/**
* Order step
*/
function _order_step_delivery($FORCE_DISPLAY_FORM = false)
{
// Validate previous form
if (main()->is_post() && !$FORCE_DISPLAY_FORM) {
module('shop')->_order_validate_delivery();
// Display next form if we have no errors
if (!common()->_error_exists()) {
return module('shop')->_order_step_select_payment(true);
}
}
if (main()->USER_ID) {
$order_info = module('shop')->_user_info;
}
// Fill fields
foreach ((array) module('shop')->_b_fields as $_field) {
$replace[$_field] = _prepare_html(isset($_POST[$_field]) ? $_POST[$_field] : module('shop')->_user_info[substr($_field, 2)]);
}
// Fill shipping from billing
foreach ((array) module('shop')->_s_fields as $_field) {
if (module('shop')->_user_info["shipping_same"] && !isset($_POST[$_field])) {
$s_field = "b_" . substr($_field, 2);
$replace[$_field] = _prepare_html(isset($_POST[$s_field]) ? $_POST[$s_field] : module('shop')->_user_info[$s_field]);
} else {
$replace[$_field] = _prepare_html(isset($_POST[$_field]) ? $_POST[$_field] : module('shop')->_user_info[$_field]);
}
}
$force_ship_type = module('shop')->FORCE_GROUP_SHIP[module('shop')->USER_GROUP];
$SELF_METHOD_ID = substr(__FUNCTION__, strlen("_order_step_"));
$replace = my_array_merge((array) $replace, ["form_action" => "./?object=shop&action=" . $_GET["action"] . "&id=" . $SELF_METHOD_ID, "error_message" => _e(), "ship_type_box" => module('shop')->_box("ship_type", $force_ship_type ? $force_ship_type : $_POST["ship_type"]), "back_link" => "./?object=shop&action=order", "cats_block" => module('shop')->_categories_show()]);
return tpl()->parse("shop/order_delivery", $replace);
}
function show()
{
header('Content-Type: text/xml', $replace = true);
$host = DEBUG_MODE ? $_GET['host'] : '' ?: $_SERVER['HTTP_HOST'];
// $_GET['host'] just for debug purposes
$prod_hosts = main()->PRODUCTION_DOMAIN ?: parse_url(WEB_PATH, PHP_URL_HOST);
if (is_string($prod_hosts)) {
$prod_hosts = [$prod_hosts];
}
// Based on example from twitter https://twitter.com/crossdomain.xml
if (!main()->is_dev() && in_array($host, $prod_hosts)) {
$out = '<?xml version="1.0" ?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="' . $host . '"/>
<allow-access-from domain="api.' . $host . '"/>
<allow-access-from domain="search.' . $host . '"/>
<allow-access-from domain="static.' . $host . '"/>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-http-request-headers-from domain="*.' . $host . '" headers="*" secure="false"/>
</cross-domain-policy>
';
} else {
// !!! DO NOT USE THIS FOR PRODUCTON:
// http://stackoverflow.com/questions/213251/can-someone-post-a-well-formed-crossdomain-xml-sample
// http://www.hardened-php.net/library/poking_new_holes_with_flash_crossdomain_policy_files.html#badly_configured_crossdomain.xml
$out = '<?xml version="1.0" ?><cross-domain-policy><allow-access-from domain="*" /></cross-domain-policy>';
}
header('Content-Type: text/xml', $replace = true);
exit;
}
protected function _operation_form()
{
// import options
is_array($_GET) && extract($_GET, EXTR_PREFIX_ALL | EXTR_REFS, '');
is_array($_POST) && extract($_POST, EXTR_PREFIX_ALL | EXTR_REFS, '_');
// var
$api = _class('api');
$payment_api = _class('payment_api');
$result = [];
// check input data
list($account_id, $account) = $payment_api->get_account();
if (empty($account_id)) {
js_redirect('/login_form', false, 'User id empty');
}
// operation
$operation = $payment_api->operation(['operation_id' => $_operation_id]);
if (!$operation) {
$result = ['status' => false, 'status_message' => t('Операция отсутствует (id: %operation_id)', ['%operation_id' => $_operation_id])];
return $this->_operation_tpl($result);
}
// user
$user_id = main()->USER_ID;
if ($user_id != $account['user_id']) {
return $api->_reject();
}
// import operation
is_array($operation) && extract($operation, EXTR_PREFIX_ALL | EXTR_REFS, 'o');
// prepare data
$data = ['title' => $o_title, 'amount' => $payment_api->money_html($o_amount)];
$form = ['code' => @$__code ?: @$_code, 'action' => url_user($_SERVER['REQUEST_URI'])];
$result = ['data' => $data, 'form' => $form];
return $result;
}
function pics_browser()
{
if (isset($_GET['active']) && $_GET['active'] == 1) {
$active = ' AND p.active = \'1\' ';
} elseif (isset($_GET['active']) && $_GET['active'] == 0) {
$active = ' AND p.active = \'\' ';
} else {
$active = '';
}
if (main()->is_post()) {
foreach ($_POST['delete'] as $k => $v) {
list($id, $product_id) = explode("_", $k);
module('manage_shop')->_product_image_delete($id, $product_id);
}
}
$cats_list = _class('_shop_categories', 'modules/shop/')->recursive_get_child_ids(62521);
$sql = "SELECT `i`.`product_id`,`i`.`id` FROM `" . db('shop_products') . "` AS `p`, `" . db('shop_product_images') . "` AS `i` WHERE `p`.`id`=`i`.`product_id` AND `p`.`cat_id` IN ('" . implode("','", $cats_list) . "')" . $active;
list($add_sql, $pages, $total_records, $page_current, $pages_total, $pages_limited) = common()->divide_pages($sql);
$R = db()->query($sql . $add_sql);
$items = [];
while ($A = db()->fetch_assoc($R)) {
$_cls_products = _class('_shop_products', 'modules/shop/');
$image = $_cls_products->_product_image($A['product_id'], true);
$items[] = ['id' => $A['product_id'], 'image_id' => $A['id'], 'image' => $image['big']];
}
$replace = ['items' => $items, 'total' => $total_records, 'pages' => $pages];
$tpl_name = 'manage_shop/pics_browser';
return tpl()->parse($tpl_name, $replace);
}
public function test_basic()
{
$model_base = _class('model');
$this->assertTrue(is_object($model_base));
$this->assertTrue(is_a($model_base, 'yf_model'));
$this->assertSame($model_base, _class('yf_model'));
$model_exists = main()->_class_exists('film_model');
if (!$model_exists) {
$this->assertTrue(main()->_class_exists('film_model'));
}
$film_model = _class('film_model');
$this->assertTrue(is_object($film_model));
$this->assertTrue(is_a($film_model, 'film_model'));
$this->assertTrue(is_a($film_model, 'yf_model'));
$film_model2 = model('film');
$this->assertNotSame($film_model2, $film_model);
$this->assertTrue(is_object($film_model2));
$this->assertTrue(is_a($film_model2, 'film_model'));
$this->assertTrue(is_a($film_model2, 'yf_model'));
$film_model3 = model('film');
$this->assertNotSame($film_model2, $film_model3);
$this->assertTrue(is_object($film_model2));
$this->assertTrue(is_a($film_model2, 'film_model'));
$this->assertTrue(is_a($film_model2, 'yf_model'));
}
protected function execute(InputInterface $input, OutputInterface $output)
{
init_yf();
if (!defined('PROJECT_PATH') || !strlen(constant('PROJECT_PATH'))) {
$output->writeln('Error: not inside a project');
return false;
}
foreach ((array) main()->get_data('locale_langs') as $lang => $linfo) {
echo '== ' . $lang . ' ==' . PHP_EOL;
list($tr_vars) = module('locale_editor')->_get_vars_from_files($lang);
if (!$tr_vars) {
continue;
}
$fname = './langs_exported_' . $lang . '.csv';
$data = [];
$data['__'] = '"key";"val"';
foreach ((array) $tr_vars as $k => $v) {
$k = trim($k);
$v = trim($v);
if (!strlen($k)) {
continue;
}
$data[$k] = '"' . str_replace('"', '\\\\"', str_replace('_', ' ', $k)) . '";"' . str_replace('"', '\\\\"', str_replace('_', ' ', $v)) . '"';
}
ksort($data);
file_put_contents($fname, implode(PHP_EOL, $data));
passthru('ls -l ' . escapeshellarg($fname));
}
}
/**
* Order step
*/
function _order_step_do_payment($FORCE_DISPLAY_FORM = false)
{
$basket_contents = module('shop')->_basket_api()->get_all();
if (module('shop')->FORCE_PAY_METHOD) {
$_POST["pay_type"] = module('shop')->FORCE_PAY_METHOD;
}
// Show previous form if needed
if (common()->_error_exists() || empty($_POST)) {
return module('shop')->_order_step_select_payment();
}
$ORDER_ID = intval($_POST["order_id"] ? $_POST["order_id"] : module('shop')->_CUR_ORDER_ID);
if (empty($ORDER_ID)) {
_re("Missing order ID");
}
// Get order info
$order_info = db()->query_fetch("SELECT * FROM " . db('shop_orders') . " WHERE id=" . intval($ORDER_ID) . " AND user_id=" . intval(main()->USER_ID) . " AND status='pending'");
if (empty($order_info["id"])) {
_re("Missing order record");
}
// Payment by courier, skip next step
if (!common()->_error_exists() && $_POST["pay_type"] == 1 or $_POST["pay_type"] == 3 or $_POST["pay_type"] == 4) {
module('shop')->_basket_api()->clean();
return js_redirect("./?object=shop&action=" . $_GET["action"] . "&id=finish&page=" . intval($ORDER_ID));
}
// Authorize.net payment type
if ($_POST["pay_type"] == 2) {
module('shop')->_basket_api()->clean();
return module('shop')->_order_pay_authorize_net($order_info);
}
}
public function _init()
{
if (!$this->ENABLE) {
return null;
}
// load api
require_once __DIR__ . '/payment_provider/ecommpay/EcommPay.php';
$this->api = new EcommPay($this->KEY_PUBLIC, $this->KEY_PRIVATE);
$this->url_result = url_user('/api/payment/provider?name=ecommpay&operation=response');
$this->url_server = url_user('/api/payment/provider?name=ecommpay&operation=response&server=true');
// translation
$strs =& $this->method_allow['payout']['pay_card']['option'];
foreach ($strs as $key => &$str) {
$str = t($str);
}
// payout default option
$user_id = main()->USER_ID;
if ($user_id) {
$user = user($user_id);
$option_default =& $this->method_allow['payout']['pay_card']['option_default'];
$option_default = ['card' => $user['card'], 'sender_first_name' => $user['first_name'], 'sender_last_name' => $user['last_name'], 'sender_middle_name' => $user['middle_name'] ?: $user['patronymic'], 'sender_passport_number' => $user['passport_num'], 'sender_passport_issue_date' => $user['passport_issue_date'], 'sender_passport_issued_by' => $user['passport_issued_by'] ?: $user['passport_released'], 'sender_phone' => @str_replace([' ', '-', '+'], '', $user['phone']), 'sender_birthdate' => $user['birthdate'] ?: $user['birth_date'], 'sender_address' => $user['address'] ?: $user['address2'], 'sender_city' => $user['city'] ?: $user['city2'], 'sender_postindex' => $user['zip_code'] ?: $user['zip_code2']];
$option_default =& $this->method_allow['payout']['qiwi']['option_default'];
$option_default = ['account_number' => @str_replace([' ', '-', '+'], '', $user['phone'])];
}
// parent
parent::_init();
}
function _get_group_prices($product_ids = [])
{
if (is_numeric($product_ids)) {
$return_single = $product_ids;
$product_ids = [$product_ids];
}
// Get user groups (id > 2 - skip guest and member)
$user_groups = main()->get_data("user_groups");
if (isset($user_groups[1])) {
unset($user_groups[1]);
}
if (isset($user_groups[2])) {
unset($user_groups[2]);
}
if (empty($user_groups) || empty($product_ids)) {
return false;
}
$group_prices = [];
// Get prices per group
$Q = db()->query("SELECT * FROM " . db('shop_group_options') . " \n\t\t\tWHERE product_id IN (" . implode(",", $product_ids) . ") \n\t\t\t\tAND group_id IN (" . implode(",", array_keys($user_groups)) . ")");
while ($A = db()->fetch_assoc($Q)) {
if (!isset($user_groups[$A["group_id"]])) {
continue;
}
$group_prices[$A["product_id"]][$A["group_id"]] = floatval($A["price"]);
}
if ($return_single) {
return $group_prices[$return_single];
}
return $group_prices;
}
/**
* Constructor
*/
function yf_email_page()
{
$this->_user_info =& main()->USER_INFO;
if (!$this->_user_info) {
$this->_user_info = user(main()->USER_ID);
}
}
/**
* Catch missing method call
*/
public function __call($name, $args)
{
$where_prefix = 'where_';
$scope_prefix = 'scope_';
$get_prefix = 'get_attr_';
$set_prefix = 'set_attr_';
if (strpos($name, $where_prefix) !== false) {
$name = substr($name, strlen($where_prefix));
array_unshift($args, 't0.' . $name);
return call_user_func_array([$this, 'where'], $args);
} elseif (strpos($name, $scope_prefix) !== false) {
if (method_exists($this, $name)) {
return call_user_func_array([$this, $name], $args);
}
} elseif (strpos($name, $get_prefix) !== false) {
$accessor = $get_prefix . $name;
if (method_exists($this, $accessor)) {
return $this->{$accessor}($args);
}
} elseif (strpos($name, $set_prefix) !== false) {
$mutator = $set_prefix . $name;
if (method_exists($this, $mutator)) {
return $this->{$mutator}($args);
}
}
return main()->extend_call($this, $name, $args);
}
/**
* Track user error message
*
* @param string
* @return void
*/
function _track_error($error_message = "")
{
if (empty($error_message)) {
return false;
}
// Try to get user error message source
$backtrace = debug_backtrace();
$cur_trace = $backtrace[1];
$next_trace = $backtrace[2];
// Prepare log text
$text = "## LOG STARTS AT " . date("Y-m-d H:i:s") . "; QUERY_STRING: " . $_SERVER["QUERY_STRING"] . "; REFERER: " . $_SERVER["HTTP_REFERER"] . "; USER_ID: " . main()->USER_ID . "; USER_GROUP: " . main()->USER_GROUP . "; SITE_ID: " . SITE_ID . "; USER_AGENT: " . $_SERVER["HTTP_USER_AGENT"] . " ##\r\n";
$text .= "URL: http://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"] . "\r\n";
$text .= "SOURCE FILE: \"" . $cur_trace["file"] . "\" at LINE " . $cur_trace["line"] . "; " . (!empty($next_trace["class"]) ? "METHOD: " . $next_trace["class"] . "->" . $next_trace["function"] : "FUNCTION: " . $next_trace["function"]) . ";\r\n";
$text .= "MESSAGE: " . $error_message . "\r\n";
$text .= "## LOG ENDS ##\r\n";
// Do add current error info to the log file
$h = fopen(INCLUDE_PATH . $this->LOG_USER_ERRORS_FILE_NAME, "a");
fwrite($h, $text);
fclose($h);
// Do store message into database (also check if that possible)
if ($this->LOG_INTO_DB && is_object(db())) {
$error_type = 0;
db()->insert_safe('log_user_errors', ['error_level' => intval($error_type), 'error_text' => $error_message, 'source_file' => $cur_trace['file'], 'source_line' => intval($cur_trace['line']), 'date' => time(), 'site_id' => (int) conf('SITE_ID'), 'user_id' => intval($_SESSION[MAIN_TYPE_ADMIN ? 'admin_id' : 'user_id']), 'user_group' => intval($_SESSION[MAIN_TYPE_ADMIN ? 'admin_group' : 'user_group']), 'is_admin' => MAIN_TYPE_ADMIN ? 1 : 0, 'ip' => common()->get_ip(), 'query_string' => WEB_PATH . '?' . $_SERVER['QUERY_STRING'], 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'referer' => $_SERVER['HTTP_REFERER'], 'request_uri' => $_SERVER['REQUEST_URI'], 'env_data' => $this->DB_LOG_ENV ? $this->_prepare_env() : '', 'object' => $_GET['object'], 'action' => $_GET['action']]);
}
}
/**
* Get first sites info from db
*/
function _get_info_from_db()
{
if (!empty($this->info)) {
return false;
}
// Get sites infos from db
$sites_info_from_db = main()->get_data("sites");
// Get users sites paths
foreach ((array) $sites_info_from_db as $A) {
$tmp = $A;
foreach ((array) $tmp as $k => $v) {
$tmp[$k] = stripslashes($v);
}
$A = $tmp;
// Skip sites with empty paths
if (empty($A["real_path"]) || empty($A["web_path"])) {
continue;
}
$web_path = eval("return '" . $A["web_path"] . "';") . "/";
$web_path = str_replace("\\", "/", str_replace("//", "/", $web_path));
$real_path = eval("return " . $A["real_path"] . ";") . "/";
$real_path = str_replace("\\", "/", str_replace("//", "/", $real_path));
// Skip wrong sites paths
if ($real_path == "/" || !file_exists($real_path)) {
continue;
}
// Store info
$this->info[$A["id"]]["name"] = $A["name"];
$this->info[$A["id"]]["WEB_PATH"] = $web_path;
$this->info[$A["id"]]["REAL_PATH"] = $real_path;
}
}
function test()
{
$time_start = microtime(true);
require_once YF_PATH . 'libs/phpmailer/PHPMailerAutoload.php';
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->Host = module('test')->SMTP_OPTIONS['smtp_host'];
$mail->SMTPAuth = true;
$mail->Username = module('test')->SMTP_OPTIONS['smtp_user_name'];
$mail->Password = module('test')->SMTP_OPTIONS['smtp_password'];
if (module('test')->SMTP_OPTIONS['smtp_secure']) {
$mail->SMTPSecure = module('test')->SMTP_OPTIONS['smtp_secure'];
}
$mail->From = module('test')->TEST_MAIL['email_from'];
if (module('test')->TEST_MAIL['name_from']) {
$mail->FromName = module('test')->TEST_MAIL['name_from'];
}
$mail->AddAddress(module('test')->TEST_MAIL['email_to'], module('test')->TEST_MAIL['name_to']);
$mail->IsHTML(true);
$mail->Subject = module('test')->TEST_MAIL['subject'];
$mail->Body = module('test')->TEST_MAIL['html'];
$mail->AltBody = module('test')->TEST_MAIL['text'];
$result = $mail->Send();
$error_message .= $mail->ErrorInfo;
$body .= $result ? '<b style="color:green;">Send successful</b>' : '<b style="color:red;">Send failed</b>';
$body .= !$result ? '<br /><b>Reason:</b><br /> ' . $error_message . implode('<br />\\n', (array) main()->_all_core_error_msgs) . '<br />' : '';
$body .= '<br />Spent time: ' . common()->_format_time_value(microtime(true) - $time_start) . ' sec.<br />';
return $body;
}
/**
*/
function _preload_data()
{
if ($this->_preload_complete) {
return true;
}
$this->_preload_complete = true;
asset('bfh-select');
$this->lang_def_country = main()->get_data('lang_def_country');
$this->_boxes = ['lang_code' => 'select_box("lang_code", $this->_langs, $selected, false, 2, "", false)', 'cur_langs' => 'select_box("lang_code", $this->_cur_langs, $selected, false, 2, "", false)', 'file_format' => 'radio_box("file_format", $this->_file_formats, $selected, true, 2, "", false)', 'mode' => 'radio_box("mode", $this->_modes, $selected, true, 2, "", false)', 'search_type' => 'radio_box("search_type", $this->_search_types, $selected, false, 2, "", false)', 'location' => 'select_box("location", $this->_used_locations, $selected, false, 2, "", false)', 'module' => 'select_box("module", $this->_modules, $selected, false, 2, "", false)'];
$this->_modules = _class('admin_methods')->find_active_modules();
$langs = [];
foreach ((array) $this->_get_iso639_list() as $lang_code => $lang_params) {
$langs[$lang_code] = t($lang_params[0]) . (!empty($lang_params[1]) ? ' (' . $lang_params[1] . ') ' : '');
}
$this->_langs = $langs;
$this->_cur_langs_array = db()->get_all('SELECT * FROM ' . db('locale_langs') . ' ORDER BY is_default DESC, locale ASC');
if (empty($this->_cur_langs_array)) {
db()->insert_safe('locale_langs', ['locale' => 'en', 'name' => t('English'), 'charset' => 'utf-8', 'active' => 1, 'is_default' => 1]);
js_redirect('/@object/@action');
}
$langs_for_search[''] = t('All languages');
foreach ((array) $this->_cur_langs_array as $A) {
$langs_for_search[$A['locale']] = t($A['name']);
$cur_langs[$A['locale']] = t($A['name']);
}
$this->_langs_for_search = $langs_for_search;
$this->_cur_langs = $cur_langs;
// TODO: add support for these file formats for import/export:
// * JSON
// * PHP
// * GNU Gettext (.po) http://www.gutenberg.org/wiki/Gutenberg:GNU_Gettext_Translation_How-To, https://en.wikipedia.org/wiki/Gettext
$this->_file_formats = ['csv' => t('CSV, compatible with MS Excel'), 'xml' => t('XML')];
$this->_modes = [1 => t('Strings in the uploaded file replace existing ones, new ones are added'), 2 => t('Existing strings are kept, only new strings are added')];
}
/**
*/
function _preload_data()
{
if ($this->_preload_complete) {
return true;
}
if ($this->ENABLE_BB_CODES && $this->ENABLE_SMILIES && !isset($GLOBALS['_smiles_array'])) {
$GLOBALS['_smiles_array'] = main()->get_data('smilies');
}
$nofollow = $this->USE_NOFOLLOW_TAG ? ' rel="nofollow"' : '';
$this->_preg_bb_codes = ['/\\[url=[\\"\']{0,1}([^\\]]*?)[\\"\']{0,1}\\](.*?)\\[\\/url\\]/i' => '<a href="\\1" target="blank"' . $nofollow . '>\\2</a>', '/\\[url\\](.*?)\\[\\/url\\]/i' => '<a href="\\1" target="blank"' . $nofollow . '>\\1</a>', '/\\[img\\]([^\\[]*?)\\[\\/img\\]/i' => '<div class="bb_remote_image"><img src="\\1"></div>', '/\\[color=[\\"\']*([#\\w]+)[\\"\']*\\]/i' => '<span style="color:\\1">', '/\\[size=[\\"\']*([#\\w]+)[\\"\']*\\]/i' => '<span style="font-size:\\1px;">', '/\\[quote[:=\\w]*[\\"\']*([\\w\\s&;-]*)[\\"\']*\\]/i' => '<div>' . t('quote') . ' <b>\\1</b> :</div><div class="' . $this->CSS_CLASSES['quote'] . '">', '/\\[code\\]/i' => '<pre class="' . $this->CSS_CLASSES['code'] . '">', '/\\[\\/(color|size)\\]/i' => '</span>', '/\\[\\/quote\\]/i' => '</div>', '/\\[\\/code\\]/i' => '</pre>', '/\\[([\\/]{0,1})(b|i|u|sub|sup|li)\\]/i' => '<\\1\\2>', '/\\[imgurl=([^\\]]*)\\]([^\\[]*?)\\[\\/imgurl\\]/i' => '<a href="\\1" target="blank"' . $nofollow . '><img src="\\2" border="0"></a>', '/\\[media\\]([^\\[]*?)\\[\\/media\\]/i' => '<embed name="RAOCXplayer" src="\\1">', '/\\[swf\\]([^\\[]*?)\\[\\/swf\\]/i' => '<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,0,0"><param name="movie" value="\\1" /><param name="quality" value="high" /><embed src="\\1" quality="high" allowScriptAccess="sameDomain" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" /></object>', '/\\[email\\]([^\\[]*?)\\[\\/email\\]/i' => '<a href="mailto:\\1"' . $nofollow . '>\\1</a>', '/\\[hr\\]/i' => '<hr />', '/\\[youtube\\]([^\\[]*?)\\[\\/youtube\\]/i' => '<object width="425" height="350"><param name="movie" value="\\1"></param><param name="wmode" value="transparent"></param><embed src="\\1" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>', '/\\[spoiler[=]{0,1}[\\"\']*([^\\]]*?)[\\"\']*\\]([^\\[]*?)\\[\\/spoiler\\]/i' => '<div class="spoiler_block"><div class="spoiler_head"><input type="button" class="toggle_button" value="+">\\1 </div><div class="spoiler_body">\\2</div></div>'];
if ($this->USE_CUSTOM_BB_CODES) {
$custom_codes = main()->get_data('custom_bbcode');
foreach ((array) $custom_codes as $_custom_tag => $_info) {
$_custom_tag = preg_quote($_custom_tag);
$_regex = '/\\[' . $_custom_tag . '[=]{0,1}([a-z0-9_-]+)' . ($_info['useoption'] ? '{0,1}' : '{0}') . '\\](.*?)\\[\\/' . $_custom_tag . '\\]/ims';
$this->_preg_bb_codes[$_regex] = str_replace(['{option}', '{content}'], ['\\1', '\\2'], $_info['replace']);
}
}
// Prepare avail codes string (sort them by name desc)
$tmp_codes = [];
foreach (explode('|', substr($this->_avail_codes, 1, -1)) as $_item) {
$tmp_codes[$_item] = $_item;
}
krsort($tmp_codes);
$this->_avail_codes = '(' . implode('|', $tmp_codes) . ')';
$this->_preload_complete = true;
}
function _products_get_attributes($products_ids = [])
{
if (is_numeric($products_ids)) {
$return_single_id = $products_ids;
$products_ids = [$products_ids];
}
if (empty($products_ids)) {
return [];
}
$fields_info = main()->get_data("shop_product_attributes_info");
$Q = db()->query("SELECT * FROM " . db('shop_product_attributes_values') . " WHERE category_id=1 AND object_id IN (" . implode(",", $products_ids) . ")");
while ($A = db()->fetch_assoc($Q)) {
$_product_id = $A["object_id"];
$A["value"] = strlen($A["value"]) ? unserialize($A["value"]) : [];
$A["add_value"] = strlen($A["add_value"]) ? unserialize($A["add_value"]) : [];
foreach ((array) $A["value"] as $_attr_id => $_dummy) {
$_price = $A["add_value"][$_attr_id];
$_item_id = $A["field_id"] . "_" . $_attr_id;
$_field_info = $fields_info[module("shop")->ATTRIBUTES_CAT_ID][$A["field_id"]];
$_field_info["value_list"] = strlen($_field_info["value_list"]) ? unserialize($_field_info["value_list"]) : [];
$data[$_product_id][$_item_id] = ["id" => $_item_id, "price" => $_price, "name" => $_field_info["name"], "value" => $_field_info["value_list"][$_attr_id], "product_id" => $_product_id];
}
}
if ($return_single_id) {
return $data[$return_single_id];
}
return $data;
}
/**
*/
function edit()
{
$replace = _class('admin_methods')->edit($this->_table);
$data = [];
if ($replace['linked_data']) {
$data = main()->get_data($replace['linked_data']);
} elseif ($replace['linked_table']) {
$q = db()->query('SELECT id, name FROM `' . db($replace['linked_table']) . '` ORDER BY name ASC');
while ($a = db()->fetch_assoc($q)) {
$data[$a['id']] = $a['name'];
}
} elseif ($replace['linked_method']) {
list($module, $method) = explode('.', trim($replace['linked_method']));
$module_obj = module($module);
if (method_exists($module_obj, $method)) {
$data = $module_obj->{$method}();
}
}
$form = form($replace);
$form->info('name');
if ($data) {
$form->select_box('value', $data);
} else {
$form->text('value');
}
$form->textarea('desc');
$form->save_and_back();
return $form;
}
/**
* Method that allows to change standard tasks mapping (if needed)
*/
function _route_request()
{
/* // Map example
if ($_GET['object'] == 'forum') {
$_GET = array();
$_GET['object'] = 'gallery';
$_GET['action'] = 'show';
}
*/
// Custom routing for static pages (eq. for URL like /terms/ instead of /static_pages/show/terms/)
if (!main()->STATIC_PAGES_ROUTE_TOP || MAIN_TYPE_ADMIN) {
return false;
}
$_user_modules = main()->get_data('user_modules');
// Do not override existing modules
if (isset($_user_modules[$_GET['object']])) {
return false;
}
$static_pages_names = main()->get_data('static_pages_names');
$replaced_obj = str_replace('_', '-', $_GET['object']);
if (in_array($_GET['object'], (array) $static_pages_names)) {
$_GET['id'] = $_GET['object'];
$_GET['object'] = 'static_pages';
$_GET['action'] = 'show';
} elseif (in_array($replaced_obj, (array) $static_pages_names)) {
$_GET['id'] = $replaced_obj;
$_GET['object'] = 'static_pages';
$_GET['action'] = 'show';
}
}
function orders()
{
if (!main()->USER_ID) {
if (main()->is_post()) {
module('shop')->order_validate_data();
// Display next form if we have no errors
if (!common()->_error_exists()) {
return module('shop')->order_view(true);
}
}
$items[] = ["order_id" => $_POST["order_id"], "email" => $_POST["email"], "form_action" => "./?object=shop&action=orders", "back_link" => "./?object=shop"];
} else {
$sql = "SELECT * FROM " . db('shop_orders') . " WHERE user_id=" . intval(main()->USER_ID);
//$filter_sql = $this->PARENT_OBJ->USE_FILTER ? $this->PARENT_OBJ->_create_filter_sql() : "";
$sql .= strlen($filter_sql) ? " WHERE 1=1 " . $filter_sql : " ORDER BY date DESC ";
list($add_sql, $pages, $total) = common()->divide_pages($sql);
$orders_info = db()->query_fetch_all($sql . $add_sql);
if (!empty($orders_info)) {
foreach ((array) $orders_info as $v) {
$user_ids[] = $v["user_id"];
}
$user_infos = user($user_ids);
}
foreach ((array) $orders_info as $v) {
if ($v["status"] == "pending" or $v["status"] == "pending payment") {
$del = "./?object=shop&action=order_delete&id=" . $v["id"];
} else {
$del = "";
}
$items[] = ["order_id" => $v["id"], "date" => _format_date($v["date"], "long"), "sum" => module('shop')->_format_price($v["total_sum"]), "user_link" => _profile_link($v["user_id"]), "user_name" => _display_name($user_infos[$v["user_id"]]), "status" => $v["status"], "delete_url" => $del, "view_url" => "./?object=shop&action=order_view&id=" . $v["id"]];
}
}
$replace = ["error_message" => _e(), "items" => (array) $items, "pages" => $pages, "total" => intval($total), "filter" => module('shop')->USE_FILTER ? module('shop')->_show_filter() : ""];
return tpl()->parse("shop/order_show", $replace);
}
/**
* Catch missing method call
*/
function __call($name, $args)
{
// Support for driver-specific methods
if (is_object($this->_connection) && method_exists($this->_connection, $name)) {
return call_user_func_array([$this->_connection, $name], $args);
}
return main()->extend_call($this, $name, $args);
}
/**
*/
function show()
{
$a = db()->get('SELECT * FROM ' . db('admin') . ' WHERE id=' . (int) main()->ADMIN_ID);
$a['password'] = '';
return form($a + (array) $_POST, ['autocomplete' => 'off'])->validate(['__before__' => 'trim', 'email' => 'required|valid_email|is_unique_without[admin.email.' . main()->ADMIN_ID . ']', 'first_name' => 'required|alpha_numeric_spaces', 'last_name' => 'required|alpha_numeric_spaces', 'password' => 'password_update'])->db_update_if_ok('admin', ['email', 'first_name', 'last_name', 'go_after_login', 'password'], 'id=' . (int) main()->ADMIN_ID, ['on_after_update' => function () {
common()->admin_wall_add(['admin account details updated', main()->ADMIN_ID]);
}])->info('login')->info('group', ['data' => main()->get_data('admin_groups')])->password(['value' => ''])->email()->text('first_name')->text('last_name')->text('go_after_login', 'Url after login')->save();
}
/**
* Order step
*/
function _order_step_finish($FORCE_DISPLAY_FORM = false)
{
module('shop')->_basket_api()->clean();
if (isset($_GET["page"])) {
$_GET["id"] = intval($_GET["page"]);
unset($_GET["page"]);
}
$_GET["id"] = intval($_GET["id"]);
if ($_GET["id"]) {
$order_info = db()->query_fetch("SELECT * FROM " . db('shop_orders') . " WHERE id=" . intval($_GET["id"]) . " AND user_id=" . intval(main()->USER_ID));
}
if (empty($order_info)) {
return _e("No such order");
}
$products_ids = [];
$Q = db()->query("SELECT * FROM " . db('shop_order_items') . " WHERE `order_id`=" . intval($order_info["id"]));
while ($_info = db()->fetch_assoc($Q)) {
if ($_info["product_id"]) {
$products_ids[$_info["product_id"]] = $_info["product_id"];
}
$order_items[$_info["product_id"]] = $_info;
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'");
$products_atts = module('shop')->_products_get_attributes($products_ids);
}
foreach ((array) $order_items as $_info) {
$_product_id = $_info["product_id"];
$_product = $products_infos[$_product_id];
$price = $_info["sum"];
$dynamic_atts = [];
if (strlen($_info["attributes"]) > 3) {
foreach ((array) unserialize($_info["attributes"]) as $_attr_id) {
$_attr_info = $products_atts[$_info["product_id"]][$_attr_id];
$dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"];
$price += $_attr_info["price"];
}
}
$URL_PRODUCT_ID = module('shop')->_product_id_url($_product);
$products[$_info["product_id"]] = ["name" => _prepare_html($_product["name"]), "price" => module('shop')->_format_price($price), "sum" => module('shop')->_format_price($_info["sum"]), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($_info["quantity"]), "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_product["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_product["cat_id"]]['url'])];
$total_price += $price * $quantity;
}
$total_price = $order_info["total_sum"];
if (main()->USER_ID) {
$order_info = my_array_merge(module('shop')->_user_info, $order_info);
} else {
$order_info["email"] = $order_info["email"];
$order_info["phone"] = $order_info["phone"];
}
$order_info = my_array_merge(module('shop')->COMPANY_INFO, $order_info);
$replace2 = my_array_merge($order_info, ["id" => $_GET["id"], "products" => $products, "ship_cost" => module('shop')->_format_price(0), "total_cost" => module('shop')->_format_price($total_price), "password" => ""]);
// Prepare email template
$message = tpl()->parse("shop/invoice_email", $replace2);
common()->quick_send_mail($order_info["email"], "invoice #" . $_GET["id"], $message);
$replace = my_array_merge($replace2, ["error_message" => _e(), "products" => $products, "ship_price" => module('shop')->_format_price(module('shop')->_ship_types_names[$order_info["ship_type"]]), "total_price" => module('shop')->_format_price($total_price), "order_no" => str_pad($order_info["id"], 8, "0", STR_PAD_LEFT), "hash" => _prepare_html($order_info["hash"]), "back_link" => "./?object=shop&action=show", "cats_block" => module('shop')->_categories_show()]);
return tpl()->parse("shop/order_finish", $replace);
}
/**
*/
function _init()
{
if (!$this->is_ready()) {
main()->init_db();
if (is_object(db()) && !db()->_connected) {
db()->connect();
}
}
}
/**
*/
function _filter_form_show($filter, $replace)
{
$order_fields = [];
foreach (explode('|', 'user_id|name|email|add_date|last_login|num_logins|active|balance|datetime_create|datetime_update') as $f) {
$order_fields[$f] = $f;
}
$min_date = from('payment_account')->one('UNIX_TIMESTAMP(MIN(datetime_create))');
return form($replace, ['filter' => true, 'selected' => $filter])->daterange('datetime_create', ['format' => 'YYYY-MM-DD', 'min_date' => date('Y-m-d', $min_date ?: time() - 86400 * 30), 'max_date' => date('Y-m-d', time() + 86400), 'autocomplete' => 'off', 'desc' => 'Дата создания', 'no_label' => 1])->daterange('datetime_update', ['format' => 'YYYY-MM-DD', 'min_date' => date('Y-m-d', $min_date ?: time() - 86400 * 30), 'max_date' => date('Y-m-d', time() + 86400), 'autocomplete' => 'off', 'desc' => 'Дата обновления', 'no_label' => 1])->text('user_id', 'Номер(а) пользователя', ['no_label' => 1])->text('name', 'Имя', ['no_label' => 1])->text('email', 'Почта', ['no_label' => 1])->row_start()->number('balance', 'Баланс от')->number('balance__and', 'Баланс до')->row_end()->select_box('group', main()->get_data('user_groups'), ['show_text' => 1, 'no_label' => 1])->row_start()->select_box('order_by', $order_fields, ['show_text' => 1, 'desc' => 'Сортировка'])->select_box('order_direction', ['asc' => '⇑', 'desc' => '⇓'])->row_end()->save_and_clear();
}
/**
*/
function _show_filter()
{
if (!main()->TRACK_ONLINE_STATUS) {
return false;
}
$filter_name = $_GET['object'];
$r = ['form_action' => './?object=' . $_GET['object'] . '&action=filter_save&id=' . $filter_name, 'clear_url' => './?object=' . $_GET['object'] . '&action=filter_save&id=' . $filter_name . '&page=clear'];
return form($r, ['selected' => $_SESSION[$filter_name], 'class' => 'form-vertical'])->select_box('user_type', $this->USER_TYPES)->save();
}
/**
*/
function category_mapping_delete()
{
$SUPPLIER_ID = module('manage_shop')->SUPPLIER_ID;
$a = db()->get('SELECT * FROM ' . db('shop_suppliers_cat_aliases') . ' WHERE supplier_id=' . (int) $SUPPLIER_ID . ' AND cat_id=' . (int) $_GET['id']);
if (!$a) {
return _e('No such record');
}
db()->query('DELETE FROM ' . db('shop_suppliers_cat_aliases') . ' WHERE supplier_id=' . (int) $SUPPLIER_ID . ' AND cat_id=' . (int) $_GET['id'] . ' LIMIT 1');
return js_redirect('./?object=' . main()->_get('object') . '&action=category_mapping');
}
/**
*/
function _hook_widget__admin_wall($params = [])
{
$meta = ['name' => 'Admin wall', 'desc' => 'Latest events for admin', 'configurable' => []];
if ($params['describe_self']) {
return $meta;
}
$config = $params;
$sql = 'SELECT * FROM ' . db('admin_walls') . ' WHERE user_id=' . intval(main()->ADMIN_ID) . ' ORDER BY add_date DESC';
return table($sql, ['no_header' => 1, 'btn_no_text' => 1, 'pages_on_top' => 1, 'pager_path' => './?object=' . $_GET['object'] . '&action=show'])->date('add_date')->admin('user_id')->text('message')->btn_view();
}
/**
*/
function _show_filter()
{
if (!in_array($_GET['action'], ['show'])) {
return false;
}
$order_fields = [];
foreach (explode('|', 'user_id|login|group|date|ip|user_agent|referer') as $f) {
$order_fields[$f] = $f;
}
return form($r, ['filter' => true])->number('user_id')->text('login')->text('ip')->select_box('group', main()->get_data('user_groups'), ['show_text' => 1])->select_box('order_by', $order_fields, ['show_text' => 1])->order_box()->save_and_clear();
}
/**
*/
function show()
{
$blocks = main()->get_data('blocks_all');
foreach ((array) $blocks as $_id => $_info) {
if ($_info['type'] == 'user' && $_info['name'] == 'center_area') {
$block_center_id = $_id;
break;
}
}
$menu_id = db()->get_one('SELECT id FROM ' . db('menus') . ' WHERE type="user" AND active=1 LIMIT 1');
return table('SELECT * FROM ' . db('user_groups') . ' ORDER BY id ASC', ['custom_fields' => ['members_count' => 'SELECT `group`, COUNT(*) AS num FROM ' . db('user') . ' GROUP BY `group`'], 'hide_empty' => 1])->text('name')->text('go_after_login')->text('members_count', ['link' => './?object=manage_users&action=filter_save&page=clear&filter=group:%d', 'link_field_name' => 'id'])->btn_edit(['btn_no_text' => 1])->btn_delete(['btn_no_text' => 1])->btn_active()->footer_add()->footer_link('Blocks', './?object=blocks&action=show_rules&id=' . $block_center_id)->footer_link('Menu', './?object=menus_editor&action=show_items&id=' . $menu_id)->footer_link('Auth fails', './?object=log_user_auth_fails');
}
