public function generateMap() {
$config = cmsCore::getInstance()->loadComponentConfig('users');
if (!$config['sw_guest']) {
$this->page = 0;
return;
}
$gen_map = parent::generateMap();
if ($gen_map === false) { return; }
$is_end = false;
$item_nums = 0;
// Заносим в карту пользователей
while ($is_end === false) {
$results = cmsCore::c('db')->query("SELECT id, login, nickname FROM cms_users WHERE is_locked=0 AND is_deleted=0 ORDER BY nickname ASC LIMIT ". $item_nums .", 1000");
if (cmsCore::c('db')->num_rows($results)) {
while ($user = cmsCore::c('db')->fetch_assoc($results)) {
$this->writeMapItem(array(
'loc' => cmsCore::c('config')->host . cmsUser::getProfileURL($user['ligin']),
'changefreq' => 'daily',
'priority' => '0.8'
));
$item_nums++;
}
} else {
$is_end = true;
}
}
$this->closeFile();
}
<?php } else { ?>
<span class="offline"><?php echo $club['logdate']; ?></span>
<?php } ?>
</div>
<div class="nickname"><a href="<?php echo cmsUser::getProfileURL($club['login']); ?>" style="color:#F00" title="<?php echo $_LANG['CLUB_ADMIN']; ?>"><?php echo $club['nickname']; ?></a></div>
<?php if ($club['status']) { ?>
<div class="microstatus"><?php echo $club['status']; ?></div>
<?php } ?> </td>
</tr>
<?php } ?>
<?php foreach($members as $usr) { ?>
<tr>
<td width="80" valign="top"><div class="avatar"><a href="<?php echo cmsUser::getProfileURL($usr['login']); ?>"><img border="0" class="usr_img_small" src="<?php echo $usr['admin_avatar']; ?>" /></a></div></td>
<td valign="top">
<div title="<?php echo $_LANG['KARMA']; ?>" class="karma<?php if ($usr['karma'] > 0) { ?> pos<?php } ?><?php if ($usr['karma'] < 0) { ?> neg<?php } ?>"><?php if ($usr['karma'] > 0) { ?>+<?php } ?><?php echo $usr['karma']; ?></div>
<div class="status">
<?php if ($usr['is_online']) { ?>
<span class="online"><?php echo $_LANG['ONLINE']; ?></span>
<?php } else { ?>
<span class="offline"><?php echo $usr['logdate']; ?></span>
<?php } ?>
</div>
<div class="nickname"><a href="<?php echo cmsUser::getProfileURL($usr['login']); ?>" <?php if ($usr['role'] == 'moderator') { ?>style="color:#090;" title="<?php echo $_LANG['MODERATOR']; ?>"<?php } ?>><?php echo $usr['nickname']; ?></a></div>
<?php if ($usr['status']) { ?>
<div class="microstatus"><?php echo $usr['status']; ?></div>
<?php } ?> </td>
</tr>
<?php } ?>
</table>
</div>
<?php echo $pagebar; ?>
}
if (sizeof($loaded_files)) {
cmsCore::addSessionMessage($_LANG['FILE_UPLOAD_FINISH'], 'success');
if ($model->config['filessize']) {
cmsCore::addSessionMessage('<strong>' . $_LANG['FREE_SPACE_LEFT'] . ':</strong> ' . round($free_mb - $size_mb, 2) . ' ' . $_LANG['MBITE'], 'info');
}
cmsCore::redirect('/users/' . $usr['id'] . '/files.html');
} else {
cmsCore::addSessionMessage($_LANG['ERR_BIG_FILE'] . ' ' . $_LANG['ERR_FILE_NAME'], 'error');
cmsCore::redirectBack();
}
}
if (!cmsCore::inRequest('upload')) {
$inPage->setTitle($_LANG['UPLOAD_FILES']);
$inPage->addHeadJS('includes/jquery/multifile/jquery.multifile.js');
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['FILES_ARCHIVE'], '/users/' . $usr['id'] . '/files.html');
$inPage->addPathway($_LANG['UPLOAD_FILES']);
$inPage->addHeadJsLang(array('FILE_SELECTED', 'FILE_DENIED', 'FILE_DUPLICATE'));
$post_max_b = trim(@ini_get('upload_max_filesize'));
$last = mb_strtolower($post_max_b[mb_strlen($post_max_b) - 1]);
switch ($last) {
case 'g':
$post_max_b *= 1024;
case 'm':
$post_max_b *= 1024;
case 'k':
$post_max_b *= 1024;
}
cmsPage::initTemplate('components', 'com_users_file_add')->assign('free_mb', $free_mb)->assign('post_max_b', $post_max_b)->assign('post_max_mb', round($post_max_b / 1024) / 1024 . ' ' . $_LANG['MBITE'])->assign('cfg', $model->config)->assign('types', $model->config['filestype'])->display('com_users_file_add.tpl');
}
</h2>
<?php if ($article['showdesc']) { ?>
<div class="con_desc">
<?php if ($article['image_small']) { ?>
<div class="con_image">
<img src="<?php echo $article['image_small']; ?>" border="0" alt="<?php echo $this->escape($article['title']); ?>"/>
</div>
<?php } ?>
<?php echo $article['description']; ?>
</div>
<?php } ?>
<?php if ($article['showcomm'] || $article['showdate'] || $article['tagline']) { ?>
<div class="con_details">
<?php if ($article['showdate']) { ?>
<?php echo $article['fpubdate']; ?> - <a href="<?php echo cmsUser::getProfileURL($article['user_login']); ?>" style="color:#666"><?php echo $article['author']; ?></a>
<?php } ?>
<?php if ($article['showcomm']) { ?>
<?php if ($article['showdate']) { ?> | <?php } ?>
<a href="<?php echo $article['url']; ?>#c" title="<?php echo $_LANG['COMMENTS']; ?>"><?php echo $this->spellcount($article['comments'], $_LANG['COMMENT'], $_LANG['COMMENT2'], $_LANG['COMMENT10']); ?></a>
<?php } ?>
| <?php echo $this->spellcount($article['hits'], $_LANG['HIT'], $_LANG['HIT2'], $_LANG['HIT10']); ?>
<?php if ($article['tagline']) { ?>
| <strong><?php echo $_LANG['TAGS']; ?>:</strong> <?php echo $article['tagline']; ?>
<?php } ?>
| <strong><?php echo $_LANG['CAT']; ?>:</strong> <a href="<?php echo $article['cat_url']; ?>"><?php echo $article['cat_title']; ?></a>
</div>
<?php } ?>
</td>
</tr>
<?php } ?>
function smarty_function_profile_url($params, &$smarty)
{
return cmsUser::getProfileURL($params['login']);
}
function registration()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$inConf = cmsConfig::getInstance();
$model = new cms_model_registration();
cmsCore::loadModel('users');
$users_model = new cms_model_users();
global $_LANG;
$do = $inCore->do;
//============================================================================//
if ($do == 'sendremind') {
if ($inUser->id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['REMINDER_PASS']);
$inPage->addPathway($_LANG['REMINDER_PASS']);
if (!cmsCore::inRequest('goremind')) {
cmsPage::initTemplate('components', 'com_registration_sendremind')->display('com_registration_sendremind.tpl');
} else {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$email = cmsCore::request('email', 'email', '');
if (!$email) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
cmsCore::redirectBack();
}
$usr = cmsUser::getShortUserData($email);
if (!$usr || $usr['is_locked'] || $usr['is_deleted']) {
cmsCore::addSessionMessage($_LANG['ADRESS'] . ' "' . $email . '" ' . $_LANG['NOT_IN_OUR_BASE'], 'error');
cmsCore::redirectBack();
}
if (cmsUser::userIsAdmin($usr['id'])) {
cmsCore::addSessionMessage($_LANG['NOT_ADMIN_SENDREMIND'], 'error');
cmsCore::redirectBack();
}
$usercode = md5($usr['id'] . '-' . uniqid() . '-' . microtime() . '-' . PATH);
$sql = "INSERT cms_users_activate (pubdate, user_id, code)\n VALUES (NOW(), '{$usr['id']}', '{$usercode}')";
$inDB->query($sql);
$newpass_link = HOST . '/registration/remind/' . $usercode;
$mail_message = $_LANG['HELLO'] . ', ' . $usr['nickname'] . '!' . "\n\n";
$mail_message .= $_LANG['REMINDER_TEXT'] . ' "' . $inConf->sitename . '".' . "\n\n";
$mail_message .= $_LANG['YOUR_LOGIN'] . ': ' . $usr['login'] . "\n\n";
$mail_message .= $_LANG['NEW_PASS_LINK'] . ":\n" . $newpass_link . "\n\n";
$mail_message .= $_LANG['LINK_EXPIRES'] . "\n\n";
$mail_message .= $_LANG['SIGNATURE'] . ', ' . $inConf->sitename . ' (' . HOST . ').' . "\n";
$mail_message .= date('d-m-Y (H:i)');
$inCore->mailText($email, $inConf->sitename . ' - ' . $_LANG['REMINDER_PASS'], $mail_message);
cmsCore::addSessionMessage($_LANG['NEW_PAS_SENDED'], 'info');
cmsCore::redirect('/login');
}
}
//============================================================================//
if ($do == 'remind') {
if ($inUser->id) {
cmsCore::error404();
}
$usercode = cmsCore::request('code', 'str', '');
//проверяем формат кода
if (!preg_match('/^[0-9a-f]{32}$/i', $usercode)) {
cmsCore::error404();
}
// проверяем код
$user_id = $inDB->get_field('cms_users_activate', "code = '{$usercode}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
//получаем пользователя
$user = $inDB->get_fields('cms_users', "id = '{$user_id}'", '*');
if (!$user) {
cmsCore::error404();
}
if (cmsUser::userIsAdmin($user['id'])) {
cmsCore::error404();
}
if (cmsCore::inRequest('submit')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
$md5_pass = md5($pass);
$inDB->query("UPDATE cms_users SET password = '******', logdate = NOW() WHERE id = '{$user['id']}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$usercode}'");
cmsCore::addSessionMessage($_LANG['CHANGE_PASS_COMPLETED'], 'info');
$inUser->signInUser($user['login'], $pass, true);
cmsCore::redirect(cmsUser::getProfileURL($user['login']));
}
$inPage->setTitle($_LANG['RECOVER_PASS']);
$inPage->addPathway($_LANG['RECOVER_PASS']);
cmsPage::initTemplate('components', 'com_registration_remind')->assign('cfg', $model->config)->assign('user', $user)->display('com_registration_remind.tpl');
}
//============================================================================//
if ($do == 'register') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::error404();
}
}
// регистрация закрыта
if (!$model->config['is_on']) {
cmsCore::error404();
}
// регистрация по инвайтам
if ($model->config['reg_type'] == 'invite') {
if (!$users_model->checkInvite(cmsUser::sessionGet('invite_code'))) {
cmsCore::error404();
}
}
$errors = false;
// получаем данные
$item['login'] = cmsCore::request('login', 'str', '');
$item['email'] = cmsCore::request('email', 'email');
$item['icq'] = cmsCore::request('icq', 'str', '');
$item['city'] = cmsCore::request('city', 'str', '');
$item['nickname'] = cmsCore::request('nickname', 'str', '');
$item['realname1'] = cmsCore::request('realname1', 'str', '');
$item['realname2'] = cmsCore::request('realname2', 'str', '');
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
// проверяем логин
if (mb_strlen($item['login']) < 2 || mb_strlen($item['login']) > 15 || is_numeric($item['login']) || !preg_match("/^([a-z0-9])+\$/ui", $item['login'])) {
cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error');
$errors = true;
}
// проверяем пароль
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
// Проверяем nickname или имя и фамилию
if ($model->config['name_mode'] == 'nickname') {
if (!$item['nickname']) {
cmsCore::addSessionMessage($_LANG['TYPE_NICKNAME'], 'error');
$errors = true;
}
} else {
if (!$item['realname1']) {
cmsCore::addSessionMessage($_LANG['TYPE_NAME'], 'error');
$errors = true;
}
if (!$item['realname2']) {
cmsCore::addSessionMessage($_LANG['TYPE_SONAME'], 'error');
$errors = true;
}
$item['nickname'] = trim($item['realname1']) . ' ' . trim($item['realname2']);
}
if (mb_strlen($item['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
if ($model->getBadNickname($item['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
// Проверяем email
if (!$item['email']) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
$errors = true;
}
// День рождения
list($item['bday'], $item['bmonth'], $item['byear']) = array_values(cmsCore::request('birthdate', 'array_int', array()));
$item['birthdate'] = sprintf('%04d-%02d-%02d', $item['byear'], $item['bmonth'], $item['bday']);
// получаем данные конструктора форм
$item['formsdata'] = '';
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$item['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
// Проверяем каптчу
if (!cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// проверяем есть ли такой пользователь
$user_exist = $inDB->get_fields('cms_users', "(login LIKE '{$item['login']}' OR email LIKE '{$item['email']}') AND is_deleted = 0", 'id, login, email');
if ($user_exist) {
if ($user_exist['login'] == $item['login']) {
cmsCore::addSessionMessage($_LANG['LOGIN'] . ' "' . $item['login'] . '" ' . $_LANG['IS_BUSY'], 'error');
$errors = true;
} else {
cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error');
$errors = true;
}
}
// В случае ошибок, возвращаемся в форму
if ($errors) {
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/registration');
}
//////////////////////////////////////////////
//////////// РЕГИСТРАЦИЯ /////////////////////
//////////////////////////////////////////////
$item['is_locked'] = $model->config['act'];
$item['password'] = md5($pass);
$item['orig_password'] = $pass;
$item['group_id'] = $model->config['default_gid'];
$item['regdate'] = date('Y-m-d H:i:s');
$item['logdate'] = date('Y-m-d H:i:s');
if (cmsUser::sessionGet('invite_code')) {
$invite_code = cmsUser::sessionGet('invite_code');
$item['invited_by'] = (int) $users_model->getInviteOwner($invite_code);
if ($item['invited_by']) {
$users_model->closeInvite($invite_code);
}
cmsUser::sessionDel('invite_code');
} else {
$item['invited_by'] = 0;
}
$item = cmsCore::callEvent('USER_BEFORE_REGISTER', $item);
$item['id'] = $item['user_id'] = $inDB->insert('cms_users', $item);
if (!$item['id']) {
cmsCore::error404();
}
$inDB->insert('cms_user_profiles', $item);
cmsCore::callEvent('USER_REGISTER', $item);
if ($item['is_locked']) {
$model->sendActivationNotice($pass, $item['id']);
cmsPage::includeTemplateFile('special/regactivate.php');
cmsCore::halt();
} else {
cmsActions::log('add_user', array('object' => '', 'user_id' => $item['id'], 'object_url' => '', 'object_id' => $item['id'], 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($item['id']);
}
$model->sendRegistrationNotice($pass, $item['id']);
$back_url = $inUser->signInUser($item['login'], $pass, true);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'view') {
$pagetitle = $inCore->getComponentTitle();
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$inPage->addHeadJsLang(array('WRONG_PASS'));
// Если пользователь авторизован, то не показываем форму регистрации, редирект в профиль.
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
$correct_invite = cmsUser::sessionGet('invite_code') ? true : false;
if ($model->config['reg_type'] == 'invite' && cmsCore::inRequest('invite_code')) {
$invite_code = cmsCore::request('invite_code', 'str', '');
$correct_invite = $users_model->checkInvite($invite_code);
if ($correct_invite) {
cmsUser::sessionPut('invite_code', $invite_code);
} else {
cmsCore::addSessionMessage($_LANG['INCORRECT_INVITE'], 'error');
}
}
$item = cmsUser::sessionGet('item');
if ($item) {
cmsUser::sessionDel('item');
}
if (empty($item['birthdate'])) {
$item['birthdate'] = date('Y-m-d');
}
$private_forms = array();
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, array(), true));
}
}
}
cmsPage::initTemplate('components', 'com_registration')->assign('cfg', $model->config)->assign('item', $item)->assign('pagetitle', $pagetitle)->assign('correct_invite', $correct_invite)->assign('private_forms', $private_forms)->display('com_registration.tpl');
}
//============================================================================//
if ($do == 'activate') {
$code = cmsCore::request('code', 'str', '');
if (!$code) {
cmsCore::error404();
}
$user_id = $inDB->get_field('cms_users_activate', "code = '{$code}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_locked = 0 WHERE id = '{$user_id}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$code}'");
cmsCore::callEvent('USER_ACTIVATED', $user_id);
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($user_id);
}
// Регистрируем событие
cmsActions::log('add_user', array('object' => '', 'user_id' => $user_id, 'object_url' => '', 'object_id' => $user_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::addSessionMessage($_LANG['ACTIVATION_COMPLETE'], 'info');
cmsUser::goToLogin();
}
//============================================================================//
if ($do == 'auth') {
//====================//
//== разлогивание ==//
if (cmsCore::inRequest('logout')) {
$inUser->logout();
cmsCore::redirect('/');
}
//====================//
//== авторизация ==//
if (!cmsCore::inRequest('logout')) {
// флаг неуспешных авторизаций
$anti_brute_force = cmsUser::sessionGet('anti_brute_force');
$login = cmsCore::request('login', 'str', '');
$passw = cmsCore::request('pass', 'str', '');
$remember_pass = cmsCore::inRequest('remember');
// если нет логина или пароля, показываем форму входа
if (!$login || !$passw) {
if ($inUser->id && !$inUser->is_admin) {
cmsCore::redirect('/');
}
$inPage->setTitle($_LANG['SITE_LOGIN']);
$inPage->addPathway($_LANG['SITE_LOGIN']);
cmsPage::initTemplate('components', 'com_registration_login')->assign('cfg', $model->config)->assign('anti_brute_force', $anti_brute_force)->assign('is_sess_back', cmsUser::sessionGet('auth_back_url'))->display('com_registration_login.tpl');
if (!mb_strstr(cmsCore::getBackURL(), 'login')) {
cmsUser::sessionPut('auth_back_url', cmsCore::getBackURL());
}
return;
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// Проверяем каптчу
if ($anti_brute_force && !cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
cmsCore::redirect('/login');
}
cmsUser::sessionDel('anti_brute_force');
$back_url = $inUser->signInUser($login, $passw, $remember_pass);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'autherror') {
cmsUser::sessionPut('anti_brute_force', 1);
cmsPage::includeTemplateFile('special/autherror.php');
cmsCore::halt();
}
//============================================================================//
}
$perpage = 21;
$pagination = cmsPage::getPagebar($total, $page, $perpage, '/users/%user%/photos/%album%%id%-%page%.html', array('user' => $usr['login'], 'album' => $album_type, 'id' => $album_id));
$page_photos = array();
$start = $perpage * ($page - 1);
for ($p = $start; $p < $start + $perpage; $p++) {
if ($photos[$p]) {
$page_photos[] = $photos[$p];
}
}
$photos = $page_photos;
unset($page_photos);
}
//Отдаем в шаблон
cmsPage::initTemplate('components', 'com_users_photos')->assign('page_title', $album['title'])->assign('album_type', $album_type)->assign('album', $album)->assign('photos', $photos)->assign('user_id', $usr['id'])->assign('usr', $usr)->assign('my_profile', $my_profile)->assign('is_admin', $inUser->is_admin)->assign('pagebar', $pagination)->display('com_users_photos.tpl');
}
//============================================================================//
//============================ Удалить фотоальбом ============================//
//============================================================================//
if ($pdo == 'delalbum') {
$album_id = cmsCore::request('album_id', 'int', '0');
$album = $model->getPhotoAlbum('private', $album_id);
if (!$album) {
cmsCore::error404();
}
if (!$inUser->is_admin && $album['user_id'] != $inUser->id) {
cmsCore::error404();
}
$model->deletePhotoAlbum($id, $album_id);
$user = cmsUser::getShortUserData($album['user_id']);
cmsCore::redirect(cmsUser::getProfileURL($user['login']));
}
<table width="100%" cellspacing="0" cellpadding="0" class="blog_records">
<tr>
<td width="" class="blog_entry_title_td">
<div class="blog_entry_title">
<?php if ($post['blog_url']) { ?>
<a href="<?php echo $post['blog_url']; ?>" style="color:gray"><?php echo $post['blog_title']; ?></a> →
<?php } ?>
<a href="<?php echo $post['url']; ?>"><?php echo $post['title']; ?></a>
</div>
</td>
</tr>
<tr>
<td>
<div class="blog_entry_text"><?php echo $post['content_html']; ?></div>
<div class="blog_comments">
<a class="blog_user" href="<?php echo cmsUser::getProfileURL($post['login']); ?>"><?php echo $post['author']; ?></a>
<span class="blog_entry_date"><?php if (!$post['published']) { ?><span style="color:#CC0000"><?php echo $_LANG['ON_MODERATE']; ?></span><?php } else { ?><?php echo $post['fpubdate']; ?><?php } ?></span>
<span class="post_karma"><?php echo $this->rating($post['rating']); ?></span>
<span class="post_hits"><?php echo $post['hits']; ?></span>
<?php if ($post['comments_count'] > 0) { ?>
<a class="blog_comments_link" href="<?php echo $post['url']; ?>#c"><?php echo $this->spellcount($post['comments_count'], $_LANG['COMMENT'], $_LANG['COMMENT2'], $_LANG['COMMENT10']); ?></a>
<?php } else { ?>
<a class="blog_comments_link" href="<?php echo $post['url']; ?>#c"><?php echo $_LANG['NOT_COMMENTS']; ?></a>
<?php } ?>
<?php if ($post['tagline'] != false) { ?>
<span class="tagline"><?php echo $post['tagline']; ?></span>
<?php } ?>
</div>
</td>
</tr>
</table>
<div class="jclock">00:00:00</div>
</td>
<td>
<?php
$new_messages = cmsUser::getNewMessages($inUser->id);
if ($new_messages['total']) {
$msg_link = '<a href="/users/' . $inUser->id . '/messages.html" style="color:yellow">' . $_LANG['AD_NEW_MSG'] . ' (' . $new_messages['total'] . ')</a>';
} else {
$msg_link = '<span>' . $_LANG['NO'] . ' ' . $_LANG['NEW_MESSAGES'] . '</span>';
}
?>
<div class="juser"><?php
echo $_LANG['AD_YOU'];
?>
— <a href="<?php
echo cmsUser::getProfileURL($inUser->login);
?>
" target="_blank" title="<?php
echo $_LANG['AD_GO_PROFILE'];
?>
"><?php
echo $inDB->get_field('cms_users', 'id=' . $inUser->id, 'nickname');
?>
</a>, ip: <?php
echo $inUser->ip;
?>
</div>
<div class="jmessages"><?php
echo $msg_link;
?>
</div>
public function getUser($login){
if(is_numeric($login)){
$where = "u.id = '{$login}'";
} else {
$where = "u.login = '******'";
}
$sql = "SELECT
u.*,
u.status as status_text,
u.rating as user_rating,
p.id as pid, p.city, p.description, p.showmail, p.showbirth, p.showicq,
p.karma, p.imageurl, p.allow_who,
p.gender as gender, p.formsdata, p.signature,
p.email_newmsg, p.cm_subscribe,
g.title as grp,
g.alias as group_alias,
b.user_id as banned,
IFNULL(ui.login, '') as inv_login,
IFNULL(ui.nickname, '') as inv_nickname
FROM cms_users u
INNER JOIN cms_user_profiles p ON p.user_id = u.id
INNER JOIN cms_user_groups g ON g.id = u.group_id
LEFT JOIN cms_banlist b ON b.user_id = u.id AND b.status = 1
LEFT JOIN cms_users ui ON ui.id = u.invited_by
WHERE u.is_locked = 0 AND {$where}
ORDER BY id DESC LIMIT 1";
$result = $this->inDB->query($sql);
if (!$this->inDB->num_rows($result)){ return false; }
$user = $this->inDB->fetch_assoc($result);
global $_LANG;
$user['avatar'] = cmsUser::getUserAvatarUrl($user['id'], 'big', $user['imageurl'], $user['is_deleted']);
$user['status_date'] = cmsCore::dateDiffNow($user['status_date']);
$user['flogdate'] = cmsUser::getOnlineStatus($user['id'], $user['logdate']);
$user['fregdate'] = cmsCore::dateFormat($user['regdate']);
$user['fbirthdate'] = cmsCore::dateFormat($user['birthdate']);
$user['cityurl'] = urlencode($user['city']);
$user['profile_link'] = HOST . cmsUser::getProfileURL($user['login']);
$user['fdescription'] = cmsPage::getMetaSearchLink('/users/hobby/', $user['description']);
$user['formsdata'] = cmsCore::yamlToArray($user['formsdata']);
if ($user['gender']) {
switch ($user['gender']){
case 'm': $user['fgender'] = $_LANG['MALES']; break;
case 'f': $user['fgender'] = $_LANG['FEMALES']; break;
default: $user['fgender'] = '';
}
}
return cmsCore::callEvent('GET_USER', $user);
}
<?php if ($cfg['view_type'] == 'table') { ?>
<?php foreach ($users as $user) { ?>
<div class="mod_new_user">
<div class="mod_new_user_avatar"><a href="<?php echo cmsUser::getProfileURL($user['login']); ?>"><img border="0" class="usr_img_small" src="<?php echo $user['avatar']; ?>" /></a></div>
<div class="mod_new_user_link"><a href="<?php echo cmsUser::getProfileURL($user['login']); ?>"><?php echo $user['nickname']; ?></a></div>
</div>
<?php } ?>
<?php } ?>
<?php if ($cfg['view_type'] == 'hr_table') {
$col = 1;
?>
<table cellspacing="5" border="0" width="100%">
<?php foreach ($users as $user) { ?>
<?php if ($col == 1) { echo '<tr>'; } ?>
<td width="" class="new_user_avatar" align="center" valign="middle"><a href="<?php echo cmsUser::getProfileURL($user['login']); ?>" class="new_user_link" title="<?php echo $this->escape($user['nickname']); ?>"><img border="0" class="usr_img_small" src="<?php echo $user['avatar']; ?>" /></a><div class="mod_new_user_link"><a href="<?php echo cmsUser::getProfileURL($user['login']); ?>"><?php echo $user['nickname']; ?></a></div>
</td>
<?php if ($col == $cfg['maxcool']) { echo '</tr>'; $col = 1; } else { $col++; } ?>
<?php } ?>
</table>
<?php } ?>
<?php if ($cfg['view_type'] == 'list') {
$now = 0;
foreach ($users as $user) {
?>
<a href="<?php echo cmsUser::getProfileURL($user['login']); ?>" class="new_user_link"><?php echo $user['nickname']; ?></a>
<?php $now++; if ($now != $total){ echo ' ,'; } ?>
<?php } ?>
<p><strong><?php echo $_LANG['LASTREG_TOTAL']; ?>:</strong> <?php echo $total_all; ?></p>
<?php } ?>
<a class="blog_type_link" href="/blogs/single.html"><?php echo $_LANG['PERSONALS']; ?></a>
<?php } ?>
<?php if ($ownertype == 'multi') { ?>
<span class="blog_type_active"><?php echo $_LANG['COLLECTIVES']; ?> <span class="blog_type_num">(<?php echo $total; ?>)</span></span>
<?php } else { ?>
<a class="blog_type_link" href="/blogs/multi.html"><?php echo $_LANG['COLLECTIVES']; ?></a>
<?php } ?>
</div>
<?php if ($blogs) { ?>
<table width="100%" cellspacing="0" cellpadding="4" class="blog_full_list">
<?php foreach($blogs as $blog) { ?>
<tr>
<td class="blog_title_td"><a class="blog_title" href="<?php echo $blog['url']; ?>"><?php echo $blog['title']; ?></a></td>
<?php if ($blog['ownertype'] == 'single') { ?>
<td width="220"><a class="blog_user" href="<?php echo cmsUser::getProfileURL($blog['login']); ?>"><?php echo $blog['nickname']; ?></a></td>
<?php } else { ?>
<td width="220"> </td>
<?php } ?>
<td width="40"><span class="blog_posts"><?php echo $blog['records']; ?></span></td>
<td width="40"><span class="blog_comm"><?php echo $blog['comments_count']; ?></span></td>
<?php if ($cfg['rss_one']) { ?>
<td width="16">
<a class="blog_rss" href="/rss/blogs/<?php echo $blog['id']; ?>/feed.rss"></a>
</td>
<?php } ?>
<td width="20" align="center" valign="middle"><?php echo $this->rating($blog['rating']); ?></td>
</tr>
<?php } ?>
</table>
<?php foreach ($comments as $comment) { ?>
<div class="mod_com_line">
<a class="mod_com_link" href="<?php echo $comment['target_link'] .'#c'. $comment['id']; ?>"><?php echo $this->truncate($this->strip_tags($comment['content']),90); ?></a> <?php if ($cfg['showtarg']) { echo $this->rating($comment['rating']); } ?>
</div>
<div class="mod_com_details">
<?php if (!$comment['is_profile']) { echo $comment['author']; } else { ?>
<a class="mod_com_userlink" href="<?php echo cmsUser::getProfileURL($comment['author']['login']); ?>"><?php echo $comment['author']['nickname']; ?></a>
<?php } ?>
<?php echo $comment['fpubdate']; ?><br/>
<?php if ($cfg['showtarg']) { ?>
<a class="mod_com_targetlink" href="<?php echo $comment['target_link']; ?>"><?php echo $comment['target_title']; ?></a>
<?php } ?>
</div>
<?php } ?>
<?php if ($cfg['showrss']) { ?>
<div style="margin-top:15px"> <a href="/rss/comments/all/feed.rss" class="mod_latest_rss"><?php echo $_LANG['COMMENTS_RSS']; ?></a> </div>
<?php } ?>
<div style="margin-top:5px"> <a href="/comments" class="mod_com_all"><?php echo $_LANG['COMMENTS_ALL']; ?></a> </div>
<div class="float_bar">
<strong><?php echo $_LANG['RATING']; ?>: </strong><span id="karmapoints"><?php echo $this->rating($photo['rating']); ?></span> | <strong><?php echo $_LANG['HITS']; ?>: </strong> <?php echo $photo['hits']; ?> | <?php if (!$photo['published']) { ?><span id="pub_photo_wait" style="color:#F00;"><?php echo $_LANG['WAIT_MODERING']; ?></span><span id="pub_photo_date" style="display:none;"><?php echo $photo['pubdate']; ?></span><?php } else { ?><?php echo $photo['pubdate']; ?><?php } ?> | <a href="<?php echo cmsUser::getProfileURL($photo['login']); ?>"><?php echo $photo['nickname']; ?></a> <?php if ($is_author || $is_admin || $is_moder) { ?>| <a class="ajaxlink" href="javascript:void(0)" onclick="clubs.editPhoto(<?php echo $photo['id']; ?>);return false;"><?php echo $_LANG['EDIT']; ?></a> <?php if ($is_admin || $is_moder) { ?><?php if (!$photo['published']) { ?><span id="pub_photo_link"> | <a class="ajaxlink" href="javascript:void(0)" onclick="clubs.publishPhoto(<?php echo $photo['id']; ?>);return false;"><?php echo $_LANG['PUBLISH']; ?></a></span><?php } ?> | <a class="ajaxlink" href="javascript:void(0)" onclick="clubs.deletePhoto(<?php echo $photo['id']; ?>, '<?php echo cmsUser::getCsrfToken(); ?>');return false;"><?php echo $_LANG['DELETE']; ?></a><?php } ?><?php } ?>
</div>
<h1 class="con_heading"><?php echo $photo['title']; ?></h1>
<?php if ($photo['description']) { ?>
<p class="photo_desc"><?php echo nl2br($photo['description']); ?> </p>
<?php } ?>
<table width="100%" cellspacing="0" cellpadding="3" border="0">
<tbody>
<tr>
<td width="150px" valign="middle" align="center">
<?php if ($photo['previd']) { ?>
<cite><?php echo $_LANG['PREVIOUS']; ?></cite><br>
<a href="/clubs/photo<?php echo $photo['previd']['id']; ?>.html#main"><img alt="{$photo.previd.title|escape:'html'}" src="/images/photos/small/<?php echo $photo['previd']['file']; ?>"></a>
<?php } ?>
</td>
<td align="center" valign="top">
<?php if ($is_exists_original) { ?>
<a href="/images/photos/<?php echo $photo['file']; ?>" class="photobox">
<img src="/images/photos/medium/<?php echo $photo['file']; ?>" alt="<?php echo $this->escape($photo['title']); ?>" id="view_photo" />
</a>
<?php } else { ?>
<img src="/images/photos/medium/<?php echo $photo['file']; ?>" alt="<?php echo $this->escape($photo['title']); ?>" id="view_photo" />
<?php } ?>
</td>
<td width="150px" valign="middle" align="center">
<?php if ($photo['nextid']) { ?>
<cite><?php echo $_LANG['NEXT']; ?></cite><br>
<a href="/clubs/photo<?php echo $photo['nextid']['id']; ?>.html#main"><img alt="{$photo.nextid.title|escape:'html'}" src="/images/photos/small/<?php echo $photo['nextid']['file']; ?>"></a>
<?php } ?>
<span class="bd_item_is_vip"><?php echo $_LANG['VIP_ITEM']; ?></span>
<?php } ?>
<span class="bd_item_date"><?php echo $item['pubdate']; ?></span>
<span class="bd_item_hits"><?php echo $item['hits']; ?></span>
<?php if ($item['city']) { ?>
<span class="bd_item_city">
<a href="/board/city/<?php echo $item['enc_city']; ?>"><?php echo $item['city']; ?></a>
</span>
<?php } ?>
<?php if ($item['user']) { ?>
<span class="bd_item_user">
<a href="<?php echo cmsUser::getProfileURL($item['user_login']); ?>"><?php echo $item['user']; ?></a>
</span>
<?php } else { ?>
<span class="bd_item_user"><?php echo $_LANG['BOARD_GUEST']; ?></span>
<?php } ?>
<?php if ($item['moderator']) { ?>
<span class="bd_item_edit"><a href="/board/edit<?php echo $item['id']; ?>.html"><?php echo $_LANG['EDIT']; ?></a></span>
<?php if (!$item['published'] && ($is_admin || $is_moder)) { ?>
<span class="bd_item_publish"><a href="/board/publish<?php echo $item['id']; ?>.html"><?php echo $_LANG['PUBLISH']; ?></a></span>
<?php } ?>
<span class="bd_item_delete"><a href="/board/delete<?php echo $item['id']; ?>.html"><?php echo $_LANG['DELETE']; ?></a></span>
<?php } ?>
<?php if ($item['is_overdue']) { ?>
<span class="bd_item_status_bad"><?php echo $_LANG['ADV_IS_EXTEND']; ?></span>
/**
* Авторизует пользователя
* возвращает url для редиректа
* @param str $login
* @param str $passw
* @param int $remember_pass
* @return srt $back_url
*/
public function signInUser($login = '', $passw = '', $remember_pass = 1, $pass_in_md5 = 0)
{
if ($this->id) {
return cmsCore::getBackURL();
}
$default_back_url = '/auth/error.html';
if (!$login || !$passw) {
return $default_back_url;
}
$inDB = cmsDatabase::getInstance();
$inCore = cmsCore::getInstance();
// Авторизация по логину или e-mail
if (!preg_match("/^([a-z0-9\\._-]+)@([a-z0-9\\._-]+)\\.([a-z]{2,4})\$/ui", $login)) {
$where_login = "******";
} else {
$where_login = "******";
}
$where_pass = $pass_in_md5 ? "u.password = '******'" : "u.password = md5('{$passw}')";
// Проверяем локальную пару логин + пароль
$user = $this->loadUser(0, "{$where_login} AND {$where_pass}");
// иначе пытаемся авторизоваться через плагины
if (!$user) {
$user = cmsCore::callEvent('SIGNIN_USER', array('login' => $login, 'pass' => $passw));
}
if (!$user) {
return $default_back_url;
}
$_SESSION['user'] = $user;
cmsCore::callEvent('USER_LOGIN', $_SESSION['user']);
if ($remember_pass) {
$cookie_code = md5($user['id'] . $user['password'] . PATH);
cmsCore::setCookie('userid', $cookie_code, time() + 2592000);
}
// Флаг первой авторизации
$first_time_auth = !$user['is_logged_once'];
// обновляем дату последнего визита, ip
self::setUserLogdate($user['id']);
$inDB->query("UPDATE cms_users SET last_ip = '{$this->ip}', is_logged_once = 1 WHERE id = '{$user['id']}'");
// помечаем, что пользователь онлайн
$inDB->query("UPDATE cms_online SET user_id = '{$user['id']}' WHERE sess_id = '" . session_id() . "'");
////////////// юзер уже авторизован //////////////////////////
// Формируем url редиректа после авторизации
// Получаем настройки что делать после авторизации
$cfg = $inCore->loadComponentConfig('registration');
// Получаем URL, предыдущий перед формой логина
$auth_back_url = cmsUser::sessionGet('auth_back_url');
$auth_back_url = $auth_back_url ? $auth_back_url : cmsCore::getBackURL();
if (strpos($auth_back_url, $_SERVER['HTTP_HOST']) === false || strpos($auth_back_url, '/auth/') !== false) {
$auth_back_url = '/';
}
cmsUser::sessionDel('auth_back_url');
// Авторизация в админку
if ($_SESSION['user']['is_admin'] && cmsCore::inRequest('is_admin')) {
return '/admin/';
}
// Остальные пользователи
if ($_SESSION['user']['id']) {
if ($first_time_auth) {
$cfg['auth_redirect'] = $cfg['first_auth_redirect'];
}
switch ($cfg['auth_redirect']) {
case 'none':
$url = $auth_back_url;
break;
case 'index':
$url = '/';
break;
case 'profile':
$url = cmsUser::getProfileURL($user['login']);
break;
case 'editprofile':
$url = '/users/' . $user['id'] . '/editprofile.html';
break;
}
return $url;
}
return $default_back_url;
}
/**
* Возвращает массив событий для ленты активности
* @return array
*/
public function getActionsLog()
{
$inUser = cmsUser::getInstance();
if (!$this->only_friends) {
$this->inDB->where('log.is_friends_only = 0');
}
if (!$inUser->id) {
$this->inDB->where('log.is_users_only = 0');
}
$pactions = cmsCore::callEvent('GET_BEFORE_ACTIONS', false);
if ($pactions !== false) {
return $pactions;
}
$sql = "SELECT log.*,\r\n\t\t log.pubdate as orig_pubdate,\r\n a.message,\r\n a.name,\r\n u.nickname as user_nickname,\r\n u.login as user_login\r\n FROM cms_actions_log log\r\n LEFT JOIN cms_actions a ON a.id = log.action_id AND a.is_visible = 1\r\n LEFT JOIN cms_users u ON u.id = log.user_id\r\n WHERE 1=1 {$this->inDB->where}\r\n ORDER BY log.id DESC\r\n\t\t\t\t";
if ($this->inDB->limit) {
$sql .= "LIMIT {$this->inDB->limit}";
}
$result = $this->inDB->query($sql);
// Сбрасываем условия
$this->inDB->resetConditions();
if (!$this->inDB->num_rows($result)) {
return false;
}
$actions = array();
global $_LANG;
$last_date = '';
$today_date = date('j F Y');
$yesterday_date = date('j F Y', time() - 3600 * 24);
while ($action = $this->inDB->fetch_assoc($result)) {
$action['item_date'] = '';
$item_date = date('j F Y', strtotime($action['orig_pubdate']));
if ($item_date != $last_date) {
switch ($item_date) {
case $today_date:
$date = icms_ucfirst($_LANG['TODAY']);
break;
case $yesterday_date:
$date = icms_ucfirst($_LANG['YESTERDAY']);
break;
default:
$date = cmsCore::dateFormat($item_date, true, false, false);
}
$action['item_date'] = $date;
$last_date = $item_date;
}
$action['object_link'] = $action['target_link'] = '';
if ($action['object']) {
$action['object_link'] = $action['object_url'] ? '<a href="' . $action['object_url'] . '" class="act_obj_' . $action['name'] . '">' . $action['object'] . '</a>' : $action['object'];
}
if ($action['target']) {
$action['target_link'] = '<a href="' . $action['target_url'] . '" class="act_tgt_' . $action['name'] . '">' . $action['target'] . '</a>';
}
if ($action['message']) {
$target_pos = mb_strpos($action['message'], '|');
if ($target_pos !== false) {
if (!$this->show_targets || !$action['target']) {
$action['message'] = mb_substr($action['message'], 0, $target_pos);
} else {
$action['message'] = str_replace('|', '', $action['message']);
}
}
$action['message'] = sprintf($action['message'], $action['object_link'], $action['target_link']);
}
$action['is_new'] = (bool) (strtotime($action['pubdate']) > strtotime($inUser->logdate));
$action['user_url'] = cmsUser::getProfileURL($action['user_login']);
$action['pubdate'] = cmsCore::dateDiffNow($action['pubdate']);
$actions[] = $action;
}
return cmsCore::callEvent('GET_ACTIONS', $actions);
}
function board() {
$inCore = cmsCore::getInstance();
global $_LANG;
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
$do = $inCore->do;
$pagetitle = $inCore->getComponentTitle();
$pagekeys = $pagedesc = '';
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->addPathway($pagetitle, '/board');
/////////////////////////////// VIEW CATEGORY //////////////////////////////////
if ($do == 'view') {
//Получаем текущую категорию
$category = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id);
if (!$category || (!$category['published'] && !cmsCore::c('user')->is_admin)) {
cmsCore::error404();
}
if ($category['id'] != cmsCore::m('board')->root_cat['id']) {
$pagetitle = $category['pagetitle'] ? $category['pagetitle'] : $category['title'];
$pagekeys = $category['meta_keys'];
$pagedesc = $category['meta_desc'];
$category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $category['NSLeft'], $category['NSRight']);
if ($category_path) {
foreach($category_path as $pcat) {
cmsCore::c('page')->addPathway($pcat['title'], '/board/'. $pcat['id']);
}
}
} else {
$category['title'] = $pagetitle = $inCore->menuTitle();
$category['description'] = cmsCore::m('board')->config['root_description'];
$pagekeys = cmsCore::m('board')->config['meta_keys'];
$pagedesc = cmsCore::m('board')->config['meta_desc'];
}
// rss в адресной строке
$rss_cat_id = $category['id'] == cmsCore::m('board')->root_cat['id'] ? 'all' : $category['id'];
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'. $_LANG['BOARD'] .'" href="'. HOST .'/rss/board/'. $rss_cat_id .'/feed.rss">');
//Формируем категории
$cats = cmsCore::m('board')->getSubCats($category['id']);
// Формируем список объявлений
// Устанавливаем категорию
if ($category['id'] != cmsCore::m('board')->root_cat['id']) {
cmsCore::m('board')->whereThisAndNestedCats($category['NSLeft'], $category['NSRight']);
}
//Город
if (cmsCore::m('board')->city) {
cmsCore::m('board')->whereCityIs(cmsCore::m('board')->city);
$pagetitle .= ' :: '. cmsCore::m('board')->city;
}
// Типы объявлений
if (cmsCore::m('board')->obtype && mb_stristr(icms_ucfirst($category['obtypes']), cmsCore::m('board')->obtype)) {
cmsCore::m('board')->whereTypeIs(cmsCore::m('board')->obtype);
$pagetitle .= ' :: '. cmsCore::m('board')->obtype;
}
// модератор или админ
$is_moder = cmsCore::c('user')->is_admin || cmsCore::m('board')->is_moderator_by_group;
// Общее количество объявлений по заданным выше условиям
$total = cmsCore::m('board')->getAdvertsCount($is_moder, true);
//устанавливаем сортировку
$orderby = cmsCore::m('board')->getOrder('orderby', $category['orderby']);
$orderto = cmsCore::m('board')->getOrder('orderto', $category['orderto']);
cmsCore::c('db')->orderBy('is_vip DESC, '. $orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во объявлений на странице
cmsCore::c('db')->limitPage(cmsCore::m('board')->page, $category['perpage']);
// Получаем объявления
$items = cmsCore::m('board')->getAdverts($is_moder, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if (!$items && cmsCore::m('board')->page > 1) { cmsCore::error404(); }
// если не указаны ключевые слова, формируем их из названий рубрик и типов
if (!$pagekeys && $cats) {
foreach($cats as $c) {
$keys[] = $c['title'];
foreach (explode("\n", $c['obtypes']) as $obtype) {
$keys[] = trim($obtype);
}
}
$pagekeys = implode(',', $keys);
} else if(!$cats) {
$pagekeys = $category['title'];
}
// если не указано описание, формируем из текущих объявлений
if (!$pagedesc && $items) {
foreach ($items as $i) {
$desc[] = $i['title'];
}
$pagedesc = implode('. ', $desc);
} else if(!$items && $category['description']) {
$pagedesc = crop($category['description']);
}
// Проставляем заголовки страницы и описание согласно выборки
cmsCore::c('page')->setDescription(crop($pagedesc));
cmsCore::c('page')->setKeywords($pagekeys);
cmsCore::c('page')->setTitle($pagetitle);
// Отдаем в шаблон категории
cmsPage::initTemplate('components', 'com_board_cats')->
assign('cats', $cats)->
assign('category', $category)->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('is_user', cmsCore::c('user')->id)->
assign('maxcols', cmsCore::m('board')->config['maxcols'])->
display();
$pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, $category['perpage'], '/board/%catid%-%page%', array('catid'=>$category['id']));
$order_form = $category['orderform'] ? cmsCore::m('board')->orderForm($orderby, $orderto, $category) : '';
// Отдаем в шаблон объявления
cmsPage::initTemplate('components', 'com_board_items')->
assign('order_form', $order_form)->
assign('cfg', cmsCore::m('board')->config)->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('items', $items)->
assign('cat', $category)->
assign('maxcols', $category['maxcols'])->
assign('colwidth', round(100/$category['maxcols']))->
assign('pagebar', $pagebar)->
display();
}
/////////////////////////////// VIEW USER ADV //////////////////////////////////
if ($do == 'by_user') {
// логин пользователя
$login = cmsCore::request('login', 'str', cmsCore::c('user')->login);
// получаем данные пользователя
$user = cmsUser::getShortUserData($login);
if (!$user) { cmsCore::error404(); }
$myprofile = cmsCore::m('board')->checkAccess($user['id']);
cmsCore::c('page')->addPathway($user['nickname']);
cmsCore::c('page')->setTitle($_LANG['BOARD'] .' - '. $user['nickname']);
cmsCore::c('page')->setDescription($_LANG['BOARD'] .' - '. $user['nickname']);
// Формируем список объявлений
cmsCore::m('board')->whereUserIs($user['id']);
// Общее количество объявлений по заданным выше условиям
$total = cmsCore::m('board')->getAdvertsCount($myprofile);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('pubdate', 'DESC');
//устанавливаем номер текущей страницы и кол-во объявлений на странице
cmsCore::c('db')->limitPage(cmsCore::m('board')->page, 15);
// Получаем объявления
$items = cmsCore::m('board')->getAdverts($myprofile, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if(!$items && cmsCore::m('board')->page > 1){ cmsCore::error404(); }
// Пагинация
$pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, 15, '/board/by_user_'.$login.'/page-%page%');
// Показываем даты
$category['showdate'] = 1;
cmsPage::initTemplate('components', 'com_board_items')->
assign('cfg', cmsCore::m('board')->config)->
assign('page_title', $_LANG['BOARD'].' - '.$user['nickname'])->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('items', $items)->
assign('cat', $category)->
assign('maxcols', 1)->
assign('colwidth', 100)->
assign('pagebar', $pagebar)->
display();
}
/////////////////////////////// VIEW ITEM //////////////////////////////////////
if ($do == 'read') {
// получаем объявление
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
// неопубликованные показываем админам, модераторам и автору
if (!$item['published'] && !$item['moderator']) { cmsCore::error404(); }
// для неопубликованного показываем инфо: просрочено/на модерации
if (!$item['published']) {
$info_text = $item['is_overdue'] ? $_LANG['ADV_IS_EXTEND'] : $_LANG['ADV_IS_MODER'];
cmsCore::addSessionMessage($info_text, 'info');
} else {
// увеличиваем кол-во просмотров
cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'hits', $item['hits']+1);
}
// формируем заголовок и тело сообщения
$item['title'] = $item['obtype'].' '.$item['title'];
$item['content'] = nl2br($item['content']);
$item['content'] = cmsCore::m('board')->config['auto_link'] ? $inCore->parseSmiles($item['content']) : $item['content'];
$category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $item['NSLeft'], $item['NSRight']);
if ($category_path) {
foreach ($category_path as $pcat) {
cmsCore::c('page')->addPathway($pcat['title'], '/board/'.$pcat['id']);
}
}
cmsCore::c('page')->addPathway($item['title']);
$pagetitle = $item['pagetitle'] ? $item['pagetitle'] : $item['title'];
$pagekeys = $item['meta_keys'] ? $item['meta_keys'] : $item['title'];
$pagedesc = $item['meta_desc'] ? $item['meta_desc'] : $item['content'];
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->setDescription(crop($pagedesc));
cmsCore::c('page')->setKeywords($pagekeys);
cmsPage::initTemplate('components', 'com_board_item')->
assign('item', $item)->
assign('cfg', cmsCore::m('board')->config)->
assign('user_id', cmsCore::c('user')->id)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('formsdata', cmsForm::getFieldsValues($item['form_id'], $item['form_array']))->
assign('is_moder', cmsCore::m('board')->is_moderator_by_group)->
display();
}
/////////////////////////////// NEW BOARD ITEM /////////////////////////////////
if ($do == 'additem') {
// Получаем категории, в которые может загружать пользователь
$catslist = cmsCore::m('board')->getPublicCats(cmsCore::m('board')->category_id);
if (!$catslist) {
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV_ANY'], 'error');
$inCore->redirect('/board');
}
$cat['is_photos'] = 1;
$formsdata = array();
if (cmsCore::m('board')->category_id && cmsCore::m('board')->category_id != cmsCore::m('board')->root_cat['id']) {
$cat = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id);
$formsdata = cmsForm::getFieldsHtml($cat['form_id']);
}
cmsCore::c('page')->addPathway($_LANG['ADD_ADV']);
if ( !cmsCore::inRequest('submit') ) {
if (IS_BILLING) { cmsBilling::checkBalance('board', 'add_item'); }
cmsCore::c('page')->setTitle($_LANG['ADD_ADV']);
$item = cmsUser::sessionGet('item');
if ($item) { cmsUser::sessionDel('item'); }
$item['city'] = !empty($item['city']) ? $item['city'] : cmsCore::c('user')->city;
cmsPage::initTemplate('components', 'com_board_edit')->
assign('action', "/board/add.html")->
assign('form_do', 'add')->
assign('cfg', cmsCore::m('board')->config)->
assign('cat', $cat)->
assign('item', $item)->
assign('pagetitle', $_LANG['ADD_ADV'])->
assign('formsdata', $formsdata)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('is_user', cmsCore::c('user')->id)->
assign('catslist', $catslist)->
assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)->
display();
cmsUser::sessionClearAll();
return;
}
if ( cmsCore::inRequest('submit') ) {
// проверяем на заполненость скрытое поле
$title_fake = cmsCore::request('title_fake', 'str', '');
// если оно заполнено, считаем что это бот, 404
if ($title_fake) { cmsCore::error404(); }
$errors = false;
// проверяем наличие категории
if (!$cat['id']) {
cmsCore::addSessionMessage($_LANG['NEED_CAT_ADV'], 'error');
$errors = true;
}
// Проверяем количество добавленных за сутки
if (!cmsCore::m('board')->checkLoadedByUser24h($cat)){
cmsCore::addSessionMessage($_LANG['MAX_VALUE_OF_ADD_ADV'], 'error');
$errors = true;
}
// Можем ли добавлять в эту рубрику
if (!cmsCore::m('board')->checkAdd($cat)){
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV'], 'error');
$errors = true;
}
// входные данные
$obtype = icms_ucfirst(cmsCore::request('obtype', 'str', ''));
$title = trim(str_ireplace($obtype, '', cmsCore::request('title', 'str', '')));
$content = cmsCore::request('content', 'str', '');
$city = cmsCore::request('city', 'str', '');
if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) {
$pagetitle = cmsCore::request('pagetitle', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$meta_desc = cmsCore::request('meta_desc', 'str', '');
} else {
$pagetitle = $meta_keys = $meta_desc = '';
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
$vipdays = cmsCore::request('vipdays', 'int', 0);
$published = cmsCore::m('board')->checkPublished($cat);
if (cmsCore::m('board')->config['srok']){ $pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50; }
if (!cmsCore::m('board')->config['srok']){ $pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14; }
// Проверяем значения
if (!$title) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$content) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$city) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
if (!cmsCore::c('user')->id && !cmsCore::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$item['content'] = htmlspecialchars(stripslashes($_REQUEST['content']));
$item['city'] = stripslashes($city);
$item['title'] = stripslashes($title);
$item['obtype'] = $obtype;
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/board/'. cmsCore::m('board')->category_id .'/add.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = cmsCore::m('board')->uploadPhoto('', $cat);
} else {
$file['filename'] = '';
cmsCore::addSessionMessage($_LANG['INFO_CAT_NO_PHOTO'], 'info');
}
$add = array(
'category_id' => cmsCore::m('board')->category_id,
'user_id' => cmsCore::c('user')->id,
'obtype' => $obtype,
'title' => $title,
'content' => $content,
'formsdata' => $formsdata,
'city' => $city,
'pubdays' => $pubdays,
'published' => $published,
'pagetitle' => $pagetitle,
'meta_keys' => $meta_keys,
'meta_desc' => $meta_desc,
'file' => $file['filename']
);
$add['id'] = cmsCore::m('board')->addRecord($add);
if (cmsCore::c('user')->is_admin && $vipdays) {
cmsCore::m('board')->setVip($add['id'], $vipdays);
}
if (IS_BILLING) {
cmsBilling::process('board', 'add_item');
if (cmsCore::m('board')->config['vip_enabled'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) {
if ($vipdays > cmsCore::m('board')->config['vip_max_days']) {
$vipdays = cmsCore::m('board')->config['vip_max_days'];
}
$summ = $vipdays * cmsCore::m('board')->config['vip_day_cost'];
if (cmsCore::c('user')->balance >= $summ) {
cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']);
cmsCore::m('board')->setVip($add['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if ($published) {
//регистрируем событие
cmsActions::log('add_board', array(
'object' => $obtype .' '. $title,
'object_url' => '/board/read'. $add['id'] .'.html',
'object_id' => $add['id'],
'target' => $cat['title'],
'target_url' => '/board/'. $cat['id'],
'target_id' => $cat['id'],
'description' => ''
));
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'], 'success');
cmsCore::callEvent('ADD_BOARD_DONE', $add);
cmsCore::redirect('/board/read'. $add['id'] .'.html');
}
if (!$published) {
$link = '<a href="/board/read'. $add['id'] .'.html">'. $obtype .' '. $title .'</a>';
if (cmsCore::c('user')->id) {
$user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>';
} else {
$user = $_LANG['BOARD_GUEST'] .', ip: '. cmsCore::c('user')->ip;
}
$message = str_replace('%user%', $user, $_LANG['MSG_ADV_SUBMIT']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'] .'<br>'. $_LANG['ADV_PREMODER_TEXT'], 'success');
cmsCore::redirect('/board/'.cmsCore::m('board')->category_id);
}
}
}
/////////////////////////////// EDIT BOARD ITEM ////////////////////////////////
if ($do == 'edititem') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
$cat = cmsCore::m('board')->getCategory($item['category_id']);
if (!$cat || !$item) { cmsCore::error404(); }
cmsCore::c('page')->setTitle($_LANG['EDIT_ADV']);
cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']);
cmsCore::c('page')->addPathway($_LANG['EDIT_ADV']);
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
$errors = false;
if (!cmsCore::inRequest('submit')) {
cmsPage::initTemplate('components', 'com_board_edit')->
assign('action', "/board/edit{$item['id']}.html")->
assign('form_do', 'edit')->
assign('cfg', cmsCore::m('board')->config)->
assign('cat', $cat)->
assign('item', $item)->
assign('pagetitle', $_LANG['EDIT_ADV'])->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('catslist', cmsCore::m('board')->getPublicCats($item['category_id'], true))->
assign('formsdata', cmsForm::getFieldsHtml($cat['form_id'], $item['form_array']))->
assign('is_user', cmsCore::c('user')->id)->
assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)->
display();
cmsUser::sessionClearAll();
}
if (cmsCore::inRequest('submit')) {
$new_cat_id = cmsCore::request('category_id', 'int', 0);
if ($new_cat_id) {
$item['category_id'] = $new_cat_id;
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
if ($item['is_overdue'] && !$item['published']) {
if (cmsCore::m('board')->config['srok']) {
$pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50;
}
if (!cmsCore::m('board')->config['srok']) {
$pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14;
}
$pubdate = date('Y-m-d H:i:s');
} else {
$pubdays = $item['pubdays'];
$pubdate = $item['fpubdate'];
}
$update['obtype'] = icms_ucfirst(cmsCore::request('obtype', 'str'));
$update['title'] = trim(str_ireplace($update['obtype'], '', cmsCore::request('title', 'str', '')));
$update['category_id'] = $item['category_id'];
$update['content'] = cmsCore::request('content', 'str', '');
$update['formsdata'] = $formsdata;
$update['city'] = cmsCore::request('city', 'str', '');
$update['pubdate'] = $pubdate;
$update['pubdays'] = $pubdays;
$update['published'] = cmsCore::m('board')->checkPublished($cat, true);
if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) {
$update['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$update['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$update['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
if (!$update['title']) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$update['content']) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$update['city']) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$inCore->redirect('/board/edit'. $item['id'] .'.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = cmsCore::m('board')->uploadPhoto($item['file'], $cat);
}
$update['file'] = $file['filename'] ? $file['filename'] : $item['file'];
// обновляем объявление
cmsCore::m('board')->updateRecord($item['id'], $update);
// обновляем запись в ленте активности
cmsActions::updateLog('add_board', array('object' => $update['obtype'] .' '. $update['title']), $item['id']);
$vipdays = cmsCore::request('vipdays', 'int', 0);
if (cmsCore::c('user')->is_admin) {
if ($vipdays > 0) {
cmsCore::m('board')->setVip($item['id'], $vipdays);
}
if ($vipdays == -1) {
cmsCore::m('board')->deleteVip($item['id']);
}
}
if (IS_BILLING) {
if (cmsCore::m('board')->config['vip_enabled'] && cmsCore::m('board')->config['vip_prolong'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) {
if ($vipdays > cmsCore::m('board')->config['vip_max_days']) {
$vipdays = cmsCore::m('board')->config['vip_max_days'];
}
$summ = $vipdays * cmsCore::m('board')->config['vip_day_cost'];
if (cmsCore::c('user')->balance >= $summ) {
cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']);
cmsCore::m('board')->setVip($item['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if (!$update['published']) {
$link = '<a href="/board/read'. $item['id'] .'.html">'. $update['obtype'] .' '. $update['title'] .'</a>';
$user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>';
$message = str_replace(array('%link%','%user%'), array($link,$user), $_LANG['MSG_ADV_EDITED']);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_EDIT_PREMODER_TEXT'], 'info');
}
cmsCore::addSessionMessage($_LANG['ADV_MODIFIED'], 'success');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
}
///////////////////////// PUBLISH BOARD ITEM ///////////////////////////////////
if ($do == 'publish') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
// если уже опубликовано, 404
if ($item['published']) { cmsCore::error404(); }
// публиковать могут админы и модераторы доски
if (!cmsCore::c('user')->is_admin && !cmsCore::m('board')->is_moderator_by_group) {
cmsCore::error404();
}
// публикуем
cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'published', 1);
cmsCore::callEvent('ADD_BOARD_DONE', $item);
if ($item['user_id']) {
//регистрируем событие
cmsActions::log('add_board', array(
'object' => $item['obtype'] .' '. $item['title'],
'user_id' => $item['user_id'],
'object_url' => '/board/read'. $item['id'] .'.html',
'object_id' => $item['id'],
'target' => $item['category'],
'target_url' => '/board/'. $item['cat_id'],
'target_id' => $item['cat_id'],
'description' => ''
));
$link = '<a href="/board/read'. $item['id'] .'.html">'. $item['obtype'] .' '. $item['title'] .'</a>';
$message = str_replace('%link%', $link, $_LANG['MSG_ADV_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message);
}
cmsCore::addSessionMessage($_LANG['ADV_IS_ACCEPTED'], 'success');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
/////////////////////////////// DELETE BOARD ITEM //////////////////////////////
if ($do == 'delete') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/'. $item['cat_id']);
}
if (!cmsCore::inRequest('godelete')) {
cmsCore::c('page')->setTitle($_LANG['DELETE_ADV']);
cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']);
cmsCore::c('page')->addPathway($_LANG['DELETE_ADV']);
$confirm['title'] = $_LANG['DELETING_ADV'];
$confirm['text'] = $_LANG['YOU_SURE_DELETE_ADV'] .' "'. $item['title'] .'"?';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button']['name'] = 'godelete';
cmsPage::initTemplate('components', 'action_confirm')->
assign('confirm', $confirm)->
display();
}
if (cmsCore::inRequest('godelete')) {
cmsCore::m('board')->deleteRecord(cmsCore::m('board')->item_id);
cmsCore::addSessionMessage($_LANG['ADV_IS_DELETED'], 'success');
cmsCore::redirect('/board/'. $item['cat_id']);
}
}
}
function content()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_content();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
cmsCore::loadClass('billing');
}
global $_LANG;
$id = cmsCore::request('id', 'int', 0);
$do = $inCore->do;
$seolink = cmsCore::strClear(urldecode(cmsCore::request('seolink', 'html', '')));
if (is_numeric($seolink)) {
cmsCore::error404();
}
$page = cmsCore::request('page', 'int', 1);
///////////////////////////////////// VIEW CATEGORY ////////////////////////////////////////////////////////////////////////////////
if ($do == 'view') {
$cat = $inDB->getNsCategory('cms_category', $seolink);
// если не найдена категория и мы не на главной, 404
if (!$cat && $inCore->menuId() !== 1) {
cmsCore::error404();
}
// языки
$cat = translations::process(cmsConfig::getConfig('lang'), 'content_category', $cat);
// Плагины
$cat = cmsCore::callEvent('GET_CONTENT_CAT', $cat);
// Неопубликованные показываем только админам
if (!$cat['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Проверяем доступ к категории
if (!$inCore->checkUserAccess('category', $cat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
// если не корень категорий
if ($cat['NSLevel'] > 0) {
$inPage->setTitle($cat['pagetitle'] ? $cat['pagetitle'] : $cat['title']);
$pagetitle = $cat['title'];
$showdate = $cat['showdate'];
$showcomm = $cat['showcomm'];
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars($cat['title']) . '" href="' . HOST . '/rss/content/' . $cat['id'] . '/feed.rss">');
}
// Если корневая категория
if ($cat['NSLevel'] == 0) {
if ($model->config['hide_root']) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['CATALOG_ARTICLES']);
$pagetitle = $_LANG['CATALOG_ARTICLES'];
$showdate = 1;
$showcomm = 1;
}
// Получаем дерево категорий
$path_list = $inDB->getNsCategoryPath('cms_category', $cat['NSLeft'], $cat['NSRight'], 'id, title, NSLevel, seolink, url');
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'content_category', $path_list);
foreach ($path_list as $pcat) {
if (!$inCore->checkUserAccess('category', $pcat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
$inPage->addPathway($pcat['title'], $model->getCategoryURL(null, $pcat['seolink']));
}
}
// Получаем подкатегории
$subcats_list = $model->getSubCats($cat['id']);
// Привязанный фотоальбом
$cat_photos = $model->getCatPhotoAlbum($cat['photoalbum']);
// Получаем статьи
// Редактор/администратор
$is_editor = $cat['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd') || $inUser->is_admin;
// Условия
$model->whereCatIs($cat['id']);
// Общее количество статей
$total = $model->getArticlesCount($is_editor);
// Сортировка и разбивка на страницы
$inDB->orderBy($cat['orderby'], $cat['orderto']);
$inDB->limitPage($page, $model->config['perpage']);
// Получаем статьи
$content_list = $total ? $model->getArticlesList(!$is_editor) : array();
$inDB->resetConditions();
if (!$content_list && $page > 1) {
cmsCore::error404();
}
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], $model->getCategoryURL(null, $cat['seolink'], 0, true));
$template = $cat['tpl'] ? $cat['tpl'] : 'com_content_view.tpl';
if ($cat['NSLevel'] > 0) {
// meta description
if ($cat['meta_desc']) {
$meta_desc = $cat['meta_desc'];
} elseif (mb_strlen(strip_tags($cat['description'])) >= 250) {
$meta_desc = crop($cat['description']);
} else {
$meta_desc = $cat['title'];
}
$inPage->setDescription($meta_desc);
// meta keywords
if ($cat['meta_keys']) {
$meta_keys = $cat['meta_keys'];
} elseif ($content_list) {
foreach ($content_list as $c) {
$k[] = $c['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $cat['title'];
}
$inPage->setKeywords($meta_keys);
}
cmsPage::initTemplate('components', $template)->assign('cat', $cat)->assign('is_homepage', (bool) ($inCore->menuId() == 1))->assign('showdate', $showdate)->assign('showcomm', $showcomm)->assign('pagetitle', $pagetitle)->assign('subcats', $subcats_list)->assign('cat_photos', $cat_photos)->assign('articles', $content_list)->assign('pagebar', $pagebar)->display($template);
}
///////////////////////////////////// READ ARTICLE ////////////////////////////////////////////////////////////////////////////////
if ($do == 'read') {
// Получаем статью
$article = $model->getArticle($seolink);
if (!$article) {
cmsCore::error404();
}
$article = translations::process(cmsConfig::getConfig('lang'), 'content_content', $article);
$article = cmsCore::callEvent('GET_ARTICLE', $article);
$is_admin = $inUser->is_admin;
$is_author = $inUser->id == $article['user_id'];
$is_author_del = cmsUser::isUserCan('content/delete');
$is_editor = $article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd');
// если статья не опубликована или дата публикации позже, 404
if ((!$article['published'] || strtotime($article['pubdate']) > time()) && !$is_admin && !$is_editor && !$is_author) {
cmsCore::error404();
}
if (!$inCore->checkUserAccess('material', $article['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect($model->getCategoryURL(null, $article['catseolink']));
}
// увеличиваем кол-во просмотров
if (@(!$is_author)) {
$inDB->setFlag('cms_content', $article['id'], 'hits', $article['hits'] + 1);
}
// Картинка статьи
$article['image'] = file_exists(PATH . '/images/photos/medium/article' . $article['id'] . '.jpg') ? 'article' . $article['id'] . '.jpg' : '';
// Заголовок страницы
$article['pagetitle'] = $article['pagetitle'] ? $article['pagetitle'] : $article['title'];
// Тело статьи в зависимости от настроек
$article['content'] = $model->config['readdesc'] ? $article['description'] . $article['content'] : $article['content'];
// Дата публикации
$article['pubdate'] = cmsCore::dateFormat($article['pubdate']);
// Шаблон статьи
$article['tpl'] = $article['tpl'] ? $article['tpl'] : 'com_content_read.tpl';
$inPage->setTitle($article['pagetitle']);
// Получаем дерево категорий
$path_list = $article['showpath'] ? $inDB->getNsCategoryPath('cms_category', $article['leftkey'], $article['rightkey'], 'id, title, NSLevel, seolink, url') : array();
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'content_category', $path_list);
foreach ($path_list as $pcat) {
if (!$inCore->checkUserAccess('category', $pcat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
$inPage->addPathway($pcat['title'], $model->getCategoryURL(null, $pcat['seolink']));
}
}
$inPage->addPathway($article['title']);
// Мета теги KEYWORDS и DESCRIPTION
if ($article['meta_keys']) {
$inPage->setKeywords($article['meta_keys']);
} else {
if (mb_strlen($article['content']) > 30) {
$inPage->setKeywords(cmsCore::getKeywords(cmsCore::strClear($article['content'])));
}
}
if (mb_strlen($article['meta_desc'])) {
$inPage->setDescription($article['meta_desc']);
}
// Выполняем фильтры
$article['content'] = cmsCore::processFilters($article['content']);
// Разбивка статей на страницы
$pt_pages = array();
if (!empty($GLOBALS['pt'])) {
foreach ($GLOBALS['pt'] as $num => $page_title) {
$pt_pages[$num]['title'] = $page_title;
$pt_pages[$num]['url'] = $model->getArticleURL(null, $article['seolink'], $num + 1);
}
}
// Рейтинг статьи
if ($model->config['rating'] && $article['canrate']) {
$karma = cmsKarma('content', $article['id']);
$karma_points = cmsKarmaFormatSmall($karma['points']);
$btns = cmsKarmaButtonsText('content', $article['id'], $karma['points'], $is_author);
}
cmsPage::initTemplate('components', $article['tpl'])->assign('article', $article)->assign('cfg', $model->config)->assign('page', $page)->assign('is_pages', !empty($GLOBALS['pt']))->assign('pt_pages', $pt_pages)->assign('is_admin', $is_admin)->assign('is_editor', $is_editor)->assign('is_author', $is_author)->assign('is_author_del', $is_author_del)->assign('tagbar', cmsTagBar('content', $article['id']))->assign('karma_points', @$karma_points)->assign('karma_votes', @$karma['votes'])->assign('karma_buttons', @$btns)->display($article['tpl']);
// Комментарии статьи
if ($article['published'] && $article['comments'] && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('article', $article['id'], array(), $is_author);
}
}
///////////////////////////////////// ADD ARTICLE //////////////////////////////////////////////////////////////////////////////////
if ($do == 'addarticle' || $do == 'editarticle') {
$is_add = cmsUser::isUserCan('content/add');
// может добавлять статьи
$is_auto_add = cmsUser::isUserCan('content/autoadd');
// добавлять статьи без модерации
if (!$is_add && !$is_auto_add) {
cmsCore::error404();
}
// Для редактирования получаем статью и проверяем доступ
if ($do == 'editarticle') {
// Получаем статью
$item = $model->getArticle($id);
if (!$item) {
cmsCore::error404();
}
$pubcats = array();
// доступ к редактированию админам, авторам и редакторам
if (!$inUser->is_admin && $item['user_id'] != $inUser->id && !($item['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd'))) {
cmsCore::error404();
}
}
// Для добавления проверяем не вводили ли мы данные ранее
if ($do == 'addarticle') {
$item = cmsUser::sessionGet('article');
if ($item) {
cmsUser::sessionDel('article');
}
// Категории, в которые разрешено публиковать
$pubcats = $model->getPublicCats();
if (!$pubcats) {
cmsCore::addSessionMessage($_LANG['ADD_ARTICLE_ERR_CAT'], 'error');
cmsCore::redirectBack();
}
}
// не было запроса на сохранение, показываем форму
if (!cmsCore::inRequest('add_mod')) {
$dynamic_cost = false;
// Если добавляем статью
if ($do == 'addarticle') {
$pagetitle = $_LANG['ADD_ARTICLE'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_ARTICLES'], '/content/my.html');
$inPage->addPathway($pagetitle);
// поддержка биллинга
if (IS_BILLING) {
$action = cmsBilling::getAction('content', 'add_content');
foreach ($pubcats as $p => $pubcat) {
if ($pubcat['cost']) {
$dynamic_cost = true;
} else {
$pubcats[$p]['cost'] = $action['point_cost'][$inUser->group_id];
}
}
cmsBilling::checkBalance('content', 'add_content', $dynamic_cost);
}
}
// Если редактируем статью
if ($do == 'editarticle') {
$pagetitle = $_LANG['EDIT_ARTICLE'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
if ($item['user_id'] != $inUser->id) {
$user = $inDB->get_fields('cms_users', "id='{$item['user_id']}'", 'login, nickname');
$inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login']));
} else {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
}
$inPage->addPathway($_LANG['MY_ARTICLES'], '/content/my.html');
$inPage->addPathway($pagetitle);
$item['tags'] = cmsTagLine('content', $item['id'], false);
$item['image'] = file_exists(PATH . '/images/photos/small/article' . $item['id'] . '.jpg') ? 'article' . $item['id'] . '.jpg' : '';
if (!$is_auto_add) {
cmsCore::addSessionMessage($_LANG['ATTENTION'] . ': ' . $_LANG['EDIT_ARTICLE_PREMODER'], 'info');
}
}
$inPage->initAutocomplete();
$autocomplete_js = $inPage->getAutocompleteJS('tagsearch', 'tags');
$item = cmsCore::callEvent('PRE_EDIT_ARTICLE', @$item ? $item : array());
cmsPage::initTemplate('components', 'com_content_edit')->assign('mod', $item)->assign('do', $do)->assign('cfg', $model->config)->assign('pubcats', $pubcats)->assign('pagetitle', $pagetitle)->assign('is_admin', $inUser->is_admin)->assign('is_billing', IS_BILLING)->assign('dynamic_cost', $dynamic_cost)->assign('autocomplete_js', $autocomplete_js)->display('com_content_edit.tpl');
}
// Пришел запрос на сохранение статьи
if (cmsCore::inRequest('add_mod')) {
$errors = false;
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['user_id'] = $item['user_id'] ? $item['user_id'] : $inUser->id;
$article['title'] = cmsCore::request('title', 'str', '');
$article['tags'] = cmsCore::request('tags', 'str', '');
$article['description'] = cmsCore::request('description', 'html', '');
$article['content'] = cmsCore::request('content', 'html', '');
$article['description'] = cmsCore::badTagClear($article['description']);
$article['content'] = cmsCore::badTagClear($article['content']);
$article['published'] = $is_auto_add ? 1 : 0;
if ($do == 'editarticle') {
$article['published'] = $item['published'] == 0 ? $item['published'] : $article['published'];
}
$article['pubdate'] = $do == 'editarticle' ? $item['pubdate'] : date('Y-m-d H:i');
$article['enddate'] = $do == 'editarticle' ? $item['enddate'] : $article['pubdate'];
$article['is_end'] = $do == 'editarticle' ? $item['is_end'] : 0;
$article['showtitle'] = $do == 'editarticle' ? $item['showtitle'] : 1;
$article['meta_desc'] = $do == 'addarticle' ? mb_strtolower($article['title']) : $inDB->escape_string($item['meta_desc']);
$article['meta_keys'] = $do == 'addarticle' ? $inCore->getKeywords($article['content']) : $inDB->escape_string($item['meta_keys']);
$article['showdate'] = $do == 'editarticle' ? $item['showdate'] : 1;
$article['showlatest'] = $do == 'editarticle' ? $item['showlatest'] : 1;
$article['showpath'] = $do == 'editarticle' ? $item['showpath'] : 1;
$article['comments'] = $do == 'editarticle' ? $item['comments'] : 1;
$article['canrate'] = $do == 'editarticle' ? $item['canrate'] : 1;
$article['pagetitle'] = '';
if ($do == 'editarticle') {
$article['tpl'] = $item['tpl'];
}
if (mb_strlen($article['title']) < 2) {
cmsCore::addSessionMessage($_LANG['REQ_TITLE'], 'error');
$errors = true;
}
if (mb_strlen($article['content']) < 10) {
cmsCore::addSessionMessage($_LANG['REQ_CONTENT'], 'error');
$errors = true;
}
if ($errors) {
// При добавлении статьи при ошибках сохраняем введенные поля
if ($do == 'addarticle') {
cmsUser::sessionPut('article', $article);
}
cmsCore::redirectBack();
}
$article['description'] = $inDB->escape_string($article['description']);
$article['content'] = $inDB->escape_string($article['content']);
$article = cmsCore::callEvent('AFTER_EDIT_ARTICLE', $article);
// добавление статьи
if ($do == 'addarticle') {
$article_id = $model->addArticle($article);
}
// загрузка фото
$file = 'article' . (@$article_id ? $article_id : $item['id']) . '.jpg';
if (cmsCore::request('delete_image', 'int', 0)) {
@unlink(PATH . "/images/photos/small/{$file}");
@unlink(PATH . "/images/photos/medium/{$file}");
}
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $model->config['img_small_w'];
$inUploadPhoto->medium_size_w = $model->config['img_big_w'];
$inUploadPhoto->thumbsqr = $model->config['img_sqr'];
$inUploadPhoto->is_watermark = $model->config['watermark'];
$inUploadPhoto->input_name = 'picture';
$inUploadPhoto->filename = $file;
// Процесс загрузки фото
$inUploadPhoto->uploadPhoto();
// операции после добавления/редактирования статьи
// добавление статьи
if ($do == 'addarticle') {
// Получаем добавленную статью
$article = $model->getArticle($article_id);
if (!$article['published']) {
cmsCore::addSessionMessage($_LANG['ARTICLE_PREMODER_TEXT'], 'info');
// отсылаем уведомление администраторам
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_ARTICLE_SUBMIT']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessageToGroup(USER_UPDATER, cmsUser::getAdminGroups(), $message);
} else {
//регистрируем событие
cmsActions::log('add_article', array('object' => $article['title'], 'object_url' => $model->getArticleURL(null, $article['seolink']), 'object_id' => $article['id'], 'target' => $article['cat_title'], 'target_url' => $model->getCategoryURL(null, $article['catseolink']), 'target_id' => $article['category_id'], 'description' => ''));
if (IS_BILLING) {
$category_cost = $article['cost'] === '' ? false : (int) $article['cost'];
cmsBilling::process('content', 'add_content', $category_cost);
}
cmsUser::checkAwards($inUser->id);
}
cmsCore::addSessionMessage($_LANG['ARTICLE_SAVE'], 'info');
cmsCore::redirect('/my.html');
}
// Редактирование статьи
if ($do == 'editarticle') {
$model->updateArticle($item['id'], $article, true);
cmsActions::updateLog('add_article', array('object' => $article['title']), $item['id']);
if (!$article['published']) {
$link = '<a href="' . $model->getArticleURL(null, $item['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_ARTICLE_EDITED']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessageToGroup(USER_UPDATER, cmsUser::getAdminGroups(), $message);
}
$mess = $article['published'] ? $_LANG['ARTICLE_SAVE'] : $_LANG['ARTICLE_SAVE'] . ' ' . $_LANG['ARTICLE_PREMODER_TEXT'];
cmsCore::addSessionMessage($mess, 'info');
cmsCore::redirect($model->getArticleURL(null, $item['seolink']));
}
}
}
///////////////////////// PUBLISH ARTICLE /////////////////////////////////////////////////////////////////////////////
if ($do == 'publisharticle') {
if (!$inUser->id) {
cmsCore::error404();
}
$article = $model->getArticle($id);
if (!$article) {
cmsCore::error404();
}
// Редактор с правами на добавление без модерации или администраторы могут публиковать
if (!($article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd')) && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->setFlag('cms_content', $article['id'], 'published', 1);
cmsCore::callEvent('ADD_ARTICLE_DONE', $article);
if (IS_BILLING) {
$author = $inDB->get_fields('cms_users', "id='{$article['user_id']}'", '*');
$category_cost = $article['cost'] === '' ? false : (int) $article['cost'];
cmsBilling::process('content', 'add_content', $category_cost, $author);
}
//регистрируем событие
cmsActions::log('add_article', array('object' => $article['title'], 'user_id' => $article['user_id'], 'object_url' => $model->getArticleURL(null, $article['seolink']), 'object_id' => $article['id'], 'target' => $article['cat_title'], 'target_url' => $model->getCategoryURL(null, $article['catseolink']), 'target_id' => $article['cat_id'], 'description' => ''));
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%link%', $link, $_LANG['MSG_ARTICLE_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $article['user_id'], $message);
cmsUser::checkAwards($article['user_id']);
cmsCore::redirectBack();
}
///////////////////////////////////// DELETE ARTICLE ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'deletearticle') {
if (!$inUser->id) {
cmsCore::error404();
}
$article = $model->getArticle($id);
if (!$article) {
cmsCore::error404();
}
// права доступа
$is_author = cmsUser::isUserCan('content/delete') && $article['user_id'] == $inUser->id;
$is_editor = $article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd');
if (!$is_author && !$is_editor && !$inUser->is_admin) {
cmsCore::error404();
}
if (!cmsCore::inRequest('goadd')) {
$inPage->setTitle($_LANG['ARTICLE_REMOVAL']);
$inPage->addPathway($_LANG['ARTICLE_REMOVAL']);
$confirm['title'] = $_LANG['ARTICLE_REMOVAL'];
$confirm['text'] = $_LANG['ARTICLE_REMOVAL_TEXT'] . ' <a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>?';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
$confirm['yes_button']['name'] = 'goadd';
cmsPage::initTemplate('components', 'action_confirm')->assign('confirm', $confirm)->display('action_confirm.tpl');
} else {
$model->deleteArticle($article['id']);
if ($_SERVER['HTTP_REFERER'] == '/my.html') {
cmsCore::addSessionMessage($_LANG['ARTICLE_DELETED'], 'info');
cmsCore::redirectBack();
} else {
// если удалили как администратор или редактор и мы не авторы статьи, отсылаем сообщение автору
if (($is_editor || $inUser->is_admin) && $article['user_id'] != $inUser->id) {
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%link%', $link, $article['published'] ? $_LANG['MSG_ARTICLE_DELETED'] : $_LANG['MSG_ARTICLE_REJECTED']);
cmsUser::sendMessage(USER_UPDATER, $article['user_id'], $message);
} else {
cmsCore::addSessionMessage($_LANG['ARTICLE_DELETED'], 'info');
}
cmsCore::redirect($model->getCategoryURL(null, $article['catseolink']));
}
}
}
///////////////////////////////////// MY ARTICLES ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'my') {
if (!cmsUser::isUserCan('content/add')) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_ARTICLES']);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_ARTICLES']);
$perpage = 15;
// Условия
$model->whereUserIs($inUser->id);
// Общее количество статей
$total = $model->getArticlesCount(false);
// Сортировка и разбивка на страницы
$inDB->orderBy('con.pubdate', 'DESC');
$inDB->limitPage($page, $perpage);
// Получаем статьи
$content_list = $total ? $model->getArticlesList(false) : array();
$inDB->resetConditions();
cmsPage::initTemplate('components', 'com_content_my')->assign('articles', $content_list)->assign('total', $total)->assign('user_can_delete', cmsUser::isUserCan('content/delete'))->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/content/my%page%.html'))->display('com_content_my.tpl');
}
///////////////////////////////////// BEST ARTICLES ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'best') {
$inPage->setTitle($_LANG['ARTICLES_RATING']);
$inPage->addPathway($_LANG['ARTICLES_RATING']);
// Только статьи, за которые можно голосовать
$inDB->where("con.canrate = 1");
// Сортировка и разбивка на страницы
$inDB->orderBy('con.rating', 'DESC');
$inDB->limitPage(1, 30);
// Получаем статьи
$content_list = $model->getArticlesList();
cmsPage::initTemplate('components', 'com_content_rating')->assign('articles', $content_list)->display('com_content_rating.tpl');
}
}
<?php if ($my_profile) { ?>
<div class="float_bar">
<a href="/users/addphoto.html" class="usr_photo_add"><?php echo $_LANG['ADD_PHOTO']; ?></a>
</div>
<?php } ?>
<div class="con_heading">
<a href="<?php echo cmsUser::getProfileURL($user['login']); ?>"><?php echo $user['nickname']; ?></a> → <?php echo $_LANG['PHOTOALBUMS']; ?>
</div>
<?php if ($albums) { ?>
<div class="usr_albums_block" style="margin-top:30px">
<ul class="usr_albums_list">
<?php foreach($albums as $album) { ?>
<li>
<div class="usr_album_thumb">
<a href="/users/<?php echo $user['login']; ?>/photos/<?php echo $album['type']; ?><?php echo $album['id']; ?>.html" title="<?php echo $this->escape($album['title']); ?>">
<img src="<?php echo $album['imageurl']; ?>" width="64" height="64" border="0" alt="<?php echo $this->escape($album['title']); ?>" />
</a>
</div>
<div class="usr_album">
<div class="link">
<a href="/users/<?php echo $user['login']; ?>/photos/<?php echo $album['type']; ?><?php echo $album['id']; ?>.html"><?php echo $album['title']; ?></a>
</div>
<div class="count"><?php echo $this->spellcount($album['photos_count'], $_LANG['PHOTO'], $_LANG['PHOTO2'], $_LANG['PHOTO10']); ?></div>
<div class="date"><?php echo $album['pubdate']; ?></div>
</div>
</li>
<?php } ?>
</ul>
<div class="blog_desc"></div>
<?php if ($myblog || $is_admin || ($is_writer && $is_author)) { ?>
<div class="float_bar">
<?php if (!$post['published'] && ($is_admin)) { ?><span id="pub_link"><a class="ajaxlink" href="javascript:void(0)" onclick="<?php echo cmsCore::getInstance()->component; ?>.publishPost(<?php echo $post['id']; ?>);return false;"><?php echo $_LANG['PUBLISH']; ?></a> | </span><?php } ?><a href="/<?php echo cmsCore::getInstance()->component; ?>/editpost<?php echo $post['id']; ?>.html"><?php echo $_LANG['EDIT']; ?></a> | <a class="ajaxlink" href="javascript:void(0)" onclick="<?php echo cmsCore::getInstance()->component; ?>.deletePost(<?php echo $post['id']; ?>, '<?php echo cmsUser::getCsrfToken(); ?>');return false;"><?php echo $_LANG['DELETE']; ?></a>
</div>
<?php } ?>
<h1 class="con_heading"><?php echo $post['title']; ?></h1>
<table width="100%" cellpadding="4" cellspacing="0">
<tr>
<td width="70" valign="top" align="center">
<div><strong><?php echo $_LANG['AVTOR']; ?></strong></div>
<div class="blog_post_avatar"><a href="<?php echo cmsUser::getProfileURL($post['author_login']); ?>"><img border="0" class="usr_img_small" src="<?php echo $post['author_avatar']; ?>" /></a></div>
<div><strong><a href="<?php echo cmsUser::getProfileURL($post['author_login']); ?>"><?php echo $post['author_nickname']; ?></a></strong></div>
</td>
<td>
<div class="blog_post_data" valign="top">
<div><strong><?php echo $_LANG['PUBLISHED']; ?>:</strong> <?php if (!$post['published']) { ?><span id="pub_wait" style="color:#F00;"><?php echo $_LANG['ON_MODERATE']; ?></span><span id="pub_date" style="display:none;"><?php echo $post['fpubdate']; ?></span><?php } else { ?><?php echo $post['fpubdate']; ?><?php } ?></div>
<div><strong><?php echo $_LANG['BLOG']; ?>:</strong> <a href="/<?php echo cmsCore::getInstance()->component; ?>/<?php echo $blog['seolink']; ?>"><?php echo $blog['title']; ?></a></div>
<?php if ($blog['showcats'] && $cat) { ?>
<div><strong><?php echo $_LANG['CAT']; ?>:</strong> <a href="/<?php echo cmsCore::getInstance()->component; ?>/<?php echo $blog['seolink']; ?>/cat-<?php echo $cat['id']; ?>"><?php echo $cat['title']; ?></a></div>
<?php } ?>
<?php if ($post['edit_times']) { ?>
<div><strong><?php echo $_LANG['EDITED']; ?>:</strong> <?php echo $this->spellcount($post['edit_times'], $_LANG['TIME1'], $_LANG['TIME2'], $_LANG['TIME10']); ?> — <?php if ($post['edit_times'] > 1) { ?><?php echo $_LANG['LATS_TIME']; ?><?php } ?> <?php echo $post['feditdate']; ?></div>
<?php } ?>
<?php if ($post['feel']) { ?>
<div><strong><?php echo $_LANG['MOOD']; ?>:</strong> <?php echo $post['feel']; ?></div>
<?php } ?>
<?php if ($post['music']) { ?>
<div><strong><?php echo $_LANG['PLAYING']; ?>:</strong> <?php echo $post['music']; ?></div>
<?php } ?>
</div>
/**
* Возвращает массив событий для ленты активности
* @return array
*/
public function getActionsLog()
{
$inUser = cmsUser::getInstance();
if (!$this->only_friends) {
$this->inDB->where('log.is_friends_only = 0');
}
if (!$inUser->id) {
$this->inDB->where('log.is_users_only = 0');
}
$sql = "SELECT log.id as id,\n log.user_id,\n log.object,\n log.object_url,\n log.target,\n log.target_url,\n log.pubdate,\n log.description,\n a.message,\n a.name,\n u.nickname as user_nickname,\n u.login as user_login\n FROM cms_actions_log log\n LEFT JOIN cms_actions a ON a.id = log.action_id AND a.is_visible = 1\n LEFT JOIN cms_users u ON u.id = log.user_id\n WHERE 1=1 {$this->inDB->where}\n ORDER BY log.id DESC\n\t\t\t\t";
if ($this->inDB->limit) {
$sql .= "LIMIT {$this->inDB->limit}";
}
$result = $this->inDB->query($sql);
// Сбрасываем условия
$this->inDB->resetConditions();
if (!$this->inDB->num_rows($result)) {
return false;
}
$actions = array();
while ($action = $this->inDB->fetch_assoc($result)) {
$action['object_link'] = $action['target_link'] = '';
if ($action['object']) {
$action['object_link'] = $action['object_url'] ? '<a href="' . $action['object_url'] . '" class="act_obj_' . $action['name'] . '">' . $action['object'] . '</a>' : $action['object'];
}
if ($action['target']) {
$action['target_link'] = '<a href="' . $action['target_url'] . '" class="act_tgt_' . $action['name'] . '">' . $action['target'] . '</a>';
}
if ($action['message']) {
$target_pos = mb_strpos($action['message'], '|');
if ($target_pos !== false) {
if (!$this->show_targets || !$action['target']) {
$action['message'] = mb_substr($action['message'], 0, $target_pos);
} else {
$action['message'] = str_replace('|', '', $action['message']);
}
}
$action['message'] = sprintf($action['message'], $action['object_link'], $action['target_link']);
}
$action['is_new'] = (bool) (strtotime($action['pubdate']) > strtotime($inUser->logdate));
$action['user_url'] = cmsUser::getProfileURL($action['user_login']);
$action['pubdate'] = cmsCore::dateDiffNow($action['pubdate']);
$actions[] = $action;
}
return cmsCore::callEvent('GET_ACTIONS', $actions);
}
function comments($target = '', $target_id = 0, $labels = array())
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
cmsCore::loadModel('comments');
$model = new cms_model_comments($labels);
// Проверяем включени ли компонент
if (!$inCore->isComponentEnable('comments')) {
return false;
}
// Инициализируем права доступа для группы текущего пользователя
$model->initAccess();
global $_LANG;
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$id = cmsCore::request('id', 'int', 0);
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$inPage->addHeadJS('components/comments/js/comments.js');
$inPage->addHeadJsLang(array('EDIT_COMMENT', 'CONFIRM_DEL_COMMENT', 'COMMENT_IN_LINK'));
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'view' && !$target && !$target_id) {
if (!$login) {
$myprofile = false;
$page_title = $inCore->getComponentTitle();
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . $_LANG['COMMENTS'] . '" href="' . HOST . '/rss/comments/all/feed.rss">');
} else {
// проверяем что пользователь есть
$user = cmsUser::getShortUserData($login);
if (!$user) {
cmsCore::error404();
}
// Мои комментарии
$myprofile = $inUser->id == $user['id'];
$page_title = $_LANG['COMMENTS'] . ' - ' . $user['nickname'];
$inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login']));
// Добавляем условие в выборку
$model->whereUserIs($user['id']);
}
$inPage->setTitle($page_title);
$inPage->addPathway($page_title);
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $page_title);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $page_title);
// флаг модератора
$is_moder = $inUser->is_admin || $model->is_can_moderate;
// Не админам только открытые комментарии
if (!($is_moder || $myprofile)) {
$model->whereIsShow();
}
// Общее количество комментариев
$total = $model->getCommentsCount(!($is_moder || $myprofile));
// Сортировка и разбивка на страницы
$inDB->orderBy('c.pubdate', 'DESC');
$inDB->limitPage($page, $model->config['perpage']);
// Сами комментарии
$comments = $total ? $model->getComments(!($is_moder || $myprofile)) : array();
$inDB->resetConditions();
if (!$comments && $page > 1) {
cmsCore::error404();
}
// пагинация
if (!$login) {
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], '/comments/page-%page%');
} else {
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], 'javascript:centerLink(\'/comments/by_user_' . $user['login'] . '/page-%page%\')');
}
// Отдаем в шаблон
cmsPage::initTemplate('components', 'com_comments_list_all')->assign('comments_count', $total)->assign('comments', $comments)->assign('pagebar', $pagebar)->assign('is_user', $inUser->id)->assign('page_title', $page_title)->assign('cfg', $model->config)->assign('is_admin', $is_moder)->display('com_comments_list_all.tpl');
}
//========================================================================================================================//
//========================================================================================================================//
if (!in_array($do, array('add', 'edit', 'delete')) && $target && $target_id) {
if (!$model->config['cmm_ajax']) {
$model->whereTargetIs($target, $target_id);
$inDB->orderBy('c.pubdate', 'ASC');
$comments = cmsCore::callEvent('BEFORE_SHOW_COMMENTS', $model->getComments(!($inUser->is_admin || $model->is_can_moderate), true));
$total = count($comments);
ob_start();
cmsPage::initTemplate('components', 'com_comments_list')->assign('comments_count', $total)->assign('comments', $comments)->assign('user_can_moderate', $model->is_can_moderate)->assign('user_can_delete', $model->is_can_delete)->assign('user_can_add', $model->is_can_add)->assign('is_admin', $inUser->is_admin)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('labels', $model->labels)->assign('target', $target)->assign('target_id', $target_id)->display('com_comments_list.tpl');
$html = ob_get_clean();
} else {
$model->whereTargetIs($target, $target_id);
$total = $model->getCommentsCount(!($inUser->is_admin || $model->is_can_moderate));
$inDB->resetConditions();
}
cmsPage::initTemplate('components', 'com_comments_view')->assign('comments_count', $total)->assign('target', $target)->assign('target_id', $target_id)->assign('is_admin', $inUser->is_admin)->assign('labels', $model->labels)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('user_can_add', $model->is_can_add)->assign('html', isset($html) ? $html : '')->assign('add_comment_js', "addComment('" . $target . "', '" . $target_id . "', 0)")->assign('user_subscribed', cmsUser::isSubscribed($inUser->id, $target, $target_id))->display('com_comments_view.tpl');
}
//========================================================================================================================//
//========================================================================================================================//
// Добавление комментария, форма добавления в addform.php
if ($do == 'add') {
// Только аякс
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
// Очищаем буфер
ob_end_clean();
// Добавлять могут только админы и те, кому разрешено в настройках группы
if (!$model->is_can_add && !$inUser->is_admin) {
cmsCore::error404();
}
// Входные данные
$comment['guestname'] = cmsCore::request('guestname', 'str', '');
$comment['user_id'] = $inUser->id;
if ($model->is_can_bbcode) {
$content = cmsCore::request('content', 'html', '');
$comment['content_bbcode'] = $inDB->escape_string($content);
$content = cmsCore::parseSmiles($content, true);
$comment['content'] = $inDB->escape_string($content);
} else {
$comment['content'] = cmsCore::request('content', 'str', '');
$comment['content_bbcode'] = $comment['content'];
$comment['content'] = str_replace(array('\\r', '\\n'), '<br>', $comment['content']);
}
$comment['parent_id'] = cmsCore::request('parent_id', 'int', 0);
$comment['target'] = cmsCore::request('target', 'str', '');
$comment['target_id'] = cmsCore::request('target_id', 'int', 0);
$comment['ip'] = cmsCore::strClear($_SERVER['REMOTE_ADDR']);
// Проверяем правильность/наличие входных парамеров
// цель комментария
if (!$comment['target'] || !$comment['target_id']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET']));
}
// Имя гостя отсутствует
if (!$comment['guestname'] && !$inUser->id) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_USER_NAME']));
}
// Текст комментраия отсутствует
if (!$comment['content']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT']));
}
// проверяем каптчу
$need_captcha = $model->config['regcap'] ? true : ($inUser->id ? false : true);
if ($need_captcha && !cmsPage::checkCaptchaCode()) {
cmsCore::jsonOutput(array('error' => true, 'is_captcha' => true, 'text' => $_LANG['ERR_CAPTCHA']));
}
// получаем массив со ссылкой и заголовком цели комментария
// для этого:
// 1. узнаем ответственный компонент из cms_comment_targets
$target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*');
if (!$target) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1'));
}
// 2. подключим модель этого компонента
if (cmsCore::loadModel($target['component'])) {
$model_class = 'cms_model_' . $target['component'];
if (class_exists($model_class)) {
$target_model = new $model_class();
}
}
if (!isset($target_model)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #2'));
}
// 3. запросим массив $target_data[link, title] у метода getCommentTarget модели
$target_data = $target_model->getCommentTarget($comment['target'], $comment['target_id']);
if (!$target_data) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #3'));
}
$comment['target_title'] = $target_data['title'];
$comment['target_link'] = $target_data['link'];
// 4. Узнаем видимость комментария в модели $target_model
if (method_exists($target_model, 'getVisibility')) {
$comment['is_hidden'] = $target_model->getVisibility($comment['target'], $comment['target_id']);
} else {
$comment['is_hidden'] = 0;
}
// публикация согласно настроек
$comment['published'] = $inUser->is_admin || $model->is_can_moderate || $model->is_add_published ? 1 : 0;
// Проверяем токен перед самым добавлением комментария
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// 5. добавляем комментарий в базу
$comment_id = $model->addComment($comment);
// 6. Пересчитываем количество комментариев у цели если нужно
if (method_exists($target_model, 'updateCommentsCount')) {
$target_model->updateCommentsCount($comment['target'], $comment['target_id']);
}
if (!$comment['is_hidden'] && $comment['published']) {
//регистрируем событие
$content_short = strip_tags($comment['content']);
cmsActions::log('add_comment', array('object' => $_LANG['COMMENT'], 'object_url' => $comment['target_link'] . '#c' . $comment_id, 'object_id' => $comment_id, 'target' => $comment['target_title'], 'target_url' => $comment['target_link'], 'target_id' => $comment['target_id'], 'description' => mb_strlen($content_short) > 140 ? mb_substr($content_short, 0, 140) : $content_short));
}
////////////////////////////////////////////////////////////////
///////////////// Операции по уведомлениям /////////////////////
$inConf = cmsConfig::getInstance();
$from_nick = $inUser->id ? $inUser->nickname : $comment['guestname'];
$targetlink = HOST . $comment['target_link'] . '#c' . $comment_id;
//получаем ID и e-mail автора
$author = $inUser->id ? $model->getTargetAuthor($target['target_table'], $comment['target_id']) : '';
//подписываем пользователя на обновления, если нужно
if ($inUser->id && cmsCore::inRequest('subscribe')) {
cmsUser::subscribe($inUser->id, $comment['target'], $comment['target_id']);
}
if ($comment['published']) {
//рассылаем уведомления о новом комменте
cmsUser::sendUpdateNotify($comment['target'], $comment['target_id'], array('link' => $comment['target_link'] . '#c' . $comment_id, 'title' => stripslashes($comment['target_title']), 'letter_file' => 'newcomment', 'author' => $inUser->id ? $inUser->nickname : $comment['guestname']));
//проверяем и выдаем награду если нужно
cmsUser::checkAwards($inUser->id);
}
//отправляем админу уведомление о комментарии на e-mail, если нужно
if ($model->config['email']) {
$mailmsg = str_replace(array('{sitename}', '{date}', '{from}', '{subjtitle}', '{targetlink}', '{content}'), array($inConf->sitename, date('d/m/Y (H:i)'), $from_nick, stripslashes($comment['target_title']), $targetlink, strip_tags($comment['content'])), cmsCore::getLanguageTextFile('newcomment_admin'));
$inCore->mailText($model->config['email'], '', $mailmsg);
}
//отправляем автору уведомление на e-mail
if ($author && $comment['published']) {
if ($model->isAuthorNeedMail($author['id']) && $inUser->id != $author['id']) {
$letter = cmsCore::getLanguageTextFile('newpostcomment');
$letter = str_replace('{sitename}', $inConf->sitename, $letter);
$letter = str_replace('{subj}', $target['subj'], $letter);
$letter = str_replace('{subjtitle}', stripslashes($comment['target_title']), $letter);
$letter = str_replace('{targetlink}', $targetlink, $letter);
$letter = str_replace('{date}', date('d/m/Y H:i:s'), $letter);
$letter = str_replace('{from}', $from_nick, $letter);
$inCore->mailText($author['email'], '', $letter);
}
}
if (!$comment['published']) {
$message = str_replace(array('%user%', '%targetlink%'), array($from_nick, $targetlink), $_LANG['COMM_PREMODER_ADMIN_TEXT']);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
}
cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id'], 'is_premod' => $comment['published'] ? 0 : $_LANG['COMM_PREMODER_TEXT'], 'comment_id' => $comment_id));
}
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'edit') {
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
$comment = $model->getComment(cmsCore::request('comment_id', 'int', 0));
if (!$comment) {
die;
}
// редактировать могут авторы (если время редактирования есть)
// модераторы и администраторы
if (!$model->is_can_moderate && !$inUser->is_admin && !($inUser->id == $comment['user_id'] && $comment['is_editable'])) {
cmsCore::error404();
}
if ($model->is_can_bbcode) {
$content = cmsCore::request('content', 'html', '');
$com_new['content_bbcode'] = $inDB->escape_string($content);
$com_new['content'] = $inDB->escape_string(cmsCore::parseSmiles($content, true));
} else {
$com_new['content'] = cmsCore::request('content', 'str', '');
$com_new['content_bbcode'] = $com_new['content'];
$com_new['content'] = str_replace(array('\\r', '\\n'), '<br>', $com_new['content']);
}
// Текст комментраия отсутствует
if (!$com_new['content']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
//Если ошибок не было,
//обновляем комментарий в базе
$model->updateComment($comment['id'], $com_new);
// Обновляем в ленте активности
$content_short = mb_substr(strip_tags($com_new['content']), 0, 140);
cmsActions::updateLog('add_comment', array('description' => $content_short), $comment['id']);
$com_new['content'] = stripslashes(str_replace(array('\\r', '\\n'), ' ', $com_new['content']));
$com_new = cmsCore::callEvent('GET_COMMENT', $com_new);
cmsCore::jsonOutput(array('error' => false, 'text' => $com_new['content'], 'comment_id' => $comment['id']));
}
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'delete') {
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
$comment = $model->getComment($id);
if (!$comment) {
cmsCore::error404();
}
if (!$inUser->id && !($model->is_can_delete && $inUser->id == $comment['user_id']) && !$model->is_can_moderate && !$inUser->is_admin) {
cmsCore::error404();
}
//узнаем ответственный компонент из cms_comment_targets
$target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*');
if (!$target) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1'));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteComment($id);
//подключим модель этого компонента
if (cmsCore::loadModel($target['component'])) {
$model_class = 'cms_model_' . $target['component'];
if (class_exists($model_class)) {
$target_model = new $model_class();
// Пересчитываем количество комментариев у цели если нужно
if (method_exists($target_model, 'updateCommentsCount')) {
$target_model->updateCommentsCount($comment['target'], $comment['target_id']);
}
}
}
cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id']));
}
}
<script type="text/javascript" src="/includes/jquery/jquery.form.js"></script>
<?php if ($is_reply_user) { ?>
<div class="usr_msgreply_source">
<div class="usr_msgreply_sourcetext"><?php echo $msg['message']; ?></div>
<div class="usr_msgreply_author"><?php echo $_LANG['ORIGINAL_MESS']; ?>: <a href="<?php echo cmsUser::getProfileURL($msg['login']); ?>"><?php echo $msg['nickname']; ?></a>, <?php echo $msg['senddate']; ?></div>
</div>
<?php } ?>
<form action="" method="POST" name="msgform" id="send_msgform">
<input type="hidden" name="gosend" value="1" />
<input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" />
<div class="usr_msg_bbcodebox"><?php echo $bbcodetoolbar; ?></div>
<?php echo $smilestoolbar; ?>
<div class="cm_editor">
<textarea class="ajax_autogrowarea" name="message" id="message"></textarea>
</div>
<div style="margin-top:6px; display:block">
<?php if (!$id && $friends) { ?>
<strong><?php echo $_LANG['SEND_TO']; ?>: </strong>
<select name="user_id" id="user_id" class="s_usr" style="width:160px;" onchange="changeFriendTo();">
<option value="0"></option>
<?php foreach($friends as $friend) { ?>
<option value="<?php echo $friend['id']; ?>" <?php if ($id == $friend['id']) {?> selected="selected"<?php } ?>><?php echo $friend['nickname']; ?></option>
<?php } ?>
</select>
<?php } else { ?>
<select name="user_id" id="user_id" style="display: none;">
<option value="<?php echo $id; ?>" selected="selected"></option>
</select>
<?php } ?>
<?php if ($articles) { ?>
<table cellspacing="2" cellpadding="4" border="0" width="100%">
<?php foreach ($articles as $article) { ?>
<tr>
<td class="mod_blog_karma" valign="top" width="30"><?php echo $this->rating($article['rating']); ?></td>
<td valign="top">
<div>
<a class="mod_bcon_content" style="font-size:16px" href="<?php echo $article['url']; ?>"><?php echo $this->truncate($article['title'], 60); ?></a> —
<span class="mod_bcon_date"><?php echo $article['fpubdate']; ?></span> (<a class="mod_bcon_author" href="<?php echo cmsUser::getProfileURL($article['user_login']) ?>"><?php echo $article['author']; ?></a>)
</div>
<?php if ($cfg['showdesc'] != 0) { ?>
<?php if ($article['image_small']) { ?>
<div class="mod_latest_image">
<img src="<?php echo $article['image_small']; ?>" border="0" width="32" height="32" alt="<?php echo $this->escape($article['title']); ?>"/>
</div>
<?php } ?>
<div><?php echo $article['description']; ?></div>
<?php } ?>
</td>
</tr>
<?php } ?>
<?php if ($cfg['showlink'] != 0) { ?>
<tr><td colspan="2">
<div style="text-align:right">
<a href="/content/top.html"><?php echo $_LANG['BESTCONTENT_FULL_RATING']; ?></a> →
</div>
</td></tr>
<?php } ?>
</table>
<?php } else { ?>
<p><?php echo $_LANG['BESTCONTENT_NOT_ARTICLES']; ?></p>
function cmsTagItemLink($target, $item_id){
$inCore = cmsCore::getInstance();
$link = '';
switch ($target){
case 'content':
$today = date("Y-m-d H:i:s");
$sql = "SELECT i.title as title, c.title as cat, i.seolink as seolink, c.seolink as cat_seolink
FROM cms_content i
INNER JOIN cms_category c ON c.id = i.category_id
WHERE i.id = '$item_id' AND i.published = 1 AND i.is_arhive = 0 AND i.pubdate <= '$today' AND (i.is_end=0 OR (i.is_end=1 AND i.enddate >= '$today')) LIMIT 1";
$rs = cmsCore::c('db')->query($sql) ;
if (cmsCore::c('db')->num_rows($rs)){
$item = cmsCore::c('db')->fetch_assoc($rs);
$link = '<a href="/'.$item['cat_seolink'].'" class="tag_searchcat">'.$item['cat'].'</a> → ';
$link .= '<a href="/'.$item['seolink'].'.html" class="tag_searchitem">'.$item['title'].'</a>';
}
break;
case 'blogpost':
$sql = "SELECT i.title as title, i.id as item_id, c.title as cat, c.id as cat_id, c.owner as owner, c.user_id user_id, i.seolink as seolink, c.seolink as bloglink
FROM cms_blog_posts i
LEFT JOIN cms_blogs c ON c.id = i.blog_id
WHERE i.id = '$item_id' AND i.published = 1";
$rs = cmsCore::c('db')->query($sql) ;
if (cmsCore::c('db')->num_rows($rs)){
$item = cmsCore::c('db')->fetch_assoc($rs);
if ($item['owner'] == 'club') { $item['cat'] = cmsCore::c('db')->get_field('cms_clubs','id='.$item['user_id'],'title'); }
$link = '<a href="/blogs/'.$item['bloglink'].'" class="tag_searchcat">'.$item['cat'].'</a> → ';
$link .= '<a href="/blogs/'.$item['bloglink'].'/'.$item['seolink'].'.html" class="tag_searchitem">'.$item['title'].'</a>';
}
break;
case 'photo':
$sql = "SELECT i.title as title, i.id as item_id, c.title as cat, c.id as cat_id
FROM cms_photo_files i
LEFT JOIN cms_photo_albums c ON c.id = i.album_id
WHERE i.id = '$item_id' AND i.published = 1";
$rs = cmsCore::c('db')->query($sql) ;
if (cmsCore::c('db')->num_rows($rs)){
$item = cmsCore::c('db')->fetch_assoc($rs);
$link = '<a href="/photos/'.$item['cat_id'].'" class="tag_searchcat">'.$item['cat'].'</a> → ';
$link .= '<a href="/photos/photo'.$item['item_id'].'.html" class="tag_searchitem">'.$item['title'].'</a>';
}
break;
case 'userphoto':
$sql = "SELECT i.title as title, i.id as item_id, c.nickname as cat, c.id as cat_id, c.login as login
FROM cms_user_photos i
LEFT JOIN cms_users c ON c.id = i.user_id
WHERE i.id = '$item_id'";
$rs = cmsCore::c('db')->query($sql) ;
if (cmsCore::c('db')->num_rows($rs)){
$item = cmsCore::c('db')->fetch_assoc($rs);
$link = '<a href="'.cmsUser::getProfileURL($item['login']).'" class="tag_searchcat">'.$item['cat'].'</a> → ';
$link .= '<a href="/users/'.$item['cat_id'].'/photo'.$item['item_id'].'.html" class="tag_searchitem">'.$item['title'].'</a>';
}
break;
case 'catalog':
$sql = "SELECT i.title as title, i.id as item_id, c.title as cat, c.id as cat_id
FROM cms_uc_items i
LEFT JOIN cms_uc_cats c ON c.id = i.category_id
WHERE i.id = '$item_id' AND i.published = 1";
$rs = cmsCore::c('db')->query($sql) ;
if (cmsCore::c('db')->num_rows($rs)){
$item = cmsCore::c('db')->fetch_assoc($rs);
$link = '<a href="/catalog/'.$item['cat_id'].'" class="tag_searchcat">'.$item['cat'].'</a> → ';
$link .= '<a href="/catalog/item'.$item['item_id'].'.html" class="tag_searchitem">'.$item['title'].'</a>';
}
break;
case 'video':
$inCore->loadModel('video');
$model = cms_model_video::initModel();
$sql = "SELECT i.title as title, i.id as item_id, i.seolink as movie_seolink, c.title as cat_title, c.id as cat_id, c.seolink as cat_seolink
FROM cms_video_movie i
INNER JOIN cms_video_category c ON c.id = i.cat_id
WHERE i.id = '$item_id'";
$rs = cmsCore::c('db')->query($sql) ;
if (cmsCore::c('db')->num_rows($rs)){
$item = cmsCore::c('db')->fetch_assoc($rs);
$link = '<a href="'.$model->getCatLink($item['cat_seolink'], $item['cat_id']).'" class="tag_searchcat">'.$item['cat_title'].'</a> → ';
$link .= '<a href="'.$model->getMovieLink($item['cat_seolink'].'/'.$item['movie_seolink'], $item['item_id']).'" class="tag_searchitem">'.$item['title'].'</a>';
}
break;
case 'shop':
$sql = "SELECT i.title as title, i.seolink as seolink, c.title as cat, c.seolink as cat_seolink
FROM cms_shop_items i
LEFT JOIN cms_shop_cats c ON c.id = i.category_id
WHERE i.id = '$item_id'";
$rs = cmsCore::c('db')->query($sql) ;
if (cmsCore::c('db')->num_rows($rs)){
$item = cmsCore::c('db')->fetch_assoc($rs);
$link = '<a href="/shop/'.$item['cat_seolink'].'" class="tag_searchcat">'.$item['cat'].'</a> → ';
$link .= '<a href="/shop/'.$item['seolink'].'.html" class="tag_searchitem">'.$item['title'].'</a>';
}
break;
case 'maps':
$sql = "SELECT i.title as title, i.seolink as seolink, c.title as cat, c.seolink as cat_seolink
FROM cms_map_items i
LEFT JOIN cms_map_cats c ON c.id = i.category_id
WHERE i.id = '$item_id'";
$rs = cmsCore::c('db')->query($sql) ;
if (cmsCore::c('db')->num_rows($rs)){
$item = cmsCore::c('db')->fetch_assoc($rs);
$link = '<a href="/maps/'.$item['cat_seolink'].'" class="tag_searchcat">'.$item['cat'].'</a> → ';
$link .= '<a href="/maps/'.$item['seolink'].'.html" class="tag_searchitem">'.$item['title'].'</a>';
}
break;
}
return $link;
}
function users()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_users();
// id пользователя
$id = cmsCore::request('id', 'int', 0);
// логин пользователя
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$pagetitle = $inCore->getComponentTitle();
if ($model->config['sw_search'] != 2) {
$inPage->addPathway($pagetitle, '/users');
}
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
// js только авторизованным
if ($inUser->id) {
$inPage->addHeadJS('components/users/js/profile.js');
$inPage->addHeadJsLang(array('CONFIRM_CLEAN_CAT', 'CHOOSE_RECIPIENT', 'SEND_TO_USER', 'FRIENDSHIP_OFFER', 'STOP_FRIENDLY', 'REALY_STOP_FRIENDLY', 'ENTER_STATUS', 'HAVE_JUST'));
}
//============================================================================//
//========================= Список пользователей ============================//
//============================================================================//
if ($do == 'view') {
// если запрещен просмотр всех пользователей, 404
if ($model->config['sw_search'] == 2) {
cmsCore::error404();
}
//очищаем поисковые запросы если пришли со другой страницы
if (!strstr(cmsCore::getBackURL(), '/users')) {
cmsUser::sessionClearAll();
}
$stext = array();
// Возможные входные переменные
$name = cmsCore::getSearchVar('name');
$city = cmsCore::getSearchVar('city');
$hobby = cmsCore::getSearchVar('hobby');
$gender = cmsCore::getSearchVar('gender');
$orderby = cmsCore::request('orderby', array('karma', 'rating', 'regdate'), 'regdate');
$orderto = cmsCore::request('orderto', array('asc', 'desc'), 'desc');
$age_to = (int) cmsCore::getSearchVar('ageto', 'all');
$age_fr = (int) cmsCore::getSearchVar('agefrom', 'all');
$group_id = cmsCore::request('group_id', 'int', 0);
// Флаг о показе только онлайн пользователей
if (cmsCore::inRequest('online')) {
cmsUser::sessionPut('usr_online', (bool) cmsCore::request('online', 'int'));
$page = 1;
}
$only_online = cmsUser::sessionGet('usr_online');
if ($only_online) {
$stext[] = $_LANG['SHOWING_ONLY_ONLINE'];
}
///////////////////////////////////////
//////////Условия выборки//////////////
///////////////////////////////////////
// группа
if ($group_id) {
$model->whereUserGroupIs($group_id);
$link['group'] = '/users/group/' . $group_id;
$_LANG['GROUP_SEARCH_NAME'] = cmsUser::getGroupTitle($group_id);
}
// Добавляем в выборку имя, если оно есть
if ($name) {
$model->whereNameIs($name);
$stext[] = $_LANG['NAME'] . " — " . htmlspecialchars(stripslashes($name));
}
// Добавляем в выборку город, если он есть
if ($city) {
$model->whereCityIs($city);
$stext[] = $_LANG['CITY'] . " — " . htmlspecialchars(stripslashes($city));
}
// Добавляем в выборку хобби, если есть
if ($hobby) {
$model->whereHobbyIs($hobby);
$stext[] = $_LANG['HOBBY'] . " — " . htmlspecialchars(stripslashes($hobby));
}
// Добавляем в выборку пол, если есть
if ($gender) {
$model->whereGenderIs($gender);
if ($gender == 'm') {
$stext[] = $_LANG['MALE'];
} else {
$stext[] = $_LANG['FEMALE'];
}
}
// Добавляем в выборку возраст, более
if ($age_fr) {
$model->whereAgeFrom($age_fr);
$stext[] = $_LANG['NOT_YOUNG'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Добавляем в выборку возраст, менее
if ($age_to) {
$model->whereAgeTo($age_to);
$stext[] = $_LANG['NOT_OLD'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Считаем общее количество согласно выборки
$total = $model->getUsersCount($only_online);
if ($total) {
//устанавливаем сортировку
$inDB->orderBy($orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во пользователей на странице
$inDB->limitPage($page, $model->config['users_perpage']);
// Загружаем пользователей согласно выборки
$users = $model->getUsers($only_online);
} else {
$inDB->resetConditions();
}
$link['latest'] = '/users';
$link['positive'] = '/users/positive.html';
$link['rating'] = '/users/rating.html';
if ($orderby == 'regdate') {
$link['selected'] = 'latest';
}
if ($orderby == 'karma') {
$link['selected'] = 'positive';
}
if ($orderby == 'rating') {
$link['selected'] = 'rating';
}
$pagebar_link = '/users/' . $link['selected'] . '%page%.html';
if ($group_id) {
$link['selected'] = 'group';
$pagebar_link = '/users/' . $link['selected'] . '/' . $group_id . '-%page%';
}
cmsPage::initTemplate('components', 'com_users_view')->assign('stext', $stext)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('users', $users)->assign('total', $total)->assign('only_online', $only_online)->assign('gender', $gender)->assign('name', stripslashes($name))->assign('city', stripslashes($city))->assign('hobby', stripslashes($hobby))->assign('age_to', $age_to)->assign('age_fr', $age_fr)->assign('cfg', $model->config)->assign('link', $link)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['users_perpage'], $pagebar_link))->display('com_users_view.tpl');
}
//============================================================================//
//======================= Редактирование профиля ============================//
//============================================================================//
if ($do == 'editprofile') {
// неавторизованным, не владельцам и не админам тут делать нечего
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = $model->getUser($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'edit');
// главного админа может редактировать только он сам
if ($id == 1 && $inUser->id != $id) {
cmsCore::error404();
}
// показываем форму
if ($opt == 'edit') {
$inPage->setTitle($_LANG['CONFIG_PROFILE'] . ' - ' . $usr['nickname']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['CONFIG_PROFILE']);
$private_forms = array();
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, $usr['formsdata']));
}
}
}
cmsPage::initTemplate('components', 'com_users_edit_profile')->assign('opt', $opt)->assign('usr', $usr)->assign('private_forms', $private_forms)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('cfg', $model->config)->display('com_users_edit_profile.tpl');
return;
}
// Если сохраняем профиль
if ($opt == 'save') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$users['nickname'] = cmsCore::request('nickname', 'str');
if (mb_strlen($users['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
cmsCore::loadModel('registration');
$modreg = new cms_model_registration();
if (!$inUser->is_admin) {
if ($modreg->getBadNickname($users['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
}
$profiles['gender'] = cmsCore::request('gender', 'str');
$profiles['city'] = cmsCore::request('city', 'str');
if (mb_strlen($profiles['city']) > 50) {
cmsCore::addSessionMessage($_LANG['LONG_CITY_NAME'], 'error');
$errors = true;
}
$users['email'] = cmsCore::request('email', 'email');
if (!$users['email']) {
cmsCore::addSessionMessage($_LANG['REALY_ADRESS_EMAIL'], 'error');
$errors = true;
}
if ($usr['email'] != $users['email']) {
$is_set_email = $inDB->get_field('cms_users', "email='{$users['email']}'", 'id');
if ($is_set_email) {
cmsCore::addSessionMessage($_LANG['ADRESS_EMAIL_IS_BUSY'], 'error');
$errors = true;
} else {
// формируем токен
$token = md5($usr['email'] . uniqid() . microtime());
$inDB->insert('cms_users_activate', array('user_id' => $inUser->id, 'pubdate' => date("Y-m-d H:i:s"), 'code' => $token));
$codelink = HOST . '/users/change_email/' . $token . '/' . $users['email'];
// по старому адресу высылаем письмо с подтверждением
$letter = cmsCore::getLanguageTextFile('change_email');
$letter = str_replace(array('{nickname}', '{codelink}'), array($inUser->nickname, $codelink), $letter);
cmsCore::mailText($usr['email'], '', $letter);
cmsCore::addSessionMessage(sprintf($_LANG['YOU_CHANGE_EMAIL'], $usr['email']), 'info');
// email не меняем
$users['email'] = $usr['email'];
}
}
$profiles['showphone'] = cmsCore::request('showphone', 'int', 0);
$profiles['showmail'] = cmsCore::request('showmail', 'int');
$profiles['email_newmsg'] = cmsCore::request('email_newmsg', 'int');
$profiles['showbirth'] = cmsCore::request('showbirth', 'int');
$profiles['description'] = cmsCore::request('description', 'str', '');
$users['birthdate'] = (int) $_REQUEST['birthdate']['year'] . '-' . (int) $_REQUEST['birthdate']['month'] . '-' . (int) $_REQUEST['birthdate']['day'];
$profiles['signature'] = $inDB->escape_string(cmsCore::badTagClear(cmsCore::request('signature', 'html', '')));
$profiles['signature_html'] = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('signature', 'html', ''), true));
$profiles['allow_who'] = cmsCore::request('allow_who', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['allow_who'])) {
$errors = true;
}
$users['icq'] = cmsCore::request('icq', 'str', '');
$profiles['showicq'] = cmsCore::request('showicq', 'int');
$profiles['cm_subscribe'] = cmsCore::request('cm_subscribe', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['cm_subscribe'])) {
$errors = true;
}
$users['phone'] = cmsCore::request('phone', 'int', 0);
// получаем данные форм
$profiles['formsdata'] = '';
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$profiles['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
if ($errors) {
cmsCore::redirectBack();
}
$inDB->update('cms_user_profiles', cmsCore::callEvent('UPDATE_USER_PROFILES', array_merge(array('id' => $usr['pid'], 'user_id' => $usr['id']), $profiles)), $usr['pid']);
$inDB->update('cms_users', cmsCore::callEvent('UPDATE_USER_USERS', array_merge(array('id' => $usr['id']), $users)), $usr['id']);
cmsCore::addSessionMessage($_LANG['PROFILE_SAVED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
if ($opt == 'changepass') {
$errors = false;
$oldpass = cmsCore::request('oldpass', 'str');
$newpass = cmsCore::request('newpass', 'str');
$newpass2 = cmsCore::request('newpass2', 'str');
if ($inUser->password != md5($oldpass)) {
cmsCore::addSessionMessage($_LANG['OLD_PASS_WRONG'], 'error');
$errors = true;
}
if ($newpass != $newpass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($oldpass && $newpass && $newpass2 && mb_strlen($newpass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
cmsCore::callEvent('UPDATE_USER_PASSWORD', array('user_id' => $usr['id'], 'oldpass' => $oldpass, 'newpass' => $newpass));
$sql = "UPDATE cms_users SET password='******' WHERE id = '{$id}' AND password='******'";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['PASS_CHANGED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//============================= Просмотр профиля ============================//
//============================================================================//
if ($do == 'profile') {
$inPage->addHeadJsLang(array('NEW_POST_ON_WALL', 'CONFIRM_DEL_POST_ON_WALL'));
// если просмотр профиля гостям запрещен
if (!$inUser->id && !$model->config['sw_guest']) {
cmsUser::goToLogin();
}
if (is_numeric($login)) {
cmsCore::error404();
}
$usr = $model->getUser($login);
if (!$usr) {
cmsCore::error404();
}
$myprofile = $inUser->id == $usr['id'];
$inPage->setTitle($usr['nickname']);
$inPage->addPathway($usr['nickname']);
// просмотр профиля запрещен
if (!cmsUser::checkUserContentAccess($usr['allow_who'], $usr['id'])) {
cmsPage::initTemplate('components', 'com_users_not_allow')->assign('is_auth', $inUser->id)->assign('usr', $usr)->display('com_users_not_allow.tpl');
return;
}
// Профиль удален
if ($usr['is_deleted']) {
cmsPage::initTemplate('components', 'com_users_deleted.tpl')->assign('usr', $usr)->assign('is_admin', $inUser->is_admin)->assign('others_active', $inDB->rows_count('cms_users', "login='******'login']}' AND is_deleted=0", 1))->display('com_users_deleted.tpl');
return;
}
// Данные о друзьях
$usr['friends_total'] = cmsUser::getFriendsCount($usr['id']);
$usr['friends'] = cmsUser::getFriends($usr['id']);
// очищать сессию друзей если в своем профиле и количество друзей из базы не совпадает с количеством друзей в сессии
if ($myprofile && sizeof($usr['friends']) != $usr['friends_total']) {
cmsUser::clearSessionFriends();
}
// обрезаем список
$usr['friends'] = array_slice($usr['friends'], 0, 6);
// выясняем друзья ли мы с текущим пользователем
$usr['isfriend'] = !$myprofile ? cmsUser::isFriend($usr['id']) : false;
// награды пользователя
$usr['awards'] = $model->config['sw_awards'] ? $model->getUserAwards($usr['id']) : false;
// стена
if ($model->config['sw_wall']) {
$inDB->limitPage(1, $model->config['wall_perpage']);
$usr['wall_html'] = cmsUser::getUserWall($usr['id'], 'users', $myprofile, $inUser->is_admin);
}
// можно ли пользователю изменять карму
$usr['can_change_karma'] = $model->isUserCanChangeKarma($usr['id']) && $inUser->id;
// Фотоальбомы пользователя
if ($model->config['sw_photo']) {
$usr['albums'] = $model->getPhotoAlbums($usr['id'], $usr['isfriend'], !$inCore->isComponentEnable('photos'));
$usr['albums_total'] = sizeof($usr['albums']);
$usr['albums_show'] = 6;
if ($usr['albums_total'] > $usr['albums_show']) {
array_splice($usr['albums'], $usr['albums_show']);
}
}
$usr['board_count'] = $model->config['sw_board'] ? $inDB->rows_count('cms_board_items', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['comments_count'] = $model->config['sw_comm'] ? $inDB->rows_count('cms_comments', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['forum_count'] = $model->config['sw_forum'] ? $inDB->rows_count('cms_forum_posts', "user_id = '{$usr['id']}'") : 0;
$usr['files_count'] = $model->config['sw_files'] ? $inDB->rows_count('cms_user_files', "user_id = '{$usr['id']}'") : 0;
$cfg_reg = $inCore->loadComponentConfig('registration');
$usr['invites_count'] = $inUser->id && $myprofile && $cfg_reg['reg_type'] == 'invite' ? $model->getUserInvitesCount($inUser->id) : 0;
$usr['blog'] = $model->config['sw_blogs'] ? $inDB->get_fields('cms_blogs', "user_id = '{$usr['id']}' AND owner = 'user'", 'title, seolink') : false;
$usr['form_fields'] = array();
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$usr['form_fields'] = array_merge($usr['form_fields'], cmsForm::getFieldsValues($form_id, $usr['formsdata']));
}
}
if ($usr['city']) {
cmsCore::loadModel('geo');
$geo = new cms_model_geo();
$city_parents = $geo->getCityParents($usr['city']);
if ($city_parents) {
$usr['country'] = $city_parents['country_name'];
}
}
$plugins = $model->getPluginsOutput($usr);
cmsPage::initTemplate('components', 'com_users_profile.tpl')->assign('usr', $usr)->assign('plugins', $plugins)->assign('cfg', $model->config)->assign('myprofile', $myprofile)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('is_admin', $inUser->is_admin)->assign('is_auth', $inUser->id)->display('com_users_profile.tpl');
}
//============================================================================//
//============================= Список сообщений ============================//
//============================================================================//
if ($do == 'messages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_MESS']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['MY_MESS'], '/users/' . $id . '/messages.html');
include 'components/users/messages.php';
}
//============================================================================//
//=========================== Отправка сообщения ============================//
//============================================================================//
if ($do == 'sendmessage') {
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id && !cmsCore::inRequest('massmail') && !cmsCore::request('send_to_group', 'int', 0)) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gosend')) {
$replyid = cmsCore::request('replyid', 'int', 0);
if ($replyid) {
$msg = $model->getReplyMessage($replyid, $inUser->id);
if (!$msg) {
cmsCore::halt();
}
}
$inPage->setRequestIsAjax();
cmsPage::initTemplate('components', 'com_users_messages_add')->assign('msg', isset($msg) ? $msg : array())->assign('is_reply_user', $replyid)->assign('id', $id)->assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->assign('groups', $inUser->is_admin ? cmsUser::getGroups(true) : array())->assign('friends', cmsUser::getFriends($inUser->id))->assign('id_admin', $inUser->is_admin)->display('com_users_messages_add.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
if (cmsCore::inRequest('gosend')) {
// Кому отправляем
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
$message = cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true);
if (mb_strlen($message) < 2) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$output = cmsCore::callEvent('USER_SEND_MESSEDGE', array('text' => $message, 'to_id' => $id));
$message = $output['text'];
$id = $output['to_id'];
$send_to_group = cmsCore::request('send_to_group', 'int', 0);
$group_id = cmsCore::request('group_id', 'int', 0);
//
// Обычная отправка (1 получатель)
//
if (!cmsCore::inRequest('massmail') && !$send_to_group) {
//отправляем сообщение
$msg_id = cmsUser::sendMessage($inUser->id, $id, $message);
// отправляем уведомление на email если нужно
$model->sendNotificationByEmail($id, $inUser->id, $msg_id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_MESS_OK']));
}
//
// далее идут массовые рассылки, доступные только админам
//
if (!$inUser->is_admin) {
cmsCore::halt();
}
// отправить всем: получаем список всех пользователей
if (cmsCore::inRequest('massmail')) {
$userlist = cmsUser::getAllUsers();
// проверяем что есть кому отправлять
if (!$userlist) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ERR_SEND_MESS']));
}
$count = array();
// отправляем всем по списку
foreach ($userlist as $usr) {
$count[] = cmsUser::sendMessage(USER_MASSMAIL, $usr['id'], $message);
}
cmsCore::jsonOutput(array('error' => false, 'text' => sprintf($_LANG['SEND_MESS_ALL_OK'], sizeof($count))));
}
// отправить группе: получаем список членов группы
if ($send_to_group) {
$count = cmsUser::sendMessageToGroup(USER_MASSMAIL, $group_id, $message);
$success_msg = sprintf($_LANG['SEND_MESS_GROUP_OK'], $count, cmsUser::getGroupTitle($group_id));
cmsCore::jsonOutput(array('error' => false, 'text' => $success_msg));
}
}
}
//============================================================================//
//============================= Удаление сообщения ==========================//
//============================================================================//
if ($do == 'delmessage') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$msg = $inDB->get_fields('cms_user_msg', "id='{$id}'", '*');
if (!$msg) {
cmsCore::halt();
}
$can_delete = $inUser->id == $msg['to_id'] || $inUser->id == $msg['from_id'] ? true : false;
if (!$can_delete && !$inUser->is_admin) {
cmsCore::halt();
}
// Сообщения с from_id < 0
if ($msg['from_id'] < 0) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_NOTICE_DEL_OK'];
}
// мне сообщение от пользователя
if ($msg['to_id'] == $inUser->id && $msg['from_id'] > 0) {
$inDB->query("UPDATE cms_user_msg SET to_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// от меня сообщение
if ($msg['from_id'] == $inUser->id && !$msg['is_new']) {
$inDB->query("UPDATE cms_user_msg SET from_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// отзываем сообщение
if ($msg['from_id'] == $inUser->id && $msg['is_new']) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_BACK_OK'];
}
// удаляем сообщения, которые удалены с двух сторон
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
cmsCore::jsonOutput(array('error' => false, 'text' => $info_text));
}
//============================================================================//
//=========================== Удаление сообщений ============================//
//============================================================================//
if ($do == 'delmessages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if ($inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'in');
if ($opt == 'notices') {
$inDB->query("DELETE FROM cms_user_msg WHERE to_id = '{$id}' AND from_id < 0");
} else {
$del_flag = $opt == 'in' ? 'to_del' : 'from_del';
$id_flag = $opt == 'in' ? 'to_id' : 'from_id';
$inDB->query("UPDATE cms_user_msg SET {$del_flag}=1 WHERE {$id_flag}='{$id}'");
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
}
cmsCore::addSessionMessage($_LANG['MESS_ALL_DEL_OK'], 'info');
cmsCore::redirectBack();
}
//============================================================================//
//============================= Загрузка аватара ============================//
//============================================================================//
if ($do == 'avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['LOAD_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['LOAD_AVATAR']);
if (cmsCore::inRequest('upload')) {
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/';
$inUploadPhoto->dir_medium = 'users/avatars/';
$inUploadPhoto->dir_small = 'users/avatars/small/';
$inUploadPhoto->small_size_w = $model->config['smallw'];
$inUploadPhoto->medium_size_w = $model->config['medw'];
$inUploadPhoto->medium_size_h = $model->config['medh'];
$inUploadPhoto->is_watermark = false;
$inUploadPhoto->input_name = 'picture';
$file = $inUploadPhoto->uploadPhoto($inUser->orig_imageurl);
if (!$file) {
cmsCore::addSessionMessage('<strong>' . $_LANG['ERROR'] . ':</strong> ' . cmsCore::uploadError() . '!', 'error');
cmsCore::redirect('/users/' . $id . '/avatar.html');
}
$sql = "UPDATE cms_user_profiles SET imageurl = '{$file['filename']}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $file['filename'] . '">
</a>'));
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
} else {
cmsPage::initTemplate('components', 'com_users_avatar_upload')->assign('id', $id)->display('com_users_avatar_upload.tpl');
}
}
//============================================================================//
//============================= Библиотека аватаров =========================//
//============================================================================//
if ($do == 'select_avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$avatars_dir = PATH . "/images/users/avatars/library";
$avatars_dir_rel = "/images/users/avatars/library";
$avatars_dir_handle = opendir($avatars_dir);
$avatars = array();
while ($nextfile = readdir($avatars_dir_handle)) {
if ($nextfile != '.' && $nextfile != '..' && (mb_strstr($nextfile, '.gif') || mb_strstr($nextfile, '.jpg') || mb_strstr($nextfile, '.jpeg') || mb_strstr($nextfile, '.png'))) {
$avatars[] = $nextfile;
}
}
closedir($avatars_dir_handle);
if (!cmsCore::inRequest('set_avatar')) {
$inPage->setTitle($_LANG['SELECT_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['SELECT_AVATAR']);
$perpage = 20;
$total = sizeof($avatars);
$avatars = array_slice($avatars, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_avatars')->assign('userid', $id)->assign('avatars', $avatars)->assign('avatars_dir', $avatars_dir_rel)->assign('page', $page)->assign('perpage', $perpage)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/users/%user_id%/select-avatar-%page%.html', array('user_id' => $id)))->display('com_users_avatars.tpl');
} else {
$avatar_id = cmsCore::request('avatar_id', 'int', 0);
$file = $avatars[$avatar_id];
if (file_exists($avatars_dir . '/' . $file)) {
$uploaddir = PATH . '/images/users/avatars/';
$realfile = $file;
$filename = md5($realfile . '-' . $id . '-' . time()) . '.jpg';
$uploadfile = $avatars_dir . '/' . $realfile;
$uploadavatar = $uploaddir . $filename;
$uploadthumb = $uploaddir . 'small/' . $filename;
if ($inUser->orig_imageurl && $inUser->orig_imageurl != 'nopic.jpg') {
@unlink(PATH . '/images/users/avatars/' . $inUser->orig_imageurl);
@unlink(PATH . '/images/users/avatars/small/' . $inUser->orig_imageurl);
}
cmsCore::includeGraphics();
copy($uploadfile, $uploadavatar);
@img_resize($uploadfile, $uploadthumb, $model->config['smallw'], $model->config['smallw']);
$sql = "UPDATE cms_user_profiles SET imageurl = '{$filename}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $filename . '">
</a>'));
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//======================== Работа с фотографиями ============================//
//============================================================================//
if ($do == 'photos') {
if (!$model->config['sw_photo']) {
cmsCore::error404();
}
$pdo = cmsCore::request('pdo', 'str', '');
include 'components/users/photos.php';
}
//============================================================================//
//============================= Друзья пользователя =========================//
//============================================================================//
if ($do == 'friendlist') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$perpage = 10;
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['FRIENDS']);
$inPage->setTitle($_LANG['FRIENDS']);
// все друзья
$friends = cmsUser::getFriends($usr['id']);
// их общее количество
$total = count($friends);
// получаем только нужных на странице
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_friends')->assign('friends', $friends)->assign('usr', $usr)->assign('myprofile', $id == $inUser->id)->assign('total', $total)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/friendlist%page%.html\')'))->display('com_users_friends.tpl');
}
//============================================================================//
//============================= Запрос на дружбу ============================//
//============================================================================//
if ($do == 'addfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
cmsUser::clearSessionFriends();
if (cmsUser::isFriend($id)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['YOU_ARE_BE_FRIENDS']));
}
// проверяем был ли ранее запрос на дружбу
// если был, то делаем accept запросу
$is_need_accept_id = cmsUser::getFriendFieldId($id, 0, 'to_me');
if ($is_need_accept_id) {
$inDB->query("UPDATE cms_user_friends SET is_accepted = 1 WHERE id = '{$is_need_accept_id}'");
//регистрируем событие
cmsActions::log('add_friend', array('object' => $inUser->nickname, 'user_id' => $usr['id'], 'object_url' => cmsUser::getProfileURL($inUser->login), 'object_id' => $is_need_accept_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::callEvent('USER_ACCEPT_FRIEND', $id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_FRIEND_OK'] . $usr['nickname']));
}
// Если пользователь пытается добавиться в друзья к
// пользователю, к которому уже отправил запрос
if (cmsUser::getFriendFieldId($id, 0, 'from_me')) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ADD_TO_FRIEND_SEND_ERR']));
}
// Мы вообще не друзья с пользователем, создаем запрос
cmsUser::addFriend($id);
cmsUser::sendMessage(USER_UPDATER, $id, sprintf($_LANG['RECEIVED_F_O'], cmsUser::getProfileLink($inUser->login, $inUser->nickname), '<a class="ajaxlink" href="javascript:void(0)" onclick="users.acceptFriend(' . $inUser->id . ', this);return false;">' . $_LANG['ACCEPT'] . '</a>', '<a class="ajaxlink" href="javascript:void(0)" onclick="users.rejectFriend(' . $inUser->id . ', this);return false;">' . $_LANG['REJECT'] . '</a>'));
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_TO_FRIEND_SEND']));
}
//============================================================================//
//============================= Прекращение дружбы ==========================//
//============================================================================//
if ($do == 'delfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
if (cmsUser::getFriendFieldId($id)) {
$is_accepted_friend = cmsUser::isFriend($id);
if (cmsUser::deleteFriend($id)) {
// Если подтвержденный друг
if ($is_accepted_friend) {
cmsCore::jsonOutput(array('error' => false, 'text' => $usr['nickname'] . $_LANG['DEL_FRIEND']));
} else {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['REJECT_FRIEND'] . $usr['nickname']));
}
} else {
cmsCore::halt();
}
} else {
cmsCore::halt();
}
}
//============================================================================//
//============================= История кармы ===============================//
//============================================================================//
if ($do == 'karma') {
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['KARMA_HISTORY']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['KARMA_HISTORY']);
cmsPage::initTemplate('components', 'com_users_karma')->assign('karma', $model->getUserKarma($usr['id']))->assign('usr', $usr)->display('com_users_karma.tpl');
}
//============================================================================//
//============================= Изменение кармы =============================//
//============================================================================//
if ($do == 'votekarma') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$points = cmsCore::request('sign', 'str', 'plus') == 'plus' ? 1 : -1;
$to = cmsCore::request('to', 'int', 0);
$user = cmsUser::getShortUserData($to);
if (!$user) {
cmsCore::halt();
}
if (!$model->isUserCanChangeKarma($to)) {
cmsCore::halt();
}
cmsCore::halt(cmsUser::changeKarmaUser($to, $points));
}
//============================================================================//
//======================= Наградить пользователя ============================//
//============================================================================//
if ($do == 'giveaward') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['AWARD_USER']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['AWARD']);
if (!cmsCore::inRequest('gosend')) {
cmsPage::initTemplate('components', 'com_users_awards_give')->assign('usr', $usr)->assign('awardslist', cmsUser::getAwardsImages())->display('com_users_awards_give.tpl');
} else {
$award['title'] = cmsCore::request('title', 'str', $_LANG['AWRD']);
$award['description'] = cmsCore::request('description', 'str', '');
$award['imageurl'] = cmsCore::request('imageurl', 'str', '');
$award['from_id'] = $inUser->id;
$award['id'] = 0;
cmsUser::giveAward($award, $id);
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
}
//============================================================================//
//============================= Удаление награды ============================//
//============================================================================//
if ($do == 'delaward') {
$aw = $inDB->get_fields('cms_user_awards', "id = '{$id}'", '*');
if (!$aw) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $aw['user_id'] && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->delete('cms_user_awards', "id = '{$id}'", 1);
cmsActions::removeObjectLog('add_award', $id);
cmsCore::redirectBack();
}
//============================================================================//
//============================= Награды на сайте ============================//
//============================================================================//
if ($do == 'awardslist') {
$inPage->setTitle($_LANG['SITE_AWARDS']);
$inPage->addPathway($_LANG['SITE_AWARDS']);
$awards = cmsUser::getAutoAwards();
if (!$awards) {
cmsCore::error404();
}
foreach ($awards as $aw) {
//Перебираем все награды и ищем пользователей с текущей наградой
$sql = "SELECT u.id as id, u.nickname as nickname, u.login as login, IFNULL(p.gender, 'm') as gender\r\n FROM cms_user_awards aw\r\n LEFT JOIN cms_users u ON u.id = aw.user_id\r\n LEFT JOIN cms_user_profiles p ON p.user_id = u.id\r\n WHERE aw.award_id = '{$aw['id']}'";
$rs = $inDB->query($sql);
$aw['uhtml'] = '';
if ($inDB->num_rows($rs)) {
while ($user = $inDB->fetch_assoc($rs)) {
$aw['uhtml'] .= cmsUser::getGenderLink($user['id'], $user['nickname'], $user['gender'], $user['login']) . ', ';
}
$aw['uhtml'] = rtrim($aw['uhtml'], ', ');
} else {
$aw['uhtml'] = $_LANG['NOT_USERS_WITH_THIS_AWARD'];
}
$aws[] = $aw;
}
cmsPage::initTemplate('components', 'com_users_awards_site')->assign('aws', $aws)->display('com_users_awards_site.tpl');
}
//============================================================================//
//============================= Удаление профиля ============================//
//============================================================================//
if ($do == 'delprofile') {
// неавторизованным тут делать нечего
if (!$inUser->id) {
cmsCore::error404();
}
// есть ли удаляемый профиль
$data = cmsUser::getShortUserData($id);
if (!$data) {
cmsCore::error404();
}
// владелец профиля или админ
if ($inUser->is_admin) {
// могут ли администраторы удалять профиль
if (!cmsUser::isAdminCan('admin/users', cmsUser::getAdminAccess())) {
cmsCore::error404();
}
// администратор сам себя не удалит
if ($inUser->id == $data['id']) {
cmsCore::error404();
}
} else {
// удаляем только свой профиль
if ($inUser->id != $data['id']) {
cmsCore::error404();
}
}
if (isset($_POST['csrf_token'])) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteUser($id);
if (!$inUser->is_admin) {
session_destroy();
cmsCore::redirect('/logout');
} else {
cmsCore::addSessionMessage($_LANG['DELETING_PROFILE_OK'], 'info');
cmsCore::redirect('/users');
}
} else {
$inPage->setTitle($_LANG['DELETING_PROFILE']);
$inPage->addPathway($data['nickname'], $inUser->getProfileURL($data['login']));
$inPage->addPathway($_LANG['DELETING_PROFILE']);
$confirm['title'] = $_LANG['DELETING_PROFILE'];
$confirm['text'] = '<p>' . $_LANG['REALLY_DEL_PROFILE'] . '</p>';
$confirm['action'] = '/users/' . $id . '/delprofile.html';
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
cmsPage::initTemplate('components', 'action_confirm.tpl')->assign('confirm', $confirm)->display('action_confirm.tpl');
}
}
//============================================================================//
//============================ Восстановить профиль =========================//
//============================================================================//
if ($do == 'restoreprofile') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_deleted = 0 WHERE id = '{$id}'");
cmsCore::redirectBack();
}
//============================================================================//
//============================= Файлы пользователей =========================//
//============================================================================//
if ($do == 'files') {
if (!$model->config['sw_files']) {
cmsCore::error404();
}
$fdo = cmsCore::request('fdo', 'str', '');
include 'components/users/files.php';
}
//============================================================================//
//================================ Инвайты =================================//
//============================================================================//
if ($do == 'invites') {
$reg_cfg = $inCore->loadComponentConfig('registration');
if ($reg_cfg['reg_type'] != 'invite') {
cmsCore::error404();
}
$invites_count = $model->getUserInvitesCount($inUser->id);
if (!$invites_count) {
cmsCore::error404();
}
if (!cmsCore::inRequest('send_invite')) {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_INVITES']);
cmsPage::initTemplate('components', 'com_users_invites')->assign('invites_count', $invites_count)->display('com_users_invites.tpl');
return;
}
if (cmsCore::inRequest('send_invite')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$invite_email = cmsCore::request('invite_email', 'email', '');
if (!$invite_email) {
cmsCore::redirectBack();
}
if ($model->sendInvite($inUser->id, $invite_email)) {
cmsCore::addSessionMessage(sprintf($_LANG['INVITE_SENDED'], $invite_email), 'success');
} else {
cmsCore::addSessionMessage($_LANG['INVITE_ERROR'], 'error');
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
if ($do == 'change_email') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$email = cmsCore::request('email', 'email', '');
$token = cmsCore::request('token', 'str', '');
// не занят ли email
$is_email = $inDB->get_field('cms_users', "email='{$email}'", 'id');
if ($is_email || !$email || !$token) {
cmsCore::error404();
}
// проверяем токен
$valid_id = $inDB->get_field('cms_users_activate', "code='{$token}' AND user_id = '{$inUser->id}'", 'id');
if (!$valid_id) {
cmsCore::error404();
}
$inDB->delete('cms_users_activate', "id = '{$valid_id}'");
// Сохраняем новый email
$inDB->update('cms_users', array('email' => $email), $inUser->id);
cmsCore::addSessionMessage($_LANG['NEW_EMAIL_SAVED'], 'success');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}
</tr>
<?php } ?>
</table>
</div>
<?php } ?>
<?php if ($is_quests) { ?>
<?php if ($id == 0) { ?>
<h1 class="con_heading"><?php echo $_LANG['LAST_QUESTIONS']; ?></h1>
<?php } ?>
<?php foreach($quests as $quest) { ?>
<div class="faq_quest">
<table cellspacing="5" cellpadding="0" border="0" width="100%">
<tr>
<td width="30" valign="top"><img src="/templates/<?php echo cmsCore::c('config')->template; ?>/images/icons/big/faq_quest.png" border="0" /></td>
<td width="" valign="middle">
<div class="faq_quest_link"><a href="/faq/quest<?php echo $quest['id']; ?>.html"><?php echo $quest['quest']; ?></a></div>
<?php if ($id == 0) { ?>
<div class="faq_questcat">→ <a href="/faq/<?php echo $quest['cid']; ?>"><?php echo $quest['cat_title']; ?></a></div>
<?php } ?>
<div class="faq_questdate"><?php echo $quest['pubdate']; ?></div>
<?php if ($cfg['user_link']) { ?>
<div class="faq_questuser"><?php if ($quest['nickname']) { ?><a href="<?php echo cmsUser::getProfileURL($quest['login']); ?>"><?php echo $quest['nickname']; ?></a><?php } else { ?><?php echo $_LANG['QUESTION_GUEST']; ?><?php } ?></div>
<?php } ?>
</td>
</tr>
</table>
</div>
<?php } ?>
<?php if ($id > 0) { ?> <?php echo $pagebar; ?> <?php } ?>
<?php } ?>
<table cellspacing="5" border="0" cellpadding="3" class="mod_user_rating">
<?php foreach ($users as $usr) { ?>
<tr>
<td width="20" class="avatar"><a href="<?php echo cmsUser::getProfileURL($usr['login']); ?>"><img border="0" class="usr_img_small" src="<?php echo $usr['avatar']; ?>" /></a></td>
<td width="">
<?php echo $usr['user_link']; ?>
<?php if ($cfg['view_type'] == 'rating') { ?>
<div class="rating"><?php echo $this->rating($usr['rating']); ?></div>
<?php } else { ?>
<div class="karma"><?php echo $this->rating($usr['karma']); ?></div>
<?php } ?>
<?php if ($usr['microstatus']) { ?>
<div class="microstatus"><?php echo $usr['microstatus']; ?></div>
<?php } ?>
</td>
</tr>
<?php } ?>
</table>
<?php $last_thread_id = $post['thread_id']; ?>
<tr class="posts_table_tr">
<td class="post_usercell" width="140" align="center" valign="top" height="150">
<div>
<a href="<?php echo cmsUser::getProfileURL($post['login']); ?>" title="<?php echo $_LANG['GOTO_PROFILE']; ?>"><?php echo $this->escape($post['nickname']); ?></a>
</div>
<div class="post_userrank">
<?php if ($post['userrank']['group']) { ?>
<span class="<?php echo $post['userrank']['class']; ?>"><?php echo $post['userrank']['group']; ?></span>
<?php } ?>
<?php if ($post['userrank']['rank']) { ?>
<span class="<?php echo $post['userrank']['class']; ?>"><?php echo $post['userrank']['rank']; ?></span>
<?php } ?>
</div>
<div class="post_userimg">
<a href="<?php echo cmsUser::getProfileURL($post['login']); ?>" title="<?php echo $_LANG['GOTO_PROFILE']; ?>"><img border="0" class="usr_img_small" src="<?php echo $post['avatar_url']; ?>" alt="<?php echo $this->escape($post['nickname']); ?>" /></a>
<?php if ($post['user_awards']) { ?>
<div class="post_userawards">
<?php foreach($post['user_awards'] as $award) { ?>
<img src="/images/icons/award.gif" border="0" alt="<?php echo $this->escape($award['title']); ?>" title="<?php echo $this->escape($award['title']); ?>"/>
<?php } ?>
</div>
<?php } ?>
</div>
<div class="post_usermsgcnt"><?php echo $_LANG['MESSAGES']; ?>: <?php echo $post['post_count']; ?></div>
<?php if ($post['city']) { ?>
<div class="post_usermsgcnt"><?php echo $post['city']; ?></div>
<?php } ?>
<div><?php echo $post['flogdate']; ?></div>
</td>
<td width="" class="post_msgcell" align="left" valign="top">
