated), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'activate':
             //activate
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->activate($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been activated');
             } else {
                 $msg = sprintf(_mn('One user has been activated', '%s users have been activated', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
             break;
         case 'deactivate':
             //deactivate
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->deactivate($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been deactivated');
             } else {
                 $msg = sprintf(_mn('One user has been deactivated', '%s users have been deactivated', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
             break;
         case 'enable':
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->enable($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been enabled');
             } else {
                 $msg = sprintf(_mn('One user has been unblocked', '%s users have been unblocked', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
             break;
         case 'disable':
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->disable($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been disabled');
             } else {
                 $msg = sprintf(_mn('One user has been blocked', '%s users have been blocked', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
             break;
         case 'delete':
             //delete
             osc_csrf_check();
             $iDeleted = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             foreach ($userId as $id) {
                 $user = $this->userManager->findByPrimaryKey($id);
                 Log::newInstance()->insertLog('user', 'delete', $id, $user['s_email'], 'admin', osc_logged_admin_id());
                 if ($this->userManager->deleteUser($id)) {
                     $iDeleted++;
                 }
             }
             if ($iDeleted == 0) {
                 $msg = _m('No users have been deleted');
             } else {
                 $msg = sprintf(_mn('One user has been deleted', '%s users have been deleted', $iDeleted), $iDeleted);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'delete_alerts':
             //delete
             $iDeleted = 0;
             $alertId = Params::getParam('alert_id');
             if (!is_array($alertId)) {
                 osc_add_flash_error_message(_m("Alert id isn't in the correct format"), 'admin');
                 if (Params::getParam('user_id') == '') {
                     $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
                 } else {
                     $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
                 }
             }
             $mAlerts = new Alerts();
             foreach ($alertId as $id) {
                 Log::newInstance()->insertLog('user', 'delete_alerts', $id, $id, 'admin', osc_logged_admin_id());
                 $iDeleted += $mAlerts->delete(array('pk_i_id' => $id));
             }
             if ($iDeleted == 0) {
                 $msg = _m('No alerts have been deleted');
             } else {
                 $msg = sprintf(_mn('One alert has been deleted', '%s alerts have been deleted', $iDeleted), $iDeleted);
             }
             osc_add_flash_ok_message($msg, 'admin');
             if (Params::getParam('user_id') == '') {
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
             } else {
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
             }
             break;
         case 'status_alerts':
             //delete
             $status = Params::getParam("status");
             $iUpdated = 0;
             $alertId = Params::getParam('alert_id');
             if (!is_array($alertId)) {
                 osc_add_flash_error_message(_m("Alert id isn't in the correct format"), 'admin');
                 if (Params::getParam('user_id') == '') {
                     $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
                 } else {
                     $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
                 }
             }
             $mAlerts = new Alerts();
             foreach ($alertId as $id) {
                 if ($status == 1) {
                     $iUpdated += $mAlerts->activate($id);
                 } else {
                     $iUpdated += $mAlerts->deactivate($id);
                 }
             }
             if ($status == 1) {
                 if ($iUpdated == 0) {
                     $msg = _m('No alerts have been activated');
                 } else {
                     $msg = sprintf(_mn('One alert has been activated', '%s alerts have been activated', $iUpdated), $iUpdated);
                 }
             } else {
                 if ($iUpdated == 0) {
                     $msg = _m('No alerts have been deactivated');
                 } else {
                     $msg = sprintf(_mn('One alert has been deactivated', '%s alerts have been deactivated', $iUpdated), $iUpdated);
                 }
             }
             osc_add_flash_ok_message($msg, 'admin');
             if (Params::getParam('user_id') == '') {
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
             } else {
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
             }
             break;
         case 'settings':
             // calling the users settings view
             $this->doView('users/settings.php');
             break;
         case 'settings_post':
             // updating users
             osc_csrf_check();
             $iUpdated = 0;
             $enabledUserValidation = Params::getParam('enabled_user_validation');
             $enabledUserValidation = $enabledUserValidation != '' ? true : false;
             $enabledUserRegistration = Params::getParam('enabled_user_registration');
             $enabledUserRegistration = $enabledUserRegistration != '' ? true : false;
             $enabledUsers = Params::getParam('enabled_users');
             $enabledUsers = $enabledUsers != '' ? true : false;
             $notifyNewUser = Params::getParam('notify_new_user');
             $notifyNewUser = $notifyNewUser != '' ? true : false;
             $usernameBlacklistTmp = explode(",", Params::getParam('username_blacklist'));
             foreach ($usernameBlacklistTmp as $k => $v) {
                 $usernameBlacklistTmp[$k] = strtolower(trim($v));
             }
             $usernameBlacklist = implode(",", $usernameBlacklistTmp);
             $iUpdated += osc_set_preference('enabled_user_validation', $enabledUserValidation);
             $iUpdated += osc_set_preference('enabled_user_registration', $enabledUserRegistration);
             $iUpdated += osc_set_preference('enabled_users', $enabledUsers);
             $iUpdated += osc_set_preference('notify_new_user', $notifyNewUser);
             $iUpdated += osc_set_preference('username_blacklist', $usernameBlacklist);
             if ($iUpdated > 0) {
                 osc_add_flash_ok_message(_m("User settings have been updated"), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=settings');
             break;
         case 'alerts':
             // manage alerts view
             require_once osc_lib_path() . "osclass/classes/datatables/AlertsDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
                     Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
                 } else {
                     Params::setParam('iDisplayLength', 10);
                 }
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $alertsDataTable = new AlertsDataTable();
             $alertsDataTable->table($params);
             $aData = $alertsDataTable->getData();
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('aRawRows', $alertsDataTable->rawRows());
             $this->doView("users/alerts.php");
             break;
         case 'ban':
             // manage ban rules view
             if (Params::getParam("action") != "") {
                 osc_run_hook("ban_rules_bulk_" . Params::getParam("action"), Params::getParam('id'));
             }
             require_once osc_lib_path() . "osclass/classes/datatables/BanRulesDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
                     Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
                 } else {
                     Params::setParam('iDisplayLength', 10);
                 }
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $banRulesDataTable = new BanRulesDataTable();
             $banRulesDataTable->table($params);
             $aData = $banRulesDataTable->getData();
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('aRawRows', $banRulesDataTable->rawRows());
             $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_ban_rule', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected ban rules?'), strtolower(__('Delete'))), 'label' => __('Delete')));
             $bulk_options = osc_apply_filter("ban_rule_bulk_filter", $bulk_options);
             $this->_exportVariableToView('bulk_options', $bulk_options);
             //calling the view...
             $this->doView('users/ban.php');
             break;
         case 'edit_ban_rule':
             $this->_exportVariableToView('rule', BanRule::newInstance()->findByPrimaryKey(Params::getParam('id')));
             $this->doView('users/ban_frm.php');
             break;
         case 'edit_ban_rule_post':
             osc_csrf_check();
             if (Params::getParam('s_ip') == '' && Params::getParam('s_email') == '') {
                 osc_add_flash_warning_message(_m("Both rules can not be empty"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             }
             BanRule::newInstance()->update(array('s_name' => Params::getParam('s_name'), 's_ip' => Params::getParam('s_ip'), 's_email' => strtolower(Params::getParam('s_email'))), array('pk_i_id' => Params::getParam('id')));
             osc_add_flash_ok_message(_m('Rule updated correctly'), 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             break;
         case 'create_ban_rule':
             $this->_exportVariableToView('rule', null);
             $this->doView('users/ban_frm.php');
             break;
         case 'create_ban_rule_post':
             osc_csrf_check();
             if (Params::getParam('s_ip') == '' && Params::getParam('s_email') == '') {
                 osc_add_flash_warning_message(_m("Both rules can not be empty"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             }
             BanRule::newInstance()->insert(array('s_name' => Params::getParam('s_name'), 's_ip' => Params::getParam('s_ip'), 's_email' => strtolower(Params::getParam('s_email'))));
             osc_add_flash_ok_message(_m('Rule saved correctly'), 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             break;
         case 'delete_ban_rule':
             //delete ban rules
             osc_csrf_check();
             $iDeleted = 0;
             $ruleId = Params::getParam('id');
             if (!is_array($ruleId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             }
             $ruleMgr = BanRule::newInstance();
             foreach ($ruleId as $id) {
                 if ($ruleMgr->deleteByPrimaryKey($id)) {
                     $iDeleted++;
                 }
             }
             if ($iDeleted == 0) {
                 $msg = _m('No rules have been deleted');
             } else {
                 $msg = sprintf(_mn('One ban rule has been deleted', '%s ban rules have been deleted', $iDeleted), $iDeleted);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             break;
         default:
             // manage users view
             if (Params::getParam("action") != "") {
                 osc_run_hook("user_bulk_" . Params::getParam("action"), Params::getParam('id'));
             }
             require_once osc_lib_path() . "osclass/classes/datatables/UsersDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
                     Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
                 } else {
                     Params::setParam('iDisplayLength', 10);
                 }
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $usersDataTable = new UsersDataTable();
             $usersDataTable->table($params);
             $aData = $usersDataTable->getData();
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('withFilters', $usersDataTable->withFilters());
             $this->_exportVariableToView('aRawRows', $usersDataTable->rawRows());
             $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'activate', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'enable', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Unblock'))), 'label' => __('Unblock')), array('value' => 'disable', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Delete'))), 'label' => __('Delete')));
             if (osc_user_validation_enabled()) {
                 $bulk_options[] = array('value' => 'resend_activation', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Resend the activation to'))), 'label' => __('Resend activation'));
             }
             $bulk_options = osc_apply_filter("user_bulk_filter", $bulk_options);
             $this->_exportVariableToView('bulk_options', $bulk_options);
             //calling the view...
             $this->doView('users/index.php');
             break;
     }
 }
Beispiel #17
0
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'edit':
             if (Params::getParam("id") == '') {
                 $this->redirectTo(osc_admin_base_url(true) . "?page=pages");
             }
             $form = count(Session::newInstance()->_getForm());
             $keepForm = count(Session::newInstance()->_getKeepForm());
             if ($form == 0 || $form == $keepForm) {
                 Session::newInstance()->_dropKeepForm();
             }
             $templates = osc_apply_filter('page_templates', WebThemes::newInstance()->getAvailableTemplates());
             $this->_exportVariableToView('templates', $templates);
             $this->_exportVariableToView("page", $this->pageManager->findByPrimaryKey(Params::getParam("id")));
             $this->doView("pages/frm.php");
             break;
         case 'edit_post':
             osc_csrf_check();
             $id = Params::getParam("id");
             $b_link = Params::getParam("b_link") != '' ? 1 : 0;
             $s_internal_name = Params::getParam("s_internal_name");
             $s_internal_name = osc_sanitizeString($s_internal_name);
             $meta = Params::getParam('meta');
             $this->pageManager->updateMeta($id, json_encode($meta));
             $aFieldsDescription = array();
             $postParams = Params::getParamsAsArray('', false);
             $not_empty = false;
             foreach ($postParams as $k => $v) {
                 if (preg_match('|(.+?)#(.+)|', $k, $m)) {
                     if ($m[2] == 's_title' && $v != '') {
                         $not_empty = true;
                     }
                     $aFieldsDescription[$m[1]][$m[2]] = $v;
                 }
             }
             Session::newInstance()->_setForm('aFieldsDescription', $aFieldsDescription);
             if ($s_internal_name == '') {
                 osc_add_flash_error_message(_m('You have to set an internal name'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=edit&id=" . $id);
             }
             if (!WebThemes::newInstance()->isValidPage($s_internal_name)) {
                 osc_add_flash_error_message(_m('You have to set a different internal name'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=edit&id=" . $id);
             }
             Session::newInstance()->_setForm('s_internal_name', $s_internal_name);
             if ($not_empty) {
                 foreach ($aFieldsDescription as $k => $_data) {
                     $this->pageManager->updateDescription($id, $k, $_data['s_title'], $_data['s_text']);
                 }
                 if (!$this->pageManager->internalNameExists($id, $s_internal_name)) {
                     if (!$this->pageManager->isIndelible($id)) {
                         $this->pageManager->updateInternalName($id, $s_internal_name);
                         $this->pageManager->updateLink($id, $b_link);
                     }
                     osc_run_hook('edit_page', $id);
                     Session::newInstance()->_clearVariables();
                     osc_add_flash_ok_message(_m('The page has been updated'), 'admin');
                     $this->redirectTo(osc_admin_base_url(true) . "?page=pages");
                 }
                 osc_add_flash_error_message(_m("You can't repeat internal name"), 'admin');
             } else {
                 osc_add_flash_error_message(_m("The page couldn't be updated, at least one title should not be empty"), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=edit&id=" . $id);
             break;
         case 'add':
             $form = count(Session::newInstance()->_getForm());
             $keepForm = count(Session::newInstance()->_getKeepForm());
             if ($form == 0 || $form == $keepForm) {
                 Session::newInstance()->_dropKeepForm();
             }
             $templates = osc_apply_filter('page_templates', WebThemes::newInstance()->getAvailableTemplates());
             $this->_exportVariableToView('templates', $templates);
             $this->_exportVariableToView("page", array());
             $this->doView("pages/frm.php");
             break;
         case 'add_post':
             osc_csrf_check();
             $s_internal_name = Params::getParam("s_internal_name");
             $b_link = Params::getParam("b_link") != '' ? 1 : 0;
             $s_internal_name = osc_sanitizeString($s_internal_name);
             $meta = Params::getParam('meta');
             $aFieldsDescription = array();
             $postParams = Params::getParamsAsArray('', false);
             $not_empty = false;
             foreach ($postParams as $k => $v) {
                 if (preg_match('|(.+?)#(.+)|', $k, $m)) {
                     if ($m[2] == 's_title' && $v != '') {
                         $not_empty = true;
                     }
                     $aFieldsDescription[$m[1]][$m[2]] = $v;
                 }
             }
             Session::newInstance()->_setForm('aFieldsDescription', $aFieldsDescription);
             if ($s_internal_name == '') {
                 osc_add_flash_error_message(_m('You have to set an internal name'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=add");
             }
             if (!WebThemes::newInstance()->isValidPage($s_internal_name)) {
                 osc_add_flash_error_message(_m('You have to set a different internal name'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=add");
             }
             $aFields = array('s_internal_name' => $s_internal_name, 'b_indelible' => '0', 's_meta' => json_encode($meta), 'b_link' => $b_link);
             Session::newInstance()->_setForm('s_internal_name', $s_internal_name);
             $page = $this->pageManager->findByInternalName($s_internal_name);
             if (!isset($page['pk_i_id'])) {
                 if ($not_empty) {
                     $result = $this->pageManager->insert($aFields, $aFieldsDescription);
                     Session::newInstance()->_clearVariables();
                     osc_add_flash_ok_message(_m('The page has been added'), 'admin');
                     $this->redirectTo(osc_admin_base_url(true) . "?page=pages");
                 } else {
                     osc_add_flash_error_message(_m("The page couldn't be added, at least one title should not be empty"), 'admin');
                 }
             } else {
                 osc_add_flash_error_message(_m("Oops! That internal name is already in use. We can't make the changes"), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=add");
             break;
         case 'delete':
             osc_csrf_check();
             $id = Params::getParam("id");
             $page_deleted_correcty = 0;
             $page_deleted_error = 0;
             $page_indelible = 0;
             if (!is_array($id)) {
                 $id = array($id);
             }
             foreach ($id as $_id) {
                 $result = (int) $this->pageManager->deleteByPrimaryKey($_id);
                 switch ($result) {
                     case -1:
                         $page_indelible++;
                         break;
                     case 0:
                         $page_deleted_error++;
                         break;
                     case 1:
                         $page_deleted_correcty++;
                 }
             }
             if ($page_indelible > 0) {
                 if ($page_indelible == 1) {
                     osc_add_flash_error_message(_m("One page can't be deleted because it is indelible"), 'admin');
                 } else {
                     osc_add_flash_error_message(sprintf(_m("%s pages couldn't be deleted because they are indelible"), $page_indelible), 'admin');
                 }
             }
             if ($page_deleted_error > 0) {
                 if ($page_deleted_error == 1) {
                     osc_add_flash_error_message(_m("One page couldn't be deleted"), 'admin');
                 } else {
                     osc_add_flash_error_message(sprintf(_m("%s pages couldn't be deleted"), $page_deleted_error), 'admin');
                 }
             }
             if ($page_deleted_correcty > 0) {
                 if ($page_deleted_correcty == 1) {
                     osc_add_flash_ok_message(_m('One page has been deleted correctly'), 'admin');
                 } else {
                     osc_add_flash_ok_message(sprintf(_m('%s pages have been deleted correctly'), $page_deleted_correcty), 'admin');
                 }
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=pages");
             break;
         default:
             if (Params::getParam("action") != "") {
                 osc_run_hook("page_bulk_" . Params::getParam("action"), Params::getParam('id'));
             }
             require_once osc_lib_path() . "osclass/classes/datatables/PagesDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 $listing_iDisplayLength = (int) Cookie::newInstance()->get_value('listing_iDisplayLength');
                 if ($listing_iDisplayLength == 0) {
                     $listing_iDisplayLength = 10;
                 }
                 Params::setParam('iDisplayLength', $listing_iDisplayLength);
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $pagesDataTable = new PagesDataTable();
             $pagesDataTable->table($params);
             $aData = $pagesDataTable->getData();
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('aRawRows', $pagesDataTable->rawRows());
             $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected pages?'), strtolower(__('Delete'))), 'label' => __('Delete')));
             $bulk_options = osc_apply_filter("page_bulk_filter", $bulk_options);
             $this->_exportVariableToView('bulk_options', $bulk_options);
             $this->doView("pages/index.php");
             break;
     }
 }
Beispiel #18
0
 public function getSize()
 {
     if (Params::existServerParam("CONTENT_LENGTH")) {
         return (int) Params::getServerParam("CONTENT_LENGTH");
     } else {
         throw new Exception(__('Getting content length is not supported.'));
     }
 }
Beispiel #19
0
 *
 *       This program is free software: you can redistribute it and/or
 *     modify it under the terms of the GNU Affero General Public License
 *     as published by the Free Software Foundation, either version 3 of
 *            the License, or (at your option) any later version.
 *
 *     This program is distributed in the hope that it will be useful, but
 *         WITHOUT ANY WARRANTY; without even the implied warranty of
 *        MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *             GNU Affero General Public License for more details.
 *
 *      You should have received a copy of the GNU Affero General Public
 * License along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
// meta tag robots
if (osc_count_items() == 0 || stripos(Params::getServerParam('REQUEST_URI', false, false), 'search')) {
    osc_add_hook('header', 'bender_nofollow_construct');
} else {
    osc_add_hook('header', 'bender_follow_construct');
}
bender_add_body_class('search');
$listClass = '';
$buttonClass = '';
if (osc_search_show_as() == 'gallery') {
    $listClass = 'listing-grid';
    $buttonClass = 'active';
}
osc_add_hook('before-main', 'sidebar');
function sidebar()
{
    osc_current_web_theme_path('search-sidebar.php');
Beispiel #20
0
/**
 *
 */
function osc_get_http_referer()
{
    $ref = Rewrite::newInstance()->get_http_referer();
    if ($ref != '') {
        return $ref;
    } else {
        if (Session::newInstance()->_getReferer() != '') {
            return Session::newInstance()->_getReferer();
        } else {
            if (Params::existServerParam('HTTP_REFERER')) {
                if (filter_var(Params::getServerParam('HTTP_REFERER', false, false), FILTER_VALIDATE_URL)) {
                    return Params::getServerParam('HTTP_REFERER', false, false);
                }
            }
        }
    }
    return '';
}
Beispiel #21
0
function display_target()
{
    $country_list = osc_file_get_contents('http://geo.osclass.org/newgeo.services.php?action=countries');
    $country_list = json_decode(substr($country_list, 1, strlen($country_list) - 2), true);
    $region_list = array();
    $country_ip = '';
    if (preg_match('|([a-z]{2})-([A-Z]{2})|', Params::getServerParam('HTTP_ACCEPT_LANGUAGE'), $match)) {
        $country_ip = $match[2];
        $region_list = osc_file_get_contents('http://geo.osclass.org/newgeo.services.php?action=regions&country=' . $match[2]);
        $region_list = json_decode(substr($region_list, 1, strlen($region_list) - 2), true);
    }
    if (!isset($country_list[0]) || !isset($country_list[0]['s_name'])) {
        $internet_error = true;
    }
    ?>
    <form id="target_form" name="target_form" action="#" method="post" onsubmit="return false;">
        <h2 class="target"><?php 
    _e('Information needed');
    ?>
</h2>
        <div class="form-table">
            <h2 class="title"><?php 
    _e('Admin user');
    ?>
</h2>
            <table class="admin-user">
                <tbody>
                <tr>
                    <th><label for="admin_user"><?php 
    _e('Username');
    ?>
</label></th>
                    <td>
                        <input size="25" id="admin_user" name="s_name" type="text" value="admin" />
                    </td>
                    <td>
                        <span id="admin-user-error" class="error" aria-hidden="true" style="display:none;"><?php 
    _e('Admin user is required');
    ?>
</span>
                    </td>
                </tr>
                <tr>
                    <th><label for="s_passwd"><?php 
    _e('Password');
    ?>
</label></th>
                    <td>
                        <input size="25" class="password_test" name="s_passwd" id="s_passwd" type="password" value="" autocomplete="off" />
                    </td>
                    <td></td>
                </tr>
                </tbody>
            </table>
            <div class="admin-user">
                <?php 
    _e('A password will be automatically generated for you if you leave this blank.');
    ?>
                <img src="<?php 
    echo get_absolute_url();
    ?>
oc-includes/images/question.png" class="question-skip vtip" title="<?php 
    echo osc_esc_html(__('You can modify username and password if you like, just change the input value.'));
    ?>
" alt="" />
            </div>
            <h2 class="title"><?php 
    _e('Contact information');
    ?>
</h2>
            <table class="contact-info">
                <tbody>
                <tr>
                    <th><label for="webtitle"><?php 
    _e('Web title');
    ?>
</label></th>
                    <td><input type="text" id="webtitle" name="webtitle" size="25" /></td>
                    <td></td>
                </tr>
                <tr>
                    <th><label for="email"><?php 
    _e('Contact e-mail');
    ?>
</label></th>
                    <td><input type="text" id="email" name="email" size="25" /></td>
                    <td><span id="email-error" class="error" style="display:none;"><?php 
    _e('Put your e-mail here');
    ?>
</span></td>
                </tr>
                </tbody>
            </table>
            <h2 class="title"><?php 
    _e('Location');
    ?>
</h2>
            <p class="space-left-25 left no-bottom"><?php 
    _e('Choose countries/cities where your target users are located');
    ?>
</p>
            <div id="location-question" class="left question">
                <img class="vtip" src="<?php 
    echo get_absolute_url();
    ?>
oc-includes/images/question.png" title="<?php 
    echo osc_esc_html(__("Once you type a country, you'll be able to choose region and city as well. Therefore, the installation will be more specific."));
    ?>
" alt="" />
            </div>
            <div class="clear"></div>
            <div id="location">
                <?php 
    if (!$internet_error) {
        ?>
                    <input type="hidden" id="skip-location-input" name="skip-location-input" value="0" />
                    <input type="hidden" id="country-input" name="country-input" value="" />
                    <input type="hidden" id="region-input" name="region-input" value="" />
                    <input type="hidden" id="city-input" name="city-input" value="" />
                    <div id="country-box">

                        <select name="country_select" id="country_select" >
                            <option value="skip"><?php 
        _e("Skip location");
        ?>
</option>
                            <!-- <option value="all"><?php 
        _e("International");
        ?>
</option> -->
                            <?php 
        foreach ($country_list as $c) {
            ?>
                                <option value="<?php 
            echo $c['code'];
            ?>
" <?php 
            if ($c['code'] == $country_ip) {
                echo 'selected="selected"';
            }
            ?>
><?php 
            echo $c['s_name'];
            ?>
</option>
                            <?php 
        }
        ?>
                        </select>

                        <select name="region_select" id="region_select" style="display: none;">
                            <option value="all"><?php 
        _e("All regions");
        ?>
</option>
                        </select>

                        <select name="city_select" id="city_select" style="display: none;">
                            <option value="all"><?php 
        _e("All cities");
        ?>
</option>
                        </select>

                        <div id="no_region_text" aria-hidden="true" style="display: none;"><?php 
        _e("There are no regions available for this country");
        ?>
</div>

                        <div id="no_city_text" aria-hidden="true" style="display: none;"><?php 
        _e("There are no cities available for this region");
        ?>
</div>


                    </div>
                <?php 
    } else {
        ?>
                    <div id="location-error">
                        <?php 
        _e('No internet connection. You can continue the installation and insert countries later.');
        ?>
                        <input type="hidden" id="skip-location-input" name="skip-location-input" value="1" />
                    </div>
                <?php 
    }
    ?>
            </div>
        </div>
        <div class="clear"></div>
        <p class="margin20">
            <a href="#" class="button" onclick="validate_form();">Next</a>
        </p>
        <div class="clear"></div>
    </form>
    <div id="lightbox" style="display:none;">
        <div class="center">
            <img src="<?php 
    echo get_absolute_url();
    ?>
oc-includes/images/loading.gif" alt="<?php 
    echo osc_esc_html(__("Loading..."));
    ?>
" title="" />
        </div>
    </div>
<?php 
}
Beispiel #22
0
 function doModel()
 {
     //calling the view...
     $locales = OSCLocale::newInstance()->listAllEnabled();
     $this->_exportVariableToView('locales', $locales);
     switch ($this->action) {
         case 'item_add':
             // post
             if (osc_reg_user_post() && $this->user == null) {
                 osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
                 Session::newInstance()->_setReferer(osc_item_post_url());
                 $this->redirectTo(osc_user_login_url());
             }
             $countries = Country::newInstance()->listAll();
             $regions = array();
             if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
                 $regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']);
             } else {
                 if (count($countries) > 0) {
                     $regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
                 }
             }
             $cities = array();
             if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
                 $cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']);
             } else {
                 if (count($regions) > 0) {
                     $cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
                 }
             }
             $this->_exportVariableToView('countries', $countries);
             $this->_exportVariableToView('regions', $regions);
             $this->_exportVariableToView('cities', $cities);
             $form = count(Session::newInstance()->_getForm());
             $keepForm = count(Session::newInstance()->_getKeepForm());
             if ($form == 0 || $form == $keepForm) {
                 Session::newInstance()->_dropKeepForm();
             }
             if (Session::newInstance()->_getForm('countryId') != "") {
                 $countryId = Session::newInstance()->_getForm('countryId');
                 $regions = Region::newInstance()->findByCountry($countryId);
                 $this->_exportVariableToView('regions', $regions);
                 if (Session::newInstance()->_getForm('regionId') != "") {
                     $regionId = Session::newInstance()->_getForm('regionId');
                     $cities = City::newInstance()->findByRegion($regionId);
                     $this->_exportVariableToView('cities', $cities);
                 }
             }
             $this->_exportVariableToView('user', $this->user);
             osc_run_hook('post_item');
             $this->doView('item-post.php');
             break;
         case 'item_add_post':
             //post_item
             osc_csrf_check();
             if (osc_reg_user_post() && $this->user == null) {
                 osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
                 $this->redirectTo(osc_base_url(true));
             }
             $mItems = new ItemActions(false);
             // prepare data for ADD ITEM
             $mItems->prepareData(true);
             // set all parameters into session
             foreach ($mItems->data as $key => $value) {
                 Session::newInstance()->_setForm($key, $value);
             }
             $meta = Params::getParam('meta');
             if (is_array($meta)) {
                 foreach ($meta as $key => $value) {
                     Session::newInstance()->_setForm('meta_' . $key, $value);
                     Session::newInstance()->_keepForm('meta_' . $key);
                 }
             }
             if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     $this->redirectTo(osc_item_post_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             if (!osc_is_web_user_logged_in()) {
                 $user = User::newInstance()->findByEmail($mItems->data['contactEmail']);
                 // The user exists but it's not logged
                 if (isset($user['pk_i_id'])) {
                     foreach ($mItems->data as $key => $value) {
                         Session::newInstance()->_keepForm($key);
                     }
                     osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in'));
                     $this->redirectTo(osc_user_login_url());
                 }
             }
             $banned = osc_is_banned($mItems->data['contactEmail']);
             if ($banned == 1) {
                 osc_add_flash_error_message(_m('Your current email is not allowed'));
                 $this->redirectTo(osc_item_post_url());
             } else {
                 if ($banned == 2) {
                     osc_add_flash_error_message(_m('Your current IP is not allowed'));
                     $this->redirectTo(osc_item_post_url());
                 }
             }
             // POST ITEM ( ADD ITEM )
             $success = $mItems->add();
             if ($success != 1 && $success != 2) {
                 osc_add_flash_error_message($success);
                 $this->redirectTo(osc_item_post_url());
             } else {
                 if (is_array($meta)) {
                     foreach ($meta as $key => $value) {
                         Session::newInstance()->_dropKeepForm('meta_' . $key);
                     }
                 }
                 Session::newInstance()->_clearVariables();
                 if ($success == 1) {
                     osc_add_flash_ok_message(_m('Check your inbox to validate your listing'));
                 } else {
                     osc_add_flash_ok_message(_m('Your listing has been published'));
                 }
                 $itemId = Params::getParam('itemId');
                 $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
                 View::newInstance()->_exportVariableToView('category', $category);
                 $this->redirectTo(osc_search_category_url());
             }
             break;
         case 'item_edit':
             // edit item
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
             if (count($item) == 1) {
                 $item = Item::newInstance()->findByPrimaryKey($id);
                 $form = count(Session::newInstance()->_getForm());
                 $keepForm = count(Session::newInstance()->_getKeepForm());
                 if ($form == 0 || $form == $keepForm) {
                     Session::newInstance()->_dropKeepForm();
                 }
                 $this->_exportVariableToView('item', $item);
                 osc_run_hook("before_item_edit", $item);
                 $this->doView('item-edit.php');
             } else {
                 // add a flash message [ITEM NO EXISTE]
                 osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID"));
                 if ($this->user != null) {
                     $this->redirectTo(osc_user_list_items_url());
                 } else {
                     $this->redirectTo(osc_base_url());
                 }
             }
             break;
         case 'item_edit_post':
             osc_csrf_check();
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
             if (count($item) == 1) {
                 $this->_exportVariableToView('item', $item[0]);
                 $mItems = new ItemActions(false);
                 // prepare data for ADD ITEM
                 $mItems->prepareData(false);
                 // set all parameters into session
                 foreach ($mItems->data as $key => $value) {
                     Session::newInstance()->_setForm($key, $value);
                 }
                 $meta = Params::getParam('meta');
                 if (is_array($meta)) {
                     foreach ($meta as $key => $value) {
                         Session::newInstance()->_setForm('meta_' . $key, $value);
                         Session::newInstance()->_keepForm('meta_' . $key);
                     }
                 }
                 if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') {
                     if (!osc_check_recaptcha()) {
                         osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                         $this->redirectTo(osc_item_edit_url($secret, $id));
                         return false;
                         // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                     }
                 }
                 $success = $mItems->edit();
                 if ($success == 1) {
                     osc_add_flash_ok_message(_m("Great! We've just updated your listing"));
                     View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id));
                     $this->redirectTo(osc_item_url());
                 } else {
                     osc_add_flash_error_message($success);
                     $this->redirectTo(osc_item_edit_url($secret, $id));
                 }
             }
             break;
         case 'activate':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
             // item doesn't exist
             if (count($item) == 0) {
                 $this->do404();
                 return;
             }
             View::newInstance()->_exportVariableToView('item', $item[0]);
             if ($item[0]['b_active'] == 0) {
                 // ACTIVETE ITEM
                 $mItems = new ItemActions(false);
                 $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
                 if ($success) {
                     osc_add_flash_ok_message(_m('The listing has been validated'));
                 } else {
                     osc_add_flash_error_message(_m("The listing can't be validated"));
                 }
             } else {
                 osc_add_flash_warning_message(_m('The listing has already been validated'));
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'item_delete':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
             if (count($item) == 1) {
                 $mItems = new ItemActions(false);
                 $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
                 if ($success) {
                     osc_add_flash_ok_message(_m('Your listing has been deleted'));
                 } else {
                     osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
                 }
                 if ($this->user != null) {
                     $this->redirectTo(osc_user_list_items_url());
                 } else {
                     $this->redirectTo(osc_base_url());
                 }
             } else {
                 osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'deleteResources':
             // Delete images via AJAX
             $id = Params::getParam('id');
             $item = Params::getParam('item');
             $code = Params::getParam('code');
             $secret = Params::getParam('secret');
             if (Session::newInstance()->_get('userId') != '') {
                 $userId = Session::newInstance()->_get('userId');
                 $user = User::newInstance()->findByPrimaryKey($userId);
             } else {
                 $userId = null;
                 $user = null;
             }
             if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
                 osc_add_flash_error_message(_m("The selected photo couldn't be deleted, the url doesn't exist"));
                 $this->redirectTo(osc_item_edit_url($secret, $item));
             }
             $aItem = Item::newInstance()->findByPrimaryKey($item);
             if (count($aItem) == 0) {
                 osc_add_flash_error_message(_m("The listing doesn't exist"));
                 $this->redirectTo(osc_item_edit_url($secret, $item));
             }
             if (!osc_is_admin_user_logged_in()) {
                 if ($userId != null && $userId != $aItem['fk_i_user_id']) {
                     osc_add_flash_error_message(_m("The listing doesn't belong to you"));
                     $this->redirectTo(osc_item_edit_url($secret, $item));
                 }
                 if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
                     osc_add_flash_error_message(_m("The listing doesn't belong to you"));
                     $this->redirectTo(osc_item_edit_url($secret, $item));
                 }
             }
             $result = ItemResource::newInstance()->existResource($id, $code);
             if ($result > 0) {
                 $resource = ItemResource::newInstance()->findByPrimaryKey($id);
                 if ($resource['fk_i_item_id'] == $item) {
                     osc_deleteResource($id, false);
                     Log::newInstance()->insertLog('item', 'deleteResource', $id, $id, 'user', osc_logged_user_id());
                     ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
                     osc_add_flash_ok_message(_m('The selected photo has been successfully deleted'));
                 } else {
                     osc_add_flash_error_message(_m("The selected photo does not belong to you"));
                 }
             } else {
                 osc_add_flash_error_message(_m("The selected photo couldn't be deleted"));
             }
             $this->redirectTo(osc_item_edit_url($secret, $item));
             break;
         case 'mark':
             $id = Params::getParam('id');
             $as = Params::getParam('as');
             $item = Item::newInstance()->findByPrimaryKey($id);
             View::newInstance()->_exportVariableToView('item', $item);
             require_once osc_lib_path() . 'osclass/user-agents.php';
             foreach ($user_agents as $ua) {
                 if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) {
                     // mark item if it's not a bot
                     $mItem = new ItemActions(false);
                     $mItem->mark($id, $as);
                     break;
                 }
             }
             osc_add_flash_ok_message(_m("Thanks! That's very helpful"));
             $this->redirectTo(osc_item_url());
             break;
         case 'send_friend':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             $this->doView('item-send-friend.php');
             break;
         case 'send_friend_post':
             osc_csrf_check();
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
             Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
             Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
             Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
             Session::newInstance()->_setForm("message_body", Params::getParam('message'));
             if (osc_recaptcha_private_key() != '') {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     $this->redirectTo(osc_item_send_friend_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             osc_run_hook('pre_item_send_friend_post', $item);
             $mItem = new ItemActions(false);
             $success = $mItem->send_friend();
             osc_run_hook('post_item_send_friend_post', $item);
             if ($success) {
                 Session::newInstance()->_clearVariables();
                 $this->redirectTo(osc_item_url());
             } else {
                 $this->redirectTo(osc_item_send_friend_url());
             }
             break;
         case 'contact':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             if (empty($item)) {
                 osc_add_flash_error_message(_m("This listing doesn't exist"));
                 $this->redirectTo(osc_base_url(true));
             } else {
                 $this->_exportVariableToView('item', $item);
                 if (osc_item_is_expired()) {
                     osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
                     $this->redirectTo(osc_item_url());
                 }
                 if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
                     $this->doView('item-contact.php');
                 } else {
                     osc_add_flash_error_message(_m("You can't contact the seller, only registered users can"));
                     $this->redirectTo(osc_item_url());
                 }
             }
             break;
         case 'contact_post':
             osc_csrf_check();
             if (osc_reg_user_can_contact() && !osc_is_web_user_logged_in()) {
                 osc_add_flash_warning_message(_m("You can't contact the seller, only registered users can"));
                 $this->redirectTo(osc_base_url(true));
             }
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             if (osc_recaptcha_private_key() != '') {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
                     Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
                     Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
                     Session::newInstance()->_setForm("message_body", Params::getParam('message'));
                     $this->redirectTo(osc_item_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             $banned = osc_is_banned(Params::getParam('yourEmail'));
             if ($banned == 1) {
                 osc_add_flash_error_message(_m('Your current email is not allowed'));
                 $this->redirectTo(osc_item_url());
             } else {
                 if ($banned == 2) {
                     osc_add_flash_error_message(_m('Your current IP is not allowed'));
                     $this->redirectTo(osc_item_url());
                 }
             }
             if (osc_isExpired($item['dt_expiration'])) {
                 osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
                 $this->redirectTo(osc_item_url());
             }
             osc_run_hook('pre_item_contact_post', $item);
             $mItem = new ItemActions(false);
             $result = $mItem->contact();
             osc_run_hook('post_item_contact_post', $item);
             if (is_string($result)) {
                 osc_add_flash_error_message($result);
             } else {
                 osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller"));
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'add_comment':
             osc_csrf_check();
             $mItem = new ItemActions(false);
             $status = $mItem->add_comment();
             switch ($status) {
                 case -1:
                     $msg = _m('Sorry, we could not save your comment. Try again later');
                     osc_add_flash_error_message($msg);
                     break;
                 case 1:
                     $msg = _m('Your comment is awaiting moderation');
                     osc_add_flash_info_message($msg);
                     break;
                 case 2:
                     $msg = _m('Your comment has been approved');
                     osc_add_flash_ok_message($msg);
                     break;
                 case 3:
                     $msg = _m('Please fill the required field (email)');
                     osc_add_flash_warning_message($msg);
                     break;
                 case 4:
                     $msg = _m('Please type a comment');
                     osc_add_flash_warning_message($msg);
                     break;
                 case 5:
                     $msg = _m('Your comment has been marked as spam');
                     osc_add_flash_error_message($msg);
                     break;
                 case 6:
                     $msg = _m('You need to be logged to comment');
                     osc_add_flash_error_message($msg);
                     break;
                 case 7:
                     $msg = _m('Sorry, comments are disabled');
                     osc_add_flash_error_message($msg);
                     break;
             }
             //View::newInstance()->_exportVariableToView('item', Item::newInstance()->findByPrimaryKey(Params::getParam('id')));
             $this->redirectTo(osc_item_url());
             break;
         case 'delete_comment':
             osc_csrf_check();
             $mItem = new ItemActions(false);
             $status = $mItem->add_comment();
             // @TOFIX @FIXME $status never used + ?? need to add_comment() before deleting it??
             $itemId = Params::getParam('id');
             $commentId = Params::getParam('comment');
             $item = Item::newInstance()->findByPrimaryKey($itemId);
             if (count($item) == 0) {
                 osc_add_flash_error_message(_m("This listing doesn't exist"));
                 $this->redirectTo(osc_base_url(true));
             }
             View::newInstance()->_exportVariableToView('item', $item);
             if ($this->userId == null) {
                 osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
                 $this->redirectTo(osc_item_url());
             }
             $commentManager = ItemComment::newInstance();
             $aComment = $commentManager->findByPrimaryKey($commentId);
             if (count($aComment) == 0) {
                 osc_add_flash_error_message(_m("The comment doesn't exist"));
                 $this->redirectTo(osc_item_url());
             }
             if ($aComment['b_active'] != 1) {
                 osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
                 $this->redirectTo(osc_item_url());
             }
             if ($aComment['fk_i_user_id'] != $this->userId) {
                 osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
                 $this->redirectTo(osc_item_url());
             }
             $commentManager->deleteByPrimaryKey($commentId);
             osc_add_flash_ok_message(_m('The comment has been deleted'));
             $this->redirectTo(osc_item_url());
             break;
         default:
             // if there isn't ID, show an error 404
             if (Params::getParam('id') == '') {
                 $this->do404();
                 return;
             }
             if (Params::getParam('lang') != '') {
                 Session::newInstance()->_set('userLocale', Params::getParam('lang'));
             }
             $item = osc_apply_filter('pre_show_item', $this->itemManager->findByPrimaryKey(Params::getParam('id')));
             // if item doesn't exist show an error 410
             if (count($item) == 0) {
                 $this->do410();
                 return;
             }
             if ($item['b_active'] != 1) {
                 if ($this->userId == $item['fk_i_user_id'] && $this->userId != '' || osc_is_admin_user_logged_in()) {
                     osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public"));
                 } else {
                     $this->do400();
                     return;
                 }
             } else {
                 if ($item['b_enabled'] == 0) {
                     if (osc_is_admin_user_logged_in()) {
                         osc_add_flash_warning_message(_m("The listing hasn't been enabled. Please enable it in order to make it public"));
                     } else {
                         if (osc_is_web_user_logged_in() && osc_logged_user_id() == $item['fk_i_user_id']) {
                             osc_add_flash_warning_message(_m("The listing has been blocked or is awaiting moderation from the admin"));
                         } else {
                             $this->do400();
                             return;
                         }
                     }
                 }
             }
             if (!osc_is_admin_user_logged_in() && !($item['fk_i_user_id'] != '' && $item['fk_i_user_id'] == osc_logged_user_id())) {
                 require_once osc_lib_path() . 'osclass/user-agents.php';
                 foreach ($user_agents as $ua) {
                     if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) {
                         $mStats = new ItemStats();
                         $mStats->increase('i_num_views', $item['pk_i_id']);
                         break;
                     }
                 }
             }
             foreach ($item['locale'] as $k => $v) {
                 $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
                 $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
             }
             if ($item['fk_i_user_id'] != '') {
                 $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
                 $this->_exportVariableToView('user', $user);
             }
             $this->_exportVariableToView('item', $item);
             osc_run_hook('show_item', $item);
             // redirect to the correct url just in case it has changed
             $itemURI = str_replace(osc_base_url(), '', osc_item_url());
             $URI = preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false));
             // do not clean QUERY_STRING if permalink is not enabled
             if (osc_rewrite_enabled()) {
                 $URI = str_replace('?' . Params::getServerParam('QUERY_STRING', false, false), '', $URI);
             } else {
                 $params_keep = array('page', 'id');
                 $params = array();
                 foreach (Params::getParamsAsArray('get') as $k => $v) {
                     if (in_array($k, $params_keep)) {
                         $params[] = "{$k}={$v}";
                     }
                 }
                 $URI = 'index.php?' . implode('&', $params);
             }
             // redirect to the correct url
             if ($itemURI != $URI) {
                 $this->redirectTo(osc_base_url() . $itemURI, 301);
             }
             $this->doView('item.php');
             break;
     }
 }
Beispiel #23
0
 function doModel()
 {
     parent::doModel();
     switch ($this->action) {
         case 'add':
             // callin add view
             $this->_exportVariableToView('admin', null);
             $this->doView('admins/frm.php');
             break;
         case 'add_post':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins');
             }
             osc_csrf_check();
             // adding a new admin
             $sPassword = Params::getParam('s_password', false, false);
             $sName = Params::getParam('s_name');
             $sEmail = Params::getParam('s_email');
             $sUserName = Params::getParam('s_username');
             $bModerator = Params::getParam('b_moderator') == 0 ? 0 : 1;
             // cleaning parameters
             $sPassword = strip_tags($sPassword);
             $sPassword = trim($sPassword);
             $sName = strip_tags($sName);
             $sName = trim($sName);
             $sEmail = strip_tags($sEmail);
             $sEmail = trim($sEmail);
             $sUserName = strip_tags($sUserName);
             $sUserName = trim($sUserName);
             // Checks for legit data
             if (!osc_validate_email($sEmail, true)) {
                 osc_add_flash_warning_message(_m("Email invalid"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
             }
             if (!osc_validate_username($sUserName)) {
                 osc_add_flash_warning_message(_m("Username invalid"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
             }
             if ($sName == '') {
                 osc_add_flash_warning_message(_m("Name invalid"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
             }
             if ($sPassword == '') {
                 osc_add_flash_warning_message(_m("Password invalid"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
             }
             $admin = $this->adminManager->findByEmail($sEmail);
             if ($admin) {
                 osc_add_flash_warning_message(_m("Email already in use"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
             }
             $admin = $this->adminManager->findByUsername($sUserName);
             if ($admin) {
                 osc_add_flash_warning_message(_m("Username already in use"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
             }
             $array = array('s_password' => osc_hash_password($sPassword), 's_name' => $sName, 's_email' => $sEmail, 's_username' => $sUserName, 'b_moderator' => $bModerator);
             $isInserted = $this->adminManager->insert($array);
             if ($isInserted) {
                 // send email
                 osc_run_hook('hook_email_new_admin', array('s_name' => $sName, 's_username' => $sUserName, 's_password' => $sPassword, 's_email' => $sEmail));
                 osc_add_flash_ok_message(_m('The admin has been added'), 'admin');
             } else {
                 osc_add_flash_error_message(_m('There has been an error adding a new admin'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=admins');
             break;
         case 'edit':
             // calling edit admin view
             $adminEdit = null;
             $adminId = Params::getParam('id');
             if ($adminId != '') {
                 $adminEdit = $this->adminManager->findByPrimaryKey((int) $adminId);
             } elseif (Session::newInstance()->_get('adminId') != '') {
                 $adminEdit = $this->adminManager->findByPrimaryKey(Session::newInstance()->_get('adminId'));
             }
             if (count($adminEdit) == 0) {
                 osc_add_flash_error_message(_m('There is no admin with this id'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins');
             }
             $this->_exportVariableToView("admin", $adminEdit);
             $this->doView('admins/frm.php');
             break;
         case 'edit_post':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins');
             }
             osc_csrf_check();
             // updating a new admin
             $iUpdated = 0;
             $adminId = Params::getParam('id');
             $sPassword = Params::getParam('s_password', false, false);
             $sPassword2 = Params::getParam('s_password2', false, false);
             $sOldPassword = Params::getParam('old_password', false, false);
             $sName = Params::getParam('s_name');
             $sEmail = Params::getParam('s_email');
             $sUserName = Params::getParam('s_username');
             $bModerator = Params::getParam('b_moderator') == 0 ? 0 : 1;
             // cleaning parameters
             $sPassword = strip_tags($sPassword);
             $sPassword = trim($sPassword);
             $sPassword2 = strip_tags($sPassword2);
             $sPassword2 = trim($sPassword2);
             $sName = strip_tags($sName);
             $sName = trim($sName);
             $sEmail = strip_tags($sEmail);
             $sEmail = trim($sEmail);
             $sUserName = strip_tags($sUserName);
             $sUserName = trim($sUserName);
             // Checks for legit data
             if (!osc_validate_email($sEmail, true)) {
                 osc_add_flash_warning_message(_m("Email invalid"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
             }
             if (!osc_validate_username($sUserName)) {
                 osc_add_flash_warning_message(_m("Username invalid"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
             }
             if ($sName == '') {
                 osc_add_flash_warning_message(_m("Name invalid"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
             }
             $aAdmin = $this->adminManager->findByPrimaryKey($adminId);
             if (count($aAdmin) == 0) {
                 osc_add_flash_error_message(_m("This admin doesn't exist"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins');
             }
             if ($aAdmin['s_email'] != $sEmail) {
                 if ($this->adminManager->findByEmail($sEmail)) {
                     osc_add_flash_warning_message(_m('Existing email'), 'admin');
                     $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
                 }
             }
             if ($aAdmin['s_username'] != $sUserName) {
                 if ($this->adminManager->findByUsername($sUserName)) {
                     osc_add_flash_warning_message(_m('Existing username'), 'admin');
                     $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
                 }
             }
             $conditions = array('pk_i_id' => $adminId);
             $array = array();
             if (osc_logged_admin_id() == $adminId) {
                 if ($sOldPassword != '') {
                     if ($sPassword == '') {
                         osc_add_flash_warning_message(_m("Password invalid"), 'admin');
                         $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
                     } else {
                         $firstCondition = osc_verify_password($sOldPassword, $aAdmin['s_password']);
                         $secondCondition = $sPassword == $sPassword2;
                         if ($firstCondition && $secondCondition) {
                             $array['s_password'] = osc_hash_password($sPassword);
                         } else {
                             osc_add_flash_warning_message(_m("The password couldn't be updated. Passwords don't match"), 'admin');
                             $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
                         }
                     }
                 }
             } else {
                 if ($sPassword != '') {
                     if ($sPassword == $sPassword2) {
                         $array['s_password'] = osc_hash_password($sPassword);
                     } else {
                         osc_add_flash_warning_message(_m("The password couldn't be updated. Passwords don't match"), 'admin');
                         $this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
                     }
                 }
             }
             if ($adminId != osc_logged_admin_id()) {
                 $array['b_moderator'] = $bModerator;
             }
             $array['s_name'] = Params::getParam('s_name');
             $array['s_username'] = $sUserName;
             $array['s_email'] = $sEmail;
             $iUpdated = $this->adminManager->update($array, $conditions);
             osc_run_hook('admin_edit_completed', $adminId, $iUpdated);
             if ($iUpdated > 0) {
                 osc_add_flash_ok_message(_m('The admin has been updated'), 'admin');
             }
             if ($this->isModerator()) {
                 $this->redirectTo(osc_admin_base_url(true));
             } else {
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins');
             }
             break;
         case 'delete':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins');
             }
             osc_csrf_check();
             // deleting and admin
             $isDeleted = false;
             $adminId = Params::getParam('id');
             if (!is_array($adminId)) {
                 osc_add_flash_error_message(_m("The admin id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins');
             }
             // Verification to avoid an administrator trying to remove to itself
             if (in_array(Session::newInstance()->_get('adminId'), $adminId)) {
                 osc_add_flash_error_message(_m("The operation hasn't been completed. You're trying to remove yourself!"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=admins');
             }
             $isDeleted = $this->adminManager->deleteBatch($adminId);
             if ($isDeleted) {
                 osc_add_flash_ok_message(_m('The admin has been deleted correctly'), 'admin');
             } else {
                 osc_add_flash_error_message(_m('The admin couldn\'t be deleted'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=admins');
             break;
         default:
             if (Params::getParam("action") != "") {
                 osc_run_hook("admin_bulk_" . Params::getParam("action"), Params::getParam('id'));
             }
             if (Params::getParam('iDisplayLength') == '') {
                 Params::setParam('iDisplayLength', 10);
             }
             $p_iPage = 1;
             if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
                 $p_iPage = Params::getParam('iPage');
             }
             Params::setParam('iPage', $p_iPage);
             $admins = $this->adminManager->listAll();
             // pagination
             $start = ($p_iPage - 1) * Params::getParam('iDisplayLength');
             $limit = Params::getParam('iDisplayLength');
             $count = count($admins);
             $displayRecords = $limit;
             if ($start + $limit > $count) {
                 $displayRecords = $start + $limit - $count;
             }
             // ----
             $aData = array();
             $max = $start + $limit;
             if ($max > $count) {
                 $max = $count;
             }
             for ($i = $start; $i < $max; $i++) {
                 $admin = $admins[$i];
                 $options = array();
                 $options[] = '<a href="' . osc_admin_base_url(true) . '?page=admins&action=edit&amp;id=' . $admin['pk_i_id'] . '">' . __('Edit') . '</a>';
                 $options[] = '<a onclick="return delete_dialog(\'' . $admin['pk_i_id'] . '\');" href="' . osc_admin_base_url(true) . '?page=admins&action=delete&amp;id[]=' . $admin['pk_i_id'] . '">' . __('Delete') . '</a>';
                 $auxOptions = '<ul>' . PHP_EOL;
                 foreach ($options as $actual) {
                     $auxOptions .= '<li>' . $actual . '</li>' . PHP_EOL;
                 }
                 $actions = '<div class="actions">' . $auxOptions . '</div>' . PHP_EOL;
                 $row = array();
                 $row[] = '<input type="checkbox" name="id[]" value="' . $admin['pk_i_id'] . '" />';
                 $row[] = $admin['s_username'] . $actions;
                 $row[] = $admin['s_name'];
                 $row[] = $admin['s_email'];
                 $aData[] = $row;
             }
             $array['iTotalRecords'] = $displayRecords;
             $array['iTotalDisplayRecords'] = count($admins);
             $array['iDisplayLength'] = $limit;
             $array['aaData'] = $aData;
             $page = (int) Params::getParam('iPage');
             if (count($array['aaData']) == 0 && $page != 1) {
                 $total = (int) $array['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $array['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected admins?'), strtolower(__('Delete'))), 'label' => __('Delete')));
             $bulk_options = osc_apply_filter("admin_bulk_filter", $bulk_options);
             $this->_exportVariableToView('bulk_options', $bulk_options);
             $this->_exportVariableToView('aAdmins', $array);
             // calling manage admins view
             $this->doView('admins/index.php');
             break;
     }
 }
Beispiel #24
0
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'add':
             $this->doView("plugins/add.php");
             break;
         case 'add_post':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             }
             osc_csrf_check();
             $package = Params::getFiles("package");
             if (isset($package['size']) && $package['size'] != 0) {
                 $path = osc_plugins_path();
                 (int) ($status = osc_unzip_file($package['tmp_name'], $path));
                 @unlink($package['tmp_name']);
             } else {
                 $status = 3;
             }
             switch ($status) {
                 case 0:
                     $msg = _m('The plugin folder is not writable');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
                 case 1:
                     $msg = _m('The plugin has been uploaded correctly');
                     osc_add_flash_ok_message($msg, 'admin');
                     break;
                 case 2:
                     $msg = _m('The zip file is not valid');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
                 case 3:
                     $msg = _m('No file was uploaded');
                     osc_add_flash_error_message($msg, 'admin');
                     $this->redirectTo(osc_admin_base_url(true) . "?page=plugins&action=add");
                     break;
                 case -1:
                 default:
                     $msg = _m('There was a problem adding the plugin');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
             break;
         case 'install':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             }
             osc_csrf_check();
             $pn = Params::getParam('plugin');
             // set header just in case it's triggered some fatal error
             header("Location: " . osc_admin_base_url(true) . "?page=plugins&error=" . $pn, true, '302');
             $installed = Plugins::install($pn);
             if (is_array($installed)) {
                 switch ($installed['error_code']) {
                     case 'error_output':
                         osc_add_flash_error_message(sprintf(_m('The plugin generated %d characters of <strong>unexpected output</strong> during the installation. Output: "%s"'), strlen($installed['output']), $installed['output']), 'admin');
                         break;
                     case 'error_installed':
                         osc_add_flash_error_message(_m('Plugin is already installed'), 'admin');
                         break;
                     case 'error_file':
                         osc_add_flash_error_message(_m("Plugin couldn't be installed because their files are missing"), 'admin');
                         break;
                     case 'custom_error':
                         osc_add_flash_error_message(sprintf(_m("Plugin couldn't be installed because of: %s"), $installed['msg']), 'admin');
                         break;
                     default:
                         osc_add_flash_error_message(_m("Plugin couldn't be installed"), 'admin');
                         break;
                 }
             } else {
                 osc_add_flash_ok_message(_m('Plugin installed'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             break;
         case 'uninstall':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             }
             osc_csrf_check();
             if (Plugins::uninstall(Params::getParam("plugin"))) {
                 osc_add_flash_ok_message(_m('Plugin uninstalled'), 'admin');
             } else {
                 osc_add_flash_error_message(_m("Plugin couldn't be uninstalled"), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             break;
         case 'enable':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             }
             osc_csrf_check();
             if (Plugins::activate(Params::getParam('plugin'))) {
                 osc_add_flash_ok_message(_m('Plugin enabled'), 'admin');
             } else {
                 osc_add_flash_error_message(_m('Plugin is already enabled'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             break;
         case 'disable':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             }
             osc_csrf_check();
             if (Plugins::deactivate(Params::getParam('plugin'))) {
                 osc_add_flash_ok_message(_m('Plugin disabled'), 'admin');
             } else {
                 osc_add_flash_error_message(_m('Plugin is already disabled'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             break;
         case 'admin':
             $plugin = Params::getParam("plugin");
             if ($plugin != "") {
                 osc_run_hook($plugin . '_configure');
             }
             break;
         case 'admin_post':
             osc_run_hook('admin_post');
             break;
         case 'renderplugin':
             if (Params::existParam('route')) {
                 $routes = Rewrite::newInstance()->getRoutes();
                 $rid = Params::getParam('route');
                 $file = '../';
                 if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
                     $file = $routes[$rid]['file'];
                 }
             } else {
                 // DEPRECATED: Disclosed path in URL is deprecated, use routes instead
                 // This will be REMOVED in 3.4
                 $file = Params::getParam('file');
                 // We pass the GET variables (in case we have somes)
                 if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
                     $file = $match[1];
                     if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
                         for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
                             Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
                         }
                     }
                 } else {
                     $file = Params::getParam('file');
                 }
             }
             osc_run_hook('renderplugin_controller');
             if (stripos($file, '../') === false && stripos($file, '..\\') === false && $file != "") {
                 $this->_exportVariableToView("file", osc_plugins_path() . $file);
                 $this->doView("plugins/view.php");
             }
             break;
         case 'configure':
             $plugin = Params::getParam("plugin");
             if ($plugin != '') {
                 $plugin_data = Plugins::getInfo($plugin);
                 $this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
                 $this->_exportVariableToView("selected", PluginCategory::newInstance()->listSelected($plugin_data['short_name']));
                 $this->_exportVariableToView("plugin_data", $plugin_data);
                 $this->doView("plugins/configuration.php");
             } else {
                 $this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
             }
             break;
         case 'configure_post':
             osc_csrf_check();
             $plugin_short_name = Params::getParam("plugin_short_name");
             $categories = Params::getParam("categories");
             if ($plugin_short_name != "") {
                 Plugins::cleanCategoryFromPlugin($plugin_short_name);
                 if (isset($categories)) {
                     Plugins::addToCategoryPlugin($categories, $plugin_short_name);
                 }
                 osc_run_hook('plugin_categories_' . Params::getParam('plugin'), $categories);
                 osc_add_flash_ok_message(_m('Configuration was saved'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
             }
             osc_add_flash_error_message(_m('No plugin selected'), 'admin');
             $this->doView('plugins/index.php');
             break;
         case 'delete':
             osc_csrf_check();
             $plugin = str_replace('/index.php', '', Params::getParam("plugin"));
             $path = preg_replace('([\\/]+)', '/', CONTENT_PATH . 'plugins/' . $plugin);
             if ($plugin != "" && strpos($plugin, '../') === false && strpos($plugin, '..\\') === false && $path != CONTENT_PATH . 'plugins/') {
                 if (osc_deleteDir($path)) {
                     osc_add_flash_ok_message(_m('The files were deleted'), 'admin');
                 } else {
                     osc_add_flash_error_message(sprintf(_m('There were an error deleting the files, please check the permissions of the files in %s'), $path . "/"), 'admin');
                 }
                 $this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
             }
             osc_add_flash_error_message(_m('No plugin selected'), 'admin');
             $this->doView('plugins/index.php');
             break;
         case 'error_plugin':
             // force php errors and simulate plugin installation to show the errors in the iframe
             if (!OSC_DEBUG) {
                 error_reporting(E_ALL | E_STRICT);
             }
             @ini_set('display_errors', 1);
             include osc_plugins_path() . Params::getParam('plugin');
             Plugins::install(Params::getParam('plugin'));
             exit;
             break;
         default:
             if (Params::getParam('checkUpdated') != '') {
                 osc_admin_toolbar_update_plugins(true);
             }
             if (Params::getParam('iDisplayLength') == '') {
                 Params::setParam('iDisplayLength', 25);
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             $p_iPage = 1;
             if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
                 $p_iPage = Params::getParam('iPage');
             }
             Params::setParam('iPage', $p_iPage);
             $aPlugin = Plugins::listAll();
             $active_plugins = osc_get_plugins();
             // pagination
             $start = ($p_iPage - 1) * Params::getParam('iDisplayLength');
             $limit = Params::getParam('iDisplayLength');
             $count = count($aPlugin);
             $displayRecords = $limit;
             if ($start + $limit > $count) {
                 $displayRecords = $start + $limit - $count;
             }
             // --------------------------------------------------------
             $aData = array();
             $aInfo = array();
             $max = $start + $limit;
             if ($max > $count) {
                 $max = $count;
             }
             $aPluginsToUpdate = json_decode(osc_get_preference('plugins_to_update'));
             $bPluginsToUpdate = is_array($aPluginsToUpdate) ? true : false;
             for ($i = $start; $i < $max; $i++) {
                 $plugin = $aPlugin[$i];
                 $row = array();
                 $pInfo = osc_plugin_get_info($plugin);
                 // prepare row 1
                 $installed = 0;
                 if (osc_plugin_is_installed($plugin)) {
                     $installed = 1;
                 }
                 $enabled = 0;
                 if (osc_plugin_is_enabled($plugin)) {
                     $enabled = 1;
                 }
                 // prepare row 2
                 $sUpdate = '';
                 // get plugins to update from t_preference
                 if ($bPluginsToUpdate) {
                     if (in_array(@$pInfo['plugin_update_uri'], $aPluginsToUpdate)) {
                         $sUpdate = '<a class="market_update market-popup" href="#' . htmlentities($pInfo['plugin_update_uri']) . '">' . __("There's a new update available") . '</a>';
                     }
                 }
                 // prepare row 4
                 $sConfigure = '';
                 if (isset($active_plugins[$plugin . '_configure'])) {
                     $sConfigure = '<a href="' . osc_admin_base_url(true) . '?page=plugins&amp;action=admin&amp;plugin=' . $pInfo['filename'] . "&amp;" . osc_csrf_token_url() . '">' . __('Configure') . '</a>';
                 }
                 // prepare row 5
                 $sEnable = '';
                 if ($installed) {
                     if ($enabled) {
                         $sEnable = '<a href="' . osc_admin_base_url(true) . '?page=plugins&amp;action=disable&amp;plugin=' . $pInfo['filename'] . "&amp;" . osc_csrf_token_url() . '">' . __('Disable') . '</a>';
                     } else {
                         $sEnable = '<a href="' . osc_admin_base_url(true) . '?page=plugins&amp;action=enable&amp;plugin=' . $pInfo['filename'] . "&amp;" . osc_csrf_token_url() . '">' . __('Enable') . '</a>';
                     }
                 }
                 // prepare row 6
                 if ($installed) {
                     $sInstall = '<a onclick="javascript:return uninstall_dialog(\'' . $pInfo['filename'] . '\', \'' . $pInfo['plugin_name'] . '\');" href="' . osc_admin_base_url(true) . '?page=plugins&amp;action=uninstall&amp;plugin=' . $pInfo['filename'] . "&amp;" . osc_csrf_token_url() . '">' . __('Uninstall') . '</a>';
                 } else {
                     $sInstall = '<a href="' . osc_admin_base_url(true) . '?page=plugins&amp;action=install&amp;plugin=' . $pInfo['filename'] . "&amp;" . osc_csrf_token_url() . '">' . __('Install') . '</a>';
                 }
                 $sDelete = '';
                 if (!$installed) {
                     $sDelete = '<a href="javascript:delete_plugin(\'' . $pInfo['filename'] . '\');" >' . __('Delete') . '</a>';
                 }
                 $sHelp = '';
                 if ($pInfo['support_uri'] != '') {
                     $sHelp = '<span class="plugin-support-icon plugin-tooltip" ><a target="_blank" href="' . osc_sanitize_url($pInfo['support_uri']) . '" ><img src="' . osc_current_admin_theme_url('images/question.png') . '" alt="' . osc_esc_html(__('Problems with this plugin? Ask for support.')) . '" ></a></span>';
                 }
                 $sSiteUrl = '';
                 if ($pInfo['plugin_uri'] != '') {
                     $sSiteUrl = ' | <a target="_blank" href="' . $pInfo['plugin_uri'] . '">' . __('Plugins Site') . '</a>';
                 }
                 if ($pInfo['author_uri'] != '') {
                     $sAuthor = __('By') . ' <a target="_blank" href="' . $pInfo['author_uri'] . '">' . $pInfo['author'] . '</a>';
                 } else {
                     $sAuthor = __('By') . ' ' . $pInfo['author'];
                 }
                 $row[] = '<input type="hidden" name="installed" value="' . $installed . '" enabled="' . $enabled . '" />' . $pInfo['plugin_name'] . $sHelp . '<div>' . $sUpdate . '</div>';
                 $row[] = $pInfo['description'] . '<br />' . __('Version:') . $pInfo['version'] . ' | ' . $sAuthor . $sSiteUrl;
                 $row[] = $sUpdate != '' ? $sUpdate : '&nbsp;';
                 $row[] = $sConfigure != '' ? $sConfigure : '&nbsp;';
                 $row[] = $sEnable != '' ? $sEnable : '&nbsp;';
                 $row[] = $sInstall != '' ? $sInstall : '&nbsp;';
                 $row[] = $sDelete != '' ? $sDelete : '&nbsp;';
                 $aData[] = $row;
                 if (@$pInfo['plugin_update_uri'] != '') {
                     $aInfo[@$pInfo['plugin_update_uri']] = $pInfo;
                 } else {
                     $aInfo[$i] = $pInfo;
                 }
             }
             $array['iTotalRecords'] = $displayRecords;
             $array['iTotalDisplayRecords'] = count($aPlugin);
             $array['iDisplayLength'] = $limit;
             $array['aaData'] = $aData;
             $array['aaInfo'] = $aInfo;
             // --------------------------------------------------------
             $page = (int) Params::getParam('iPage');
             if (count($array['aaData']) == 0 && $page != 1) {
                 $total = (int) $array['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $array['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aPlugins', $array);
             $this->doView("plugins/index.php");
             break;
     }
 }
Beispiel #25
0
 /**
  *
  */
 public function toArray()
 {
     $domain = 'http://' . Params::getServerParam('HTTP_HOST') . '/';
     $this->siteInfo = $this->findByPrimaryKey($domain);
 }
Beispiel #26
0
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
osc_enqueue_script('jquery-validate');
$current_host = parse_url(Params::getServerParam('HTTP_HOST'), PHP_URL_HOST);
if ($current_host === null) {
    $current_host = Params::getServerParam('HTTP_HOST');
}
//customize Head
function customHead()
{
}
osc_add_hook('admin_header', 'customHead', 10);
function render_offset()
{
    return 'row-offset';
}
function addHelp()
{
    echo '<p>' . __("Change advanced configuration of your Osclass. <strong>Be careful</strong> when modifying default values if you're not sure what you're doing!") . '</p>';
}
osc_add_hook('help_box', 'addHelp');
Beispiel #27
0
 function __construct()
 {
     parent::__construct();
     $this->mSearch = Search::newInstance();
     $this->uri = preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false));
     if (preg_match('/^index\\.php/', $this->uri) > 0) {
         // search url without permalinks params
     } else {
         $this->uri = preg_replace('|/$|', '', $this->uri);
         // redirect if it ends with a slash NOT NEEDED ANYMORE, SINCE WE CHECK WITH osc_search_url
         if ($this->uri != osc_get_preference('rewrite_search_url') && stripos($this->uri, osc_get_preference('rewrite_search_url') . '/') === false && osc_rewrite_enabled() && !Params::existParam('sFeed')) {
             // clean GET html params
             $this->uri = preg_replace('/(\\/?)\\?.*$/', '', $this->uri);
             $search_uri = preg_replace('|/[0-9]+$|', '', $this->uri);
             $this->_exportVariableToView('search_uri', $search_uri);
             // get page if it's set in the url
             $iPage = preg_replace('|.*/([0-9]+)$|', '$01', $this->uri);
             if (is_numeric($iPage) && $iPage > 0) {
                 Params::setParam('iPage', $iPage);
                 // redirect without number of pages
                 if ($iPage == 1) {
                     $this->redirectTo(osc_base_url() . $search_uri);
                 }
             }
             if (Params::getParam('iPage') > 1) {
                 $this->_exportVariableToView('canonical', osc_base_url() . $search_uri);
             }
             // get only the last segment
             $search_uri = preg_replace('|.*?/|', '', $search_uri);
             if (preg_match('|-r([0-9]+)$|', $search_uri, $r)) {
                 $region = Region::newInstance()->findByPrimaryKey($r[1]);
                 if (!$region) {
                     $this->do404();
                 }
                 Params::setParam('sRegion', $region['pk_i_id']);
                 Params::unsetParam('sCategory');
                 if (preg_match('|(.*?)_.*?-r[0-9]+|', $search_uri, $match)) {
                     Params::setParam('sCategory', $match[1]);
                 }
             } else {
                 if (preg_match('|-c([0-9]+)$|', $search_uri, $c)) {
                     $city = City::newInstance()->findByPrimaryKey($c[1]);
                     if (!$city) {
                         $this->do404();
                     }
                     Params::setParam('sCity', $city['pk_i_id']);
                     Params::unsetParam('sCategory');
                     if (preg_match('|(.*?)_.*?-c[0-9]+|', $search_uri, $match)) {
                         Params::setParam('sCategory', $match[1]);
                     }
                 } else {
                     if (!Params::existParam('sCategory')) {
                         $category = Category::newInstance()->findBySlug($search_uri);
                         if (count($category) === 0) {
                             $this->do404();
                         }
                         Params::setParam('sCategory', $search_uri);
                     } else {
                         if (stripos(Params::getParam('sCategory'), '/') !== false) {
                             $tmp = explode("/", preg_replace('|/$|', '', Params::getParam('sCategory')));
                             $category = Category::newInstance()->findBySlug($tmp[count($tmp) - 1]);
                             Params::setParam('sCategory', $tmp[count($tmp) - 1]);
                         } else {
                             $category = Category::newInstance()->findBySlug(Params::getParam('sCategory'));
                             Params::setParam('sCategory', Params::getParam('sCategory'));
                         }
                         if (count($category) === 0) {
                             $this->do404();
                         }
                     }
                 }
             }
         }
     }
 }
Beispiel #28
0
 /**
  * Insert a log row.
  *
  * @access public
  * @since unknown
  * @param string $section
  * @param string $action
  * @param integer $id
  * @param string $data
  * @param string $who
  * @param integer $who_id
  * @return boolean
  */
 public function insertLog($section, $action, $id, $data, $who, $whoId)
 {
     $array_set = array('dt_date' => date('Y-m-d H:i:s'), 's_section' => $section, 's_action' => $action, 'fk_i_id' => $id, 's_data' => $data, 's_ip' => Params::getServerParam('REMOTE_ADDR'), 's_who' => $who, 'fk_i_who_id' => $whoId);
     return $this->dao->insert($this->getTableName(), $array_set);
 }
Beispiel #29
0
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'bulk_actions':
             osc_csrf_check();
             $id = Params::getParam('id');
             if ($id) {
                 switch (Params::getParam('bulk_actions')) {
                     case 'delete_all':
                         $this->itemCommentManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $id) . ')'));
                         foreach ($id as $_id) {
                             $iUpdated = $this->itemCommentManager->delete(array('pk_i_id' => $_id));
                             osc_add_hook("delete_comment", $_id);
                         }
                         osc_add_flash_ok_message(_m('The comments have been deleted'), 'admin');
                         break;
                     case 'activate_all':
                         foreach ($id as $_id) {
                             $iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $_id));
                             if ($iUpdated) {
                                 $this->sendCommentActivated($_id);
                             }
                             osc_add_hook("activate_comment", $_id);
                         }
                         osc_add_flash_ok_message(_m('The comments have been approved'), 'admin');
                         break;
                     case 'deactivate_all':
                         foreach ($id as $_id) {
                             $this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $_id));
                             osc_add_hook("deactivate_comment", $_id);
                         }
                         osc_add_flash_ok_message(_m('The comments have been disapproved'), 'admin');
                         break;
                     case 'enable_all':
                         foreach ($id as $_id) {
                             $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $_id));
                             if ($iUpdated) {
                                 $this->sendCommentActivated($_id);
                             }
                             osc_add_hook("enable_comment", $_id);
                         }
                         osc_add_flash_ok_message(_m('The comments have been unblocked'), 'admin');
                         break;
                     case 'disable_all':
                         foreach ($id as $_id) {
                             $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $_id));
                             osc_add_hook("disable_comment", $_id);
                         }
                         osc_add_flash_ok_message(_m('The comments have been blocked'), 'admin');
                         break;
                     default:
                         if (Params::getParam("bulk_actions") != "") {
                             osc_run_hook("item_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id'));
                         }
                         break;
                 }
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=comments");
             break;
         case 'status':
             osc_csrf_check();
             $id = Params::getParam('id');
             $value = Params::getParam('value');
             if (!$id) {
                 return false;
             }
             $id = (int) $id;
             if (!is_numeric($id)) {
                 return false;
             }
             if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) {
                 return false;
             }
             if ($value == 'ACTIVE') {
                 $iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $id));
                 if ($iUpdated) {
                     $this->sendCommentActivated($id);
                 }
                 osc_add_hook("activate_comment", $id);
                 osc_add_flash_ok_message(_m('The comment has been approved'), 'admin');
             } else {
                 if ($value == 'INACTIVE') {
                     $iUpdated = $this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $id));
                     osc_add_hook("deactivate_comment", $id);
                     osc_add_flash_ok_message(_m('The comment has been disapproved'), 'admin');
                 } else {
                     if ($value == 'ENABLE') {
                         $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $id));
                         osc_add_hook("enable_comment", $id);
                         osc_add_flash_ok_message(_m('The comment has been enabled'), 'admin');
                     } else {
                         if ($value == 'DISABLE') {
                             $iUpdated = $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $id));
                             osc_add_hook("disable_comment", $id);
                             osc_add_flash_ok_message(_m('The comment has been disabled'), 'admin');
                         }
                     }
                 }
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=comments");
             break;
         case 'comment_edit':
             $comment = ItemComment::newInstance()->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('comment', $comment);
             $this->doView('comments/frm.php');
             break;
         case 'comment_edit_post':
             osc_csrf_check();
             $msg = '';
             if (!osc_validate_email(Params::getParam('authorEmail'), true)) {
                 $msg .= _m('Email is not correct') . "<br/>";
             }
             if (!osc_validate_text(Params::getParam('body'), 1, true)) {
                 $msg .= _m('Comment is required') . "<br/>";
             }
             if ($msg != '') {
                 osc_add_flash_error_message($msg, 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=comments&action=comment_edit&id=" . Params::getParam('id'));
             }
             $this->itemCommentManager->update(array('s_title' => Params::getParam('title'), 's_body' => Params::getParam('body'), 's_author_name' => Params::getParam('authorName'), 's_author_email' => Params::getParam('authorEmail')), array('pk_i_id' => Params::getParam('id')));
             osc_run_hook('edit_comment', Params::getParam('id'));
             osc_add_flash_ok_message(_m('Great! We just updated your comment'), 'admin');
             $this->redirectTo(osc_admin_base_url(true) . "?page=comments");
             break;
         case 'delete':
             osc_csrf_check();
             $this->itemCommentManager->deleteByPrimaryKey(Params::getParam('id'));
             osc_add_flash_ok_message(_m('The comment has been deleted'), 'admin');
             osc_run_hook('delete_comment', Params::getParam('id'));
             $this->redirectTo(osc_admin_base_url(true) . "?page=comments");
             break;
         default:
             require_once osc_lib_path() . "osclass/classes/datatables/CommentsDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
                     Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
                 } else {
                     Params::setParam('iDisplayLength', 10);
                 }
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $commentsDataTable = new CommentsDataTable();
             $commentsDataTable->table($params);
             $aData = $commentsDataTable->getData();
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('aRawRows', $commentsDataTable->rawRows());
             $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Delete'))), 'label' => __('Delete')), array('value' => 'activate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'disable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'enable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Unblock'))), 'label' => __('Unblock')));
             $bulk_options = osc_apply_filter("comment_bulk_filter", $bulk_options);
             $this->_exportVariableToView('bulk_options', $bulk_options);
             $this->doView('comments/index.php');
             break;
     }
 }
Beispiel #30
0
 function doModel()
 {
     switch ($this->action) {
         case 'dashboard':
             //dashboard...
             $max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
             $aItems = Item::newInstance()->findByUserIDEnabled(osc_logged_user_id(), 0, $max_items);
             //calling the view...
             $this->_exportVariableToView('items', $aItems);
             $this->_exportVariableToView('max_items', $max_items);
             $this->doView('user-dashboard.php');
             break;
         case 'profile':
             //profile...
             $user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
             $aCountries = Country::newInstance()->listAll();
             $aRegions = array();
             if ($user['fk_c_country_code'] != '') {
                 $aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
             } elseif (count($aCountries) > 0) {
                 $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
             }
             $aCities = array();
             if ($user['fk_i_region_id'] != '') {
                 $aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
             } else {
                 if (count($aRegions) > 0) {
                     $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
                 }
             }
             //calling the view...
             $this->_exportVariableToView('countries', $aCountries);
             $this->_exportVariableToView('regions', $aRegions);
             $this->_exportVariableToView('cities', $aCities);
             $this->_exportVariableToView('user', $user);
             $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
             $this->doView('user-profile.php');
             break;
         case 'profile_post':
             //profile post...
             osc_csrf_check();
             $userId = Session::newInstance()->_get('userId');
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(false);
             $success = $userActions->edit($userId);
             if ($success == 1 || $success == 2) {
                 osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
             } else {
                 osc_add_flash_error_message($success);
             }
             $this->redirectTo(osc_user_profile_url());
             break;
         case 'alerts':
             //alerts
             $aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'), false);
             $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
             foreach ($aAlerts as $k => $a) {
                 $array_conditions = (array) json_decode($a['s_search']);
                 //                                            $search = Search::newInstance();
                 $search = new Search();
                 $search->setJsonAlert($array_conditions);
                 $search->limit(0, 3);
                 $aAlerts[$k]['items'] = $search->doSearch();
             }
             $this->_exportVariableToView('alerts', $aAlerts);
             View::newInstance()->_reset('alerts');
             $this->_exportVariableToView('user', $user);
             $this->doView('user-alerts.php');
             break;
         case 'change_email':
             //change email
             $this->doView('user-change_email.php');
             break;
         case 'change_email_post':
             //change email post
             osc_csrf_check();
             if (!osc_validate_email(Params::getParam('new_email'))) {
                 osc_add_flash_error_message(_m('The specified e-mail is not valid'));
                 $this->redirectTo(osc_change_user_email_url());
             } else {
                 $user = User::newInstance()->findByEmail(Params::getParam('new_email'));
                 if (!isset($user['pk_i_id'])) {
                     $userEmailTmp = array();
                     $userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
                     $userEmailTmp['s_new_email'] = Params::getParam('new_email');
                     UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
                     $code = osc_genRandomPassword(30);
                     $date = date('Y-m-d H:i:s');
                     $userManager = new User();
                     $userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => Params::getServerParam('REMOTE_ADDR')), array('pk_i_id' => Session::newInstance()->_get('userId')));
                     $validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
                     osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
                     $this->redirectTo(osc_user_profile_url());
                 } else {
                     osc_add_flash_error_message(_m('The specified e-mail is already in use'));
                     $this->redirectTo(osc_change_user_email_url());
                 }
             }
             break;
         case 'change_username':
             //change username
             $this->doView('user-change_username.php');
             break;
         case 'change_username_post':
             //change username
             $username = osc_sanitize_username(Params::getParam('s_username'));
             osc_run_hook('before_username_change', Session::newInstance()->_get('userId'), $username);
             if ($username != '') {
                 $user = User::newInstance()->findByUsername($username);
                 if (isset($user['s_username'])) {
                     osc_add_flash_error_message(_m('The specified username is already in use'));
                 } else {
                     if (!osc_is_username_blacklisted($username)) {
                         User::newInstance()->update(array('s_username' => $username), array('pk_i_id' => Session::newInstance()->_get('userId')));
                         osc_add_flash_ok_message(_m('The username was updated'));
                         osc_run_hook('after_username_change', Session::newInstance()->_get('userId'), Params::getParam('s_username'));
                         $this->redirectTo(osc_user_profile_url());
                     } else {
                         osc_add_flash_error_message(_m('The specified username is not valid, it contains some invalid words'));
                     }
                 }
             } else {
                 osc_add_flash_error_message(_m('The specified username could not be empty'));
             }
             $this->redirectTo(osc_change_user_username_url());
             break;
         case 'change_password':
             //change password
             $this->doView('user-change_password.php');
             break;
         case 'change_password_post':
             //change password post
             osc_csrf_check();
             $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
             if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
                 osc_add_flash_warning_message(_m('Password cannot be blank'));
                 $this->redirectTo(osc_change_user_password_url());
             }
             if (!osc_verify_password(Params::getParam('password', false, false), $user['s_password'])) {
                 osc_add_flash_error_message(_m("Current password doesn't match"));
                 $this->redirectTo(osc_change_user_password_url());
             }
             if (!Params::getParam('new_password', false, false)) {
                 osc_add_flash_error_message(_m("Passwords can't be empty"));
                 $this->redirectTo(osc_change_user_password_url());
             }
             if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) {
                 osc_add_flash_error_message(_m("Passwords don't match"));
                 $this->redirectTo(osc_change_user_password_url());
             }
             User::newInstance()->update(array('s_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId')));
             osc_add_flash_ok_message(_m('Password has been changed'));
             $this->redirectTo(osc_user_profile_url());
             break;
         case 'items':
             // view items user
             $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10;
             $page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0;
             $itemType = Params::getParam('itemType');
             $total_items = Item::newInstance()->countItemTypesByUserID(osc_logged_user_id(), $itemType);
             $total_pages = ceil($total_items / $itemsPerPage);
             $items = Item::newInstance()->findItemTypesByUserID(osc_logged_user_id(), $page * $itemsPerPage, $itemsPerPage, $itemType);
             $this->_exportVariableToView('items', $items);
             $this->_exportVariableToView('search_total_pages', $total_pages);
             $this->_exportVariableToView('search_total_items', $total_items);
             $this->_exportVariableToView('items_per_page', $itemsPerPage);
             $this->_exportVariableToView('items_type', $itemType);
             $this->_exportVariableToView('search_page', $page);
             $this->doView('user-items.php');
             break;
         case 'activate_alert':
             $email = Params::getParam('email');
             $secret = Params::getParam('secret');
             $result = 0;
             if ($email != '' && $secret != '') {
                 $result = Alerts::newInstance()->activate($email, $secret);
             }
             if ($result == 1) {
                 osc_add_flash_ok_message(_m('Alert activated'));
             } else {
                 osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator'));
             }
             $this->redirectTo(osc_base_url());
             break;
         case 'unsub_alert':
             $email = Params::getParam('email');
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $alert = Alerts::newInstance()->findByPrimaryKey($id);
             $result = 0;
             if (!empty($alert)) {
                 if ($email == $alert['s_email'] && $secret == $alert['s_secret']) {
                     $result = Alerts::newInstance()->unsub($id);
                 }
             }
             if ($result == 1) {
                 osc_add_flash_ok_message(_m('Unsubscribed correctly'));
             } else {
                 osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator'));
             }
             $this->redirectTo(osc_user_alerts_url());
             break;
         case 'delete':
             $id = Params::getParam('id');
             $secret = Params::getParam('secret');
             if (osc_is_web_user_logged_in()) {
                 $user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
                 View::newInstance()->_exportVariableToView('user', $user);
                 if (!empty($user) && osc_logged_user_id() == $id && $secret == $user['s_secret']) {
                     User::newInstance()->deleteUser(osc_logged_user_id());
                     Session::newInstance()->_drop('userId');
                     Session::newInstance()->_drop('userName');
                     Session::newInstance()->_drop('userEmail');
                     Session::newInstance()->_drop('userPhone');
                     Cookie::newInstance()->pop('oc_userId');
                     Cookie::newInstance()->pop('oc_userSecret');
                     Cookie::newInstance()->set();
                     osc_add_flash_ok_message(_m("Your account have been deleted"));
                     $this->redirectTo(osc_base_url());
                 } else {
                     osc_add_flash_error_message(_m("Oops! you can not do that"));
                     $this->redirectTo(osc_user_dashboard_url());
                 }
             } else {
                 osc_add_flash_error_message(_m("Oops! you can not do that"));
                 $this->redirectTo(osc_base_url());
             }
             break;
     }
 }