function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
if (!osc_users_enabled()) {
osc_add_flash_error_message(_m('Users are not enabled'));
$this->redirectTo(osc_base_url());
}
osc_csrf_check();
osc_run_hook('before_validating_login');
// e-mail or/and password is/are empty or incorrect
$wrongCredentials = false;
$email = Params::getParam('email');
$password = Params::getParam('password', false, false);
if ($email == '') {
osc_add_flash_error_message(_m('Please provide an email address'));
$wrongCredentials = true;
}
if ($password == '') {
osc_add_flash_error_message(_m('Empty passwords are not allowed. Please provide a password'));
$wrongCredentials = true;
}
if ($wrongCredentials) {
$this->redirectTo(osc_user_login_url());
}
if (osc_validate_email($email)) {
$user = User::newInstance()->findByEmail($email);
}
if (empty($user)) {
$user = User::newInstance()->findByUsername($email);
}
if (empty($user)) {
osc_add_flash_error_message(_m("The user doesn't exist"));
$this->redirectTo(osc_user_login_url());
}
if (!osc_verify_password($password, isset($user['s_password']) ? $user['s_password'] : '')) {
osc_add_flash_error_message(_m('The password is incorrect'));
$this->redirectTo(osc_user_login_url());
// @TODO if valid user, send email parameter back to the login form
} else {
if (@$user['s_password'] != '') {
if (preg_match('|\\$2y\\$([0-9]{2})\\$|', $user['s_password'], $cost)) {
if ($cost[1] != BCRYPT_COST) {
User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
}
} else {
User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
}
}
}
// e-mail or/and IP is/are banned
$banned = osc_is_banned($email);
// int 0: not banned or unknown, 1: email is banned, 2: IP is banned, 3: both email & IP are banned
if ($banned & 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
}
if ($banned & 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
}
if ($banned !== 0) {
$this->redirectTo(osc_user_login_url());
}
osc_run_hook('before_login');
$url_redirect = osc_get_http_referer();
$page_redirect = '';
if (osc_rewrite_enabled()) {
if ($url_redirect != '') {
$request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $url_redirect));
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
$rules = Rewrite::newInstance()->listRules();
foreach ($rules as $match => $uri) {
if (preg_match('#' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
$page_redirect = $match[2];
if ($page_redirect == '' || $page_redirect == 'login') {
$url_redirect = osc_user_dashboard_url();
}
}
break;
}
}
}
}
require_once LIB_PATH . 'osclass/UserActions.php';
$uActions = new UserActions(false);
$logged = $uActions->bootstrap_login($user['pk_i_id']);
if ($logged == 0) {
osc_add_flash_error_message(_m("The user doesn't exist"));
} else {
if ($logged == 1) {
if (time() - strtotime($user['dt_access_date']) > 1200) {
// EACH 20 MINUTES
osc_add_flash_error_message(sprintf(_m('The user has not been validated yet. Would you like to re-send your <a href="%s">activation?</a>'), osc_user_resend_activation_link($user['pk_i_id'], $user['s_email'])));
} else {
osc_add_flash_error_message(_m('The user has not been validated yet'));
}
} else {
if ($logged == 2) {
osc_add_flash_error_message(_m('The user has been suspended'));
} else {
if ($logged == 3) {
if (Params::getParam('remember') == 1) {
//this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
Cookie::newInstance()->push('oc_userSecret', $secret);
Cookie::newInstance()->set();
}
if ($url_redirect == '') {
$url_redirect = osc_user_dashboard_url();
}
osc_run_hook("after_login", $user, $url_redirect);
$this->redirectTo(osc_apply_filter('correct_login_url_redirect', $url_redirect));
} else {
osc_add_flash_error_message(_m('This should never happen'));
}
}
}
}
if (!$user['b_enabled']) {
$this->redirectTo(osc_user_login_url());
}
$this->redirectTo(osc_user_login_url());
break;
case 'resend':
$id = Params::getParam('id');
$email = Params::getParam('email');
$user = User::newInstance()->findByPrimaryKey($id);
if ($id == '' || $email == '' || !isset($user) || $user['b_active'] == 1 || $email != $user['s_email']) {
osc_add_flash_error_message(_m('Incorrect link'));
$this->redirectTo(osc_user_login_url());
}
if (time() - strtotime($user['dt_access_date']) > 1200) {
// EACH 20 MINUTES
if (osc_notify_new_user()) {
osc_run_hook('hook_email_admin_new_user', $user);
}
if (osc_user_validation_enabled()) {
osc_run_hook('hook_email_user_validation', $user, $user);
}
User::newInstance()->update(array('dt_access_date' => date('Y-m-d H:i:s')), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('Validation email re-sent'));
} else {
osc_add_flash_warning_message(_m('We have just sent you an email to validate your account, you will have to wait a few minutes to resend it again'));
}
$this->redirectTo(osc_user_login_url());
break;
case 'recover':
//form to recover the password (in this case we have the form in /gui/)
$this->doView('user-recover.php');
break;
case 'recover_post':
//post execution to recover the password
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
// e-mail is incorrect
if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
osc_add_flash_error_message(_m('Invalid email address'));
$this->redirectTo(osc_recover_user_password_url());
}
$userActions = new UserActions(false);
$success = $userActions->recover_password();
switch ($success) {
case 0:
// recover ok
osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
$this->redirectTo(osc_base_url());
break;
case 1:
// e-mail does not exist
osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
$this->redirectTo(osc_recover_user_password_url());
break;
case 2:
// recaptcha wrong
osc_add_flash_error_message(_m('The recaptcha code is wrong'));
$this->redirectTo(osc_recover_user_password_url());
break;
}
break;
case 'forgot':
//form to recover the password (in this case we have the form in /gui/)
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
$this->doView('user-forgot_password.php');
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'forgot_post':
osc_csrf_check();
if (Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user['b_enabled'] == 1) {
if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) {
User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => Params::getServerParam('REMOTE_ADDR'), 's_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('The password has been changed'));
$this->redirectTo(osc_user_login_url());
} else {
osc_add_flash_error_message(_m("Error, the password don't match"));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
}
$this->redirectTo(osc_base_url());
break;
default:
//login
Session::newInstance()->_setReferer(osc_get_http_referer());
if (osc_logged_user_id() != '') {
$this->redirectTo(osc_user_dashboard_url());
}
$this->doView('user-login.php');
}
}
public function init()
{
// $_SERVER is not supported by Params Class... we should fix that
if (isset($_SERVER['REQUEST_URI'])) {
$request_uri = urldecode(preg_replace('@^' . REL_WEB_URL . '@', "", $_SERVER['REQUEST_URI']));
if (osc_rewrite_enabled()) {
foreach ($this->rules as $match => $uri) {
// UNCOMMENT TO DEBUG
//echo 'Request URI: '.$request_uri." # Match : ".$match." # URI to go : ".$uri." <br />";
if (preg_match('#' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
break;
}
}
}
$this->extractParams($request_uri);
$this->request_uri = $request_uri;
//$this->uri = $this->extractURL($request_uri);
//$this->location = str_replace(".php", "", $this->uri);
if (Params::getParam('page') != '') {
$this->location = Params::getParam('page');
}
if (Params::getParam('action') != '') {
$this->section = Params::getParam('action');
}
}
}
function osc_static_page_url($locale = '')
{
if ($locale != '') {
if (osc_rewrite_enabled()) {
return osc_base_url() . osc_static_page_field("s_internal_name") . "-p" . osc_static_page_field("pk_i_id") . "-" . $locale;
} else {
return osc_base_url(true) . "?page=page&id=" . osc_static_page_field("pk_i_id") . "&lang=" . $locale;
}
} else {
if (osc_rewrite_enabled()) {
return osc_base_url() . osc_static_page_field("s_internal_name") . "-p" . osc_static_page_field("pk_i_id");
} else {
return osc_base_url(true) . "?page=page&id=" . osc_static_page_field("pk_i_id");
}
}
}
function pop_init_config()
{
// block send_friend, send_friend_post
if (Params::getParam('action') == 'send_friend' || Params::getParam('action') == 'send_friend_post') {
pop_redirect_404();
}
if (Params::getParam('action') == 'pub_profile') {
Params::setParam('itemsPerPage', osc_default_results_per_page_at_search());
}
if (!osc_rewrite_enabled()) {
if (Params::getParam('page') == 'search' && Params::getParam('hook') == 'load_more_listing') {
// no stdio at search page, only via ajax
osc_add_hook('after_search', 'pop_echo_pop_print_listing_card');
}
}
}
/**
* Gets link for mark as expired the current item
*
* @return string
*/
function osc_item_link_expired()
{
if (!osc_rewrite_enabled()) {
$url = osc_base_url(true) . "?page=item&action=mark&as=expired&id=" . osc_item_id();
} else {
$url = osc_base_url() . osc_get_preference('rewrite_item_mark') . "/expired/" . osc_item_id();
}
return (string) $url;
}
public function init()
{
if (Params::existServerParam('REQUEST_URI')) {
if (preg_match('|[\\?&]{1}http_referer=(.*)$|', urldecode(Params::getServerParam('REQUEST_URI', false, false)), $ref_match)) {
$this->http_referer = $ref_match[1];
$_SERVER['REQUEST_URI'] = preg_replace('|[\\?&]{1}http_referer=(.*)$|', "", urldecode(Params::getServerParam('REQUEST_URI', false, false)));
}
$request_uri = preg_replace('@^' . REL_WEB_URL . '@', "", urldecode(Params::getServerParam('REQUEST_URI', false, false)));
$this->raw_request_uri = $request_uri;
$route_used = false;
foreach ($this->routes as $id => $route) {
// UNCOMMENT TO DEBUG
//echo 'Request URI: '.$request_uri." # Match : ".$route['regexp']." # URI to go : ".$route['url']." <br />";
if (preg_match('#^' . $route['regexp'] . '#', $request_uri, $m)) {
if (!preg_match_all('#\\{([^\\}]+)\\}#', $route['url'], $args)) {
$args[1] = array();
}
$l = count($m);
for ($p = 1; $p < $l; $p++) {
if (isset($args[1][$p - 1])) {
Params::setParam($args[1][$p - 1], $m[$p]);
} else {
Params::setParam('route_param_' . $p, $m[$p]);
}
}
Params::setParam('page', 'custom');
Params::setParam('route', $id);
$route_used = true;
$this->location = $route['location'];
$this->section = $route['section'];
$this->title = $route['title'];
break;
}
}
if (!$route_used) {
if (osc_rewrite_enabled()) {
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
// if try to access directly to a php file
if (preg_match('#^(.+?)\\.php(.*)$#', $request_uri)) {
$file = explode("?", $request_uri);
if (!file_exists(ABS_PATH . $file[0])) {
Rewrite::newInstance()->set_location('error');
header('HTTP/1.1 404 Not Found');
osc_current_web_theme_path('404.php');
exit;
}
}
foreach ($this->rules as $match => $uri) {
// UNCOMMENT TO DEBUG
// echo 'Request URI: '.$request_uri." # Match : ".$match." # URI to go : ".$uri." <br />";
if (preg_match('#^' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
break;
}
}
}
$this->extractParams($request_uri);
$this->request_uri = $request_uri;
if (Params::getParam('page') != '') {
$this->location = Params::getParam('page');
}
if (Params::getParam('action') != '') {
$this->section = Params::getParam('action');
}
}
}
}
/**
* Gets the url of current "list city""
*
* @return string
*/
function osc_list_city_url()
{
if (osc_rewrite_enabled()) {
$url = osc_base_url();
if (osc_get_preference('seo_url_search_prefix') != '') {
$url .= osc_get_preference('seo_url_search_prefix') . '/';
}
$url .= osc_sanitizeString(osc_list_city_name()) . '-c' . osc_list_city_id();
return $url;
} else {
return osc_search_url(array('sCity' => osc_list_city_id()));
}
}
function doModel()
{
osc_run_hook('before_search');
if (osc_rewrite_enabled()) {
// IF rewrite is not enabled, skip this part, preg_match is always time&resources consuming task
$p_sParams = "/" . Params::getParam('sParams', false, false);
if (preg_match_all('|\\/([^,]+),([^\\/]*)|', $p_sParams, $m)) {
$l = count($m[0]);
for ($k = 0; $k < $l; $k++) {
switch ($m[1][$k]) {
case osc_get_preference('rewrite_search_country'):
$m[1][$k] = 'sCountry';
break;
case osc_get_preference('rewrite_search_region'):
$m[1][$k] = 'sRegion';
break;
case osc_get_preference('rewrite_search_city'):
$m[1][$k] = 'sCity';
break;
case osc_get_preference('rewrite_search_city_area'):
$m[1][$k] = 'sCityArea';
break;
case osc_get_preference('rewrite_search_category'):
$m[1][$k] = 'sCategory';
break;
case osc_get_preference('rewrite_search_user'):
$m[1][$k] = 'sUser';
break;
case osc_get_preference('rewrite_search_pattern'):
$m[1][$k] = 'sPattern';
break;
default:
// custom fields
if (preg_match("/meta(\\d+)-?(.*)?/", $m[1][$k], $results)) {
$meta_key = $m[1][$k];
$meta_value = $m[2][$k];
$array_r = array();
if (Params::existParam('meta')) {
$array_r = Params::getParam('meta');
}
if ($results[2] == '') {
// meta[meta_id] = meta_value
$meta_key = $results[1];
$array_r[$meta_key] = $meta_value;
} else {
// meta[meta_id][meta_key] = meta_value
$meta_key = $results[1];
$meta_key2 = $results[2];
$array_r[$meta_key][$meta_key2] = $meta_value;
}
$m[1][$k] = 'meta';
$m[2][$k] = $array_r;
}
break;
}
Params::setParam($m[1][$k], $m[2][$k]);
}
Params::unsetParam('sParams');
}
}
$uriParams = Params::getParamsAsArray();
$searchUri = osc_search_url($uriParams);
if ($this->uri != 'feed') {
if (str_replace("%20", '+', $searchUri) != str_replace("%20", '+', WEB_PATH . $this->uri)) {
$this->redirectTo($searchUri, 301);
}
}
////////////////////////////////
//GETTING AND FIXING SENT DATA//
////////////////////////////////
$p_sCategory = Params::getParam('sCategory');
if (!is_array($p_sCategory)) {
if ($p_sCategory == '') {
$p_sCategory = array();
} else {
$p_sCategory = explode(",", $p_sCategory);
}
}
$p_sCityArea = Params::getParam('sCityArea');
if (!is_array($p_sCityArea)) {
if ($p_sCityArea == '') {
$p_sCityArea = array();
} else {
$p_sCityArea = explode(",", $p_sCityArea);
}
}
$p_sCity = Params::getParam('sCity');
if (!is_array($p_sCity)) {
if ($p_sCity == '') {
$p_sCity = array();
} else {
$p_sCity = explode(",", $p_sCity);
}
}
$p_sRegion = Params::getParam('sRegion');
if (!is_array($p_sRegion)) {
if ($p_sRegion == '') {
$p_sRegion = array();
} else {
$p_sRegion = explode(",", $p_sRegion);
}
}
$p_sCountry = Params::getParam('sCountry');
if (!is_array($p_sCountry)) {
if ($p_sCountry == '') {
$p_sCountry = array();
} else {
$p_sCountry = explode(",", $p_sCountry);
}
}
$p_sUser = Params::getParam('sUser');
if (!is_array($p_sUser)) {
if ($p_sUser == '') {
$p_sUser = '';
} else {
$p_sUser = explode(",", $p_sUser);
}
}
$p_sLocale = Params::getParam('sLocale');
if (!is_array($p_sLocale)) {
if ($p_sLocale == '') {
$p_sLocale = '';
} else {
$p_sLocale = explode(",", $p_sLocale);
}
}
$p_sPattern = trim(strip_tags(Params::getParam('sPattern')));
// ADD TO THE LIST OF LAST SEARCHES
if (osc_save_latest_searches() && (!Params::existParam('iPage') || Params::getParam('iPage') == 1)) {
$savePattern = osc_apply_filter('save_latest_searches_pattern', $p_sPattern);
if ($savePattern != '') {
LatestSearches::newInstance()->insert(array('s_search' => $savePattern, 'd_date' => date('Y-m-d H:i:s')));
}
}
$p_bPic = Params::getParam('bPic');
$p_bPic = $p_bPic == 1 ? 1 : 0;
$p_bPremium = Params::getParam('bPremium');
$p_bPremium = $p_bPremium == 1 ? 1 : 0;
$p_sPriceMin = Params::getParam('sPriceMin');
$p_sPriceMax = Params::getParam('sPriceMax');
//WE CAN ONLY USE THE FIELDS RETURNED BY Search::getAllowedColumnsForSorting()
$p_sOrder = Params::getParam('sOrder');
if (!in_array($p_sOrder, Search::getAllowedColumnsForSorting())) {
$p_sOrder = osc_default_order_field_at_search();
}
$old_order = $p_sOrder;
//ONLY 0 ( => 'asc' ), 1 ( => 'desc' ) AS ALLOWED VALUES
$p_iOrderType = Params::getParam('iOrderType');
$allowedTypesForSorting = Search::getAllowedTypesForSorting();
$orderType = osc_default_order_type_at_search();
foreach ($allowedTypesForSorting as $k => $v) {
if ($p_iOrderType == $v) {
$orderType = $k;
break;
}
}
$p_iOrderType = $orderType;
$p_sFeed = Params::getParam('sFeed');
$p_iPage = 0;
if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') > 0) {
$p_iPage = intval(Params::getParam('iPage')) - 1;
}
if ($p_sFeed != '') {
$p_sPageSize = 1000;
}
$p_sShowAs = Params::getParam('sShowAs');
$aValidShowAsValues = array('list', 'gallery');
if (!in_array($p_sShowAs, $aValidShowAsValues)) {
$p_sShowAs = osc_default_show_as_at_search();
}
// search results: it's blocked with the maxResultsPerPage@search defined in t_preferences
$p_iPageSize = intval(Params::getParam('iPagesize'));
if ($p_iPageSize > 0) {
if ($p_iPageSize > osc_max_results_per_page_at_search()) {
$p_iPageSize = osc_max_results_per_page_at_search();
}
} else {
$p_iPageSize = osc_default_results_per_page_at_search();
}
//FILTERING CATEGORY
$bAllCategoriesChecked = false;
$successCat = false;
if (count($p_sCategory) > 0) {
foreach ($p_sCategory as $category) {
$successCat = $this->mSearch->addCategory($category) || $successCat;
}
} else {
$bAllCategoriesChecked = true;
}
//FILTERING CITY_AREA
foreach ($p_sCityArea as $city_area) {
$this->mSearch->addCityArea($city_area);
}
$p_sCityArea = implode(", ", $p_sCityArea);
//FILTERING CITY
foreach ($p_sCity as $city) {
$this->mSearch->addCity($city);
}
$p_sCity = implode(", ", $p_sCity);
//FILTERING REGION
foreach ($p_sRegion as $region) {
$this->mSearch->addRegion($region);
}
$p_sRegion = implode(", ", $p_sRegion);
//FILTERING COUNTRY
foreach ($p_sCountry as $country) {
$this->mSearch->addCountry($country);
}
$p_sCountry = implode(", ", $p_sCountry);
// FILTERING PATTERN
if ($p_sPattern != '') {
$this->mSearch->addPattern($p_sPattern);
$osc_request['sPattern'] = $p_sPattern;
} else {
// hardcoded - if there isn't a search pattern, order by dt_pub_date desc
if ($p_sOrder == 'relevance') {
$p_sOrder = 'dt_pub_date';
foreach ($allowedTypesForSorting as $k => $v) {
if ($p_iOrderType == 'desc') {
$orderType = $k;
break;
}
}
$p_iOrderType = $orderType;
}
}
// FILTERING USER
if ($p_sUser != '') {
$this->mSearch->fromUser($p_sUser);
}
// FILTERING LOCALE
$this->mSearch->addLocale($p_sLocale);
// FILTERING IF WE ONLY WANT ITEMS WITH PICS
if ($p_bPic) {
$this->mSearch->withPicture(true);
}
// FILTERING IF WE ONLY WANT PREMIUM ITEMS
if ($p_bPremium) {
$this->mSearch->onlyPremium(true);
}
//FILTERING BY RANGE PRICE
$this->mSearch->priceRange($p_sPriceMin, $p_sPriceMax);
//ORDERING THE SEARCH RESULTS
$this->mSearch->order($p_sOrder, $allowedTypesForSorting[$p_iOrderType]);
//SET PAGE
if ($p_sFeed == 'rss') {
// If param sFeed=rss, just output last 'osc_num_rss_items()'
$this->mSearch->page(0, osc_num_rss_items());
} else {
$this->mSearch->page($p_iPage, $p_iPageSize);
}
// CUSTOM FIELDS
$custom_fields = Params::getParam('meta');
$fields = Field::newInstance()->findIDSearchableByCategories($p_sCategory);
$table = DB_TABLE_PREFIX . 't_item_meta';
if (is_array($custom_fields)) {
foreach ($custom_fields as $key => $aux) {
if (in_array($key, $fields)) {
$field = Field::newInstance()->findByPrimaryKey($key);
switch ($field['e_type']) {
case 'TEXTAREA':
case 'TEXT':
case 'URL':
if ($aux != '') {
$aux = "%{$aux}%";
$sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
$str_escaped = Search::newInstance()->dao->escape($aux);
$sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
$sql .= $table . ".s_value LIKE " . $str_escaped;
$this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
}
break;
case 'DROPDOWN':
case 'RADIO':
if ($aux != '') {
$sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
$str_escaped = Search::newInstance()->dao->escape($aux);
$sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
$sql .= $table . ".s_value = " . $str_escaped;
$this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
}
break;
case 'CHECKBOX':
if ($aux != '') {
$sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
$sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
$sql .= $table . ".s_value = 1";
$this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
}
break;
case 'DATE':
if ($aux != '') {
$y = (int) date('Y', $aux);
$m = (int) date('n', $aux);
$d = (int) date('j', $aux);
$start = mktime('0', '0', '0', $m, $d, $y);
$end = mktime('23', '59', '59', $m, $d, $y);
$sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
$sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
$sql .= $table . ".s_value >= " . $start . " AND ";
$sql .= $table . ".s_value <= " . $end;
$this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
}
break;
case 'DATEINTERVAL':
if (is_array($aux) && (!empty($aux['from']) && !empty($aux['to']))) {
$from = $aux['from'];
$to = $aux['to'];
$start = $from;
$end = $to;
$sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
$sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
$sql .= $start . " >= " . $table . ".s_value AND s_multi = 'from'";
$sql1 = "SELECT fk_i_item_id FROM {$table} WHERE ";
$sql1 .= $table . ".fk_i_field_id = " . $key . " AND ";
$sql1 .= $end . " <= " . $table . ".s_value AND s_multi = 'to'";
$sql_interval = "select a.fk_i_item_id from (" . $sql . ") a where a.fk_i_item_id IN (" . $sql1 . ")";
$this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql_interval . ')');
}
break;
default:
break;
}
}
}
}
osc_run_hook('search_conditions', Params::getParamsAsArray());
// RETRIEVE ITEMS AND TOTAL
$key = md5(osc_base_url() . $this->mSearch->toJson());
$found = null;
$cache = osc_cache_get($key, $found);
$aItems = null;
$iTotalItems = null;
if ($cache) {
$aItems = $cache['aItems'];
$iTotalItems = $cache['iTotalItems'];
} else {
$aItems = $this->mSearch->doSearch();
$iTotalItems = $this->mSearch->count();
$_cache['aItems'] = $aItems;
$_cache['iTotalItems'] = $iTotalItems;
osc_cache_set($key, $_cache, OSC_CACHE_TTL);
}
$iStart = $p_iPage * $p_iPageSize;
$iEnd = min(($p_iPage + 1) * $p_iPageSize, $iTotalItems);
$iNumPages = ceil($iTotalItems / $p_iPageSize);
// works with cache enabled ?
osc_run_hook('search', $this->mSearch);
//preparing variables...
$countryName = $p_sCountry;
if (strlen($p_sCountry) == 2) {
$c = Country::newInstance()->findByCode($p_sCountry);
if ($c) {
$countryName = $c['s_name'];
}
}
$regionName = $p_sRegion;
if (is_numeric($p_sRegion)) {
$r = Region::newInstance()->findByPrimaryKey($p_sRegion);
if ($r) {
$regionName = $r['s_name'];
}
}
$cityName = $p_sCity;
if (is_numeric($p_sCity)) {
$c = City::newInstance()->findByPrimaryKey($p_sCity);
if ($c) {
$cityName = $c['s_name'];
}
}
$this->_exportVariableToView('search_start', $iStart);
$this->_exportVariableToView('search_end', $iEnd);
$this->_exportVariableToView('search_category', $p_sCategory);
// hardcoded - non pattern and order by relevance
$p_sOrder = $old_order;
$this->_exportVariableToView('search_order_type', $p_iOrderType);
$this->_exportVariableToView('search_order', $p_sOrder);
$this->_exportVariableToView('search_pattern', $p_sPattern);
$this->_exportVariableToView('search_from_user', $p_sUser);
$this->_exportVariableToView('search_total_pages', $iNumPages);
$this->_exportVariableToView('search_page', $p_iPage);
$this->_exportVariableToView('search_has_pic', $p_bPic);
$this->_exportVariableToView('search_only_premium', $p_bPremium);
$this->_exportVariableToView('search_country', $countryName);
$this->_exportVariableToView('search_region', $regionName);
$this->_exportVariableToView('search_city', $cityName);
$this->_exportVariableToView('search_price_min', $p_sPriceMin);
$this->_exportVariableToView('search_price_max', $p_sPriceMax);
$this->_exportVariableToView('search_total_items', $iTotalItems);
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('search_show_as', $p_sShowAs);
$this->_exportVariableToView('search', $this->mSearch);
// json
$json = $this->mSearch->toJson();
$encoded_alert = base64_encode(osc_encrypt_alert($json));
// Create the HMAC signature and convert the resulting hex hash into base64
$stringToSign = osc_get_alert_public_key() . $encoded_alert;
$signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign));
$server_signature = Session::newInstance()->_set('alert_signature', $signature);
$this->_exportVariableToView('search_alert', $encoded_alert);
// calling the view...
if (count($aItems) === 0) {
header('HTTP/1.1 404 Not Found');
}
osc_run_hook("after_search");
if (!Params::existParam('sFeed')) {
$this->doView('search.php');
} else {
if ($p_sFeed == '' || $p_sFeed == 'rss') {
// FEED REQUESTED!
header('Content-type: text/xml; charset=utf-8');
$feed = new RSSFeed();
$feed->setTitle(__('Latest listings added') . ' - ' . osc_page_title());
$feed->setLink(osc_base_url());
$feed->setDescription(__('Latest listings added in') . ' ' . osc_page_title());
if (osc_count_items() > 0) {
while (osc_has_items()) {
if (osc_count_item_resources() > 0) {
osc_has_item_resources();
$feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'country' => osc_item_country(), 'region' => osc_item_region(), 'city' => osc_item_city(), 'city_area' => osc_item_city_area(), 'category' => osc_item_category(), 'dt_pub_date' => osc_item_pub_date(), 'image' => array('url' => htmlentities(osc_resource_thumbnail_url(), ENT_COMPAT, "UTF-8"), 'title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"))));
} else {
$feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'country' => osc_item_country(), 'region' => osc_item_region(), 'city' => osc_item_city(), 'city_area' => osc_item_city_area(), 'category' => osc_item_category(), 'dt_pub_date' => osc_item_pub_date()));
}
}
}
osc_run_hook('feed', $feed);
$feed->dumpXML();
} else {
osc_run_hook('feed_' . $p_sFeed, $aItems);
}
}
}
/**
* Gets current page url
*
* @param string $locale
* @return string
*/
function osc_static_page_url($locale = '')
{
if (osc_rewrite_enabled()) {
$sanitized_categories = array();
$cat = Category::newInstance()->hierarchy(osc_item_category_id());
for ($i = count($cat); $i > 0; $i--) {
$sanitized_categories[] = $cat[$i - 1]['s_slug'];
}
$url = str_replace('{PAGE_TITLE}', osc_static_page_title(), str_replace('{PAGE_ID}', osc_static_page_id(), str_replace('{PAGE_SLUG}', urlencode(osc_static_page_slug()), osc_get_preference('rewrite_page_url'))));
if ($locale != '') {
$path = osc_base_url() . $locale . "/" . $url;
} else {
$path = osc_base_url() . $url;
}
} else {
if ($locale != '') {
$path = osc_base_url(true) . "?page=page&id=" . osc_static_page_id() . "&lang=" . $locale;
} else {
$path = osc_base_url(true) . "?page=page&id=" . osc_static_page_id();
}
}
return $path;
}
</div>
<div class="form-row">
<div class="form-label"><?php _e('User change email confirm'); ?></div>
<div class="form-controls">
<input type="text" class="input-large" name="rewrite_user_change_email_confirm" value="<?php echo osc_esc_html(osc_get_preference('rewrite_user_change_email_confirm')); ?>" />
</div>
</div>
<div class="form-row">
<div class="form-label"><?php _e('User change username'); ?></div>
<div class="form-controls">
<input type="text" class="input-large" name="rewrite_user_change_username" value="<?php echo osc_esc_html(osc_get_preference('rewrite_user_change_username')); ?>" />
</div>
</div>
</div>
</div>
<?php if( osc_rewrite_enabled() ) { ?>
<?php if( file_exists(osc_base_path() . '.htaccess') ) { ?>
<div class="form-row">
<h3 class="separate-top"><?php _e('Your .htaccess file') ?></h3>
<pre><?php
$htaccess_content = file_get_contents(osc_base_path() . '.htaccess');
echo htmlentities($htaccess_content);
?></pre>
</div>
<div class="form-row">
<h3 class="separate-top"><?php _e('What your .htaccess file should look like') ?></h3>
<pre><?php
$rewrite_base = REL_WEB_URL;
$htaccess = <<<HTACCESS
<IfModule mod_rewrite.c>
RewriteEngine On
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
if (Session::newInstance()->_getForm('countryId') != "") {
$countryId = Session::newInstance()->_getForm('countryId');
$regions = Region::newInstance()->findByCountry($countryId);
$this->_exportVariableToView('regions', $regions);
if (Session::newInstance()->_getForm('regionId') != "") {
$regionId = Session::newInstance()->_getForm('regionId');
$cities = City::newInstance()->findByRegion($regionId);
$this->_exportVariableToView('cities', $cities);
}
}
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
$this->redirectTo(osc_base_url(true));
}
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(true);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (!osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByEmail($mItems->data['contactEmail']);
// The user exists but it's not logged
if (isset($user['pk_i_id'])) {
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_keepForm($key);
}
osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in'));
$this->redirectTo(osc_user_login_url());
}
}
// POST ITEM ( ADD ITEM )
$success = $mItems->add();
if ($success != 1 && $success != 2) {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_post_url());
} else {
Session::newInstance()->_dropkeepForm('meta_' . $key);
if ($success == 1) {
osc_add_flash_ok_message(_m('Check your inbox to validate your listing'));
} else {
osc_add_flash_ok_message(_m('Your listing has been published'));
}
$itemId = Params::getParam('itemId');
$item = $this->itemManager->findByPrimaryKey($itemId);
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
}
break;
case 'item_edit':
// edit item
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView('item', $item);
osc_run_hook("before_item_edit", $item);
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID"));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_edit_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$success = $mItems->edit();
osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id));
if ($success == 1) {
osc_add_flash_ok_message(_m("Great! We've just updated your listing"));
View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id));
$this->redirectTo(osc_item_url());
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
// item doesn't exist
if (count($item) == 0) {
$this->do404();
return;
}
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['b_active'] == 0) {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_ok_message(_m('The listing has been validated'));
} else {
osc_add_flash_error_message(_m("The listing can't be validated"));
}
} else {
osc_add_flash_warning_message(_m('The listing has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_ok_message(_m('Your listing has been deleted'));
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
$this->redirectTo(osc_base_url());
}
break;
case 'mark':
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) {
// mark item if it's not a bot
$mItem = new ItemActions(false);
$mItem->mark($id, $as);
break;
}
}
osc_add_flash_ok_message(_m("Thanks! That's very helpful"));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_send_friend_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$mItem = new ItemActions(false);
$success = $mItem->send_friend();
if ($success) {
Session::newInstance()->_clearVariables();
$this->redirectTo(osc_item_url());
} else {
$this->redirectTo(osc_item_send_friend_url());
}
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
if (empty($item)) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
} else {
$this->_exportVariableToView('item', $item);
if (osc_item_is_expired()) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
$this->doView('item-contact.php');
} else {
osc_add_flash_error_message(_m("You can't contact the seller, only registered users can"));
$this->redirectTo(osc_item_url());
}
}
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (osc_isExpired($item['dt_expiration'])) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
$mItem = new ItemActions(false);
$result = $mItem->contact();
if (is_string($result)) {
osc_add_flash_error_message($result);
} else {
osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller"));
}
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
osc_add_flash_error_message($msg);
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
osc_add_flash_info_message($msg);
break;
case 2:
$msg = _m('Your comment has been approved');
osc_add_flash_ok_message($msg);
break;
case 3:
$msg = _m('Please fill the required field (email)');
osc_add_flash_warning_message($msg);
break;
case 4:
$msg = _m('Please type a comment');
osc_add_flash_warning_message($msg);
break;
case 5:
$msg = _m('Your comment has been marked as spam');
osc_add_flash_error_message($msg);
break;
}
$this->redirectTo(osc_item_url());
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_error_message(_m("The comment doesn't exist"));
$this->redirectTo(osc_item_url());
}
if ($aComment['b_active'] != 1) {
osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_ok_message(_m('The comment has been deleted'));
$this->redirectTo(osc_item_url());
break;
default:
// if there isn't ID, show an error 404
if (Params::getParam('id') == '') {
$this->do404();
return;
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist show an error 404
if (count($item) == 0) {
$this->do404();
return;
}
if ($item['b_active'] != 1) {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public"));
} else {
osc_add_flash_warning_message(_m("This listing hasn't been validated"));
$this->redirectTo(osc_base_url(true));
}
} else {
if ($item['b_enabled'] == 0) {
osc_add_flash_warning_message(_m('The listing has been suspended'));
$this->redirectTo(osc_base_url(true));
}
}
if (!osc_is_admin_user_logged_in()) {
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) {
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
break;
}
}
}
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
if ($item['fk_i_user_id'] != '') {
$user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
$this->_exportVariableToView('user', $user);
}
$this->_exportVariableToView('item', $item);
osc_run_hook('show_item', $item);
// redirect to the correct url just in case it has changed
$itemURI = str_replace(osc_base_url(), '', osc_item_url());
$URI = preg_replace('|^' . REL_WEB_URL . '|', '', $_SERVER['REQUEST_URI']);
// do not clean QUERY_STRING if permalink is not enabled
if (osc_rewrite_enabled()) {
$URI = str_replace('?' . $_SERVER['QUERY_STRING'], '', $URI);
} else {
$params_keep = array('page', 'id');
$params = array();
foreach (Params::getParamsAsArray('get') as $k => $v) {
if (in_array($k, $params_keep)) {
$params[] = "{$k}={$v}";
}
}
$URI = 'index.php?' . implode('&', $params);
}
// redirect to the correct url
if ($itemURI != $URI) {
$this->redirectTo(osc_base_url() . $itemURI);
}
$this->doView('item.php');
break;
}
}
<div class="form-row">
<div class="form-label"><?php
_e('User change username');
?>
</div>
<div class="form-controls">
<input type="text" class="input-large" name="rewrite_user_change_username" value="<?php
echo osc_esc_html(osc_get_preference('rewrite_user_change_username'));
?>
" />
</div>
</div>
</div>
</div>
<?php
if (osc_rewrite_enabled()) {
?>
<?php
if (file_exists(osc_base_path() . '.htaccess')) {
?>
<div class="form-row">
<h3 class="separate-top"><?php
_e('Your .htaccess file');
?>
</h3>
<pre><?php
$htaccess_content = file_get_contents(osc_base_path() . '.htaccess');
echo htmlentities($htaccess_content);
?>
</pre>
</div>
public function init()
{
// $_SERVER is not supported by Params Class... we should fix that
if(isset($_SERVER['REQUEST_URI'])) {
if(preg_match('|[\?&]{1}http_referer=(.*)$|', urldecode($_SERVER['REQUEST_URI']), $ref_match)) {
$this->http_referer = $ref_match[1];
$_SERVER['REQUEST_URI'] = preg_replace('|[\?&]{1}http_referer=(.*)$|', "", urldecode($_SERVER['REQUEST_URI']));
}
$request_uri = preg_replace('@^' . REL_WEB_URL . '@', "", urldecode($_SERVER['REQUEST_URI']));
$this->raw_request_uri = $request_uri;
$route_used = false;
foreach($this->routes as $id => $route) {
// UNCOMMENT TO DEBUG
//echo 'Request URI: '.$request_uri." # Match : ".$route['regexp']." # URI to go : ".$route['url']." <br />";
if(preg_match('#^'.$route['regexp'].'#', $request_uri, $m)) {
if(!preg_match_all('#\{([^\}]+)\}#', $route['url'], $args)) {
$args[1] = array();
}
$l = count($m);
for($p=1;$p<$l;$p++) {
if(isset($args[1][$p-1])) {
Params::setParam($args[1][$p-1], $m[$p]);
} else {
Params::setParam('route_param_'.$p, $m[$p]);
}
}
Params::setParam('page', 'custom');
Params::setParam('route', $id);
$route_used = true;
$this->location = $route['location'];
$this->section = $route['section'];
$this->title = $route['title'];
break;
}
}
if(!$route_used) {
if(osc_rewrite_enabled()) {
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
foreach($this->rules as $match => $uri) {
// UNCOMMENT TO DEBUG
//echo 'Request URI: '.$request_uri." # Match : ".$match." # URI to go : ".$uri." <br />";
if(preg_match('#^'.$match.'#', $request_uri, $m)) {
$request_uri = preg_replace('#'.$match.'#', $uri, $request_uri);
break;
}
}
}
$this->extractParams($request_uri);
$this->request_uri = $request_uri;
if(Params::getParam('page')!='') { $this->location = Params::getParam('page'); };
if(Params::getParam('action')!='') { $this->section = Params::getParam('action'); };
}
}
}
/**
* Gets search url given params
*
* @params array $params
* @return string
*/
function osc_search_url($params = null)
{
if (osc_rewrite_enabled()) {
$url = osc_base_url() . osc_get_preference('rewrite_search_url');
if ($params != null) {
$url .= "/";
foreach ($params as $k => $v) {
switch ($k) {
case 'sCountry':
$k = osc_get_preference('rewrite_search_country');
break;
case 'sRegion':
$k = osc_get_preference('rewrite_search_region');
break;
case 'sCity':
$k = osc_get_preference('rewrite_search_city');
break;
case 'sCityArea':
$k = osc_get_preference('rewrite_search_city_area');
break;
case 'sCategory':
$k = osc_get_preference('rewrite_search_category');
break;
case 'sUser':
$k = osc_get_preference('rewrite_search_user');
break;
case 'sPattern':
$k = osc_get_preference('rewrite_search_pattern');
break;
default:
break;
}
if ($k != 'page') {
$url .= $k . "," . $v . "/";
}
}
}
} else {
$url = osc_base_url(true) . '?page=search';
if ($params != null) {
foreach ($params as $k => $v) {
$url .= "&" . $k . "=" . $v;
}
}
}
return $url;
}
function osc_item_link_expired()
{
if (!osc_rewrite_enabled()) {
$url = osc_base_url(true) . "?page=item&action=mark&as=expired&id=" . osc_item_id();
} else {
$url = osc_base_url() . "item/mark/expired/" . osc_item_id();
}
return $url;
}
/**
* Gets user's profile url
*
* @return string
*/
function osc_user_public_profile_url($id = null)
{
if ($id == null) {
$id = osc_user_id();
}
if ($id != '') {
if (osc_rewrite_enabled()) {
$path = osc_base_url() . 'user/profile/' . $id;
} else {
$path = sprintf(osc_base_url(true) . '?page=user&action=pub_profile&id=%d', $id);
}
} else {
$path = '';
}
return $path;
}
/**
* @param $id
* @param $args
* @since 3.2
*/
function osc_route_url($id, $args = array())
{
$routes = Rewrite::newInstance()->getRoutes();
if (!isset($routes[$id])) {
return '';
}
if (osc_rewrite_enabled()) {
$uri = $routes[$id]['url'];
$params_url = '';
foreach ($args as $k => $v) {
$old_uri = $uri;
$uri = str_ireplace('{' . $k . '}', $v, $uri);
if ($old_uri == $uri) {
$params_url .= '&' . $k . '=' . $v;
}
}
return osc_base_url() . $uri . ($params_url != '' ? '?' . $params_url : '');
} else {
$params_url = '';
foreach ($args as $k => $v) {
$params_url .= '&' . $k . '=' . $v;
}
return osc_base_url(true) . "?page=custom&route=" . $id . $params_url;
}
}
function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
if (!osc_users_enabled()) {
osc_add_flash_error_message(_m('Users are not enabled'));
$this->redirectTo(osc_base_url());
}
require_once LIB_PATH . 'osclass/UserActions.php';
$user = User::newInstance()->findByEmail(Params::getParam('email'));
$url_redirect = osc_user_dashboard_url();
$page_redirect = '';
if (osc_rewrite_enabled()) {
if (isset($_SERVER['HTTP_REFERER'])) {
$request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $_SERVER['HTTP_REFERER']));
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
$rules = Rewrite::newInstance()->listRules();
foreach ($rules as $match => $uri) {
if (preg_match('#' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
$page_redirect = $match[2];
}
break;
}
}
}
} else {
if (preg_match('|[\\?&]page=([^&]+)|', $_SERVER['HTTP_REFERER'] . '&', $match)) {
$page_redirect = $match[1];
}
}
if (Params::getParam('http_referer') != '') {
Session::newInstance()->_setReferer(Params::getParam('http_referer'));
$url_redirect = Params::getParam('http_referer');
} else {
if (Session::newInstance()->_getReferer() != '') {
Session::newInstance()->_setReferer(Session::newInstance()->_getReferer());
$url_redirect = Session::newInstance()->_getReferer();
} else {
if ($page_redirect != '' && $page_redirect != 'login') {
Session::newInstance()->_setReferer($_SERVER['HTTP_REFERER']);
$url_redirect = $_SERVER['HTTP_REFERER'];
}
}
}
if (!$user) {
osc_add_flash_error_message(_m('The username doesn\'t exist'));
$this->redirectTo(osc_user_login_url());
}
if ($user["s_password"] != sha1(Params::getParam('password'))) {
osc_add_flash_error_message(_m('The password is incorrect'));
$this->redirectTo(osc_user_login_url());
}
$uActions = new UserActions(false);
$logged = $uActions->bootstrap_login($user['pk_i_id']);
if ($logged == 0) {
osc_add_flash_error_message(_m('The username doesn\'t exist'));
} else {
if ($logged == 1) {
osc_add_flash_error_message(_m('The user has not been validated yet'));
} else {
if ($logged == 2) {
osc_add_flash_error_message(_m('The user has been suspended'));
} else {
if ($logged == 3) {
if (Params::getParam('remember') == 1) {
//this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
Cookie::newInstance()->push('oc_userSecret', $secret);
Cookie::newInstance()->set();
}
$this->redirectTo($url_redirect);
} else {
osc_add_flash_error_message(_m('This should never happens'));
}
}
}
}
if (!$user['b_enabled']) {
$this->redirectTo(osc_user_login_url());
}
$this->redirectTo(osc_user_login_url());
break;
case 'recover':
//form to recover the password (in this case we have the form in /gui/)
$this->doView('user-recover.php');
break;
case 'recover_post':
//post execution to recover the password
require_once LIB_PATH . 'osclass/UserActions.php';
// e-mail is incorrect
if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
osc_add_flash_error_message(_m('Invalid email address'));
$this->redirectTo(osc_recover_user_password_url());
}
$userActions = new UserActions(false);
$success = $userActions->recover_password();
switch ($success) {
case 0:
// recover ok
osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
$this->redirectTo(osc_base_url());
break;
case 1:
// e-mail does not exist
osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
$this->redirectTo(osc_recover_user_password_url());
break;
case 2:
// recaptcha wrong
osc_add_flash_error_message(_m('The recaptcha code is wrong'));
$this->redirectTo(osc_recover_user_password_url());
break;
}
break;
case 'forgot':
//form to recover the password (in this case we have the form in /gui/)
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
$this->doView('user-forgot_password.php');
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'forgot_post':
if (Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user['b_enabled'] == 1) {
if (Params::getParam('new_password') == Params::getParam('new_password2')) {
User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => $_SERVER['REMOTE_ADDR'], 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('The password has been changed'));
$this->redirectTo(osc_user_login_url());
} else {
osc_add_flash_error_message(_m('Error, the password don\'t match'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
}
$this->redirectTo(osc_base_url());
break;
default:
//login
if (osc_logged_user_id() != '') {
$this->redirectTo(osc_user_dashboard_url());
}
$this->doView('user-login.php');
}
}
public function init()
{
// $_SERVER is not supported by Params Class... we should fix that
if (isset($_SERVER['REQUEST_URI'])) {
if (preg_match('|[\\?&]{1}http_referer=(.*)$|', urldecode($_SERVER['REQUEST_URI']), $ref_match)) {
$this->http_referer = $ref_match[1];
$_SERVER['REQUEST_URI'] = preg_replace('|[\\?&]{1}http_referer=(.*)$|', "", urldecode($_SERVER['REQUEST_URI']));
}
$request_uri = preg_replace('@^' . REL_WEB_URL . '@', "", urldecode($_SERVER['REQUEST_URI']));
if (osc_rewrite_enabled()) {
$this->extractParams($request_uri);
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
foreach ($this->rules as $match => $uri) {
// UNCOMMENT TO DEBUG
//echo 'Request URI: '.$request_uri." # Match : ".$match." # URI to go : ".$uri." <br />";
if (preg_match('#' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
break;
}
}
}
$this->extractParams($request_uri);
$this->request_uri = $request_uri;
if (Params::getParam('page') != '') {
$this->location = Params::getParam('page');
}
if (Params::getParam('action') != '') {
$this->section = Params::getParam('action');
}
}
}
/**
* Gets for a default search (all categories, noother option)
*
* @return string
*/
function osc_search_show_all_url()
{
if (osc_rewrite_enabled()) {
return osc_base_url() . 'search/';
} else {
return osc_base_url(true) . '?page=search';
}
}
function osc_item_send_friend_url()
{
if (osc_rewrite_enabled()) {
return osc_base_url() . 'item/send-friend/' . osc_item_id();
} else {
return osc_base_url(true) . "?page=item&action=send_friend&id=" . osc_item_id();
}
}
/**
* Gets user's profile url
*
* @return string
*/
function osc_user_public_profile_url($id = null)
{
if ($id == null) {
$id = osc_user_id();
}
if ($id != '') {
if (osc_rewrite_enabled()) {
$user = User::newInstance()->findByPrimaryKey($id);
$path = osc_base_url() . osc_get_preference('rewrite_user_profile') . "/" . $user['s_username'];
} else {
$path = sprintf(osc_base_url(true) . '?page=user&action=pub_profile&id=%d', $id);
}
} else {
$path = '';
}
return $path;
}
/**
* Gets url of send a friend (current item)
*
* @return string
*/
function osc_item_send_friend_url()
{
if (osc_rewrite_enabled()) {
return osc_base_url() . osc_get_preference('rewrite_item_send_friend') . '/' . osc_item_id();
} else {
return osc_base_url(true) . "?page=item&action=send_friend&id=" . osc_item_id();
}
}
function breadcrumbs_category_url($category_id)
{
$path = '';
if (osc_rewrite_enabled()) {
if ($category_id != '') {
$category = Category::newInstance()->hierarchy($category_id);
$sanitized_category = "";
for ($i = count($category); $i > 0; $i--) {
$sanitized_category .= $category[$i - 1]['s_slug'] . '/';
}
$path = osc_base_url() . $sanitized_category;
}
} else {
$path = sprintf(osc_base_url(true) . '?page=search&sCategory=%d', $category_id);
}
return rtrim($path, "/");
}
/**
* Gets search url given params
*
* @params array $params
* @return string
*/
function osc_search_url($params = null)
{
if (is_array($params)) {
osc_prune_array($params);
}
$countP = count($params);
if ($countP == 0) {
$params['page'] = 'search';
}
$base_url = osc_base_url();
$http_url = osc_is_ssl() ? "https://" : "http://";
if (osc_subdomain_type() == 'category' && isset($params['sCategory'])) {
if ($params['sCategory'] != Params::getParam('sCategory')) {
if (is_array($params['sCategory'])) {
$params['sCategory'] = implode(",", $params['sCategory']);
}
if ($params['sCategory'] != '' && strpos($params['sCategory'], ",") === false) {
if (is_numeric($params['sCategory'])) {
$category = Category::newInstance()->findByPrimaryKey($params['sCategory']);
} else {
$category = Category::newInstance()->findBySlug($params['sCategory']);
}
if (isset($category['s_slug'])) {
$base_url = $http_url . $category['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL;
unset($params['sCategory']);
}
}
} else {
if (osc_is_subdomain()) {
unset($params['sCategory']);
}
}
} else {
if (osc_subdomain_type() == 'country' && isset($params['sCountry'])) {
if ($params['sCountry'] != Params::getParam('sCountry')) {
if (is_array($params['sCountry'])) {
$params['sCountry'] = implode(",", $params['sCountry']);
}
if ($params['sCountry'] != '' && strpos($params['sCountry'], ",") === false) {
if (is_numeric($params['sCountry'])) {
$country = Country::newInstance()->findByPrimaryKey($params['sCountry']);
} else {
$country = Country::newInstance()->findByCode($params['sCountry']);
}
if (isset($country['s_slug'])) {
$base_url = $http_url . $country['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL;
unset($params['sCountry']);
}
}
} else {
if (osc_is_subdomain()) {
unset($params['sCountry']);
}
}
} else {
if (osc_subdomain_type() == 'region' && isset($params['sRegion'])) {
if ($params['sRegion'] != Params::getParam('sRegion')) {
if (is_array($params['sRegion'])) {
$params['sRegion'] = implode(",", $params['sRegion']);
}
if ($params['sRegion'] != '' && strpos($params['sRegion'], ",") === false) {
if (is_numeric($params['sRegion'])) {
$region = Region::newInstance()->findByPrimaryKey($params['sRegion']);
} else {
$region = Region::newInstance()->findByName($params['sRegion']);
}
if (isset($region['s_slug'])) {
$base_url = $http_url . $region['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL;
unset($params['sRegion']);
}
}
} else {
if (osc_is_subdomain()) {
unset($params['sRegion']);
}
}
} else {
if (osc_subdomain_type() == 'city' && isset($params['sCity'])) {
if ($params['sCity'] != Params::getParam('sCity')) {
if (is_array($params['sCity'])) {
$params['sCity'] = implode(",", $params['sCity']);
}
if ($params['sCity'] != '' && strpos($params['sCity'], ",") === false) {
if (is_numeric($params['sCity'])) {
$city = City::newInstance()->findByPrimaryKey($params['sCity']);
} else {
$city = City::newInstance()->findByName($params['sCity']);
}
if (isset($city['s_slug'])) {
$base_url = $http_url . $city['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL;
unset($params['sCity']);
}
}
} else {
if (osc_is_subdomain()) {
unset($params['sCity']);
}
}
} else {
if (osc_subdomain_type() == 'user' && isset($params['sUser'])) {
if ($params['sUser'] != Params::getParam('sUser')) {
if (is_array($params['sUser'])) {
$params['sUser'] = implode(",", $params['sUser']);
}
if ($params['sUser'] != '' && strpos($params['sUser'], ",") === false) {
if (is_numeric($params['sUser'])) {
$user = User::newInstance()->findByPrimaryKey($params['sUser']);
} else {
$user = User::newInstance()->findByUsername($params['sUser']);
}
if (isset($user['s_username'])) {
$base_url = $http_url . $user['s_username'] . "." . osc_subdomain_host() . REL_WEB_URL;
unset($params['sUser']);
}
}
} else {
if (osc_is_subdomain()) {
unset($params['sUser']);
}
}
}
}
}
}
}
$countP = count($params);
if ($countP == 0) {
return $base_url;
}
unset($params['page']);
$countP = count($params);
if (osc_rewrite_enabled()) {
$url = $base_url . osc_get_preference('rewrite_search_url');
// CANONICAL URLS
if (isset($params['sCategory']) && !is_array($params['sCategory']) && strpos($params['sCategory'], ',') === false && ($countP == 1 || $countP == 2 && isset($params['iPage']))) {
if (osc_category_id() == $params['sCategory']) {
$category['pk_i_id'] = osc_category_id();
$category['s_slug'] = osc_category_slug();
} else {
if (is_numeric($params['sCategory'])) {
$category = Category::newInstance()->findByPrimaryKey($params['sCategory']);
} else {
$category = Category::newInstance()->findBySlug($params['sCategory']);
}
}
if (isset($category['pk_i_id'])) {
$url = osc_get_preference('rewrite_cat_url');
if (preg_match('|{CATEGORIES}|', $url)) {
$categories = Category::newInstance()->hierarchy($category['pk_i_id']);
$sanitized_categories = array();
$mCat = Category::newInstance();
for ($i = count($categories); $i > 0; $i--) {
$tmpcat = $mCat->findByPrimaryKey($categories[$i - 1]['pk_i_id']);
$sanitized_categories[] = $tmpcat['s_slug'];
}
$url = str_replace('{CATEGORIES}', implode("/", $sanitized_categories), $url);
}
$seo_prefix = '';
if (osc_get_preference('seo_url_search_prefix') != '') {
$seo_prefix = osc_get_preference('seo_url_search_prefix') . '/';
}
$url = str_replace('{CATEGORY_NAME}', $category['s_slug'], $url);
// DEPRECATED : CATEGORY_SLUG is going to be removed in 3.4
$url = str_replace('{CATEGORY_SLUG}', $category['s_slug'], $url);
$url = str_replace('{CATEGORY_ID}', $category['pk_i_id'], $url);
} else {
// Search by a category which does not exists (by form)
// TODO CHANGE TO NEW ROUTES!!
return $base_url . 'index.php?page=search&sCategory=' . urlencode($params['sCategory']);
}
if (isset($params['iPage']) && $params['iPage'] != '' && $params['iPage'] != 1) {
$url .= '/' . $params['iPage'];
}
$url = $base_url . $seo_prefix . $url;
} else {
if (isset($params['sRegion']) && is_string($params['sRegion']) && strpos($params['sRegion'], ',') === false && ($countP == 1 || $countP == 2 && (isset($params['iPage']) || isset($params['sCategory'])) || $countP == 3 && isset($params['iPage']) && isset($params['sCategory']))) {
$url = $base_url;
if (osc_get_preference('seo_url_search_prefix') != '') {
$url .= osc_get_preference('seo_url_search_prefix') . '/';
}
if (isset($params['sCategory'])) {
$_auxSlug = _aux_search_category_slug($params['sCategory']);
if ($_auxSlug != '') {
$url .= $_auxSlug . '_';
}
}
if (isset($params['sRegion'])) {
if (osc_list_region_id() == $params['sRegion']) {
$url .= osc_sanitizeString(osc_list_region_slug()) . '-r' . osc_list_region_id();
} else {
if (is_numeric($params['sRegion'])) {
$region = Region::newInstance()->findByPrimaryKey($params['sRegion']);
} else {
$region = Region::newInstance()->findByName($params['sRegion']);
}
if (isset($region['s_slug'])) {
$url .= osc_sanitizeString($region['s_slug']) . '-r' . $region['pk_i_id'];
} else {
// Search by a region which does not exists (by form)
// TODO CHANGE TO NEW ROUTES!!
return $url . 'index.php?page=search&sRegion=' . urlencode($params['sRegion']);
}
}
}
if (isset($params['iPage']) && $params['iPage'] != '' && $params['iPage'] != 1) {
$url .= '/' . $params['iPage'];
}
} else {
if (isset($params['sCity']) && !is_array($params['sCity']) && strpos($params['sCity'], ',') === false && ($countP == 1 || $countP == 2 && (isset($params['iPage']) || isset($params['sCategory'])) || $countP == 3 && isset($params['iPage']) && isset($params['sCategory']))) {
$url = $base_url;
if (osc_get_preference('seo_url_search_prefix') != '') {
$url .= osc_get_preference('seo_url_search_prefix') . '/';
}
if (isset($params['sCategory'])) {
$_auxSlug = _aux_search_category_slug($params['sCategory']);
if ($_auxSlug != '') {
$url .= $_auxSlug . '_';
}
}
if (isset($params['sCity'])) {
if (osc_list_city_id() == $params['sCity']) {
$url .= osc_sanitizeString(osc_list_city_slug()) . '-c' . osc_list_city_id();
} else {
if (is_numeric($params['sCity'])) {
$city = City::newInstance()->findByPrimaryKey($params['sCity']);
} else {
$city = City::newInstance()->findByName($params['sCity']);
}
if (isset($city['s_slug'])) {
$url .= osc_sanitizeString($city['s_slug']) . '-c' . $city['pk_i_id'];
} else {
// Search by a city which does not exists (by form)
// TODO CHANGE TO NEW ROUTES!!
return $url . 'index.php?page=search&sCity=' . urlencode($params['sCity']);
}
}
}
if (isset($params['iPage']) && $params['iPage'] != '' && $params['iPage'] != 1) {
$url .= '/' . $params['iPage'];
}
} else {
if ($params != null && is_array($params)) {
foreach ($params as $k => $v) {
switch ($k) {
case 'sCountry':
$k = osc_get_preference('rewrite_search_country');
break;
case 'sRegion':
$k = osc_get_preference('rewrite_search_region');
break;
case 'sCity':
$k = osc_get_preference('rewrite_search_city');
break;
case 'sCityArea':
$k = osc_get_preference('rewrite_search_city_area');
break;
case 'sCategory':
$k = osc_get_preference('rewrite_search_category');
if (is_array($v)) {
$v = implode(",", $v);
}
break;
case 'sUser':
$k = osc_get_preference('rewrite_search_user');
if (is_array($v)) {
$v = implode(",", $v);
}
break;
case 'sPattern':
$k = osc_get_preference('rewrite_search_pattern');
break;
case 'meta':
// meta(@id),value/meta(@id),value2/...
foreach ($v as $key => $value) {
if (is_array($value)) {
foreach ($value as $_key => $_value) {
if ($value != '') {
$url .= '/meta' . $key . '-' . $_key . ',' . urlencode($_value);
}
}
} else {
if ($value != '') {
$url .= '/meta' . $key . ',' . urlencode($value);
}
}
}
break;
default:
break;
}
if (!is_array($v) && $v != '') {
$url .= "/" . $k . "," . urlencode($v);
}
}
}
}
}
}
} else {
$url = $base_url . 'index.php?page=search';
if ($params != null && is_array($params)) {
foreach ($params as $k => $v) {
if ($k == 'meta') {
if (is_array($v)) {
foreach ($v as $_k => $aux) {
if (is_array($aux)) {
foreach (array_keys($aux) as $aux_k) {
$url .= "&" . $k . "[{$_k}][{$aux_k}]=" . urlencode($aux[$aux_k]);
}
} else {
$url .= "&" . $_k . "[]=" . urlencode($aux);
}
}
}
} else {
if (is_array($v)) {
$v = implode(",", $v);
}
$url .= "&" . $k . "=" . urlencode($v);
}
}
}
}
return str_replace('%2C', ',', $url);
}
function doModel()
{
osc_run_hook('before_search');
$mCategories = Category::newInstance();
if (osc_rewrite_enabled()) {
// IF rewrite is not enabled, skip this part, preg_match is always time&resources consuming task
$p_sParams = "/" . Params::getParam('sParams', false, false);
if (preg_match_all('|\\/([^,]+),([^\\/]*)|', $p_sParams, $m)) {
$l = count($m[0]);
for ($k = 0; $k < $l; $k++) {
switch ($m[1][$k]) {
case osc_get_preference('rewrite_search_country'):
$m[1][$k] = 'sCountry';
break;
case osc_get_preference('rewrite_search_region'):
$m[1][$k] = 'sRegion';
break;
case osc_get_preference('rewrite_search_city'):
$m[1][$k] = 'sCity';
break;
case osc_get_preference('rewrite_search_city_area'):
$m[1][$k] = 'sCityArea';
break;
case osc_get_preference('rewrite_search_category'):
$m[1][$k] = 'sCategory';
break;
case osc_get_preference('rewrite_search_user'):
$m[1][$k] = 'sUser';
break;
case osc_get_preference('rewrite_search_pattern'):
$m[1][$k] = 'sPattern';
break;
default:
break;
}
$_REQUEST[$m[1][$k]] = $m[2][$k];
$_GET[$m[1][$k]] = $m[2][$k];
unset($_REQUEST['sParams']);
unset($_GET['sParams']);
unset($_POST['sParams']);
}
}
}
////////////////////////////////
//GETTING AND FIXING SENT DATA//
////////////////////////////////
$p_sCategory = Params::getParam('sCategory');
if (!is_array($p_sCategory)) {
if ($p_sCategory == '') {
$p_sCategory = array();
} else {
$p_sCategory = explode(",", $p_sCategory);
}
}
$p_sCityArea = Params::getParam('sCityArea');
if (!is_array($p_sCityArea)) {
if ($p_sCityArea == '') {
$p_sCityArea = array();
} else {
$p_sCityArea = explode(",", $p_sCityArea);
}
}
$p_sCity = Params::getParam('sCity');
if (!is_array($p_sCity)) {
if ($p_sCity == '') {
$p_sCity = array();
} else {
$p_sCity = explode(",", $p_sCity);
}
}
$p_sRegion = Params::getParam('sRegion');
if (!is_array($p_sRegion)) {
if ($p_sRegion == '') {
$p_sRegion = array();
} else {
$p_sRegion = explode(",", $p_sRegion);
}
}
$p_sCountry = Params::getParam('sCountry');
if (!is_array($p_sCountry)) {
if ($p_sCountry == '') {
$p_sCountry = array();
} else {
$p_sCountry = explode(",", $p_sCountry);
}
}
$p_sUser = Params::getParam('sUser');
if (!is_array($p_sUser)) {
if ($p_sUser == '') {
$p_sUser = '';
} else {
$p_sUser = explode(",", $p_sUser);
}
}
$p_sPattern = strip_tags(Params::getParam('sPattern'));
// ADD TO THE LIST OF LAST SEARCHES
if (osc_save_latest_searches()) {
if (trim($p_sPattern) != '') {
LatestSearches::newInstance()->insert(array('s_search' => trim($p_sPattern), 'd_date' => date('Y-m-d H:i:s')));
}
}
$p_bPic = Params::getParam('bPic');
$p_bPic == 1 ? $p_bPic = 1 : ($p_bPic = 0);
$p_sPriceMin = Params::getParam('sPriceMin');
$p_sPriceMax = Params::getParam('sPriceMax');
//WE CAN ONLY USE THE FIELDS RETURNED BY Search::getAllowedColumnsForSorting()
$p_sOrder = Params::getParam('sOrder');
if (!in_array($p_sOrder, Search::getAllowedColumnsForSorting())) {
$p_sOrder = osc_default_order_field_at_search();
}
$old_order = $p_sOrder;
//ONLY 0 ( => 'asc' ), 1 ( => 'desc' ) AS ALLOWED VALUES
$p_iOrderType = Params::getParam('iOrderType');
$allowedTypesForSorting = Search::getAllowedTypesForSorting();
$orderType = osc_default_order_type_at_search();
foreach ($allowedTypesForSorting as $k => $v) {
if ($p_iOrderType == $v) {
$orderType = $k;
break;
}
}
$p_iOrderType = $orderType;
$p_sFeed = Params::getParam('sFeed');
$p_iPage = 0;
if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') > 0) {
$p_iPage = intval(Params::getParam('iPage')) - 1;
}
if ($p_sFeed != '') {
$p_sPageSize = 1000;
}
$p_sShowAs = Params::getParam('sShowAs');
$aValidShowAsValues = array('list', 'gallery');
if (!in_array($p_sShowAs, $aValidShowAsValues)) {
$p_sShowAs = osc_default_show_as_at_search();
}
// search results: it's blocked with the maxResultsPerPage@search defined in t_preferences
$p_iPageSize = intval(Params::getParam('iPagesize'));
if ($p_iPageSize > 0) {
if ($p_iPageSize > osc_max_results_per_page_at_search()) {
$p_iPageSize = osc_max_results_per_page_at_search();
}
} else {
$p_iPageSize = osc_default_results_per_page_at_search();
}
//FILTERING CATEGORY
$bAllCategoriesChecked = false;
if (count($p_sCategory) > 0) {
foreach ($p_sCategory as $category) {
$this->mSearch->addCategory($category);
}
} else {
$bAllCategoriesChecked = true;
}
//FILTERING CITY_AREA
foreach ($p_sCityArea as $city_area) {
$this->mSearch->addCityArea($city_area);
}
$p_sCityArea = implode(", ", $p_sCityArea);
//FILTERING CITY
foreach ($p_sCity as $city) {
$this->mSearch->addCity($city);
}
$p_sCity = implode(", ", $p_sCity);
//FILTERING REGION
foreach ($p_sRegion as $region) {
$this->mSearch->addRegion($region);
}
$p_sRegion = implode(", ", $p_sRegion);
//FILTERING COUNTRY
foreach ($p_sCountry as $country) {
$this->mSearch->addCountry($country);
}
$p_sCountry = implode(", ", $p_sCountry);
// FILTERING PATTERN
if ($p_sPattern != '') {
$this->mSearch->addPattern($p_sPattern);
$osc_request['sPattern'] = $p_sPattern;
} else {
// hardcoded - if there isn't a search pattern, order by dt_pub_date desc
if ($p_sOrder == 'relevance') {
$p_sOrder = 'dt_pub_date';
foreach ($allowedTypesForSorting as $k => $v) {
if ($p_iOrderType == 'desc') {
$orderType = $k;
break;
}
}
$p_iOrderType = $orderType;
}
}
// FILTERING USER
if ($p_sUser != '') {
$this->mSearch->fromUser($p_sUser);
}
// FILTERING IF WE ONLY WANT ITEMS WITH PICS
if ($p_bPic) {
$this->mSearch->withPicture(true);
}
//FILTERING BY RANGE PRICE
$this->mSearch->priceRange($p_sPriceMin, $p_sPriceMax);
//ORDERING THE SEARCH RESULTS
$this->mSearch->order($p_sOrder, $allowedTypesForSorting[$p_iOrderType]);
//SET PAGE
$this->mSearch->page($p_iPage, $p_iPageSize);
osc_run_hook('search_conditions', Params::getParamsAsArray());
if (!Params::existParam('sFeed')) {
// RETRIEVE ITEMS AND TOTAL
$aItems = $this->mSearch->doSearch();
$iTotalItems = $this->mSearch->count();
$iStart = $p_iPage * $p_iPageSize;
$iEnd = min(($p_iPage + 1) * $p_iPageSize, $iTotalItems);
$iNumPages = ceil($iTotalItems / $p_iPageSize);
osc_run_hook('search', $this->mSearch);
//preparing variables...
$regionName = $p_sRegion;
if (is_numeric($p_sRegion)) {
$r = Region::newInstance()->findByPrimaryKey($p_sRegion);
if ($r) {
$regionName = $r['s_name'];
}
}
$cityName = $p_sCity;
if (is_numeric($p_sCity)) {
$c = City::newInstance()->findByPrimaryKey($p_sCity);
if ($c) {
$cityName = $c['s_name'];
}
}
//$this->_exportVariableToView('non_empty_categories', $aCategories) ;
$this->_exportVariableToView('search_start', $iStart);
$this->_exportVariableToView('search_end', $iEnd);
$this->_exportVariableToView('search_category', $p_sCategory);
// hardcoded - non pattern and order by relevance
$p_sOrder = $old_order;
$this->_exportVariableToView('search_order_type', $p_iOrderType);
$this->_exportVariableToView('search_order', $p_sOrder);
$this->_exportVariableToView('search_pattern', $p_sPattern);
$this->_exportVariableToView('search_from_user', $p_sUser);
$this->_exportVariableToView('search_total_pages', $iNumPages);
$this->_exportVariableToView('search_page', $p_iPage);
$this->_exportVariableToView('search_has_pic', $p_bPic);
$this->_exportVariableToView('search_region', $regionName);
$this->_exportVariableToView('search_city', $cityName);
$this->_exportVariableToView('search_price_min', $p_sPriceMin);
$this->_exportVariableToView('search_price_max', $p_sPriceMax);
$this->_exportVariableToView('search_total_items', $iTotalItems);
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('search_show_as', $p_sShowAs);
$this->_exportVariableToView('search', $this->mSearch);
// json
$json = $this->mSearch->toJson();
$this->_exportVariableToView('search_alert', base64_encode($json));
//calling the view...
$this->doView('search.php');
} else {
$this->mSearch->page(0, osc_num_rss_items());
// RETRIEVE ITEMS AND TOTAL
$iTotalItems = $this->mSearch->count();
$aItems = $this->mSearch->doSearch();
$this->_exportVariableToView('items', $aItems);
if ($p_sFeed == '' || $p_sFeed == 'rss') {
// FEED REQUESTED!
header('Content-type: text/xml; charset=utf-8');
$feed = new RSSFeed();
$feed->setTitle(__('Latest listings added') . ' - ' . osc_page_title());
$feed->setLink(osc_base_url());
$feed->setDescription(__('Latest listings added in') . ' ' . osc_page_title());
if (osc_count_items() > 0) {
while (osc_has_items()) {
if (osc_count_item_resources() > 0) {
osc_has_item_resources();
$feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'dt_pub_date' => osc_item_pub_date(), 'image' => array('url' => htmlentities(osc_resource_thumbnail_url(), ENT_COMPAT, "UTF-8"), 'title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"))));
} else {
$feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'dt_pub_date' => osc_item_pub_date()));
}
}
}
osc_run_hook('feed', $feed);
$feed->dumpXML();
} else {
osc_run_hook('feed_' . $p_sFeed, $aItems);
}
}
}
function osc_search_footer_links()
{
if (!osc_rewrite_enabled()) {
return array();
}
$categoryID = osc_search_category_id();
if (!empty($categoryID)) {
if (Category::newInstance()->isRoot(current($categoryID))) {
$cat = Category::newInstance()->findSubcategories(current($categoryID));
if (count($cat) > 0) {
$categoryID = array();
foreach ($cat as $c) {
$categoryID[] = $c['pk_i_id'];
}
}
}
}
if (osc_search_city() != '') {
return array();
}
$regionID = '';
if (osc_search_region() != '') {
$aRegion = Region::newInstance()->findByName(osc_search_region());
if (isset($aRegion['pk_i_id'])) {
$regionID = $aRegion['pk_i_id'];
}
}
$conn = DBConnectionClass::newInstance();
$data = $conn->getOsclassDb();
$comm = new DBCommandClass($data);
$comm->select('i.fk_i_category_id');
$comm->select('l.*');
$comm->select('COUNT(*) AS total');
$comm->from(DB_TABLE_PREFIX . 't_item as i');
$comm->from(DB_TABLE_PREFIX . 't_item_location as l');
if (!empty($categoryID)) {
$comm->whereIn('i.fk_i_category_id', $categoryID);
}
$comm->where('i.pk_i_id = l.fk_i_item_id');
$comm->where('i.b_enabled = 1');
$comm->where('i.b_active = 1');
$comm->where(sprintf("dt_expiration >= '%s'", date('Y-m-d H:i:s')));
$comm->where('l.fk_i_region_id IS NOT NULL');
$comm->where('l.fk_i_city_id IS NOT NULL');
if ($regionID != '') {
$comm->where('l.fk_i_region_id', $regionID);
$comm->groupBy('l.fk_i_city_id');
} else {
$comm->groupBy('l.fk_i_region_id');
}
$rs = $comm->get();
if (!$rs) {
return array();
}
return $rs->result();
}