Ejemplo n.º 1
0
 function doModel()
 {
     switch ($this->action) {
         case 'contact_post':
             //contact_post
             $yourName = Params::getParam('yourName');
             $yourEmail = Params::getParam('yourEmail');
             $subject = Params::getParam('subject');
             $message = Params::getParam('message');
             if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     Session::newInstance()->_setForm("yourName", $yourName);
                     Session::newInstance()->_setForm("yourEmail", $yourEmail);
                     Session::newInstance()->_setForm("subject", $subject);
                     Session::newInstance()->_setForm("message_body", $message);
                     $this->redirectTo(osc_contact_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             if (!preg_match('|.*?@.{2,}\\..{2,}|', $yourEmail)) {
                 osc_add_flash_error_message(_m('Please enter a correct email'));
                 Session::newInstance()->_setForm("yourName", $yourName);
                 Session::newInstance()->_setForm("subject", $subject);
                 Session::newInstance()->_setForm("message_body", $message);
                 $this->redirectTo(osc_contact_url());
             }
             $message = sprintf(__("%s (%s) left this message : %s"), $yourName, $yourEmail, $message);
             $params = array('reply_to' => $yourEmail, 'subject' => '[' . osc_page_title() . '] ' . __('Contact form') . ': ' . $subject, 'to' => osc_contact_email(), 'to_name' => __('Administrator'), 'body' => $message, 'alt_body' => $message);
             if (osc_contact_attachment()) {
                 $attachment = Params::getFiles('attachment');
                 $resourceName = $attachment['name'];
                 $tmpName = $attachment['tmp_name'];
                 $resourceType = $attachment['type'];
                 $path = osc_content_path() . 'uploads/' . time() . '_' . $resourceName;
                 if (!is_writable(osc_content_path() . 'uploads/')) {
                     osc_add_flash_error_message(_m('There have been some errors sending the message'));
                     $this->redirectTo(osc_contact_url());
                 }
                 if (!move_uploaded_file($tmpName, $path)) {
                     unset($path);
                 }
             }
             if (isset($path)) {
                 $params['attachment'] = $path;
             }
             osc_sendMail($params);
             osc_add_flash_ok_message(_m('Your email has been sent properly. Thank you for contacting us!'));
             $this->redirectTo(osc_contact_url());
             break;
         default:
             //contact
             $this->doView('contact.php');
     }
 }
Ejemplo n.º 2
0
 /**
  * Set up groups of files as sources
  * 
  * @param array $options controller and Minify options
  * @return array Minify options
  * 
  */
 public function setupSources($options)
 {
     // PHP insecure by default: realpath() and other FS functions can't handle null bytes.
     if (Params::existParam('files')) {
         Params::setParam('files', str_replace("", '', (string) Params::getParam('files')));
     }
     self::_setupDefines();
     if (MINIFY_USE_CACHE) {
         $cacheDir = defined('MINIFY_CACHE_DIR') ? MINIFY_CACHE_DIR : '';
         Minify::setCache($cacheDir);
     }
     $options['badRequestHeader'] = 'HTTP/1.0 404 Not Found';
     $options['contentTypeCharset'] = MINIFY_ENCODING;
     // The following restrictions are to limit the URLs that minify will
     // respond to. Ideally there should be only one way to reference a file.
     if (!Params::existParam('files') || !preg_match('/^[^,]+\\.(css|js)(,[^,]+\\.\\1)*$/', Params::getParam('files'), $m) || strpos(Params::getParam('files'), '//') !== false || strpos(Params::getParam('files'), '\\') !== false || preg_match('/(?:^|[^\\.])\\.\\//', Params::getParam('files'))) {
         return $options;
     }
     $files = explode(',', Params::getParam('files'));
     if (count($files) > MINIFY_MAX_FILES) {
         return $options;
     }
     // strings for prepending to relative/absolute paths
     $prependRelPaths = dirname($_SERVER['SCRIPT_FILENAME']) . DIRECTORY_SEPARATOR;
     $prependAbsPaths = $_SERVER['DOCUMENT_ROOT'];
     $goodFiles = array();
     $hasBadSource = false;
     $allowDirs = isset($options['allowDirs']) ? $options['allowDirs'] : MINIFY_BASE_DIR;
     foreach ($files as $file) {
         // prepend appropriate string for abs/rel paths
         $file = ($file[0] === '/' ? $prependAbsPaths : $prependRelPaths) . $file;
         // make sure a real file!
         $file = realpath($file);
         // don't allow unsafe or duplicate files
         if (parent::_fileIsSafe($file, $allowDirs) && !in_array($file, $goodFiles)) {
             $goodFiles[] = $file;
             $srcOptions = array('filepath' => $file);
             $this->sources[] = new Minify_Source($srcOptions);
         } else {
             $hasBadSource = true;
             break;
         }
     }
     if ($hasBadSource) {
         $this->sources = array();
     }
     if (!MINIFY_REWRITE_CSS_URLS) {
         $options['rewriteCssUris'] = false;
     }
     return $options;
 }
Ejemplo n.º 3
0
        function doModel()
        {
            $user_menu = false;
            if(Params::existParam('route')) {
                $routes = Rewrite::newInstance()->getRoutes();
                $rid = Params::getParam('route');
                $file = '../';
                if(isset($routes[$rid]) && isset($routes[$rid]['file'])) {
                    $file = $routes[$rid]['file'];
                    $user_menu = $routes[$rid]['user_menu'];
                }
            } else {
                // DEPRECATED: Disclosed path in URL is deprecated, use routes instead
                // This will be REMOVED in 3.4
                $file = Params::getParam('file');
            }

            // valid file?
            if( strpos($file, '../') !== false || strpos($file, '..\\') !==false || stripos($file, '/admin/') !== false ) { //If the file is inside an "admin" folder, it should NOT be opened in frontend
                $this->do404();
                return;
            }

            // check if the file exists
            if( !file_exists(osc_plugins_path() . $file) ) {
                $this->do404();
                return;
            }

            osc_run_hook('custom_controller');

            $this->_exportVariableToView('file', $file);
            if($user_menu) {
                if(osc_is_web_user_logged_in()) {
                    Params::setParam('in_user_menu', true);
                    $this->doView('user-custom.php');
                } else {
                    $this->redirectTo(osc_user_login_url());
                }
            } else {
                $this->doView('custom.php');
            }
        }
Ejemplo n.º 4
0
 function doModel()
 {
     //calling the view...
     $locales = OSCLocale::newInstance()->listAllEnabled();
     $this->_exportVariableToView('locales', $locales);
     switch ($this->action) {
         case 'item_add':
             // post
             if (!osc_users_enabled()) {
                 osc_add_flash_message(_m('Users not enabled'));
                 $this->redirectTo(osc_base_url(true));
             }
             if (osc_reg_user_post() && $this->user == null) {
                 // CHANGEME: This text
                 osc_add_flash_message(_m('Only registered users are allowed to post items'));
                 $this->redirectTo(osc_user_login_url());
             }
             $countries = Country::newInstance()->listAll();
             $regions = array();
             if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
                 $regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
             } else {
                 if (count($countries) > 0) {
                     $regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
                 }
             }
             $cities = array();
             if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
                 $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
             } else {
                 if (count($regions) > 0) {
                     $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
                 }
             }
             $this->_exportVariableToView('countries', $countries);
             $this->_exportVariableToView('regions', $regions);
             $this->_exportVariableToView('cities', $cities);
             $this->_exportVariableToView('user', $this->user);
             osc_run_hook('post_item');
             $this->doView('item-post.php');
             break;
         case 'item_add_post':
             //post_item
             if (!osc_users_enabled()) {
                 osc_add_flash_message(_m('Users not allowed'));
                 $this->redirectTo(osc_base_url(true));
             }
             if (osc_reg_user_post() && $this->user == null) {
                 osc_add_flash_message(_m('Only registered users are allowed to post items'));
                 $this->redirectTo(osc_base_url(true));
             }
             // POST ITEM ( ADD ITEM )
             $mItems = new ItemActions(false);
             $success = $mItems->add();
             if ($success) {
                 $PcontactName = Params::getParam('contactName');
                 $PcontactEmail = Params::getParam('contactEmail');
                 $itemId = Params::getParam('itemId');
                 $item = array();
                 if (Session::newInstance()->_get('userId') == '') {
                     $mPages = new Page();
                     $aPage = $mPages->findByInternalName('email_new_item_non_register_user');
                     $locale = osc_current_user_locale();
                     $content = array();
                     if (isset($aPage['locale'][$locale]['s_title'])) {
                         $content = $aPage['locale'][$locale];
                     } else {
                         $content = current($aPage['locale']);
                     }
                     $item = $this->itemManager->findByPrimaryKey($itemId);
                     $item_url = osc_item_url();
                     // before page = user , action = item_edit
                     $edit_url = osc_item_edit_url($item['s_secret'], $itemId);
                     // before page = user , action = item_delete
                     $delete_url = osc_item_delete_url($item['s_secret'], $itemId);
                     $words = array();
                     $words[] = array('{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{EDIT_LINK}', '{EDIT_URL}', '{DELETE_LINK}', '{DELETE_URL}');
                     $words[] = array($itemId, $PcontactName, $PcontactEmail, osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $edit_url . '">' . $edit_url . '</a>', $edit_url, '<a href="' . $delete_url . '">' . $delete_url . '</a>', $delete_url);
                     $title = osc_mailBeauty($content['s_title'], $words);
                     $body = osc_mailBeauty($content['s_text'], $words);
                     $emailParams = array('subject' => $title, 'to' => $PcontactEmail, 'to_name' => $PcontactName, 'body' => $body, 'alt_body' => $body);
                     osc_sendMail($emailParams);
                 }
                 osc_run_hook('posted_item', $item);
                 $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
                 View::newInstance()->_exportVariableToView('category', $category);
                 $this->redirectTo(osc_search_category_url());
             } else {
                 $this->redirectTo(osc_item_post_url());
             }
             break;
         case 'item_edit':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
             if (count($item) == 1) {
                 $item = Item::newInstance()->findByPrimaryKey($id);
                 $categories = Category::newInstance()->toTree();
                 $countries = Country::newInstance()->listAll();
                 $regions = array();
                 if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
                     $regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
                 } else {
                     if (count($countries) > 0) {
                         $regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
                     }
                 }
                 $cities = array();
                 if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
                     $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
                 } else {
                     if (count($regions) > 0) {
                         $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
                     }
                 }
                 $currencies = Currency::newInstance()->listAll();
                 $this->_exportVariableToView('item', $item);
                 //$this->_exportVariableToView('user', $this->user) ;
                 $this->doView('item-edit.php');
             } else {
                 // add a flash message [ITEM NO EXISTE]
                 //$this->redirectTo(osc_base_url(true));
                 osc_add_flash_message(_m('Sorry, we don\'t have any items with that ID'));
                 if ($this->user != null) {
                     $this->redirectTo(osc_user_list_items_url());
                 } else {
                     $this->redirectTo(osc_base_url());
                 }
             }
             break;
         case 'item_edit_post':
             // recoger el secret y el
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
             if (count($item) == 1) {
                 $this->_exportVariableToView('item', $item[0]);
                 $mItems = new ItemActions(false);
                 $success = $mItems->edit();
                 if ($success) {
                     osc_add_flash_message(_m('Great! We\'ve just updated your item'));
                     $this->redirectTo(osc_base_url(true) . "?page=item&id={$id}");
                 } else {
                     $this->redirectTo(osc_item_edit_url($secret));
                 }
             }
             break;
         case 'activate':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
             View::newInstance()->_exportVariableToView('item', $item[0]);
             if ($item[0]['e_status'] == 'INACTIVE') {
                 // ACTIVETE ITEM
                 $mItems = new ItemActions(false);
                 $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
                 if ($success) {
                     osc_add_flash_message(_m('The item has been validated'));
                 } else {
                     osc_add_flash_message(_m('The item can\'t be validated'));
                 }
             } else {
                 osc_add_flash_message(_m('The item has already been validated'));
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'item_delete':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
             if (count($item) == 1) {
                 $mItems = new ItemActions(false);
                 $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
                 if ($success) {
                     osc_add_flash_message(_m('Your item has been deleted'));
                 } else {
                     osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
                 }
                 if ($this->user != null) {
                     $this->redirectTo(osc_user_list_items_url());
                 } else {
                     $this->redirectTo(osc_base_url());
                 }
             } else {
                 osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'deleteResource':
             $id = Params::getParam('id');
             $item = Params::getParam('item');
             $code = Params::getParam('code');
             $secret = Params::getParam('secret');
             // Check for required fields
             if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
                 osc_add_flash_message(_m("The selected photo couldn't be deleted, the url doesn't exist"));
                 if ($this->userId == null) {
                     $this->redirectTo(osc_base_url());
                 } else {
                     $this->redirectTo(osc_user_dashboard_url());
                 }
             }
             $aItem = $this->itemManager->findByPrimaryKey($item);
             // Check if the item exists
             if (count($aItem) == 0) {
                 osc_add_flash_message(_m('The item doesn\'t exist'));
                 $this->redirectTo(osc_base_url());
             }
             // Check if the item belong to the user
             if ($this->userId != null && $this->userId != $aItem['fk_i_user_id']) {
                 osc_add_flash_message(_m('The item doesn\'t belong to you'));
                 $this->redirectTo(osc_item_url_ns($item));
             }
             // Check if the secret passphrase match with the item
             if ($this->userId == null && $secret != $aItem['s_secret']) {
                 osc_add_flash_message(_m('The item doesn\'t belong to you'));
                 $this->redirectTo(osc_item_url_ns($item));
             }
             // Does id & code combination exist?
             $result = ItemResource::newInstance()->getResourceSecure($id, $code);
             if ($result > 0) {
                 // Delete: file, db table entry
                 osc_deleteResource($id);
                 ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
                 osc_add_flash_message(_m('The selected photo has been successfully deleted'));
             } else {
                 osc_add_flash_message(_m("The selected photo couldn't be deleted"));
             }
             // Redirect to item_edit. If unregistered user, include $secret.
             $this->redirectTo(osc_item_edit_url($secret, $item));
             break;
         case 'mark':
             $mItem = new ItemActions(false);
             $id = Params::getParam('id');
             $as = Params::getParam('as');
             $item = Item::newInstance()->findByPrimaryKey($id);
             View::newInstance()->_exportVariableToView('item', $item);
             $mItem->mark($id, $as);
             osc_add_flash_message(_m('Thanks! That\'s very helpful'));
             $this->redirectTo(osc_item_url());
             break;
         case 'send_friend':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             $this->doView('item-send-friend.php');
             break;
         case 'send_friend_post':
             $mItem = new ItemActions(false);
             $mItem->send_friend();
             $item_url = Params::getParam('item_url');
             $this->redirectTo($item_url);
             break;
         case 'contact':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
             if ($category['i_expiration_days'] > 0) {
                 $item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
                 $date = time();
                 if ($item_date < $date) {
                     // The item is expired, we can not contact the seller
                     osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
                     $this->redirectTo(osc_create_item_url($item));
                 }
             }
             $this->_exportVariableToView('item', $item);
             $this->doView('item-contact.php');
             break;
         case 'contact_post':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_message(_m('The Recaptcha code is wrong'));
                     $this->redirectTo(osc_item_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             $category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
             if ($category['i_expiration_days'] > 0) {
                 $item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
                 $date = time();
                 if ($item_date < $date) {
                     // The item is expired, we can not contact the seller
                     osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
                     $this->redirectTo(osc_item_url());
                 }
             }
             $mItem = new ItemActions(false);
             $mItem->contact();
             osc_add_flash_message(_m('We\'ve just sent an e-mail to the seller'));
             $this->redirectTo(osc_item_url());
             break;
         case 'add_comment':
             $mItem = new ItemActions(false);
             $status = $mItem->add_comment();
             switch ($status) {
                 case -1:
                     $msg = _m('Sorry, we could not save your comment. Try again later');
                     break;
                 case 1:
                     $msg = _m('Your comment is awaiting moderation');
                     break;
                 case 2:
                     $msg = _m('Your comment has been approved');
                     break;
                 case 3:
                     $msg = _m('Please fill the required fields (name, email)');
                     break;
                 case 4:
                     $msg = _m('Please type a comment');
                     break;
                 case 5:
                     $msg = _m('Your comment has been marked as spam');
                     break;
             }
             osc_add_flash_message($msg);
             $this->redirectTo(Params::getParam('itemURL'));
             break;
         case 'delete_comment':
             $mItem = new ItemActions(false);
             $status = $mItem->add_comment();
             $itemId = Params::getParam('id');
             $commentId = Params::getParam('comment');
             $item = Item::newInstance()->findByPrimaryKey($itemId);
             if (count($item) == 0) {
                 osc_add_flash_message(_m('This item doesn\'t exist'));
                 $this->redirectTo(osc_base_url(true));
             }
             View::newInstance()->_exportVariableToView('item', $item);
             if ($this->userId == null) {
                 osc_add_flash_message(_m('You have to be logged to delete a comment'));
                 $this->redirectTo(osc_item_url());
             }
             $commentManager = ItemComment::newInstance();
             $aComment = $commentManager->findByPrimaryKey($commentId);
             if (count($aComment) == 0) {
                 osc_add_flash_message(_m('The comment doesn\'t exist'));
                 $this->redirectTo(osc_item_url());
             }
             if ($aComment['e_status'] != 'ACTIVE') {
                 osc_add_flash_message(_m('The comment is not active, you cannot delete it'));
                 $this->redirectTo(osc_item_url());
             }
             if ($aComment['fk_i_user_id'] != $this->userId) {
                 osc_add_flash_message(_m('You cannot delete the comment'));
                 $this->redirectTo(osc_item_url());
             }
             $commentManager->deleteByPrimaryKey($commentId);
             osc_add_flash_message(_m('The comment has been deleted correctly'));
             $this->redirectTo(osc_item_url());
             break;
         default:
             if (Params::getParam('id') == '') {
                 $this->redirectTo(osc_base_url());
             }
             if (Params::getParam('lang') != '') {
                 Session::newInstance()->_set('userLocale', Params::getParam('lang'));
             }
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             // if item doesn't exist redirect to base url
             if (count($item) == 0) {
                 osc_add_flash_message(_m('This item doesn\'t exist'));
                 $this->redirectTo(osc_base_url(true));
             } else {
                 if ($item['e_status'] != 'ACTIVE') {
                     if ($this->userId == $item['fk_i_user_id']) {
                         osc_add_flash_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users'));
                     } else {
                         osc_add_flash_message(_m('This item hasn\'t been validated'));
                         $this->redirectTo(osc_base_url(true));
                     }
                 }
                 $mStats = new ItemStats();
                 $mStats->increase('i_num_views', $item['pk_i_id']);
                 foreach ($item['locale'] as $k => $v) {
                     $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
                     $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
                 }
                 $this->_exportVariableToView('items', array($item));
                 osc_run_hook('show_item', $item);
                 $this->doView('item.php');
             }
             break;
         case 'dashboard':
             //dashboard...
             break;
     }
 }
Ejemplo n.º 5
0
 function doModel()
 {
     switch ($this->action) {
         case 'change_email_confirm':
             //change email confirm
             if (Params::getParam('userId') && Params::getParam('code')) {
                 $userManager = new User();
                 $user = $userManager->findByPrimaryKey(Params::getParam('userId'));
                 if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) {
                     $userEmailTmp = UserEmailTmp::newInstance()->findByPk(Params::getParam('userId'));
                     $code = osc_genRandomPassword(50);
                     $userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id']));
                     Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
                     ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
                     Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
                     Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']);
                     UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email']));
                     osc_add_flash_ok_message(_m('Your email has been changed successfully'));
                     $this->redirectTo(osc_user_profile_url());
                 } else {
                     osc_add_flash_error_message(_m('Sorry, the link is not valid'));
                     $this->redirectTo(osc_base_url());
                 }
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'activate_alert':
             $email = Params::getParam('email');
             $secret = Params::getParam('secret');
             $result = 0;
             if ($email != '' && $secret != '') {
                 $result = Alerts::newInstance()->activate($email, $secret);
             }
             if ($result == 1) {
                 osc_add_flash_ok_message(_m('Alert activated'));
             } else {
                 osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator'));
             }
             $this->redirectTo(osc_base_url(true));
             break;
         case 'unsub_alert':
             $email = Params::getParam('email');
             $secret = Params::getParam('secret');
             if ($email != '' && $secret != '') {
                 Alerts::newInstance()->delete(array('s_email' => $email, 'S_secret' => $secret));
                 osc_add_flash_ok_message(_m('Unsubscribed correctly'));
             } else {
                 osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator'));
             }
             $this->redirectTo(osc_base_url());
             break;
         case 'pub_profile':
             $userID = Params::getParam('id');
             $user = User::newInstance()->findByPrimaryKey($userID);
             // user doesn't exist
             if (!$user) {
                 $this->redirectTo(osc_base_url());
             }
             View::newInstance()->_exportVariableToView('user', $user);
             $items = Item::newInstance()->findByUserIDEnabled($user['pk_i_id'], 0, 3);
             View::newInstance()->_exportVariableToView('items', $items);
             $this->doView('user-public-profile.php');
             break;
         case 'contact_post':
             $user = User::newInstance()->findByPrimaryKey(Params::getParam('id'));
             View::newInstance()->_exportVariableToView('user', $user);
             if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
                     Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
                     Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
                     Session::newInstance()->_setForm("message_body", Params::getParam('message'));
                     $this->redirectTo(osc_user_public_profile_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             osc_run_hook('hook_email_contact_user', Params::getParam('id'), Params::getParam('yourEmail'), Params::getParam('yourName'), Params::getParam('phoneNumber'), Params::getParam('message'));
             $this->redirectTo(osc_user_public_profile_url());
             break;
         default:
             $this->redirectTo(osc_user_login_url());
             break;
     }
 }
Ejemplo n.º 6
0
 function doModel()
 {
     switch ($this->action) {
         case 'login_post':
             //post execution for the login
             if (Params::getParam('user') == '' && Params::getParam('password', false, false) == '') {
                 $this->redirectTo(osc_admin_base_url());
             }
             if (Params::getParam('user') == '') {
                 osc_add_flash_error_message(_m('The username field is empty'), 'admin');
                 $this->redirectTo(osc_admin_base_url());
             }
             if (Params::getParam('password') == '') {
                 osc_add_flash_error_message(_m('The password field is empty'), 'admin');
                 $this->redirectTo(osc_admin_base_url());
             }
             // fields are not empty
             $admin = Admin::newInstance()->findByUsername(Params::getParam('user'));
             if (!$admin) {
                 osc_add_flash_error_message(sprintf(_m('Sorry, incorrect username. <a href="%s">Have you lost your password?</a>'), osc_admin_base_url(true) . '?page=login&amp;action=recover'), 'admin');
                 $this->redirectTo(osc_admin_base_url());
             }
             if ($admin["s_password"] !== sha1(Params::getParam('password', false, false))) {
                 osc_add_flash_error_message(sprintf(_m('Sorry, incorrect password. <a href="%s">Have you lost your password?</a>'), osc_admin_base_url(true) . '?page=login&amp;action=recover'), 'admin');
                 $this->redirectTo(osc_admin_base_url());
             }
             if (Params::getParam('remember')) {
                 // this include contains de osc_genRandomPassword function
                 require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
                 $secret = osc_genRandomPassword();
                 Admin::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $admin['pk_i_id']));
                 Cookie::newInstance()->set_expires(osc_time_cookie());
                 Cookie::newInstance()->push('oc_adminId', $admin['pk_i_id']);
                 Cookie::newInstance()->push('oc_adminSecret', $secret);
                 Cookie::newInstance()->push('oc_adminLocale', Params::getParam('locale'));
                 Cookie::newInstance()->set();
             }
             // we are logged in... let's go!
             Session::newInstance()->_set('adminId', $admin['pk_i_id']);
             Session::newInstance()->_set('adminUserName', $admin['s_username']);
             Session::newInstance()->_set('adminName', $admin['s_name']);
             Session::newInstance()->_set('adminEmail', $admin['s_email']);
             Session::newInstance()->_set('adminLocale', Params::getParam('locale'));
             $this->redirectTo(osc_admin_base_url());
             break;
         case 'recover':
             // form to recover the password (in this case we have the form in /gui/)
             $this->doView('gui/recover.php');
             break;
         case 'recover_post':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url());
             }
             // post execution to recover the password
             $admin = Admin::newInstance()->findByEmail(Params::getParam('email'));
             if ($admin) {
                 if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                     if (!osc_check_recaptcha()) {
                         osc_add_flash_error_message(_m('The Recaptcha code is wrong'), 'admin');
                         $this->redirectTo(osc_admin_base_url(true) . '?page=login&action=recover');
                         return false;
                         // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                     }
                 }
                 require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
                 $newPassword = osc_genRandomPassword(40);
                 Admin::newInstance()->update(array('s_secret' => $newPassword), array('pk_i_id' => $admin['pk_i_id']));
                 $password_url = osc_forgot_admin_password_confirm_url($admin['pk_i_id'], $newPassword);
                 osc_run_hook('hook_email_user_forgot_password', $admin, $password_url);
             }
             osc_add_flash_ok_message(_m('A new password has been sent to your e-mail'), 'admin');
             $this->redirectTo(osc_admin_base_url());
             break;
         case 'forgot':
             // form to recover the password (in this case we have the form in /gui/)
             $admin = Admin::newInstance()->findByIdSecret(Params::getParam('adminId'), Params::getParam('code'));
             if (!$admin) {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'), 'admin');
                 $this->redirectTo(osc_admin_base_url());
             }
             $this->doView('gui/forgot_password.php');
             break;
         case 'forgot_post':
             $admin = Admin::newInstance()->findByIdSecret(Params::getParam('adminId'), Params::getParam('code'));
             if (!$admin) {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'), 'admin');
                 $this->redirectTo(osc_admin_base_url());
             }
             if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) {
                 Admin::newInstance()->update(array('s_secret' => osc_genRandomPassword(), 's_password' => sha1(Params::getParam('new_password', false, false))), array('pk_i_id' => $admin['pk_i_id']));
                 osc_add_flash_ok_message(_m('The password has been changed'), 'admin');
                 $this->redirectTo(osc_admin_base_url());
             } else {
                 osc_add_flash_error_message(_m("Error, the password don't match"), 'admin');
                 $this->redirectTo(osc_forgot_admin_password_confirm_url(Params::getParam('adminId'), Params::getParam('code')));
             }
             break;
     }
 }
Ejemplo n.º 7
0
 function recover_password()
 {
     $user = User::newInstance()->findByEmail(Params::getParam('s_email'));
     Session::newInstance()->_set('recover_time', time());
     if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
         if (!$this->recaptcha()) {
             return 2;
             // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
         }
     }
     if (!$user || $user['b_enabled'] == 0) {
         return 1;
     }
     $code = osc_genRandomPassword(30);
     $date = date('Y-m-d H:i:s');
     User::newInstance()->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => $user['pk_i_id']));
     $password_url = osc_forgot_user_password_confirm_url($user['pk_i_id'], $code);
     osc_run_hook('hook_email_user_forgot_password', $user, $password_url);
     return 0;
 }
Ejemplo n.º 8
0
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'add':
             $this->doView("appearance/add.php");
             break;
         case 'add_post':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=appearance');
             }
             osc_csrf_check();
             $filePackage = Params::getFiles('package');
             if (isset($filePackage['size']) && $filePackage['size'] != 0) {
                 $path = osc_themes_path();
                 (int) ($status = osc_unzip_file($filePackage['tmp_name'], $path));
                 @unlink($filePackage['tmp_name']);
             } else {
                 $status = 3;
             }
             switch ($status) {
                 case 0:
                     $msg = _m('The theme folder is not writable');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
                 case 1:
                     $msg = _m('The theme has been installed correctly');
                     osc_add_flash_ok_message($msg, 'admin');
                     break;
                 case 2:
                     $msg = _m('The zip file is not valid');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
                 case 3:
                     $msg = _m('No file was uploaded');
                     osc_add_flash_error_message($msg, 'admin');
                     $this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=add");
                     break;
                 case -1:
                 default:
                     $msg = _m('There was a problem adding the theme');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
             break;
         case 'delete':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=appearance');
             }
             osc_csrf_check();
             $theme = Params::getParam('webtheme');
             if ($theme != '') {
                 if ($theme != osc_current_web_theme()) {
                     if (file_exists(osc_content_path() . "themes/" . $theme . "/functions.php")) {
                         include osc_content_path() . "themes/" . $theme . "/functions.php";
                     }
                     osc_run_hook("theme_delete_" . $theme);
                     if (osc_deleteDir(osc_content_path() . "themes/" . $theme . "/")) {
                         osc_add_flash_ok_message(_m("Theme removed successfully"), "admin");
                     } else {
                         osc_add_flash_error_message(_m("There was a problem removing the theme"), "admin");
                     }
                 } else {
                     osc_add_flash_error_message(_m("Current theme can not be deleted"), "admin");
                 }
             } else {
                 osc_add_flash_error_message(_m("No theme selected"), "admin");
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
             break;
             /* widgets */
         /* widgets */
         case 'widgets':
             $info = WebThemes::newInstance()->loadThemeInfo(osc_theme());
             $this->_exportVariableToView("info", $info);
             $this->doView('appearance/widgets.php');
             break;
         case 'add_widget':
             $this->doView('appearance/add_widget.php');
             break;
         case 'edit_widget':
             $id = Params::getParam('id');
             $widget = Widget::newInstance()->findByPrimaryKey($id);
             $this->_exportVariableToView("widget", $widget);
             $this->doView('appearance/add_widget.php');
             break;
         case 'delete_widget':
             osc_csrf_check();
             Widget::newInstance()->delete(array('pk_i_id' => Params::getParam('id')));
             osc_add_flash_ok_message(_m('Widget removed correctly'), 'admin');
             $this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
             break;
         case 'edit_widget_post':
             osc_csrf_check();
             if (!osc_validate_text(Params::getParam("description"))) {
                 osc_add_flash_error_message(_m('Description field is required'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
             }
             $res = Widget::newInstance()->update(array('s_description' => Params::getParam('description'), 's_content' => Params::getParam('content', false, false)), array('pk_i_id' => Params::getParam('id')));
             if ($res) {
                 osc_add_flash_ok_message(_m('Widget updated correctly'), 'admin');
             } else {
                 osc_add_flash_error_message(_m('Widget cannot be updated correctly'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
             break;
         case 'add_widget_post':
             osc_csrf_check();
             if (!osc_validate_text(Params::getParam("description"))) {
                 osc_add_flash_error_message(_m('Description field is required'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
             }
             Widget::newInstance()->insert(array('s_location' => Params::getParam('location'), 'e_kind' => 'html', 's_description' => Params::getParam('description'), 's_content' => Params::getParam('content', false, false)));
             osc_add_flash_ok_message(_m('Widget added correctly'), 'admin');
             $this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
             break;
             /* /widget */
         /* /widget */
         case 'activate':
             osc_csrf_check();
             osc_set_preference('theme', Params::getParam('theme'));
             osc_add_flash_ok_message(_m('Theme activated correctly'), 'admin');
             osc_run_hook("theme_activate", Params::getParam('theme'));
             $this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
             break;
         case 'render':
             if (Params::existParam('route')) {
                 $routes = Rewrite::newInstance()->getRoutes();
                 $rid = Params::getParam('route');
                 $file = '../';
                 if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
                     $file = $routes[$rid]['file'];
                 }
             } else {
                 // DEPRECATED: Disclosed path in URL is deprecated, use routes instead
                 // This will be REMOVED in 3.6
                 $file = Params::getParam('file');
                 // We pass the GET variables (in case we have somes)
                 if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
                     $file = $match[1];
                     if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
                         for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
                             Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
                         }
                     }
                 } else {
                     $file = Params::getParam('file');
                 }
             }
             if (strpos($file, '../') !== false || strpos($file, '..\\') !== false || !file_exists(osc_base_path() . $file)) {
                 osc_add_flash_warning_message(__('Error loading theme custom file'), 'admin');
             }
             $this->_exportVariableToView('file', osc_base_path() . $file);
             $this->doView('appearance/view.php');
             break;
         default:
             if (Params::getParam('checkUpdated') != '') {
                 osc_admin_toolbar_update_themes(true);
             }
             $themes = WebThemes::newInstance()->getListThemes();
             //preparing variables for the view
             $this->_exportVariableToView("themes", $themes);
             $this->doView('appearance/index.php');
             break;
     }
 }
Ejemplo n.º 9
0
 public static function processPayment()
 {
     if (osc_get_preference('coinjar_sandbox', 'payment') != 1) {
         $coinjar = new CoinJar(payment_decrypt(osc_get_preference('coinjar_merchant_user', 'payment')), payment_decrypt(osc_get_preference('coinjar_merchant_password', 'payment')), payment_decrypt(osc_get_preference('coinjar_api_key', 'payment')));
     } else {
         $coinjar = new CoinJar(payment_decrypt(osc_get_preference('coinjar_sb_merchant_user', 'payment')), payment_decrypt(osc_get_preference('coinjar_sb_merchant_password', 'payment')), payment_decrypt(osc_get_preference('coinjar_sb_api_key', 'payment')), true);
     }
     // data from the post (it's supposed to be sent by CoinJar, is sent by POST!)
     if (Params::existParam('uuid') && Params::existParam('amount') && Params::existParam('currency') && Params::existParam('status') && Params::existParam('ipn_digest')) {
         if (Params::getParam('status') == 'COMPLETED') {
             $digest = $coinjar->IPNDigest(Params::getParam('uuid'), Params::getParam('amount'), Params::getParam('currency'), Params::getParam('status'));
             if ($digest == Params::getParam('ipn_digest')) {
                 $order = json_decode($coinjar->order(Params::getParam('uuid')));
                 if ($order != null) {
                     if (Params::getParam('amount') == $order->order->amount && Params::getParam('currency') == $order->order->currency && Params::getParam('status') == $order->order->status) {
                         $payment = ModelPayment::newInstance()->getPayment($order->order->uuid);
                         if (!$payment) {
                             $data = payment_get_custom(Params::getParam('extra'));
                             $product_type = explode('x', Params::getParam('item_number'));
                             // SAVE TRANSACTION LOG
                             $payment_id = ModelPayment::newInstance()->saveLog($data['concept'], $order->order->uuid, $order->order->amount, $order->order->currenct, $data['email'], $data['user'], $data['itemid'], $product_type[0], 'COINJAR');
                             //source
                             if ($product_type[0] == '101') {
                                 ModelPayment::newInstance()->payPublishFee($product_type[2], $payment_id);
                             } else {
                                 if ($product_type[0] == '201') {
                                     ModelPayment::newInstance()->payPremiumFee($product_type[2], $payment_id);
                                 } else {
                                     ModelPayment::newInstance()->addWallet($data['user'], $order->order->amount);
                                 }
                             }
                             return PAYMENT_COMPLETED;
                         } else {
                             return PAYMENT_ALREADY_PAID;
                         }
                     }
                 }
             }
         }
     }
     return PAYMENT_PENDING;
 }
Ejemplo n.º 10
0
 /**
  * Set up groups of files as sources
  * 
  * @param array $options controller and Minify options
  *
  * @return array Minify options
  */
 public function setupSources($options)
 {
     // PHP insecure by default: realpath() and other FS functions can't handle null bytes.
     foreach (array('g', 'b', 'f') as $key) {
         if (Params::existParam($key)) {
             Params::setParam($key, str_replace("", '', (string) Params::getParam($key)));
         }
     }
     // filter controller options
     $cOptions = array_merge(array('allowDirs' => '//', 'groupsOnly' => false, 'groups' => array(), 'noMinPattern' => '@[-\\.]min\\.(?:js|css)$@i'), isset($options['minApp']) ? $options['minApp'] : array());
     unset($options['minApp']);
     $sources = array();
     $this->selectionId = '';
     $firstMissingResource = null;
     if (Params::existParam('g')) {
         // add group(s)
         $this->selectionId .= 'g=' . Params::getParam('g');
         $keys = explode(',', Params::getParam('g'));
         if ($keys != array_unique($keys)) {
             $this->log("Duplicate group key found.");
             return $options;
         }
         $keys = explode(',', Params::getParam('g'));
         foreach ($keys as $key) {
             if (!isset($cOptions['groups'][$key])) {
                 $this->log("A group configuration for \"{$key}\" was not found");
                 return $options;
             }
             $files = $cOptions['groups'][$key];
             // if $files is a single object, casting will break it
             if (is_object($files)) {
                 $files = array($files);
             } elseif (!is_array($files)) {
                 $files = (array) $files;
             }
             foreach ($files as $file) {
                 if ($file instanceof Minify_Source) {
                     $sources[] = $file;
                     continue;
                 }
                 if (0 === strpos($file, '//')) {
                     $file = $_SERVER['DOCUMENT_ROOT'] . substr($file, 1);
                 }
                 $realpath = realpath($file);
                 if ($realpath && is_file($realpath)) {
                     $sources[] = $this->_getFileSource($realpath, $cOptions);
                 } else {
                     $this->log("The path \"{$file}\" (realpath \"{$realpath}\") could not be found (or was not a file)");
                     if (null === $firstMissingResource) {
                         $firstMissingResource = basename($file);
                         continue;
                     } else {
                         $secondMissingResource = basename($file);
                         $this->log("More than one file was missing: '{$firstMissingResource}', '{$secondMissingResource}'");
                         return $options;
                     }
                 }
             }
             if ($sources) {
                 try {
                     $this->checkType($sources[0]);
                 } catch (Exception $e) {
                     $this->log($e->getMessage());
                     return $options;
                 }
             }
         }
     }
     if (!$cOptions['groupsOnly'] && Params::existParam('f')) {
         // try user files
         // The following restrictions are to limit the URLs that minify will
         // respond to.
         if (!preg_match('/^[^,]+\\.(css|js)(?:,[^,]+\\.\\1)*$/', Params::getParam('f'), $m) || strpos(Params::getParam('f'), '//') !== false || strpos(Params::getParam('f'), '\\') !== false) {
             $this->log("GET param 'f' was invalid");
             return $options;
         }
         $ext = ".{$m[1]}";
         try {
             $this->checkType($m[1]);
         } catch (Exception $e) {
             $this->log($e->getMessage());
             return $options;
         }
         $files = explode(',', Params::getParam('f'));
         if ($files != array_unique($files)) {
             $this->log("Duplicate files were specified");
             return $options;
         }
         if (Params::existParam('b')) {
             // check for validity
             if (preg_match('@^[^/]+(?:/[^/]+)*$@', Params::getParam('b')) && false === strpos(Params::getParam('b'), '..') && Params::getParam('b') !== '.') {
                 // valid base
                 $base = "/{" . Params::getParam('b') . "}/";
             } else {
                 $this->log("GET param 'b' was invalid");
                 return $options;
             }
         } else {
             $base = '/';
         }
         $allowDirs = array();
         foreach ((array) $cOptions['allowDirs'] as $allowDir) {
             $allowDirs[] = realpath(str_replace('//', $_SERVER['DOCUMENT_ROOT'] . '/', $allowDir));
         }
         $basenames = array();
         // just for cache id
         foreach ($files as $file) {
             $uri = $base . $file;
             $path = $_SERVER['DOCUMENT_ROOT'] . $uri;
             $realpath = realpath($path);
             if (false === $realpath || !is_file($realpath)) {
                 $this->log("The path \"{$path}\" (realpath \"{$realpath}\") could not be found (or was not a file)");
                 if (null === $firstMissingResource) {
                     $firstMissingResource = $uri;
                     continue;
                 } else {
                     $secondMissingResource = $uri;
                     $this->log("More than one file was missing: '{$firstMissingResource}', '{$secondMissingResource}`'");
                     return $options;
                 }
             }
             try {
                 parent::checkNotHidden($realpath);
                 parent::checkAllowDirs($realpath, $allowDirs, $uri);
             } catch (Exception $e) {
                 $this->log($e->getMessage());
                 return $options;
             }
             $sources[] = $this->_getFileSource($realpath, $cOptions);
             $basenames[] = basename($realpath, $ext);
         }
         if ($this->selectionId) {
             $this->selectionId .= '_f=';
         }
         $this->selectionId .= implode(',', $basenames) . $ext;
     }
     if ($sources) {
         if (null !== $firstMissingResource) {
             array_unshift($sources, new Minify_Source(array('id' => 'missingFile', 'lastModified' => 0, 'content' => "/* Minify: at least one missing file. See " . Minify::URL_DEBUG . " */\n", 'minifier' => '')));
         }
         $this->sources = $sources;
     } else {
         $this->log("No sources to serve");
     }
     return $options;
 }
Ejemplo n.º 11
0
 function doModel()
 {
     //calling the view...
     $locales = OSCLocale::newInstance()->listAllEnabled();
     $this->_exportVariableToView('locales', $locales);
     switch ($this->action) {
         case 'item_add':
             // post
             if (osc_reg_user_post() && $this->user == null) {
                 // CHANGEME: This text
                 osc_add_flash_error_message(_m('Only registered users are allowed to post items'));
                 $this->redirectTo(osc_user_login_url());
             }
             $countries = Country::newInstance()->listAll();
             $regions = array();
             if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
                 $regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
             } else {
                 if (count($countries) > 0) {
                     $regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
                 }
             }
             $cities = array();
             if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
                 $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
             } else {
                 if (count($regions) > 0) {
                     $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
                 }
             }
             $this->_exportVariableToView('countries', $countries);
             $this->_exportVariableToView('regions', $regions);
             $this->_exportVariableToView('cities', $cities);
             $form = count(Session::newInstance()->_getForm());
             $keepForm = count(Session::newInstance()->_getKeepForm());
             if ($form == 0 || $form == $keepForm) {
                 Session::newInstance()->_dropKeepForm();
             }
             if (Session::newInstance()->_getForm('countryId') != "") {
                 $countryId = Session::newInstance()->_getForm('countryId');
                 $regions = Region::newInstance()->getByCountry($countryId);
                 $this->_exportVariableToView('regions', $regions);
                 if (Session::newInstance()->_getForm('regionId') != "") {
                     $regionId = Session::newInstance()->_getForm('regionId');
                     $cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regionId);
                     $this->_exportVariableToView('cities', $cities);
                 }
             }
             $this->_exportVariableToView('user', $this->user);
             osc_run_hook('post_item');
             $this->doView('item-post.php');
             break;
         case 'item_add_post':
             //post_item
             if (osc_reg_user_post() && $this->user == null) {
                 osc_add_flash_error_message(_m('Only registered users are allowed to post items'));
                 $this->redirectTo(osc_base_url(true));
             }
             $mItems = new ItemActions(false);
             // prepare data for ADD ITEM
             $mItems->prepareData(true);
             // set all parameters into session
             foreach ($mItems->data as $key => $value) {
                 Session::newInstance()->_setForm($key, $value);
             }
             $meta = Params::getParam('meta');
             if (is_array($meta)) {
                 foreach ($meta as $key => $value) {
                     Session::newInstance()->_setForm('meta_' . $key, $value);
                     Session::newInstance()->_keepForm('meta_' . $key);
                 }
             }
             if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     $this->redirectTo(osc_item_post_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             // POST ITEM ( ADD ITEM )
             $success = $mItems->add();
             if ($success != 1 && $success != 2) {
                 osc_add_flash_error_message($success);
                 $this->redirectTo(osc_item_post_url());
             } else {
                 Session::newInstance()->_dropkeepForm('meta_' . $key);
                 if ($success == 1) {
                     osc_add_flash_ok_message(_m('Check your inbox to verify your email address'));
                 } else {
                     osc_add_flash_ok_message(_m('Your item has been published'));
                 }
                 $itemId = Params::getParam('itemId');
                 $item = $this->itemManager->findByPrimaryKey($itemId);
                 osc_run_hook('posted_item', $item);
                 $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
                 View::newInstance()->_exportVariableToView('category', $category);
                 $this->redirectTo(osc_search_category_url());
             }
             break;
         case 'item_edit':
             // edit item
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
             if (count($item) == 1) {
                 $item = Item::newInstance()->findByPrimaryKey($id);
                 $form = count(Session::newInstance()->_getForm());
                 $keepForm = count(Session::newInstance()->_getKeepForm());
                 if ($form == 0 || $form == $keepForm) {
                     Session::newInstance()->_dropKeepForm();
                 }
                 $this->_exportVariableToView('item', $item);
                 osc_run_hook("before_item_edit", $item);
                 $this->doView('item-edit.php');
             } else {
                 // add a flash message [ITEM NO EXISTE]
                 osc_add_flash_error_message(_m('Sorry, we don\'t have any items with that ID'));
                 if ($this->user != null) {
                     $this->redirectTo(osc_user_list_items_url());
                 } else {
                     $this->redirectTo(osc_base_url());
                 }
             }
             break;
         case 'item_edit_post':
             // recoger el secret y el
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
             if (count($item) == 1) {
                 $this->_exportVariableToView('item', $item[0]);
                 $mItems = new ItemActions(false);
                 // prepare data for ADD ITEM
                 $mItems->prepareData(false);
                 // set all parameters into session
                 foreach ($mItems->data as $key => $value) {
                     Session::newInstance()->_setForm($key, $value);
                 }
                 $meta = Params::getParam('meta');
                 if (is_array($meta)) {
                     foreach ($meta as $key => $value) {
                         Session::newInstance()->_setForm('meta_' . $key, $value);
                         Session::newInstance()->_keepForm('meta_' . $key);
                     }
                 }
                 if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                     if (!osc_check_recaptcha()) {
                         osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                         $this->redirectTo(osc_item_post_url());
                         return false;
                         // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                     }
                 }
                 $success = $mItems->edit();
                 osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id));
                 if ($success == 1) {
                     osc_add_flash_ok_message(_m('Great! We\'ve just updated your item'));
                     $this->redirectTo(osc_base_url(true) . "?page=item&id={$id}");
                 } else {
                     osc_add_flash_error_message($success);
                     $this->redirectTo(osc_item_edit_url($secret));
                 }
             }
             break;
         case 'activate':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
             View::newInstance()->_exportVariableToView('item', $item[0]);
             if ($item[0]['b_active'] == 0) {
                 // ACTIVETE ITEM
                 $mItems = new ItemActions(false);
                 $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
                 if ($success) {
                     osc_add_flash_ok_message(_m('The item has been validated'));
                 } else {
                     osc_add_flash_error_message(_m('The item can\'t be validated'));
                 }
             } else {
                 osc_add_flash_error_message(_m('The item has already been validated'));
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'item_delete':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
             if (count($item) == 1) {
                 $mItems = new ItemActions(false);
                 $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
                 if ($success) {
                     osc_add_flash_ok_message(_m('Your item has been deleted'));
                 } else {
                     osc_add_flash_error_message(_m('The item you are trying to delete couldn\'t be deleted'));
                 }
                 if ($this->user != null) {
                     $this->redirectTo(osc_user_list_items_url());
                 } else {
                     $this->redirectTo(osc_base_url());
                 }
             } else {
                 osc_add_flash_error_message(_m('The item you are trying to delete couldn\'t be deleted'));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'mark':
             $mItem = new ItemActions(false);
             $id = Params::getParam('id');
             $as = Params::getParam('as');
             $item = Item::newInstance()->findByPrimaryKey($id);
             View::newInstance()->_exportVariableToView('item', $item);
             $mItem->mark($id, $as);
             osc_add_flash_ok_message(_m('Thanks! That\'s very helpful'));
             $this->redirectTo(osc_item_url());
             break;
         case 'send_friend':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             $this->doView('item-send-friend.php');
             break;
         case 'send_friend_post':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
             Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
             Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
             Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
             Session::newInstance()->_setForm("message_body", Params::getParam('message'));
             if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     $this->redirectTo(osc_item_send_friend_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             $mItem = new ItemActions(false);
             $success = $mItem->send_friend();
             if ($success) {
                 Session::newInstance()->_clearVariables();
                 $this->redirectTo(osc_item_url());
             } else {
                 $this->redirectTo(osc_item_send_friend_url());
             }
             break;
         case 'contact':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             if (empty($item)) {
                 osc_add_flash_error_message(_m('This item doesn\'t exist'));
                 $this->redirectTo(osc_base_url(true));
             } else {
                 $this->_exportVariableToView('item', $item);
                 if (osc_item_is_expired()) {
                     osc_add_flash_error_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
                     $this->redirectTo(osc_item_url());
                 }
                 if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
                     $this->doView('item-contact.php');
                 } else {
                     osc_add_flash_error_message(_m('You can\'t contact the seller, only registered users can'));
                     $this->redirectTo(osc_item_url());
                 }
             }
             break;
         case 'contact_post':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
                     Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
                     Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
                     Session::newInstance()->_setForm("message_body", Params::getParam('message'));
                     $this->redirectTo(osc_item_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             $category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
             if ($category['i_expiration_days'] > 0) {
                 $item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
                 $date = time();
                 if ($item_date < $date && $item['b_premium'] != 1) {
                     // The item is expired, we can not contact the seller
                     osc_add_flash_error_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
                     $this->redirectTo(osc_item_url());
                 }
             }
             $mItem = new ItemActions(false);
             $result = $mItem->contact();
             if (is_string($result)) {
                 osc_add_flash_error_message($result);
             } else {
                 osc_add_flash_ok_message(_m('We\'ve just sent an e-mail to the seller'));
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'add_comment':
             $mItem = new ItemActions(false);
             $status = $mItem->add_comment();
             switch ($status) {
                 case -1:
                     $msg = _m('Sorry, we could not save your comment. Try again later');
                     osc_add_flash_error_message($msg);
                     break;
                 case 1:
                     $msg = _m('Your comment is awaiting moderation');
                     osc_add_flash_error_message($msg);
                     break;
                 case 2:
                     $msg = _m('Your comment has been approved');
                     osc_add_flash_ok_message($msg);
                     break;
                 case 3:
                     $msg = _m('Please fill the required fields (name, email)');
                     osc_add_flash_error_message($msg);
                     break;
                 case 4:
                     $msg = _m('Please type a comment');
                     osc_add_flash_error_message($msg);
                     break;
                 case 5:
                     $msg = _m('Your comment has been marked as spam');
                     osc_add_flash_error_message($msg);
                     break;
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'delete_comment':
             $mItem = new ItemActions(false);
             $status = $mItem->add_comment();
             $itemId = Params::getParam('id');
             $commentId = Params::getParam('comment');
             $item = Item::newInstance()->findByPrimaryKey($itemId);
             if (count($item) == 0) {
                 osc_add_flash_error_message(_m('This item doesn\'t exist'));
                 $this->redirectTo(osc_base_url(true));
             }
             View::newInstance()->_exportVariableToView('item', $item);
             if ($this->userId == null) {
                 osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
                 $this->redirectTo(osc_item_url());
             }
             $commentManager = ItemComment::newInstance();
             $aComment = $commentManager->findByPrimaryKey($commentId);
             if (count($aComment) == 0) {
                 osc_add_flash_error_message(_m('The comment doesn\'t exist'));
                 $this->redirectTo(osc_item_url());
             }
             if ($aComment['b_active'] != 1) {
                 osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
                 $this->redirectTo(osc_item_url());
             }
             if ($aComment['fk_i_user_id'] != $this->userId) {
                 osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
                 $this->redirectTo(osc_item_url());
             }
             $commentManager->deleteByPrimaryKey($commentId);
             osc_add_flash_ok_message(_m('The comment has been deleted'));
             $this->redirectTo(osc_item_url());
             break;
         default:
             if (Params::getParam('id') == '') {
                 $this->redirectTo(osc_base_url());
             }
             if (Params::getParam('lang') != '') {
                 Session::newInstance()->_set('userLocale', Params::getParam('lang'));
             }
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             // if item doesn't exist redirect to base url
             if (count($item) == 0) {
                 osc_add_flash_error_message(_m('This item doesn\'t exist'));
                 $this->redirectTo(osc_base_url(true));
             } else {
                 if ($item['b_active'] != 1) {
                     if ($this->userId == $item['fk_i_user_id']) {
                         osc_add_flash_error_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users'));
                     } else {
                         osc_add_flash_error_message(_m('This item hasn\'t been validated'));
                         $this->redirectTo(osc_base_url(true));
                     }
                 } else {
                     if ($item['b_enabled'] == 0) {
                         osc_add_flash_error_message(_m('The item has been suspended'));
                         $this->redirectTo(osc_base_url(true));
                     }
                 }
                 $mStats = new ItemStats();
                 $mStats->increase('i_num_views', $item['pk_i_id']);
                 foreach ($item['locale'] as $k => $v) {
                     $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
                     $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
                 }
                 $this->_exportVariableToView('items', array($item));
                 osc_run_hook('show_item', $item);
                 $this->doView('item.php');
             }
             break;
         case 'dashboard':
             //dashboard...
             break;
     }
 }
Ejemplo n.º 12
0
 function doModel()
 {
     osc_run_hook('before_search');
     $mCategories = new Category();
     ////////////////////////////////
     //GETTING AND FIXING SENT DATA//
     ////////////////////////////////
     $p_sCategory = Params::getParam('sCategory');
     if (!is_array($p_sCategory)) {
         if ($p_sCategory == '') {
             $p_sCategory = array();
         } else {
             $p_sCategory = explode(",", $p_sCategory);
         }
     }
     $p_sCityArea = Params::getParam('sCityArea');
     if (!is_array($p_sCityArea)) {
         if ($p_sCityArea == '') {
             $p_sCityArea = array();
         } else {
             $p_sCityArea = explode(",", $p_sCityArea);
         }
     }
     $p_sCity = Params::getParam('sCity');
     if (!is_array($p_sCity)) {
         if ($p_sCity == '') {
             $p_sCity = array();
         } else {
             $p_sCity = explode(",", $p_sCity);
         }
     }
     $p_sRegion = Params::getParam('sRegion');
     if (!is_array($p_sRegion)) {
         if ($p_sRegion == '') {
             $p_sRegion = array();
         } else {
             $p_sRegion = explode(",", $p_sRegion);
         }
     }
     $p_sCountry = Params::getParam('sCountry');
     if (!is_array($p_sCountry)) {
         if ($p_sCountry == '') {
             $p_sCountry = array();
         } else {
             $p_sCountry = explode(",", $p_sCountry);
         }
     }
     $p_sPattern = strip_tags(Params::getParam('sPattern'));
     $p_sUser = strip_tags(Params::getParam('sUser'));
     // ADD TO THE LIST OF LAST SEARCHES
     if (osc_save_latest_searches()) {
         if (trim($p_sPattern) != '') {
             LatestSearches::newInstance()->insert(array('s_search' => trim($p_sPattern), 'd_date' => date('Y-m-d H:i:s')));
         }
     }
     $p_bPic = Params::getParam('bPic');
     $p_bPic == 1 ? $p_bPic = 1 : ($p_bPic = 0);
     $p_sPriceMin = Params::getParam('sPriceMin');
     $p_sPriceMax = Params::getParam('sPriceMax');
     //WE CAN ONLY USE THE FIELDS RETURNED BY Search::getAllowedColumnsForSorting()
     $p_sOrder = Params::getParam('sOrder');
     if (!in_array($p_sOrder, Search::getAllowedColumnsForSorting())) {
         $p_sOrder = osc_default_order_field_at_search();
     }
     //ONLY 0 ( => 'asc' ), 1 ( => 'desc' ) AS ALLOWED VALUES
     $p_iOrderType = Params::getParam('iOrderType');
     $allowedTypesForSorting = Search::getAllowedTypesForSorting();
     $orderType = osc_default_order_type_at_search();
     foreach ($allowedTypesForSorting as $k => $v) {
         if ($p_iOrderType == $v) {
             $orderType = $k;
             break;
         }
     }
     $p_iOrderType = $orderType;
     $p_sFeed = Params::getParam('sFeed');
     $p_iPage = intval(Params::getParam('iPage'));
     if ($p_sFeed != '') {
         $p_sPageSize = 1000;
     }
     $p_sShowAs = Params::getParam('sShowAs');
     $aValidShowAsValues = array('list', 'gallery');
     if (!in_array($p_sShowAs, $aValidShowAsValues)) {
         $p_sShowAs = osc_default_show_as_at_search();
     }
     // search results: it's blocked with the maxResultsPerPage@search defined in t_preferences
     $p_iPageSize = intval(Params::getParam('iPagesize'));
     if ($p_iPageSize > 0) {
         if ($p_iPageSize > osc_max_results_per_page_at_search()) {
             $p_iPageSize = osc_max_results_per_page_at_search();
         }
     } else {
         $p_iPageSize = osc_default_results_per_page_at_search();
     }
     //FILTERING CATEGORY
     $bAllCategoriesChecked = false;
     if (count($p_sCategory) > 0) {
         foreach ($p_sCategory as $category) {
             $this->mSearch->addCategory($category);
         }
     } else {
         $bAllCategoriesChecked = true;
     }
     //FILTERING CITY_AREA
     foreach ($p_sCityArea as $city_area) {
         $this->mSearch->addCityArea($city_area);
     }
     $p_sCityArea = implode(", ", $p_sCityArea);
     //FILTERING CITY
     foreach ($p_sCity as $city) {
         $this->mSearch->addCity($city);
     }
     $p_sCity = implode(", ", $p_sCity);
     //FILTERING REGION
     foreach ($p_sRegion as $region) {
         $this->mSearch->addRegion($region);
     }
     $p_sRegion = implode(", ", $p_sRegion);
     //FILTERING COUNTRY
     foreach ($p_sCountry as $country) {
         $this->mSearch->addCountry($country);
     }
     $p_sCountry = implode(", ", $p_sCountry);
     // FILTERING PATTERN
     if ($p_sPattern != '') {
         $this->mSearch->addConditions(sprintf("MATCH(d.s_title, d.s_description) AGAINST('%s' IN BOOLEAN MODE)", $p_sPattern));
         $osc_request['sPattern'] = $p_sPattern;
     }
     // FILTERING USER
     if ($p_sUser != '') {
         $this->mSearch->fromUser(explode(",", $p_sUser));
     }
     // FILTERING IF WE ONLY WANT ITEMS WITH PICS
     if ($p_bPic) {
         $this->mSearch->withPicture(true);
     }
     //FILTERING BY RANGE PRICE
     $this->mSearch->priceRange($p_sPriceMin, $p_sPriceMax);
     //ORDERING THE SEARCH RESULTS
     $this->mSearch->order($p_sOrder, $allowedTypesForSorting[$p_iOrderType]);
     //SET PAGE
     $this->mSearch->page($p_iPage, $p_iPageSize);
     osc_run_hook('search_conditions', Params::getParamsAsArray());
     if (!Params::existParam('sFeed')) {
         // RETRIEVE ITEMS AND TOTAL
         $aItems = $this->mSearch->doSearch();
         $iTotalItems = $this->mSearch->count();
         $iStart = $p_iPage * $p_iPageSize;
         $iEnd = min(($p_iPage + 1) * $p_iPageSize, $iTotalItems);
         $iNumPages = ceil($iTotalItems / $p_iPageSize);
         osc_run_hook('search', $this->mSearch);
         //preparing variables...
         //$this->_exportVariableToView('non_empty_categories', $aCategories) ;
         $this->_exportVariableToView('search_start', $iStart);
         $this->_exportVariableToView('search_end', $iEnd);
         $this->_exportVariableToView('search_category', $p_sCategory);
         $this->_exportVariableToView('search_order_type', $p_iOrderType);
         $this->_exportVariableToView('search_order', $p_sOrder);
         $this->_exportVariableToView('search_pattern', $p_sPattern);
         $this->_exportVariableToView('search_from_user', $p_sUser);
         $this->_exportVariableToView('search_total_pages', $iNumPages);
         $this->_exportVariableToView('search_page', $p_iPage);
         $this->_exportVariableToView('search_has_pic', $p_bPic);
         $this->_exportVariableToView('search_region', $p_sRegion);
         $this->_exportVariableToView('search_city', $p_sCity);
         $this->_exportVariableToView('search_price_min', $p_sPriceMin);
         $this->_exportVariableToView('search_price_max', $p_sPriceMax);
         $this->_exportVariableToView('search_total_items', $iTotalItems);
         $this->_exportVariableToView('items', $aItems);
         $this->_exportVariableToView('search_show_as', $p_sShowAs);
         $this->_exportVariableToView('search', $this->mSearch);
         $this->_exportVariableToView('search_alert', base64_encode(serialize($this->mSearch)));
         //calling the view...
         $this->doView('search.php');
     } else {
         $this->mSearch->page(0, osc_num_rss_items());
         // RETRIEVE ITEMS AND TOTAL
         $iTotalItems = $this->mSearch->count();
         $aItems = $this->mSearch->doSearch();
         $this->_exportVariableToView('items', $aItems);
         if ($p_sFeed == '' || $p_sFeed == 'rss') {
             // FEED REQUESTED!
             header('Content-type: text/xml; charset=utf-8');
             $feed = new RSSFeed();
             $feed->setTitle(__('Latest items added') . ' - ' . osc_page_title());
             $feed->setLink(osc_base_url());
             $feed->setDescription(__('Latest items added in') . ' ' . osc_page_title());
             if (osc_count_items() > 0) {
                 while (osc_has_items()) {
                     if (osc_count_item_resources() > 0) {
                         osc_has_item_resources();
                         $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url()), 'description' => osc_item_description(), 'dt_pub_date' => osc_item_pub_date(), 'image' => array('url' => htmlentities(osc_resource_thumbnail_url()), 'title' => osc_item_title(), 'link' => htmlentities(osc_item_url()))));
                     } else {
                         $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url()), 'description' => osc_item_description(), 'dt_pub_date' => osc_item_pub_date()));
                     }
                 }
             }
             osc_run_hook('feed', $feed);
             $feed->dumpXML();
         } else {
             osc_run_hook('feed_' . $p_sFeed, $aItems);
         }
     }
 }
Ejemplo n.º 13
0
 function doModel()
 {
     $mCategories = new Category();
     $aCategories = $mCategories->findRootCategories();
     $mCategoryStats = new CategoryStats();
     ////////////////////////////////
     //GETTING AND FIXING SENT DATA//
     ////////////////////////////////
     $p_sCategory = Params::getParam('sCategory');
     if (!is_array($p_sCategory)) {
         if ($p_sCategory == '') {
             $p_sCategory = array();
         } else {
             $p_sCategory = explode(",", $p_sCategory);
         }
     }
     $p_sCity = Params::getParam('sCity');
     if (!is_array($p_sCity)) {
         if ($p_sCity == '') {
             $p_sCity = array();
         } else {
             $p_sCity = explode(",", $p_sCity);
         }
     }
     $p_sRegion = Params::getParam('sRegion');
     if (!is_array($p_sRegion)) {
         if ($p_sRegion == '') {
             $p_sRegion = array();
         } else {
             $p_sRegion = explode(",", $p_sRegion);
         }
     }
     $p_sCountry = Params::getParam('sCountry');
     if (!is_array($p_sCountry)) {
         if ($p_sCountry == '') {
             $p_sCountry = array();
         } else {
             $p_sCountry = explode(",", $p_sCountry);
         }
     }
     $p_sPattern = strip_tags(Params::getParam('sPattern'));
     $p_bPic = Params::getParam('bPic');
     $p_bPic == 1 ? $p_bPic = 1 : ($p_bPic = 0);
     $p_sPriceMin = Params::getParam('sPriceMin');
     $p_sPriceMax = Params::getParam('sPriceMax');
     //WE CAN ONLY USE THE FIELDS RETURNED BY Search::getAllowedColumnsForSorting()
     $p_sOrder = Params::getParam('sOrder');
     if (!in_array($p_sOrder, Search::getAllowedColumnsForSorting())) {
         $p_sOrder = osc_default_order_field_at_search();
     }
     //ONLY 0 ( => 'asc' ), 1 ( => 'desc' ) AS ALLOWED VALUES
     $p_iOrderType = Params::getParam('iOrderType');
     $allowedTypesForSorting = Search::getAllowedTypesForSorting();
     $orderType = osc_default_order_type_at_search();
     foreach ($allowedTypesForSorting as $k => $v) {
         if ($p_iOrderType == $v) {
             $orderType = $k;
             break;
         }
     }
     $p_iOrderType = $orderType;
     $p_sFeed = Params::getParam('sFeed');
     $p_iPage = intval(Params::getParam('iPage'));
     if ($p_sFeed != '') {
         $p_sPageSize = 1000;
     }
     $p_sShowAs = Params::getParam('sShowAs');
     $aValidShowAsValues = array('list', 'gallery');
     if (!in_array($p_sShowAs, $aValidShowAsValues)) {
         $p_sShowAs = osc_default_show_as_at_search();
     }
     // search results: it's blocked with the maxResultsPerPage@search defined in t_preferences
     $p_iPageSize = intval(Params::getParam('iPagesize'));
     if ($p_iPageSize > 0) {
         if ($p_iPageSize > osc_max_results_per_page_at_search()) {
             $p_iPageSize = osc_max_results_per_page_at_search();
         }
     } else {
         $p_iPageSize = osc_default_results_per_page_at_search();
     }
     //FILTERING CATEGORY
     $bAllCategoriesChecked = false;
     if (count($p_sCategory) > 0) {
         foreach ($p_sCategory as $category) {
             $this->mSearch->addCategory($category);
         }
     } else {
         $bAllCategoriesChecked = true;
     }
     //FILTERING CITY
     foreach ($p_sCity as $city) {
         $this->mSearch->addCity($city);
     }
     $p_sCity = implode(", ", $p_sCity);
     //FILTERING REGION
     foreach ($p_sRegion as $region) {
         $this->mSearch->addRegion($region);
     }
     $p_sRegion = implode(", ", $p_sRegion);
     //FILTERING COUNTRY
     foreach ($p_sCountry as $country) {
         $this->mSearch->addCountry($country);
     }
     $p_sCountry = implode(", ", $p_sCountry);
     // FILTERING PATTERN
     if ($p_sPattern != '') {
         $this->mSearch->addConditions(sprintf("(d.s_title LIKE '%%%s%%' OR d.s_description LIKE '%%%s%%')", $p_sPattern, $p_sPattern));
         $osc_request['sPattern'] = $p_sPattern;
     }
     // FILTERING IF WE ONLY WANT ITEMS WITH PICS
     if ($p_bPic) {
         $this->mSearch->withPicture(true);
     }
     //FILTERING BY RANGE PRICE
     $this->mSearch->priceRange($p_sPriceMin, $p_sPriceMax);
     //ORDERING THE SEARCH RESULTS
     $this->mSearch->order($p_sOrder, $allowedTypesForSorting[$p_iOrderType]);
     //SET PAGE
     $this->mSearch->page($p_iPage, $p_iPageSize);
     osc_run_hook('search_conditions', Params::getParamsAsArray());
     $this->mSearch->addConditions(sprintf("%st_item.e_status = 'ACTIVE' ", DB_TABLE_PREFIX));
     // RETRIEVE ITEMS AND TOTAL
     $iTotalItems = $this->mSearch->count();
     $aItems = $this->mSearch->doSearch();
     if (!Params::existParam('sFeed')) {
         $iStart = $p_iPage * $p_iPageSize;
         $iEnd = min(($p_iPage + 1) * $p_iPageSize, $iTotalItems);
         //Static data, which is the point?
         /*$aOrders   = array(
               __('Newly listed')       => array('sOrder' => 'dt_pub_date', 'iOrderType' => 'desc')
              ,__('Lower price first')  => array('sOrder' => 'f_price', 'iOrderType' => 'asc')
              ,__('Higher price first') => array('sOrder' => 'f_price', 'iOrderType' => 'desc')
           );*/
         $iNumPages = ceil($iTotalItems / $p_iPageSize);
         //Categories for select at view "search.php"
         $mCategories = new Category();
         $aCategories = $mCategories->findRootCategories();
         $mCategoryStats = new CategoryStats();
         $aCategories = $mCategories->toTree();
         foreach ($aCategories as $k => $v) {
             $iCategoryNumItems = CategoryStats::newInstance()->getNumItems($v);
             if ($iCategoryNumItems > 0) {
                 $aCategories[$k]['total'] = $iCategoryNumItems;
             } else {
                 unset($aCategories[$k]);
             }
         }
         osc_run_hook('search', $this->mSearch);
         //preparing variables...
         $this->_exportVariableToView('categories', $aCategories);
         $this->_exportVariableToView('search_start', $iStart);
         $this->_exportVariableToView('search_end', $iEnd);
         $this->_exportVariableToView('search_category', $p_sCategory);
         $this->_exportVariableToView('search_order_type', $p_iOrderType);
         $this->_exportVariableToView('search_order', $p_sOrder);
         $this->_exportVariableToView('search_pattern', $p_sPattern);
         $this->_exportVariableToView('search_total_pages', $iNumPages);
         $this->_exportVariableToView('search_page', $p_iPage);
         $this->_exportVariableToView('search_has_pic', $p_bPic);
         $this->_exportVariableToView('search_city', $p_sCity);
         $this->_exportVariableToView('search_price_min', $p_sPriceMin);
         $this->_exportVariableToView('search_price_max', $p_sPriceMax);
         $this->_exportVariableToView('search_total_items', $iTotalItems);
         $this->_exportVariableToView('items', $aItems);
         $this->_exportVariableToView('search_show_as', $p_sShowAs);
         $this->_exportVariableToView('search', $this->mSearch);
         //calling the view...
         $this->doView('search.php');
     } else {
         $this->_exportVariableToView('items', $aItems);
         if ($p_sFeed == '' || $p_sFeed == 'rss') {
             // FEED REQUESTED!
             header('Content-type: text/xml; charset=utf-8');
             $feed = new RSSFeed();
             $feed->setTitle(__('Latest items added') . ' - ' . osc_page_title());
             $feed->setLink(osc_base_url());
             $feed->setDescription(__('Latest items added in') . ' ' . osc_page_title());
             if (osc_count_items() > 0) {
                 while (osc_has_items()) {
                     $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url()), 'description' => osc_item_description()));
                 }
             }
             osc_run_hook('feed', $feed);
             $feed->dumpXML();
         } else {
             osc_run_hook('feed_' . $p_sFeed, $aItems);
         }
     }
 }
Ejemplo n.º 14
0
}
if ($min_allowDebugFlag) {
    /* $min_serveOptions['debug'] = Minify_DebugDetector::shouldDebugRequest($_COOKIE, $_GET, $_SERVER['REQUEST_URI']);*/
}
if ($min_errorLogger) {
    if (true === $min_errorLogger) {
        $min_errorLogger = FirePHP::getInstance(true);
    }
    Minify_Logger::setLogger($min_errorLogger);
}
// check for URI versioning
if (preg_match('/&\\d/', $_SERVER['QUERY_STRING'])) {
    $min_serveOptions['maxAge'] = 31536000;
}
if (Params::existParam('g')) {
    // well need groups config
    $min_serveOptions['minApp']['groups'] = (require MINIFY_MIN_DIR . '/groupsConfig.php');
}
if (Params::existParam('f') || Params::existParam('g')) {
    // serve!
    if (!isset($min_serveController)) {
        $min_serveController = new Minify_Controller_MinApp();
    }
    Minify::serve($min_serveController, $min_serveOptions);
} elseif ($min_enableBuilder) {
    header('Location: builder/');
    exit;
} else {
    header("Location: /");
    exit;
}
Ejemplo n.º 15
0
 function doModel()
 {
     //specific things for this class
     switch ($this->action) {
         case 'bulk_actions':
             break;
         case 'regions':
             //Return regions given a countryId
             $regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
             echo json_encode($regions);
             break;
         case 'cities':
             //Returns cities given a regionId
             $cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
             echo json_encode($cities);
             break;
         case 'location':
             // This is the autocomplete AJAX
             $cities = City::newInstance()->ajax(Params::getParam("term"));
             echo json_encode($cities);
             break;
         case 'userajax':
             // This is the autocomplete AJAX
             $users = User::newInstance()->ajax(Params::getParam("term"));
             if (count($users) == 0) {
                 echo json_encode(array(0 => array('id' => '', 'label' => __('No results'), 'value' => __('No results'))));
             } else {
                 echo json_encode($users);
             }
             break;
         case 'date_format':
             echo json_encode(array('format' => Params::getParam('format'), 'str_formatted' => osc_format_date(date('Y-m-d H:i:s'), Params::getParam('format'))));
             break;
         case 'runhook':
             // run hooks
             $hook = Params::getParam('hook');
             if ($hook == '') {
                 echo json_encode(array('error' => 'hook parameter not defined'));
                 break;
             }
             switch ($hook) {
                 case 'item_form':
                     osc_run_hook('item_form', Params::getParam('catId'));
                     break;
                 case 'item_edit':
                     $catId = Params::getParam("catId");
                     $itemId = Params::getParam("itemId");
                     osc_run_hook("item_edit", $catId, $itemId);
                     break;
                 default:
                     osc_run_hook('ajax_admin_' . $hook);
                     break;
             }
             break;
         case 'categories_order':
             // Save the order of the categories
             osc_csrf_check(false);
             $aIds = Params::getParam('list');
             $order = array();
             $error = 0;
             $catManager = Category::newInstance();
             $aRecountCat = array();
             foreach ($aIds as $cat) {
                 if (!isset($order[$cat['p']])) {
                     $order[$cat['p']] = 0;
                 }
                 $res = $catManager->update(array('fk_i_parent_id' => $cat['p'] == 'root' ? NULL : $cat['p'], 'i_position' => $order[$cat['p']]), array('pk_i_id' => $cat['c']));
                 if (is_bool($res) && !$res) {
                     $error = 1;
                 } else {
                     if ($res == 1) {
                         $aRecountCat[] = $cat['c'];
                     }
                 }
                 $order[$cat['p']] = $order[$cat['p']] + 1;
             }
             // update category stats
             foreach ($aRecountCat as $rId) {
                 osc_update_cat_stats_id($rId);
             }
             if ($error) {
                 $result = array('error' => __("An error occurred"));
             } else {
                 $result = array('ok' => __("Order saved"));
             }
             echo json_encode($result);
             break;
         case 'category_edit_iframe':
             $this->_exportVariableToView('category', Category::newInstance()->findByPrimaryKey(Params::getParam("id"), 'all'));
             if (count(Category::newInstance()->findSubcategories(Params::getParam("id"))) > 0) {
                 $this->_exportVariableToView('has_subcategories', true);
             } else {
                 $this->_exportVariableToView('has_subcategories', false);
             }
             $this->_exportVariableToView('languages', OSCLocale::newInstance()->listAllEnabled());
             $this->doView("categories/iframe.php");
             break;
         case 'field_categories_iframe':
             $selected = Field::newInstance()->categories(Params::getParam("id"));
             if ($selected == null) {
                 $selected = array();
             }
             $this->_exportVariableToView("selected", $selected);
             $this->_exportVariableToView("field", Field::newInstance()->findByPrimaryKey(Params::getParam("id")));
             $this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
             $this->doView("fields/iframe.php");
             break;
         case 'field_categories_post':
             osc_csrf_check(false);
             $error = 0;
             $field = Field::newInstance()->findByName(Params::getParam("s_name"));
             if (!isset($field['pk_i_id']) || isset($field['pk_i_id']) && $field['pk_i_id'] == Params::getParam("id")) {
                 // remove categories from a field
                 Field::newInstance()->cleanCategoriesFromField(Params::getParam("id"));
                 // no error... continue updating fields
                 if ($error == 0) {
                     $slug = Params::getParam("field_slug") != '' ? Params::getParam("field_slug") : Params::getParam("s_name");
                     $slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($slug)));
                     $slug_k = 0;
                     while (true) {
                         $field = Field::newInstance()->findBySlug($slug);
                         if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
                             break;
                         } else {
                             $slug_k++;
                             $slug = $slug_tmp . "_" . $slug_k;
                         }
                     }
                     // trim options
                     $s_options = '';
                     $aux = Params::getParam('s_options');
                     $aAux = explode(',', $aux);
                     foreach ($aAux as &$option) {
                         $option = trim($option);
                     }
                     $s_options = implode(',', $aAux);
                     $res = Field::newInstance()->update(array('s_name' => Params::getParam("s_name"), 'e_type' => Params::getParam("field_type"), 's_slug' => $slug, 'b_required' => Params::getParam("field_required") == "1" ? 1 : 0, 'b_searchable' => Params::getParam("field_searchable") == "1" ? 1 : 0, 's_options' => $s_options), array('pk_i_id' => Params::getParam("id")));
                     if (is_bool($res) && !$res) {
                         $error = 1;
                     }
                 }
                 // no error... continue inserting categories-field
                 if ($error == 0) {
                     $aCategories = Params::getParam("categories");
                     if (is_array($aCategories) && count($aCategories) > 0) {
                         $res = Field::newInstance()->insertCategories(Params::getParam("id"), $aCategories);
                         if (!$res) {
                             $error = 1;
                         }
                     }
                 }
                 // error while updating?
                 if ($error == 1) {
                     $message = __("An error occurred while updating.");
                 }
             } else {
                 $error = 1;
                 $message = __("Sorry, you already have a field with that name");
             }
             if ($error) {
                 $result = array('error' => $message);
             } else {
                 $result = array('ok' => __("Saved"), 'text' => Params::getParam("s_name"), 'field_id' => Params::getParam("id"));
             }
             echo json_encode($result);
             break;
         case 'delete_field':
             osc_csrf_check(false);
             $res = Field::newInstance()->deleteByPrimaryKey(Params::getParam('id'));
             if ($res > 0) {
                 $result = array('ok' => __('The custom field has been deleted'));
             } else {
                 $result = array('error' => __('An error occurred while deleting'));
             }
             echo json_encode($result);
             break;
         case 'add_field':
             osc_csrf_check(false);
             $s_name = __('NEW custom field');
             $slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($s_name)));
             $slug_k = 0;
             while (true) {
                 $field = Field::newInstance()->findBySlug($slug);
                 if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
                     break;
                 } else {
                     $slug_k++;
                     $slug = $slug_tmp . "_" . $slug_k;
                 }
             }
             $fieldManager = Field::newInstance();
             $result = $fieldManager->insertField($s_name, 'TEXT', $slug, 0, '', array());
             if ($result) {
                 echo json_encode(array('error' => 0, 'field_id' => $fieldManager->dao->insertedId(), 'field_name' => $s_name));
             } else {
                 echo json_encode(array('error' => 1));
             }
             break;
         case 'enable_category':
             osc_csrf_check(false);
             $id = strip_tags(Params::getParam('id'));
             $enabled = Params::getParam('enabled') != '' ? Params::getParam('enabled') : 0;
             $error = 0;
             $result = array();
             $aUpdated = array();
             $mCategory = Category::newInstance();
             $aCategory = $mCategory->findByPrimaryKey($id);
             if ($aCategory == false) {
                 $result = array('error' => sprintf(__("No category with id %d exists"), $id));
                 echo json_encode($result);
                 break;
             }
             // root category
             if ($aCategory['fk_i_parent_id'] == '') {
                 $mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
                 $mCategory->update(array('b_enabled' => $enabled), array('fk_i_parent_id' => $id));
                 $subCategories = $mCategory->findSubcategories($id);
                 $aIds = array($id);
                 $aUpdated[] = array('id' => $id);
                 foreach ($subCategories as $subcategory) {
                     $aIds[] = $subcategory['pk_i_id'];
                     $aUpdated[] = array('id' => $subcategory['pk_i_id']);
                 }
                 Item::newInstance()->enableByCategory($enabled, $aIds);
                 if ($enabled) {
                     $result = array('ok' => __('The category as well as its subcategories have been enabled'));
                 } else {
                     $result = array('ok' => __('The category as well as its subcategories have been disabled'));
                 }
                 $result['affectedIds'] = $aUpdated;
                 echo json_encode($result);
                 break;
             }
             // subcategory
             $parentCategory = $mCategory->findRootCategory($id);
             if (!$parentCategory['b_enabled']) {
                 $result = array('error' => __('Parent category is disabled, you can not enable that category'));
                 echo json_encode($result);
                 break;
             }
             $mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
             if ($enabled) {
                 $result = array('ok' => __('The subcategory has been enabled'));
             } else {
                 $result = array('ok' => __('The subcategory has been disabled'));
             }
             $result['affectedIds'] = array(array('id' => $id));
             echo json_encode($result);
             break;
         case 'delete_category':
             osc_csrf_check(false);
             $id = Params::getParam("id");
             $error = 0;
             $categoryManager = Category::newInstance();
             $res = $categoryManager->deleteByPrimaryKey($id);
             if ($res > 0) {
                 $message = __('The categories have been deleted');
             } else {
                 $error = 1;
                 $message = __('An error occurred while deleting');
             }
             if ($error) {
                 $result = array('error' => $message);
             } else {
                 $result = array('ok' => __("Saved"));
             }
             echo json_encode($result);
             break;
         case 'edit_category_post':
             osc_csrf_check(false);
             $id = Params::getParam("id");
             $fields['i_expiration_days'] = Params::getParam("i_expiration_days") != '' ? Params::getParam("i_expiration_days") : 0;
             $fields['b_price_enabled'] = Params::getParam('b_price_enabled') != '' ? 1 : 0;
             $apply_changes_to_subcategories = Params::getParam('apply_changes_to_subcategories') == 1 ? true : false;
             $error = 0;
             $has_one_title = 0;
             $postParams = Params::getParamsAsArray();
             foreach ($postParams as $k => $v) {
                 if (preg_match('|(.+?)#(.+)|', $k, $m)) {
                     if ($m[2] == 's_name') {
                         if ($v != "") {
                             $has_one_title = 1;
                             $aFieldsDescription[$m[1]][$m[2]] = $v;
                             $s_text = $v;
                         } else {
                             $aFieldsDescription[$m[1]][$m[2]] = NULL;
                             $error = 1;
                         }
                     } else {
                         $aFieldsDescription[$m[1]][$m[2]] = $v;
                     }
                 }
             }
             $l = osc_language();
             if ($error == 0 || $error == 1 && $has_one_title == 1) {
                 $categoryManager = Category::newInstance();
                 $res = $categoryManager->updateByPrimaryKey(array('fields' => $fields, 'aFieldsDescription' => $aFieldsDescription), $id);
                 $categoryManager->updateExpiration($id, $fields['i_expiration_days'], $apply_changes_to_subcategories);
                 $categoryManager->updatePriceEnabled($id, $fields['b_price_enabled'], $apply_changes_to_subcategories);
                 if (is_bool($res)) {
                     $error = 2;
                 }
             }
             if ($error == 0) {
                 $msg = __("Category updated correctly");
             } else {
                 if ($error == 1) {
                     if ($has_one_title == 1) {
                         $error = 4;
                         $msg = __('Category updated correctly, but some titles are empty');
                     } else {
                         $msg = __('Sorry, including at least a title is mandatory');
                     }
                 } else {
                     if ($error == 2) {
                         $msg = __('An error occurred while updating');
                     }
                 }
             }
             echo json_encode(array('error' => $error, 'msg' => $msg, 'text' => $aFieldsDescription[$l]['s_name']));
             break;
         case 'custom':
             // Execute via AJAX custom file
             if (Params::existParam('route')) {
                 $routes = Rewrite::newInstance()->getRoutes();
                 $rid = Params::getParam('route');
                 $file = '../';
                 if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
                     $file = $routes[$rid]['file'];
                 }
             } else {
                 $file = Params::getParam("ajaxfile");
             }
             if ($file == '') {
                 echo json_encode(array('error' => 'no action defined'));
                 break;
             }
             // valid file?
             if (stripos($file, '../') !== false || stripos($file, '..\\') !== false) {
                 echo json_encode(array('error' => 'no valid file'));
                 break;
             }
             if (!file_exists(osc_plugins_path() . $file)) {
                 echo json_encode(array('error' => "file doesn't exist"));
                 break;
             }
             require_once osc_plugins_path() . $file;
             break;
         case 'test_mail':
             $title = sprintf(__('Test email, %s'), osc_page_title());
             $body = __("Test email") . "<br><br>" . osc_page_title();
             $emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
             $array = array();
             if (osc_sendMail($emailParams)) {
                 $array = array('status' => '1', 'html' => __('Email sent successfully'));
             } else {
                 $array = array('status' => '0', 'html' => __('An error occurred while sending email'));
             }
             echo json_encode($array);
             break;
         case 'test_mail_template':
             // replace por valores por defecto
             $email = Params::getParam("email");
             $title = Params::getParam("title");
             $body = Params::getParam("body", false, false);
             $emailParams = array('subject' => $title, 'to' => $email, 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
             $array = array();
             if (osc_sendMail($emailParams)) {
                 $array = array('status' => '1', 'html' => __('Email sent successfully'));
             } else {
                 $array = array('status' => '0', 'html' => __('An error occurred while sending email'));
             }
             echo json_encode($array);
             break;
         case 'order_pages':
             osc_csrf_check(false);
             $order = Params::getParam("order");
             $id = Params::getParam("id");
             if ($order != '' && $id != '') {
                 $mPages = Page::newInstance();
                 $actual_page = $mPages->findByPrimaryKey($id);
                 $actual_order = $actual_page['i_order'];
                 $array = array();
                 $condition = array();
                 $new_order = $actual_order;
                 if ($order == 'up') {
                     $page = $mPages->findPrevPage($actual_order);
                 } else {
                     if ($order == 'down') {
                         $page = $mPages->findNextPage($actual_order);
                     }
                 }
                 if (isset($page['i_order'])) {
                     $mPages->update(array('i_order' => $page['i_order']), array('pk_i_id' => $id));
                     $mPages->update(array('i_order' => $actual_order), array('pk_i_id' => $page['pk_i_id']));
                 }
             }
             break;
         case 'check_version':
             $data = osc_file_get_contents('http://osclass.org/latest_version_v1.php?callback=?');
             $data = preg_replace('|^\\?\\((.*?)\\);$|', '$01', $data);
             $json = json_decode($data);
             if (isset($json->version)) {
                 if ($json->version > osc_version()) {
                     osc_set_preference('update_core_json', $data);
                     echo json_encode(array('error' => 0, 'msg' => __('Update available')));
                 } else {
                     osc_set_preference('update_core_json', '');
                     echo json_encode(array('error' => 0, 'msg' => __('No update available')));
                 }
                 osc_set_preference('last_version_check', time());
             } else {
                 // Latest version couldn't be checked (site down?)
                 osc_set_preference('last_version_check', time() - 82800);
                 // 82800 = 23 hours, so repeat check in one hour
                 echo json_encode(array('error' => 1, 'msg' => __('Version could not be checked')));
             }
             break;
         case 'check_languages':
             $total = _osc_check_languages_update();
             echo json_encode(array('msg' => __('Checked updates'), 'total' => $total));
             break;
         case 'check_themes':
             $total = _osc_check_themes_update();
             echo json_encode(array('msg' => __('Checked updates'), 'total' => $total));
             break;
         case 'check_plugins':
             $total = _osc_check_plugins_update();
             echo json_encode(array('msg' => __('Checked updates'), 'total' => $total));
             break;
             /******************************
              ** COMPLETE UPGRADE PROCESS **
              ******************************/
         /******************************
          ** COMPLETE UPGRADE PROCESS **
          ******************************/
         case 'upgrade':
             // AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
             osc_csrf_check();
             $result = osc_do_upgrade();
             if (!defined('__FROM_CRON__') || !__FROM_CRON__) {
                 if ($result['error'] == 0) {
                     osc_add_flash_ok_message($result['message'], 'admin');
                 } else {
                     if ($result['error'] == 6) {
                         osc_add_flash_warning_message($result['message'], 'admin');
                     }
                 }
             }
             echo json_encode($result);
             break;
             /*******************************
              ** COMPLETE MARKET PROCESS **
              *******************************/
         /*******************************
          ** COMPLETE MARKET PROCESS **
          *******************************/
         case 'market':
             // AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
             osc_csrf_check(false);
             $result = osc_market(Params::getParam('section'), Params::getParam('code'));
             echo json_encode($result);
             break;
         case 'check_market':
             // AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
             $section = Params::getParam('section');
             $code = Params::getParam('code');
             $data = array();
             /************************
              *** CHECK VALID CODE ***
              ************************/
             if ($code != '' && $section != '') {
                 if (stripos($code, "http://") === FALSE) {
                     // OSCLASS OFFICIAL REPOSITORY
                     $data = json_decode(osc_file_get_contents(osc_market_url($section, $code), array('api_key' => osc_market_api_connect())), true);
                 } else {
                     // THIRD PARTY REPOSITORY
                     if (osc_market_external_sources()) {
                         $data = json_decode(osc_file_get_contents($code), true);
                     } else {
                         echo json_encode(array('error' => 3, 'error_msg' => __('No external sources are allowed')));
                         break;
                     }
                 }
                 if (!isset($data['s_source_file']) || !isset($data['s_update_url'])) {
                     //$data = array('error' => 2, 'error_msg' => __('Invalid code'));
                 }
             } else {
                 $data = array('error' => 1, 'error_msg' => __('No code was submitted'));
             }
             echo json_encode($data);
             break;
         case 'market_data':
             $section = Params::getParam('section');
             $page = Params::getParam("mPage");
             $featured = Params::getParam("featured");
             $sort = Params::getParam("sort");
             $order = Params::getParam("order");
             // for the moment this value is static
             $length = 9;
             if ($page >= 1) {
                 $page--;
             }
             $url = osc_market_url($section) . "page/" . $page . '/';
             if ($length != '' && is_numeric($length)) {
                 $url .= 'length/' . $length . '/';
             }
             if ($sort != '') {
                 $url .= 'order/' . $sort;
                 if ($order != '') {
                     $url .= '/' . $order;
                 }
             }
             if ($featured != '') {
                 $url = osc_market_featured_url($section);
             }
             $data = array();
             $data = json_decode(osc_file_get_contents($url, array('api_key' => osc_market_api_connect())), true);
             if (!isset($data[$section])) {
                 $data = array('error' => 1, 'error_msg' => __('No market data'));
             }
             echo 'var market_data = window.market_data || {}; market_data.' . $section . ' = ' . json_encode($data) . ';';
             break;
         case 'local_market':
             // AVOID CROSS DOMAIN PROBLEMS OF AJAX REQUEST
             $marketPage = Params::getParam("mPage");
             if ($marketPage >= 1) {
                 $marketPage--;
             }
             $out = osc_file_get_contents(osc_market_url(Params::getParam("section")) . "page/" . $marketPage, array('api_key' => osc_market_api_connect()));
             $array = json_decode($out, true);
             // do pagination
             $pageActual = $array['page'];
             $totalPages = ceil($array['total'] / $array['sizePage']);
             $params = array('total' => $totalPages, 'selected' => $pageActual, 'url' => '#{PAGE}', 'sides' => 5);
             // set pagination
             $pagination = new Pagination($params);
             $aux = $pagination->doPagination();
             $array['pagination_content'] = $aux;
             // encode to json
             echo json_encode($array);
             break;
         case 'market_connect':
             $json = osc_file_get_contents(osc_market_url() . 'connect/', array('s_email' => Params::getParam('s_email'), 's_password' => Params::getParam('s_password')));
             $data = json_decode($json, true);
             if ($data['error'] == 0) {
                 osc_set_preference('marketAPIConnect', $data['api_key']);
                 unset($data['api_key']);
                 $json = json_encode($data);
             }
             echo $json;
             break;
         case 'dashboardbox_market':
             $error = 0;
             // make market call
             $url = osc_get_preference('marketURL') . 'dashboardbox/';
             $content = '';
             if (false === ($json = @osc_file_get_contents($url))) {
                 $error = 1;
             } else {
                 $content = $json;
             }
             if ($error == 1) {
                 echo json_encode(array('error' => 1));
             } else {
                 // replace content with correct urls
                 $content = str_replace('{URL_MARKET_THEMES}', osc_admin_base_url(true) . '?page=market&action=themes', $content);
                 $content = str_replace('{URL_MARKET_PLUGINS}', osc_admin_base_url(true) . '?page=market&action=plugins', $content);
                 echo json_encode(array('html' => $content));
             }
             break;
         case 'market_header':
             $error = 0;
             // make market call
             $url = osc_get_preference('marketURL') . 'market_header/';
             $content = '';
             if (false === ($json = @osc_file_get_contents($url))) {
                 $error = 1;
             } else {
                 $content = $json;
             }
             if ($error == 1) {
                 echo json_encode(array('error' => 1));
             } else {
                 echo json_encode(array('html' => $content));
             }
             break;
         case 'location_stats':
             osc_csrf_check(false);
             $workToDo = osc_update_location_stats();
             if ($workToDo > 0) {
                 $array['status'] = 'more';
                 $array['pending'] = $workToDo;
                 echo json_encode($array);
             } else {
                 $array['status'] = 'done';
                 echo json_encode($array);
             }
             break;
         case 'country_slug':
             $exists = Country::newInstance()->findBySlug(Params::getParam('slug'));
             if (isset($exists['s_slug'])) {
                 echo json_encode(array('error' => 1, 'country' => $exists));
             } else {
                 echo json_encode(array('error' => 0));
             }
             break;
         case 'region_slug':
             $exists = Region::newInstance()->findBySlug(Params::getParam('slug'));
             if (isset($exists['s_slug'])) {
                 echo json_encode(array('error' => 1, 'region' => $exists));
             } else {
                 echo json_encode(array('error' => 0));
             }
             break;
         case 'city_slug':
             $exists = City::newInstance()->findBySlug(Params::getParam('slug'));
             if (isset($exists['s_slug'])) {
                 echo json_encode(array('error' => 1, 'city' => $exists));
             } else {
                 echo json_encode(array('error' => 0));
             }
             break;
         case 'error_permissions':
             echo json_encode(array('error' => __("You don't have the necessary permissions")));
             break;
         default:
             echo json_encode(array('error' => __('no action defined')));
             break;
     }
     // clear all keep variables into session
     Session::newInstance()->_dropKeepForm();
     Session::newInstance()->_clearVariables();
 }
Ejemplo n.º 16
0
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'add':
             $this->doView("plugins/add.php");
             break;
         case 'add_post':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             }
             osc_csrf_check();
             $package = Params::getFiles("package");
             if (isset($package['size']) && $package['size'] != 0) {
                 $path = osc_plugins_path();
                 (int) ($status = osc_unzip_file($package['tmp_name'], $path));
                 @unlink($package['tmp_name']);
             } else {
                 $status = 3;
             }
             switch ($status) {
                 case 0:
                     $msg = _m('The plugin folder is not writable');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
                 case 1:
                     $msg = _m('The plugin has been uploaded correctly');
                     osc_add_flash_ok_message($msg, 'admin');
                     break;
                 case 2:
                     $msg = _m('The zip file is not valid');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
                 case 3:
                     $msg = _m('No file was uploaded');
                     osc_add_flash_error_message($msg, 'admin');
                     $this->redirectTo(osc_admin_base_url(true) . "?page=plugins&action=add");
                     break;
                 case -1:
                 default:
                     $msg = _m('There was a problem adding the plugin');
                     osc_add_flash_error_message($msg, 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
             break;
         case 'install':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             }
             osc_csrf_check();
             $pn = Params::getParam('plugin');
             // set header just in case it's triggered some fatal error
             header("Location: " . osc_admin_base_url(true) . "?page=plugins&error=" . $pn, true, '302');
             $installed = Plugins::install($pn);
             if (is_array($installed)) {
                 switch ($installed['error_code']) {
                     case 'error_output':
                         osc_add_flash_error_message(sprintf(_m('The plugin generated %d characters of <strong>unexpected output</strong> during the installation. Output: "%s"'), strlen($installed['output']), $installed['output']), 'admin');
                         break;
                     case 'error_installed':
                         osc_add_flash_error_message(_m('Plugin is already installed'), 'admin');
                         break;
                     case 'error_file':
                         osc_add_flash_error_message(_m("Plugin couldn't be installed because their files are missing"), 'admin');
                         break;
                     case 'custom_error':
                         osc_add_flash_error_message(sprintf(_m("Plugin couldn't be installed because of: %s"), $installed['msg']), 'admin');
                         break;
                     default:
                         osc_add_flash_error_message(_m("Plugin couldn't be installed"), 'admin');
                         break;
                 }
             } else {
                 osc_add_flash_ok_message(_m('Plugin installed'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             break;
         case 'uninstall':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             }
             osc_csrf_check();
             if (Plugins::uninstall(Params::getParam("plugin"))) {
                 osc_add_flash_ok_message(_m('Plugin uninstalled'), 'admin');
             } else {
                 osc_add_flash_error_message(_m("Plugin couldn't be uninstalled"), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             break;
         case 'enable':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             }
             osc_csrf_check();
             if (Plugins::activate(Params::getParam('plugin'))) {
                 osc_add_flash_ok_message(_m('Plugin enabled'), 'admin');
             } else {
                 osc_add_flash_error_message(_m('Plugin is already enabled'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             break;
         case 'disable':
             if (defined('DEMO')) {
                 osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             }
             osc_csrf_check();
             if (Plugins::deactivate(Params::getParam('plugin'))) {
                 osc_add_flash_ok_message(_m('Plugin disabled'), 'admin');
             } else {
                 osc_add_flash_error_message(_m('Plugin is already disabled'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
             break;
         case 'admin':
             $plugin = Params::getParam("plugin");
             if ($plugin != "") {
                 osc_run_hook($plugin . '_configure');
             }
             break;
         case 'admin_post':
             osc_run_hook('admin_post');
             break;
         case 'renderplugin':
             if (Params::existParam('route')) {
                 $routes = Rewrite::newInstance()->getRoutes();
                 $rid = Params::getParam('route');
                 $file = '../';
                 if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
                     $file = $routes[$rid]['file'];
                 }
             } else {
                 // DEPRECATED: Disclosed path in URL is deprecated, use routes instead
                 // This will be REMOVED in 3.4
                 $file = Params::getParam('file');
                 // We pass the GET variables (in case we have somes)
                 if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
                     $file = $match[1];
                     if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
                         for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
                             Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
                         }
                     }
                 } else {
                     $file = Params::getParam('file');
                 }
             }
             osc_run_hook('renderplugin_controller');
             if (stripos($file, '../') === false && stripos($file, '..\\') === false && $file != "") {
                 $this->_exportVariableToView("file", osc_plugins_path() . $file);
                 $this->doView("plugins/view.php");
             }
             break;
         case 'configure':
             $plugin = Params::getParam("plugin");
             if ($plugin != '') {
                 $plugin_data = Plugins::getInfo($plugin);
                 $this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
                 $this->_exportVariableToView("selected", PluginCategory::newInstance()->listSelected($plugin_data['short_name']));
                 $this->_exportVariableToView("plugin_data", $plugin_data);
                 $this->doView("plugins/configuration.php");
             } else {
                 $this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
             }
             break;
         case 'configure_post':
             osc_csrf_check();
             $plugin_short_name = Params::getParam("plugin_short_name");
             $categories = Params::getParam("categories");
             if ($plugin_short_name != "") {
                 Plugins::cleanCategoryFromPlugin($plugin_short_name);
                 if (isset($categories)) {
                     Plugins::addToCategoryPlugin($categories, $plugin_short_name);
                 }
                 osc_run_hook('plugin_categories_' . Params::getParam('plugin'), $categories);
                 osc_add_flash_ok_message(_m('Configuration was saved'), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
             }
             osc_add_flash_error_message(_m('No plugin selected'), 'admin');
             $this->doView('plugins/index.php');
             break;
         case 'delete':
             osc_csrf_check();
             $plugin = str_replace('/index.php', '', Params::getParam("plugin"));
             $path = preg_replace('([\\/]+)', '/', CONTENT_PATH . 'plugins/' . $plugin);
             if ($plugin != "" && strpos($plugin, '../') === false && strpos($plugin, '..\\') === false && $path != CONTENT_PATH . 'plugins/') {
                 if (osc_deleteDir($path)) {
                     osc_add_flash_ok_message(_m('The files were deleted'), 'admin');
                 } else {
                     osc_add_flash_error_message(sprintf(_m('There were an error deleting the files, please check the permissions of the files in %s'), $path . "/"), 'admin');
                 }
                 $this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
             }
             osc_add_flash_error_message(_m('No plugin selected'), 'admin');
             $this->doView('plugins/index.php');
             break;
         case 'error_plugin':
             // force php errors and simulate plugin installation to show the errors in the iframe
             if (!OSC_DEBUG) {
                 error_reporting(E_ALL | E_STRICT);
             }
             @ini_set('display_errors', 1);
             include osc_plugins_path() . Params::getParam('plugin');
             Plugins::install(Params::getParam('plugin'));
             exit;
             break;
         default:
             if (Params::getParam('checkUpdated') != '') {
                 osc_admin_toolbar_update_plugins(true);
             }
             if (Params::getParam('iDisplayLength') == '') {
                 Params::setParam('iDisplayLength', 25);
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             $p_iPage = 1;
             if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
                 $p_iPage = Params::getParam('iPage');
             }
             Params::setParam('iPage', $p_iPage);
             $aPlugin = Plugins::listAll();
             $active_plugins = osc_get_plugins();
             // pagination
             $start = ($p_iPage - 1) * Params::getParam('iDisplayLength');
             $limit = Params::getParam('iDisplayLength');
             $count = count($aPlugin);
             $displayRecords = $limit;
             if ($start + $limit > $count) {
                 $displayRecords = $start + $limit - $count;
             }
             // --------------------------------------------------------
             $aData = array();
             $aInfo = array();
             $max = $start + $limit;
             if ($max > $count) {
                 $max = $count;
             }
             $aPluginsToUpdate = json_decode(osc_get_preference('plugins_to_update'));
             $bPluginsToUpdate = is_array($aPluginsToUpdate) ? true : false;
             for ($i = $start; $i < $max; $i++) {
                 $plugin = $aPlugin[$i];
                 $row = array();
                 $pInfo = osc_plugin_get_info($plugin);
                 // prepare row 1
                 $installed = 0;
                 if (osc_plugin_is_installed($plugin)) {
                     $installed = 1;
                 }
                 $enabled = 0;
                 if (osc_plugin_is_enabled($plugin)) {
                     $enabled = 1;
                 }
                 // prepare row 2
                 $sUpdate = '';
                 // get plugins to update from t_preference
                 if ($bPluginsToUpdate) {
                     if (in_array(@$pInfo['plugin_update_uri'], $aPluginsToUpdate)) {
                         $sUpdate = '<a class="market_update market-popup" href="#' . htmlentities($pInfo['plugin_update_uri']) . '">' . __("There's a new update available") . '</a>';
                     }
                 }
                 // prepare row 4
                 $sConfigure = '';
                 if (isset($active_plugins[$plugin . '_configure'])) {
                     $sConfigure = '<a href="' . osc_admin_base_url(true) . '?page=plugins&amp;action=admin&amp;plugin=' . $pInfo['filename'] . "&amp;" . osc_csrf_token_url() . '">' . __('Configure') . '</a>';
                 }
                 // prepare row 5
                 $sEnable = '';
                 if ($installed) {
                     if ($enabled) {
                         $sEnable = '<a href="' . osc_admin_base_url(true) . '?page=plugins&amp;action=disable&amp;plugin=' . $pInfo['filename'] . "&amp;" . osc_csrf_token_url() . '">' . __('Disable') . '</a>';
                     } else {
                         $sEnable = '<a href="' . osc_admin_base_url(true) . '?page=plugins&amp;action=enable&amp;plugin=' . $pInfo['filename'] . "&amp;" . osc_csrf_token_url() . '">' . __('Enable') . '</a>';
                     }
                 }
                 // prepare row 6
                 if ($installed) {
                     $sInstall = '<a onclick="javascript:return uninstall_dialog(\'' . $pInfo['filename'] . '\', \'' . $pInfo['plugin_name'] . '\');" href="' . osc_admin_base_url(true) . '?page=plugins&amp;action=uninstall&amp;plugin=' . $pInfo['filename'] . "&amp;" . osc_csrf_token_url() . '">' . __('Uninstall') . '</a>';
                 } else {
                     $sInstall = '<a href="' . osc_admin_base_url(true) . '?page=plugins&amp;action=install&amp;plugin=' . $pInfo['filename'] . "&amp;" . osc_csrf_token_url() . '">' . __('Install') . '</a>';
                 }
                 $sDelete = '';
                 if (!$installed) {
                     $sDelete = '<a href="javascript:delete_plugin(\'' . $pInfo['filename'] . '\');" >' . __('Delete') . '</a>';
                 }
                 $sHelp = '';
                 if ($pInfo['support_uri'] != '') {
                     $sHelp = '<span class="plugin-support-icon plugin-tooltip" ><a target="_blank" href="' . osc_sanitize_url($pInfo['support_uri']) . '" ><img src="' . osc_current_admin_theme_url('images/question.png') . '" alt="' . osc_esc_html(__('Problems with this plugin? Ask for support.')) . '" ></a></span>';
                 }
                 $sSiteUrl = '';
                 if ($pInfo['plugin_uri'] != '') {
                     $sSiteUrl = ' | <a target="_blank" href="' . $pInfo['plugin_uri'] . '">' . __('Plugins Site') . '</a>';
                 }
                 if ($pInfo['author_uri'] != '') {
                     $sAuthor = __('By') . ' <a target="_blank" href="' . $pInfo['author_uri'] . '">' . $pInfo['author'] . '</a>';
                 } else {
                     $sAuthor = __('By') . ' ' . $pInfo['author'];
                 }
                 $row[] = '<input type="hidden" name="installed" value="' . $installed . '" enabled="' . $enabled . '" />' . $pInfo['plugin_name'] . $sHelp . '<div>' . $sUpdate . '</div>';
                 $row[] = $pInfo['description'] . '<br />' . __('Version:') . $pInfo['version'] . ' | ' . $sAuthor . $sSiteUrl;
                 $row[] = $sUpdate != '' ? $sUpdate : '&nbsp;';
                 $row[] = $sConfigure != '' ? $sConfigure : '&nbsp;';
                 $row[] = $sEnable != '' ? $sEnable : '&nbsp;';
                 $row[] = $sInstall != '' ? $sInstall : '&nbsp;';
                 $row[] = $sDelete != '' ? $sDelete : '&nbsp;';
                 $aData[] = $row;
                 if (@$pInfo['plugin_update_uri'] != '') {
                     $aInfo[@$pInfo['plugin_update_uri']] = $pInfo;
                 } else {
                     $aInfo[$i] = $pInfo;
                 }
             }
             $array['iTotalRecords'] = $displayRecords;
             $array['iTotalDisplayRecords'] = count($aPlugin);
             $array['iDisplayLength'] = $limit;
             $array['aaData'] = $aData;
             $array['aaInfo'] = $aInfo;
             // --------------------------------------------------------
             $page = (int) Params::getParam('iPage');
             if (count($array['aaData']) == 0 && $page != 1) {
                 $total = (int) $array['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $array['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aPlugins', $array);
             $this->doView("plugins/index.php");
             break;
     }
 }
Ejemplo n.º 17
0
 function doModel()
 {
     switch ($this->action) {
         case 'login_post':
             //post execution for the login
             $admin = Admin::newInstance()->findByUsername(Params::getParam('user'));
             if ($admin) {
                 if ($admin["s_password"] == sha1(Params::getParam('password'))) {
                     if (Params::getParam('remember')) {
                         //this include contains de osc_genRandomPassword function
                         require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
                         $secret = osc_genRandomPassword();
                         Admin::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $admin['pk_i_id']));
                         Cookie::newInstance()->set_expires(osc_time_cookie());
                         Cookie::newInstance()->push('oc_adminId', $admin['pk_i_id']);
                         Cookie::newInstance()->push('oc_adminSecret', $secret);
                         Cookie::newInstance()->push('oc_adminLocale', Params::getParam('locale'));
                         Cookie::newInstance()->set();
                     }
                     //we are logged in... let's go!
                     Session::newInstance()->_set('adminId', $admin['pk_i_id']);
                     Session::newInstance()->_set('adminUserName', $admin['s_username']);
                     Session::newInstance()->_set('adminName', $admin['s_name']);
                     Session::newInstance()->_set('adminEmail', $admin['s_email']);
                     Session::newInstance()->_set('adminLocale', Params::getParam('locale'));
                 } else {
                     osc_add_flash_message(_m('The password is incorrect'), 'admin');
                 }
             } else {
                 osc_add_flash_message(_m('That username does not exist'), 'admin');
             }
             //returning logged in to the main page...
             $this->redirectTo(osc_admin_base_url());
             break;
         case 'recover':
             //form to recover the password (in this case we have the form in /gui/)
             //#dev.conquer: we cannot use the doView here and only here
             $this->doView('gui/recover.php');
             break;
         case 'recover_post':
             //post execution to recover the password
             $admin = Admin::newInstance()->findByEmail(Params::getParam('email'));
             if ($admin) {
                 if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                     if (!osc_check_recaptcha()) {
                         osc_add_flash_message(_m('The Recaptcha code is wrong'), 'admin');
                         $this->redirectTo(osc_admin_base_url(true) . '?page=login&action=recover');
                         return false;
                         // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                     }
                 }
                 require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
                 $newPassword = osc_genRandomPassword(40);
                 Admin::newInstance()->update(array('s_secret' => $newPassword), array('pk_i_id' => $admin['pk_i_id']));
                 $password_link = osc_forgot_admin_password_confirm_url($admin['pk_i_id'], $newPassword);
                 $aPage = Page::newInstance()->findByInternalName('email_user_forgot_password');
                 $content = array();
                 $locale = osc_current_user_locale();
                 if (isset($aPage['locale'][$locale]['s_title'])) {
                     $content = $aPage['locale'][$locale];
                 } else {
                     $content = current($aPage['locale']);
                 }
                 if (!is_null($content)) {
                     $words = array();
                     $words[] = array('{USER_NAME}', '{USER_EMAIL}', '{WEB_TITLE}', '{IP_ADDRESS}', '{PASSWORD_LINK}', '{DATE_TIME}');
                     $words[] = array($admin['s_name'], $admin['s_email'], osc_page_title(), $_SERVER['REMOTE_ADDR'], $password_link, date(osc_time_format() . '  ' . osc_date_format()));
                     $title = osc_mailBeauty($content['s_title'], $words);
                     $body = osc_mailBeauty($content['s_text'], $words);
                     $emailParams = array('subject' => $title, 'to' => $admin['s_email'], 'to_name' => $admin['s_name'], 'body' => $body, 'alt_body' => $body);
                     osc_sendMail($emailParams);
                 }
             }
             osc_add_flash_message(_m('A new password has been sent to your e-mail'), 'admin');
             $this->redirectTo(osc_admin_base_url());
             break;
         case 'forgot':
             //form to recover the password (in this case we have the form in /gui/)
             $admin = Admin::newInstance()->findByIdSecret(Params::getParam('adminId'), Params::getParam('code'));
             if ($admin) {
                 $this->doView('gui/forgot_password.php');
             } else {
                 osc_add_flash_message(_m('Sorry, the link is not valid'), 'admin');
                 $this->redirectTo(osc_admin_base_url());
             }
             break;
         case 'forgot_post':
             $admin = Admin::newInstance()->findByIdSecret(Params::getParam('adminId'), Params::getParam('code'));
             if ($admin) {
                 if (Params::getParam('new_password') == Params::getParam('new_password2')) {
                     Admin::newInstance()->update(array('s_secret' => osc_genRandomPassword(), 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $admin['pk_i_id']));
                     osc_add_flash_message(_m('The password has been changed'), 'admin');
                     $this->redirectTo(osc_admin_base_url());
                 } else {
                     osc_add_flash_message(_m('Error, the password don\'t match'), 'admin');
                     $this->redirectTo(osc_forgot_admin_password_confirm_url(Params::getParam('adminId'), Params::getParam('code')));
                 }
             } else {
                 osc_add_flash_message(_m('Sorry, the link is not valid'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url());
             break;
     }
 }
Ejemplo n.º 18
0
 function doModel()
 {
     osc_run_hook('before_search');
     if (osc_rewrite_enabled()) {
         // IF rewrite is not enabled, skip this part, preg_match is always time&resources consuming task
         $p_sParams = "/" . Params::getParam('sParams', false, false);
         if (preg_match_all('|\\/([^,]+),([^\\/]*)|', $p_sParams, $m)) {
             $l = count($m[0]);
             for ($k = 0; $k < $l; $k++) {
                 switch ($m[1][$k]) {
                     case osc_get_preference('rewrite_search_country'):
                         $m[1][$k] = 'sCountry';
                         break;
                     case osc_get_preference('rewrite_search_region'):
                         $m[1][$k] = 'sRegion';
                         break;
                     case osc_get_preference('rewrite_search_city'):
                         $m[1][$k] = 'sCity';
                         break;
                     case osc_get_preference('rewrite_search_city_area'):
                         $m[1][$k] = 'sCityArea';
                         break;
                     case osc_get_preference('rewrite_search_category'):
                         $m[1][$k] = 'sCategory';
                         break;
                     case osc_get_preference('rewrite_search_user'):
                         $m[1][$k] = 'sUser';
                         break;
                     case osc_get_preference('rewrite_search_pattern'):
                         $m[1][$k] = 'sPattern';
                         break;
                     default:
                         // custom fields
                         if (preg_match("/meta(\\d+)-?(.*)?/", $m[1][$k], $results)) {
                             $meta_key = $m[1][$k];
                             $meta_value = $m[2][$k];
                             $array_r = array();
                             if (Params::existParam('meta')) {
                                 $array_r = Params::getParam('meta');
                             }
                             if ($results[2] == '') {
                                 // meta[meta_id] = meta_value
                                 $meta_key = $results[1];
                                 $array_r[$meta_key] = $meta_value;
                             } else {
                                 // meta[meta_id][meta_key] = meta_value
                                 $meta_key = $results[1];
                                 $meta_key2 = $results[2];
                                 $array_r[$meta_key][$meta_key2] = $meta_value;
                             }
                             $m[1][$k] = 'meta';
                             $m[2][$k] = $array_r;
                         }
                         break;
                 }
                 Params::setParam($m[1][$k], $m[2][$k]);
             }
             Params::unsetParam('sParams');
         }
     }
     $uriParams = Params::getParamsAsArray();
     $searchUri = osc_search_url($uriParams);
     if ($this->uri != 'feed') {
         if (str_replace("%20", '+', $searchUri) != str_replace("%20", '+', WEB_PATH . $this->uri)) {
             $this->redirectTo($searchUri, 301);
         }
     }
     ////////////////////////////////
     //GETTING AND FIXING SENT DATA//
     ////////////////////////////////
     $p_sCategory = Params::getParam('sCategory');
     if (!is_array($p_sCategory)) {
         if ($p_sCategory == '') {
             $p_sCategory = array();
         } else {
             $p_sCategory = explode(",", $p_sCategory);
         }
     }
     $p_sCityArea = Params::getParam('sCityArea');
     if (!is_array($p_sCityArea)) {
         if ($p_sCityArea == '') {
             $p_sCityArea = array();
         } else {
             $p_sCityArea = explode(",", $p_sCityArea);
         }
     }
     $p_sCity = Params::getParam('sCity');
     if (!is_array($p_sCity)) {
         if ($p_sCity == '') {
             $p_sCity = array();
         } else {
             $p_sCity = explode(",", $p_sCity);
         }
     }
     $p_sRegion = Params::getParam('sRegion');
     if (!is_array($p_sRegion)) {
         if ($p_sRegion == '') {
             $p_sRegion = array();
         } else {
             $p_sRegion = explode(",", $p_sRegion);
         }
     }
     $p_sCountry = Params::getParam('sCountry');
     if (!is_array($p_sCountry)) {
         if ($p_sCountry == '') {
             $p_sCountry = array();
         } else {
             $p_sCountry = explode(",", $p_sCountry);
         }
     }
     $p_sUser = Params::getParam('sUser');
     if (!is_array($p_sUser)) {
         if ($p_sUser == '') {
             $p_sUser = '';
         } else {
             $p_sUser = explode(",", $p_sUser);
         }
     }
     $p_sLocale = Params::getParam('sLocale');
     if (!is_array($p_sLocale)) {
         if ($p_sLocale == '') {
             $p_sLocale = '';
         } else {
             $p_sLocale = explode(",", $p_sLocale);
         }
     }
     $p_sPattern = trim(strip_tags(Params::getParam('sPattern')));
     // ADD TO THE LIST OF LAST SEARCHES
     if (osc_save_latest_searches() && (!Params::existParam('iPage') || Params::getParam('iPage') == 1)) {
         $savePattern = osc_apply_filter('save_latest_searches_pattern', $p_sPattern);
         if ($savePattern != '') {
             LatestSearches::newInstance()->insert(array('s_search' => $savePattern, 'd_date' => date('Y-m-d H:i:s')));
         }
     }
     $p_bPic = Params::getParam('bPic');
     $p_bPic = $p_bPic == 1 ? 1 : 0;
     $p_bPremium = Params::getParam('bPremium');
     $p_bPremium = $p_bPremium == 1 ? 1 : 0;
     $p_sPriceMin = Params::getParam('sPriceMin');
     $p_sPriceMax = Params::getParam('sPriceMax');
     //WE CAN ONLY USE THE FIELDS RETURNED BY Search::getAllowedColumnsForSorting()
     $p_sOrder = Params::getParam('sOrder');
     if (!in_array($p_sOrder, Search::getAllowedColumnsForSorting())) {
         $p_sOrder = osc_default_order_field_at_search();
     }
     $old_order = $p_sOrder;
     //ONLY 0 ( => 'asc' ), 1 ( => 'desc' ) AS ALLOWED VALUES
     $p_iOrderType = Params::getParam('iOrderType');
     $allowedTypesForSorting = Search::getAllowedTypesForSorting();
     $orderType = osc_default_order_type_at_search();
     foreach ($allowedTypesForSorting as $k => $v) {
         if ($p_iOrderType == $v) {
             $orderType = $k;
             break;
         }
     }
     $p_iOrderType = $orderType;
     $p_sFeed = Params::getParam('sFeed');
     $p_iPage = 0;
     if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') > 0) {
         $p_iPage = intval(Params::getParam('iPage')) - 1;
     }
     if ($p_sFeed != '') {
         $p_sPageSize = 1000;
     }
     $p_sShowAs = Params::getParam('sShowAs');
     $aValidShowAsValues = array('list', 'gallery');
     if (!in_array($p_sShowAs, $aValidShowAsValues)) {
         $p_sShowAs = osc_default_show_as_at_search();
     }
     // search results: it's blocked with the maxResultsPerPage@search defined in t_preferences
     $p_iPageSize = intval(Params::getParam('iPagesize'));
     if ($p_iPageSize > 0) {
         if ($p_iPageSize > osc_max_results_per_page_at_search()) {
             $p_iPageSize = osc_max_results_per_page_at_search();
         }
     } else {
         $p_iPageSize = osc_default_results_per_page_at_search();
     }
     //FILTERING CATEGORY
     $bAllCategoriesChecked = false;
     $successCat = false;
     if (count($p_sCategory) > 0) {
         foreach ($p_sCategory as $category) {
             $successCat = $this->mSearch->addCategory($category) || $successCat;
         }
     } else {
         $bAllCategoriesChecked = true;
     }
     //FILTERING CITY_AREA
     foreach ($p_sCityArea as $city_area) {
         $this->mSearch->addCityArea($city_area);
     }
     $p_sCityArea = implode(", ", $p_sCityArea);
     //FILTERING CITY
     foreach ($p_sCity as $city) {
         $this->mSearch->addCity($city);
     }
     $p_sCity = implode(", ", $p_sCity);
     //FILTERING REGION
     foreach ($p_sRegion as $region) {
         $this->mSearch->addRegion($region);
     }
     $p_sRegion = implode(", ", $p_sRegion);
     //FILTERING COUNTRY
     foreach ($p_sCountry as $country) {
         $this->mSearch->addCountry($country);
     }
     $p_sCountry = implode(", ", $p_sCountry);
     // FILTERING PATTERN
     if ($p_sPattern != '') {
         $this->mSearch->addPattern($p_sPattern);
         $osc_request['sPattern'] = $p_sPattern;
     } else {
         // hardcoded - if there isn't a search pattern, order by dt_pub_date desc
         if ($p_sOrder == 'relevance') {
             $p_sOrder = 'dt_pub_date';
             foreach ($allowedTypesForSorting as $k => $v) {
                 if ($p_iOrderType == 'desc') {
                     $orderType = $k;
                     break;
                 }
             }
             $p_iOrderType = $orderType;
         }
     }
     // FILTERING USER
     if ($p_sUser != '') {
         $this->mSearch->fromUser($p_sUser);
     }
     // FILTERING LOCALE
     $this->mSearch->addLocale($p_sLocale);
     // FILTERING IF WE ONLY WANT ITEMS WITH PICS
     if ($p_bPic) {
         $this->mSearch->withPicture(true);
     }
     // FILTERING IF WE ONLY WANT PREMIUM ITEMS
     if ($p_bPremium) {
         $this->mSearch->onlyPremium(true);
     }
     //FILTERING BY RANGE PRICE
     $this->mSearch->priceRange($p_sPriceMin, $p_sPriceMax);
     //ORDERING THE SEARCH RESULTS
     $this->mSearch->order($p_sOrder, $allowedTypesForSorting[$p_iOrderType]);
     //SET PAGE
     if ($p_sFeed == 'rss') {
         // If param sFeed=rss, just output last 'osc_num_rss_items()'
         $this->mSearch->page(0, osc_num_rss_items());
     } else {
         $this->mSearch->page($p_iPage, $p_iPageSize);
     }
     // CUSTOM FIELDS
     $custom_fields = Params::getParam('meta');
     $fields = Field::newInstance()->findIDSearchableByCategories($p_sCategory);
     $table = DB_TABLE_PREFIX . 't_item_meta';
     if (is_array($custom_fields)) {
         foreach ($custom_fields as $key => $aux) {
             if (in_array($key, $fields)) {
                 $field = Field::newInstance()->findByPrimaryKey($key);
                 switch ($field['e_type']) {
                     case 'TEXTAREA':
                     case 'TEXT':
                     case 'URL':
                         if ($aux != '') {
                             $aux = "%{$aux}%";
                             $sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
                             $str_escaped = Search::newInstance()->dao->escape($aux);
                             $sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
                             $sql .= $table . ".s_value LIKE " . $str_escaped;
                             $this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
                         }
                         break;
                     case 'DROPDOWN':
                     case 'RADIO':
                         if ($aux != '') {
                             $sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
                             $str_escaped = Search::newInstance()->dao->escape($aux);
                             $sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
                             $sql .= $table . ".s_value = " . $str_escaped;
                             $this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
                         }
                         break;
                     case 'CHECKBOX':
                         if ($aux != '') {
                             $sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
                             $sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
                             $sql .= $table . ".s_value = 1";
                             $this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
                         }
                         break;
                     case 'DATE':
                         if ($aux != '') {
                             $y = (int) date('Y', $aux);
                             $m = (int) date('n', $aux);
                             $d = (int) date('j', $aux);
                             $start = mktime('0', '0', '0', $m, $d, $y);
                             $end = mktime('23', '59', '59', $m, $d, $y);
                             $sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
                             $sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
                             $sql .= $table . ".s_value >= " . $start . " AND ";
                             $sql .= $table . ".s_value <= " . $end;
                             $this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
                         }
                         break;
                     case 'DATEINTERVAL':
                         if (is_array($aux) && (!empty($aux['from']) && !empty($aux['to']))) {
                             $from = $aux['from'];
                             $to = $aux['to'];
                             $start = $from;
                             $end = $to;
                             $sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
                             $sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
                             $sql .= $start . " >= " . $table . ".s_value AND s_multi = 'from'";
                             $sql1 = "SELECT fk_i_item_id FROM {$table} WHERE ";
                             $sql1 .= $table . ".fk_i_field_id = " . $key . " AND ";
                             $sql1 .= $end . " <= " . $table . ".s_value AND s_multi = 'to'";
                             $sql_interval = "select a.fk_i_item_id from (" . $sql . ") a where a.fk_i_item_id IN (" . $sql1 . ")";
                             $this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql_interval . ')');
                         }
                         break;
                     default:
                         break;
                 }
             }
         }
     }
     osc_run_hook('search_conditions', Params::getParamsAsArray());
     // RETRIEVE ITEMS AND TOTAL
     $key = md5(osc_base_url() . $this->mSearch->toJson());
     $found = null;
     $cache = osc_cache_get($key, $found);
     $aItems = null;
     $iTotalItems = null;
     if ($cache) {
         $aItems = $cache['aItems'];
         $iTotalItems = $cache['iTotalItems'];
     } else {
         $aItems = $this->mSearch->doSearch();
         $iTotalItems = $this->mSearch->count();
         $_cache['aItems'] = $aItems;
         $_cache['iTotalItems'] = $iTotalItems;
         osc_cache_set($key, $_cache, OSC_CACHE_TTL);
     }
     $iStart = $p_iPage * $p_iPageSize;
     $iEnd = min(($p_iPage + 1) * $p_iPageSize, $iTotalItems);
     $iNumPages = ceil($iTotalItems / $p_iPageSize);
     // works with cache enabled ?
     osc_run_hook('search', $this->mSearch);
     //preparing variables...
     $countryName = $p_sCountry;
     if (strlen($p_sCountry) == 2) {
         $c = Country::newInstance()->findByCode($p_sCountry);
         if ($c) {
             $countryName = $c['s_name'];
         }
     }
     $regionName = $p_sRegion;
     if (is_numeric($p_sRegion)) {
         $r = Region::newInstance()->findByPrimaryKey($p_sRegion);
         if ($r) {
             $regionName = $r['s_name'];
         }
     }
     $cityName = $p_sCity;
     if (is_numeric($p_sCity)) {
         $c = City::newInstance()->findByPrimaryKey($p_sCity);
         if ($c) {
             $cityName = $c['s_name'];
         }
     }
     $this->_exportVariableToView('search_start', $iStart);
     $this->_exportVariableToView('search_end', $iEnd);
     $this->_exportVariableToView('search_category', $p_sCategory);
     // hardcoded - non pattern and order by relevance
     $p_sOrder = $old_order;
     $this->_exportVariableToView('search_order_type', $p_iOrderType);
     $this->_exportVariableToView('search_order', $p_sOrder);
     $this->_exportVariableToView('search_pattern', $p_sPattern);
     $this->_exportVariableToView('search_from_user', $p_sUser);
     $this->_exportVariableToView('search_total_pages', $iNumPages);
     $this->_exportVariableToView('search_page', $p_iPage);
     $this->_exportVariableToView('search_has_pic', $p_bPic);
     $this->_exportVariableToView('search_only_premium', $p_bPremium);
     $this->_exportVariableToView('search_country', $countryName);
     $this->_exportVariableToView('search_region', $regionName);
     $this->_exportVariableToView('search_city', $cityName);
     $this->_exportVariableToView('search_price_min', $p_sPriceMin);
     $this->_exportVariableToView('search_price_max', $p_sPriceMax);
     $this->_exportVariableToView('search_total_items', $iTotalItems);
     $this->_exportVariableToView('items', $aItems);
     $this->_exportVariableToView('search_show_as', $p_sShowAs);
     $this->_exportVariableToView('search', $this->mSearch);
     // json
     $json = $this->mSearch->toJson();
     $encoded_alert = base64_encode(osc_encrypt_alert($json));
     // Create the HMAC signature and convert the resulting hex hash into base64
     $stringToSign = osc_get_alert_public_key() . $encoded_alert;
     $signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign));
     $server_signature = Session::newInstance()->_set('alert_signature', $signature);
     $this->_exportVariableToView('search_alert', $encoded_alert);
     // calling the view...
     if (count($aItems) === 0) {
         header('HTTP/1.1 404 Not Found');
     }
     osc_run_hook("after_search");
     if (!Params::existParam('sFeed')) {
         $this->doView('search.php');
     } else {
         if ($p_sFeed == '' || $p_sFeed == 'rss') {
             // FEED REQUESTED!
             header('Content-type: text/xml; charset=utf-8');
             $feed = new RSSFeed();
             $feed->setTitle(__('Latest listings added') . ' - ' . osc_page_title());
             $feed->setLink(osc_base_url());
             $feed->setDescription(__('Latest listings added in') . ' ' . osc_page_title());
             if (osc_count_items() > 0) {
                 while (osc_has_items()) {
                     if (osc_count_item_resources() > 0) {
                         osc_has_item_resources();
                         $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'country' => osc_item_country(), 'region' => osc_item_region(), 'city' => osc_item_city(), 'city_area' => osc_item_city_area(), 'category' => osc_item_category(), 'dt_pub_date' => osc_item_pub_date(), 'image' => array('url' => htmlentities(osc_resource_thumbnail_url(), ENT_COMPAT, "UTF-8"), 'title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"))));
                     } else {
                         $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'country' => osc_item_country(), 'region' => osc_item_region(), 'city' => osc_item_city(), 'city_area' => osc_item_city_area(), 'category' => osc_item_category(), 'dt_pub_date' => osc_item_pub_date()));
                     }
                 }
             }
             osc_run_hook('feed', $feed);
             $feed->dumpXML();
         } else {
             osc_run_hook('feed_' . $p_sFeed, $aItems);
         }
     }
 }
function seo_country_region_list()
{
    $countries = ModelSeoLocation::newInstance()->getCountryList();
    foreach ($countries as $c) {
        $level = 1;
        $detail = ModelSeoLocation::newInstance()->getAttrByCountryCode($c['pk_c_code']);
        $regions = ModelSeoLocation::newInstance()->getRegionList($c['pk_c_code']);
        $elem = '<i class="fa fa-angle-right level"></i>';
        //Update if anything
        if (Params::getParam('plugin_action') == 'done' and (Params::getParam('seo_title' . $c['pk_c_code']) or Params::getParam('seo_desc' . $c['pk_c_code']) or Params::getParam('seo_keywords' . $c['pk_c_code']))) {
            if (Params::getParam('seo_title' . $c['pk_c_code']) != '' or Params::getParam('seo_desc' . $c['pk_c_code']) != '' or Params::getParam('seo_keywords' . $c['pk_c_code']) != '') {
                if (isset($detail['seo_country_code'])) {
                    ModelSeoLocation::newInstance()->updateCtrAttr($c['pk_c_code'], Params::getParam('seo_title' . $c['pk_c_code']), Params::getParam('seo_desc' . $c['pk_c_code']), Params::getParam('seo_keywords' . $c['pk_c_code']));
                } else {
                    ModelSeoLocation::newInstance()->insertCtrAttr($c['pk_c_code'], Params::getParam('seo_title' . $c['pk_c_code']), Params::getParam('seo_desc' . $c['pk_c_code']), Params::getParam('seo_keywords' . $c['pk_c_code']));
                }
            }
        }
        if (Params::getParam('plugin_action') == 'done' and Params::existParam('seo_title' . $c['pk_c_code']) and Params::existParam('seo_desc' . $c['pk_c_code']) and Params::existParam('seo_keywords' . $c['pk_c_code']) and Params::getParam('seo_title' . $c['pk_c_code']) == '' and Params::getParam('seo_desc' . $c['pk_c_code']) == '' and Params::getParam('seo_keywords' . $c['pk_c_code']) == '') {
            if (isset($detail['seo_country_code'])) {
                ModelSeoLocation::newInstance()->deleteCountry($detail['seo_country_code']);
            }
        }
        $detail = ModelSeoLocation::newInstance()->getAttrByCountryCode($c['pk_c_code']);
        echo '<div class="cat-row level' . $level . '">';
        echo '<div class="cat-elem id">' . $c['pk_c_code'] . '</div>';
        echo '<div class="cat-elem name">' . $c['s_name'] . '</div>';
        echo '<div class="cat-elem titl"><input type="text" name="seo_title' . $c['pk_c_code'] . '" id="seo_title" disabled value="' . $detail['seo_title'] . '" size="20" /></div>';
        echo '<div class="cat-elem desc"><input type="text" name="seo_desc' . $c['pk_c_code'] . '" id="seo_desc" disabled value="' . $detail['seo_desc'] . '" size="20" /></div>';
        echo '<div class="cat-elem keywords"><input type="text" name="seo_keywords' . $c['pk_c_code'] . '" id="seo_keywords" disabled value="' . $detail['seo_keywords'] . '" size="20" /></div>';
        echo '<div class="cat-elem lock"><a id="' . $c['pk_c_code'] . '" class="unlock-link" href="#"><i class="fa fa-lock"></i>' . __('Unlock', 'all_in_one') . '</a></div>';
        echo '</div>';
        // REGION LIST OF PARTICULAR COUNTRY
        foreach ($regions as $r) {
            $level = 2;
            $detail = ModelSeoLocation::newInstance()->getAttrByRegionId($r['pk_i_id']);
            $regions = ModelSeoLocation::newInstance()->getRegionList($r['pk_i_id']);
            $elem = '<i class="fa fa-angle-right level"></i>';
            //Update if anything
            if (Params::getParam('plugin_action') == 'done' and (Params::getParam('seo_title' . $r['pk_i_id']) or Params::getParam('seo_desc' . $r['pk_i_id']) or Params::getParam('seo_keywords' . $r['pk_i_id']))) {
                if (Params::getParam('seo_title' . $r['pk_i_id']) != '' or Params::getParam('seo_desc' . $r['pk_i_id']) != '' or Params::getParam('seo_keywords' . $r['pk_i_id']) != '') {
                    if (isset($detail['seo_region_id'])) {
                        ModelSeoLocation::newInstance()->updateRegAttr($r['pk_i_id'], Params::getParam('seo_title' . $r['pk_i_id']), Params::getParam('seo_desc' . $r['pk_i_id']), Params::getParam('seo_keywords' . $r['pk_i_id']));
                    } else {
                        ModelSeoLocation::newInstance()->insertRegAttr($r['pk_i_id'], Params::getParam('seo_title' . $r['pk_i_id']), Params::getParam('seo_desc' . $r['pk_i_id']), Params::getParam('seo_keywords' . $r['pk_i_id']));
                    }
                }
            }
            if (Params::getParam('plugin_action') == 'done' and Params::existParam('seo_title' . $r['pk_i_id']) and Params::existParam('seo_desc' . $r['pk_i_id']) and Params::existParam('seo_keywords' . $r['pk_i_id']) and Params::getParam('seo_title' . $r['pk_i_id']) == '' and Params::getParam('seo_desc' . $r['pk_i_id']) == '' and Params::getParam('seo_keywords' . $r['pk_i_id']) == '') {
                if (isset($detail['seo_region_id'])) {
                    ModelSeoLocation::newInstance()->deleteRegion($detail['seo_region_id']);
                }
            }
            $detail = ModelSeoLocation::newInstance()->getAttrByRegionId($r['pk_i_id']);
            echo '<div class="cat-row level' . $level . '">';
            echo '<div class="cat-elem id">' . $r['pk_i_id'] . '</div>';
            echo '<div class="cat-elem name">' . $arrows . '&nbsp;' . $r['s_name'] . '</div>';
            echo '<div class="cat-elem titl"><input type="text" name="seo_title' . $r['pk_i_id'] . '" id="seo_title" disabled value="' . $detail['seo_title'] . '" size="20" /></div>';
            echo '<div class="cat-elem desc"><input type="text" name="seo_desc' . $r['pk_i_id'] . '" id="seo_desc" disabled value="' . $detail['seo_desc'] . '" size="20" /></div>';
            echo '<div class="cat-elem keywords"><input type="text" name="seo_keywords' . $r['pk_i_id'] . '" id="seo_keywords" disabled value="' . $detail['seo_keywords'] . '" size="20" /></div>';
            echo '<div class="cat-elem lock"><a id="' . $r['pk_i_id'] . '" class="unlock-link" href="#"><i class="fa fa-lock"></i>' . __('Unlock', 'all_in_one') . '</a></div>';
            echo '</div>';
        }
        // END REGION LIST
    }
}
Ejemplo n.º 20
0
 function doModel()
 {
     //calling the view...
     $locales = OSCLocale::newInstance()->listAllEnabled();
     $this->_exportVariableToView('locales', $locales);
     switch ($this->action) {
         case 'item_add':
             // post
             if (osc_reg_user_post() && $this->user == null) {
                 osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
                 $this->redirectTo(osc_user_login_url());
             }
             $countries = Country::newInstance()->listAll();
             $regions = array();
             if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
                 $regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']);
             } else {
                 if (count($countries) > 0) {
                     $regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
                 }
             }
             $cities = array();
             if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
                 $cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']);
             } else {
                 if (count($regions) > 0) {
                     $cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
                 }
             }
             $this->_exportVariableToView('countries', $countries);
             $this->_exportVariableToView('regions', $regions);
             $this->_exportVariableToView('cities', $cities);
             $form = count(Session::newInstance()->_getForm());
             $keepForm = count(Session::newInstance()->_getKeepForm());
             if ($form == 0 || $form == $keepForm) {
                 Session::newInstance()->_dropKeepForm();
             }
             if (Session::newInstance()->_getForm('countryId') != "") {
                 $countryId = Session::newInstance()->_getForm('countryId');
                 $regions = Region::newInstance()->findByCountry($countryId);
                 $this->_exportVariableToView('regions', $regions);
                 if (Session::newInstance()->_getForm('regionId') != "") {
                     $regionId = Session::newInstance()->_getForm('regionId');
                     $cities = City::newInstance()->findByRegion($regionId);
                     $this->_exportVariableToView('cities', $cities);
                 }
             }
             $this->_exportVariableToView('user', $this->user);
             osc_run_hook('post_item');
             $this->doView('item-post.php');
             break;
         case 'item_add_post':
             //post_item
             if (osc_reg_user_post() && $this->user == null) {
                 osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
                 $this->redirectTo(osc_base_url(true));
             }
             $mItems = new ItemActions(false);
             // prepare data for ADD ITEM
             $mItems->prepareData(true);
             // set all parameters into session
             foreach ($mItems->data as $key => $value) {
                 Session::newInstance()->_setForm($key, $value);
             }
             $meta = Params::getParam('meta');
             if (is_array($meta)) {
                 foreach ($meta as $key => $value) {
                     Session::newInstance()->_setForm('meta_' . $key, $value);
                     Session::newInstance()->_keepForm('meta_' . $key);
                 }
             }
             if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     $this->redirectTo(osc_item_post_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             if (!osc_is_web_user_logged_in()) {
                 $user = User::newInstance()->findByEmail($mItems->data['contactEmail']);
                 // The user exists but it's not logged
                 if (isset($user['pk_i_id'])) {
                     foreach ($mItems->data as $key => $value) {
                         Session::newInstance()->_keepForm($key);
                     }
                     osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in'));
                     $this->redirectTo(osc_user_login_url());
                 }
             }
             // POST ITEM ( ADD ITEM )
             $success = $mItems->add();
             if ($success != 1 && $success != 2) {
                 osc_add_flash_error_message($success);
                 $this->redirectTo(osc_item_post_url());
             } else {
                 Session::newInstance()->_dropkeepForm('meta_' . $key);
                 if ($success == 1) {
                     osc_add_flash_ok_message(_m('Check your inbox to validate your listing'));
                 } else {
                     osc_add_flash_ok_message(_m('Your listing has been published'));
                 }
                 $itemId = Params::getParam('itemId');
                 $item = $this->itemManager->findByPrimaryKey($itemId);
                 osc_run_hook('posted_item', $item);
                 $category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
                 View::newInstance()->_exportVariableToView('category', $category);
                 $this->redirectTo(osc_search_category_url());
             }
             break;
         case 'item_edit':
             // edit item
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
             if (count($item) == 1) {
                 $item = Item::newInstance()->findByPrimaryKey($id);
                 $form = count(Session::newInstance()->_getForm());
                 $keepForm = count(Session::newInstance()->_getKeepForm());
                 if ($form == 0 || $form == $keepForm) {
                     Session::newInstance()->_dropKeepForm();
                 }
                 $this->_exportVariableToView('item', $item);
                 osc_run_hook("before_item_edit", $item);
                 $this->doView('item-edit.php');
             } else {
                 // add a flash message [ITEM NO EXISTE]
                 osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID"));
                 if ($this->user != null) {
                     $this->redirectTo(osc_user_list_items_url());
                 } else {
                     $this->redirectTo(osc_base_url());
                 }
             }
             break;
         case 'item_edit_post':
             // recoger el secret y el
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
             if (count($item) == 1) {
                 $this->_exportVariableToView('item', $item[0]);
                 $mItems = new ItemActions(false);
                 // prepare data for ADD ITEM
                 $mItems->prepareData(false);
                 // set all parameters into session
                 foreach ($mItems->data as $key => $value) {
                     Session::newInstance()->_setForm($key, $value);
                 }
                 $meta = Params::getParam('meta');
                 if (is_array($meta)) {
                     foreach ($meta as $key => $value) {
                         Session::newInstance()->_setForm('meta_' . $key, $value);
                         Session::newInstance()->_keepForm('meta_' . $key);
                     }
                 }
                 if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                     if (!osc_check_recaptcha()) {
                         osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                         $this->redirectTo(osc_item_edit_url());
                         return false;
                         // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                     }
                 }
                 $success = $mItems->edit();
                 osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id));
                 if ($success == 1) {
                     osc_add_flash_ok_message(_m("Great! We've just updated your listing"));
                     View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id));
                     $this->redirectTo(osc_item_url());
                 } else {
                     osc_add_flash_error_message($success);
                     $this->redirectTo(osc_item_edit_url($secret));
                 }
             }
             break;
         case 'activate':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
             // item doesn't exist
             if (count($item) == 0) {
                 $this->do404();
                 return;
             }
             View::newInstance()->_exportVariableToView('item', $item[0]);
             if ($item[0]['b_active'] == 0) {
                 // ACTIVETE ITEM
                 $mItems = new ItemActions(false);
                 $success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
                 if ($success) {
                     osc_add_flash_ok_message(_m('The listing has been validated'));
                 } else {
                     osc_add_flash_error_message(_m("The listing can't be validated"));
                 }
             } else {
                 osc_add_flash_warning_message(_m('The listing has already been validated'));
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'item_delete':
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
             if (count($item) == 1) {
                 $mItems = new ItemActions(false);
                 $success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
                 if ($success) {
                     osc_add_flash_ok_message(_m('Your listing has been deleted'));
                 } else {
                     osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
                 }
                 if ($this->user != null) {
                     $this->redirectTo(osc_user_list_items_url());
                 } else {
                     $this->redirectTo(osc_base_url());
                 }
             } else {
                 osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'mark':
             $id = Params::getParam('id');
             $as = Params::getParam('as');
             $item = Item::newInstance()->findByPrimaryKey($id);
             View::newInstance()->_exportVariableToView('item', $item);
             require_once osc_lib_path() . 'osclass/user-agents.php';
             foreach ($user_agents as $ua) {
                 if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) {
                     // mark item if it's not a bot
                     $mItem = new ItemActions(false);
                     $mItem->mark($id, $as);
                     break;
                 }
             }
             osc_add_flash_ok_message(_m("Thanks! That's very helpful"));
             $this->redirectTo(osc_item_url());
             break;
         case 'send_friend':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             $this->doView('item-send-friend.php');
             break;
         case 'send_friend_post':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
             Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
             Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
             Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
             Session::newInstance()->_setForm("message_body", Params::getParam('message'));
             if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     $this->redirectTo(osc_item_send_friend_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             $mItem = new ItemActions(false);
             $success = $mItem->send_friend();
             if ($success) {
                 Session::newInstance()->_clearVariables();
                 $this->redirectTo(osc_item_url());
             } else {
                 $this->redirectTo(osc_item_send_friend_url());
             }
             break;
         case 'contact':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             if (empty($item)) {
                 osc_add_flash_error_message(_m("This listing doesn't exist"));
                 $this->redirectTo(osc_base_url(true));
             } else {
                 $this->_exportVariableToView('item', $item);
                 if (osc_item_is_expired()) {
                     osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
                     $this->redirectTo(osc_item_url());
                 }
                 if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
                     $this->doView('item-contact.php');
                 } else {
                     osc_add_flash_error_message(_m("You can't contact the seller, only registered users can"));
                     $this->redirectTo(osc_item_url());
                 }
             }
             break;
         case 'contact_post':
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             $this->_exportVariableToView('item', $item);
             if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
                 if (!osc_check_recaptcha()) {
                     osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
                     Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
                     Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
                     Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
                     Session::newInstance()->_setForm("message_body", Params::getParam('message'));
                     $this->redirectTo(osc_item_url());
                     return false;
                     // BREAK THE PROCESS, THE RECAPTCHA IS WRONG
                 }
             }
             if (osc_isExpired($item['dt_expiration'])) {
                 osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
                 $this->redirectTo(osc_item_url());
             }
             $mItem = new ItemActions(false);
             $result = $mItem->contact();
             if (is_string($result)) {
                 osc_add_flash_error_message($result);
             } else {
                 osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller"));
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'add_comment':
             $mItem = new ItemActions(false);
             $status = $mItem->add_comment();
             switch ($status) {
                 case -1:
                     $msg = _m('Sorry, we could not save your comment. Try again later');
                     osc_add_flash_error_message($msg);
                     break;
                 case 1:
                     $msg = _m('Your comment is awaiting moderation');
                     osc_add_flash_info_message($msg);
                     break;
                 case 2:
                     $msg = _m('Your comment has been approved');
                     osc_add_flash_ok_message($msg);
                     break;
                 case 3:
                     $msg = _m('Please fill the required field (email)');
                     osc_add_flash_warning_message($msg);
                     break;
                 case 4:
                     $msg = _m('Please type a comment');
                     osc_add_flash_warning_message($msg);
                     break;
                 case 5:
                     $msg = _m('Your comment has been marked as spam');
                     osc_add_flash_error_message($msg);
                     break;
             }
             $this->redirectTo(osc_item_url());
             break;
         case 'delete_comment':
             $mItem = new ItemActions(false);
             $status = $mItem->add_comment();
             $itemId = Params::getParam('id');
             $commentId = Params::getParam('comment');
             $item = Item::newInstance()->findByPrimaryKey($itemId);
             if (count($item) == 0) {
                 osc_add_flash_error_message(_m("This listing doesn't exist"));
                 $this->redirectTo(osc_base_url(true));
             }
             View::newInstance()->_exportVariableToView('item', $item);
             if ($this->userId == null) {
                 osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
                 $this->redirectTo(osc_item_url());
             }
             $commentManager = ItemComment::newInstance();
             $aComment = $commentManager->findByPrimaryKey($commentId);
             if (count($aComment) == 0) {
                 osc_add_flash_error_message(_m("The comment doesn't exist"));
                 $this->redirectTo(osc_item_url());
             }
             if ($aComment['b_active'] != 1) {
                 osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
                 $this->redirectTo(osc_item_url());
             }
             if ($aComment['fk_i_user_id'] != $this->userId) {
                 osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
                 $this->redirectTo(osc_item_url());
             }
             $commentManager->deleteByPrimaryKey($commentId);
             osc_add_flash_ok_message(_m('The comment has been deleted'));
             $this->redirectTo(osc_item_url());
             break;
         default:
             // if there isn't ID, show an error 404
             if (Params::getParam('id') == '') {
                 $this->do404();
                 return;
             }
             if (Params::getParam('lang') != '') {
                 Session::newInstance()->_set('userLocale', Params::getParam('lang'));
             }
             $item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
             // if item doesn't exist show an error 404
             if (count($item) == 0) {
                 $this->do404();
                 return;
             }
             if ($item['b_active'] != 1) {
                 if ($this->userId == $item['fk_i_user_id']) {
                     osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public"));
                 } else {
                     osc_add_flash_warning_message(_m("This listing hasn't been validated"));
                     $this->redirectTo(osc_base_url(true));
                 }
             } else {
                 if ($item['b_enabled'] == 0) {
                     osc_add_flash_warning_message(_m('The listing has been suspended'));
                     $this->redirectTo(osc_base_url(true));
                 }
             }
             if (!osc_is_admin_user_logged_in()) {
                 require_once osc_lib_path() . 'osclass/user-agents.php';
                 foreach ($user_agents as $ua) {
                     if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) {
                         $mStats = new ItemStats();
                         $mStats->increase('i_num_views', $item['pk_i_id']);
                         break;
                     }
                 }
             }
             foreach ($item['locale'] as $k => $v) {
                 $item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
                 $item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
             }
             if ($item['fk_i_user_id'] != '') {
                 $user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
                 $this->_exportVariableToView('user', $user);
             }
             $this->_exportVariableToView('item', $item);
             osc_run_hook('show_item', $item);
             // redirect to the correct url just in case it has changed
             $itemURI = str_replace(osc_base_url(), '', osc_item_url());
             $URI = preg_replace('|^' . REL_WEB_URL . '|', '', $_SERVER['REQUEST_URI']);
             // do not clean QUERY_STRING if permalink is not enabled
             if (osc_rewrite_enabled()) {
                 $URI = str_replace('?' . $_SERVER['QUERY_STRING'], '', $URI);
             } else {
                 $params_keep = array('page', 'id');
                 $params = array();
                 foreach (Params::getParamsAsArray('get') as $k => $v) {
                     if (in_array($k, $params_keep)) {
                         $params[] = "{$k}={$v}";
                     }
                 }
                 $URI = 'index.php?' . implode('&', $params);
             }
             // redirect to the correct url
             if ($itemURI != $URI) {
                 $this->redirectTo(osc_base_url() . $itemURI);
             }
             $this->doView('item.php');
             break;
     }
 }
Ejemplo n.º 21
0
 function doModel()
 {
     //specific things for this class
     switch ($this->action) {
         case 'bulk_actions':
             break;
         case 'regions':
             //Return regions given a countryId
             $regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
             echo json_encode($regions);
             break;
         case 'cities':
             //Returns cities given a regionId
             $cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
             echo json_encode($cities);
             break;
         case 'location':
             // This is the autocomplete AJAX
             $cities = City::newInstance()->ajax(Params::getParam("term"));
             foreach ($cities as $k => $city) {
                 $cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")";
             }
             echo json_encode($cities);
             break;
         case 'location_countries':
             // This is the autocomplete AJAX
             $countries = Country::newInstance()->ajax(Params::getParam("term"));
             echo json_encode($countries);
             break;
         case 'location_regions':
             // This is the autocomplete AJAX
             $regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country"));
             echo json_encode($regions);
             break;
         case 'location_cities':
             // This is the autocomplete AJAX
             $cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region"));
             echo json_encode($cities);
             break;
         case 'delete_image':
             // Delete images via AJAX
             $ajax_photo = Params::getParam('ajax_photo');
             $id = Params::getParam('id');
             $item = Params::getParam('item');
             $code = Params::getParam('code');
             $secret = Params::getParam('secret');
             $json = array();
             if ($ajax_photo != '') {
                 $files = Session::newInstance()->_get('ajax_files');
                 $success = false;
                 foreach ($files as $uuid => $file) {
                     if ($file == $ajax_photo) {
                         $filename = $files[$uuid];
                         unset($files[$uuid]);
                         Session::newInstance()->_set('ajax_files', $files);
                         $success = @unlink(osc_content_path() . 'uploads/temp/' . $filename);
                         break;
                     }
                 }
                 echo json_encode(array('success' => $success, 'msg' => $success ? _m('The selected photo has been successfully deleted') : _m("The selected photo couldn't be deleted")));
                 return false;
             }
             if (Session::newInstance()->_get('userId') != '') {
                 $userId = Session::newInstance()->_get('userId');
                 $user = User::newInstance()->findByPrimaryKey($userId);
             } else {
                 $userId = null;
                 $user = null;
             }
             // Check for required fields
             if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
                 $json['success'] = false;
                 $json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist");
                 echo json_encode($json);
                 return false;
             }
             $aItem = Item::newInstance()->findByPrimaryKey($item);
             // Check if the item exists
             if (count($aItem) == 0) {
                 $json['success'] = false;
                 $json['msg'] = _m("The listing doesn't exist");
                 echo json_encode($json);
                 return false;
             }
             if (!osc_is_admin_user_logged_in()) {
                 // Check if the item belong to the user
                 if ($userId != null && $userId != $aItem['fk_i_user_id']) {
                     $json['success'] = false;
                     $json['msg'] = _m("The listing doesn't belong to you");
                     echo json_encode($json);
                     return false;
                 }
                 // Check if the secret passphrase match with the item
                 if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
                     $json['success'] = false;
                     $json['msg'] = _m("The listing doesn't belong to you");
                     echo json_encode($json);
                     return false;
                 }
             }
             // Does id & code combination exist?
             $result = ItemResource::newInstance()->existResource($id, $code);
             if ($result > 0) {
                 $resource = ItemResource::newInstance()->findByPrimaryKey($id);
                 if ($resource['fk_i_item_id'] == $item) {
                     // Delete: file, db table entry
                     if (defined(OC_ADMIN)) {
                         osc_deleteResource($id, true);
                         Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id());
                     } else {
                         osc_deleteResource($id, false);
                         Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id());
                     }
                     ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
                     $json['msg'] = _m('The selected photo has been successfully deleted');
                     $json['success'] = 'true';
                 } else {
                     $json['msg'] = _m("The selected photo does not belong to you");
                     $json['success'] = 'false';
                 }
             } else {
                 $json['msg'] = _m("The selected photo couldn't be deleted");
                 $json['success'] = 'false';
             }
             echo json_encode($json);
             return true;
             break;
         case 'alerts':
             // Allow to register to an alert given (not sure it's used on admin)
             $encoded_alert = Params::getParam("alert");
             $alert = osc_decrypt_alert(base64_decode($encoded_alert));
             // check alert integrity / signature
             $stringToSign = osc_get_alert_public_key() . $encoded_alert;
             $signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign));
             $server_signature = Session::newInstance()->_get('alert_signature');
             if ($server_signature != $signature) {
                 echo '-2';
                 return false;
             }
             $email = Params::getParam("email");
             $userid = Params::getParam("userid");
             if (osc_is_web_user_logged_in()) {
                 $userid = osc_logged_user_id();
                 $user = User::newInstance()->findByPrimaryKey($userid);
                 $email = $user['s_email'];
             }
             if ($alert != '' && $email != '') {
                 if (osc_validate_email($email)) {
                     $secret = osc_genRandomPassword();
                     if ($alertID = Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) {
                         if ((int) $userid > 0) {
                             $user = User::newInstance()->findByPrimaryKey($userid);
                             if ($user['b_active'] == 1 && $user['b_enabled'] == 1) {
                                 Alerts::newInstance()->activate($alertID);
                                 echo '1';
                                 return true;
                             } else {
                                 echo '-1';
                                 return false;
                             }
                         } else {
                             $aAlert = Alerts::newInstance()->findByPrimaryKey($alertID);
                             osc_run_hook('hook_email_alert_validation', $aAlert, $email, $secret);
                         }
                         echo "1";
                     } else {
                         echo "0";
                     }
                     return true;
                 } else {
                     echo '-1';
                     return false;
                 }
             }
             echo '0';
             return false;
             break;
         case 'runhook':
             // run hooks
             $hook = Params::getParam('hook');
             if ($hook == '') {
                 echo json_encode(array('error' => 'hook parameter not defined'));
                 break;
             }
             switch ($hook) {
                 case 'item_form':
                     osc_run_hook('item_form', Params::getParam('catId'));
                     break;
                 case 'item_edit':
                     $catId = Params::getParam("catId");
                     $itemId = Params::getParam("itemId");
                     osc_run_hook("item_edit", $catId, $itemId);
                     break;
                 default:
                     osc_run_hook('ajax_' . $hook);
                     break;
             }
             break;
         case 'custom':
             // Execute via AJAX custom file
             if (Params::existParam('route')) {
                 $routes = Rewrite::newInstance()->getRoutes();
                 $rid = Params::getParam('route');
                 $file = '../';
                 if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
                     $file = $routes[$rid]['file'];
                 }
             } else {
                 // DEPRECATED: Disclosed path in URL is deprecated, use routes instead
                 // This will be REMOVED in 3.4
                 $file = Params::getParam('ajaxfile');
             }
             if ($file == '') {
                 echo json_encode(array('error' => 'no action defined'));
                 break;
             }
             // valid file?
             if (strpos($file, '../') !== false || strpos($file, '..\\') !== false || stripos($file, '/admin/') !== false) {
                 //If the file is inside an "admin" folder, it should NOT be opened in frontend
                 echo json_encode(array('error' => 'no valid ajaxFile'));
                 break;
             }
             if (!file_exists(osc_plugins_path() . $file)) {
                 echo json_encode(array('error' => "ajaxFile doesn't exist"));
                 break;
             }
             require_once osc_plugins_path() . $file;
             break;
         case 'check_username_availability':
             $username = osc_sanitize_username(Params::getParam('s_username'));
             if (!osc_is_username_blacklisted($username)) {
                 $user = User::newInstance()->findByUsername($username);
                 if (isset($user['s_username'])) {
                     echo json_encode(array('exists' => 1, 's_username' => $username));
                 } else {
                     echo json_encode(array('exists' => 0, 's_username' => $username));
                 }
             } else {
                 echo json_encode(array('exists' => 1, 's_username' => $username));
             }
             break;
         case 'ajax_upload':
             // Include the uploader class
             require_once LIB_PATH . "AjaxUploader.php";
             $uploader = new AjaxUploader();
             $original = pathinfo($uploader->getOriginalName());
             $filename = uniqid("qqfile_") . "." . $original['extension'];
             $result = $uploader->handleUpload(osc_content_path() . 'uploads/temp/' . $filename);
             $result['uploadName'] = $filename;
             echo htmlspecialchars(json_encode($result), ENT_NOQUOTES);
             break;
         case 'ajax_validate':
             $id = Params::getParam('id');
             if (!is_numeric($id)) {
                 echo json_encode(array('success' => false));
                 die;
             }
             $secret = Params::getParam('secret');
             $item = Item::newInstance()->findByPrimaryKey($id);
             if ($item['s_secret'] != $secret) {
                 echo json_encode(array('success' => false));
                 die;
             }
             $nResources = ItemResource::newInstance()->countResources($id);
             $result = array('success' => $nResources < osc_max_images_per_item(), 'count' => $nResources);
             echo json_encode($result);
             break;
         case 'delete_ajax_upload':
             $files = Session::newInstance()->_get('ajax_files');
             $success = false;
             $filename = '';
             if (isset($files[Params::getParam('qquuid')]) && $files[Params::getParam('qquuid')] != '') {
                 $filename = $files[Params::getParam('qquuid')];
                 unset($files[Params::getParam('qquuid')]);
                 Session::newInstance()->_set('ajax_files', $files);
                 $success = @unlink(osc_content_path() . 'uploads/temp/' . $filename);
             }
             echo json_encode(array('success' => $success, 'uploadName' => $filename));
             break;
         default:
             echo json_encode(array('error' => __('no action defined')));
             break;
     }
     // clear all keep variables into session
     Session::newInstance()->_dropKeepForm();
     Session::newInstance()->_clearVariables();
 }
Ejemplo n.º 22
0
 function doModel()
 {
     osc_run_hook('before_search');
     $mCategories = Category::newInstance();
     if (osc_rewrite_enabled()) {
         // IF rewrite is not enabled, skip this part, preg_match is always time&resources consuming task
         $p_sParams = "/" . Params::getParam('sParams', false, false);
         if (preg_match_all('|\\/([^,]+),([^\\/]*)|', $p_sParams, $m)) {
             $l = count($m[0]);
             for ($k = 0; $k < $l; $k++) {
                 switch ($m[1][$k]) {
                     case osc_get_preference('rewrite_search_country'):
                         $m[1][$k] = 'sCountry';
                         break;
                     case osc_get_preference('rewrite_search_region'):
                         $m[1][$k] = 'sRegion';
                         break;
                     case osc_get_preference('rewrite_search_city'):
                         $m[1][$k] = 'sCity';
                         break;
                     case osc_get_preference('rewrite_search_city_area'):
                         $m[1][$k] = 'sCityArea';
                         break;
                     case osc_get_preference('rewrite_search_category'):
                         $m[1][$k] = 'sCategory';
                         break;
                     case osc_get_preference('rewrite_search_user'):
                         $m[1][$k] = 'sUser';
                         break;
                     case osc_get_preference('rewrite_search_pattern'):
                         $m[1][$k] = 'sPattern';
                         break;
                     default:
                         break;
                 }
                 $_REQUEST[$m[1][$k]] = $m[2][$k];
                 $_GET[$m[1][$k]] = $m[2][$k];
                 unset($_REQUEST['sParams']);
                 unset($_GET['sParams']);
                 unset($_POST['sParams']);
             }
         }
     }
     ////////////////////////////////
     //GETTING AND FIXING SENT DATA//
     ////////////////////////////////
     $p_sCategory = Params::getParam('sCategory');
     if (!is_array($p_sCategory)) {
         if ($p_sCategory == '') {
             $p_sCategory = array();
         } else {
             $p_sCategory = explode(",", $p_sCategory);
         }
     }
     $p_sCityArea = Params::getParam('sCityArea');
     if (!is_array($p_sCityArea)) {
         if ($p_sCityArea == '') {
             $p_sCityArea = array();
         } else {
             $p_sCityArea = explode(",", $p_sCityArea);
         }
     }
     $p_sCity = Params::getParam('sCity');
     if (!is_array($p_sCity)) {
         if ($p_sCity == '') {
             $p_sCity = array();
         } else {
             $p_sCity = explode(",", $p_sCity);
         }
     }
     $p_sRegion = Params::getParam('sRegion');
     if (!is_array($p_sRegion)) {
         if ($p_sRegion == '') {
             $p_sRegion = array();
         } else {
             $p_sRegion = explode(",", $p_sRegion);
         }
     }
     $p_sCountry = Params::getParam('sCountry');
     if (!is_array($p_sCountry)) {
         if ($p_sCountry == '') {
             $p_sCountry = array();
         } else {
             $p_sCountry = explode(",", $p_sCountry);
         }
     }
     $p_sUser = Params::getParam('sUser');
     if (!is_array($p_sUser)) {
         if ($p_sUser == '') {
             $p_sUser = '';
         } else {
             $p_sUser = explode(",", $p_sUser);
         }
     }
     $p_sPattern = strip_tags(Params::getParam('sPattern'));
     // ADD TO THE LIST OF LAST SEARCHES
     if (osc_save_latest_searches()) {
         if (trim($p_sPattern) != '') {
             LatestSearches::newInstance()->insert(array('s_search' => trim($p_sPattern), 'd_date' => date('Y-m-d H:i:s')));
         }
     }
     $p_bPic = Params::getParam('bPic');
     $p_bPic == 1 ? $p_bPic = 1 : ($p_bPic = 0);
     $p_sPriceMin = Params::getParam('sPriceMin');
     $p_sPriceMax = Params::getParam('sPriceMax');
     //WE CAN ONLY USE THE FIELDS RETURNED BY Search::getAllowedColumnsForSorting()
     $p_sOrder = Params::getParam('sOrder');
     if (!in_array($p_sOrder, Search::getAllowedColumnsForSorting())) {
         $p_sOrder = osc_default_order_field_at_search();
     }
     $old_order = $p_sOrder;
     //ONLY 0 ( => 'asc' ), 1 ( => 'desc' ) AS ALLOWED VALUES
     $p_iOrderType = Params::getParam('iOrderType');
     $allowedTypesForSorting = Search::getAllowedTypesForSorting();
     $orderType = osc_default_order_type_at_search();
     foreach ($allowedTypesForSorting as $k => $v) {
         if ($p_iOrderType == $v) {
             $orderType = $k;
             break;
         }
     }
     $p_iOrderType = $orderType;
     $p_sFeed = Params::getParam('sFeed');
     $p_iPage = 0;
     if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') > 0) {
         $p_iPage = intval(Params::getParam('iPage')) - 1;
     }
     if ($p_sFeed != '') {
         $p_sPageSize = 1000;
     }
     $p_sShowAs = Params::getParam('sShowAs');
     $aValidShowAsValues = array('list', 'gallery');
     if (!in_array($p_sShowAs, $aValidShowAsValues)) {
         $p_sShowAs = osc_default_show_as_at_search();
     }
     // search results: it's blocked with the maxResultsPerPage@search defined in t_preferences
     $p_iPageSize = intval(Params::getParam('iPagesize'));
     if ($p_iPageSize > 0) {
         if ($p_iPageSize > osc_max_results_per_page_at_search()) {
             $p_iPageSize = osc_max_results_per_page_at_search();
         }
     } else {
         $p_iPageSize = osc_default_results_per_page_at_search();
     }
     //FILTERING CATEGORY
     $bAllCategoriesChecked = false;
     if (count($p_sCategory) > 0) {
         foreach ($p_sCategory as $category) {
             $this->mSearch->addCategory($category);
         }
     } else {
         $bAllCategoriesChecked = true;
     }
     //FILTERING CITY_AREA
     foreach ($p_sCityArea as $city_area) {
         $this->mSearch->addCityArea($city_area);
     }
     $p_sCityArea = implode(", ", $p_sCityArea);
     //FILTERING CITY
     foreach ($p_sCity as $city) {
         $this->mSearch->addCity($city);
     }
     $p_sCity = implode(", ", $p_sCity);
     //FILTERING REGION
     foreach ($p_sRegion as $region) {
         $this->mSearch->addRegion($region);
     }
     $p_sRegion = implode(", ", $p_sRegion);
     //FILTERING COUNTRY
     foreach ($p_sCountry as $country) {
         $this->mSearch->addCountry($country);
     }
     $p_sCountry = implode(", ", $p_sCountry);
     // FILTERING PATTERN
     if ($p_sPattern != '') {
         $this->mSearch->addPattern($p_sPattern);
         $osc_request['sPattern'] = $p_sPattern;
     } else {
         // hardcoded - if there isn't a search pattern, order by dt_pub_date desc
         if ($p_sOrder == 'relevance') {
             $p_sOrder = 'dt_pub_date';
             foreach ($allowedTypesForSorting as $k => $v) {
                 if ($p_iOrderType == 'desc') {
                     $orderType = $k;
                     break;
                 }
             }
             $p_iOrderType = $orderType;
         }
     }
     // FILTERING USER
     if ($p_sUser != '') {
         $this->mSearch->fromUser($p_sUser);
     }
     // FILTERING IF WE ONLY WANT ITEMS WITH PICS
     if ($p_bPic) {
         $this->mSearch->withPicture(true);
     }
     //FILTERING BY RANGE PRICE
     $this->mSearch->priceRange($p_sPriceMin, $p_sPriceMax);
     //ORDERING THE SEARCH RESULTS
     $this->mSearch->order($p_sOrder, $allowedTypesForSorting[$p_iOrderType]);
     //SET PAGE
     $this->mSearch->page($p_iPage, $p_iPageSize);
     osc_run_hook('search_conditions', Params::getParamsAsArray());
     if (!Params::existParam('sFeed')) {
         // RETRIEVE ITEMS AND TOTAL
         $aItems = $this->mSearch->doSearch();
         $iTotalItems = $this->mSearch->count();
         $iStart = $p_iPage * $p_iPageSize;
         $iEnd = min(($p_iPage + 1) * $p_iPageSize, $iTotalItems);
         $iNumPages = ceil($iTotalItems / $p_iPageSize);
         osc_run_hook('search', $this->mSearch);
         //preparing variables...
         $regionName = $p_sRegion;
         if (is_numeric($p_sRegion)) {
             $r = Region::newInstance()->findByPrimaryKey($p_sRegion);
             if ($r) {
                 $regionName = $r['s_name'];
             }
         }
         $cityName = $p_sCity;
         if (is_numeric($p_sCity)) {
             $c = City::newInstance()->findByPrimaryKey($p_sCity);
             if ($c) {
                 $cityName = $c['s_name'];
             }
         }
         //$this->_exportVariableToView('non_empty_categories', $aCategories) ;
         $this->_exportVariableToView('search_start', $iStart);
         $this->_exportVariableToView('search_end', $iEnd);
         $this->_exportVariableToView('search_category', $p_sCategory);
         // hardcoded - non pattern and order by relevance
         $p_sOrder = $old_order;
         $this->_exportVariableToView('search_order_type', $p_iOrderType);
         $this->_exportVariableToView('search_order', $p_sOrder);
         $this->_exportVariableToView('search_pattern', $p_sPattern);
         $this->_exportVariableToView('search_from_user', $p_sUser);
         $this->_exportVariableToView('search_total_pages', $iNumPages);
         $this->_exportVariableToView('search_page', $p_iPage);
         $this->_exportVariableToView('search_has_pic', $p_bPic);
         $this->_exportVariableToView('search_region', $regionName);
         $this->_exportVariableToView('search_city', $cityName);
         $this->_exportVariableToView('search_price_min', $p_sPriceMin);
         $this->_exportVariableToView('search_price_max', $p_sPriceMax);
         $this->_exportVariableToView('search_total_items', $iTotalItems);
         $this->_exportVariableToView('items', $aItems);
         $this->_exportVariableToView('search_show_as', $p_sShowAs);
         $this->_exportVariableToView('search', $this->mSearch);
         // json
         $json = $this->mSearch->toJson();
         $this->_exportVariableToView('search_alert', base64_encode($json));
         //calling the view...
         $this->doView('search.php');
     } else {
         $this->mSearch->page(0, osc_num_rss_items());
         // RETRIEVE ITEMS AND TOTAL
         $iTotalItems = $this->mSearch->count();
         $aItems = $this->mSearch->doSearch();
         $this->_exportVariableToView('items', $aItems);
         if ($p_sFeed == '' || $p_sFeed == 'rss') {
             // FEED REQUESTED!
             header('Content-type: text/xml; charset=utf-8');
             $feed = new RSSFeed();
             $feed->setTitle(__('Latest listings added') . ' - ' . osc_page_title());
             $feed->setLink(osc_base_url());
             $feed->setDescription(__('Latest listings added in') . ' ' . osc_page_title());
             if (osc_count_items() > 0) {
                 while (osc_has_items()) {
                     if (osc_count_item_resources() > 0) {
                         osc_has_item_resources();
                         $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'dt_pub_date' => osc_item_pub_date(), 'image' => array('url' => htmlentities(osc_resource_thumbnail_url(), ENT_COMPAT, "UTF-8"), 'title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"))));
                     } else {
                         $feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'dt_pub_date' => osc_item_pub_date()));
                     }
                 }
             }
             osc_run_hook('feed', $feed);
             $feed->dumpXML();
         } else {
             osc_run_hook('feed_' . $p_sFeed, $aItems);
         }
     }
 }
Ejemplo n.º 23
0
<?php

if (Params::existParam('minify_enabled')) {
    $enabled = (int) Params::getParam('minify_enabled');
    if (osc_set_preference('minify_enabled', $enabled, 'minify', 'BOOLEAN')) {
        die(json_encode(array('status' => true)));
    }
    die(json_encode(array('status' => false, 'message' => 'a error ocurred during update!')));
}
die(json_encode(array('status' => false)));