function getrss()
{
uses('Sanitize');
Configure::write('debug', '0');
//turn debugging off; debugging breaks ajax
$this->layout = 'ajax';
$mrClean = new Sanitize();
$limit = 5;
$start = 0;
if (empty($this->params['form']['url'])) {
die('Incorrect use');
}
$url = $this->params['form']['url'];
if (!empty($this->params['form']['limit'])) {
$limit = $mrClean->paranoid($this->params['form']['limit']);
}
if (!empty($this->params['form']['start'])) {
$start = $mrClean->paranoid($this->params['form']['start']);
}
$feed = $this->Simplepie->feed_paginate($url, (int) $start, (int) $limit);
$out['totalCount'] = $feed['quantity'];
$out['title'] = $feed['title'];
$out['image_url'] = $feed['image_url'];
$out['image_width'] = $feed['image_width'];
$out['image_height'] = $feed['image_height'];
foreach ($feed['items'] as $item) {
$tmp['title'] = strip_tags($item->get_title());
$tmp['url'] = strip_tags($item->get_permalink());
$tmp['description'] = strip_tags($item->get_description(), '<p><br><img><a><b>');
$tmp['date'] = strip_tags($item->get_date('d/m/Y'));
$out['items'][] = $tmp;
}
$this->set('json', $out);
}
function index()
{
$solid = $this->Session->read('sol');
$this->Webymsg->recursive = -1;
$filter = array('Webymsg.sol_id' => $solid);
// host selezionato
$host_id = $this->Session->read('host_id');
if (!empty($host_id) && $host_id["host"] != 0) {
$filter['Webymsg.source_id'] = $host_id["host"];
}
$srch = null;
if ($this->Session->check('srch_webmsn')) {
$srch = $this->Session->read('srch_webmsn');
}
if (!empty($this->data)) {
$srch = $this->data['Search']['label'];
$srch = Sanitize::paranoid($srch);
}
if (!empty($srch)) {
$filter['Webymsg.friend LIKE'] = "%{$srch}%";
}
$msgs = $this->paginate('Webymsg', $filter);
$this->Session->write('srch_webmsn', $srch);
$this->set('chats', $msgs);
$this->set('srchd', $srch);
$this->set('menu_left', $this->Xplico->leftmenuarray(6));
}
/**
*@desc Funcion para poder cambiar el password del Usuario
*/
function pass()
{
$this->Usuario->recursive = 0;
if (!empty($this->data)) {
$id_usuario = $this->Session->read('id_usuario');
$usuario = $this->Usuario->findByIdUsuario($id_usuario);
$save = true;
if ($this->data['Usuario']['pass1'] != $this->data['Usuario']['pass2']) {
$this->Usuario->validationErrors['pass1'] = 'La nueva contraseña debe coincidir con la repetición';
$save = false;
} elseif (!$this->revisarPass($this->data['Usuario']['pass1'])) {
$this->Usuario->validationErrors['pass1'] = 'La contraseña debe tener por lo menos 3 letras y no usar ñ o espacios';
$save = false;
}
if (md5($this->data['Usuario']['pass']) != $usuario['Usuario']['pass']) {
$this->Usuario->validationErrors['pass'] = '******';
$save = false;
}
if ($save) {
$this->Usuario->id = $id_usuario;
$this->data['Usuario']['pass'] = md5(Sanitize::paranoid($this->data['Usuario']['pass1']));
if ($this->Usuario->save($this->data['Usuario'])) {
$this->Session->setFlash('Su contraseña ha sido correctamente actualizada');
$this->redirect("/");
exit;
}
$this->data['Usuario']['pass'] = '';
$this->data['Usuario']['pass1'] = '';
$this->data['Usuario']['pass2'] = '';
}
}
}
/**
* undocumented function
*
* @param string $filedata
* @param string $uploadPath
* @param string $filename
* @return void
* @access public
*/
function upload($filedata = null, $uploadPath = null, $mimeRules = array(), $isImage = true)
{
if ($filedata != null) {
$this->filedata = $filedata;
}
if ($uploadPath != null) {
$this->uploadPath = $uploadPath;
}
if (!empty($mimeRules)) {
$passesMime = false;
foreach ($mimeRules as $rule) {
if ($this->filedata['type'] == $rule) {
$passesMime = true;
break;
}
}
}
if (!$passesMime) {
return 'mime-error';
}
if (!$this->validate()) {
return false;
}
App::import('Core', 'Sanitize');
$this->filedata['name'] = Sanitize::paranoid($this->filedata['name'], array('.', '-', '_'));
$this->filename = $this->makeUniqueName() . '_' . $this->filedata['name'];
$destFile = $this->uploadPath . $this->filename;
if ($isImage === true && method_exists($this, 'defaultImageHandler')) {
$this->defaultImageHandler();
}
if (move_uploaded_file($this->filedata['tmp_name'], $destFile)) {
return $destFile;
}
return false;
}
function index($id = null)
{
$this->cacheAction = "10000 hours";
//$this->layout = 'image';
$albumData = array();
App::import('Sanitize');
$id = (int) Sanitize::paranoid($id);
$albumData = $this->Image->Album->read(null, $id);
//debug($albumData);
if (!$id || $albumData == false || !isset($albumData['Album']['image_count']) || $albumData['Album']['image_count'] == 0) {
$this->Session->setFlash('Вы не выбрали альбом');
$this->redirect(array('controller' => 'albums', 'action' => 'index'), null, true);
}
$this->paginate['Image'] = array('conditions' => array('Image.album_id' => $id), 'contain' => array('Album.name'), 'order' => array('Image.id' => 'DESC'), 'limit' => 12);
$images = $this->paginate();
foreach ($images as $image) {
$imagesId[] = $image['Image']['id'];
}
$imagesTotal = $this->Image->find('all', array('conditions' => array('Image.album_id' => $id), 'contain' => false));
foreach ($imagesTotal as $imageT) {
$imagesId2[] = $imageT['Image']['id'];
}
$diff = array_diff($imagesId2, $imagesId);
$restImgs = $this->Image->find('all', array('conditions' => array('Image.album_id' => $id, 'Image.id' => $diff), 'contain' => false));
$this->set('restImgs', $restImgs);
$this->set('images', $images);
}
/**
* Authenticates the identity contained in a request. Will use the `settings.userModel`, and `settings.fields`
* to find POST data that is used to find a matching record in the `settings.userModel`. Will return false if
* there is no post data, either username or password is missing, of if the scope conditions have not been met.
* @author DaiNT
* @date: 2013/05/23
* @param CakeRequest $request The request that contains login information.
* @param CakeResponse $response Unused response object.
* @return mixed. False on login failure. An array of User data on success.
*/
public function authenticate(CakeRequest $request, CakeResponse $response)
{
if (isset($request->data['type'])) {
$type = $request->data['type'];
if (!isset($this->settings['types'][$type])) {
throw new Exception(__('Type %s login not setting', $type));
}
$types = $this->settings['types'];
$this->settings = array_merge(array('types' => $types), $types[$type]);
}
// if not set model in from then reset to request
if (AppUtility::checkIsMobile()) {
$this->settings['fields']['password'] = '******';
}
$fields = $this->settings['fields'];
$model = $this->settings['userModel'];
$userName = Sanitize::paranoid($request->data[$model][$fields['username']]);
$password = Sanitize::paranoid($request->data[$model][$fields['password']]);
if (empty($request->data[$model])) {
$request->data[$model] = array($fields['username'] => isset($userName) ? $userName : null, $fields['password'] => isset($password) ? $password : null);
}
$user = parent::authenticate($request, $response);
if (!empty($user) && is_array($user) && isset($request->data[$model]['system_permission'])) {
$user['system_permission'] = $request->data[$model]['system_permission'];
}
return $user;
}
function purchase_product()
{
// Clean up the post
uses('sanitize');
$clean = new Sanitize();
$clean->paranoid($_POST);
// Check if we have an active cart, if there is no order_id set, then lets create one.
if (!isset($_SESSION['Customer']['order_id'])) {
$new_order = array();
$new_order['Order']['order_status_id'] = 0;
// Get default shipping & payment methods and assign them to the order
$default_payment = $this->Order->PaymentMethod->find(array('default' => '1'));
$new_order['Order']['payment_method_id'] = $default_payment['PaymentMethod']['id'];
$default_shipping = $this->Order->ShippingMethod->find(array('default' => '1'));
$new_order['Order']['shipping_method_id'] = $default_shipping['ShippingMethod']['id'];
// Save the order
$this->Order->save($new_order);
$order_id = $this->Order->getLastInsertId();
$_SESSION['Customer']['order_id'] = $order_id;
global $order;
$order = $new_order;
}
// Add the product to the order from the component
$this->OrderBase->add_product($_POST['product_id'], $_POST['product_quantity']);
global $config;
$content = $this->Content->read(null, $_POST['product_id']);
$this->redirect('/product/' . $content['Content']['alias'] . $config['URL_EXTENSION']);
}
/**
* Class constructor.
*
* @param string $method Method producing the error
* @param array $messages Error messages
*/
function __construct($method, $messages)
{
App::import('Core', 'Sanitize');
$this->controller =& new CakeErrorController();
$allow = array('.', '/', '_', ' ', '-', '~');
if (substr(PHP_OS, 0, 3) == "WIN") {
$allow = array_merge($allow, array('\\', ':'));
}
$messages = Sanitize::paranoid($messages, $allow);
if (!isset($messages[0])) {
$messages = array($messages);
}
if (method_exists($this->controller, 'apperror')) {
return $this->controller->appError($method, $messages);
}
if (!in_array(strtolower($method), array_map('strtolower', get_class_methods($this)))) {
$method = 'error';
}
if ($method !== 'error') {
if (Configure::read() == 0) {
$method = 'error404';
if (isset($code) && $code == 500) {
$method = 'error500';
}
}
}
$this->dispatchMethod($method, $messages);
$this->_stop();
}
/**
* Vote
* @author vovich
* @param unknown_type $model
* @param unknown_type $modelId
* @param unknown_type $point
* @return JSON
*/
function voting($model, $modelId, $delta)
{
Configure::write('debug', 0);
$this->layout = false;
$result = array("error" => "", "sum" => 0, "votes_plus" => 0, "votes_minus" => 0);
$userId = $this->Access->getLoggedUserID();
if (!$this->RequestHandler->isAjax()) {
$this->redirect($_SERVER['HTTP_REFERER']);
}
if ($userId == VISITOR_USER || !$userId) {
$result['error'] = "Access error, please login.";
} elseif (!$this->Access->getAccess('Vote_' . $model, 'c')) {
$result['error'] = "You can not vote for this " . $model . "<BR> please logg in ";
} else {
$result['error'] = $this->Vote->canVote($model, $modelId, $userId);
}
$data['model'] = Sanitize::paranoid($model);
$data['model_id'] = Sanitize::paranoid($modelId);
$data['user_id'] = $userId;
$data['delta'] = $delta;
if (Sanitize::paranoid($model) == 'Image') {
Cache::delete('last_images');
} elseif (Sanitize::paranoid($model) == 'Video') {
Cache::delete('last_images');
}
if (empty($result['error'])) {
$points = $this->Vote->add($data);
$result['votes_plus'] = $points['votes_plus'];
$result['votes_minus'] = $points['votes_minus'];
$result['sum'] = $points['votes_plus'] - $points['votes_minus'];
}
exit($this->Json->encode($result));
}
function paranoid($vars)
{
foreach ($vars as &$var) {
$var = Sanitize::paranoid($var, array('.', '-', '='));
}
return $vars;
}
public function view()
{
parent::view();
$id = Sanitize::paranoid($this->params->id);
$id = (int) $id;
$content = file_get_contents('http://resources.sejmometr.pl/sejm_komunikaty/content/' . $id . '.html');
$this->set('content', $content);
}
function search()
{
$this->pageTitle = __('USERS_SEARCH_TITLE', true);
// objekt pre escapovanie
//
uses('sanitize');
$sanit = new Sanitize();
//
// nastav condition na zaklade zaslaneho hladania
//
$condition = array('"User"."username" LIKE \'%' . $sanit->paranoid(@$_POST['name']) . '%\' OR ' . '"User"."first_name" LIKE \'%' . $sanit->paranoid(@$_POST['name']) . '%\' OR ' . '"User"."middle_name" LIKE \'%' . $sanit->paranoid(@$_POST['name']) . '%\' OR ' . '"User"."last_name" LIKE \'%' . $sanit->paranoid(@$_POST['name']) . '%\'');
//
// find & paginate it
$this->set('name', $sanit->paranoid(@$_POST['name']));
$this->paginate['User']['limit'] = 20;
$this->set('users', $this->paginate('User', $condition));
$this->render('index');
}
function index()
{
$this->cacheAction = "10000 hours";
App::import('Sanitize');
/**
*In this module we setting the path to the current Brand logo.
*/
$brand = array();
if (isset($this->params['named']['brand']) && (int) Sanitize::paranoid($this->params['named']['brand']) != null) {
$brand = $this->SubCategory->BrandsCategory->Brand->find('first', array('conditions' => array('Brand.id' => $this->params['named']['brand']), 'fields' => array('Brand.id', 'Brand.logo', 'Brand.body', 'Brand.name'), 'contain' => false));
if ($brand != array()) {
$this->set('brand', $brand);
} else {
$this->Session->setFlash('Brand wasn\'t found in database');
$this->redirect('/', null, true);
}
} else {
$this->Session->setFlash('Brand wasn\'t found in database');
$this->redirect('/', null, true);
}
/**
*In this module we setting the set of the subcategories.
*/
$category = array();
if (isset($this->params['named']['category']) && (int) Sanitize::paranoid($this->params['named']['category']) != null) {
$subCats = $this->SubCategory->BrandsCategory->find('first', array('conditions' => array('category_id' => $this->params['named']['category'], 'brand_id' => $this->params['named']['brand']), 'fields' => array(), 'contain' => array('Banner' => array('fields' => array('Banner.id', 'Banner.logo', 'Banner.url'), 'order' => array('BannersBrandsCategory.id' => 'DESC')), 'SubCategory' => array('fields' => array('name', 'id', 'product_count'), 'conditions' => array('SubCategory.product_count <>' => null)), 'Category' => array('fields' => array('Category.id', 'Category.type', 'Category.name')))));
if ($subCats != array()) {
$this->set('subCats', $subCats);
} else {
$this->Session->setFlash('SubCat wasn\'t found in database');
$this->redirect('/', null, true);
}
} else {
$this->Session->setFlash('SubCat wasn\'t found in database');
$this->redirect('/', null, true);
}
/**
*In this module we setting the set of the products.
*/
$products = array();
if (isset($this->params['named']['subcat']) && (int) Sanitize::paranoid($this->params['named']['subcat']) != null) {
$products = $this->SubCategory->find('first', array('conditions' => array('SubCategory.id' => $this->params['named']['subcat']), 'fields' => array('name'), 'contain' => array('Product' => array('fields' => array('Product.name', 'Product.logo', 'Product.logo1', 'Product.content1'), 'order' => array('Product.id' => 'DESC')))));
$this->set('products', $products);
if ($subCats['Category']['type'] == 3) {
$this->render('indexType3');
}
} elseif (!isset($this->params['named']['subcat'])) {
//$brandInfo= $this->SubCategory->Brand->find('first', array('conditions' => array('SubCategory.id' => $subCat['0']['SubCategory']['id']), 'contain' => array('Product') ) );
}
if (isset($products['Product']) && $products['Product'] == array()) {
$this->Session->setFlash('В данном разделе отсутствуют товары', 'default', array('class' => "error"));
}
}
function reset_password($userId, $data)
{
$user_id = Sanitize::paranoid($user_id);
if ($this->comparePassword($data['User']['password'], $data['User']['password_confirm'])) {
pr('password comparison passed!');
$password = $this->hashPasswords($data['User']['password'], true);
$sql = "UPDATE users SET users.password = '******' WHERE users.id = {$userId}";
$this->query($sql);
return true;
} else {
pr('password comparison failed!');
return false;
}
}
function index()
{
global $Itemid;
$cat_id = null;
$conditions = array();
$joins = array();
$order = array();
$menu_id = '';
// Read module params
$dir_id = Sanitize::getString($this->params['module'], 'dir');
$section_id = Sanitize::getString($this->params, 'section');
$cat_id = Sanitize::getString($this->params['module'], 'cat');
$criteria_id = Sanitize::getString($this->params['module'], 'criteria');
$itemid_options = Sanitize::getString($this->params['module'], 'itemid_options');
$itemid_hc = Sanitize::getInt($this->params['module'], 'hc_itemid');
$field = Sanitize::paranoid(Sanitize::getString($this->params['module'], 'field'), array('_'));
$option_length = Sanitize::getInt($this->params['module'], 'fieldoption_length');
$custom_params = Sanitize::getString($this->params['module'], 'custom_params');
$sort = Sanitize::paranoid(Sanitize::getString($this->params['module'], 'fieldoption_order'));
# Set menu id
switch ($itemid_options) {
case 'none':
$menu_id = '';
break;
case 'current':
break;
case 'hardcode':
$menu_id = $itemid_hc;
break;
}
# Category auto detect
if (Sanitize::getInt($this->params['module'], 'catauto')) {
$ids = CommonController::_discoverIDs($this);
extract($ids);
}
$this->FieldOption->modelUnbind(array('FieldOption.value AS `FieldOption.value`', 'FieldOption.fieldid AS `FieldOption.fieldid`', 'FieldOption.image AS `FieldOption.image`', 'FieldOption.ordering AS `FieldOption.ordering`', 'FieldOption.optionid AS `FieldOption.optionid`', 'FieldOption.text AS `FieldOption.text`'));
$fields[] = 'FieldOption.optionid AS `FieldOption.optionid`';
$fields[] = 'FieldOption.value AS `FieldOption.value`';
if ($option_length) {
$fields[] = 'IF(CHAR_LENGTH(FieldOption.text)>' . $option_length . ',CONCAT(SUBSTR(FieldOption.text,1,' . $option_length . '),"..."),FieldOption.text) AS `FieldOption.text`';
} else {
$fields[] = 'FieldOption.text AS `FieldOption.text`';
}
$joins[] = 'INNER JOIN #__jreviews_fields AS Field ON Field.fieldid = FieldOption.fieldid';
$order[] = 'FieldOption.' . $sort;
$field_options = $this->FieldOption->findAll(array('fields' => $fields, 'conditions' => 'Field.name = ' . $this->quote($field), 'joins' => $joins, 'order' => $order));
# Send variables to view template
$this->set(array('field' => $field, 'field_options' => $field_options, 'section_ids' => $section_id, 'category_ids' => $cat_id, 'criteria_id' => $criteria_id, 'menu_id' => $menu_id, 'custom_params' => $custom_params));
return $this->render('modules', 'fields');
}
public function add($uid, $data)
{
//Create and save the new event in the table.
//Event type is set to editable - because this is a user event.
$this->create();
$data['Event']['title'] = Sanitize::paranoid($data['Event']['title'], array('!', '\'', '?', '_', '.', ' ', '-'));
if (!isset($data['Event']['editable'])) {
$data['Event']['editable'] = true;
}
$data['Event']['user_id'] = $uid;
if ($this->save($data)) {
return $this->id;
} else {
return false;
}
}
public function search($term = null)
{
if (!empty($this->data[$this->modelClass]['search'])) {
$url = array('action' => 'search', Sanitize::paranoid($this->data[$this->modelClass]['search']), 'global_category_id' => !empty($this->data[$this->modelClass]['global_category_id']) ? $this->data[$this->modelClass]['global_category_id'] : null);
$this->redirect($url);
}
$category = !empty($this->request->params['named']['global_category_id']) ? $this->request->params['named']['global_category_id'] : null;
try {
$this->Paginator->settings = array('search', Sanitize::paranoid($term), $category);
$this->set('search', $this->Paginator->paginate());
} catch (Exception $e) {
$this->notice(__d('contents', $e->getMessage()), array('redirect' => false, 'level' => 'warning'));
}
$this->request->data[$this->modelClass]['global_category_id'] = $category;
$this->set('globalCategories', array_merge(array(null => __d('contents', 'All')), $this->{$this->modelClass}->find('categoryList')));
}
function search($search)
{
$tutorial_ids = array();
$new_search = true;
foreach ($this->allowedSearches as $key => $allowed) {
$tutorial_id_results = array();
if (array_key_exists($key, $search)) {
if ($allowed['type'] == 'intArray') {
$association_ids = explode('|', $search[$key]);
$association_ids = array_filter($association_ids, 'is_numeric');
if (!empty($association_ids)) {
$associatedModel = $this->hasAndBelongsToMany[Inflector::camelize($key)];
$joinModel = $associatedModel['with'];
$foreign_key = $associatedModel['foreignKey'];
$association_foreign_key = $associatedModel['associationForeignKey'];
$search_results = $this->{$joinModel}->find('all', array('fields' => array($foreign_key), 'group' => $foreign_key . ' HAVING count(DISTINCT ' . $association_foreign_key . ') = ' . count($association_ids), 'conditions' => array($key . '_id IN (' . join(',', $association_ids) . ')')));
$tutorial_id_results = Set::classicExtract($search_results, "{n}.{$joinModel}.{$foreign_key}");
}
} elseif ($allowed['type'] == 'text') {
$text = Sanitize::paranoid($search[$key], array(' '));
$individual_terms = explode(' ', $text);
$term_results = array();
$first_term = true;
foreach ($individual_terms as $term) {
$search_results = $this->find('all', array('fields' => array('id'), 'conditions' => array('or' => array('title LIKE ' => '% ' . $term . ' %', 'description LIKE ' => '% ' . $term . ' %'))));
$tag_search_results = $this->Tag->find('all', array('fields' => array('id', 'name'), 'conditions' => array('name LIKE' => '% ' . $term . ' %'), 'contain' => array('Tagged' => array('conditions' => array('model' => 'Tutorial')))));
$term_results = array_unique(array_merge(Set::extract("/Tutorial/id", $search_results), Set::extract("/Tagged/foreign_key", $tag_search_results)));
if ($first_term) {
$tutorial_id_results = $term_results;
$first_term = false;
} else {
$tutorial_id_results = array_intersect($tutorial_id_results, $term_results);
}
}
}
if ($new_search) {
$tutorial_ids = $tutorial_id_results;
$new_search = false;
} else {
$tutorial_ids = array_intersect($tutorial_ids, $tutorial_id_results);
}
}
}
return $tutorial_ids;
}
public function getParameterByPostParanoid($name, $defultValue = "", $allow = null)
{
//当从请求中取不到值
//取到的值为 ''
//会得到 $defultValue 的值
$parameter = $defultValue;
if ($this->request->is('post')) {
if (array_key_exists($name, $_POST)) {
$parameter = $this->request->data[$name];
if ($allow != null) {
$parameter = Sanitize::paranoid($parameter, $allow);
} else {
$parameter = Sanitize::paranoid($parameter);
}
}
}
return $parameter;
}
public function saveToDb($serviceName, $uid, $accessToken, $method, $expires = null)
{
// see if the user has already done this, if they have, we'll overwrite what we've got stored, if not, create a new record
$service = $this->find('first', array('conditions' => array('user_id' => $uid, 'service' => ucfirst(strtolower($serviceName)))));
$expires = is_null($expires) ? null : strtotime('+' . $expires . ' minutes');
// ensure 'method' is clean, lowercase, and what we expect it to be
$method = strtolower(Sanitize::paranoid($method));
if ($method != 'read' && $method != 'write') {
$method = 'read';
}
// if service above returned false, we need to make a new one, otherwise just overwrite the 'object' field
if (!$service) {
$this->create();
$data = array('Oauth' => array('user_id' => $uid, 'service' => ucfirst(strtolower($serviceName)), 'object' => serialize($accessToken), 'method' => $method, 'expires' => $expires));
$this->save($data);
} else {
$this->id = $service['Oauth']['id'];
$this->saveField('object', serialize($accessToken));
}
}
function _checkAndUploadFile($folder, $file, $filename = null)
{
App::import('Sanitize');
if (!is_array($file)) {
return $file;
} elseif ($file['size']) {
if ($filename) {
$file['name'] = $filename;
} else {
$file['name'] = basename(Sanitize::paranoid($file['name'], array('.', '-', '_')));
}
if (!file_exists('files/' . $folder)) {
$pathToCreate = 'files/' . $folder;
mkdir($pathToCreate, 0777, true);
}
move_uploaded_file($file['tmp_name'], 'files/' . $folder . '/' . $file['name']);
return '/files/' . $folder . '/' . $file['name'];
} else {
return NULL;
}
}
private function checkRss($user_id, $hash)
{
if (is_null($user_id) || is_null($hash)) {
return false;
}
if (!$this->controller->WallPost) {
$this->controller->loadModel('WallPost');
}
if ($this->controller->RequestHandler->isRss()) {
Configure::write('debug', 0);
// this just checks that the hash is valid for the specified user
$this->controller->WallPost->User->recursive = -1;
$user = $this->controller->WallPost->User->find('first', array('conditions' => array('User.id' => $user_id, 'User.rss_hash' => Sanitize::paranoid($hash))));
$this->controller->RequestHandler->setContent('rss');
if (!$user) {
return false;
} else {
return $user['User']['id'];
}
}
}
function add()
{
App::import('Sanitize');
$order = array();
if (!empty($this->params['pass'][0])) {
//param with the gift id
$param = Sanitize::paranoid($this->params['pass'][0]);
$paramChecked = $this->Gift->find('first', array('conditions' => array('Gift.id' => $param), 'fields' => array('Gift.id', 'Gift.code', 'Gift.price'), 'contain' => false));
//debug($paramChecked);
if (isset($paramChecked['Gift']['id']) && $paramChecked['Gift']['id'] != null && $paramChecked['Gift']['price'] != null) {
$this->shopping->sessionShopping($paramChecked['Gift']['id'], $paramChecked['Gift']['code'], $paramChecked['Gift']['price']);
$this->redirect($this->referer());
//User want to user param dierctly and wrong param. f**k him/her.
} else {
$this->Session->setFlash('Данный товар в настоящее время отсутствует', 'default', array('class' => null));
$this->redirect($this->referer());
}
} else {
$this->redirect('/');
}
}
function view($id = null)
{
$CategoryPass = array();
$id = Sanitize::paranoid($id);
$gifts = $this->Gift->read(null, (int) $id);
if (!$id || $gifts == array()) {
//$this->Session->setFlash(__('Invalid Gift.', true));
$this->redirect('/');
} else {
//debug($this->Gift->read(null, $id) );
if (isset($gifts['Category'])) {
foreach ($gifts['Category'] as $giftCat) {
$CategoryPass[] = $this->Category->getpath($giftCat['id'], array('id', 'name', 'description'));
//debug($CategoryPass);
}
}
$this->set('CategoryPass', $CategoryPass);
$this->set('gift', $gifts);
$this->set('referer', $this->referer());
}
}
function send_email()
{
// Clean up the post
uses('sanitize');
$clean = new Sanitize();
$clean->paranoid($_POST);
$config = $this->ConfigurationBase->load_configuration();
// Send to admin
if ($config['SEND_CONTACT_US_EMAIL'] != '') {
// Set up mail
$this->Email->init();
$this->Email->From = $_POST['email'];
$this->Email->FromName = $_POST['name'];
$this->Email->AddAddress($config['SEND_CONTACT_US_EMAIL']);
$this->Email->Subject = $config['SITE_NAME'] . ' - ' . __('Contact Us', true);
// Email Body
$this->Email->Body = $_POST['message'];
// Sending mail
$this->Email->send();
}
$this->redirect('/');
}
private function get_address($zipcode)
{
App::uses('Sanitize', 'Utility');
$zipcode = Sanitize::paranoid($zipcode);
App::uses('HttpSocket', 'Network/Http');
$HttpSocket = new HttpSocket();
$post['cepEntrada'] = $zipcode;
$post['tipoCep'] = '';
$post['cepTemp'] = '';
$post['metodo'] = 'buscarCep';
$resposta = $HttpSocket->post("http://m.correios.com.br/movel/buscaCepConfirma.do", $post);
$resposta = str_replace("\n", "", $resposta);
$resposta = str_replace("\r", "", $resposta);
$resposta = str_replace("\t", "", $resposta);
preg_match_all('/<span class="respostadestaque">([^<]+)<\\/span>/i', $resposta, $match);
if (isset($match[1][0])) {
$endereco = utf8_encode(trim($match[1][0]));
if (stripos($endereco, '- até') !== false) {
preg_match_all('/(.*)(- até)(.*)/i', $endereco, $matchRua);
$endereco = $matchRua[1][0];
} else {
if (stripos($endereco, '- de') !== false) {
preg_match_all('/(.*)(- de)(.*)/i', $endereco, $matchRua);
$endereco = $matchRua[1][0];
} else {
if (stripos($endereco, '- lado') !== false) {
preg_match_all('/(.*)(- lado)(.*)/i', $endereco, $matchRua);
$endereco = $matchRua[1][0];
}
}
}
$this->request->data['Zipcode']['logradouro'] = trim($endereco);
$this->request->data['Zipcode']['bairro'] = utf8_encode(trim($match[1][1]));
$cidadeUF = explode('/', $match[1][2]);
$this->request->data['Zipcode']['cidade'] = utf8_encode(trim($cidadeUF[0]));
$this->request->data['Zipcode']['estado'] = trim($cidadeUF[1]);
}
return json_encode($this->request->data);
}
/**
* Class constructor.
*
* @param string $method
* @param array $messages
* @return unknown
*/
function __construct($method, $messages)
{
parent::__construct();
static $__previousError = null;
$allow = array('.', '/', '_', ' ', '-', '~');
if (substr(PHP_OS, 0, 3) == "WIN") {
$allow = array_merge($allow, array('\\', ':'));
}
$clean = new Sanitize();
$messages = $clean->paranoid($messages, $allow);
if (!class_exists('Dispatcher')) {
require CAKE . 'dispatcher.php';
}
$this->__dispatch =& new Dispatcher();
if ($__previousError != array($method, $messages)) {
$__previousError = array($method, $messages);
if (!class_exists('AppController')) {
loadController(null);
}
$this->controller =& new AppController();
if (!empty($this->controller->uses)) {
$this->controller->constructClasses();
}
$this->controller->_initComponents();
$this->controller->cacheAction = false;
$this->__dispatch->start($this->controller);
if (method_exists($this->controller, 'apperror')) {
return $this->controller->appError($method, $messages);
}
} else {
$this->controller =& new Controller();
$this->controller->cacheAction = false;
}
if (Configure::read() > 0 || $method == 'error') {
call_user_func_array(array(&$this, $method), $messages);
} else {
call_user_func_array(array(&$this, 'error404'), $messages);
}
}
function remove($step_id = null, $code = null)
{
// Remove a step
if ($this->RequestHandler->isGet()) {
return;
}
$step_id = intval($step_id);
App::import('Sanitize');
$code = Sanitize::paranoid($code);
// Get Step
$this->Step =& ClassRegistry::init('Step');
$this->Step->contain(array('State.Project'));
$conditions = array('Step.id' => $step_id, 'Step.live' => 1);
$step = $this->Step->find('first', compact('conditions'));
if (empty($step)) {
$this->_Flash('Unable to find Step', 'mean', $this->referer('/'));
}
// Must be my Step
if ($step['State']['Project']['user_id'] != $this->DarkAuth->id) {
$this->_Flash('Not your Step', 'mean', $this->referer('/'));
}
// Verify Code
$expected_code = md5('test' . $step['Step']['id'] . 'test');
if ($code != $expected_code) {
//$this->_Flash('Codes did not match','mean',$this->referer('/'));
}
// Move to live=0
$step['Step']['live'] = 0;
// Re-order
// - necessary? Just keep deleting shit (lol)
if (!$this->Step->save($step['Step'], false, array('id', 'live'))) {
$this->_Flash('Failed removing Step', 'mean', null);
return;
}
// Changes saved
echo jsonSuccess();
exit;
$this->_Flash('Changes saved', 'nice', $this->referer('/'));
}
function index()
{
global $Itemid;
$cat_id = null;
$conditions = array();
$joins = array();
$order = array();
$menu_id = '';
// Read module params
$itemid_options = Sanitize::getString($this->params['module'], 'itemid_options');
$itemid_hc = Sanitize::getInt($this->params['module'], 'hc_itemid');
$field = Sanitize::paranoid(Sanitize::getString($this->params['module'], 'field'), array('_'));
$custom_params = Sanitize::getString($this->params['module'], 'custom_params');
$dir_id = Sanitize::getString($this->params['module'], 'dir');
$section_id = Sanitize::getString($this->params, 'section');
$cat_id = Sanitize::getString($this->params['module'], 'cat');
$criteria_id = Sanitize::getString($this->params['module'], 'criteria');
# Set menu id
switch ($itemid_options) {
case 'none':
$menu_id = '';
break;
case 'current':
break;
case 'hardcode':
$menu_id = $itemid_hc;
break;
}
# Category auto detect
if (Sanitize::getInt($this->params['module'], 'catauto')) {
$ids = CommonController::_discoverIDs($this);
extract($ids);
}
# Send variables to view template
$this->set(array('field' => $field, 'dir_id' => $dir_id, 'section_ids' => $section_id, 'category_ids' => $cat_id, 'criteria_id' => $criteria_id, 'menu_id' => $menu_id, 'custom_params' => $custom_params));
return $this->render('modules', 'range');
}
function search()
{
$this->Session->write('current_menu', 'search');
$allowed = array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9');
$this->pageTitle = __('Search for the partner', true);
//print_r($this->passedArgs);
if (isset($this->params['url']['language']) || !empty($this->passedArgs)) {
$page = 1;
if (isset($this->passedArgs['page'])) {
$page = $this->passedArgs['page'];
}
if (isset($this->params['url']['language'])) {
$language_id = Sanitize::paranoid($this->params['url']['language'], $allowed);
} else {
$language_id = 0;
}
if (isset($this->params['url']['country'])) {
$country_id = Sanitize::paranoid($this->params['url']['country'], $allowed);
} else {
$country_id = 0;
}
if (isset($this->params['url']['city'])) {
$city_id = Sanitize::paranoid($this->params['url']['city'], $allowed);
} else {
$city_id = 0;
}
// if (isset($this->passedArgs['language']))
// {
// $language_id = $this->passedArgs['language'];
// $country_id= $this->passedArgs['country'];
// $city_id = $this->passedArgs['city'];
// }
// else
// {
// //if (isset($this->params['url']['language']))
// //{
// $language_id = $this->params['url']['language'];
// //}
// //elseif (isset($this->data['User']['language']))
// //{
// //$languages = $this->data['User']['language'];
// //}
// // get information about countries
// $country_id = $this->params['url']['country'];
// // if (isset($this->data['country']))
// // {
// // $countries = $this->data['country'];
// // }
// // elseif (isset($this->data['User']['country']))
// // {
// // $countries = $this->data['User']['country'];
// // }
// // get information about city
// $city_id = $this->params['url']['city'];
// // if (isset($this->data['city']))
// // {
// // $cities = $this->data['city'];
// // }
// // elseif (isset($this->data['User']['city']))
// // {
// // $cities = $this->data['User']['city'];
// // }
// // if (isset($languages) && isset($countries) && isset($cities))
// // {
// // $language_id = $languages[0];
// // $country_id = $countries[0];
// // $city_id = $cities[0];
// // }
// // else
// // {
// // $this->Session->setFlash(__('No idndices', true));
// // return; //TODO:
// // }
// }
$this->User->bindModel(array('hasOne' => array('LanguagesUsers')), false);
$conditions = array('LanguagesUsers.offer' => 1, 'LanguagesUsers.language_id' => $language_id);
if (strcmp($country_id, '0') != 0) {
$conditions = array_merge($conditions, array('Country.id' => $country_id));
}
if (strcmp($city_id, '0') != 0) {
$conditions = array_merge($conditions, array('City.id' => $city_id));
}
//print_r($conditions);
$this->User->recursive = 1;
$users = $this->paginate($conditions);
//print_r($users);
$this->set('users', $users);
} else {
//$this->redirect('/');
}
}
