public function votePoll($poll, $answer){
if(!$poll['answers']){ return false; }
$inUser = cmsUser::getInstance();
//Прибавляем голос к переданному нам варианту ответа
foreach($poll['answers'] as $key=>$value){
if ($key == stripslashes($answer)){
$poll['answers'][$key] += 1;
}
}
$answers = $this->inDB->escape_string(cmsCore::arrayToYaml($poll['answers']));
//Сохраняем результаты опроса
$sql = "UPDATE cms_polls SET answers = '{$answers}' WHERE id = '{$poll['id']}'";
$this->inDB->query($sql);
// помечаем кто за что проголосовал
$sql = "INSERT cms_polls_log (poll_id, answer, user_id, ip)
VALUES ('{$poll['id']}', '$answer', '{$inUser->id}', '{$inUser->ip}')";
$this->inDB->query($sql);
return true;
}
function setupAnswers($answers_title) {
$answers = array();
foreach ($answers_title as $answer) {
if ($answer) { $answers[$answer] = 0; }
}
return cmsCore::arrayToYaml($answers);
}
$cat['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$cat['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
$cat['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
if (!is_numeric($cat['cost'])) { $cat['cost'] = ''; }
if (cmsCore::request('copy_parent_struct')) {
$fstruct = cmsCore::c('db')->get_field('cms_uc_cats', "id='{$cat['parent_id']}'", 'fieldsstruct');
} else {
$fstruct = cmsCore::request('fstruct', 'array', array());
foreach ($fstruct as $key=>$value) {
if ($value=='') { unset($fstruct[$key]); continue; }
if ($_REQUEST['fformat'][$key]=='html') { $fstruct[$key] .= '/~h~/'; }
if ($_REQUEST['fformat'][$key]=='link') { $fstruct[$key] .= '/~l~/'; }
if ($_REQUEST['flink'][$key]) { $fstruct[$key] .= '/~m~/'; }
}
$fstruct = cmsCore::arrayToYaml($fstruct);
}
$cat['fieldsstruct'] = cmsCore::c('db')->escape_string($fstruct);
if ($opt == 'submit_cat') {
$cat_id = cmsCore::c('db')->addNsCategory('cms_uc_cats', cmsCore::callEvent('ADD_CATALOG_CAT', $cat));
} else {
$cat_id = cmsCore::request('item_id', 'int', 0);
$model->updateCategory($cat_id, $cat);
}
if ($cat['is_public']) {
$showfor = cmsCore::request('showfor', 'array_int', array());
if ($showfor) {
$model->setCategoryAccess($cat_id, $showfor);
}
function board() {
$inCore = cmsCore::getInstance();
global $_LANG;
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
$do = $inCore->do;
$pagetitle = $inCore->getComponentTitle();
$pagekeys = $pagedesc = '';
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->addPathway($pagetitle, '/board');
/////////////////////////////// VIEW CATEGORY //////////////////////////////////
if ($do == 'view') {
//Получаем текущую категорию
$category = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id);
if (!$category || (!$category['published'] && !cmsCore::c('user')->is_admin)) {
cmsCore::error404();
}
if ($category['id'] != cmsCore::m('board')->root_cat['id']) {
$pagetitle = $category['pagetitle'] ? $category['pagetitle'] : $category['title'];
$pagekeys = $category['meta_keys'];
$pagedesc = $category['meta_desc'];
$category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $category['NSLeft'], $category['NSRight']);
if ($category_path) {
foreach($category_path as $pcat) {
cmsCore::c('page')->addPathway($pcat['title'], '/board/'. $pcat['id']);
}
}
} else {
$category['title'] = $pagetitle = $inCore->menuTitle();
$category['description'] = cmsCore::m('board')->config['root_description'];
$pagekeys = cmsCore::m('board')->config['meta_keys'];
$pagedesc = cmsCore::m('board')->config['meta_desc'];
}
// rss в адресной строке
$rss_cat_id = $category['id'] == cmsCore::m('board')->root_cat['id'] ? 'all' : $category['id'];
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'. $_LANG['BOARD'] .'" href="'. HOST .'/rss/board/'. $rss_cat_id .'/feed.rss">');
//Формируем категории
$cats = cmsCore::m('board')->getSubCats($category['id']);
// Формируем список объявлений
// Устанавливаем категорию
if ($category['id'] != cmsCore::m('board')->root_cat['id']) {
cmsCore::m('board')->whereThisAndNestedCats($category['NSLeft'], $category['NSRight']);
}
//Город
if (cmsCore::m('board')->city) {
cmsCore::m('board')->whereCityIs(cmsCore::m('board')->city);
$pagetitle .= ' :: '. cmsCore::m('board')->city;
}
// Типы объявлений
if (cmsCore::m('board')->obtype && mb_stristr(icms_ucfirst($category['obtypes']), cmsCore::m('board')->obtype)) {
cmsCore::m('board')->whereTypeIs(cmsCore::m('board')->obtype);
$pagetitle .= ' :: '. cmsCore::m('board')->obtype;
}
// модератор или админ
$is_moder = cmsCore::c('user')->is_admin || cmsCore::m('board')->is_moderator_by_group;
// Общее количество объявлений по заданным выше условиям
$total = cmsCore::m('board')->getAdvertsCount($is_moder, true);
//устанавливаем сортировку
$orderby = cmsCore::m('board')->getOrder('orderby', $category['orderby']);
$orderto = cmsCore::m('board')->getOrder('orderto', $category['orderto']);
cmsCore::c('db')->orderBy('is_vip DESC, '. $orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во объявлений на странице
cmsCore::c('db')->limitPage(cmsCore::m('board')->page, $category['perpage']);
// Получаем объявления
$items = cmsCore::m('board')->getAdverts($is_moder, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if (!$items && cmsCore::m('board')->page > 1) { cmsCore::error404(); }
// если не указаны ключевые слова, формируем их из названий рубрик и типов
if (!$pagekeys && $cats) {
foreach($cats as $c) {
$keys[] = $c['title'];
foreach (explode("\n", $c['obtypes']) as $obtype) {
$keys[] = trim($obtype);
}
}
$pagekeys = implode(',', $keys);
} else if(!$cats) {
$pagekeys = $category['title'];
}
// если не указано описание, формируем из текущих объявлений
if (!$pagedesc && $items) {
foreach ($items as $i) {
$desc[] = $i['title'];
}
$pagedesc = implode('. ', $desc);
} else if(!$items && $category['description']) {
$pagedesc = crop($category['description']);
}
// Проставляем заголовки страницы и описание согласно выборки
cmsCore::c('page')->setDescription(crop($pagedesc));
cmsCore::c('page')->setKeywords($pagekeys);
cmsCore::c('page')->setTitle($pagetitle);
// Отдаем в шаблон категории
cmsPage::initTemplate('components', 'com_board_cats')->
assign('cats', $cats)->
assign('category', $category)->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('is_user', cmsCore::c('user')->id)->
assign('maxcols', cmsCore::m('board')->config['maxcols'])->
display();
$pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, $category['perpage'], '/board/%catid%-%page%', array('catid'=>$category['id']));
$order_form = $category['orderform'] ? cmsCore::m('board')->orderForm($orderby, $orderto, $category) : '';
// Отдаем в шаблон объявления
cmsPage::initTemplate('components', 'com_board_items')->
assign('order_form', $order_form)->
assign('cfg', cmsCore::m('board')->config)->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('items', $items)->
assign('cat', $category)->
assign('maxcols', $category['maxcols'])->
assign('colwidth', round(100/$category['maxcols']))->
assign('pagebar', $pagebar)->
display();
}
/////////////////////////////// VIEW USER ADV //////////////////////////////////
if ($do == 'by_user') {
// логин пользователя
$login = cmsCore::request('login', 'str', cmsCore::c('user')->login);
// получаем данные пользователя
$user = cmsUser::getShortUserData($login);
if (!$user) { cmsCore::error404(); }
$myprofile = cmsCore::m('board')->checkAccess($user['id']);
cmsCore::c('page')->addPathway($user['nickname']);
cmsCore::c('page')->setTitle($_LANG['BOARD'] .' - '. $user['nickname']);
cmsCore::c('page')->setDescription($_LANG['BOARD'] .' - '. $user['nickname']);
// Формируем список объявлений
cmsCore::m('board')->whereUserIs($user['id']);
// Общее количество объявлений по заданным выше условиям
$total = cmsCore::m('board')->getAdvertsCount($myprofile);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('pubdate', 'DESC');
//устанавливаем номер текущей страницы и кол-во объявлений на странице
cmsCore::c('db')->limitPage(cmsCore::m('board')->page, 15);
// Получаем объявления
$items = cmsCore::m('board')->getAdverts($myprofile, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if(!$items && cmsCore::m('board')->page > 1){ cmsCore::error404(); }
// Пагинация
$pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, 15, '/board/by_user_'.$login.'/page-%page%');
// Показываем даты
$category['showdate'] = 1;
cmsPage::initTemplate('components', 'com_board_items')->
assign('cfg', cmsCore::m('board')->config)->
assign('page_title', $_LANG['BOARD'].' - '.$user['nickname'])->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('items', $items)->
assign('cat', $category)->
assign('maxcols', 1)->
assign('colwidth', 100)->
assign('pagebar', $pagebar)->
display();
}
/////////////////////////////// VIEW ITEM //////////////////////////////////////
if ($do == 'read') {
// получаем объявление
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
// неопубликованные показываем админам, модераторам и автору
if (!$item['published'] && !$item['moderator']) { cmsCore::error404(); }
// для неопубликованного показываем инфо: просрочено/на модерации
if (!$item['published']) {
$info_text = $item['is_overdue'] ? $_LANG['ADV_IS_EXTEND'] : $_LANG['ADV_IS_MODER'];
cmsCore::addSessionMessage($info_text, 'info');
} else {
// увеличиваем кол-во просмотров
cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'hits', $item['hits']+1);
}
// формируем заголовок и тело сообщения
$item['title'] = $item['obtype'].' '.$item['title'];
$item['content'] = nl2br($item['content']);
$item['content'] = cmsCore::m('board')->config['auto_link'] ? $inCore->parseSmiles($item['content']) : $item['content'];
$category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $item['NSLeft'], $item['NSRight']);
if ($category_path) {
foreach ($category_path as $pcat) {
cmsCore::c('page')->addPathway($pcat['title'], '/board/'.$pcat['id']);
}
}
cmsCore::c('page')->addPathway($item['title']);
$pagetitle = $item['pagetitle'] ? $item['pagetitle'] : $item['title'];
$pagekeys = $item['meta_keys'] ? $item['meta_keys'] : $item['title'];
$pagedesc = $item['meta_desc'] ? $item['meta_desc'] : $item['content'];
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->setDescription(crop($pagedesc));
cmsCore::c('page')->setKeywords($pagekeys);
cmsPage::initTemplate('components', 'com_board_item')->
assign('item', $item)->
assign('cfg', cmsCore::m('board')->config)->
assign('user_id', cmsCore::c('user')->id)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('formsdata', cmsForm::getFieldsValues($item['form_id'], $item['form_array']))->
assign('is_moder', cmsCore::m('board')->is_moderator_by_group)->
display();
}
/////////////////////////////// NEW BOARD ITEM /////////////////////////////////
if ($do == 'additem') {
// Получаем категории, в которые может загружать пользователь
$catslist = cmsCore::m('board')->getPublicCats(cmsCore::m('board')->category_id);
if (!$catslist) {
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV_ANY'], 'error');
$inCore->redirect('/board');
}
$cat['is_photos'] = 1;
$formsdata = array();
if (cmsCore::m('board')->category_id && cmsCore::m('board')->category_id != cmsCore::m('board')->root_cat['id']) {
$cat = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id);
$formsdata = cmsForm::getFieldsHtml($cat['form_id']);
}
cmsCore::c('page')->addPathway($_LANG['ADD_ADV']);
if ( !cmsCore::inRequest('submit') ) {
if (IS_BILLING) { cmsBilling::checkBalance('board', 'add_item'); }
cmsCore::c('page')->setTitle($_LANG['ADD_ADV']);
$item = cmsUser::sessionGet('item');
if ($item) { cmsUser::sessionDel('item'); }
$item['city'] = !empty($item['city']) ? $item['city'] : cmsCore::c('user')->city;
cmsPage::initTemplate('components', 'com_board_edit')->
assign('action', "/board/add.html")->
assign('form_do', 'add')->
assign('cfg', cmsCore::m('board')->config)->
assign('cat', $cat)->
assign('item', $item)->
assign('pagetitle', $_LANG['ADD_ADV'])->
assign('formsdata', $formsdata)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('is_user', cmsCore::c('user')->id)->
assign('catslist', $catslist)->
assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)->
display();
cmsUser::sessionClearAll();
return;
}
if ( cmsCore::inRequest('submit') ) {
// проверяем на заполненость скрытое поле
$title_fake = cmsCore::request('title_fake', 'str', '');
// если оно заполнено, считаем что это бот, 404
if ($title_fake) { cmsCore::error404(); }
$errors = false;
// проверяем наличие категории
if (!$cat['id']) {
cmsCore::addSessionMessage($_LANG['NEED_CAT_ADV'], 'error');
$errors = true;
}
// Проверяем количество добавленных за сутки
if (!cmsCore::m('board')->checkLoadedByUser24h($cat)){
cmsCore::addSessionMessage($_LANG['MAX_VALUE_OF_ADD_ADV'], 'error');
$errors = true;
}
// Можем ли добавлять в эту рубрику
if (!cmsCore::m('board')->checkAdd($cat)){
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV'], 'error');
$errors = true;
}
// входные данные
$obtype = icms_ucfirst(cmsCore::request('obtype', 'str', ''));
$title = trim(str_ireplace($obtype, '', cmsCore::request('title', 'str', '')));
$content = cmsCore::request('content', 'str', '');
$city = cmsCore::request('city', 'str', '');
if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) {
$pagetitle = cmsCore::request('pagetitle', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$meta_desc = cmsCore::request('meta_desc', 'str', '');
} else {
$pagetitle = $meta_keys = $meta_desc = '';
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
$vipdays = cmsCore::request('vipdays', 'int', 0);
$published = cmsCore::m('board')->checkPublished($cat);
if (cmsCore::m('board')->config['srok']){ $pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50; }
if (!cmsCore::m('board')->config['srok']){ $pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14; }
// Проверяем значения
if (!$title) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$content) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$city) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
if (!cmsCore::c('user')->id && !cmsCore::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$item['content'] = htmlspecialchars(stripslashes($_REQUEST['content']));
$item['city'] = stripslashes($city);
$item['title'] = stripslashes($title);
$item['obtype'] = $obtype;
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/board/'. cmsCore::m('board')->category_id .'/add.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = cmsCore::m('board')->uploadPhoto('', $cat);
} else {
$file['filename'] = '';
cmsCore::addSessionMessage($_LANG['INFO_CAT_NO_PHOTO'], 'info');
}
$add = array(
'category_id' => cmsCore::m('board')->category_id,
'user_id' => cmsCore::c('user')->id,
'obtype' => $obtype,
'title' => $title,
'content' => $content,
'formsdata' => $formsdata,
'city' => $city,
'pubdays' => $pubdays,
'published' => $published,
'pagetitle' => $pagetitle,
'meta_keys' => $meta_keys,
'meta_desc' => $meta_desc,
'file' => $file['filename']
);
$add['id'] = cmsCore::m('board')->addRecord($add);
if (cmsCore::c('user')->is_admin && $vipdays) {
cmsCore::m('board')->setVip($add['id'], $vipdays);
}
if (IS_BILLING) {
cmsBilling::process('board', 'add_item');
if (cmsCore::m('board')->config['vip_enabled'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) {
if ($vipdays > cmsCore::m('board')->config['vip_max_days']) {
$vipdays = cmsCore::m('board')->config['vip_max_days'];
}
$summ = $vipdays * cmsCore::m('board')->config['vip_day_cost'];
if (cmsCore::c('user')->balance >= $summ) {
cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']);
cmsCore::m('board')->setVip($add['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if ($published) {
//регистрируем событие
cmsActions::log('add_board', array(
'object' => $obtype .' '. $title,
'object_url' => '/board/read'. $add['id'] .'.html',
'object_id' => $add['id'],
'target' => $cat['title'],
'target_url' => '/board/'. $cat['id'],
'target_id' => $cat['id'],
'description' => ''
));
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'], 'success');
cmsCore::callEvent('ADD_BOARD_DONE', $add);
cmsCore::redirect('/board/read'. $add['id'] .'.html');
}
if (!$published) {
$link = '<a href="/board/read'. $add['id'] .'.html">'. $obtype .' '. $title .'</a>';
if (cmsCore::c('user')->id) {
$user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>';
} else {
$user = $_LANG['BOARD_GUEST'] .', ip: '. cmsCore::c('user')->ip;
}
$message = str_replace('%user%', $user, $_LANG['MSG_ADV_SUBMIT']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'] .'<br>'. $_LANG['ADV_PREMODER_TEXT'], 'success');
cmsCore::redirect('/board/'.cmsCore::m('board')->category_id);
}
}
}
/////////////////////////////// EDIT BOARD ITEM ////////////////////////////////
if ($do == 'edititem') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
$cat = cmsCore::m('board')->getCategory($item['category_id']);
if (!$cat || !$item) { cmsCore::error404(); }
cmsCore::c('page')->setTitle($_LANG['EDIT_ADV']);
cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']);
cmsCore::c('page')->addPathway($_LANG['EDIT_ADV']);
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
$errors = false;
if (!cmsCore::inRequest('submit')) {
cmsPage::initTemplate('components', 'com_board_edit')->
assign('action', "/board/edit{$item['id']}.html")->
assign('form_do', 'edit')->
assign('cfg', cmsCore::m('board')->config)->
assign('cat', $cat)->
assign('item', $item)->
assign('pagetitle', $_LANG['EDIT_ADV'])->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('catslist', cmsCore::m('board')->getPublicCats($item['category_id'], true))->
assign('formsdata', cmsForm::getFieldsHtml($cat['form_id'], $item['form_array']))->
assign('is_user', cmsCore::c('user')->id)->
assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)->
display();
cmsUser::sessionClearAll();
}
if (cmsCore::inRequest('submit')) {
$new_cat_id = cmsCore::request('category_id', 'int', 0);
if ($new_cat_id) {
$item['category_id'] = $new_cat_id;
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
if ($item['is_overdue'] && !$item['published']) {
if (cmsCore::m('board')->config['srok']) {
$pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50;
}
if (!cmsCore::m('board')->config['srok']) {
$pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14;
}
$pubdate = date('Y-m-d H:i:s');
} else {
$pubdays = $item['pubdays'];
$pubdate = $item['fpubdate'];
}
$update['obtype'] = icms_ucfirst(cmsCore::request('obtype', 'str'));
$update['title'] = trim(str_ireplace($update['obtype'], '', cmsCore::request('title', 'str', '')));
$update['category_id'] = $item['category_id'];
$update['content'] = cmsCore::request('content', 'str', '');
$update['formsdata'] = $formsdata;
$update['city'] = cmsCore::request('city', 'str', '');
$update['pubdate'] = $pubdate;
$update['pubdays'] = $pubdays;
$update['published'] = cmsCore::m('board')->checkPublished($cat, true);
if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) {
$update['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$update['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$update['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
if (!$update['title']) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$update['content']) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$update['city']) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$inCore->redirect('/board/edit'. $item['id'] .'.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = cmsCore::m('board')->uploadPhoto($item['file'], $cat);
}
$update['file'] = $file['filename'] ? $file['filename'] : $item['file'];
// обновляем объявление
cmsCore::m('board')->updateRecord($item['id'], $update);
// обновляем запись в ленте активности
cmsActions::updateLog('add_board', array('object' => $update['obtype'] .' '. $update['title']), $item['id']);
$vipdays = cmsCore::request('vipdays', 'int', 0);
if (cmsCore::c('user')->is_admin) {
if ($vipdays > 0) {
cmsCore::m('board')->setVip($item['id'], $vipdays);
}
if ($vipdays == -1) {
cmsCore::m('board')->deleteVip($item['id']);
}
}
if (IS_BILLING) {
if (cmsCore::m('board')->config['vip_enabled'] && cmsCore::m('board')->config['vip_prolong'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) {
if ($vipdays > cmsCore::m('board')->config['vip_max_days']) {
$vipdays = cmsCore::m('board')->config['vip_max_days'];
}
$summ = $vipdays * cmsCore::m('board')->config['vip_day_cost'];
if (cmsCore::c('user')->balance >= $summ) {
cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']);
cmsCore::m('board')->setVip($item['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if (!$update['published']) {
$link = '<a href="/board/read'. $item['id'] .'.html">'. $update['obtype'] .' '. $update['title'] .'</a>';
$user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>';
$message = str_replace(array('%link%','%user%'), array($link,$user), $_LANG['MSG_ADV_EDITED']);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_EDIT_PREMODER_TEXT'], 'info');
}
cmsCore::addSessionMessage($_LANG['ADV_MODIFIED'], 'success');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
}
///////////////////////// PUBLISH BOARD ITEM ///////////////////////////////////
if ($do == 'publish') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
// если уже опубликовано, 404
if ($item['published']) { cmsCore::error404(); }
// публиковать могут админы и модераторы доски
if (!cmsCore::c('user')->is_admin && !cmsCore::m('board')->is_moderator_by_group) {
cmsCore::error404();
}
// публикуем
cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'published', 1);
cmsCore::callEvent('ADD_BOARD_DONE', $item);
if ($item['user_id']) {
//регистрируем событие
cmsActions::log('add_board', array(
'object' => $item['obtype'] .' '. $item['title'],
'user_id' => $item['user_id'],
'object_url' => '/board/read'. $item['id'] .'.html',
'object_id' => $item['id'],
'target' => $item['category'],
'target_url' => '/board/'. $item['cat_id'],
'target_id' => $item['cat_id'],
'description' => ''
));
$link = '<a href="/board/read'. $item['id'] .'.html">'. $item['obtype'] .' '. $item['title'] .'</a>';
$message = str_replace('%link%', $link, $_LANG['MSG_ADV_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message);
}
cmsCore::addSessionMessage($_LANG['ADV_IS_ACCEPTED'], 'success');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
/////////////////////////////// DELETE BOARD ITEM //////////////////////////////
if ($do == 'delete') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/'. $item['cat_id']);
}
if (!cmsCore::inRequest('godelete')) {
cmsCore::c('page')->setTitle($_LANG['DELETE_ADV']);
cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']);
cmsCore::c('page')->addPathway($_LANG['DELETE_ADV']);
$confirm['title'] = $_LANG['DELETING_ADV'];
$confirm['text'] = $_LANG['YOU_SURE_DELETE_ADV'] .' "'. $item['title'] .'"?';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button']['name'] = 'godelete';
cmsPage::initTemplate('components', 'action_confirm')->
assign('confirm', $confirm)->
display();
}
if (cmsCore::inRequest('godelete')) {
cmsCore::m('board')->deleteRecord(cmsCore::m('board')->item_id);
cmsCore::addSessionMessage($_LANG['ADV_IS_DELETED'], 'success');
cmsCore::redirect('/board/'. $item['cat_id']);
}
}
}
function applet_modules() {
$inCore = cmsCore::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) { cpAccessDenied(); }
cmsCore::c('page')->setTitle($_LANG['AD_MODULES']);
cpAddPathway($_LANG['AD_MODULES'], 'index.php?view=modules');
cmsCore::c('page')->addHeadJS('admin/js/modules.js');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
$co = cmsCore::request('co', 'int', -1);
if ($do == 'config') {
$module_name = cpModuleById($id);
$module_title = cpModuleTitleById($id);
if (!$module_name) { cmsCore::redirect('index.php?view=modules&do=edit&id='. $id); }
$xml_file = PATH .'/admin/modules/'. $module_name .'/backend.xml';
$php_file = 'modules/'. $module_name .'/backend.php';
if (file_exists($php_file)) {
include $php_file;
return;
}
$cfg = $inCore->loadModuleConfig($id);
cpAddPathway($module_title, '?view=modules&do=edit&id='. $id);
cpAddPathway($_LANG['AD_SETTINGS']);
echo '<h3>'. $module_title .'</h3>';
$toolmenu = array(
array( 'icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:submitModuleConfig();' ),
array( 'icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=modules' ),
array( 'icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_MODULE_VIEW'], 'link' => '?view=modules&do=edit&id='. $id )
);
cpToolMenu($toolmenu);
?>
<form action="index.php?view=modules&do=save_auto_config&id=<?php echo $id; ?>" method="post" name="optform" target="_self" id="optform">
<div class="panel panel-default" style="width:650px;">
<div class="panel-body">
<?php
if (file_exists($xml_file)) {
cmsCore::loadClass('formgen');
$formGen = new cmsFormGen($xml_file, $cfg);
echo $formGen->getHTML();
} else {
?>
<div class="form-group">
<label class="col-sm-5 control-label"><?php echo $_LANG['AD_MODULE_TEMPLATE']; ?></label>
<div class="col-sm-7">
<input type="text" class="form-control" value="<?php echo $cfg['tpl']; ?>" />
</div>
</div>
<?php
}
?>
</div>
<div class="panel-footer">
<input type="submit" name="save" class="btn btn-primary" value="<?php echo $_LANG['SAVE']; ?>" />
</div>
</div>
<script type="text/javascript">
function submitModuleConfig(){
$('#optform').submit();
}
</script>
</form>
<?php
return;
}
if ($do == 'save_auto_config') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$module_name = cpModuleById($id);
$is_ajax = cmsCore::inRequest('ajax');
if ($is_ajax) {
$title = cmsCore::request('title', 'str', '');
$published = cmsCore::request('published', 'int', 0);
cmsCore::c('db')->query("UPDATE cms_modules SET title='". $title ."', published='". $published ."' WHERE id=". $id);
if (cmsCore::inRequest('content')) {
$content = cmsCore::c('db')->escape_string(cmsCore::request('content', 'html'));
cmsCore::c('db')->query("UPDATE cms_modules SET content='". $content ."' WHERE id=". $id);
}
}
if (cmsCore::inRequest('title_only')) { cmsCore::redirectBack(); }
$xml_file = PATH .'/admin/modules/'. $module_name .'/backend.xml';
if (file_exists($xml_file)) {
$cfg = array();
$backend = simplexml_load_file($xml_file);
foreach ($backend->params->param as $param) {
$name = (string)$param['name'];
$type = (string)$param['type'];
$default = (string)$param['default'];
switch($param['type']) {
case 'number': $value = cmsCore::request($name, 'int', $default); break;
case 'string': $value = cmsCore::request($name, 'str', $default); break;
case 'html': $value = cmsCore::badTagClear(cmsCore::request($name, 'html', $default)); break;
case 'flag': $value = cmsCore::request($name, 'int', 0); break;
case 'list': $value = (is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default)); break;
case 'list_function': $value = cmsCore::request($name, 'str', $default); break;
case 'list_db': $value = (is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default)); break;
}
$cfg[$name] = $value;
}
}
$cfg['tpl'] = cmsCore::request('tpl', 'str', $module_name);
$inCore->saveModuleConfig($id, $cfg);
if (!$is_ajax) {
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
}
cmsCore::redirectBack();
}
if ($do == 'list') {
$toolmenu = array(
array( 'icon' => 'new.gif', 'title' => $_LANG['AD_MODULE_ADD'], 'link' => '?view=modules&do=add' ),
array( 'icon' => 'install.gif', 'title' => $_LANG['AD_MODULES_SETUP'], 'link' => '?view=install&do=module' ),
array( 'icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=edit&multiple=1');" ),
array( 'icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=delete&multiple=1');" ),
array( 'icon' => 'show.gif', 'title' => $_LANG['AD_ALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=show&multiple=1');" ),
array( 'icon' => 'hide.gif', 'title' => $_LANG['AD_DISALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=hide&multiple=1');" ),
array( 'icon' => 'autoorder.gif', 'title' => $_LANG['AD_MODULE_ORDER'], 'link' => '?view=modules&do=autoorder' ),
array( 'icon' => 'reorder.gif', 'title' => $_LANG['AD_SAVE_ORDER'], 'link' => "javascript:checkSel('?view=modules&do=saveorder');" ),
array( 'icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=modules' )
);
cpToolMenu($toolmenu);
$fields = array(
array( 'title' => 'id', 'field' => 'id', 'width' => '40' ),
array(
'title' => $_LANG['AD_TITLE'],
'field' => array('title','titles'), 'width'=>'',
'link' => '?view=modules&do=edit&id=%id%',
'prc' => function ($i) {
$i['titles'] = cmsCore::yamlToArray($i['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($i['titles'][cmsConfig::getConfig('lang')])) {
$i['title'] = $i['titles'][cmsConfig::getConfig('lang')];
}
return $i['title'];
}
),
array( 'title' => $_LANG['TITLE'], 'field' => 'name', 'width' => '220', 'filter' => '15' ),
array( 'title' => $_LANG['AD_VERSION'], 'field' => 'version', 'width' => '70' ),
array( 'title' => $_LANG['AD_AUTHOR'], 'field' => 'author', 'width' => '110' ),
array( 'title' => $_LANG['SHOW'], 'field' => 'published', 'width' => '80' ),
array( 'title' => $_LANG['AD_ORDER'], 'field' => 'ordering', 'width' => '100' ),
array( 'title' => $_LANG['AD_POSITION'], 'field' => 'position', 'width' => '80', 'filter' => '10', 'filterlist' => cpGetList('positions') )
);
$actions = array(
array( 'title' => $_LANG['AD_CONFIG'], 'icon' => 'config.gif', 'link' => '?view=modules&do=config&id=%id%', 'condition' => 'cpModuleHasConfig' ),
array( 'title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=modules&do=edit&id=%id%' ),
array( 'title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_MODULE_DELETE'], 'link' => '?view=modules&do=delete&id=%id%' )
);
cpListTable('cms_modules', $fields, $actions, '', 'published DESC, position, ordering ASC');
}
if ($do == 'autoorder'){
$rs = cmsCore::c('db')->query("SELECT id, position FROM cms_modules ORDER BY position") ;
if (cmsCore::c('db')->num_rows($rs)) {
$ord = 1;
while ($item = cmsCore::c('db')->fetch_assoc($rs)) {
if (isset($latest_pos)) {
if ($latest_pos != $item['position']) {
$ord = 1;
}
}
cmsCore::c('db')->query("UPDATE cms_modules SET ordering = ". $ord ." WHERE id=". $item['id']) ;
$ord += 1;
$latest_pos = $item['position'];
}
}
cmsCore::redirect('index.php?view=modules');
}
if ($do == 'move_up') {
if ($id >= 0) { dbMoveUp('cms_modules', $id, $co); }
cmsCore::redirectBack();
}
if ($do == 'move_down') {
if ($id >= 0) { dbMoveDown('cms_modules', $id, $co); }
cmsCore::redirectBack();
}
if ($do == 'saveorder') {
if (isset($_REQUEST['ordering'])) {
$ord = $_REQUEST['ordering'];
$ids = $_REQUEST['ids'];
foreach ($ord as $id=>$ordering) {
cmsCore::c('db')->query("UPDATE cms_modules SET ordering = ". (int)$ordering ." WHERE id = ". (int)$ids[$id]);
}
cmsCore::redirect('index.php?view=modules');
}
}
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) { cmsCore::c('db')->setFlag('cms_modules', $id, 'published', '1'); }
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_modules', $_REQUEST['item'], 'published', '1');
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) { cmsCore::c('db')->setFlag('cms_modules', $id, 'published', '0'); }
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_modules', $_REQUEST['item'], 'published', '0');
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
$inCore->removeModule($id);
} else {
$inCore->removeModule(cmsCore::request('item', 'array_int', array()));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=modules');
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$id = cmsCore::request('id', 'int', 0);
$mod = cmsCore::c('db')->get_fields('cms_modules', "id = ". $id ."", '*');
$module = array(
'name' => cmsCore::request('name', 'str', ''),
'title' => cmsCore::request('title', 'str', ''),
'titles' => cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array())),
'position' => cmsCore::request('position', 'str', ''),
'showtitle' => cmsCore::request('showtitle', 'int', 0),
'published' => cmsCore::request('published', 'int', 0),
'css_prefix' => cmsCore::request('css_prefix', 'str', ''),
'is_strict_bind' => cmsCore::request('is_strict_bind', 'int', 0),
'is_strict_bind_hidden' => cmsCore::request('is_strict_bind_hidden', 'int', 0),
'template' => cmsCore::request('template', 'str', ''),
'cache' => cmsCore::request('cache', 'int', 0),
'cachetime' => cmsCore::request('cachetime', 'int', 0),
'cacheint' => cmsCore::request('cacheint', 'str', ''),
'access_list' => '',
'hidden_menu_ids' => ''
);
if (!$mod['is_external']) {
$module['content'] = cmsCore::c('db')->escape_string(cmsCore::request('content', 'html', ''));
}
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$module['access_list'] = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int', array()));
}
cmsCore::c('db')->update('cms_modules', $module, $id);
cmsCore::c('db')->delete('cms_modules_bind', "module_id=". $id ." AND tpl='". cmsCore::c('config')->template ."'");
if (cmsCore::request('show_all', 'int', 0)) {
cmsCore::c('db')->insert(
'cms_modules_bind',
array(
'module_id' => $id,
'menu_id' => 0,
'position' => $module['position'],
'tpl' => cmsCore::c('config')->template
)
);
$hidden_menu_ids = cmsCore::request('hidden_menu_ids', 'array_int', array());
if (!empty($hidden_menu_ids)) {
$hidden_menu_ids = cmsCore::arrayToYaml($hidden_menu_ids);
cmsCore::c('db')->query("UPDATE cms_modules SET hidden_menu_ids='". $hidden_menu_ids ."' WHERE id = '". $id ."' LIMIT 1");
}
} else {
$showin = cmsCore::request('showin', 'array_int', array());
$showpos = cmsCore::request('showpos', 'array_str', array());
if (count($showin) > 0) {
foreach ($showin as $key => $value) {
cmsCore::c('db')->insert(
'cms_modules_bind',
array(
'module_id' => $id,
'menu_id' => $value,
'position' => $showpos[$value],
'tpl' => cmsCore::c('config')->template
)
);
}
}
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'] , 'success');
if (!isset($_SESSION['editlist']) || count($_SESSION['editlist']) == 0) {
cmsCore::redirect('index.php?view=modules');
} else {
cmsCore::redirect('index.php?view=modules&do=edit');
}
}
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$maxorder = cmsCore::c('db')->get_field('cms_menu', '1=1 ORDER BY ordering DESC', 'ordering') + 1;
$name = cmsCore::request('name', 'str', '');
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$position = cmsCore::request('position', 'str', '');
$showtitle = cmsCore::request('showtitle', 'int', 0);
$content = cmsCore::c('db')->escape_string(cmsCore::request('content', 'html', ''));
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int', array()));
}
$template = cmsCore::request('template', 'str', '');
$cache = cmsCore::request('cache', 'int', 0);
$cachetime = cmsCore::request('cachetime', 'int', 0);
$cacheint = cmsCore::request('cacheint', 'str', '');
$operate = cmsCore::request('operate', array('user', 'clone'), '');
$is_strict_bind = cmsCore::request('is_strict_bind', 'int', 0);
$is_strict_bind_hidden = cmsCore::request('is_strict_bind_hidden', 'int', 0);
if ($operate == 'user') { //USER MODULE
$sql = "INSERT INTO cms_modules (position, name, title, titles, is_external, content, ordering, showtitle, published, user, original, css_prefix, access_list, template, is_strict_bind, is_strict_bind_hidden)
VALUES ('". $position ."', '". $name ."', '". $title ."', '". $titles ."', 0, '". $content ."', '". $maxorder ."', '". $showtitle ."', '". $published ."', 1, 1, '". $css_prefix ."', '". $access_list ."', '". $template ."', '". $is_strict_bind ."', '". $is_strict_bind_hidden ."')";
cmsCore::c('db')->query($sql) ;
}
if ($operate == 'clone') { //DUPLICATE MODULE
$mod_id = cmsCore::request('clone_id', 'int', 0);
$sql = "SELECT * FROM cms_modules WHERE id = ". $mod_id ." LIMIT 1";
$result = cmsCore::c('db')->query($sql) ;
$original = cmsCore::c('db')->escape_string(cmsCore::c('db')->fetch_assoc($result));
$is_original = cmsCore::request('del_orig', 'int', 0) ? 1 : 0;
$sql = "INSERT INTO cms_modules (position, name, title, titles, is_external, content, ordering, showtitle, published, original, user, config, css_prefix, template, access_list, is_strict_bind, is_strict_bind_hidden, cache, cachetime, cacheint, version)
VALUES (
'". $position ."',
'". $original['name'] ."',
'". $title ."',
'". $titles ."',
'". $original['is_external'] ."',
'". $original['content'] ."',
'". $maxorder ."',
'". $showtitle ."',
'". $published ."',
'". $is_original ."',
'". $original['user'] ."',
'". $original['config'] ."',
'". $css_prefix ."',
'". $template ."',
'". $access_list ."',
'". $is_strict_bind ."',
'". $is_strict_bind_hidden ."',
'". $cache ."',
'". $cachetime ."',
'". $cacheint ."',
'". $original['version'] ."'
)";
cmsCore::c('db')->query($sql);
if (cmsCore::request('del_orig', 'int', 0)) {
$sql = "DELETE FROM cms_modules WHERE id = ". $mod_id;
cmsCore::c('db')->query($sql) ;
}
}
$lastid = cmsCore::c('db')->get_last_id('cms_modules');
if (cmsCore::request('show_all', 'int', 0)) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position, tpl)
VALUES (". $lastid .", 0, '". $position ."', '". cmsCore::c('config')->template ."')";
cmsCore::c('db')->query($sql) ;
$hidden_menu_ids = cmsCore::request('hidden_menu_ids', 'array_int', array());
if ($hidden_menu_ids) {
$hidden_menu_ids = cmsCore::arrayToYaml($hidden_menu_ids);
cmsCore::c('db')->query("UPDATE cms_modules SET hidden_menu_ids='". $hidden_menu_ids ."' WHERE id = '". $lastid ."' LIMIT 1");
}
} else {
$showin = cmsCore::request('showin', 'array', array());
$showpos = cmsCore::request('showpos', 'array', array());
if (count($showin) > 0) {
foreach ($showin as $key=>$value) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position, tpl)
VALUES (". $lastid .", ". $value .", '". $showpos[$value] ."', '". cmsCore::c('config')->template ."')";
cmsCore::c('db')->query($sql) ;
}
}
}
cmsCore::addSessionMessage($_LANG['AD_MODULE_ADD_SITE'] , 'success');
cmsCore::redirect('index.php?view=modules');
}
if ($do == 'add' || $do == 'edit') {
$langs = cmsCore::getDirsList('/languages');
if ($do == 'add') {
cpAddPathway($_LANG['AD_MODULE_ADD']);
echo '<h3>'. $_LANG['AD_MODULE_ADD'] .'</h3>';
$show_all = false;
} else {
if (cmsCore::inRequest('multiple')) {
if (cmsCore::inRequest('item')) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (count($_SESSION['editlist'])==0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '('. $_LANG['AD_NEXT_IN'] . count($_SESSION['editlist']) .')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = cmsCore::c('db')->get_fields('cms_modules', "id = '". $item_id ."'", '*');
if (!$mod) { cmsCore::error404(); }
$mod['hidden_menu_ids'] = cmsCore::yamlToArray($mod['hidden_menu_ids']);
$mod['titles'] = cmsCore::yamlToArray($mod['titles']);
$show_all = false;
$default_position = cmsCore::c('db')->get_field('cms_modules_bind', "module_id='". $mod['id'] ."' AND menu_id=0 AND tpl='". cmsCore::c('config')->template ."'", 'position');
if (!empty($default_position)) {
$show_all = true;
$mod['position'] = $default_position;
}
echo '<h3>'. $_LANG['AD_EDIT_MODULE'] . $ostatok .'</h3>';
cpAddPathway($mod['name']);
}
$toolmenu[] = array( 'icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();' );
$toolmenu[] = array( 'icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);' );
if (cmsCore::getArrVal($mod, 'is_external')) {
$php_file = 'modules/'. $mod['content'] .'/backend.php';
$xml_file = 'modules/'. $mod['content'] .'/backend.xml';
if (file_exists($php_file) || file_exists($xml_file)) {
$toolmenu[] = array( 'icon' => 'config.gif', 'title' => $_LANG['CONFIG_MODULE'], 'link' => '?view=modules&do=config&id='. $mod['id'] );
}
}
cpToolMenu($toolmenu);
?>
<form id="addform" name="addform" method="post" action="index.php">
<input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" />
<input type="hidden" name="view" value="modules" />
<table class="table">
<tr><td>
<div class="panel panel-default">
<div class="panel-body">
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_TITLE']; ?> (<input type="checkbox" class="uittip" title="<?php echo $_LANG['AD_VIEW_TITLE'];?>" name="showtitle" <?php if ($mod['showtitle'] || $do == 'add') { echo 'checked="checked"'; } ?> value="1" />)</label>
<input type="text" id="title" class="form-control" style="width:100%" name="title" value="<?php echo htmlspecialchars($mod['title']);?>" />
<div class="help-block"><?php echo $_LANG['AD_VIEW_IN_SITE']; ?></div>
</div>
<?php if (count($langs) > 1) { ?>
<label><?php echo $_LANG['AD_LANG_TITLES']; ?></label>
<?php foreach ($langs as $lang) { ?>
<div>
<strong><?php echo $lang; ?>:</strong>
<input name="titles[<?php echo $lang; ?>]" type="text" style="width:97%" value="<?php echo htmlspecialchars($mod['titles'][$lang]); ?>" placeholder="<?php echo $_LANG['AD_HINT_DEFAULT']; ?>" />
</div>
<?php } ?>
<div class="help-block"><?php echo $_LANG['AD_LANG_TITLES_HINT']; ?></div>
<?php } ?>
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_NAME']; ?></label>
<?php if (!isset($mod['user']) || @$mod['user'] == 1) { ?>
<input type="text" id="name" class="form-control" style="width:99%" name="name" value="<?php echo htmlspecialchars($mod['name']);?>" />
<?php } else { ?>
<input type="text" id="name" class="form-control" style="width:99%" name="" value="<?php echo @$mod['name'];?>" disabled="disabled" />
<input type="hidden" name="name" value="<?php echo htmlspecialchars($mod['name']);?>" />
<?php } ?>
<div class="help-block"><?php echo $_LANG['AD_SHOW_ADMIN']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_PREFIX_CSS']; ?></label>
<input type="text" id="css_prefix" class="form-control" style="width:154px" name="css_prefix" value="<?php echo @$mod['css_prefix'];?>" />
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_DEFOLT_VIEW']; ?></label>
<?php
$pos = cpModulePositions(cmsConfig::getConfig('template'));
?>
<select id="position" class="form-control" style="width:100%" name="position">
<?php
if ($pos){
foreach($pos as $key=>$position) {
if (@$mod['position']==$position) {
echo '<option value="'.$position.'" selected>'.$position.'</option>';
} else {
echo '<option value="'.$position.'">'.$position.'</option>';
}
}
}
?>
</select>
<div class="help-block">
<?php echo $_LANG['AD_POSITION_MUST_BE']; ?>
<?php if (file_exists(PATH .'/templates/'. cmsCore::c('config')->template .'/positions.jpg')) { ?>
<a href="#myModal" role="button" class="btn btn-sm btn-default" data-toggle="modal"><?php echo $_LANG['AD_SEE_VISUALLY']; ?></a>
<div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h4 class="modal-title" id="myModalLabel"><?php echo $_LANG['AD_TPL_POS']; ?></h4>
</div>
<div class="modal-body">
<img src="/templates/<?php echo cmsCore::c('config')->template; ?>/positions.jpg" alt="<?php echo $_LANG['AD_TPL_POS']; ?>" style="width:100%;height:auto;" />
</div>
</div>
</div>
</div>
<?php } ?>
</div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_TEMPLATE']; ?></label>
<?php
$tpls = cmsAdmin::getModuleTemplates();
?>
<select id="template" class="form-control" style="width:100%" name="template">
<?php
foreach ($tpls as $tpl) {
$selected = ($mod['template'] == $tpl || (!$mod['template'] && $tpl == 'module' )) ? 'selected="selected"' : '';
echo '<option value="'. $tpl .'" '. $selected .'>'. $tpl .'</option>';
}
?>
</select>
<div class="help-block"><?php echo $_LANG['AD_FOLDER_MODULES'];?></div>
</div>
<?php if ($do == 'add') { ?>
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_TYPE']; ?></label>
<select id="operate" class="form-control" style="width:100%" name="operate" onchange="checkDiv()" >
<option value="user" selected="selected"><?php echo $_LANG['AD_MODULE_TYPE_NEW'];?></option>
<option value="clone"><?php echo $_LANG['AD_MODULE_TYPE_COPY'];?></option>
</select>
</div>
<?php } ?>
<?php if (!isset($mod['user']) || $mod['user'] == 1 || $do == 'add') { ?>
<div id="user_div" class="form-group">
<label><?php echo $_LANG['AD_MODULE_CONTENT']; ?></label>
<div><?php insertPanel(); ?></div>
<div><?php $inCore->insertEditor('content', $mod['content'], '250', '100%'); ?></div>
</div>
<?php } ?>
<div id="clone_div" class="form-group" style="display:none;">
<label><?php echo $_LANG['AD_MODULE_COPY']; ?></label>
<select id="clone_id" class="form-control" style="width:100%" name="clone_id">
<?php
echo $inCore->getListItems('cms_modules');
?>
</select>
<label>
<input type="checkbox" name="del_orig" value="1" />
<?php echo $_LANG['AD_ORIGINAL_MODULE_DELETE'];?>
</label>
</div>
</div>
</div>
</td>
<!-- боковая ячейка -->
<td width="400" valign="top">
<div class="uitabs">
<ul id="tabs">
<li><a href="#upr_publish"><span><?php echo $_LANG['AD_TAB_PUBLISH']; ?></span></a></li>
<?php if ((($mod['is_external'] && $do == 'edit') || $do == 'add') && cmsCore::c('config')->cache) { ?>
<li><a href="#upr_cache"><span><?php echo $_LANG['AD_MODULE_CACHE']; ?></span></a></li>
<?php } ?>
<li><a href="#upr_access"><span><?php echo $_LANG['AD_TAB_ACCESS']; ?></span></a></li>
</ul>
<div id="upr_publish">
<div class="form-group">
<label>
<input type="checkbox" name="published" id="published" value="1" <?php if ($mod['published'] || $do=='add') { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_MODULE_PUBLIC'];?>
</label>
</div>
<div class="form-group">
<label>
<input name="show_all" id="show_all" type="checkbox" value="1" onclick="checkGroupList()" <?php if ($show_all) { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_VIEW_ALL_PAGES'];?>
</label>
</div>
<?php
if ($do == 'edit') {
$bind_sql = "SELECT * FROM cms_modules_bind WHERE module_id = ". $mod['id'] ." AND tpl = '". cmsConfig::getConfig('template') ."'";
$bind_res = cmsCore::c('db')->query($bind_sql);
$bind = array();
$bind_pos = array();
while ($r = cmsCore::c('db')->fetch_assoc($bind_res)) {
$bind[] = $r['menu_id'];
$bind_pos[$r['menu_id']] = $r['position'];
}
}
$menu_sql = "SELECT * FROM cms_menu ORDER BY NSLeft, ordering";
$menu_res = cmsCore::c('db')->query($menu_sql) ;
$menu_items = array();
if (cmsCore::c('db')->num_rows($menu_res)) {
while ($item = cmsCore::c('db')->fetch_assoc($menu_res)) {
if ($do == 'edit') {
if (in_array($item['id'], $bind)) {
$item['selected'] = true;
$item['position'] = $bind_pos[$item['id']];
}
}
$item['titles'] = cmsCore::yamlToArray($item['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($item['titles'][cmsCore::c('config')->lang])) {
$item['title'] = $item['titles'][cmsCore::c('config')->lang];
}
$item['title'] = str_replace($_LANG['AD_ROOT_PAGES'], $_LANG['AD_MAIN'], $item['title']);
$menu_items[] = $item;
}
}
?>
<div id="grp" class="form-group">
<label>
<span class="show_list"><?php echo $_LANG['AD_WHERE_MODULE_VIEW'];?></span>
<span class="hide_list"><?php echo $_LANG['AD_WHERE_MODULE_NOT_VIEW'];?></span>
</label>
<div style="height:400px;overflow: auto;border: solid 1px #999; padding:5px 10px; background: #FFF;">
<table class="table">
<tr>
<td colspan="2" height="25"><strong><?php echo $_LANG['AD_MENU'];?></strong></td>
<td class="show_list" align="center" width="50"><strong><?php echo $_LANG['AD_POSITION'];?></strong></td>
</tr>
<?php foreach($menu_items as $i) { ?>
<tr class="show_list">
<td width="20" height="25">
<input type="checkbox" name="showin[]" id="mid<?php echo $i['id']; ?>" value="<?php echo $i['id']; ?>" <?php if ($i['selected']){ ?>checked="checked"<?php } ?> onclick="$('#p<?php echo $i['id']; ?>').toggle()"/>
</td>
<td style="padding-left:<?php echo ($i['NSLevel'])*6-6; ?>px"><label for="mid<?php echo $i['id']; ?>"><?php echo $i['title']; ?></label></td>
<td align="center">
<select id="p<?php echo $i['id']; ?>" name="showpos[<?php echo $i['id']; ?>]" style="<?php if (!$i['selected']) { ?>display:none<?php } ?>">
<?php foreach($pos as $position){ ?>
<option value="<?php echo $position; ?>" <?php if ($i['position']==$position){ ?>selected="selected"<?php } ?>><?php echo $position; ?></option>
<?php } ?>
</select>
</td>
</tr>
<?php } ?>
<?php foreach($menu_items as $it) { ?>
<tr class="hide_list">
<td width="20" height="25">
<input type="checkbox" name="hidden_menu_ids[]" id="hmid<?php echo $it['id']; ?>" value="<?php echo $it['id']; ?>" <?php if (in_array($it['id'], $mod['hidden_menu_ids'])){ ?>checked="checked"<?php } ?> />
</td>
<td style="padding-left:<?php echo ($it['NSLevel'])*6-6; ?>px"><label for="hmid<?php echo $it['id']; ?>"><?php echo $it['title']; ?></label></td>
</tr>
<?php } ?>
</table>
</div>
<label class="show_list">
<input type="checkbox" name="is_strict_bind" id="is_strict_bind" value="1" <?php if ($mod['is_strict_bind']) { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_DONT_VIEW']; ?>
</label>
<label class="hide_list">
<input type="checkbox" name="is_strict_bind_hidden" id="is_strict_bind_hidden" value="1" <?php if ($mod['is_strict_bind_hidden']) { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_EXCEPT_NESTED']; ?>
</label>
</div>
</div>
<?php if ((($mod['is_external'] && $do == 'edit') || $do == 'add') && cmsCore::c('config')->cache) { ?>
<div id="upr_cache">
<div class="form-group">
<label><?php echo $_LANG['AD_DO_MODULE_CACHE']; ?></label>
<select id="cache" class="form-control" style="width:100%" name="cache">
<option value="0" <?php if (!cmsCore::getArrVal($mod, 'cache')) { echo 'selected="selected"'; } ?>><?php echo $_LANG['NO']; ?></option>
<option value="1" <?php if (cmsCore::getArrVal($mod, 'cache')) { echo 'selected="selected"'; } ?>><?php echo $_LANG['YES']; ?></option>
</select>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_CACHE_PERIOD']; ?></label>
<table class="table">
<tr>
<td valign="top" width="100">
<input id="int_1" class="form-control" style="width:99%" name="cachetime" type="text" value="<?php echo cmsCore::getArrVal($mod, 'cachetime', 0); ?>"/>
</td>
<td valign="top" style="padding-left:5px">
<select id="int_2" class="form-control" style="width:100%" name="cacheint">
<option value="MINUTE" <?php if(mb_strstr(cmsCore::getArrVal($mod, 'cacheint', 'MINUTES'), 'MINUTE')) { echo 'selected="selected"'; } ?>><?php echo cmsCore::spellCount(cmsCore::getArrVal($mod, 'cachetime', 0), $_LANG['MINUTE1'], $_LANG['MINUTE2'], $_LANG['MINUTE10'], false); ?></option>
<option value="HOUR" <?php if(mb_strstr(cmsCore::getArrVal($mod, 'cacheint', 'MINUTES'), 'HOUR')) { echo 'selected="selected"'; } ?>><?php echo cmsCore::spellCount(cmsCore::getArrVal($mod, 'cachetime', 0), $_LANG['HOUR1'], $_LANG['HOUR2'], $_LANG['HOUR10'], false); ?></option>
<option value="DAY" <?php if(mb_strstr(cmsCore::getArrVal($mod, 'cacheint', 'MINUTES'), 'DAY')) { echo 'selected="selected"'; } ?>><?php echo cmsCore::spellCount(cmsCore::getArrVal($mod, 'cachetime', 0), $_LANG['DAY1'], $_LANG['DAY2'], $_LANG['DAY10'], false); ?></option>
<option value="MONTH" <?php if(mb_strstr(cmsCore::getArrVal($mod, 'cacheint', 'MINUTES'), 'MONTH')) { echo 'selected="selected"'; } ?>><?php echo cmsCore::spellCount(cmsCore::getArrVal($mod, 'cachetime', 0), $_LANG['MONTH1'], $_LANG['MONTH2'], $_LANG['MONTH10'], false); ?></option>
</select>
</td>
</tr>
</table>
<div style="margin-top:15px">
<?php
if ($do == 'edit') {
$cache = cmsCore::c('cache')->get('modules', $mod['id'], $mod['content'], array(cmsCore::getArrVal($mod, 'cachetime', 1), cmsCore::getArrVal($mod, 'cacheint', 'MINUTES')));
if (!empty($cache)){
$kb = round(mb_strlen($cache)/1024, 2);
unset($cache);
echo '<a href="index.php?view=cache&component=modules&target='. $mod['content'] .'&target_id='. $mod['id'] .'">'. $_LANG['AD_MODULE_CACHE_DELETE'] .'</a> ('. $kb . $_LANG['SIZE_KB'] .')';
} else {
echo '<span style="color:gray">'. $_LANG['AD_NO_CACHE'] .'</span>';
}
}
?>
</div>
</div>
</div>
<?php } ?>
<div id="upr_access">
<div class="form-group">
<?php
$groups = cmsUser::getGroups();
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
if ($mod['access_list']) {
$public = '';
$style = '';
$access_list = $inCore->yamlToArray($mod['access_list']);
}
}
?>
<label>
<input name="is_public" type="checkbox" id="is_public" onclick="checkAccesList()" value="1" <?php echo $public; ?> />
<?php echo $_LANG['AD_SHARE']; ?>
</label>
<div class="help-block"><?php echo $_LANG['AD_IF_CHECKED']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_GROUPS_VIEW']; ?></label>
<?php
echo '<select style="width: 99%" name="allow_group[]" id="allow_group" size="6" multiple="multiple" '.$style.'>';
if ($groups) {
foreach($groups as $group) {
echo '<option value="'.$group['id'].'"';
if ($do == 'edit' && $mod['access_list']) {
if (in_array($group['id'], $access_list)) {
echo 'selected="selected"';
}
}
echo '>';
echo $group['title'].'</option>';
}
}
echo '</select>';
?>
<div class="help-block"><?php echo $_LANG['AD_SELECT_MULTIPLE_CTRL']; ?></div>
</div>
</div>
</div>
</td></tr>
</table>
<p>
<input type="submit" id="add_mod" class="btn btn-primary" name="add_mod" value="<?php echo $_LANG['SAVE']; ?>" />
<input type="button" id="back" class="btn btn-default" name="back" value="<?php echo $_LANG['CANCEL']; ?>" onclick="window.history.back();" />
<input type="hidden" id="do" name="do" <?php if ($do == 'add') { echo 'value="submit"'; } else { echo 'value="update"'; } ?> />
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="'. $mod['id'] .'" />';
}
?>
</p>
</form>
<?php
}
}
function users()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_users();
// id пользователя
$id = cmsCore::request('id', 'int', 0);
// логин пользователя
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$pagetitle = $inCore->getComponentTitle();
if ($model->config['sw_search'] != 2) {
$inPage->addPathway($pagetitle, '/users');
}
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
// js только авторизованным
if ($inUser->id) {
$inPage->addHeadJS('components/users/js/profile.js');
$inPage->addHeadJsLang(array('CONFIRM_CLEAN_CAT', 'CHOOSE_RECIPIENT', 'SEND_TO_USER', 'FRIENDSHIP_OFFER', 'STOP_FRIENDLY', 'REALY_STOP_FRIENDLY', 'ENTER_STATUS', 'HAVE_JUST'));
}
//============================================================================//
//========================= Список пользователей ============================//
//============================================================================//
if ($do == 'view') {
// если запрещен просмотр всех пользователей, 404
if ($model->config['sw_search'] == 2) {
cmsCore::error404();
}
//очищаем поисковые запросы если пришли со другой страницы
if (!strstr(cmsCore::getBackURL(), '/users')) {
cmsUser::sessionClearAll();
}
$stext = array();
// Возможные входные переменные
$name = cmsCore::getSearchVar('name');
$city = cmsCore::getSearchVar('city');
$hobby = cmsCore::getSearchVar('hobby');
$gender = cmsCore::getSearchVar('gender');
$orderby = cmsCore::request('orderby', array('karma', 'rating', 'regdate'), 'regdate');
$orderto = cmsCore::request('orderto', array('asc', 'desc'), 'desc');
$age_to = (int) cmsCore::getSearchVar('ageto', 'all');
$age_fr = (int) cmsCore::getSearchVar('agefrom', 'all');
$group_id = cmsCore::request('group_id', 'int', 0);
// Флаг о показе только онлайн пользователей
if (cmsCore::inRequest('online')) {
cmsUser::sessionPut('usr_online', (bool) cmsCore::request('online', 'int'));
$page = 1;
}
$only_online = cmsUser::sessionGet('usr_online');
if ($only_online) {
$stext[] = $_LANG['SHOWING_ONLY_ONLINE'];
}
///////////////////////////////////////
//////////Условия выборки//////////////
///////////////////////////////////////
// группа
if ($group_id) {
$model->whereUserGroupIs($group_id);
$link['group'] = '/users/group/' . $group_id;
$_LANG['GROUP_SEARCH_NAME'] = cmsUser::getGroupTitle($group_id);
}
// Добавляем в выборку имя, если оно есть
if ($name) {
$model->whereNameIs($name);
$stext[] = $_LANG['NAME'] . " — " . htmlspecialchars(stripslashes($name));
}
// Добавляем в выборку город, если он есть
if ($city) {
$model->whereCityIs($city);
$stext[] = $_LANG['CITY'] . " — " . htmlspecialchars(stripslashes($city));
}
// Добавляем в выборку хобби, если есть
if ($hobby) {
$model->whereHobbyIs($hobby);
$stext[] = $_LANG['HOBBY'] . " — " . htmlspecialchars(stripslashes($hobby));
}
// Добавляем в выборку пол, если есть
if ($gender) {
$model->whereGenderIs($gender);
if ($gender == 'm') {
$stext[] = $_LANG['MALE'];
} else {
$stext[] = $_LANG['FEMALE'];
}
}
// Добавляем в выборку возраст, более
if ($age_fr) {
$model->whereAgeFrom($age_fr);
$stext[] = $_LANG['NOT_YOUNG'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Добавляем в выборку возраст, менее
if ($age_to) {
$model->whereAgeTo($age_to);
$stext[] = $_LANG['NOT_OLD'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Считаем общее количество согласно выборки
$total = $model->getUsersCount($only_online);
if ($total) {
//устанавливаем сортировку
$inDB->orderBy($orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во пользователей на странице
$inDB->limitPage($page, $model->config['users_perpage']);
// Загружаем пользователей согласно выборки
$users = $model->getUsers($only_online);
} else {
$inDB->resetConditions();
}
$link['latest'] = '/users';
$link['positive'] = '/users/positive.html';
$link['rating'] = '/users/rating.html';
if ($orderby == 'regdate') {
$link['selected'] = 'latest';
}
if ($orderby == 'karma') {
$link['selected'] = 'positive';
}
if ($orderby == 'rating') {
$link['selected'] = 'rating';
}
$pagebar_link = '/users/' . $link['selected'] . '%page%.html';
if ($group_id) {
$link['selected'] = 'group';
$pagebar_link = '/users/' . $link['selected'] . '/' . $group_id . '-%page%';
}
cmsPage::initTemplate('components', 'com_users_view')->assign('stext', $stext)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('users', $users)->assign('total', $total)->assign('only_online', $only_online)->assign('gender', $gender)->assign('name', stripslashes($name))->assign('city', stripslashes($city))->assign('hobby', stripslashes($hobby))->assign('age_to', $age_to)->assign('age_fr', $age_fr)->assign('cfg', $model->config)->assign('link', $link)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['users_perpage'], $pagebar_link))->display('com_users_view.tpl');
}
//============================================================================//
//======================= Редактирование профиля ============================//
//============================================================================//
if ($do == 'editprofile') {
// неавторизованным, не владельцам и не админам тут делать нечего
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = $model->getUser($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'edit');
// главного админа может редактировать только он сам
if ($id == 1 && $inUser->id != $id) {
cmsCore::error404();
}
// показываем форму
if ($opt == 'edit') {
$inPage->setTitle($_LANG['CONFIG_PROFILE'] . ' - ' . $usr['nickname']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['CONFIG_PROFILE']);
$private_forms = array();
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, $usr['formsdata']));
}
}
}
cmsPage::initTemplate('components', 'com_users_edit_profile')->assign('opt', $opt)->assign('usr', $usr)->assign('private_forms', $private_forms)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('cfg', $model->config)->display('com_users_edit_profile.tpl');
return;
}
// Если сохраняем профиль
if ($opt == 'save') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$users['nickname'] = cmsCore::request('nickname', 'str');
if (mb_strlen($users['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
cmsCore::loadModel('registration');
$modreg = new cms_model_registration();
if (!$inUser->is_admin) {
if ($modreg->getBadNickname($users['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
}
$profiles['gender'] = cmsCore::request('gender', 'str');
$profiles['city'] = cmsCore::request('city', 'str');
if (mb_strlen($profiles['city']) > 50) {
cmsCore::addSessionMessage($_LANG['LONG_CITY_NAME'], 'error');
$errors = true;
}
$users['email'] = cmsCore::request('email', 'email');
if (!$users['email']) {
cmsCore::addSessionMessage($_LANG['REALY_ADRESS_EMAIL'], 'error');
$errors = true;
}
if ($usr['email'] != $users['email']) {
$is_set_email = $inDB->get_field('cms_users', "email='{$users['email']}'", 'id');
if ($is_set_email) {
cmsCore::addSessionMessage($_LANG['ADRESS_EMAIL_IS_BUSY'], 'error');
$errors = true;
} else {
// формируем токен
$token = md5($usr['email'] . uniqid() . microtime());
$inDB->insert('cms_users_activate', array('user_id' => $inUser->id, 'pubdate' => date("Y-m-d H:i:s"), 'code' => $token));
$codelink = HOST . '/users/change_email/' . $token . '/' . $users['email'];
// по старому адресу высылаем письмо с подтверждением
$letter = cmsCore::getLanguageTextFile('change_email');
$letter = str_replace(array('{nickname}', '{codelink}'), array($inUser->nickname, $codelink), $letter);
cmsCore::mailText($usr['email'], '', $letter);
cmsCore::addSessionMessage(sprintf($_LANG['YOU_CHANGE_EMAIL'], $usr['email']), 'info');
// email не меняем
$users['email'] = $usr['email'];
}
}
$profiles['showphone'] = cmsCore::request('showphone', 'int', 0);
$profiles['showmail'] = cmsCore::request('showmail', 'int');
$profiles['email_newmsg'] = cmsCore::request('email_newmsg', 'int');
$profiles['showbirth'] = cmsCore::request('showbirth', 'int');
$profiles['description'] = cmsCore::request('description', 'str', '');
$users['birthdate'] = (int) $_REQUEST['birthdate']['year'] . '-' . (int) $_REQUEST['birthdate']['month'] . '-' . (int) $_REQUEST['birthdate']['day'];
$profiles['signature'] = $inDB->escape_string(cmsCore::badTagClear(cmsCore::request('signature', 'html', '')));
$profiles['signature_html'] = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('signature', 'html', ''), true));
$profiles['allow_who'] = cmsCore::request('allow_who', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['allow_who'])) {
$errors = true;
}
$users['icq'] = cmsCore::request('icq', 'str', '');
$profiles['showicq'] = cmsCore::request('showicq', 'int');
$profiles['cm_subscribe'] = cmsCore::request('cm_subscribe', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['cm_subscribe'])) {
$errors = true;
}
$users['phone'] = cmsCore::request('phone', 'int', 0);
// получаем данные форм
$profiles['formsdata'] = '';
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$profiles['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
if ($errors) {
cmsCore::redirectBack();
}
$inDB->update('cms_user_profiles', cmsCore::callEvent('UPDATE_USER_PROFILES', array_merge(array('id' => $usr['pid'], 'user_id' => $usr['id']), $profiles)), $usr['pid']);
$inDB->update('cms_users', cmsCore::callEvent('UPDATE_USER_USERS', array_merge(array('id' => $usr['id']), $users)), $usr['id']);
cmsCore::addSessionMessage($_LANG['PROFILE_SAVED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
if ($opt == 'changepass') {
$errors = false;
$oldpass = cmsCore::request('oldpass', 'str');
$newpass = cmsCore::request('newpass', 'str');
$newpass2 = cmsCore::request('newpass2', 'str');
if ($inUser->password != md5($oldpass)) {
cmsCore::addSessionMessage($_LANG['OLD_PASS_WRONG'], 'error');
$errors = true;
}
if ($newpass != $newpass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($oldpass && $newpass && $newpass2 && mb_strlen($newpass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
cmsCore::callEvent('UPDATE_USER_PASSWORD', array('user_id' => $usr['id'], 'oldpass' => $oldpass, 'newpass' => $newpass));
$sql = "UPDATE cms_users SET password='******' WHERE id = '{$id}' AND password='******'";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['PASS_CHANGED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//============================= Просмотр профиля ============================//
//============================================================================//
if ($do == 'profile') {
$inPage->addHeadJsLang(array('NEW_POST_ON_WALL', 'CONFIRM_DEL_POST_ON_WALL'));
// если просмотр профиля гостям запрещен
if (!$inUser->id && !$model->config['sw_guest']) {
cmsUser::goToLogin();
}
if (is_numeric($login)) {
cmsCore::error404();
}
$usr = $model->getUser($login);
if (!$usr) {
cmsCore::error404();
}
$myprofile = $inUser->id == $usr['id'];
$inPage->setTitle($usr['nickname']);
$inPage->addPathway($usr['nickname']);
// просмотр профиля запрещен
if (!cmsUser::checkUserContentAccess($usr['allow_who'], $usr['id'])) {
cmsPage::initTemplate('components', 'com_users_not_allow')->assign('is_auth', $inUser->id)->assign('usr', $usr)->display('com_users_not_allow.tpl');
return;
}
// Профиль удален
if ($usr['is_deleted']) {
cmsPage::initTemplate('components', 'com_users_deleted.tpl')->assign('usr', $usr)->assign('is_admin', $inUser->is_admin)->assign('others_active', $inDB->rows_count('cms_users', "login='******'login']}' AND is_deleted=0", 1))->display('com_users_deleted.tpl');
return;
}
// Данные о друзьях
$usr['friends_total'] = cmsUser::getFriendsCount($usr['id']);
$usr['friends'] = cmsUser::getFriends($usr['id']);
// очищать сессию друзей если в своем профиле и количество друзей из базы не совпадает с количеством друзей в сессии
if ($myprofile && sizeof($usr['friends']) != $usr['friends_total']) {
cmsUser::clearSessionFriends();
}
// обрезаем список
$usr['friends'] = array_slice($usr['friends'], 0, 6);
// выясняем друзья ли мы с текущим пользователем
$usr['isfriend'] = !$myprofile ? cmsUser::isFriend($usr['id']) : false;
// награды пользователя
$usr['awards'] = $model->config['sw_awards'] ? $model->getUserAwards($usr['id']) : false;
// стена
if ($model->config['sw_wall']) {
$inDB->limitPage(1, $model->config['wall_perpage']);
$usr['wall_html'] = cmsUser::getUserWall($usr['id'], 'users', $myprofile, $inUser->is_admin);
}
// можно ли пользователю изменять карму
$usr['can_change_karma'] = $model->isUserCanChangeKarma($usr['id']) && $inUser->id;
// Фотоальбомы пользователя
if ($model->config['sw_photo']) {
$usr['albums'] = $model->getPhotoAlbums($usr['id'], $usr['isfriend'], !$inCore->isComponentEnable('photos'));
$usr['albums_total'] = sizeof($usr['albums']);
$usr['albums_show'] = 6;
if ($usr['albums_total'] > $usr['albums_show']) {
array_splice($usr['albums'], $usr['albums_show']);
}
}
$usr['board_count'] = $model->config['sw_board'] ? $inDB->rows_count('cms_board_items', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['comments_count'] = $model->config['sw_comm'] ? $inDB->rows_count('cms_comments', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['forum_count'] = $model->config['sw_forum'] ? $inDB->rows_count('cms_forum_posts', "user_id = '{$usr['id']}'") : 0;
$usr['files_count'] = $model->config['sw_files'] ? $inDB->rows_count('cms_user_files', "user_id = '{$usr['id']}'") : 0;
$cfg_reg = $inCore->loadComponentConfig('registration');
$usr['invites_count'] = $inUser->id && $myprofile && $cfg_reg['reg_type'] == 'invite' ? $model->getUserInvitesCount($inUser->id) : 0;
$usr['blog'] = $model->config['sw_blogs'] ? $inDB->get_fields('cms_blogs', "user_id = '{$usr['id']}' AND owner = 'user'", 'title, seolink') : false;
$usr['form_fields'] = array();
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$usr['form_fields'] = array_merge($usr['form_fields'], cmsForm::getFieldsValues($form_id, $usr['formsdata']));
}
}
if ($usr['city']) {
cmsCore::loadModel('geo');
$geo = new cms_model_geo();
$city_parents = $geo->getCityParents($usr['city']);
if ($city_parents) {
$usr['country'] = $city_parents['country_name'];
}
}
$plugins = $model->getPluginsOutput($usr);
cmsPage::initTemplate('components', 'com_users_profile.tpl')->assign('usr', $usr)->assign('plugins', $plugins)->assign('cfg', $model->config)->assign('myprofile', $myprofile)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('is_admin', $inUser->is_admin)->assign('is_auth', $inUser->id)->display('com_users_profile.tpl');
}
//============================================================================//
//============================= Список сообщений ============================//
//============================================================================//
if ($do == 'messages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_MESS']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['MY_MESS'], '/users/' . $id . '/messages.html');
include 'components/users/messages.php';
}
//============================================================================//
//=========================== Отправка сообщения ============================//
//============================================================================//
if ($do == 'sendmessage') {
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id && !cmsCore::inRequest('massmail') && !cmsCore::request('send_to_group', 'int', 0)) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gosend')) {
$replyid = cmsCore::request('replyid', 'int', 0);
if ($replyid) {
$msg = $model->getReplyMessage($replyid, $inUser->id);
if (!$msg) {
cmsCore::halt();
}
}
$inPage->setRequestIsAjax();
cmsPage::initTemplate('components', 'com_users_messages_add')->assign('msg', isset($msg) ? $msg : array())->assign('is_reply_user', $replyid)->assign('id', $id)->assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->assign('groups', $inUser->is_admin ? cmsUser::getGroups(true) : array())->assign('friends', cmsUser::getFriends($inUser->id))->assign('id_admin', $inUser->is_admin)->display('com_users_messages_add.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
if (cmsCore::inRequest('gosend')) {
// Кому отправляем
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
$message = cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true);
if (mb_strlen($message) < 2) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$output = cmsCore::callEvent('USER_SEND_MESSEDGE', array('text' => $message, 'to_id' => $id));
$message = $output['text'];
$id = $output['to_id'];
$send_to_group = cmsCore::request('send_to_group', 'int', 0);
$group_id = cmsCore::request('group_id', 'int', 0);
//
// Обычная отправка (1 получатель)
//
if (!cmsCore::inRequest('massmail') && !$send_to_group) {
//отправляем сообщение
$msg_id = cmsUser::sendMessage($inUser->id, $id, $message);
// отправляем уведомление на email если нужно
$model->sendNotificationByEmail($id, $inUser->id, $msg_id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_MESS_OK']));
}
//
// далее идут массовые рассылки, доступные только админам
//
if (!$inUser->is_admin) {
cmsCore::halt();
}
// отправить всем: получаем список всех пользователей
if (cmsCore::inRequest('massmail')) {
$userlist = cmsUser::getAllUsers();
// проверяем что есть кому отправлять
if (!$userlist) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ERR_SEND_MESS']));
}
$count = array();
// отправляем всем по списку
foreach ($userlist as $usr) {
$count[] = cmsUser::sendMessage(USER_MASSMAIL, $usr['id'], $message);
}
cmsCore::jsonOutput(array('error' => false, 'text' => sprintf($_LANG['SEND_MESS_ALL_OK'], sizeof($count))));
}
// отправить группе: получаем список членов группы
if ($send_to_group) {
$count = cmsUser::sendMessageToGroup(USER_MASSMAIL, $group_id, $message);
$success_msg = sprintf($_LANG['SEND_MESS_GROUP_OK'], $count, cmsUser::getGroupTitle($group_id));
cmsCore::jsonOutput(array('error' => false, 'text' => $success_msg));
}
}
}
//============================================================================//
//============================= Удаление сообщения ==========================//
//============================================================================//
if ($do == 'delmessage') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$msg = $inDB->get_fields('cms_user_msg', "id='{$id}'", '*');
if (!$msg) {
cmsCore::halt();
}
$can_delete = $inUser->id == $msg['to_id'] || $inUser->id == $msg['from_id'] ? true : false;
if (!$can_delete && !$inUser->is_admin) {
cmsCore::halt();
}
// Сообщения с from_id < 0
if ($msg['from_id'] < 0) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_NOTICE_DEL_OK'];
}
// мне сообщение от пользователя
if ($msg['to_id'] == $inUser->id && $msg['from_id'] > 0) {
$inDB->query("UPDATE cms_user_msg SET to_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// от меня сообщение
if ($msg['from_id'] == $inUser->id && !$msg['is_new']) {
$inDB->query("UPDATE cms_user_msg SET from_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// отзываем сообщение
if ($msg['from_id'] == $inUser->id && $msg['is_new']) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_BACK_OK'];
}
// удаляем сообщения, которые удалены с двух сторон
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
cmsCore::jsonOutput(array('error' => false, 'text' => $info_text));
}
//============================================================================//
//=========================== Удаление сообщений ============================//
//============================================================================//
if ($do == 'delmessages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if ($inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'in');
if ($opt == 'notices') {
$inDB->query("DELETE FROM cms_user_msg WHERE to_id = '{$id}' AND from_id < 0");
} else {
$del_flag = $opt == 'in' ? 'to_del' : 'from_del';
$id_flag = $opt == 'in' ? 'to_id' : 'from_id';
$inDB->query("UPDATE cms_user_msg SET {$del_flag}=1 WHERE {$id_flag}='{$id}'");
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
}
cmsCore::addSessionMessage($_LANG['MESS_ALL_DEL_OK'], 'info');
cmsCore::redirectBack();
}
//============================================================================//
//============================= Загрузка аватара ============================//
//============================================================================//
if ($do == 'avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['LOAD_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['LOAD_AVATAR']);
if (cmsCore::inRequest('upload')) {
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/';
$inUploadPhoto->dir_medium = 'users/avatars/';
$inUploadPhoto->dir_small = 'users/avatars/small/';
$inUploadPhoto->small_size_w = $model->config['smallw'];
$inUploadPhoto->medium_size_w = $model->config['medw'];
$inUploadPhoto->medium_size_h = $model->config['medh'];
$inUploadPhoto->is_watermark = false;
$inUploadPhoto->input_name = 'picture';
$file = $inUploadPhoto->uploadPhoto($inUser->orig_imageurl);
if (!$file) {
cmsCore::addSessionMessage('<strong>' . $_LANG['ERROR'] . ':</strong> ' . cmsCore::uploadError() . '!', 'error');
cmsCore::redirect('/users/' . $id . '/avatar.html');
}
$sql = "UPDATE cms_user_profiles SET imageurl = '{$file['filename']}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $file['filename'] . '">
</a>'));
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
} else {
cmsPage::initTemplate('components', 'com_users_avatar_upload')->assign('id', $id)->display('com_users_avatar_upload.tpl');
}
}
//============================================================================//
//============================= Библиотека аватаров =========================//
//============================================================================//
if ($do == 'select_avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$avatars_dir = PATH . "/images/users/avatars/library";
$avatars_dir_rel = "/images/users/avatars/library";
$avatars_dir_handle = opendir($avatars_dir);
$avatars = array();
while ($nextfile = readdir($avatars_dir_handle)) {
if ($nextfile != '.' && $nextfile != '..' && (mb_strstr($nextfile, '.gif') || mb_strstr($nextfile, '.jpg') || mb_strstr($nextfile, '.jpeg') || mb_strstr($nextfile, '.png'))) {
$avatars[] = $nextfile;
}
}
closedir($avatars_dir_handle);
if (!cmsCore::inRequest('set_avatar')) {
$inPage->setTitle($_LANG['SELECT_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['SELECT_AVATAR']);
$perpage = 20;
$total = sizeof($avatars);
$avatars = array_slice($avatars, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_avatars')->assign('userid', $id)->assign('avatars', $avatars)->assign('avatars_dir', $avatars_dir_rel)->assign('page', $page)->assign('perpage', $perpage)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/users/%user_id%/select-avatar-%page%.html', array('user_id' => $id)))->display('com_users_avatars.tpl');
} else {
$avatar_id = cmsCore::request('avatar_id', 'int', 0);
$file = $avatars[$avatar_id];
if (file_exists($avatars_dir . '/' . $file)) {
$uploaddir = PATH . '/images/users/avatars/';
$realfile = $file;
$filename = md5($realfile . '-' . $id . '-' . time()) . '.jpg';
$uploadfile = $avatars_dir . '/' . $realfile;
$uploadavatar = $uploaddir . $filename;
$uploadthumb = $uploaddir . 'small/' . $filename;
if ($inUser->orig_imageurl && $inUser->orig_imageurl != 'nopic.jpg') {
@unlink(PATH . '/images/users/avatars/' . $inUser->orig_imageurl);
@unlink(PATH . '/images/users/avatars/small/' . $inUser->orig_imageurl);
}
cmsCore::includeGraphics();
copy($uploadfile, $uploadavatar);
@img_resize($uploadfile, $uploadthumb, $model->config['smallw'], $model->config['smallw']);
$sql = "UPDATE cms_user_profiles SET imageurl = '{$filename}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $filename . '">
</a>'));
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//======================== Работа с фотографиями ============================//
//============================================================================//
if ($do == 'photos') {
if (!$model->config['sw_photo']) {
cmsCore::error404();
}
$pdo = cmsCore::request('pdo', 'str', '');
include 'components/users/photos.php';
}
//============================================================================//
//============================= Друзья пользователя =========================//
//============================================================================//
if ($do == 'friendlist') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$perpage = 10;
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['FRIENDS']);
$inPage->setTitle($_LANG['FRIENDS']);
// все друзья
$friends = cmsUser::getFriends($usr['id']);
// их общее количество
$total = count($friends);
// получаем только нужных на странице
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_friends')->assign('friends', $friends)->assign('usr', $usr)->assign('myprofile', $id == $inUser->id)->assign('total', $total)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/friendlist%page%.html\')'))->display('com_users_friends.tpl');
}
//============================================================================//
//============================= Запрос на дружбу ============================//
//============================================================================//
if ($do == 'addfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
cmsUser::clearSessionFriends();
if (cmsUser::isFriend($id)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['YOU_ARE_BE_FRIENDS']));
}
// проверяем был ли ранее запрос на дружбу
// если был, то делаем accept запросу
$is_need_accept_id = cmsUser::getFriendFieldId($id, 0, 'to_me');
if ($is_need_accept_id) {
$inDB->query("UPDATE cms_user_friends SET is_accepted = 1 WHERE id = '{$is_need_accept_id}'");
//регистрируем событие
cmsActions::log('add_friend', array('object' => $inUser->nickname, 'user_id' => $usr['id'], 'object_url' => cmsUser::getProfileURL($inUser->login), 'object_id' => $is_need_accept_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::callEvent('USER_ACCEPT_FRIEND', $id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_FRIEND_OK'] . $usr['nickname']));
}
// Если пользователь пытается добавиться в друзья к
// пользователю, к которому уже отправил запрос
if (cmsUser::getFriendFieldId($id, 0, 'from_me')) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ADD_TO_FRIEND_SEND_ERR']));
}
// Мы вообще не друзья с пользователем, создаем запрос
cmsUser::addFriend($id);
cmsUser::sendMessage(USER_UPDATER, $id, sprintf($_LANG['RECEIVED_F_O'], cmsUser::getProfileLink($inUser->login, $inUser->nickname), '<a class="ajaxlink" href="javascript:void(0)" onclick="users.acceptFriend(' . $inUser->id . ', this);return false;">' . $_LANG['ACCEPT'] . '</a>', '<a class="ajaxlink" href="javascript:void(0)" onclick="users.rejectFriend(' . $inUser->id . ', this);return false;">' . $_LANG['REJECT'] . '</a>'));
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_TO_FRIEND_SEND']));
}
//============================================================================//
//============================= Прекращение дружбы ==========================//
//============================================================================//
if ($do == 'delfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
if (cmsUser::getFriendFieldId($id)) {
$is_accepted_friend = cmsUser::isFriend($id);
if (cmsUser::deleteFriend($id)) {
// Если подтвержденный друг
if ($is_accepted_friend) {
cmsCore::jsonOutput(array('error' => false, 'text' => $usr['nickname'] . $_LANG['DEL_FRIEND']));
} else {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['REJECT_FRIEND'] . $usr['nickname']));
}
} else {
cmsCore::halt();
}
} else {
cmsCore::halt();
}
}
//============================================================================//
//============================= История кармы ===============================//
//============================================================================//
if ($do == 'karma') {
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['KARMA_HISTORY']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['KARMA_HISTORY']);
cmsPage::initTemplate('components', 'com_users_karma')->assign('karma', $model->getUserKarma($usr['id']))->assign('usr', $usr)->display('com_users_karma.tpl');
}
//============================================================================//
//============================= Изменение кармы =============================//
//============================================================================//
if ($do == 'votekarma') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$points = cmsCore::request('sign', 'str', 'plus') == 'plus' ? 1 : -1;
$to = cmsCore::request('to', 'int', 0);
$user = cmsUser::getShortUserData($to);
if (!$user) {
cmsCore::halt();
}
if (!$model->isUserCanChangeKarma($to)) {
cmsCore::halt();
}
cmsCore::halt(cmsUser::changeKarmaUser($to, $points));
}
//============================================================================//
//======================= Наградить пользователя ============================//
//============================================================================//
if ($do == 'giveaward') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['AWARD_USER']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['AWARD']);
if (!cmsCore::inRequest('gosend')) {
cmsPage::initTemplate('components', 'com_users_awards_give')->assign('usr', $usr)->assign('awardslist', cmsUser::getAwardsImages())->display('com_users_awards_give.tpl');
} else {
$award['title'] = cmsCore::request('title', 'str', $_LANG['AWRD']);
$award['description'] = cmsCore::request('description', 'str', '');
$award['imageurl'] = cmsCore::request('imageurl', 'str', '');
$award['from_id'] = $inUser->id;
$award['id'] = 0;
cmsUser::giveAward($award, $id);
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
}
//============================================================================//
//============================= Удаление награды ============================//
//============================================================================//
if ($do == 'delaward') {
$aw = $inDB->get_fields('cms_user_awards', "id = '{$id}'", '*');
if (!$aw) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $aw['user_id'] && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->delete('cms_user_awards', "id = '{$id}'", 1);
cmsActions::removeObjectLog('add_award', $id);
cmsCore::redirectBack();
}
//============================================================================//
//============================= Награды на сайте ============================//
//============================================================================//
if ($do == 'awardslist') {
$inPage->setTitle($_LANG['SITE_AWARDS']);
$inPage->addPathway($_LANG['SITE_AWARDS']);
$awards = cmsUser::getAutoAwards();
if (!$awards) {
cmsCore::error404();
}
foreach ($awards as $aw) {
//Перебираем все награды и ищем пользователей с текущей наградой
$sql = "SELECT u.id as id, u.nickname as nickname, u.login as login, IFNULL(p.gender, 'm') as gender\r\n FROM cms_user_awards aw\r\n LEFT JOIN cms_users u ON u.id = aw.user_id\r\n LEFT JOIN cms_user_profiles p ON p.user_id = u.id\r\n WHERE aw.award_id = '{$aw['id']}'";
$rs = $inDB->query($sql);
$aw['uhtml'] = '';
if ($inDB->num_rows($rs)) {
while ($user = $inDB->fetch_assoc($rs)) {
$aw['uhtml'] .= cmsUser::getGenderLink($user['id'], $user['nickname'], $user['gender'], $user['login']) . ', ';
}
$aw['uhtml'] = rtrim($aw['uhtml'], ', ');
} else {
$aw['uhtml'] = $_LANG['NOT_USERS_WITH_THIS_AWARD'];
}
$aws[] = $aw;
}
cmsPage::initTemplate('components', 'com_users_awards_site')->assign('aws', $aws)->display('com_users_awards_site.tpl');
}
//============================================================================//
//============================= Удаление профиля ============================//
//============================================================================//
if ($do == 'delprofile') {
// неавторизованным тут делать нечего
if (!$inUser->id) {
cmsCore::error404();
}
// есть ли удаляемый профиль
$data = cmsUser::getShortUserData($id);
if (!$data) {
cmsCore::error404();
}
// владелец профиля или админ
if ($inUser->is_admin) {
// могут ли администраторы удалять профиль
if (!cmsUser::isAdminCan('admin/users', cmsUser::getAdminAccess())) {
cmsCore::error404();
}
// администратор сам себя не удалит
if ($inUser->id == $data['id']) {
cmsCore::error404();
}
} else {
// удаляем только свой профиль
if ($inUser->id != $data['id']) {
cmsCore::error404();
}
}
if (isset($_POST['csrf_token'])) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteUser($id);
if (!$inUser->is_admin) {
session_destroy();
cmsCore::redirect('/logout');
} else {
cmsCore::addSessionMessage($_LANG['DELETING_PROFILE_OK'], 'info');
cmsCore::redirect('/users');
}
} else {
$inPage->setTitle($_LANG['DELETING_PROFILE']);
$inPage->addPathway($data['nickname'], $inUser->getProfileURL($data['login']));
$inPage->addPathway($_LANG['DELETING_PROFILE']);
$confirm['title'] = $_LANG['DELETING_PROFILE'];
$confirm['text'] = '<p>' . $_LANG['REALLY_DEL_PROFILE'] . '</p>';
$confirm['action'] = '/users/' . $id . '/delprofile.html';
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
cmsPage::initTemplate('components', 'action_confirm.tpl')->assign('confirm', $confirm)->display('action_confirm.tpl');
}
}
//============================================================================//
//============================ Восстановить профиль =========================//
//============================================================================//
if ($do == 'restoreprofile') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_deleted = 0 WHERE id = '{$id}'");
cmsCore::redirectBack();
}
//============================================================================//
//============================= Файлы пользователей =========================//
//============================================================================//
if ($do == 'files') {
if (!$model->config['sw_files']) {
cmsCore::error404();
}
$fdo = cmsCore::request('fdo', 'str', '');
include 'components/users/files.php';
}
//============================================================================//
//================================ Инвайты =================================//
//============================================================================//
if ($do == 'invites') {
$reg_cfg = $inCore->loadComponentConfig('registration');
if ($reg_cfg['reg_type'] != 'invite') {
cmsCore::error404();
}
$invites_count = $model->getUserInvitesCount($inUser->id);
if (!$invites_count) {
cmsCore::error404();
}
if (!cmsCore::inRequest('send_invite')) {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_INVITES']);
cmsPage::initTemplate('components', 'com_users_invites')->assign('invites_count', $invites_count)->display('com_users_invites.tpl');
return;
}
if (cmsCore::inRequest('send_invite')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$invite_email = cmsCore::request('invite_email', 'email', '');
if (!$invite_email) {
cmsCore::redirectBack();
}
if ($model->sendInvite($inUser->id, $invite_email)) {
cmsCore::addSessionMessage(sprintf($_LANG['INVITE_SENDED'], $invite_email), 'success');
} else {
cmsCore::addSessionMessage($_LANG['INVITE_ERROR'], 'error');
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
if ($do == 'change_email') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$email = cmsCore::request('email', 'email', '');
$token = cmsCore::request('token', 'str', '');
// не занят ли email
$is_email = $inDB->get_field('cms_users', "email='{$email}'", 'id');
if ($is_email || !$email || !$token) {
cmsCore::error404();
}
// проверяем токен
$valid_id = $inDB->get_field('cms_users_activate', "code='{$token}' AND user_id = '{$inUser->id}'", 'id');
if (!$valid_id) {
cmsCore::error404();
}
$inDB->delete('cms_users_activate', "id = '{$valid_id}'");
// Сохраняем новый email
$inDB->update('cms_users', array('email' => $email), $inUser->id);
cmsCore::addSessionMessage($_LANG['NEW_EMAIL_SAVED'], 'success');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}
function applet_menu()
{
$inCore = cmsCore::getInstance();
$inDB = cmsDatabase::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/menu', $adminAccess)) {
cpAccessDenied();
}
$GLOBALS['cp_page_title'] = $_LANG['AD_MENU'];
cpAddPathway($_LANG['AD_MENU'], 'index.php?view=menu');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'list') {
$toolmenu[] = array('icon' => 'new.gif', 'title' => $_LANG['AD_MENU_POINT_ADD'], 'link' => '?view=menu&do=add');
$toolmenu[] = array('icon' => 'newmenu.gif', 'title' => $_LANG['AD_MENU_ADD'], 'link' => '?view=menu&do=addmenu');
$toolmenu[] = array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=edit&multiple=1');");
$toolmenu[] = array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=delete&multiple=1');");
$toolmenu[] = array('icon' => 'show.gif', 'title' => $_LANG['AD_ALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=show&multiple=1');");
$toolmenu[] = array('icon' => 'hide.gif', 'title' => $_LANG['AD_DISALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=hide&multiple=1');");
$toolmenu[] = array('icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=menu');
cpToolMenu($toolmenu);
$fields[] = array('title' => 'Lt', 'field' => 'NSLeft', 'width' => '30');
$fields[] = array('title' => $_LANG['TITLE'], 'field' => 'title', 'width' => '', 'link' => '?view=menu&do=edit&id=%id%');
$fields[] = array('title' => $_LANG['SHOW'], 'field' => 'published', 'width' => '60');
$fields[] = array('title' => $_LANG['AD_ORDER'], 'field' => 'ordering', 'width' => '100');
$fields[] = array('title' => $_LANG['AD_LINK'], 'field' => array('linktype', 'linkid', 'link'), 'width' => '240', 'prc' => 'cpMenutypeById');
$fields[] = array('title' => $_LANG['AD_MENU'], 'field' => 'menu', 'width' => '70', 'filter' => '10', 'filterlist' => cpGetList('menu'), 'prc' => 'list_menu');
$fields[] = array('title' => $_LANG['TEMPLATE'], 'field' => 'template', 'width' => '70', 'prc' => 'cpTemplateById');
$actions[] = array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=menu&do=edit&id=%id%');
$actions[] = array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_MENU_POINT_CONFIRM'], 'link' => '?view=menu&do=delete&id=%id%');
cpListTable('cms_menu', $fields, $actions, 'parent_id>0', 'NSLeft, ordering');
} else {
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=menu');
cpToolMenu($toolmenu);
}
if ($do == 'move_up') {
$inDB->moveNsCategory('cms_menu', $id, 'up');
cmsCore::redirectBack();
}
if ($do == 'move_down') {
$inDB->moveNsCategory('cms_menu', $id, 'down');
cmsCore::redirectBack();
}
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbShow('cms_menu', $id);
}
echo '1';
exit;
} else {
dbShowList('cms_menu', $_REQUEST['item']);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbHide('cms_menu', $id);
}
echo '1';
exit;
} else {
dbHideList('cms_menu', cmsCore::request('item', 'array_int', array()));
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
$inDB->deleteNS('cms_menu', (int) $id);
}
} else {
$items = cmsCore::request('item', 'array_int', array());
foreach ($items as $item_id) {
$inDB->deleteNS('cms_menu', $item_id);
}
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$id = cmsCore::request('id', 'int', 0);
if (!$id) {
cmsCore::redirectBack();
}
$title = cmsCore::request('title', 'str', '');
$menu = cmsCore::arrayToYaml(cmsCore::request('menu', 'array_str', ''));
$linktype = cmsCore::request('mode', 'str', '');
$linkid = cmsCore::request($linktype, 'str', '');
$link = $inCore->getMenuLink($linktype, $linkid);
$target = cmsCore::request('target', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$template = cmsCore::request('template', 'str', '');
$iconurl = cmsCore::request('iconurl', 'str', '');
$parent_id = cmsCore::request('parent_id', 'int', 0);
$oldparent = cmsCore::request('oldparent', 'int', 0);
$is_lax = cmsCore::request('is_lax', 'int', 0);
$css_class = cmsCore::request('css_class', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$ns = $inCore->nestedSetsInit('cms_menu');
if ($oldparent != $parent_id) {
$ns->MoveNode($id, $parent_id);
}
$sql = "UPDATE cms_menu\n SET title='{$title}',\n css_class='{$css_class}',\n menu='{$menu}',\n link='{$link}',\n linktype='{$linktype}',\n linkid='{$linkid}',\n target='{$target}',\n published='{$published}',\n template='{$template}',\n access_list='{$access_list}',\n is_lax='{$is_lax}',\n iconurl='{$iconurl}'\n WHERE id = '{$id}'\n LIMIT 1";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
if (!isset($_SESSION['editlist']) || @sizeof($_SESSION['editlist']) == 0) {
cmsCore::redirect('?view=menu');
} else {
cmsCore::redirect('?view=menu&do=edit');
}
}
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$title = cmsCore::request('title', 'str', '');
$menu = cmsCore::arrayToYaml(cmsCore::request('menu', 'array_str', ''));
$linktype = cmsCore::request('mode', 'str', '');
$linkid = cmsCore::request($linktype, 'str', '');
$link = $inCore->getMenuLink($linktype, $linkid);
$target = cmsCore::request('target', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$template = cmsCore::request('template', 'str', '');
$iconurl = cmsCore::request('iconurl', 'str', '');
$parent_id = cmsCore::request('parent_id', 'int', 0);
$css_class = cmsCore::request('css_class', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
$is_lax = cmsCore::request('is_lax', 'int', 0);
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$ns = $inCore->nestedSetsInit('cms_menu');
$myid = $ns->AddNode($parent_id);
$sql = "UPDATE cms_menu\n\t\t\t\tSET menu='{$menu}',\n\t\t\t\t\ttitle='{$title}',\n css_class='{$css_class}',\n\t\t\t\t\tlink='{$link}',\n\t\t\t\t\tlinktype='{$linktype}',\n\t\t\t\t\tlinkid='{$linkid}',\n\t\t\t\t\ttarget='{$target}',\n\t\t\t\t\tpublished='{$published}',\n\t\t\t\t\ttemplate='{$template}',\n\t\t\t\t\taccess_list='{$access_list}',\n\t\t\t\t\tis_lax='{$is_lax}',\n\t\t\t\t\ticonurl='{$iconurl}'\n\t\t\t\tWHERE id = '{$myid}'";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('?view=menu');
}
if ($do == 'submitmenu') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$sql = "SELECT ordering as max_o FROM cms_modules ORDER BY ordering DESC LIMIT 1";
$result = $inDB->query($sql);
$row = $inDB->fetch_assoc($result);
$maxorder = $row['max_o'] + 1;
$menu = cmsCore::request('menu', 'str', '');
$title = cmsCore::request('title', 'str', '');
$position = cmsCore::request('position', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = $inCore->arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$cfg['menu'] = $menu;
$cfg_str = cmsCore::arrayToYaml($cfg);
$sql = "INSERT INTO cms_modules (position, name, title, is_external, content, ordering, showtitle, published, user, config, css_prefix, access_list)\n VALUES ('{$position}', '{$_LANG['AD_MENU']}', '{$title}', 1, 'mod_menu', {$maxorder}, 1, {$published}, 0, '{$cfg_str}', '{$css_prefix}', '{$access_list}')";
$inDB->query($sql);
$newid = $inDB->get_last_id('cms_modules');
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('?view=modules&do=edit&id=' . $newid);
}
if ($do == 'addmenu' || $do == 'add' || $do == 'edit') {
$GLOBALS['cp_page_head'][] = '<script language="JavaScript" type="text/javascript" src="js/menu.js"></script>';
echo '<script>';
echo cmsPage::getLangJS('AD_SPECIFY_LINK_MENU');
echo '</script>';
}
if ($do == 'addmenu') {
$GLOBALS['cp_page_title'] = $_LANG['AD_MENU_ADD'];
cpAddPathway($_LANG['AD_MENU_ADD']);
$menu_list = cpGetList('menu');
?>
<form id="addform" name="addform" action="index.php?view=menu&do=submitmenu" method="post">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<table class="proptable" width="650" cellspacing="10" cellpadding="10">
<tr>
<td width="300" valign="top">
<strong><?php
echo $_LANG['AD_MODULE_MENU_TITLE'];
?>
</strong>
</td>
<td valign="top">
<input name="title" type="text" id="title2" style="width:99%" value=""/>
</td>
</tr>
<tr>
<td valign="top">
<strong><?php
echo $_LANG['AD_MENU_TO_VIEW'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_TO_CREATE_NEW_POINT'];
?>
</span>
</td>
<td valign="top">
<select name="menu" id="menu" style="width:99%">
<?php
foreach ($menu_list as $menu) {
?>
<option value="<?php
echo $menu['id'];
?>
">
<?php
echo $menu['title'];
?>
</option>
<?php
}
?>
</select>
</td>
</tr>
<tr>
<td valign="top">
<strong><?php
echo $_LANG['AD_POSITION_TO_VIEW'];
?>
</strong><br />
<span class="hinttext"><?php
echo $_LANG['AD_POSITION_MUST_BE'];
?>
</span>
</td>
<td valign="top">
<?php
$pos = cpModulePositions(cmsConfig::getConfig('template'));
?>
<select name="position" id="position" style="width:99%">
<?php
if ($pos) {
foreach ($pos as $key => $position) {
if (@$mod['position'] == $position) {
echo '<option value="' . $position . '" selected>' . $position . '</option>';
} else {
echo '<option value="' . $position . '">' . $position . '</option>';
}
}
}
?>
</select>
<input name="is_external" type="hidden" id="is_external" value="0" />
</td>
</tr>
<tr>
<td valign="top"><strong><?php
echo $_LANG['AD_MENU_PUBLIC'];
?>
</strong></td>
<td valign="top">
<label><input name="published" type="radio" value="1" checked="checked" <?php
if (@$mod['published']) {
echo 'checked="checked"';
}
?>
/> <?php
echo $_LANG['YES'];
?>
</label>
<label><input name="published" type="radio" value="0" <?php
if (@(!$mod['published'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $_LANG['NO'];
?>
</label>
</td>
</tr>
<tr>
<td valign="top"><strong><?php
echo $_LANG['AD_PREFIX_CSS'];
?>
</strong></td>
<td valign="top">
<input name="css_prefix" type="text" id="css_prefix" value="<?php
echo @$mod['css_prefix'];
?>
" style="width:99%" />
</td>
</tr>
<tr>
<td valign="top">
<strong><?php
echo $_LANG['AD_TAB_ACCESS'];
?>
:</strong><br />
<span class="hinttext"><?php
echo $_LANG['AD_GROUP_ACCESS'];
?>
</span>
</td>
<td valign="top">
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<?php
$groups = cmsUser::getGroups();
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
if ($mod['access_list']) {
$public = '';
$style = '';
$access_list = $inCore->yamlToArray($mod['access_list']);
}
}
?>
<input name="is_public" type="checkbox" id="is_public" onclick="checkAccesList()" value="1" <?php
echo $public;
?>
/>
</td>
<td><label for="is_public"><strong><?php
echo $_LANG['AD_SHARE'];
?>
</strong></label></td>
</tr>
</table>
<div style="padding:5px">
<span class="hinttext">
<?php
echo $_LANG['AD_VIEW_IF_CHECK'];
?>
</span>
</div>
<div style="margin-top:10px;padding:5px;padding-right:0px;" id="grp">
<div>
<strong><?php
echo $_LANG['AD_GROUPS_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<?php
echo '<select style="width: 99%" name="allow_group[]" id="allow_group" size="6" multiple="multiple" ' . $style . '>';
if ($groups) {
foreach ($groups as $group) {
echo '<option value="' . $group['id'] . '"';
if ($do == 'edit') {
if (inArray($access_list, $group['id'])) {
echo 'selected="selected"';
}
}
echo '>';
echo $group['title'] . '</option>';
}
}
echo '</select>';
?>
</div>
</div>
</td>
</tr>
<tr>
<td colspan="2" valign="top">
<div style="padding:10px;margin:4px;background-color:#EBEBEB;border:solid 1px gray">
<?php
echo $_LANG['AD_NEW_MENU_NEW_MODULE'];
?>
</div>
</td>
</tr>
</table>
<div style="margin-top:5px">
<input name="save" type="submit" id="save" value="<?php
echo $_LANG['AD_MENU_ADD'];
?>
" />
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.location.href='index.php?view=menu';" />
</div>
</form>
<?php
}
if ($do == 'add' || $do == 'edit') {
require '../includes/jwtabs.php';
$GLOBALS['cp_page_head'][] = jwHeader();
$menu_list = cpGetList('menu');
if ($do == 'add') {
cpAddPathway($_LANG['AD_MENU_POINT_ADD']);
$mod['menu'] = array('mainmenu');
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = $inDB->get_fields('cms_menu', "id = '{$item_id}'", '*');
if (!$mod) {
cmsCore::error404();
}
$mod['menu'] = cmsCore::yamlToArray($mod['menu']);
cpAddPathway($_LANG['AD_MENU_POINT_EDIT'] . $ostatok . ' "' . $mod['title'] . '"');
}
?>
<form id="addform" name="addform" method="post" action="index.php">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<input type="hidden" name="view" value="menu" />
<table class="proptable" width="100%" cellpadding="15" cellspacing="2">
<tr>
<td valign="top">
<div><strong><?php
echo $_LANG['AD_MENU_POINT_TITLE'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_VIEW_IN_SITE'];
?>
</span></div>
<div><input name="title" type="text" id="title" style="width:100%" value="<?php
echo htmlspecialchars($mod['title']);
?>
" /></div>
<div><strong><?php
echo $_LANG['AD_PARENT_POINT'];
?>
</strong></div>
<div>
<?php
$rootid = $inDB->get_field('cms_menu', 'parent_id=0', 'id');
?>
<select name="parent_id" size="10" id="parent_id" style="width:100%">
<option value="<?php
echo $rootid;
?>
" <?php
if (@$mod['parent_id'] == $rootid || !isset($mod['parent_id'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_MENU_ROOT'];
?>
</option>
<?php
if (isset($mod['parent_id'])) {
echo $inCore->getListItemsNS('cms_menu', $mod['parent_id']);
} else {
echo $inCore->getListItemsNS('cms_menu');
}
?>
</select>
<input type="hidden" name="oldparent" value="<?php
echo @$mod['parent_id'];
?>
" />
</div>
<div><strong><?php
echo $_LANG['AD_MENU_POINT_ACTION'];
?>
</strong></div>
<div>
<select name="mode" id="linktype" style="width:100%" onchange="showMenuTarget()">
<option value="link" <?php
if (@$mod['linktype'] == 'link' || !isset($mod['mode'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_LINK'];
?>
</option>
<option value="content" <?php
if (@$mod['linktype'] == 'content') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_ARTICLE'];
?>
</option>
<option value="category" <?php
if (@$mod['linktype'] == 'category') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_PARTITION'];
?>
</option>
<?php
if ($inCore->isComponentInstalled('video')) {
?>
<option value="video_cat" <?php
if (@$mod['linktype'] == 'video_cat') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_VIDEO_PARTITION'];
?>
</option>
<?php
}
?>
<option value="component" <?php
if (@$mod['linktype'] == 'component') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_COMPONENT'];
?>
</option>
<option value="blog" <?php
if (@$mod['linktype'] == 'blog') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_BLOG'];
?>
</option>
<option value="uccat" <?php
if (@$mod['linktype'] == 'uccat') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_CATEGORY'];
?>
</option>
<option value="photoalbum" <?php
if (@$mod['linktype'] == 'photoalbum') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_ALBUM'];
?>
</option>
</select>
</div>
<div id="t_link" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'link' || $mod['linktype'] == 'ext' || !$mod['linktype']) {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_LINK'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_LINK_HINT'];
?>
<b>http://</b></span>
</div>
<div>
<input name="link" type="text" id="link" size="50" style="width:100%" <?php
if (@$mod['linktype'] == 'link' || @$mod['linktype'] == 'ext') {
echo 'value="' . $mod['link'] . '"';
}
?>
/>
</div>
</div>
<div id="t_content" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'content') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_ARTICLE'];
?>
</strong>
</div>
<div>
<select name="content" id="content" style="width:100%">
<?php
if (@$mod['linktype'] == 'content') {
echo $inCore->getListItems('cms_content', $mod['linkid']);
} else {
echo $inCore->getListItems('cms_content');
}
?>
</select>
</div>
</div>
<?php
if ($inCore->isComponentInstalled('video')) {
?>
<div id="t_video_cat" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'video_cat') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_PARTITION'];
?>
</strong>
</div>
<div>
<select name="video_cat" id="video_cat" style="width:100%">
<?php
if (@$mod['linktype'] == 'video_cat') {
echo $inCore->getListItemsNS('cms_video_category', $mod['linkid']);
} else {
echo $inCore->getListItemsNS('cms_video_category');
}
?>
</select>
</div>
</div>
<?php
}
?>
<div id="t_category" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'category') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_PARTITION'];
?>
</strong>
</div>
<div>
<select name="category" id="category" style="width:100%">
<?php
if (@$mod['linktype'] == 'category') {
echo $inCore->getListItemsNS('cms_category', $mod['linkid']);
} else {
echo $inCore->getListItemsNS('cms_category');
}
?>
</select>
</div>
</div>
<div id="t_component" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'component') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_COMPONENT'];
?>
</strong>
</div>
<div>
<select name="component" id="component" style="width:100%">
<?php
if (@$mod['linktype'] == 'component') {
echo $inCore->getListItems('cms_components', $mod['linkid'], 'title', 'asc', 'internal=0', 'link');
} else {
echo $inCore->getListItems('cms_components', 0, 'title', 'asc', 'internal=0', 'link');
}
?>
</select>
</div>
</div>
<div id="t_blog" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'blog') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_BLOG'];
?>
</strong>
</div>
<div>
<select name="blog" id="blog" style="width:100%">
<?php
if (@$mod['linktype'] == 'blog') {
echo $inCore->getListItems('cms_blogs', $mod['linkid'], 'title', 'asc', "owner='user'");
} else {
echo $inCore->getListItems('cms_blogs', 0, 'title', 'asc', "owner='user'");
}
?>
</select>
</div>
</div>
<div id="t_uccat" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'uccat') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_CATEGORY'];
?>
</strong>
</div>
<div>
<select name="uccat" id="uccat" style="width:100%">
<?php
if (@$mod['linktype'] == 'uccat') {
echo $inCore->getListItems('cms_uc_cats', $mod['linkid']);
} else {
echo $inCore->getListItems('cms_uc_cats');
}
?>
</select>
</div>
</div>
<div id="t_photoalbum" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'photoalbum') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_ALBUM'];
?>
</strong>
</div>
<div>
<select name="photoalbum" id="photoalbum" style="width:100%">
<?php
if (@$mod['linktype'] == 'photoalbum') {
echo $inCore->getListItems('cms_photo_albums', $mod['linkid'], 'id', 'ASC', 'NSDiffer = ""');
} else {
echo $inCore->getListItems('cms_photo_albums', 0, 'id', 'ASC', 'NSDiffer = ""');
}
?>
</select>
</div>
</div>
</td>
<td width="300" valign="top" style="background:#ECECEC;">
<?php
ob_start();
?>
{tab=<?php
echo $_LANG['AD_TAB_PUBLISH'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20"><input type="checkbox" name="published" id="published" value="1" <?php
if ($mod['published'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="published"><strong><?php
echo $_LANG['AD_MENU_POINT_PUBLIC'];
?>
</strong></label></td>
</tr>
</table>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_OPEN_POINT'];
?>
</strong>
</div>
<div>
<select name="target" id="target" style="width:100%">
<option value="_self" <?php
if (@$mod['target'] == '_self') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_SELF'];
?>
</option>
<option value="_parent"><?php
echo $_LANG['AD_PARENT'];
?>
</option>
<option value="_blank" <?php
if (@$mod['target'] == '_blank') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BLANK'];
?>
</option>
<option value="_top" <?php
if (@$mod['target'] == '_top') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_TOP'];
?>
</option>
</select>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['TEMPLATE'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_DESIGN_CHANGE'];
?>
</span>
</div>
<div>
<select name="template" id="template" style="width:100%">
<option value="0" <?php
if (@$mod['template'] == 0 || !$mod['template']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_DEFAULT'];
?>
</option>
<?php
$templates = cmsCore::getDirsList('/templates');
foreach ($templates as $template) {
echo '<option value="' . $template . '" ' . (@$mod['template'] == $template ? 'selected="selected"' : '') . '>' . $template . '</option>';
}
?>
</select>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_ICON_PICTURE'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_ICON_FILENAME'];
?>
</span>
</div>
<div>
<input name="iconurl" type="text" id="iconurl" size="30" value="<?php
echo @$mod['iconurl'];
?>
" style="width:100%"/>
<div>
<a id="iconlink" style="display:block;" href="javascript:showIcons()"><?php
echo $_LANG['AD_CHECK_ICON'];
?>
</a>
<div id="icondiv" style="display:none; padding:6px;border:solid 1px gray;background:#FFF">
<div><?php
iconList();
?>
</div>
</div>
</div>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_CSS_CLASS'];
?>
</strong>
</div>
<div>
<input name="css_class" type="text" size="30" value="<?php
echo @$mod['css_class'];
?>
" style="width:100%"/>
</div>
{tab=<?php
echo $_LANG['AD_TAB_ACCESS'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<?php
$groups = cmsUser::getGroups();
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
if ($mod['access_list']) {
$public = '';
$style = '';
$access_list = $inCore->yamlToArray($mod['access_list']);
}
}
?>
<input name="is_public" type="checkbox" id="is_public" onclick="checkAccesList()" value="1" <?php
echo $public;
?>
/>
</td>
<td><label for="is_public"><strong><?php
echo $_LANG['AD_SHARE'];
?>
</strong></label></td>
</tr>
</table>
<div style="padding:5px">
<span class="hinttext">
<?php
echo $_LANG['AD_VIEW_IF_CHECK'];
?>
</span>
</div>
<div style="margin-top:10px;padding:5px;padding-right:0px;" id="grp">
<div>
<strong><?php
echo $_LANG['AD_GROUPS_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<?php
echo '<select style="width: 99%" name="allow_group[]" id="allow_group" size="6" multiple="multiple" ' . $style . '>';
if ($groups) {
foreach ($groups as $group) {
echo '<option value="' . $group['id'] . '"';
if ($do == 'edit' && $mod['access_list']) {
if (inArray($access_list, $group['id'])) {
echo 'selected="selected"';
}
}
echo '>';
echo $group['title'] . '</option>';
}
}
echo '</select>';
?>
</div>
</div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<input name="is_lax" type="checkbox" id="is_lax" value="1" <?php
if (@$mod['is_lax']) {
?>
checked="checked"<?php
}
?>
/>
</td>
<td><label for="is_lax"><strong><?php
echo $_LANG['AD_ONLY_CHILD_ITEM'];
?>
</strong></label></td>
</tr>
</table>
{tab=<?php
echo $_LANG['AD_MENU'];
?>
}
<div style="padding:5px;padding-right:0px;">
<div>
<strong><?php
echo $_LANG['AD_MENU_TO_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<select style="width: 99%" name="menu[]" size="9" multiple="multiple">
<?php
foreach ($menu_list as $menu) {
?>
<option value="<?php
echo $menu['id'];
?>
" <?php
if (@in_array($menu['id'], @$mod['menu'])) {
echo 'selected="selected"';
}
?>
>
<?php
echo $menu['title'];
?>
</option>
<?php
}
?>
</select>
</div>
</div>
{/tabs}
<?php
echo jwTabs(ob_get_clean());
?>
</td>
</tr>
</table>
<p>
<input name="add_mod" type="button" onclick="submitItem()" id="add_mod" value="<?php
echo $_LANG['SAVE'];
?>
" />
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.location.href='index.php?view=menu';" />
<input name="do" type="hidden" id="do" <?php
if ($do == 'add') {
echo 'value="submit"';
} else {
echo 'value="update"';
}
?>
/>
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="' . $mod['id'] . '" />';
}
?>
</p>
</form>
<?php
}
}
function applet_modules()
{
$inCore = cmsCore::getInstance();
$inDB = cmsDatabase::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) {
cpAccessDenied();
}
$GLOBALS['cp_page_title'] = $_LANG['AD_MODULES'];
cpAddPathway($_LANG['AD_MODULES'], 'index.php?view=modules');
$GLOBALS['cp_page_head'][] = '<script language="JavaScript" type="text/javascript" src="js/modules.js"></script>';
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
$co = cmsCore::request('co', 'int', -1);
//============================================================================//
//============================================================================//
if ($do == 'config') {
$module_name = cpModuleById($id);
$module_title = cpModuleTitleById($id);
if (!$module_name) {
cmsCore::redirect('index.php?view=modules&do=edit&id=' . $id);
}
$xml_file = PATH . '/admin/modules/' . $module_name . '/backend.xml';
$php_file = 'modules/' . $module_name . '/backend.php';
if (!file_exists($xml_file)) {
if (file_exists($php_file)) {
include $php_file;
return;
}
cmsCore::halt();
}
$cfg = $inCore->loadModuleConfig($id);
cmsCore::loadClass('formgen');
$formGen = new cmsFormGen($xml_file, $cfg);
cpAddPathway($module_title, '?view=modules&do=edit&id=' . $id);
cpAddPathway($_LANG['AD_SETTINGS']);
echo '<h3>' . $module_title . '</h3>';
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:submitModuleConfig();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=modules');
$toolmenu[] = array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_MODULE_VIEW'], 'link' => '?view=modules&do=edit&id=' . $id);
cpToolMenu($toolmenu);
echo '<form action="index.php?view=modules&do=save_auto_config&id=' . $id . '" method="post" name="optform" target="_self" id="optform">';
echo $formGen->getHTML();
echo '</form>';
return;
}
//============================================================================//
//============================================================================//
if ($do == 'save_auto_config') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$module_name = cpModuleById($id);
$is_ajax = cmsCore::inRequest('ajax');
if ($is_ajax) {
$title = cmsCore::request('title', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$inDB->query("UPDATE cms_modules SET title='{$title}', published='{$published}' WHERE id={$id}");
if (cmsCore::inRequest('content')) {
$content = $inDB->escape_string(cmsCore::request('content', 'html'));
$inDB->query("UPDATE cms_modules SET content='{$content}' WHERE id={$id}");
}
// Добавим возможность изменять css_префикс с фронта
if (cmsCore::inRequest('css_prefix')) {
// На шаблонах не не отдающих параметра затирать класс не будем
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$inDB->query("UPDATE cms_modules SET css_prefix='{$css_prefix}' WHERE id='{$id}'");
}
}
if (cmsCore::inRequest('title_only')) {
cmsCore::redirectBack();
}
$xml_file = PATH . '/admin/modules/' . $module_name . '/backend.xml';
if (!file_exists($xml_file)) {
cmsCore::halt();
}
$cfg = array();
$backend = simplexml_load_file($xml_file);
foreach ($backend->params->param as $param) {
$name = (string) $param['name'];
$type = (string) $param['type'];
$default = (string) $param['default'];
switch ($param['type']) {
case 'number':
$value = cmsCore::request($name, 'int', $default);
break;
case 'string':
$value = cmsCore::request($name, 'str', $default);
break;
case 'html':
$value = cmsCore::badTagClear(cmsCore::request($name, 'html', $default));
break;
case 'flag':
$value = cmsCore::request($name, 'int', 0);
break;
case 'list':
$value = is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default);
break;
case 'list_function':
$value = cmsCore::request($name, 'str', $default);
break;
case 'list_db':
$value = is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default);
break;
}
$cfg[$name] = $value;
}
$inCore->saveModuleConfig($id, $cfg);
if (!$is_ajax) {
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
}
cmsCore::redirectBack();
}
//============================================================================//
//============================================================================//
if ($do == 'list') {
$toolmenu[] = array('icon' => 'new.gif', 'title' => $_LANG['AD_MODULE_ADD'], 'link' => '?view=modules&do=add');
$toolmenu[] = array('icon' => 'install.gif', 'title' => $_LANG['AD_MODULES_SETUP'], 'link' => '?view=install&do=module');
$toolmenu[] = array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=edit&multiple=1');");
$toolmenu[] = array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=delete&multiple=1');");
$toolmenu[] = array('icon' => 'show.gif', 'title' => $_LANG['AD_ALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=show&multiple=1');");
$toolmenu[] = array('icon' => 'hide.gif', 'title' => $_LANG['AD_DISALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=hide&multiple=1');");
$toolmenu[] = array('icon' => 'autoorder.gif', 'title' => $_LANG['AD_MODULE_ORDER'], 'link' => '?view=modules&do=autoorder');
$toolmenu[] = array('icon' => 'reorder.gif', 'title' => $_LANG['AD_SAVE_ORDER'], 'link' => "javascript:checkSel('?view=modules&do=saveorder');");
$toolmenu[] = array('icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=modules');
cpToolMenu($toolmenu);
$fields[] = array('title' => 'id', 'field' => 'id', 'width' => '30');
$fields[] = array('title' => $_LANG['AD_TITLE'], 'field' => array('title', 'titles'), 'width' => '', 'link' => '?view=modules&do=edit&id=%id%', 'prc' => function ($i) {
$i['titles'] = cmsCore::yamlToArray($i['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($i['titles'][cmsConfig::getConfig('lang')])) {
$i['title'] = $i['titles'][cmsConfig::getConfig('lang')];
}
return $i['title'];
});
$fields[] = array('title' => $_LANG['TITLE'], 'field' => 'name', 'width' => '220', 'filter' => '15');
$fields[] = array('title' => $_LANG['AD_VERSION'], 'field' => 'version', 'width' => '55');
$fields[] = array('title' => $_LANG['AD_AUTHOR'], 'field' => 'author', 'width' => '110');
$fields[] = array('title' => $_LANG['SHOW'], 'field' => 'published', 'width' => '65');
$fields[] = array('title' => $_LANG['AD_ORDER'], 'field' => 'ordering', 'width' => '75');
$fields[] = array('title' => $_LANG['AD_POSITION'], 'field' => 'position', 'width' => '70', 'filter' => '10', 'filterlist' => cpGetList('positions'));
$actions[] = array('title' => $_LANG['AD_CONFIG'], 'icon' => 'config.gif', 'link' => '?view=modules&do=config&id=%id%', 'condition' => 'cpModuleHasConfig');
$actions[] = array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=modules&do=edit&id=%id%');
$actions[] = array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_MODULE_DELETE'], 'link' => '?view=modules&do=delete&id=%id%');
cpListTable('cms_modules', $fields, $actions, '', 'published DESC, position, ordering ASC');
}
//============================================================================//
//============================================================================//
if ($do == 'autoorder') {
$rs = $inDB->query("SELECT id, position FROM cms_modules ORDER BY position");
if ($inDB->num_rows($rs)) {
$ord = 1;
while ($item = $inDB->fetch_assoc($rs)) {
if (isset($latest_pos)) {
if ($latest_pos != $item['position']) {
$ord = 1;
}
}
$inDB->query("UPDATE cms_modules SET ordering = {$ord} WHERE id='{$item['id']}'");
$ord += 1;
$latest_pos = $item['position'];
}
}
cmsCore::redirect('index.php?view=modules');
}
//============================================================================//
//============================================================================//
if ($do == 'move_up') {
if ($id >= 0) {
dbMoveUp('cms_modules', $id, $co);
}
cmsCore::redirectBack();
}
if ($do == 'move_down') {
if ($id >= 0) {
dbMoveDown('cms_modules', $id, $co);
}
cmsCore::redirectBack();
}
//============================================================================//
//============================================================================//
if ($do == 'saveorder') {
if (isset($_REQUEST['ordering'])) {
$ord = $_REQUEST['ordering'];
$ids = $_REQUEST['ids'];
foreach ($ord as $id => $ordering) {
$inDB->query("UPDATE cms_modules SET ordering = '" . (int) $ordering . "' WHERE id = '" . (int) $ids[$id] . "'");
}
cmsCore::redirect('index.php?view=modules');
}
}
//============================================================================//
//============================================================================//
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbShow('cms_modules', $id);
}
echo '1';
exit;
} else {
dbShowList('cms_modules', cmsCore::request('item', 'array_int', array()));
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbHide('cms_modules', $id);
}
echo '1';
exit;
} else {
dbHideList('cms_modules', cmsCore::request('item', 'array_int', array()));
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
$inCore->removeModule($id);
} else {
$inCore->removeModule(cmsCore::request('item', 'array_int', array()));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=modules');
}
//============================================================================//
//============================================================================//
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$id = cmsCore::request('id', 'int', 0);
$name = cmsCore::request('name', 'str', '');
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$position = cmsCore::request('position', 'str', '');
$showtitle = cmsCore::request('showtitle', 'int', 0);
$content = $inDB->escape_string(cmsCore::request('content', 'html', ''));
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_strict_bind = cmsCore::request('is_strict_bind', 'int', 0);
$is_strict_bind_hidden = cmsCore::request('is_strict_bind_hidden', 'int', 0);
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int', array()));
}
$template = cmsCore::request('template', 'str', '');
$cache = cmsCore::request('cache', 'int', 0);
$cachetime = cmsCore::request('cachetime', 'int', 0);
$cacheint = cmsCore::request('cacheint', 'str', '');
$sql = "UPDATE cms_modules\r\n SET name='{$name}',\r\n title='{$title}',\r\n titles='{$titles}',\r\n position='{$position}',\r\n template='{$template}',\r\n showtitle={$showtitle},";
if ($content) {
$sql .= "content='{$content}',";
}
$sql .= "\r\n published={$published},\r\n css_prefix='{$css_prefix}',\r\n access_list='{$access_list}',\r\n hidden_menu_ids='',\r\n cachetime = '{$cachetime}',\r\n cacheint = '{$cacheint}',\r\n cache = '{$cache}',\r\n is_strict_bind = '{$is_strict_bind}',\r\n is_strict_bind_hidden = '{$is_strict_bind_hidden}'\r\n WHERE id = '{$id}'\r\n LIMIT 1";
$inDB->query($sql);
$sql = "DELETE FROM cms_modules_bind WHERE module_id = {$id}";
$inDB->query($sql);
if (cmsCore::request('show_all', 'int', 0)) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position)\r\n VALUES ({$id}, 0, '{$position}')";
$inDB->query($sql);
$hidden_menu_ids = cmsCore::request('hidden_menu_ids', 'array_int', array());
if ($hidden_menu_ids) {
$hidden_menu_ids = cmsCore::arrayToYaml($hidden_menu_ids);
$inDB->query("UPDATE cms_modules SET hidden_menu_ids='{$hidden_menu_ids}' WHERE id = '{$id}' LIMIT 1");
}
} else {
$showin = cmsCore::request('showin', 'array_int', array());
$showpos = cmsCore::request('showpos', 'array_str', array());
if ($showin) {
foreach ($showin as $key => $value) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position)\r\n VALUES ({$id}, {$value}, '{$showpos[$value]}')";
$inDB->query($sql);
}
}
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
if (!isset($_SESSION['editlist']) || @sizeof($_SESSION['editlist']) == 0) {
cmsCore::redirect('index.php?view=modules');
} else {
cmsCore::redirect('index.php?view=modules&do=edit');
}
}
//============================================================================//
//============================================================================//
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$sql = "SELECT ordering as max_o FROM cms_menu ORDER BY ordering DESC LIMIT 1";
$result = $inDB->query($sql);
$row = $inDB->fetch_assoc($result);
$maxorder = $row['max_o'] + 1;
$name = cmsCore::request('name', 'str', '');
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$position = cmsCore::request('position', 'str', '');
$showtitle = cmsCore::request('showtitle', 'int', 0);
$content = $inDB->escape_string(cmsCore::request('content', 'html', ''));
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int', array()));
}
$template = cmsCore::request('template', 'str', '');
$cache = cmsCore::request('cache', 'int', 0);
$cachetime = cmsCore::request('cachetime', 'int', 0);
$cacheint = cmsCore::request('cacheint', 'str', '');
$operate = cmsCore::request('operate', 'str', '');
$is_strict_bind = cmsCore::request('is_strict_bind', 'int', 0);
$is_strict_bind_hidden = cmsCore::request('is_strict_bind_hidden', 'int', 0);
if ($operate == 'user') {
//USER MODULE
$sql = "INSERT INTO cms_modules (position, name, title, titles, is_external, content, ordering, showtitle, published, user, original, css_prefix, access_list, template, is_strict_bind, is_strict_bind_hidden)\r\n\t\t\t\t\tVALUES ('{$position}', '{$name}', '{$title}', '{$titles}', 0, '{$content}', '{$maxorder}', '{$showtitle}', '{$published}', 1, 1, '{$css_prefix}', '{$access_list}', '{$template}', '{$is_strict_bind}', '{$is_strict_bind_hidden}')";
$inDB->query($sql);
}
if ($operate == 'clone') {
//DUPLICATE MODULE
$mod_id = cmsCore::request('clone_id', 'int', 0);
$sql = "SELECT * FROM cms_modules WHERE id = {$mod_id} LIMIT 1";
$result = $inDB->query($sql);
$original = $inDB->escape_string($inDB->fetch_assoc($result));
$is_original = cmsCore::request('del_orig', 'int', 0) ? 1 : 0;
$sql = "INSERT INTO cms_modules (position, name, title, titles, is_external,\r\n content, ordering, showtitle, published,\r\n original, user, config, css_prefix, template,\r\n access_list, is_strict_bind, is_strict_bind_hidden,\r\n cache, cachetime, cacheint, version)\r\n\t\t\t\t\tVALUES (\r\n\t\t\t\t\t\t\t'{$position}',\r\n\t\t\t\t\t\t\t'{$original['name']}',\r\n\t\t\t\t\t\t\t'{$title}',\r\n\t\t\t\t\t\t\t'{$titles}',\r\n\t\t\t\t\t\t\t'{$original['is_external']}',\r\n\t\t\t\t\t\t\t'{$original['content']}',\r\n\t\t\t\t\t\t\t'{$maxorder}',\r\n\t\t\t\t\t\t\t'{$showtitle}',\r\n\t\t\t\t\t\t\t'{$published}',\r\n\t\t\t\t\t\t\t'{$is_original}',\r\n\t\t\t\t\t\t\t'{$original['user']}',\r\n\t\t\t\t\t\t\t'{$original['config']}',\r\n\t\t\t\t\t\t\t'{$css_prefix}',\r\n '{$template}',\r\n '{$access_list}',\r\n '{$is_strict_bind}',\r\n '{$is_strict_bind_hidden}',\r\n '{$cache}', '{$cachetime}', '{$cacheint}', '{$original['version']}'\r\n )";
$inDB->query($sql);
if ($is_original) {
$sql = "DELETE FROM cms_modules WHERE id = {$mod_id}";
$inDB->query($sql);
}
}
$lastid = $inDB->get_last_id('cms_modules');
if (cmsCore::request('show_all', 'int', 0)) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position)\r\n\t\t\t\t\tVALUES ({$lastid}, 0, '{$position}')";
$inDB->query($sql);
$hidden_menu_ids = cmsCore::request('hidden_menu_ids', 'array_int', array());
if ($hidden_menu_ids) {
$hidden_menu_ids = cmsCore::arrayToYaml($hidden_menu_ids);
$inDB->query("UPDATE cms_modules SET hidden_menu_ids='{$hidden_menu_ids}' WHERE id = '{$lastid}' LIMIT 1");
}
} else {
$showin = cmsCore::request('showin', 'array_int', array());
$showpos = cmsCore::request('showpos', 'array_str', array());
if ($showin) {
foreach ($showin as $key => $value) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position)\r\n\t\t\t\t\t\t\tVALUES ({$lastid}, {$value}, '{$showpos[$value]}')";
$inDB->query($sql);
}
}
}
cmsCore::addSessionMessage($_LANG['AD_MODULE_ADD_SITE'], 'success');
cmsCore::redirect('index.php?view=modules');
}
//============================================================================//
//============================================================================//
if ($do == 'add' || $do == 'edit') {
require '../includes/jwtabs.php';
$GLOBALS['cp_page_head'][] = jwHeader();
$langs = cmsCore::getDirsList('/languages');
if ($do == 'add') {
cpAddPathway($_LANG['AD_MODULE_ADD']);
echo '<h3>' . $_LANG['AD_MODULE_ADD'] . '</h3>';
$show_all = false;
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = $inDB->get_fields('cms_modules', "id = '{$item_id}'", '*');
if (!$mod) {
cmsCore::error404();
}
$mod['hidden_menu_ids'] = cmsCore::yamlToArray($mod['hidden_menu_ids']);
$mod['titles'] = cmsCore::yamlToArray($mod['titles']);
$sql = "SELECT id FROM cms_modules_bind WHERE module_id = {$id} AND menu_id = 0 LIMIT 1";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)) {
$show_all = true;
} else {
$show_all = false;
}
echo '<h3>' . $_LANG['AD_EDIT_MODULE'] . $ostatok . '</h3>';
cpAddPathway($mod['name']);
}
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);');
if (@$mod['is_external']) {
$php_file = 'modules/' . $mod['content'] . '/backend.php';
$xml_file = 'modules/' . $mod['content'] . '/backend.xml';
if (file_exists($php_file) || file_exists($xml_file)) {
$toolmenu[] = array('icon' => 'config.gif', 'title' => $_LANG['CONFIG_MODULE'], 'link' => '?view=modules&do=config&id=' . $mod['id']);
}
}
cpToolMenu($toolmenu);
?>
<form id="addform" name="addform" method="post" action="index.php">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<input type="hidden" name="view" value="modules" />
<table class="proptable" width="100%" cellpadding="15" cellspacing="2">
<tr>
<!-- главная ячейка -->
<td valign="top">
<div><strong><?php
echo $_LANG['AD_MODULE_TITLE'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_VIEW_IN_SITE'];
?>
</span></div>
<div>
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td><input name="title" type="text" id="title" style="width:100%" value="<?php
echo htmlspecialchars($mod['title']);
?>
" /></td>
<td style="width:15px;padding-left:10px;padding-right:0px;">
<input type="checkbox" title="<?php
echo $_LANG['AD_VIEW_TITLE'];
?>
" name="showtitle" <?php
if ($mod['showtitle'] || $do == 'add') {
echo 'checked="checked"';
}
?>
value="1">
</td>
</tr>
</table>
</div>
<?php
if (count($langs) > 1) {
?>
<div><strong><?php
echo $_LANG['AD_LANG_TITLES'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_LANG_TITLES_HINT'];
?>
</span></div>
<?php
foreach ($langs as $lang) {
?>
<div><strong><?php
echo $lang;
?>
:</strong> <input name="titles[<?php
echo $lang;
?>
]" type="text" style="width:97%" value="<?php
echo htmlspecialchars(@$mod['titles'][$lang]);
?>
" placeholder="<?php
echo $_LANG['AD_HINT_DEFAULT'];
?>
" /></div>
<?php
}
?>
<?php
}
?>
<table width="100%" cellpadding="0" cellspacing="0" border="0" style="margin-top:10px;">
<tr>
<td valign="top">
<div>
<strong><?php
echo $_LANG['AD_MODULE_NAME'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_SHOW_ADMIN'];
?>
</span>
</div>
<div>
<?php
if (!isset($mod['user']) || @$mod['user'] == 1) {
?>
<input name="name" type="text" id="name" style="width:99%" value="<?php
echo htmlspecialchars($mod['name']);
?>
" />
<?php
} else {
?>
<input name="" type="text" id="name" style="width:99%" value="<?php
echo @$mod['name'];
?>
" disabled="disabled" />
<input name="name" type="hidden" value="<?php
echo htmlspecialchars($mod['name']);
?>
" />
<?php
}
?>
</div>
</td>
<td valign="top" width="160" style="padding-left:10px;">
<div>
<strong><?php
echo $_LANG['AD_PREFIX_CSS'];
?>
</strong>
</div>
<div>
<input name="css_prefix" type="text" id="css_prefix" value="<?php
echo @$mod['css_prefix'];
?>
" style="width:154px" />
</div>
</td>
</tr>
</table>
<div style="margin-top:8px">
<strong><?php
echo $_LANG['AD_DEFOLT_VIEW'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_POSITION_MUST_BE'];
?>
</span>
</div>
<div>
<?php
$pos = cpModulePositions(cmsConfig::getConfig('template'));
?>
<table width="100%" cellpadding="0" cellspacing="0" border="0" style="margin-top:5px;">
<tr>
<td valign="top">
<select name="position" id="position" style="width:100%">
<?php
if ($pos) {
foreach ($pos as $key => $position) {
if (@$mod['position'] == $position) {
echo '<option value="' . $position . '" selected>' . $position . '</option>';
} else {
echo '<option value="' . $position . '">' . $position . '</option>';
}
}
}
?>
</select>
</td>
<?php
if (file_exists(PATH . '/templates/' . TEMPLATE . '/positions.jpg')) {
?>
<td valign="top" width="160" style="padding-left:10px;">
<script>
$(function() {
$('#pos').dialog({modal: true, autoOpen: false, closeText: LANG_CLOSE, width: 'auto'});
});
</script>
<a onclick="$('#pos').dialog('open');return false;" href="#" class="ajaxlink"><?php
echo $_LANG['AD_SEE_VISUALLY'];
?>
</a>
<div id="pos" title="<?php
echo $_LANG['AD_TPL_POS'];
?>
"><img src="/templates/<?php
echo TEMPLATE;
?>
/positions.jpg" alt="<?php
echo $_LANG['AD_TPL_POS'];
?>
" /></div>
</td>
<?php
}
?>
</tr>
</table>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_MODULE_TEMPLATE'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_FOLDER_MODULES'];
?>
</span>
</div>
<div>
<?php
$tpls = cmsAdmin::getModuleTemplates();
?>
<select name="template" id="template" style="width:100%">
<?php
foreach ($tpls as $tpl) {
$selected = $mod['template'] == $tpl || !$mod['template'] && $tpl == 'module.tpl' ? 'selected="selected"' : '';
echo '<option value="' . $tpl . '" ' . $selected . '>' . $tpl . '</option>';
}
?>
</select>
</div>
<?php
if ($do == 'add') {
?>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_MODULE_TYPE'];
?>
</strong>
</div>
<div>
<select name="operate" id="operate" onchange="checkDiv()" style="width:100%">
<option value="user" selected="selected"><?php
echo $_LANG['AD_MODULE_TYPE_NEW'];
?>
</option>
<option value="clone"><?php
echo $_LANG['AD_MODULE_TYPE_COPY'];
?>
</option>
</select>
</div>
<?php
}
?>
<?php
if (!isset($mod['user']) || $mod['user'] == 1 || $do == 'add') {
?>
<div id="user_div">
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_MODULE_CONTENT'];
?>
</strong>
</div>
<div><?php
insertPanel();
?>
</div>
<div>
<?php
$inCore->insertEditor('content', $mod['content'], '250', '100%');
?>
</div>
</div>
<?php
}
?>
<div id="clone_div" style="display:none;">
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_MODULE_COPY'];
?>
</strong>
</div>
<div>
<select name="clone_id" id="clone_id" style="width:100%">
<?php
echo $inCore->getListItems('cms_modules');
?>
</select>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:6px">
<tr>
<td width="20"><input type="checkbox" name="del_orig" id="del_orig" value="1" /></td>
<td><label for="del_orig"><?php
echo $_LANG['AD_ORIGINAL_MODULE_DELETE'];
?>
</label></td>
</tr>
</table>
</div>
</div>
</td>
<!-- боковая ячейка -->
<td width="300" valign="top" style="background:#ECECEC;">
<?php
ob_start();
?>
{tab=<?php
echo $_LANG['AD_TAB_PUBLISH'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20"><input type="checkbox" name="published" id="published" value="1" <?php
if ($mod['published'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="published"><strong><?php
echo $_LANG['AD_MODULE_PUBLIC'];
?>
</strong></label></td>
</tr>
<tr>
<td width="20"><input name="show_all" id="show_all" type="checkbox" value="1" onclick="checkGroupList()" <?php
if ($show_all) {
echo 'checked';
}
?>
/></td>
<td><label for="show_all"><strong><?php
echo $_LANG['AD_VIEW_ALL_PAGES'];
?>
</strong></label></td>
</tr>
</table>
<?php
if ($do == 'edit') {
$bind_sql = "SELECT * FROM cms_modules_bind WHERE module_id = " . $mod['id'];
$bind_res = $inDB->query($bind_sql);
$bind = array();
$bind_pos = array();
while ($r = $inDB->fetch_assoc($bind_res)) {
$bind[] = $r['menu_id'];
$bind_pos[$r['menu_id']] = $r['position'];
}
}
$menu_sql = "SELECT * FROM cms_menu ORDER BY NSLeft, ordering";
$menu_res = $inDB->query($menu_sql);
$menu_items = array();
if ($inDB->num_rows($menu_res)) {
while ($item = $inDB->fetch_assoc($menu_res)) {
if ($do == 'edit') {
if (in_array($item['id'], $bind)) {
$item['selected'] = true;
$item['position'] = $bind_pos[$item['id']];
}
}
$item['titles'] = cmsCore::yamlToArray($item['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($item['titles'][cmsConfig::getConfig('lang')])) {
$item['title'] = $item['titles'][cmsConfig::getConfig('lang')];
}
$item['title'] = str_replace($_LANG['AD_ROOT_PAGES'], $_LANG['AD_MAIN'], $item['title']);
$menu_items[] = $item;
}
}
?>
<div id="grp">
<div style="margin-top:13px">
<strong class="show_list"><?php
echo $_LANG['AD_WHERE_MODULE_VIEW'];
?>
</strong>
<strong class="hide_list"><?php
echo $_LANG['AD_WHERE_MODULE_NOT_VIEW'];
?>
</strong>
</div>
<div style="height:300px;overflow: auto;border: solid 1px #999; padding:5px 10px; background: #FFF;">
<table cellpadding="0" cellspacing="0" border="0" width="100%" align="center">
<tr>
<td colspan="2" height="25"><strong><?php
echo $_LANG['AD_MENU'];
?>
</strong></td>
<td class="show_list" align="center" width="50"><strong><?php
echo $_LANG['AD_POSITION'];
?>
</strong></td>
</tr>
<?php
foreach ($menu_items as $i) {
?>
<tr class="show_list">
<td width="20" height="25">
<input type="checkbox" name="showin[]" id="mid<?php
echo $i['id'];
?>
" value="<?php
echo $i['id'];
?>
" <?php
if ($i['selected']) {
?>
checked="checked"<?php
}
?>
onclick="$('#p<?php
echo $i['id'];
?>
').toggle()"/>
</td>
<td style="padding-left:<?php
echo $i['NSLevel'] * 6 - 6;
?>
px"><label for="mid<?php
echo $i['id'];
?>
"><?php
echo $i['title'];
?>
</label></td>
<td align="center">
<select id="p<?php
echo $i['id'];
?>
" name="showpos[<?php
echo $i['id'];
?>
]" style="<?php
if (!$i['selected']) {
?>
display:none<?php
}
?>
">
<?php
foreach ($pos as $position) {
?>
<option value="<?php
echo $position;
?>
" <?php
if ($i['position'] == $position) {
?>
selected="selected"<?php
}
?>
><?php
echo $position;
?>
</option>
<?php
}
?>
</select>
</td>
</tr>
<?php
}
?>
<?php
foreach ($menu_items as $it) {
?>
<tr class="hide_list">
<td width="20" height="25">
<input type="checkbox" name="hidden_menu_ids[]" id="hmid<?php
echo $it['id'];
?>
" value="<?php
echo $it['id'];
?>
" <?php
if (in_array($it['id'], $mod['hidden_menu_ids'])) {
?>
checked="checked"<?php
}
?>
/>
</td>
<td style="padding-left:<?php
echo $it['NSLevel'] * 6 - 6;
?>
px"><label for="hmid<?php
echo $it['id'];
?>
"><?php
echo $it['title'];
?>
</label></td>
</tr>
<?php
}
?>
</table>
</div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist show_list">
<tr>
<td width="20"><input type="checkbox" name="is_strict_bind" id="is_strict_bind" value="1" <?php
if ($mod['is_strict_bind']) {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="is_strict_bind"><strong><?php
echo $_LANG['AD_DONT_VIEW'];
?>
</strong></label></td>
</tr>
</table>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist hide_list">
<tr>
<td width="20"><input type="checkbox" name="is_strict_bind_hidden" id="is_strict_bind_hidden" value="1" <?php
if ($mod['is_strict_bind_hidden']) {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="is_strict_bind_hidden"><strong><?php
echo $_LANG['AD_EXCEPT_NESTED'];
?>
</strong></label></td>
</tr>
</table>
</div>
<?php
if ($mod['is_external'] && $do == 'edit' || $do == 'add') {
?>
{tab=<?php
echo $_LANG['AD_MODULE_CACHE'];
?>
}
<div style="margin-top:4px">
<strong><?php
echo $_LANG['AD_DO_MODULE_CACHE'];
?>
</strong>
</div>
<div>
<select name="cache" id="cache" style="width:100%">
<option value="0" <?php
if (@(!$mod['cache'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['NO'];
?>
</option>
<option value="1" <?php
if (@$mod['cache']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['YES'];
?>
</option>
</select>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_MODULE_CACHE_PERIOD'];
?>
</strong>
</div>
<div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" style="margin-top:5px;">
<tr>
<td valign="top" width="100">
<input name="cachetime" type="text" id="int_1" style="width:99%" value="<?php
echo @(int) $mod['cachetime'];
?>
"/>
</td>
<td valign="top" style="padding-left:5px">
<select name="cacheint" id="int_2" style="width:100%">
<option value="MINUTE" <?php
if (@mb_strstr($mod['cacheint'], 'MINUTE')) {
echo 'selected="selected"';
}
?>
><?php
echo cmsCore::spellCount((int) @$mod['cachetime'], $_LANG['MINUTE1'], $_LANG['MINUTE2'], $_LANG['MINUTE10'], false);
?>
</option>
<option value="HOUR" <?php
if (@mb_strstr($mod['cacheint'], 'HOUR')) {
echo 'selected="selected"';
}
?>
><?php
echo cmsCore::spellCount((int) @$mod['cachetime'], $_LANG['HOUR1'], $_LANG['HOUR2'], $_LANG['HOUR10'], false);
?>
</option>
<option value="DAY" <?php
if (@mb_strstr($mod['cacheint'], 'DAY')) {
echo 'selected="selected"';
}
?>
><?php
echo cmsCore::spellCount((int) @$mod['cachetime'], $_LANG['DAY1'], $_LANG['DAY2'], $_LANG['DAY10'], false);
?>
</option>
<option value="MONTH" <?php
if (@mb_strstr($mod['cacheint'], 'MONTH')) {
echo 'selected="selected"';
}
?>
><?php
echo cmsCore::spellCount((int) @$mod['cachetime'], $_LANG['MONTH1'], $_LANG['MONTH2'], $_LANG['MONTH10'], false);
?>
</option>
</select>
</td>
</tr>
</table>
</div>
<div style="margin-top:15px">
<?php
if ($do == 'edit') {
if ($inCore->isCached('module', $mod['id'], $mod['cachetime'], $mod['cacheint'])) {
$t = 'module' . $mod['id'];
$cfile = PATH . '/cache/' . md5($t) . '.html';
if (file_exists($cfile)) {
$kb = round(filesize($cfile) / 1024, 2);
echo '<a href="index.php?view=cache&do=delcache&target=module&id=' . $mod['id'] . '">' . $_LANG['AD_MODULE_CACHE_DELETE'] . '</a> (' . $kb . $_LANG['SIZE_KB'] . ')';
}
} else {
echo '<span style="color:gray">' . $_LANG['AD_NO_CACHE'] . '</span>';
}
}
?>
</div>
<?php
}
?>
{tab=<?php
echo $_LANG['AD_TAB_ACCESS'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<?php
$groups = cmsUser::getGroups();
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
if ($mod['access_list']) {
$public = '';
$style = '';
$access_list = $inCore->yamlToArray($mod['access_list']);
}
}
?>
<input name="is_public" type="checkbox" id="is_public" onclick="checkAccesList()" value="1" <?php
echo $public;
?>
/>
</td>
<td><label for="is_public"><strong><?php
echo $_LANG['AD_SHARE'];
?>
</strong></label></td>
</tr>
</table>
<div style="padding:5px">
<span class="hinttext">
<?php
echo $_LANG['AD_IF_CHECKED'];
?>
</span>
</div>
<div style="margin-top:10px;padding:5px;padding-right:0px;">
<div>
<strong><?php
echo $_LANG['AD_GROUPS_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<?php
echo '<select style="width: 99%" name="allow_group[]" id="allow_group" size="6" multiple="multiple" ' . $style . '>';
if ($groups) {
foreach ($groups as $group) {
echo '<option value="' . $group['id'] . '"';
if ($do == 'edit' && $mod['access_list']) {
if (inArray($access_list, $group['id'])) {
echo 'selected="selected"';
}
}
echo '>';
echo $group['title'] . '</option>';
}
}
echo '</select>';
?>
</div>
</div>
{/tabs}
<?php
echo jwTabs(ob_get_clean());
?>
</td>
</tr>
</table>
<p>
<input name="add_mod" type="submit" id="add_mod" value="<?php
echo $_LANG['SAVE'];
?>
" />
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.history.back();" />
<input name="do" type="hidden" id="do" <?php
if ($do == 'add') {
echo 'value="submit"';
} else {
echo 'value="update"';
}
?>
/>
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="' . $mod['id'] . '" />';
}
?>
</p>
</form>
<?php
}
//============================================================================//
//============================================================================//
}
/**
* Регистрирует поля подлежащие переводу
* @param str $target Цель
* @param array $fields массив подлежащих переводу полей и их типов 'поле'=>'str|html'
*/
public static function registerFields($target, $fields)
{
cmsDatabase::getInstance()->insert('cms_translations_fields', array('target' => $target, 'fields' => cmsCore::arrayToYaml($fields)), true);
}
function applet_modules()
{
$inCore = cmsCore::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) {
cpAccessDenied();
}
cmsCore::c('page')->setTitle($_LANG['AD_MODULES']);
cpAddPathway($_LANG['AD_MODULES'], 'index.php?view=modules');
cmsCore::c('page')->addHeadJS('admin/js/modules.js');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
$co = cmsCore::request('co', 'int', -1);
if ($do == 'config') {
$module_name = cpModuleById($id);
$module_title = cpModuleTitleById($id);
if (!$module_name) {
cmsCore::redirect('index.php?view=modules&do=edit&id=' . $id);
}
$xml_file = PATH . '/admin/modules/' . $module_name . '/backend.xml';
$php_file = 'modules/' . $module_name . '/backend.php';
if (file_exists($php_file)) {
include $php_file;
return;
}
$cfg = $inCore->loadModuleConfig($id);
cpAddPathway($module_title, '?view=modules&do=edit&id=' . $id);
cpAddPathway($_LANG['AD_SETTINGS']);
$toolmenu = array(array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:submitModuleConfig();'), array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=modules'), array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_MODULE_VIEW'], 'link' => '?view=modules&do=edit&id=' . $id));
cpToolMenu($toolmenu);
$tpl = cmsCore::c('page')->initTemplate('applets', 'modules_config')->assign('module_title', $module_title)->assign('id', $id);
if (file_exists($xml_file)) {
cmsCore::loadClass('formgen');
$formGen = new cmsFormGen($xml_file, $cfg);
$tpl->assign('formGenHtml', $formGen->getHTML());
} else {
$tpl->assign('cfg', $cfg);
}
$tpl->display();
}
if ($do == 'save_auto_config') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$module_name = cpModuleById($id);
$is_ajax = cmsCore::inRequest('ajax');
if ($is_ajax) {
$title = cmsCore::request('title', 'str', '');
$published = cmsCore::request('published', 'int', 0);
cmsCore::c('db')->query("UPDATE cms_modules SET title='" . $title . "', published='" . $published . "' WHERE id=" . $id);
if (cmsCore::inRequest('content')) {
$content = cmsCore::c('db')->escape_string(cmsCore::request('content', 'html'));
cmsCore::c('db')->query("UPDATE cms_modules SET content='" . $content . "' WHERE id=" . $id);
}
}
if (cmsCore::inRequest('title_only')) {
cmsCore::redirectBack();
}
$xml_file = PATH . '/admin/modules/' . $module_name . '/backend.xml';
if (file_exists($xml_file)) {
$cfg = array();
$backend = simplexml_load_file($xml_file);
foreach ($backend->params->param as $param) {
$name = (string) $param['name'];
$type = (string) $param['type'];
$default = (string) $param['default'];
switch ($param['type']) {
case 'number':
$value = cmsCore::request($name, 'int', $default);
break;
case 'string':
$value = cmsCore::request($name, 'str', $default);
break;
case 'html':
$value = cmsCore::badTagClear(cmsCore::request($name, 'html', $default));
break;
case 'flag':
$value = cmsCore::request($name, 'int', 0);
break;
case 'list':
$value = is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default);
break;
case 'list_function':
$value = cmsCore::request($name, 'str', $default);
break;
case 'list_db':
$value = is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default);
break;
}
$cfg[$name] = $value;
}
}
$cfg['tpl'] = cmsCore::request('tpl', 'str', $module_name);
$inCore->saveModuleConfig($id, $cfg);
if (!$is_ajax) {
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
}
cmsCore::redirectBack();
}
if ($do == 'list') {
$toolmenu = array(array('icon' => 'new.gif', 'title' => $_LANG['AD_MODULE_ADD'], 'link' => '?view=modules&do=add'), array('icon' => 'install.gif', 'title' => $_LANG['AD_MODULES_SETUP'], 'link' => '?view=install&do=module'), array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=edit&multiple=1');"), array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=delete&multiple=1');"), array('icon' => 'show.gif', 'title' => $_LANG['AD_ALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=show&multiple=1');"), array('icon' => 'hide.gif', 'title' => $_LANG['AD_DISALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=hide&multiple=1');"), array('icon' => 'autoorder.gif', 'title' => $_LANG['AD_MODULE_ORDER'], 'link' => '?view=modules&do=autoorder'), array('icon' => 'reorder.gif', 'title' => $_LANG['AD_SAVE_ORDER'], 'link' => "javascript:checkSel('?view=modules&do=saveorder');"), array('icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=modules'));
cpToolMenu($toolmenu);
$fields = array(array('title' => 'id', 'field' => 'id', 'width' => '40'), array('title' => $_LANG['AD_TITLE'], 'field' => array('title', 'titles'), 'width' => '', 'link' => '?view=modules&do=edit&id=%id%', 'prc' => function ($i) {
$i['titles'] = cmsCore::yamlToArray($i['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($i['titles'][cmsConfig::getConfig('lang')])) {
$i['title'] = $i['titles'][cmsConfig::getConfig('lang')];
}
return $i['title'];
}), array('title' => $_LANG['TITLE'], 'field' => 'name', 'width' => '220', 'filter' => '15'), array('title' => $_LANG['AD_VERSION'], 'field' => 'version', 'width' => '70'), array('title' => $_LANG['AD_AUTHOR'], 'field' => 'author', 'width' => '110'), array('title' => $_LANG['SHOW'], 'field' => 'published', 'width' => '80'), array('title' => $_LANG['AD_ORDER'], 'field' => 'ordering', 'width' => '100'), array('title' => $_LANG['AD_POSITION'], 'field' => 'position', 'width' => '80', 'filter' => '10', 'filterlist' => cpGetList('positions')));
$actions = array(array('title' => $_LANG['AD_CONFIG'], 'icon' => 'config.gif', 'link' => '?view=modules&do=config&id=%id%', 'condition' => 'cpModuleHasConfig'), array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=modules&do=edit&id=%id%'), array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_MODULE_DELETE'], 'link' => '?view=modules&do=delete&id=%id%'));
cpListTable('cms_modules', $fields, $actions, '', 'published DESC, position, ordering ASC');
}
if ($do == 'autoorder') {
$rs = cmsCore::c('db')->query("SELECT id, position FROM cms_modules ORDER BY position");
if (cmsCore::c('db')->num_rows($rs)) {
$ord = 1;
while ($item = cmsCore::c('db')->fetch_assoc($rs)) {
if (isset($latest_pos)) {
if ($latest_pos != $item['position']) {
$ord = 1;
}
}
cmsCore::c('db')->query("UPDATE cms_modules SET ordering = " . $ord . " WHERE id=" . $item['id']);
$ord += 1;
$latest_pos = $item['position'];
}
}
cmsCore::redirect('index.php?view=modules');
}
if ($do == 'move_up') {
if ($id >= 0) {
dbMoveUp('cms_modules', $id, $co);
}
cmsCore::redirectBack();
}
if ($do == 'move_down') {
if ($id >= 0) {
dbMoveDown('cms_modules', $id, $co);
}
cmsCore::redirectBack();
}
if ($do == 'saveorder') {
if (isset($_REQUEST['ordering'])) {
$ord = $_REQUEST['ordering'];
$ids = $_REQUEST['ids'];
foreach ($ord as $id => $ordering) {
cmsCore::c('db')->query("UPDATE cms_modules SET ordering = " . (int) $ordering . " WHERE id = " . (int) $ids[$id]);
}
cmsCore::redirect('index.php?view=modules');
}
}
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
cmsCore::c('db')->setFlag('cms_modules', $id, 'published', '1');
}
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_modules', $_REQUEST['item'], 'published', '1');
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
cmsCore::c('db')->setFlag('cms_modules', $id, 'published', '0');
}
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_modules', $_REQUEST['item'], 'published', '0');
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
$inCore->removeModule($id);
} else {
$inCore->removeModule(cmsCore::request('item', 'array_int', array()));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=modules');
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$id = cmsCore::request('id', 'int', 0);
$mod = cmsCore::c('db')->get_fields('cms_modules', "id = " . $id . "", '*');
$module = array('name' => cmsCore::request('name', 'str', ''), 'title' => cmsCore::request('title', 'str', ''), 'titles' => cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array())), 'position' => cmsCore::request('position', 'str', ''), 'showtitle' => cmsCore::request('showtitle', 'int', 0), 'published' => cmsCore::request('published', 'int', 0), 'css_prefix' => cmsCore::request('css_prefix', 'str', ''), 'is_strict_bind' => cmsCore::request('is_strict_bind', 'int', 0), 'is_strict_bind_hidden' => cmsCore::request('is_strict_bind_hidden', 'int', 0), 'template' => cmsCore::request('template', 'str', ''), 'cache' => cmsCore::request('cache', 'int', 0), 'cachetime' => cmsCore::request('cachetime', 'int', 0), 'cacheint' => cmsCore::request('cacheint', 'str', ''), 'access_list' => '', 'hidden_menu_ids' => '');
if (!$mod['is_external']) {
$module['content'] = cmsCore::c('db')->escape_string(cmsCore::request('content', 'html', ''));
}
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$module['access_list'] = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int', array()));
}
cmsCore::c('db')->update('cms_modules', $module, $id);
cmsCore::c('db')->delete('cms_modules_bind', "module_id=" . $id . " AND tpl='" . cmsCore::c('config')->template . "'");
if (cmsCore::request('show_all', 'int', 0)) {
cmsCore::c('db')->insert('cms_modules_bind', array('module_id' => $id, 'menu_id' => 0, 'position' => $module['position'], 'tpl' => cmsCore::c('config')->template));
$hidden_menu_ids = cmsCore::request('hidden_menu_ids', 'array_int', array());
if (!empty($hidden_menu_ids)) {
$hidden_menu_ids = cmsCore::arrayToYaml($hidden_menu_ids);
cmsCore::c('db')->query("UPDATE cms_modules SET hidden_menu_ids='" . $hidden_menu_ids . "' WHERE id = '" . $id . "' LIMIT 1");
}
} else {
$showin = cmsCore::request('showin', 'array_int', array());
$showpos = cmsCore::request('showpos', 'array_str', array());
if (count($showin) > 0) {
foreach ($showin as $key => $value) {
cmsCore::c('db')->insert('cms_modules_bind', array('module_id' => $id, 'menu_id' => $value, 'position' => $showpos[$value], 'tpl' => cmsCore::c('config')->template));
}
}
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
if (!isset($_SESSION['editlist']) || count($_SESSION['editlist']) == 0) {
cmsCore::redirect('index.php?view=modules');
} else {
cmsCore::redirect('index.php?view=modules&do=edit');
}
}
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$maxorder = cmsCore::c('db')->get_field('cms_menu', '1=1 ORDER BY ordering DESC', 'ordering') + 1;
$name = cmsCore::request('name', 'str', '');
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$position = cmsCore::request('position', 'str', '');
$showtitle = cmsCore::request('showtitle', 'int', 0);
$content = cmsCore::c('db')->escape_string(cmsCore::request('content', 'html', ''));
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int', array()));
}
$template = cmsCore::request('template', 'str', '');
$cache = cmsCore::request('cache', 'int', 0);
$cachetime = cmsCore::request('cachetime', 'int', 0);
$cacheint = cmsCore::request('cacheint', 'str', '');
$operate = cmsCore::request('operate', array('user', 'clone'), '');
$is_strict_bind = cmsCore::request('is_strict_bind', 'int', 0);
$is_strict_bind_hidden = cmsCore::request('is_strict_bind_hidden', 'int', 0);
if ($operate == 'user') {
//USER MODULE
$sql = "INSERT INTO cms_modules (position, name, title, titles, is_external, content, ordering, showtitle, published, user, original, css_prefix, access_list, template, is_strict_bind, is_strict_bind_hidden)\r\n VALUES ('" . $position . "', '" . $name . "', '" . $title . "', '" . $titles . "', 0, '" . $content . "', '" . $maxorder . "', '" . $showtitle . "', '" . $published . "', 1, 1, '" . $css_prefix . "', '" . $access_list . "', '" . $template . "', '" . $is_strict_bind . "', '" . $is_strict_bind_hidden . "')";
cmsCore::c('db')->query($sql);
}
if ($operate == 'clone') {
//DUPLICATE MODULE
$mod_id = cmsCore::request('clone_id', 'int', 0);
$sql = "SELECT * FROM cms_modules WHERE id = " . $mod_id . " LIMIT 1";
$result = cmsCore::c('db')->query($sql);
$original = cmsCore::c('db')->escape_string(cmsCore::c('db')->fetch_assoc($result));
$is_original = cmsCore::request('del_orig', 'int', 0) ? 1 : 0;
$sql = "INSERT INTO cms_modules (position, name, title, titles, is_external, content, ordering, showtitle, published, original, user, config, css_prefix, template, access_list, is_strict_bind, is_strict_bind_hidden, cache, cachetime, cacheint, version)\r\n VALUES (\r\n '" . $position . "',\r\n '" . $original['name'] . "',\r\n '" . $title . "',\r\n '" . $titles . "',\r\n '" . $original['is_external'] . "',\r\n '" . $original['content'] . "',\r\n '" . $maxorder . "',\r\n '" . $showtitle . "',\r\n '" . $published . "',\r\n '" . $is_original . "',\r\n '" . $original['user'] . "',\r\n '" . $original['config'] . "',\r\n '" . $css_prefix . "',\r\n '" . $template . "',\r\n '" . $access_list . "',\r\n '" . $is_strict_bind . "',\r\n '" . $is_strict_bind_hidden . "',\r\n '" . $cache . "', \r\n '" . $cachetime . "',\r\n '" . $cacheint . "',\r\n '" . $original['version'] . "'\r\n )";
cmsCore::c('db')->query($sql);
if (cmsCore::request('del_orig', 'int', 0)) {
$sql = "DELETE FROM cms_modules WHERE id = " . $mod_id;
cmsCore::c('db')->query($sql);
}
}
$lastid = cmsCore::c('db')->get_last_id('cms_modules');
if (cmsCore::request('show_all', 'int', 0)) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position, tpl)\r\n VALUES (" . $lastid . ", 0, '" . $position . "', '" . cmsCore::c('config')->template . "')";
cmsCore::c('db')->query($sql);
$hidden_menu_ids = cmsCore::request('hidden_menu_ids', 'array_int', array());
if ($hidden_menu_ids) {
$hidden_menu_ids = cmsCore::arrayToYaml($hidden_menu_ids);
cmsCore::c('db')->query("UPDATE cms_modules SET hidden_menu_ids='" . $hidden_menu_ids . "' WHERE id = '" . $lastid . "' LIMIT 1");
}
} else {
$showin = cmsCore::request('showin', 'array', array());
$showpos = cmsCore::request('showpos', 'array', array());
if (count($showin) > 0) {
foreach ($showin as $key => $value) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position, tpl)\r\n VALUES (" . $lastid . ", " . $value . ", '" . $showpos[$value] . "', '" . cmsCore::c('config')->template . "')";
cmsCore::c('db')->query($sql);
}
}
}
cmsCore::addSessionMessage($_LANG['AD_MODULE_ADD_SITE'], 'success');
cmsCore::redirect('index.php?view=modules');
}
if ($do == 'add' || $do == 'edit') {
if ($do == 'add') {
cpAddPathway($_LANG['AD_MODULE_ADD']);
echo '<h3>' . $_LANG['AD_MODULE_ADD'] . '</h3>';
$show_all = false;
} else {
if (cmsCore::inRequest('multiple')) {
if (cmsCore::inRequest('item')) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (count($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . count($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = cmsCore::c('db')->get_fields('cms_modules', "id = '" . $item_id . "'", '*');
if (!$mod) {
cmsCore::error404();
}
$mod['hidden_menu_ids'] = cmsCore::yamlToArray($mod['hidden_menu_ids']);
$mod['titles'] = cmsCore::yamlToArray($mod['titles']);
$show_all = false;
$default_position = cmsCore::c('db')->get_field('cms_modules_bind', "module_id='" . $mod['id'] . "' AND menu_id=0 AND tpl='" . cmsCore::c('config')->template . "'", 'position');
if (!empty($default_position)) {
$show_all = true;
$mod['position'] = $default_position;
}
echo '<h3>' . $_LANG['AD_EDIT_MODULE'] . $ostatok . '</h3>';
cpAddPathway($mod['name']);
}
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);');
if (cmsCore::getArrVal($mod, 'is_external')) {
$php_file = 'modules/' . $mod['content'] . '/backend.php';
$xml_file = 'modules/' . $mod['content'] . '/backend.xml';
if (file_exists($php_file) || file_exists($xml_file)) {
$toolmenu[] = array('icon' => 'config.gif', 'title' => $_LANG['CONFIG_MODULE'], 'link' => '?view=modules&do=config&id=' . $mod['id']);
}
}
cpToolMenu($toolmenu);
$bind = array();
$bind_pos = array();
$cache = 0;
if ($do == 'edit') {
$bind_sql = "SELECT * FROM cms_modules_bind WHERE module_id = " . $mod['id'] . " AND tpl = '" . cmsCore::c('config')->template . "'";
$bind_res = cmsCore::c('db')->query($bind_sql);
while ($r = cmsCore::c('db')->fetch_assoc($bind_res)) {
$bind[] = $r['menu_id'];
$bind_pos[$r['menu_id']] = $r['position'];
}
$cache = cmsCore::c('cache')->get('modules', $mod['id'], $mod['content'], array(cmsCore::getArrVal($mod, 'cachetime', 1), cmsCore::getArrVal($mod, 'cacheint', 'MINUTES')));
}
$menu_sql = "SELECT * FROM cms_menu ORDER BY NSLeft, ordering";
$menu_res = cmsCore::c('db')->query($menu_sql);
$menu_items = array();
if (cmsCore::c('db')->num_rows($menu_res)) {
while ($item = cmsCore::c('db')->fetch_assoc($menu_res)) {
if ($do == 'edit') {
if (in_array($item['id'], $bind)) {
$item['selected'] = true;
$item['position'] = $bind_pos[$item['id']];
}
}
$item['titles'] = cmsCore::yamlToArray($item['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($item['titles'][cmsCore::c('config')->lang])) {
$item['title'] = $item['titles'][cmsCore::c('config')->lang];
}
$item['title'] = str_replace($_LANG['AD_ROOT_PAGES'], $_LANG['AD_MAIN'], $item['title']);
$menu_items[] = $item;
}
}
cmsCore::c('page')->initTemplate('applets', 'modules_add')->assign('do', $do)->assign('langs', cmsCore::getDirsList('/languages'))->assign('pos', cpModulePositions(cmsCore::c('config')->template))->assign('positions_img_exist', file_exists(PATH . '/templates/' . cmsCore::c('config')->template . '/positions.jpg'))->assign('tpls', cmsAdmin::getModuleTemplates())->assign('modules_opt', $inCore->getListItems('cms_modules'))->assign('show_all', $show_all)->assign('groups', cmsUser::getGroups())->assign('kb_cache', !empty($cache) ? round(mb_strlen($cache) / 1024, 2) : false)->assign('menu_items', $menu_items)->assign('access_list', !empty($mod['access_list']) ? $inCore->yamlToArray($mod['access_list']) : array())->assign('mod', $mod)->display();
}
}
function catalog(){
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_catalog();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
$pagetitle = $inCore->getComponentTitle();
$inPage->addPathway($pagetitle, '/catalog');
$inPage->setTitle($pagetitle);
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
$cfg = $inCore->loadComponentConfig('catalog');
if (cmsCore::inRequest('cat_id')){
$id = cmsCore::request('cat_id', 'int', 0);
} else {
$id = cmsCore::request('id', 'int', 0);
}
$do = $inCore->do;
cmsCore::includeFile('components/catalog/includes/shopcore.php');
//////////////////////////// RATING SUBMISSION ///////////////////////////////////////////////////////////////////
if (cmsCore::inRequest('rating')){
$points = cmsCore::request('points', 'int', 0);
$item_id = cmsCore::request('item_id', 'int', 0);
$ip = $inUser->ip;
if (!alreadyVoted($item_id)){
$inDB->query("INSERT INTO cms_uc_ratings (item_id, points, ip) VALUES ($item_id, $points, '$ip')") ;
$inDB->query("DELETE FROM cms_uc_ratings WHERE item_id = $item_id AND ip = '0.0.0.0'") ;
}
}
//////////////////////////// SEARCH BY TAG ///////////////////////////////////////////////////////////////////////
if ($do == 'tag') {
$tag = $inCore->strClear(urldecode($inCore->request('tag', 'html', '')));
$sql = "SELECT tag FROM cms_tags WHERE tag = '$tag' AND target='catalog' LIMIT 1";
$result = $inDB->query($sql) ;
if ($inDB->num_rows($result)==1){
$item = $inDB->fetch_assoc($result);
$query = $inCore->strClear($item['tag']);
$findsql = "SELECT *
FROM cms_uc_items
WHERE category_id = '$id' AND published = 1 AND tags LIKE '%$query%'";
$do = 'cat';
} else { echo $_LANG['NO_MATCHING_FOUND']; }
}
//////////////////////////// ADVANCED SEARCH ////////////////////////////////////////////////////////////////////
if ($do == 'search') {
if (cmsCore::inRequest('gosearch')){
$fdata = cmsCore::request('fdata', 'array', array());
$query = cmsCore::strClear(implode('%', $fdata));
$title = cmsCore::request('title', 'str', '');
$tags = cmsCore::request('tags', 'str', '');
if ($query || $title || $tags){
$findsql = "SELECT i.* , IFNULL(AVG(r.points),0) AS rating
FROM cms_uc_items i
LEFT JOIN cms_uc_ratings r ON r.item_id = i.id
WHERE i.published = 1 AND i.category_id = '$id' ";
if($query){
$findsql .= " AND i.fieldsdata LIKE '%{$query}%' ";
}
if($title){
$findsql .= " AND i.title LIKE '%$title%' ";
}
if($tags){
$findsql .= "AND (i.tags LIKE '%".$tags."%')";
}
$findsql .= " GROUP BY i.id";
$advsearch = 1;
}
$do = 'cat';
} else {
//show search form
$sql = "SELECT * FROM cms_uc_cats WHERE id = '$id'";
$result = $inDB->query($sql) ;
if ($inDB->num_rows($result)==1){
$cat = $inDB->fetch_assoc($result);
$fstruct = cmsCore::yamlToArray($cat['fieldsstruct']);
//heading
$inPage->addPathway($cat['title'], '/catalog/'.$cat['id']);
$inPage->addPathway($_LANG['SEARCH'], '/catalog/'.$cat['id'].'/search.html');
$inPage->setTitle($_LANG['SEARCH_IN_CAT']);
$inPage->addHeadJS('components/catalog/js/search.js');
$fstruct_ready = array();
foreach($fstruct as $key=>$value) {
if (mb_strstr($value, '/~h~/')) { $ftype = 'html'; $value=str_replace('/~h~/', '', $value); }
elseif (mb_strstr($value, '/~l~/')) { $ftype = 'link'; $value=str_replace('/~l~/', '', $value); } else { $ftype='text'; }
if (mb_strstr($value, '/~m~/')) {
$value = str_replace('/~m~/', '', $value);
}
$fstruct_ready[stripslashes($key)] = stripslashes($value);
}
//searchform
cmsPage::initTemplate('components', 'com_catalog_search')->
assign('id', $id)->
assign('cat', $cat)->
assign('fstruct', $fstruct_ready)->
display('com_catalog_search.tpl');
} else { cmsCore::error404(); }
}//search form
}
//////////////////////////// SEARCH BY FIRST LETTER OF TITLE ///////////////////////////////////////////////////////
if ($do == 'findfirst') {
$id = cmsCore::request('cat_id', 'int');
$query = mb_substr(cmsCore::strClear(urldecode(cmsCore::request('text', 'html', ''))), 0, 1);
$findsql = "SELECT i.* , IFNULL(AVG( r.points ),0) AS rating
FROM cms_uc_items i
LEFT JOIN cms_uc_ratings r ON r.item_id = i.id
WHERE i.published = 1 AND i.category_id = $id AND UPPER(LTRIM(i.title)) LIKE UPPER('$query%')
GROUP BY i.id";
$do = 'cat';
$advsearch = 0;
$pagemode = 'findfirst';
}
//////////////////////////// SEARCH BY FIELD ////////////////////////////////////////////////////////////////////
if ($do == 'find') {
$id = cmsCore::request('cat_id', 'int');
$query = cmsCore::strClear(urldecode(cmsCore::request('text', 'html', '')));
$findsql = "SELECT i.* , IFNULL(AVG(r.points),0) AS rating
FROM cms_uc_items i
LEFT JOIN cms_uc_ratings r ON r.item_id = i.id
WHERE i.published = 1 AND i.category_id = $id AND i.fieldsdata LIKE '%$query%'
GROUP BY i.id";
$do = 'cat';
$advsearch = 0;
$query = stripslashes($query);
$pagemode = 'find';
}
//////////////////////////// LIST OF CATEGORIES ////////////////////////////////////////////////////////////////////
if ($do == 'view'){ //List of all categories
$cats_html = subCatsList();
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="'.$_LANG['CATALOG'].'" href="'.HOST.'/rss/catalog/all/feed.rss">');
cmsPage::initTemplate('components', 'com_catalog_index')->
assign('cfg', $cfg)->
assign('title', $pagetitle)->
assign('cats_html', $cats_html)->
display('com_catalog_index.tpl');
}
//////////////////////////// VIEW CATEGORY ///////////////////////////////////////////////////////////////////////
if ($do == 'cat'){
//get category data
$sql = "SELECT * FROM cms_uc_cats WHERE id = $id";
$catres = $inDB->query($sql);
if (!$inDB->num_rows($catres)){ cmsCore::error404(); }
$cat = $inDB->fetch_assoc($catres);
$fstruct = cmsCore::yamlToArray($cat['fieldsstruct']);
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="'.$_LANG['CATALOG'].'" href="'.HOST.'/rss/catalog/'.$cat['id'].'/feed.rss">');
//heading
//PATHWAY ENTRY
$path_list = $model->getCategoryPath($cat['NSLeft'], $cat['NSRight']);
if ($path_list){
foreach($path_list as $pcat){
$inPage->addPathway($pcat['title'], '/catalog/'.$pcat['id']);
}
}
$inPage->setTitle($cat['pagetitle'] ? $cat['pagetitle'] : $cat['title']);
//subcategories
$subcats = subCatsList($cat['id'], $cat['NSLeft'], $cat['NSRight']);
//alphabetic list
if ($cat['showabc']){ $alphabet = getAlphaList($cat['id']); } else { $alphabet = ''; }
//Tool links
$shopcartlink = shopCartLink();
//get items SQL
if (!isset($findsql)){
$sql = "SELECT i.* , IFNULL(AVG( r.points ), 0) AS rating, i.price as price
FROM cms_uc_items i
LEFT JOIN cms_uc_ratings r ON r.item_id = i.id
WHERE i.published = 1 AND i.category_id = $id
GROUP BY i.id";
} else {
$sql = $findsql;
if (!$advsearch){ $inPage->addPathway(icms_ucfirst($query)); } else
{ $inPage->addPathway($_LANG['SEARCH_RESULT']); }
}
// сортировка
if(cmsCore::inRequest('orderby')){
$orderby = cmsCore::request('orderby', array('hits','rating','pubdate','title','price'), $cat['orderby']);
cmsUser::sessionPut('uc_orderby', $orderby);
} elseif(cmsUser::sessionGet('uc_orderby')){
$orderby = cmsUser::sessionGet('uc_orderby');
} else {
$orderby = $cat['orderby'];
}
if(cmsCore::inRequest('orderto')){
$orderto = cmsCore::request('orderto', array('asc','desc'), $cat['orderto']);
cmsUser::sessionPut('uc_orderto', $orderto);
} elseif(cmsUser::sessionGet('uc_orderto')){
$orderto = cmsUser::sessionGet('uc_orderto');
} else {
$orderto = $cat['orderto'];
}
$sql .= " ORDER BY ".$orderby." ".$orderto;
//get total items count
$result = $inDB->query($sql);
$itemscount = $inDB->num_rows($result);
//can user add items here?
$is_cat_access = $model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id);
$is_can_add = $is_cat_access || $inUser->is_admin;
$tpl = cmsPage::initTemplate('components', 'com_catalog_view')->
assign('id', $id)->
assign('cat', $cat)->
assign('subcats', $subcats)->
assign('alphabet', $alphabet)->
assign('shopcartlink', $shopcartlink)->
assign('itemscount', $itemscount)->
assign('is_can_add', $is_can_add)->
assign('orderform', orderForm($orderby, $orderto, ($cat['view_type']=='shop')));
//pagination
if (!@$advsearch) { $perpage = $cat['perpage']; } else { $perpage='100'; }
$page = $inCore->request('page', 'int', 1);
//request items using pagination
$sql .= " LIMIT ".(($page-1)*$perpage).", $perpage";
$result = $inDB->query($sql) ;
//search details, if needed
$search_details = '';
if (isset($findsql)){
if ($advsearch){
$search_details = '<div class="uc_queryform"><strong>'.$_LANG['SEARCH_RESULT'].' - </strong> '.$_LANG['FOUNDED'].': '.$itemscount.' | <a href="/catalog/'.$cat['id'].'">'.$_LANG['CANCEL_SEARCH'].'</a></div>';
} else {
$search_details = '<div class="uc_queryform"><strong>'.$_LANG['SEARCH_BY_TAG'].'</strong> "'.htmlspecialchars(icms_ucfirst(stripslashes($query))).'" ('.$_LANG['MATCHES'].': '.$itemscount.') <a href="/catalog/'.$cat['id'].'">'.$_LANG['CANCEL_SEARCH'].'</a></div>';
}
}
$items = array();
while($item = $inDB->fetch_assoc($result)){
$item['ratingdata'] = ratingData($item['id']);
$item['fdata'] = cmsCore::yamlToArray($item['fieldsdata']);
$item['price'] = number_format(shopDiscountPrice($item['id'], $item['category_id'], $item['price']), 2, '.', ' ');
$item['rating'] = cms_model_catalog::buildRating($item['ratingdata']['rating']);
$item['is_new'] = isNew($item['id'], $cat['shownew'], $cat['newint']);
$item['tagline'] = tagLine($item['tags'], $cat['id']);
$item['can_edit'] = ($cat['can_edit'] && $is_cat_access && ($inUser->id == $item['user_id'])) || $inUser->is_admin;
$item['fields'] = array();
if (sizeof($fstruct)>0){
$fields_show = 0;
foreach($fstruct as $key=>$value){
if ($fields_show < $cat['fields_show']){
if ($item['fdata'][$key]){
if (mb_strstr($value, '/~h~/')){ $value = str_replace('/~h~/', '', $value); $is_html = true; } else { $is_html = false; }
if (mb_strstr($value, '/~m~/')){
$value = str_replace('/~m~/', '', $value);
$makelink = true;
} else {$makelink = false; }
if (!$is_html){
if (mb_strstr($value, '/~l~/')){
if (@$item['fdata'][$key]!=''){
$field = '<a class="uc_fieldlink" href="/load/url=-'.base64_encode($item['fdata'][$key]).'" target="_blank">'.str_replace('/~l~/', '', $value).'</a> ('.$inCore->fileDownloadCount($item['fdata'][$key]).')';
}
} else {
if ($makelink){
$field = $model->getUCSearchLink($cat['id'], $item['fdata'][$key]);
} else {
$field = $item['fdata'][$key];
}
}
} else {
$field = $item['fdata'][$key];
}
if (isset($query)) { if (mb_stristr($field, $query)) { $field .= '<span class="uc_findsame"> ← <i>'.$_LANG['MATCHE'].'</i></span>';} }
$fields_show++;
$item['fields'][stripslashes($value)] = stripslashes($field);
}
} else { break; }
}
}
$items[] = $item;
}
if (!@$pagemode){
$pagebar = cmsPage::getPagebar($itemscount, $page, $perpage, '/catalog/'.$id.'-%page%');
} else {
if ($pagemode=='findfirst'){
$pagebar = cmsPage::getPagebar($itemscount, $page, $perpage, '/catalog/'.$id.'-%page%/find-first/'.urlencode(urlencode($query)));
}
if ($pagemode=='find'){
$pagebar = cmsPage::getPagebar($itemscount, $page, $perpage, '/catalog/'.$id.'-%page%/find/'.urlencode(urlencode($query)));
}
}
// SEO
if($cat['NSLevel'] > 0){
// meta description
if($cat['meta_desc']){
$meta_desc = $cat['meta_desc'];
} elseif(mb_strlen(strip_tags($cat['description']))>=250){
$meta_desc = crop($cat['description']);
} else {
$meta_desc = $cat['title'];
}
$inPage->setDescription($meta_desc);
// meta keywords
if($cat['meta_keys']){
$meta_keys = $cat['meta_keys'];
} elseif($items){
foreach($items as $c){
$k[] = $c['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $cat['title'];
}
$inPage->setKeywords($meta_keys);
}
$tpl->assign('cfg', $cfg)->
assign('page', $page)->
assign('search_details', $search_details)->
assign('fstruct', $fstruct)->
assign('items', $items)->
assign('pagebar', $pagebar)->
display('com_catalog_view.tpl');
return true;
}
//////////////////////////// VIEW ITEM DETAILS ///////////////////////////////////////////////////////////////////////
if ($do == 'item'){
$id = $inCore->request('id', 'int');
$sql = "SELECT * FROM cms_uc_items WHERE id = '$id'";
$itemres = $inDB->query($sql) ;
if (!$inDB->num_rows($itemres)){ cmsCore::error404(); }
$item = $inDB->fetch_assoc($itemres);
if ((!$item['published'] || $item['on_moderate']) && !$inUser->is_admin){
cmsCore::error404();
}
$fdata = cmsCore::yamlToArray($item['fieldsdata']);
if ($item['meta_keys']) { $inPage->setKeywords($item['meta_keys']); }
if ($item['meta_desc']) { $inPage->setDescription($item['meta_desc']); }
$ratingdata = ratingData($id);
$sql = "SELECT * FROM cms_uc_cats WHERE id = '{$item['category_id']}'";
$catres = $inDB->query($sql) ;
$cat = $inDB->fetch_assoc($catres);
$fstruct = cmsCore::yamlToArray($cat['fieldsstruct']);
$is_cat_access = $inUser->id ?
$model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id) : false;
$item['can_edit'] = ($cat['can_edit'] && $is_cat_access && ($inUser->id == $item['user_id'])) || $inUser->is_admin;
//PATHWAY ENTRY
$path_list = $model->getCategoryPath($cat['NSLeft'], $cat['NSRight']);
if ($path_list){
foreach($path_list as $pcat){
$inPage->addPathway($pcat['title'], '/catalog/'.$pcat['id']);
}
}
$inPage->addPathway($item['title'], '/catalog/item'.$item['id'].'.html');
$inPage->setTitle($item['title']);
if ($cat['view_type']=='shop'){
$shopCartLink=shopCartLink();
}
//update hits
$inDB->query("UPDATE cms_uc_items SET hits = hits + 1 WHERE id = '$id'") ;
//print item details
$fields = array();
if (sizeof($fstruct)>0){
foreach($fstruct as $key=>$value){
if (@$fdata[$key]){
if (mb_strstr($value, '/~h~/')){
$value = str_replace('/~h~/', '', $value);
$htmlfield = true;
}
if (mb_strstr($value, '/~m~/')){
$value = str_replace('/~m~/', '', $value);
$makelink = true;
} else {$makelink = false; }
$field = (string)str_replace('<p>', '<p style="margin-top:0px; margin-bottom:5px">', $fdata[$key]);
if (mb_strstr($value, '/~l~/')){
$field = '<a class="uc_detaillink" href="/load/url=-'.base64_encode($field).'" target="_blank">'.str_replace('/~l~/', '', $value).'</a> ('.$inCore->fileDownloadCount($field).')';
} else {
if (isset($htmlfield)) {
if ($makelink) {
$field = $model->getUCSearchLink($cat['id'], $field);
} else {
//PROCESS FILTERS, if neccessary
if ($cat['filters']){
$filters = $inCore->getFilters();
if ($filters){
foreach($filters as $id=>$_data){
require_once PATH.'/filters/'.$_data['link'].'/filter.php';
$_data['link']($field);
}
}
}
$field = stripslashes($field);
}
} else {
if ($makelink) {
$field = $model->getUCSearchLink($cat['id'], $field);
}
}
}
$fields[stripslashes($value)] = stripslashes($field);
}
}
}
if ($cat['view_type']=='shop'){
$item['price'] = number_format(shopDiscountPrice($item['id'], $item['category_id'], $item['price']), 2, '.', ' ');
}
$user = $inDB->get_fields('cms_users', "id='{$item['user_id']}'", 'login, nickname');
$getProfileLink = cmsUser::getProfileLink($user['login'], $user['nickname']);
if ($cat['is_ratings']){
$ratingForm = ratingForm($ratingdata, $item['id']);
}
cmsPage::initTemplate('components', 'com_catalog_item')->
assign('shopCartLink', (isset($shopCartLink) ? $shopCartLink : ''))->
assign('getProfileLink', $getProfileLink)->
assign('tagline', tagLine($item['tags'], $cat['id']))->
assign('item', $item)->
assign('cat', $cat)->
assign('fields', $fields)->
assign('ratingForm', (isset($ratingForm) ? $ratingForm : ''))->
display('com_catalog_item.tpl');
if ($item['is_comments'] && $inCore->isComponentEnable('comments')) {
cmsCore::includeComments();
comments('catalog', $item['id'], array(), ($inUser->id == $item['user_id']));
}
return true;
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////// S H O P /////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////// ADD TO CART /////////////////////////////////////////////////////////////////////////////
if ($do == 'addcart'){
shopAddToCart($id, 1);
$inCore->redirect('/catalog/viewcart.html');
}
///////////////////////// VIEW CART /////////////////////////////////////////////////////////////////////////////
if ($do == 'viewcart'){
shopCart();
}
///////////////////////// DELETE FROM CART /////////////////////////////////////////////////////////////////////////////
if ($do == 'cartremove'){
shopRemoveFromCart($id);
$inCore->redirectBack();
}
///////////////////////// CLEAR CART /////////////////////////////////////////////////////////////////////////////
if ($do == 'clearcart'){
shopClearCart();
$inCore->redirectBack();
}
///////////////////////// CLEAR CART /////////////////////////////////////////////////////////////////////////////
if ($do == 'savecart'){
$itemcounts = $inCore->request('kolvo', 'array_int');
if (is_array($itemcounts)){
shopUpdateCart($itemcounts);
}
$inCore->redirectBack();
}
///////////////////////// ORDER //////////////////////////////////////////////////////////////////////////////////
if ($do == 'order'){
shopOrder($cfg);
}
///////////////////////// ORDER //////////////////////////////////////////////////////////////////////////////////
if ($do == 'finish'){
shopFinishOrder($cfg);
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'add_item' || $do == 'edit_item'){
$cat_id = cmsCore::request('cat_id', 'int');
$item_id = cmsCore::request('item_id', 'int', 0);
if ($do == 'add_item'){
$cat = $inDB->get_fields('cms_uc_cats', "id='$cat_id'", '*');
if (!$cat){ cmsCore::error404(); }
$inPage->setTitle($_LANG['ADD_ITEM']);
if (!($model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id) || $inUser->is_admin)){
cmsCore::error404();
}
$item = array();
$fdata = array();
if ($cat['cost']=='') { $cat['cost'] = false; }
if (IS_BILLING){
cmsBilling::checkBalance('catalog', 'add_catalog_item', false, $cat['cost']);
}
$item['is_comments'] = 1;
}
if ($do == 'edit_item'){
$inPage->setTitle($_LANG['EDIT_ITEM']);
$item = $inDB->get_fields('cms_uc_items', "id='$item_id'", '*');
if (!$item) { cmsCore::error404(); }
$cat = $inDB->get_fields('cms_uc_cats', "id='{$item['category_id']}'", '*');
if (!$cat){ cmsCore::error404(); }
$is_cat_access = $model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id);
$is_can_edit = ($cat['can_edit'] && $is_cat_access && ($inUser->id == $item['user_id'])) || $inUser->is_admin;
if (!$is_can_edit) { cmsCore::error404(); }
$fdata = cmsCore::yamlToArray($item['fieldsdata']);
}
$path_list = $model->getCategoryPath($cat['NSLeft'], $cat['NSRight']);
if ($path_list){
foreach($path_list as $pcat){
$inPage->addPathway($pcat['title'], '/catalog/'.$pcat['id']);
}
}
if($do == 'add_item'){
$inPage->addPathway($_LANG['ADD_ITEM']);
} else {
$inPage->addPathway($_LANG['EDIT_ITEM']);
}
$cats = $inCore->getListItems('cms_uc_cats', $cat['id'], 'id', 'ASC', 'parent_id > 0 AND published = 1');
$fields = array();
$fstruct = cmsCore::yamlToArray($cat['fieldsstruct']);
foreach($fstruct as $f_id=>$value){
if (mb_strstr($value, '/~h~/')) { $ftype = 'html'; $value=str_replace('/~h~/', '', $value); }
elseif (mb_strstr($value, '/~l~/')) { $ftype = 'link'; $value=str_replace('/~l~/', '', $value); } else { $ftype='text'; }
if (mb_strstr($value, '/~m~/')) { $makelink = true; $value=str_replace('/~m~/', '', $value); }
else { $makelink = false; }
$next['ftype'] = stripslashes($ftype);
$next['title'] = stripslashes($value);
$next['makelink'] = stripslashes($makelink);
if (!empty($fdata[$f_id])){
$next['value'] = stripslashes($fdata[$f_id]);
} else {
$next['value'] = '';
}
$fields[$f_id] = $next;
}
cmsPage::initTemplate('components', 'com_catalog_add')->
assign('do', $do)->
assign('item', $item)->
assign('fields', $fields)->
assign('cat', $cat)->
assign('cats', $cats)->
assign('cfg', $cfg)->
assign('is_admin', $inUser->is_admin)->
assign('cat_id', $cat['id'])->
display('com_catalog_add.tpl');
return;
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'submit_item'){
$opt = cmsCore::request('opt', 'str', 'add');
$new_cat_id = cmsCore::request('new_cat_id', 'int', 0);
$cat_id = $new_cat_id ? $new_cat_id : cmsCore::request('cat_id', 'int', 0);
$item_id = cmsCore::request('item_id', 'int', 0);
$cat = $inDB->get_fields('cms_uc_cats', "id='$cat_id'", '*');
if(!$cat){ cmsCore::error404(); }
if ($opt == 'add'){
if(!$inUser->is_admin &&
!$model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id)){
cmsCore::error404();
}
} else {
$item = $inDB->get_fields('cms_uc_items', "id='{$item_id}'", '*');
if(!$item){ cmsCore::error404(); }
if(!$inUser->is_admin &&
!($cat['can_edit'] && ($inUser->id == $item['user_id']) &&
$model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id))){
cmsCore::error404();
}
}
$item['title'] = cmsCore::request('title', 'str');
if (!$item['title']) { cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error'); cmsCore::redirectBack(); }
$item['category_id'] = $cat_id;
$item['published'] = ($cfg['premod'] && !$inUser->is_admin ? 0 : 1);
$item['on_moderate'] = ($cfg['premod'] && !$inUser->is_admin ? 1 : 0);
$item['fdata'] = cmsCore::request('fdata', 'array', array());;
foreach($item['fdata'] as $key=>$value) {
$item['fdata'][$key] = cmsCore::badTagClear($value);
}
$item['fieldsdata'] = $inDB->escape_string(cmsCore::arrayToYaml($item['fdata']));
$item['is_comments'] = $inUser->is_admin ? cmsCore::request('is_comments', 'int', 0) : $cfg['is_comments'];
$item['tags'] = cmsCore::request('tags', 'str', '');
$item['canmany'] = 1;
$item['imageurl'] = ($opt == 'add' ? '' : $item['imageurl']);
$item['price'] = 0;
$item['canmany'] = 1;
if($inUser->is_admin){
$meta_desc = cmsCore::request('meta_desc', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$item['meta_desc'] = $meta_desc ? $meta_desc : $item['title'];
$item['meta_keys'] = $meta_keys ? $meta_keys : $item['tags'];
} else {
$item['meta_desc'] = @$item['meta_desc'] ? $item['meta_desc'] : $item['title'];
$item['meta_keys'] = @$item['meta_keys'] ? $item['meta_keys'] : $item['tags'];
}
if (cmsCore::inRequest('price')) {
$price = cmsCore::request('price', 'str', '');
$price = str_replace(',', '.', $price);
$item['price'] = round($price, 2);
$item['canmany']= cmsCore::request('canmany', 'int', 0);
}
if (cmsCore::request('delete_img', 'int', 0)){
@unlink(PATH."/images/catalog/".$item['imageurl']);
@unlink(PATH."/images/catalog/small/".$item['imageurl']);
@unlink(PATH."/images/catalog/medium/".$item['imageurl']);
$item['imageurl'] = '';
}
$file = $model->uploadPhoto($item['imageurl']);
if($file){
$item['imageurl'] = $file['filename'];
}
if ($opt=='add'){
$item['pubdate'] = date('Y-m-d H:i');
$item['user_id'] = $inUser->id;
$item['id'] = $model->addItem($item);
if (IS_BILLING){
if ($cat['cost']=='') { $cat['cost'] = false; }
cmsBilling::process('catalog', 'add_catalog_item', $cat['cost']);
}
if (!$cfg['premod'] || $inUser->is_admin) {
cmsCore::callEvent('ADD_CATALOG_DONE', $item);
//регистрируем событие
cmsActions::log('add_catalog', array(
'object' => $item['title'],
'object_url' => '/catalog/item'.$item['id'].'.html',
'object_id' => $item['id'],
'target' => $cat['title'],
'target_url' => '/catalog/'.$cat['id'],
'target_id' => $cat['id'],
'description' => ''
));
}
}
if ($opt=='edit'){
$model->updateItem($item['id'], $item);
cmsActions::updateLog('add_catalog', array('object' => $item['title']), $item['id']);
}
if ($inUser->id != 1 && $cfg['premod'] && $cfg['premod_msg']){
$link = '<a href="/catalog/item'.$item['id'].'.html">'.$item['title'].'</a>';
$user = '******'.cmsUser::getProfileURL($inUser->login).'">'.$inUser->nickname.'</a>';
if ($opt=='add') { $message = $_LANG['MSG_ITEM_SUBMIT']; }
if ($opt=='edit') { $message = $_LANG['MSG_ITEM_EDITED']; }
$message = str_replace('%user%', $user, $message);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ITEM_PREMOD_NOTICE'], 'info');
cmsCore::redirect('/catalog/'.$item['category_id']);
}
cmsCore::redirect('/catalog/item'.$item['id'].'.html');
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'accept_item'){
$item_id = cmsCore::request('item_id', 'int');
$item = $inDB->get_fields('cms_uc_items', "id='{$item_id}'", 'title, user_id, category_id');
if (!$item || !$inUser->is_admin){ cmsCore::error404(); }
$inDB->query("UPDATE cms_uc_items SET published=1, on_moderate=0 WHERE id='{$item_id}'");
$cat = $inDB->get_fields('cms_uc_cats', 'id='.$item['category_id'], 'id, title');
cmsCore::callEvent('ADD_CATALOG_DONE', $item);
//регистрируем событие
cmsActions::log('add_catalog', array(
'object' => $item['title'],
'user_id' => $item['user_id'],
'object_url' => '/catalog/item'.$item_id.'.html',
'object_id' => $item_id,
'target' => $cat['title'],
'target_url' => '/catalog/'.$cat['id'],
'target_id' => $cat['id'],
'description' => ''
));
$item_link = '<a href="/catalog/item'.$item_id.'.html">'.$item['title'].'</a>';
$message = str_replace('%link%', $item_link, $_LANG['MSG_ITEM_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message);
cmsCore::redirectBack();
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'delete_item'){
$item_id = cmsCore::request('item_id', 'int');
$item = $inDB->get_fields('cms_uc_items', "id='{$item_id}'", '*');
if(!$item){ cmsCore::error404(); }
if (!($item['user_id']==$inUser->id || $inUser->is_admin)){ cmsCore::error404(); }
$model->deleteItem($item_id);
$message = str_replace('%item%', $item['title'], $_LANG['MSG_ITEM_REJECTED']);
cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message);
cmsCore::redirect('/catalog/'.$item['category_id']);
}
}
$plg_nconfig = cmsCore::arrayToYaml($plg_nconfig);
cmsCore::c('db')->query("UPDATE cms_plugins SET config='". cmsCore::c('db')->escape_string($plg_nconfig) ."' WHERE plugin='p_content_imgs' LIMIT 1");
}
// ========== /p_content_imgs =========
//======================================================================
// --------------- Добавляем всем модулям настройку tpl ----------------
$results = cmsCore::c('db')->query('SELECT id, content, config FROM cms_modules WHERE is_external = 1');
while ($mod = cmsCore::c('db')->fetch_assoc($results)) {
$mod['config'] = cmsCore::yamlToArray($mod['config']);
if (empty($mod['config']['tpl'])) {
$mod['config']['tpl'] = $mod['content'];
}
$mod['config'] = cmsCore::arrayToYaml($mod['config']);
cmsCore::c('db')->update(
'cms_modules',
array(
'config' => cmsCore::c('db')->escape_string($mod['config'])
),
$mod['id']
);
}
//======================================================================
$last_user_menu = cmsCore::c('db')->get_fields('cms_modules', "title = 'Меню пользователя' AND content = 'mod_usermenu'", '*');
if (!empty($last_user_menu)) {
cmsCore::c('db')->query("UPDATE `cms_modules` SET
`position` = '". $last_user_menu['position'] ."',
}
$type = $fields[$field];
// получаем все данные по $target_id и $target
$translation = translations::getTranslation($lang, $target, $target_id);
// получаем текущее значение поля
if ($translation && isset($translation['data'][$field])) {
$value = $translation['data'][$field];
} else {
$value = '';
}
if (cmsCore::inRequest('save')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$field_data = cmsCore::request('field_data', $type, '');
// если есть запись, обновляем
if ($translation) {
if ($field_data) {
$translation['data'][$field] = $field_data;
}
if (!$field_data && isset($translation['data'][$field])) {
unset($translation['data'][$field]);
}
$inDB->update('cms_translations', array('data' => $inDB->escape_string(cmsCore::arrayToYaml($translation['data']))), $translation['id']);
} else {
$inDB->insert('cms_translations', array('data' => $inDB->escape_string(cmsCore::arrayToYaml(array($field => $field_data))), 'lang' => $lang, 'fieldsset_id' => translations::getFieldsetId($target), 'target_id' => $target_id));
}
cmsCore::halt();
} else {
cmsPage::includeTemplateFile('admin/translations.php', array('type' => $type, 'value' => $value, 'action' => $_SERVER['REQUEST_URI']));
}
case 'menu':
$item['config']['items'] = cmsCore::request('f_menu_list', 'str', '');
$item['config']['size'] = cmsCore::request('f_menu_size', 'int');
break;
case 'file':
$exts = cmsCore::request('f_file_ext', 'str', '');
while (mb_strpos($exts, 'htm') || mb_strpos($exts, 'php') || mb_strpos($exts, 'ht')) {
$exts = str_replace(array('htm', 'php', 'ht'), '', mb_strtolower($exts));
}
$item['config']['ext'] = str_replace(' ', '', $exts);
$item['config']['size'] = cmsCore::request('f_file_size', 'int');
break;
}
$item['config'] = $inDB->escape_string(cmsCore::arrayToYaml($item['config']));
if (!cmsCore::request('is_public', 'int', 0)) {
$item['show_for_group'] = cmsCore::arrayToYaml(cmsCore::request('show_for_group', 'array_int'));
} else {
$item['show_for_group'] = '';
}
if ($opt == 'add_field') {
$inDB->insert('cms_form_fields', cmsCore::callEvent('ADD_FORM_FIELD', $item));
} else {
$inDB->update('cms_form_fields', cmsCore::callEvent('UPDATE_FORM_FIELD', $item), cmsCore::request('field_id', 'int'));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS']);
cmsCore::redirect('?view=components&do=config&id=' . $id . '&opt=edit&item_id=' . $item['form_id']);
}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if (in_array($opt, array('submit', 'update'))) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
/**
* Обновляет конфигурацию модулей
*/
public function setModCfgs() {
if (!empty($this->cfg['mod_cfgs'])) {
foreach ($this->cfg['mod_cfgs'] as $mod) {
$results = cmsCore::c('db')->query("SELECT id,config FROM cms_modules WHERE content='". $mod['name'] ."'");
if (!cmsCore::c('db')->num_rows($results)) { continue; }
while ($module = cmsCore::c('db')->fetch_assoc($results)) {
if (!empty($module['config'])) {
$module['config'] = cmsCore::yamlToArray($module['config']);
if (!empty($mod['unset_keys'])) {
foreach ($mod['unset_keys'] as $key) {
unset($module['config'][$key]);
}
}
} else {
$module['config'] = array();
}
if (!empty($mod['merge_cfgs'])) {
$module['config'] = array_merge($mod['merge_cfgs'], $module['config']);
}
$module['config'] = cmsCore::arrayToYaml($module['config']);
cmsCore::c('db')->update(
'cms_modules',
array(
'config' => cmsCore::c('db')->escape_string($module['config'])
),
$module['id']
);
}
}
}
}
$item['config']['size'] = cmsCore::request('f_list_size', 'int');
break;
case 'menu':
$item['config']['items'] = cmsCore::request('f_menu_list', 'str', '');
$item['config']['size'] = cmsCore::request('f_menu_size', 'int');
break;
case 'file':
$exts = cmsCore::request('f_file_ext', 'str', '');
while (mb_strpos($exts, 'htm') || mb_strpos($exts, 'php') || mb_strpos($exts, 'ht')) {
$exts = str_replace(array('htm', 'php', 'ht'), '', mb_strtolower($exts));
}
$item['config']['ext'] = str_replace(' ', '', $exts);
$item['config']['size'] = cmsCore::request('f_file_size', 'int');
break;
}
$item['config'] = $inDB->escape_string(cmsCore::arrayToYaml($item['config']));
if ($opt == 'add_field') {
$inDB->insert('cms_form_fields', cmsCore::callEvent('ADD_FORM_FIELD', $item));
} else {
$inDB->update('cms_form_fields', cmsCore::callEvent('UPDATE_FORM_FIELD', $item), cmsCore::request('field_id', 'int'));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS']);
cmsCore::redirect('?view=components&do=config&id=' . $id . '&opt=edit&item_id=' . $item['form_id']);
}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if (in_array($opt, array('submit', 'update'))) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$item['title'] = cmsCore::request('title', 'str', $_LANG['AD_FORM_UNTITLED']);
$item['description'] = $inDB->escape_string(cmsCore::request('description', 'html', ''));
function applet_menu() {
$inCore = cmsCore::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/menu', $adminAccess)) { cpAccessDenied(); }
cmsCore::c('page')->setTitle($_LANG['AD_MENU']);
cpAddPathway($_LANG['AD_MENU'], 'index.php?view=menu');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'list') {
$toolmenu = array(
array( 'icon' => 'new.gif', 'title' => $_LANG['AD_MENU_POINT_ADD'], 'link' => '?view=menu&do=add' ),
array( 'icon' => 'newmenu.gif', 'title' => $_LANG['AD_MENU_ADD'], 'link' => '?view=menu&do=addmenu' ),
array( 'icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link'=> "javascript:checkSel('?view=menu&do=edit&multiple=1');" ),
array( 'icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=delete&multiple=1');" ),
array( 'icon' => 'show.gif', 'title' => $_LANG['AD_ALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=show&multiple=1');" ),
array( 'icon' => 'hide.gif', 'title' => $_LANG['AD_DISALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=hide&multiple=1');" ),
array( 'icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=menu' )
);
cpToolMenu($toolmenu);
$fields = array(
array( 'title' => 'Lt', 'field' => 'NSLeft', 'width' => '40' ),
array(
'title' => $_LANG['TITLE'],
'field' => array('title', 'titles'), 'width'=>'',
'link' => '?view=menu&do=edit&id=%id%',
'prc' => function ($i) {
$i['titles'] = cmsCore::yamlToArray($i['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($i['titles'][cmsConfig::getConfig('lang')])) {
$i['title'] = $i['titles'][cmsConfig::getConfig('lang')];
}
return $i['title'];
}
),
array( 'title' => $_LANG['SHOW'], 'field' => 'published', 'width' => '80' ),
array( 'title' => $_LANG['AD_ORDER'], 'field' => 'ordering', 'width' => '100' ),
array( 'title' => $_LANG['AD_LINK'], 'field' => array('linktype', 'linkid', 'link'), 'width' => '240', 'prc' => 'cpMenutypeById' ),
array( 'title' => $_LANG['AD_MENU'], 'field' => 'menu', 'width' => '80', 'filter' => '10', 'filterlist' => cpGetList('menu'), 'prc' => 'list_menu' ),
array( 'title' => $_LANG['TEMPLATE'], 'field' => 'template', 'width' => '90', 'prc' => 'cpTemplateById' )
);
$actions = array(
array( 'title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=menu&do=edit&id=%id%' ),
array( 'title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_MENU_POINT_CONFIRM'], 'link' => '?view=menu&do=delete&id=%id%' )
);
cpListTable('cms_menu', $fields, $actions, 'parent_id>0', 'NSLeft, ordering');
} else {
$toolmenu = array(
array( 'icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();' ),
array( 'icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=menu' )
);
cpToolMenu($toolmenu);
}
if ($do == 'move_up') {
cmsCore::c('db')->moveNsCategory('cms_menu', $id, 'up');
cmsCore::redirectBack();
}
if ($do == 'move_down') {
cmsCore::c('db')->moveNsCategory('cms_menu', $id, 'down');
cmsCore::redirectBack();
}
if ($do == 'show') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) { cmsCore::c('db')->setFlag('cms_menu', $id, 'published', '1'); }
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_menu', $_REQUEST['item'], 'published', '1');
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'] , 'success');
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) { cmsCore::c('db')->setFlag('cms_menu', $id, 'published', '0'); }
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_menu', cmsCore::request('item', 'array_int', array()), 'published', '0');
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'] , 'success');
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) { cmsCore::c('db')->deleteNS('cms_menu', (int)$id); }
} else {
cmsCore::c('db')->deleteListNS('cms_menu', cmsCore::request('item', 'array_int', array()));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'] , 'success');
cmsCore::redirectBack();
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$id = cmsCore::request('id', 'int', 0);
if(!$id){ cmsCore::redirectBack(); }
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$menu = cmsCore::arrayToYaml(cmsCore::request('menu', 'array_str', ''));
$linktype = cmsCore::request('mode', 'str', '');
$linkid = cmsCore::request($linktype, 'str', '');
$link = $inCore->getMenuLink($linktype, $linkid);
$target = cmsCore::request('target', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$template = cmsCore::request('template', 'str', '');
$iconurl = cmsCore::request('iconurl', 'str', '');
$parent_id = cmsCore::request('parent_id', 'int', 0);
$oldparent = cmsCore::request('oldparent', 'int', 0);
$is_lax = cmsCore::request('is_lax', 'int', 0);
$css_class = cmsCore::request('css_class', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$ns = $inCore->nestedSetsInit('cms_menu');
if ($oldparent != $parent_id) {
$ns->MoveNode($id, $parent_id);
}
$sql = "UPDATE cms_menu
SET title='". $title ."',
titles='". $titles ."',
css_class='". $css_class ."',
menu='". $menu ."',
link='". $link ."',
linktype='". $linktype ."',
linkid='". $linkid ."',
target='". $target ."',
published='". $published ."',
template='". $template ."',
access_list='". $access_list ."',
is_lax='". $is_lax ."',
iconurl='". $iconurl ."'
WHERE id = '". $id ."'
LIMIT 1";
cmsCore::c('db')->query($sql) ;
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'] , 'success');
if (!isset($_SESSION['editlist']) || count($_SESSION['editlist']) == 0) {
cmsCore::redirect('?view=menu');
} else {
cmsCore::redirect('?view=menu&do=edit');
}
}
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$menu = cmsCore::arrayToYaml(cmsCore::request('menu', 'array_str', ''));
$linktype = cmsCore::request('mode', 'str', '');
$linkid = cmsCore::request($linktype, 'str', '');
$link = $inCore->getMenuLink($linktype, $linkid);
$target = cmsCore::request('target', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$template = cmsCore::request('template', 'str', '');
$iconurl = cmsCore::request('iconurl', 'str', '');
$parent_id = cmsCore::request('parent_id', 'int', 0);
$css_class = cmsCore::request('css_class', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
$is_lax = cmsCore::request('is_lax', 'int', 0);
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$ns = $inCore->nestedSetsInit('cms_menu');
$myid = $ns->AddNode($parent_id);
$sql = "UPDATE cms_menu
SET menu='". $menu ."',
title='". $title ."',
titles='". $titles ."',
css_class='". $css_class ."',
link='". $link ."',
linktype='". $linktype ."',
linkid='". $linkid ."',
target='". $target ."',
published='". $published ."',
template='". $template ."',
access_list='". $access_list ."',
is_lax='". $is_lax ."',
iconurl='". $iconurl ."'
WHERE id = '". $myid ."'";
cmsCore::c('db')->query($sql);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'] , 'success');
cmsCore::redirect('?view=menu');
}
if ($do == 'submitmenu') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$sql = "SELECT ordering as max_o FROM cms_modules ORDER BY ordering DESC LIMIT 1";
$result = cmsCore::c('db')->query($sql) ;
$row = cmsCore::c('db')->fetch_assoc($result);
$maxorder = $row['max_o'] + 1;
$menu = cmsCore::request('menu', 'str', '');
$title = cmsCore::request('title', 'str', '');
$position = cmsCore::request('position', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = $inCore->arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$cfg['menu'] = $menu;
$cfg_str = cmsCore::arrayToYaml($cfg);
$sql = "INSERT INTO cms_modules (position, name, title, is_external, content, ordering, showtitle, published, user, config, css_prefix, access_list)
VALUES ('". $position ."', '". $_LANG['AD_MENU'] ."', '". $title ."', 1, 'mod_menu', ". $maxorder .", 1, ". $published .", 0, '". $cfg_str ."', '". $css_prefix ."', '". $access_list ."')";
cmsCore::c('db')->query($sql) ;
$newid = cmsCore::c('db')->get_last_id('cms_modules');
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'] , 'success');
cmsCore::redirect('?view=modules&do=edit&id='.$newid);
}
if ($do == 'addmenu' || $do == 'add' || $do == 'edit') {
cmsCore::c('page')->addHeadJS('admin/js/menu.js');
echo '<script>';
echo cmsPage::getLangJS('AD_SPECIFY_LINK_MENU');
echo '</script>';
}
if ($do == 'addmenu') {
cmsCore::c('page')->setTitle($_LANG['AD_MENU_ADD']);
cpAddPathway($_LANG['AD_MENU_ADD']);
$menu_list = cpGetList('menu');
?>
<form id="addform" name="addform" action="index.php?view=menu&do=submitmenu" method="post">
<input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" />
<div class="panel panel-default" style="width:650px;">
<div class="panel-body">
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_MENU_TITLE']; ?></label>
<input type="text" id="title2" class="form-control" name="title" style="width:99%" value="" />
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_MENU_TO_VIEW']; ?></label>
<select id="menu" class="form-control" name="menu" style="width:99%">
<?php foreach ($menu_list as $menu) { ?>
<option value="<?php echo $menu['id']; ?>">
<?php echo $menu['title']; ?>
</option>
<?php } ?>
</select>
<div class="help-block"><?php echo $_LANG['AD_TO_CREATE_NEW_POINT']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_POSITION_TO_VIEW']; ?></label>
<?php
$pos = cpModulePositions(cmsConfig::getConfig('template'));
?>
<select id="position" class="form-control" name="position" style="width:99%">
<?php
if ($pos){
foreach($pos as $key=>$position) {
if (cmsCore::getArrVal($mod, 'position') == $position){
echo '<option value="'. $position .'" selected>'. $position .'</option>';
} else {
echo '<option value="'. $position .'">'. $position .'</option>';
}
}
}
?>
</select>
<input name="is_external" type="hidden" id="is_external" value="0" />
<div class="help-block"><?php echo $_LANG['AD_POSITION_MUST_BE']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_MENU_PUBLIC']; ?></label>
<label>
<input name="published" type="radio" value="1" checked="checked" <?php if (cmsCore::getArrVal($mod, 'published')) { echo 'checked="checked"'; } ?> /> <?php echo $_LANG['YES']; ?>
</label>
<label>
<input name="published" type="radio" value="0" <?php if (!cmsCore::getArrVal($mod, 'published')) { echo 'checked="checked"'; } ?> /> <?php echo $_LANG['NO']; ?>
</label>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_PREFIX_CSS']; ?></label>
<input type="text" id="css_prefix" class="form-control" name="css_prefix" value="<?php echo cmsCore::getArrVal($mod, 'css_prefix'); ?>" style="width:99%" />
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_TAB_ACCESS']; ?>:</label>
<div class="help-block"><?php echo $_LANG['AD_GROUP_ACCESS'] ; ?></div>
<?php
$groups = cmsUser::getGroups();
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
if ($mod['access_list']) {
$public = '';
$style = '';
$access_list = $inCore->yamlToArray($mod['access_list']);
}
}
?>
<label><input name="is_public" type="checkbox" id="is_public" onclick="checkAccesList()" value="1" <?php echo $public?> /> <?php echo $_LANG['AD_SHARE']; ?></label>
<div class="help-block"><?php echo $_LANG['AD_VIEW_IF_CHECK']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_GROUPS_VIEW']; ?></label>
<?php
echo '<select class="form-control" style="width: 99%" name="allow_group[]" id="allow_group" size="6" multiple="multiple" '. $style .'>';
if ($groups) {
foreach ($groups as $group) {
echo '<option value="'. $group['id'] .'"';
if ($do == 'edit') {
if (in_array($group['id'], $access_list)) {
echo 'selected="selected"';
}
}
echo '>';
echo $group['title'].'</option>';
}
}
echo '</select>';
?>
<div class="help-block"><?php echo $_LANG['AD_SELECT_MULTIPLE_CTRL']; ?></div>
</div>
<div class="alert alert-info" role="alert"><?php echo $_LANG['AD_NEW_MENU_NEW_MODULE']; ?></div>
</div>
</div>
<div style="margin-top:5px">
<input class="btn btn-primary" name="save" type="submit" id="save" value="<?php echo $_LANG['AD_MENU_ADD']; ?>" />
<input class="btn btn-default" name="back" type="button" id="back" value="<?php echo $_LANG['CANCEL']; ?>" onclick="window.location.href='index.php?view=menu';" />
</div>
</form>
<?php
}
if ($do == 'add' || $do == 'edit') {
$menu_list = cpGetList('menu');
$langs = cmsCore::getDirsList('/languages');
if ($do == 'add') {
cpAddPathway($_LANG['AD_MENU_POINT_ADD']);
$mod['menu'] = array('mainmenu');
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '('.$_LANG['AD_NEXT_IN'].sizeof($_SESSION['editlist']).')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = cmsCore::c('db')->get_fields('cms_menu', "id = '$item_id'", '*');
if (!$mod) { cmsCore::error404(); }
$mod['menu'] = cmsCore::yamlToArray($mod['menu']);
$mod['titles'] = cmsCore::yamlToArray($mod['titles']);
cpAddPathway($_LANG['AD_MENU_POINT_EDIT'].$ostatok.' "'.$mod['title'].'"');
}
?>
<form id="addform" name="addform" method="post" action="index.php">
<input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" />
<input type="hidden" name="view" value="menu" />
<table class="table">
<tr>
<td valign="top">
<div class="panel panel-default">
<div class="panel-body">
<div class="form-group">
<label><?php echo $_LANG['AD_MENU_POINT_TITLE']; ?></label>
<input type="text" id="title" class="form-control" style="width:100%" name="title" value="<?php echo htmlspecialchars(cmsCore::getArrVal($mod, 'title', ''));?>" />
<div class="help-block"><?php echo $_LANG['AD_VIEW_IN_SITE']; ?></div>
</div>
<?php if (count($langs) > 1) { ?>
<div class="form-group">
<label><?php echo $_LANG['AD_LANG_TITLES']; ?></label>
<?php foreach ($langs as $lang) { ?>
<div>
<strong><?php echo $lang; ?>:</strong>
<input name="titles[<?php echo $lang; ?>]" type="text" style="width:97%" value="<?php echo htmlspecialchars(cmsCore::getArrVal($mod['titles'], $lang, '')); ?>" placeholder="<?php echo $_LANG['AD_HINT_DEFAULT']; ?>" />
</div>
<?php } ?>
<div class="help-block"><?php echo $_LANG['AD_LANG_TITLES_HINT']; ?></div>
</div>
<?php } ?>
<div class="form-group">
<label><?php echo $_LANG['AD_PARENT_POINT']; ?></label>
<?php
$rootid = cmsCore::c('db')->get_field('cms_menu', 'parent_id=0', 'id');
?>
<select id="parent_id" class="form-control" style="width:100%" name="parent_id" size="10">
<option value="<?php echo $rootid; ?>" <?php if (cmsCore::getArrVal($mod, 'parent_id', $rootid) == $rootid) { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_MENU_ROOT']; ?></option>
<?php
echo $inCore->getListItemsNS('cms_menu', cmsCore::getArrVal($mod, 'parent_id', 0));
?>
</select>
<input type="hidden" name="oldparent" value="<?php echo cmsCore::getArrVal($mod, 'parent_id', '');?>" />
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_MENU_POINT_ACTION']; ?></label>
<select id="linktype" class="form-control" style="width:100%" name="mode" onchange="showMenuTarget()">
<?php $link_type = cmsCore::getArrVal($mod, 'linktype', 'link') ?>
<option value="link" <?php if ($link_type == 'link') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_OPEN_LINK']; ?></option>
<option value="content" <?php if ($link_type == 'content') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_OPEN_ARTICLE']; ?></option>
<?php if($inCore->isComponentInstalled('video')){ ?>
<option value="video_cat" <?php if ($link_type == 'video_cat') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_OPEN_VIDEO_PARTITION']; ?></option>
<?php } ?>
<option value="category" <?php if ($link_type == 'category') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_OPEN_PARTITION']; ?></option>
<option value="component" <?php if ($link_type == 'component') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_OPEN_COMPONENT']; ?></option>
<option value="blog" <?php if ($link_type == 'blog') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_OPEN_BLOG']; ?></option>
<option value="uccat" <?php if ($link_type == 'uccat') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_OPEN_CATEGORY']; ?></option>
<option value="photoalbum" <?php if ($link_type == 'photoalbum') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_OPEN_ALBUM']; ?></option>
</select>
</div>
<div id="t_link" class="form-group menu_target" style="display:<?php if ($link_type == 'link' || $link_type == 'ext') { echo 'block'; } else { echo 'none'; } ?>">
<label><?php echo $_LANG['AD_LINK']; ?></label>
<input type="text" id="link" class="form-control" style="width:100%" name="link" size="50" value="<?php if ($link_type == 'link' || $link_type == 'ext') { echo cmsCore::getArrVal($mod, 'link', ''); } ?>" />
<div class="help-block"><?php echo $_LANG['AD_LINK_HINT']; ?> <b>http://</b></div>
</div>
<div id="t_content" class="form-group menu_target" style="display:<?php if ($link_type == 'content') { echo 'block'; } else { echo 'none'; } ?>">
<label><?php echo $_LANG['AD_CHECK_ARTICLE'] ; ?></label>
<select id="content" class="form-control" style="width:100%" name="content">
<?php
echo $inCore->getListItems('cms_content', (($link_type == 'content') ? $mod['linkid'] : 0));
?>
</select>
</div>
<?php if($inCore->isComponentInstalled('video')){ ?>
<div id="t_video_cat" class="form-group menu_target" style="display:<?php if ($link_type == 'video_cat') { echo 'block'; } else { echo 'none'; } ?>">
<label><?php echo $_LANG['AD_CHECK_PARTITION']; ?></label>
<select id="video_cat" class="form-control" style="width:100%" name="video_cat">
<?php
echo $inCore->getListItemsNS('cms_video_category', (($link_type == 'video_cat') ? $mod['linkid'] : 0));
?>
</select>
</div>
<?php } ?>
<div id="t_category" class="form-group menu_target" style="display:<?php if ($link_type == 'category') { echo 'block'; } else { echo 'none'; } ?>">
<label><?php echo $_LANG['AD_CHECK_PARTITION']; ?></label>
<select id="category" class="form-control" style="width:100%" name="category">
<?php
echo $inCore->getListItemsNS('cms_category', (($link_type == 'category') ? $mod['linkid'] : 0));
?>
</select>
</div>
<div id="t_component" class="form-group menu_target" style="display:<?php if ($link_type == 'component') { echo 'block'; } else { echo 'none'; } ?>">
<label><?php echo $_LANG['AD_CHECK_COMPONENT']; ?></label>
<select id="component" class="form-control" style="width:100%" name="component">
<?php
echo $inCore->getListItems('cms_components', (($link_type == 'component') ? $mod['linkid'] : 0), 'title', 'asc', 'internal=0', 'link');
?>
</select>
</div>
<div id="t_blog" class="form-group menu_target" style="display:<?php if ($link_type == 'blog') { echo 'block'; } else { echo 'none'; } ?>">
<label><?php echo $_LANG['AD_CHECK_BLOG']; ?></label>
<select id="blog" class="form-control" style="width:100%" name="blog">
<?php
echo $inCore->getListItems('cms_blogs', (($link_type == 'blog') ? $mod['linkid'] : 0), 'title', 'asc', "owner='user'");
?>
</select>
</div>
<div id="t_uccat" class="form-group menu_target" style="display:<?php if ($link_type == 'uccat') { echo 'block'; } else { echo 'none'; } ?>">
<label><?php echo $_LANG['AD_CHECK_CATEGORY']; ?></label>
<select id="blog" class="form-control" style="width:100%" name="blog">
<?php
echo $inCore->getListItems('cms_uc_cats', (($link_type == 'uccat') ? $mod['linkid'] : 0));
?>
</select>
</div>
<div id="t_photoalbum" class="form-group menu_target" style="display:<?php if ($link_type == 'photoalbum') { echo 'block'; } else { echo 'none'; } ?>">
<label><?php echo $_LANG['AD_CHECK_ALBUM']; ?></label>
<select id="blog" class="form-control" style="width:100%" name="blog">
<?php
echo $inCore->getListItems('cms_photo_albums', (($link_type == 'photoalbum') ? $mod['linkid'] : 0), 'id', 'ASC', 'NSDiffer = ""');
?>
</select>
</div>
</div>
</div>
</td>
<td width="400" valign="top">
<div class="uitabs">
<ul id="tabs">
<li><a href="#upr_publish"><span><?php echo $_LANG['AD_TAB_PUBLISH']; ?></span></a></li>
<li><a href="#upr_access"><span><?php echo $_LANG['AD_TAB_ACCESS']; ?></span></a></li>
<li><a href="#upr_menu"><span><?php echo $_LANG['AD_MENU']; ?></span></a></li>
</ul>
<div id="upr_publish">
<div class="form-group">
<label>
<input type="checkbox" name="published" value="1" <?php if (cmsCore::getArrVal($mod, 'published') || $do == 'add') { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_MENU_POINT_PUBLIC']; ?>
</label>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_OPEN_POINT']; ?></label>
<select id="target" class="form-control" style="width:100%" name="target">
<option value="_self" <?php if (@$mod['target']=='_self') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_SELF']; ?></option>
<option value="_parent"><?php echo $_LANG['AD_PARENT'];?></option>
<option value="_blank" <?php if (@$mod['target']=='_blank') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_BLANK']; ?></option>
<option value="_top" <?php if (@$mod['target']=='_top') { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_TOP']; ?></option>
</select>
</div>
<div class="form-group">
<label><?php echo $_LANG['TEMPLATE']; ?></label>
<select id="template" class="form-control" style="width:100%" name="template" >
<option value="0" <?php if (!cmsCore::getArrVal($mod, 'template')) { echo 'selected="selected"'; } ?>><?php echo $_LANG['AD_BY_DEFAULT'];?></option>
<?php
$templates = cmsCore::getDirsList('/templates');
foreach ($templates as $template) {
if ($template == 'admin') { continue; }
echo '<option value="'. $template .'" '.(cmsCore::getArrVal($mod, 'template') ? 'selected="selected"': '').'>'.$template.'</option>';
}
?>
</select>
<div class="help-block"><?php echo $_LANG['AD_DESIGN_CHANGE'] ;?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_ICON_PICTURE']; ?></label>
<input type="text" id="iconurl" class="form-control" style="width:100%" name="iconurl" size="30" value="<?php echo cmsCore::getArrVal($mod, 'iconurl', ''); ?>" />
<a id="iconlink" style="display:block;" href="javascript:showIcons()"><?php echo $_LANG['AD_CHECK_ICON'];?></a>
<div id="icondiv" style="display:none; padding:6px;border:solid 1px gray;background:#FFF">
<div><?php iconList(); ?></div>
</div>
<div class="help-block"><?php echo $_LANG['AD_ICON_FILENAME'] ;?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_CSS_CLASS']; ?></label>
<input type="text" class="form-control" style="width:100%" name="css_class" size="30" value="<?php echo cmsCore::getArrVal($mod, 'css_class', ''); ?>" />
</div>
</div>
<div id="upr_access">
<div class="form-group">
<?php
$groups = cmsUser::getGroups();
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
if ($mod['access_list']) {
$public = '';
$style = '';
$access_list = $inCore->yamlToArray($mod['access_list']);
}
}
?>
<label>
<input type="checkbox" name="is_public" id="is_public" onclick="checkAccesList()" value="1" <?php echo $public; ?> />
<?php echo $_LANG['AD_SHARE']; ?>
</label>
<div class="help-block"><?php echo $_LANG['AD_VIEW_IF_CHECK'];?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_GROUPS_VIEW']; ?></label>
<?php
echo '<select id="allow_group" class="form-control" style="width: 99%" name="allow_group[]" size="6" multiple="multiple" '.$style.'>';
if ($groups) {
foreach($groups as $group) {
echo '<option value="'. $group['id'] .'"';
if ($do == 'edit' && cmsCore::getArrVal($mod, 'access_list')) {
if (in_array($group['id'], $access_list)){
echo 'selected="selected"';
}
}
echo '>';
echo $group['title'] .'</option>';
}
}
echo '</select>';
?>
<div class="help-block"><?php echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];?></div>
</div>
<div class="form-group">
<label>
<input type="checkbox" id="is_lax" name="is_lax" value="1" <?php if(cmsCore::getArrVal($mod, 'is_lax')) {?>checked="checked"<?php } ?> />
<?php echo $_LANG['AD_ONLY_CHILD_ITEM']; ?>
</label>
</div>
</div>
<div id="upr_menu">
<div class="form-group">
<label><?php echo $_LANG['AD_MENU_TO_VIEW'];?></label>
<select class="form-control" style="width: 99%" name="menu[]" size="9" multiple="multiple">
<?php foreach ($menu_list as $menu) { ?>
<option value="<?php echo $menu['id']; ?>" <?php if (in_array($menu['id'], cmsCore::getArrVal($mod, 'menu', array()))) { echo 'selected="selected"'; }?>>
<?php echo $menu['title']; ?>
</option>
<?php } ?>
</select>
<div class="help-block"><?php echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];?></div>
</div>
</div>
</div>
</td>
</tr>
</table>
<div>
<input type="button" class="btn btn-primary" name="add_mod" onclick="submitItem()" value="<?php echo $_LANG['SAVE']; ?> " />
<input type="button" class="btn btn-default" name="back" value="<?php echo $_LANG['CANCEL'];?>" onclick="window.location.href='index.php?view=menu';" />
<input type="hidden" name="do" <?php if ($do=='add') { echo 'value="submit"'; } else { echo 'value="update"'; } ?> />
<?php
if ($do == 'edit') {
echo '<input type="hidden" name="id" value="'.$mod['id'].'" />';
}
?>
</div>
</form>
<?php
}
}
/**
* Делает апгрейд установленного модуля
* @param array $component
* @param array $config
* @return bool
*/
public function upgradeModule($module, $config)
{
$inDB = cmsDatabase::getInstance();
// удалить в следующем обновлении
if (isset($module['link'])) {
$module['content'] = $module['link'];
}
//находим ID установленной версии
$module_id = $this->getModuleId($module['content']);
//если модуль еще не был установлен, выходим
if (!$module_id) {
return false;
}
//загружаем текущие настройки модуля
$old_config = $this->loadModuleConfig($module_id);
//удаляем настройки, которые больше не нужны
foreach ($old_config as $param => $value) {
if (!isset($config[$param])) {
unset($old_config[$param]);
}
}
//добавляем настройки, которых раньше не было
foreach ($config as $param => $value) {
if (!isset($old_config[$param])) {
$old_config[$param] = $value;
}
}
//конвертируем массив настроек в YAML
$module['config'] = $inDB->escape_string(cmsCore::arrayToYaml($old_config));
unset($module['position']);
//обновляем модуль в базе
$inDB->update('cms_modules', $module, $module_id);
$inDB->query("UPDATE cms_modules SET version = '{$module['version']}' WHERE content='{$module['content']}' AND user=0");
//модуль успешно обновлен
return true;
}
public function deleteVote($poll)
{
if (!$poll['answers']) {
return false;
}
$inUser = cmsUser::getInstance();
// Убираем голос пользователя
foreach ($poll['answers'] as $key => $value) {
if ($key == $poll['is_user_vote']) {
$poll['answers'][$key] -= 1;
}
}
$answers = $this->inDB->escape_string(cmsCore::arrayToYaml($poll['answers']));
$this->inDB->query("UPDATE cms_forum_polls SET answers = '{$answers}' WHERE id = '{$poll['id']}'");
$this->inDB->delete('cms_forum_votes', "poll_id = '{$poll['id']}' AND user_id = '{$inUser->id}'", 1);
return true;
}
function registration()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$inConf = cmsConfig::getInstance();
$model = new cms_model_registration();
cmsCore::loadModel('users');
$users_model = new cms_model_users();
global $_LANG;
$do = $inCore->do;
//============================================================================//
if ($do == 'sendremind') {
if ($inUser->id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['REMINDER_PASS']);
$inPage->addPathway($_LANG['REMINDER_PASS']);
if (!cmsCore::inRequest('goremind')) {
cmsPage::initTemplate('components', 'com_registration_sendremind')->display('com_registration_sendremind.tpl');
} else {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$email = cmsCore::request('email', 'email', '');
if (!$email) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
cmsCore::redirectBack();
}
$usr = cmsUser::getShortUserData($email);
if (!$usr || $usr['is_locked'] || $usr['is_deleted']) {
cmsCore::addSessionMessage($_LANG['ADRESS'] . ' "' . $email . '" ' . $_LANG['NOT_IN_OUR_BASE'], 'error');
cmsCore::redirectBack();
}
if (cmsUser::userIsAdmin($usr['id'])) {
cmsCore::addSessionMessage($_LANG['NOT_ADMIN_SENDREMIND'], 'error');
cmsCore::redirectBack();
}
$usercode = md5($usr['id'] . '-' . uniqid() . '-' . microtime() . '-' . PATH);
$sql = "INSERT cms_users_activate (pubdate, user_id, code)\n VALUES (NOW(), '{$usr['id']}', '{$usercode}')";
$inDB->query($sql);
$newpass_link = HOST . '/registration/remind/' . $usercode;
$mail_message = $_LANG['HELLO'] . ', ' . $usr['nickname'] . '!' . "\n\n";
$mail_message .= $_LANG['REMINDER_TEXT'] . ' "' . $inConf->sitename . '".' . "\n\n";
$mail_message .= $_LANG['YOUR_LOGIN'] . ': ' . $usr['login'] . "\n\n";
$mail_message .= $_LANG['NEW_PASS_LINK'] . ":\n" . $newpass_link . "\n\n";
$mail_message .= $_LANG['LINK_EXPIRES'] . "\n\n";
$mail_message .= $_LANG['SIGNATURE'] . ', ' . $inConf->sitename . ' (' . HOST . ').' . "\n";
$mail_message .= date('d-m-Y (H:i)');
$inCore->mailText($email, $inConf->sitename . ' - ' . $_LANG['REMINDER_PASS'], $mail_message);
cmsCore::addSessionMessage($_LANG['NEW_PAS_SENDED'], 'info');
cmsCore::redirect('/login');
}
}
//============================================================================//
if ($do == 'remind') {
if ($inUser->id) {
cmsCore::error404();
}
$usercode = cmsCore::request('code', 'str', '');
//проверяем формат кода
if (!preg_match('/^[0-9a-f]{32}$/i', $usercode)) {
cmsCore::error404();
}
// проверяем код
$user_id = $inDB->get_field('cms_users_activate', "code = '{$usercode}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
//получаем пользователя
$user = $inDB->get_fields('cms_users', "id = '{$user_id}'", '*');
if (!$user) {
cmsCore::error404();
}
if (cmsUser::userIsAdmin($user['id'])) {
cmsCore::error404();
}
if (cmsCore::inRequest('submit')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
$md5_pass = md5($pass);
$inDB->query("UPDATE cms_users SET password = '******', logdate = NOW() WHERE id = '{$user['id']}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$usercode}'");
cmsCore::addSessionMessage($_LANG['CHANGE_PASS_COMPLETED'], 'info');
$inUser->signInUser($user['login'], $pass, true);
cmsCore::redirect(cmsUser::getProfileURL($user['login']));
}
$inPage->setTitle($_LANG['RECOVER_PASS']);
$inPage->addPathway($_LANG['RECOVER_PASS']);
cmsPage::initTemplate('components', 'com_registration_remind')->assign('cfg', $model->config)->assign('user', $user)->display('com_registration_remind.tpl');
}
//============================================================================//
if ($do == 'register') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::error404();
}
}
// регистрация закрыта
if (!$model->config['is_on']) {
cmsCore::error404();
}
// регистрация по инвайтам
if ($model->config['reg_type'] == 'invite') {
if (!$users_model->checkInvite(cmsUser::sessionGet('invite_code'))) {
cmsCore::error404();
}
}
$errors = false;
// получаем данные
$item['login'] = cmsCore::request('login', 'str', '');
$item['email'] = cmsCore::request('email', 'email');
$item['icq'] = cmsCore::request('icq', 'str', '');
$item['city'] = cmsCore::request('city', 'str', '');
$item['nickname'] = cmsCore::request('nickname', 'str', '');
$item['realname1'] = cmsCore::request('realname1', 'str', '');
$item['realname2'] = cmsCore::request('realname2', 'str', '');
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
// проверяем логин
if (mb_strlen($item['login']) < 2 || mb_strlen($item['login']) > 15 || is_numeric($item['login']) || !preg_match("/^([a-z0-9])+\$/ui", $item['login'])) {
cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error');
$errors = true;
}
// проверяем пароль
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
// Проверяем nickname или имя и фамилию
if ($model->config['name_mode'] == 'nickname') {
if (!$item['nickname']) {
cmsCore::addSessionMessage($_LANG['TYPE_NICKNAME'], 'error');
$errors = true;
}
} else {
if (!$item['realname1']) {
cmsCore::addSessionMessage($_LANG['TYPE_NAME'], 'error');
$errors = true;
}
if (!$item['realname2']) {
cmsCore::addSessionMessage($_LANG['TYPE_SONAME'], 'error');
$errors = true;
}
$item['nickname'] = trim($item['realname1']) . ' ' . trim($item['realname2']);
}
if (mb_strlen($item['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
if ($model->getBadNickname($item['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
// Проверяем email
if (!$item['email']) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
$errors = true;
}
// День рождения
list($item['bday'], $item['bmonth'], $item['byear']) = array_values(cmsCore::request('birthdate', 'array_int', array()));
$item['birthdate'] = sprintf('%04d-%02d-%02d', $item['byear'], $item['bmonth'], $item['bday']);
// получаем данные конструктора форм
$item['formsdata'] = '';
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$item['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
// Проверяем каптчу
if (!cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// проверяем есть ли такой пользователь
$user_exist = $inDB->get_fields('cms_users', "(login LIKE '{$item['login']}' OR email LIKE '{$item['email']}') AND is_deleted = 0", 'id, login, email');
if ($user_exist) {
if ($user_exist['login'] == $item['login']) {
cmsCore::addSessionMessage($_LANG['LOGIN'] . ' "' . $item['login'] . '" ' . $_LANG['IS_BUSY'], 'error');
$errors = true;
} else {
cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error');
$errors = true;
}
}
// В случае ошибок, возвращаемся в форму
if ($errors) {
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/registration');
}
//////////////////////////////////////////////
//////////// РЕГИСТРАЦИЯ /////////////////////
//////////////////////////////////////////////
$item['is_locked'] = $model->config['act'];
$item['password'] = md5($pass);
$item['orig_password'] = $pass;
$item['group_id'] = $model->config['default_gid'];
$item['regdate'] = date('Y-m-d H:i:s');
$item['logdate'] = date('Y-m-d H:i:s');
if (cmsUser::sessionGet('invite_code')) {
$invite_code = cmsUser::sessionGet('invite_code');
$item['invited_by'] = (int) $users_model->getInviteOwner($invite_code);
if ($item['invited_by']) {
$users_model->closeInvite($invite_code);
}
cmsUser::sessionDel('invite_code');
} else {
$item['invited_by'] = 0;
}
$item = cmsCore::callEvent('USER_BEFORE_REGISTER', $item);
$item['id'] = $item['user_id'] = $inDB->insert('cms_users', $item);
if (!$item['id']) {
cmsCore::error404();
}
$inDB->insert('cms_user_profiles', $item);
cmsCore::callEvent('USER_REGISTER', $item);
if ($item['is_locked']) {
$model->sendActivationNotice($pass, $item['id']);
cmsPage::includeTemplateFile('special/regactivate.php');
cmsCore::halt();
} else {
cmsActions::log('add_user', array('object' => '', 'user_id' => $item['id'], 'object_url' => '', 'object_id' => $item['id'], 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($item['id']);
}
$model->sendRegistrationNotice($pass, $item['id']);
$back_url = $inUser->signInUser($item['login'], $pass, true);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'view') {
$pagetitle = $inCore->getComponentTitle();
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$inPage->addHeadJsLang(array('WRONG_PASS'));
// Если пользователь авторизован, то не показываем форму регистрации, редирект в профиль.
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
$correct_invite = cmsUser::sessionGet('invite_code') ? true : false;
if ($model->config['reg_type'] == 'invite' && cmsCore::inRequest('invite_code')) {
$invite_code = cmsCore::request('invite_code', 'str', '');
$correct_invite = $users_model->checkInvite($invite_code);
if ($correct_invite) {
cmsUser::sessionPut('invite_code', $invite_code);
} else {
cmsCore::addSessionMessage($_LANG['INCORRECT_INVITE'], 'error');
}
}
$item = cmsUser::sessionGet('item');
if ($item) {
cmsUser::sessionDel('item');
}
if (empty($item['birthdate'])) {
$item['birthdate'] = date('Y-m-d');
}
$private_forms = array();
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, array(), true));
}
}
}
cmsPage::initTemplate('components', 'com_registration')->assign('cfg', $model->config)->assign('item', $item)->assign('pagetitle', $pagetitle)->assign('correct_invite', $correct_invite)->assign('private_forms', $private_forms)->display('com_registration.tpl');
}
//============================================================================//
if ($do == 'activate') {
$code = cmsCore::request('code', 'str', '');
if (!$code) {
cmsCore::error404();
}
$user_id = $inDB->get_field('cms_users_activate', "code = '{$code}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_locked = 0 WHERE id = '{$user_id}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$code}'");
cmsCore::callEvent('USER_ACTIVATED', $user_id);
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($user_id);
}
// Регистрируем событие
cmsActions::log('add_user', array('object' => '', 'user_id' => $user_id, 'object_url' => '', 'object_id' => $user_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::addSessionMessage($_LANG['ACTIVATION_COMPLETE'], 'info');
cmsUser::goToLogin();
}
//============================================================================//
if ($do == 'auth') {
//====================//
//== разлогивание ==//
if (cmsCore::inRequest('logout')) {
$inUser->logout();
cmsCore::redirect('/');
}
//====================//
//== авторизация ==//
if (!cmsCore::inRequest('logout')) {
// флаг неуспешных авторизаций
$anti_brute_force = cmsUser::sessionGet('anti_brute_force');
$login = cmsCore::request('login', 'str', '');
$passw = cmsCore::request('pass', 'str', '');
$remember_pass = cmsCore::inRequest('remember');
// если нет логина или пароля, показываем форму входа
if (!$login || !$passw) {
if ($inUser->id && !$inUser->is_admin) {
cmsCore::redirect('/');
}
$inPage->setTitle($_LANG['SITE_LOGIN']);
$inPage->addPathway($_LANG['SITE_LOGIN']);
cmsPage::initTemplate('components', 'com_registration_login')->assign('cfg', $model->config)->assign('anti_brute_force', $anti_brute_force)->assign('is_sess_back', cmsUser::sessionGet('auth_back_url'))->display('com_registration_login.tpl');
if (!mb_strstr(cmsCore::getBackURL(), 'login')) {
cmsUser::sessionPut('auth_back_url', cmsCore::getBackURL());
}
return;
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// Проверяем каптчу
if ($anti_brute_force && !cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
cmsCore::redirect('/login');
}
cmsUser::sessionDel('anti_brute_force');
$back_url = $inUser->signInUser($login, $passw, $remember_pass);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'autherror') {
cmsUser::sessionPut('anti_brute_force', 1);
cmsPage::includeTemplateFile('special/autherror.php');
cmsCore::halt();
}
//============================================================================//
}
$item['config']['size'] = cmsCore::request('f_list_size', 'int');
break;
case 'menu':
$item['config']['items'] = cmsCore::request('f_menu_list', 'str', '');
$item['config']['size'] = cmsCore::request('f_menu_size', 'int');
break;
case 'file':
$exts = cmsCore::request('f_file_ext', 'str', '');
while (mb_strpos($exts, 'htm') || mb_strpos($exts, 'php') || mb_strpos($exts, 'ht')) {
$exts = str_replace(array('htm', 'php', 'ht'), '', mb_strtolower($exts));
}
$item['config']['ext'] = str_replace(' ', '', $exts);
$item['config']['size'] = cmsCore::request('f_file_size', 'int');
break;
}
$item['config'] = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($item['config']));
if ($opt == 'add_field') {
cmsCore::c('db')->insert('cms_form_fields', cmsCore::callEvent('ADD_FORM_FIELD', $item));
} else {
cmsCore::c('db')->update('cms_form_fields', cmsCore::callEvent('UPDATE_FORM_FIELD', $item), cmsCore::request('field_id', 'int'));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS']);
cmsCore::redirect('?view=components&do=config&id=' . $id . '&opt=edit&item_id=' . $item['form_id']);
}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if (in_array($opt, array('submit', 'update'))) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$item['title'] = cmsCore::request('title', 'str', $_LANG['AD_FORM_UNTITLED']);
$item['description'] = cmsCore::c('db')->escape_string(cmsCore::request('description', 'html', ''));
$category_id = cmsCore::request('category_id', 'int');
$title = cmsCore::request('title', 'str', 'NO_TITLE');
$pagetitle = cmsCore::request('pagetitle', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$meta_desc = cmsCore::request('meta_desc', 'str', '');
$published = cmsCore::request('published', 'int');
$parent_id = cmsCore::request('parent_id', 'int');
$description = cmsCore::request('description', 'str');
$topic_cost = cmsCore::request('topic_cost', 'int', 0);
$moder_list = cmsCore::request('moder_list', 'array_int', array());
$moder_list = $moder_list ? cmsCore::arrayToYaml($moder_list) : '';
$is_access = cmsCore::request('is_access', 'int', '');
if (!$is_access) {
$access_list = cmsCore::request('access_list', 'array_int');
$group_access = $access_list ? cmsCore::arrayToYaml($access_list) : '';
cmsCore::c('db')->query("UPDATE cms_forum_threads SET is_hidden = 1 WHERE forum_id = '". $item_id ."'");
} else {
$group_access = '';
cmsCore::c('db')->query("UPDATE cms_forum_threads SET is_hidden = 0 WHERE forum_id = '". $item_id ."'");
}
$ns = $inCore->nestedSetsInit('cms_forums');
$old = cmsCore::c('db')->get_fields('cms_forums', "id='". $item_id ."'", '*');
$icon = uploadCategoryIcon($old['icon']);
if ($parent_id != $old['parent_id']) {
$ns->MoveNode($item_id, $parent_id);
}
function applet_menu()
{
$inCore = cmsCore::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/menu', $adminAccess)) {
cpAccessDenied();
}
cmsCore::c('page')->setTitle($_LANG['AD_MENU']);
cpAddPathway($_LANG['AD_MENU'], 'index.php?view=menu');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'list') {
$toolmenu = array(array('icon' => 'new.gif', 'title' => $_LANG['AD_MENU_POINT_ADD'], 'link' => '?view=menu&do=add'), array('icon' => 'newmenu.gif', 'title' => $_LANG['AD_MENU_ADD'], 'link' => '?view=menu&do=addmenu'), array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=edit&multiple=1');"), array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=delete&multiple=1');"), array('icon' => 'show.gif', 'title' => $_LANG['AD_ALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=show&multiple=1');"), array('icon' => 'hide.gif', 'title' => $_LANG['AD_DISALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=hide&multiple=1');"), array('icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=menu'));
cpToolMenu($toolmenu);
$fields = array(array('title' => 'Lt', 'field' => 'NSLeft', 'width' => '40'), array('title' => $_LANG['TITLE'], 'field' => array('title', 'titles'), 'width' => '', 'link' => '?view=menu&do=edit&id=%id%', 'prc' => function ($i) {
$i['titles'] = cmsCore::yamlToArray($i['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($i['titles'][cmsConfig::getConfig('lang')])) {
$i['title'] = $i['titles'][cmsConfig::getConfig('lang')];
}
return $i['title'];
}), array('title' => $_LANG['SHOW'], 'field' => 'published', 'width' => '80'), array('title' => $_LANG['AD_ORDER'], 'field' => 'ordering', 'width' => '100'), array('title' => $_LANG['AD_LINK'], 'field' => array('linktype', 'linkid', 'link'), 'width' => '240', 'prc' => 'cpMenutypeById'), array('title' => $_LANG['AD_MENU'], 'field' => 'menu', 'width' => '80', 'filter' => '10', 'filterlist' => cpGetList('menu'), 'prc' => 'list_menu'), array('title' => $_LANG['TEMPLATE'], 'field' => 'template', 'width' => '90', 'prc' => 'cpTemplateById'));
$actions = array(array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=menu&do=edit&id=%id%'), array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_MENU_POINT_CONFIRM'], 'link' => '?view=menu&do=delete&id=%id%'));
cpListTable('cms_menu', $fields, $actions, 'parent_id>0', 'NSLeft, ordering');
} else {
$toolmenu = array(array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();'), array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=menu'));
cpToolMenu($toolmenu);
}
if ($do == 'move_up') {
cmsCore::c('db')->moveNsCategory('cms_menu', $id, 'up');
cmsCore::redirectBack();
}
if ($do == 'move_down') {
cmsCore::c('db')->moveNsCategory('cms_menu', $id, 'down');
cmsCore::redirectBack();
}
if ($do == 'show') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) {
cmsCore::c('db')->setFlag('cms_menu', $id, 'published', '1');
}
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_menu', $_REQUEST['item'], 'published', '1');
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) {
cmsCore::c('db')->setFlag('cms_menu', $id, 'published', '0');
}
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_menu', cmsCore::request('item', 'array_int', array()), 'published', '0');
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) {
cmsCore::c('db')->deleteNS('cms_menu', (int) $id);
}
} else {
cmsCore::c('db')->deleteListNS('cms_menu', cmsCore::request('item', 'array_int', array()));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$id = cmsCore::request('id', 'int', 0);
if (!$id) {
cmsCore::redirectBack();
}
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$menu = cmsCore::arrayToYaml(cmsCore::request('menu', 'array_str', ''));
$linktype = cmsCore::request('mode', 'str', '');
$linkid = cmsCore::request($linktype, 'str', '');
$link = $inCore->getMenuLink($linktype, $linkid);
$target = cmsCore::request('target', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$template = cmsCore::request('template', 'str', '');
$iconurl = cmsCore::request('iconurl', 'str', '');
$parent_id = cmsCore::request('parent_id', 'int', 0);
$oldparent = cmsCore::request('oldparent', 'int', 0);
$is_lax = cmsCore::request('is_lax', 'int', 0);
$css_class = cmsCore::request('css_class', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$ns = $inCore->nestedSetsInit('cms_menu');
if ($oldparent != $parent_id) {
$ns->MoveNode($id, $parent_id);
}
$sql = "UPDATE cms_menu\r\n SET title='" . $title . "',\r\n titles='" . $titles . "',\r\n css_class='" . $css_class . "',\r\n menu='" . $menu . "',\r\n link='" . $link . "',\r\n linktype='" . $linktype . "',\r\n linkid='" . $linkid . "',\r\n target='" . $target . "',\r\n published='" . $published . "',\r\n template='" . $template . "',\r\n access_list='" . $access_list . "',\r\n is_lax='" . $is_lax . "',\r\n iconurl='" . $iconurl . "'\r\n WHERE id = '" . $id . "'\r\n LIMIT 1";
cmsCore::c('db')->query($sql);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
if (!isset($_SESSION['editlist']) || count($_SESSION['editlist']) == 0) {
cmsCore::redirect('?view=menu');
} else {
cmsCore::redirect('?view=menu&do=edit');
}
}
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$menu = cmsCore::arrayToYaml(cmsCore::request('menu', 'array_str', ''));
$linktype = cmsCore::request('mode', 'str', '');
$linkid = cmsCore::request($linktype, 'str', '');
$link = $inCore->getMenuLink($linktype, $linkid);
$target = cmsCore::request('target', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$template = cmsCore::request('template', 'str', '');
$iconurl = cmsCore::request('iconurl', 'str', '');
$parent_id = cmsCore::request('parent_id', 'int', 0);
$css_class = cmsCore::request('css_class', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
$is_lax = cmsCore::request('is_lax', 'int', 0);
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$ns = $inCore->nestedSetsInit('cms_menu');
$myid = $ns->AddNode($parent_id);
$sql = "UPDATE cms_menu\r\n SET menu='" . $menu . "',\r\n title='" . $title . "',\r\n titles='" . $titles . "',\r\n css_class='" . $css_class . "',\r\n link='" . $link . "',\r\n linktype='" . $linktype . "',\r\n linkid='" . $linkid . "',\r\n target='" . $target . "',\r\n published='" . $published . "',\r\n template='" . $template . "',\r\n access_list='" . $access_list . "',\r\n is_lax='" . $is_lax . "',\r\n iconurl='" . $iconurl . "'\r\n WHERE id = '" . $myid . "'";
cmsCore::c('db')->query($sql);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('?view=menu');
}
if ($do == 'submitmenu') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$sql = "SELECT ordering as max_o FROM cms_modules ORDER BY ordering DESC LIMIT 1";
$result = cmsCore::c('db')->query($sql);
$row = cmsCore::c('db')->fetch_assoc($result);
$maxorder = $row['max_o'] + 1;
$menu = cmsCore::request('menu', 'str', '');
$title = cmsCore::request('title', 'str', '');
$position = cmsCore::request('position', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = $inCore->arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$cfg['menu'] = $menu;
$cfg_str = cmsCore::arrayToYaml($cfg);
$sql = "INSERT INTO cms_modules (position, name, title, is_external, content, ordering, showtitle, published, user, config, css_prefix, access_list)\r\n VALUES ('" . $position . "', '" . $_LANG['AD_MENU'] . "', '" . $title . "', 1, 'mod_menu', " . $maxorder . ", 1, " . $published . ", 0, '" . $cfg_str . "', '" . $css_prefix . "', '" . $access_list . "')";
cmsCore::c('db')->query($sql);
$newid = cmsCore::c('db')->get_last_id('cms_modules');
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('?view=modules&do=edit&id=' . $newid);
}
if ($do == 'addmenu' || $do == 'add' || $do == 'edit') {
cmsCore::c('page')->addHeadJS('admin/js/menu.js');
echo '<script>';
echo cmsPage::getLangJS('AD_SPECIFY_LINK_MENU');
echo '</script>';
}
if ($do == 'addmenu') {
cmsCore::c('page')->setTitle($_LANG['AD_MENU_ADD']);
cpAddPathway($_LANG['AD_MENU_ADD']);
cmsCore::c('page')->initTemlate('applets', 'menu_addmenu')->assign('menu_list', cpGetList('menu'))->assign('pos', cpModulePositions(cmsCore::c('config')->template))->assign('groups', cmsUser::getGroups())->assign('access_list', !empty($mod['access_list']) ? $inCore->yamlToArray($mod['access_list']) : array())->assign('mod', $mod)->display();
}
if ($do == 'add' || $do == 'edit') {
if ($do == 'add') {
cpAddPathway($_LANG['AD_MENU_POINT_ADD']);
$mod['menu'] = array('mainmenu');
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = cmsCore::c('db')->get_fields('cms_menu', "id = '{$item_id}'", '*');
if (!$mod) {
cmsCore::error404();
}
$mod['menu'] = cmsCore::yamlToArray($mod['menu']);
$mod['titles'] = cmsCore::yamlToArray($mod['titles']);
cpAddPathway($_LANG['AD_MENU_POINT_EDIT'] . $ostatok . ' "' . $mod['title'] . '"');
}
$linktype = cmsCore::getArrVal($mod, 'linktype', 'link');
$tpl = cmsCore::c('page')->initTemplate('applets', 'menu_add')->assign('linktype', $linktype)->assign('langs', cmsCore::getDirsList('/languages'))->assign('templates', cmsCore::getDirsList('/templates'))->assign('menu_list', cpGetList('menu'))->assign('rootid', cmsCore::c('db')->get_field('cms_menu', 'parent_id=0', 'id'))->assign('menu_opt', $inCore->getListItemsNS('cms_menu', cmsCore::getArrVal($mod, 'parent_id', 0)))->assign('content_opt', $inCore->getListItems('cms_content', $linktype == 'content' ? $mod['linkid'] : 0))->assign('category_opt', $inCore->getListItemsNS('cms_category', $link_type == 'category' ? $mod['linkid'] : 0))->assign('components_opt', $inCore->getListItems('cms_components', $link_type == 'component' ? $mod['linkid'] : 0, 'title', 'asc', 'internal=0', 'link'))->assign('blogs_opt', $inCore->getListItems('cms_blogs', $link_type == 'blog' ? $mod['linkid'] : 0, 'title', 'asc', "owner='user'"))->assign('uc_cats_opt', $inCore->getListItems('cms_uc_cats', $link_type == 'uccat' ? $mod['linkid'] : 0))->assign('photo_albums_opt', $inCore->getListItems('cms_photo_albums', $link_type == 'photoalbum' ? $mod['linkid'] : 0, 'id', 'ASC', 'NSDiffer = ""'))->assign('video_installed', $inCore->isComponentInstalled('video'))->assign('iconList', iconList())->assign('mod', $mod);
if ($inCore->isComponentInstalled('video')) {
$tpl->assign('video_cats_opt', $inCore->getListItemsNS('cms_video_category', $linktype == 'video_cat' ? $mod['linkid'] : 0));
}
$tpl->display();
}
}
