function shopFinishOrder($cfg){ $inCore = cmsCore::getInstance(); $inDB = cmsDatabase::getInstance(); $inPage = cmsPage::getInstance(); $inUser = cmsUser::getInstance(); $inConf = cmsConfig::getInstance(); global $_LANG; if (isset($inUser->id)){ $user_id = $inUser->id; } else { $user_id = 0; } $sid = session_id(); $inPage->setTitle($_LANG['ORDER_COMPLETE']); if ($user_id){ $user_sql = "(c.user_id=$user_id OR session_id='$sid')"; } else { $user_sql = "(c.user_id=0 AND c.session_id='$sid')"; } $sql = "SELECT i.title as title, i.id as id, i.canmany as canmany, i.price as price, c.id as cid, c.itemscount as itemscount, cat.id as category_id, cat.title as category FROM cms_uc_items i, cms_uc_cart c, cms_uc_cats cat WHERE $user_sql AND c.item_id = i.id AND i.category_id = cat.id ORDER BY c.pubdate"; $rs = $inDB->query($sql) ; if ($inDB->num_rows($rs)){ //check user data $customer = array(); if(!empty($_REQUEST['customer_fio'])) { $customer['fio'] = $inCore->request('customer_fio', 'str'); } else { $error .= $_LANG['EMPTY_NAME'].'<br/>'; } if(!empty($_REQUEST['customer_phone'])) { $customer['phone'] = $inCore->request('customer_phone', 'str'); } else { $error .= $_LANG['EMPTY_PHONE'].'<br/>'; } $customer['company'] = $inCore->request('customer_company', 'str'); $customer['email'] = $inCore->request('customer_email', 'str'); $customer['comment'] = $inCore->request('customer_comment', 'str'); if(!cmsCore::checkCaptchaCode()) { $error .= $_LANG['ERR_CAPTCHA'].'<br/>'; } //BUILD MESSAGE if($error==''){ // письмо администратору $a_mail_message = $_LANG['GET_ORDER_FROM_CATALOG']." \"".$inConf->sitename."\".\n\n"; $a_mail_message .= $_LANG['CUSTOMER']."\n-----------------------------\r\n"; $a_mail_message .= $_LANG['FIO'].": " . $customer['fio'] . "\n"; if($customer['company']){ $a_mail_message .= $_LANG['COMPANY'].": " . $customer['company'] . "\n"; } $a_mail_message .= $_LANG['PHONE'].": " . $customer['phone'] . "\n"; $a_mail_message .= "EMAIL: " . $customer['email'] . "\n"; if($customer['comment']){ $a_mail_message .= $_LANG['ORDER_COMMENT'].": " . @$customer['comment'] . "\n\n"; } $a_mail_message .= $_LANG['ORDER']."\n---------------------------------\n"; ////////////////////////////////////////////////////////////////////////////////////// // список покупок $row=0; $total = 0; $item_mail_message = ''; while($item = $inDB->fetch_assoc($rs)){ $row++; $item['price'] = shopDiscountPrice($item['id'], $item['category_id'], $item['price']); $item['totalprice'] = $item['price'] * $item['itemscount']; $item['price'] = number_format($item['price'], 2, '.', ''); $item['totalprice'] = number_format($item['totalprice'], 2, '.', ''); $total += $item['totalprice']; $item_mail_message .= $row . '. ' . $item['title'] . ' (' . $item['itemscount'] . ' x ' . $item['price'] . ' '.$_LANG['CURRENCY'].') = ' . $item['totalprice'] . ' '.$_LANG['CURRENCY'] . "\n"; } ob_start(); shopDiscountsInfo($total); ob_clean(); $total = number_format($total, 2, '.', ''); $item_mail_message .= "\n" . $_LANG['TOTAL_ORDER_PRICE'].': '.$total.' '.$_LANG['CURRENCY'] . "\n"; ////////////////////////////////////////////////////////////////////////////////////// $email_subj = str_replace('{sitename}', $inConf->sitename, $_LANG['EMAIL_SUBJECT']); $inCore->mailText($cfg['email'], $_LANG['ADMIN_EMAIL_SUBJECT'], $a_mail_message . $item_mail_message); if ($cfg['notice'] && $customer['email']){ $inCore->mailText($customer['email'], $_LANG['CUSTOMER_EMAIL_SUBJECT'], $item_mail_message); } //order completed echo '<div class="con_heading">'.$_LANG['THANK'].'!</div>'; echo '<p style="clear:both"><b>'.$_LANG['CUSTOMER_EMAIL_SUBJECT'].'.</b><br/>'.$_LANG['CUSTOMER_EMAIL_TEXT'].'</p>'; echo '<p><a href="/">'.$_LANG['CONTINUE'].'</a></p>'; shopClearCart(); } else { //order failed echo '<div class="con_heading">'.$_LANG['ERROR'].'!</div>'; echo '<p style="clear:both; color:red">'.$error.'</p>'; echo '<p><a href="/catalog/order.html">'.$_LANG['BACK'].'</a></p>'; } } else { //NO ITEMS echo '<p>'.$_LANG['NOITEMS_IN_CART'].'</p>'; echo '<div id="cart_buttons2">'; echo '<a href="/catalog" title="'.$_LANG['BACK_TO_SHOP'].'">'; echo '<img src="/components/catalog/images/shop/cartback.jpg" border="0" alt="'.$_LANG['BACK_TO_SHOP'].'"/>'; echo '</a> '; echo '</div>'; } }
function forms() { cmsCore::loadClass('form'); $do = cmsCore::getInstance()->do; global $_LANG; //========================================================================================================================// //========================================================================================================================// if ($do == 'view') { // Получаем форму $form = cmsForm::getFormData(cmsCore::request('form_id', 'int')); if (!$form) { cmsCore::error404(); } // Получаем данные полей формы $form_fields = cmsForm::getFormFields($form['id']); // Если полей нет, 404 if (!$form_fields) { cmsCore::error404(); } $errors = array(); $attachment = array(); // Получаем данные формы // Если не переданы, назад $form_input = cmsForm::getFieldsInputValues($form['id']); if (!$form_input) { $errors[] = $_LANG['FORM_ERROR']; } // Проверяем значения формы foreach ($form_input['errors'] as $field_error) { if ($field_error) { $errors[] = $field_error; } } // проверяем каптчу if (!cmsCore::checkCaptchaCode(cmsCore::request('code', 'str'))) { $errors[] = $_LANG['ERR_CAPTCHA']; } if ($errors) { if (cmsCore::isAjax()) { cmsCore::jsonOutput(array('error' => true, 'text' => end($errors))); } else { foreach ($errors as $error) { cmsCore::addSessionMessage($error, 'error'); } cmsCore::redirectBack(); } } if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } // Подготовим начало письма $mail_message = '<h3>' . $_LANG['FORM'] . ': ' . $form['title'] . '</h3>'; // Добавляем заполненные поля в письмо foreach ($form_fields as $field) { // Значение поля $value = $form_input['values'][$field['id']]; if (!$value) { continue; } if (is_string($value)) { $mail_message .= '<h5>' . $field['title'] . '</h5><p>' . $value . '</p>'; } elseif (is_array($value)) { // если массив, значит к форме прикреплен файл if ($form['sendto'] == 'mail') { $attachment[] = !empty($value['url']) ? PATH . $value['url'] : ''; } elseif (!empty($value['url'])) { $mail_message .= '<h5>' . $field['title'] . '</h5><p><a href="' . $value['url'] . '">' . $value['name'] . '</a></p>'; } } } // Отправляем форму if ($form['sendto'] == 'mail') { cmsCore::mailText($form['email'], cmsConfig::getConfig('sitename') . ': ' . $form['title'], $mail_message, $attachment); // удаляем прикрепленные файлы foreach ($attachment as $attach) { @unlink($attach); } } else { cmsUser::sendMessage(-2, $form['user_id'], $mail_message); } cmsUser::sessionClearAll(); if (cmsCore::isAjax()) { cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['FORM_IS_SEND'])); } else { cmsCore::addSessionMessage($_LANG['FORM_IS_SEND'], 'info'); cmsCore::redirectBack(); } } //========================================================================================================================// }
function faq(){ $inCore = cmsCore::getInstance(); $inPage = cmsPage::getInstance(); $inDB = cmsDatabase::getInstance(); $inUser = cmsUser::getInstance(); $model = new cms_model_faq(); define('IS_BILLING', $inCore->isComponentInstalled('billing')); if (IS_BILLING) { $inCore->loadClass('billing'); } global $_LANG; $pagetitle = $inCore->getComponentTitle(); $inPage->addPathway($pagetitle, '/faq'); $inPage->setTitle($pagetitle); $inPage->setDescription($pagetitle); $inPage->addHeadJsLang(array('ERR_QUESTION')); $cfg = $inCore->loadComponentConfig('faq'); if(!isset($cfg['guest_enabled'])) { $cfg['guest_enabled'] = 1; } if(!isset($cfg['user_link'])) { $cfg['user_link'] = 1; } if(!isset($cfg['publish'])) { $cfg['publish'] = 0; } if(!isset($cfg['is_comment'])) { $cfg['is_comment'] = 1; } $id = $inCore->request('id', 'int', 0); $do = $inCore->do; ///////////////////////////////////// VIEW CATEGORY //////////////////////////////////////////////////////////////////////////////// if ($do=='view'){ if($id>0){ //CURRENT CATEGORY $sql = "SELECT * FROM cms_faq_cats WHERE id = '$id' ORDER BY title ASC LIMIT 1 "; $result = $inDB->query($sql) ; if (!$inDB->num_rows($result)) { cmsCore::error404(); } $cat = $inDB->fetch_assoc($result); //PAGE HEADING $pagetitle = $cat['title']; $inPage->setTitle($cat['title']); $inPage->addPathway($cat['title']); $inPage->setDescription($cat['title']); } //LIST OF SUBCATEGORIES $sql = "SELECT * FROM cms_faq_cats WHERE parent_id = $id AND id > 0 AND published = 1 ORDER BY title ASC "; $result = $inDB->query($sql) ; if ($inDB->num_rows($result)){ $subcats = array(); while($subcat = $inDB->fetch_assoc($result)){ $subcats[] = $subcat; } $is_subcats = true; } else { $is_subcats = false; } //CURRENT CATEGORY CONTENT $perpage = 15; $page = $inCore->request('page', 'int', 1); $records = 0; if ($id > 0){ $sql = "SELECT q.*, u.login, u.nickname FROM cms_faq_quests q LEFT JOIN cms_users u ON u.id = q.user_id WHERE q.category_id = $id AND q.published = 1 ORDER BY q.pubdate DESC LIMIT ".(($page-1)*$perpage).", $perpage"; $result_total = $inDB->query("SELECT id FROM cms_faq_quests WHERE category_id = $id AND published = 1") ; $records = $inDB->num_rows($result_total); } else { $sql = "SELECT q.*, c.title cat_title, c.id cid, u.login, u.nickname FROM cms_faq_quests q LEFT JOIN cms_faq_cats c ON c.id = q.category_id LEFT JOIN cms_users u ON u.id = q.user_id WHERE q.published = 1 ORDER BY q.pubdate DESC LIMIT 15"; } $result = $inDB->query($sql) ; if ($inDB->num_rows($result)){ $quests = array(); while($con = $inDB->fetch_assoc($result)){ $con['pubdate'] = $inCore->dateFormat($con['pubdate'], true, false, false); $con['quest'] = nl2br($con['quest']); $quests[] = $con; } $is_quests = true; } else { $is_quests = false; } cmsPage::initTemplate('components', 'com_faq_view')-> assign('pagetitle', $pagetitle)-> assign('id', $id)-> assign('subcats', $subcats)-> assign('is_subcats', $is_subcats)-> assign('quests', $quests)-> assign('cfg', $cfg)-> assign('is_quests', $is_quests)-> assign('is_user', $inUser->id)-> assign('pagebar', cmsPage::getPagebar($records, $page, $perpage, '/faq/%id%-%page%', array('id'=>$id)))-> display(); } ///////////////////////////////////// READ QUESTION //////////////////////////////////////////////////////////////////////////////// if ($do=='read'){ $sql = "SELECT con.*, cat.title cat_title, cat.id cat_id, u.login, u.nickname FROM cms_faq_quests con LEFT JOIN cms_faq_cats cat ON cat.id = con.category_id LEFT JOIN cms_users u ON u.id = con.user_id WHERE con.id = $id LIMIT 1"; $result = $inDB->query($sql); if ($inDB->num_rows($result)){ $inDB->query("UPDATE cms_faq_quests SET hits = hits + 1 WHERE id = $id") ; $quest = $inDB->fetch_assoc($result); $quest['pubdate'] = $inCore->dateFormat($quest['pubdate'], true, false, false); $quest['answerdate'] = $inCore->dateFormat($quest['answerdate'], true, false, false); if (mb_strlen($quest['quest'])>40) { $shortquest = mb_substr($quest['quest'], 0, 40).'...'; } else { $shortquest = $quest['quest']; } $quest['quest'] = nl2br($quest['quest']); $inPage->setTitle($shortquest); $inPage->setDescription($shortquest); $inPage->addPathway($quest['cat_title'], '/faq/'.$quest['cat_id']); $inPage->addPathway($shortquest); cmsPage::initTemplate('components', 'com_faq_read')-> assign('quest', $quest)-> assign('cfg', $cfg)-> assign('labels', array('comments' => $_LANG['ANSWERS'], 'add' => $_LANG['REPLY'], 'rss' => $_LANG['RSS_FEED'], 'not_comments' => $_LANG['NOT_ANSWERS']))-> assign('is_admin', $inUser->is_admin)-> display(); } else { cmsCore::error404(); } } ///////////////////////////////////// SEND QUEST //////////////////////////////////////////////////////////////////////////////// if ($do=='sendquest'){ if (!$inUser->id && !$cfg['guest_enabled']){ cmsCore::error404(); } $inPage->setTitle($_LANG['SET_QUESTION']); $inPage->addPathway($_LANG['SET_QUESTION']); $inPage->addHeadJS('components/faq/js/common.js'); $error = ''; $captha_code = $inCore->request('code', 'str', ''); $message = $inCore->request('message', 'str', ''); $category_id = $inCore->request('category_id', 'int', ''); $published = ($inUser->is_admin || $cfg['publish']) ? 1 : 0; $is_submit = $inCore->inRequest('message'); if ($is_submit && !$inUser->id && !cmsCore::checkCaptchaCode()) { $error = $_LANG['ERR_CAPTCHA']; } if (!$is_submit || $error){ if (IS_BILLING && $inUser->id){ cmsBilling::checkBalance('faq', 'add_quest'); } cmsPage::initTemplate('components', 'com_faq_add')-> assign('catslist', $inCore->getListItems('cms_faq_cats', $category_id))-> assign('user_id', $inUser->id)-> assign('message', htmlspecialchars($inCore->request('message', 'html', '')))-> assign('error', $error)-> display(); } else { //SAVE QUESTION $sql = "INSERT INTO cms_faq_quests (category_id, pubdate, published, quest, answer, user_id, answeruser_id, answerdate, hits) VALUES ('$category_id', NOW(), '$published', '$message', '', '{$inUser->id}', 0, NOW(), 0)"; $inDB->query($sql); $quest_id = $inDB->get_last_id('cms_faq_quests'); if (IS_BILLING && $inUser->id){ cmsBilling::process('faq', 'add_quest'); } $inPage->setTitle($_LANG['QUESTION_SEND']); $inPage->addPathway($_LANG['QUESTION_SEND']); if (!$published){ echo '<div class="con_heading">'.$_LANG['QUESTION_SEND'].'</div>'; echo '<div style="margin-top:10px">'.$_LANG['QUESTION_PREMODER'].'</div>'; echo '<div style="margin-top:10px"><a href="/faq">'.$_LANG['CONTINUE'].'</a></div>'; } elseif ($published) { $category = $inDB->get_field('cms_faq_cats', "id={$category_id}", 'title'); //регистрируем событие cmsActions::log('add_quest', array( 'object' => $_LANG['QUESTION'], 'object_url' => '/faq/quest'.$quest_id.'.html', 'object_id' => $quest_id, 'target' => $category, 'target_url' => '/faq/'.$category_id, 'target_id' => $category_id, 'description' => strip_tags( mb_strlen(strip_tags($message))>100 ? mb_substr($message, 0, 100) : $message ) )); $inCore->redirect('/faq/quest'.$quest_id.'.html'); } else { $inCore->redirect('/faq/quest'.$quest_id.'.html'); } } } ///////////////////////////////////// DELETE QUEST //////////////////////////////////////////////////////////////////////////////// if ($do=='delquest'){ $quest_id = $inCore->request('quest_id', 'int', 0); $user_id = $inUser->id; $sql = "SELECT con.id, con.quest, con.category_id FROM cms_faq_quests con WHERE con.id = '$quest_id' LIMIT 1"; $result = $inDB->query($sql); $quest = $inDB->fetch_assoc($result); if (!$user_id || !$quest_id || !$quest) { $inCore->redirectBack(); } if ( !$inCore->inRequest('confirm') ) { if (cmsUser::userIsAdmin($user_id)){ $inPage->setTitle($_LANG['DEL_QUES']); $inPage->addPathway($_LANG['DEL_QUES']); $confirm['title'] = $_LANG['DELETE_QUES']; $confirm['text'] = $_LANG['YOU_REALY_DELETE_QUES'].':<br> "<a href="/faq/quest'.$quest['id'].'.html">'.$quest['quest'].'</a>"<br><br>'; $confirm['action'] = $_SERVER['REQUEST_URI']; $confirm['yes_button'] = array(); $confirm['yes_button']['type'] = 'submit'; $confirm['yes_button']['name'] = 'confirm'; cmsPage::initTemplate('components', 'action_confirm')-> assign('confirm', $confirm)-> display(); } else { $inCore->redirectBack(); } } if ( $inCore->inRequest('confirm') ){ if (cmsUser::userIsAdmin($user_id)){ $model->deleteQuest($quest_id); } $inCore->redirect('/faq/'.$quest['category_id']); } } } //function
function board() { $inCore = cmsCore::getInstance(); global $_LANG; define('IS_BILLING', $inCore->isComponentInstalled('billing')); if (IS_BILLING) { cmsCore::loadClass('billing'); } $do = $inCore->do; $pagetitle = $inCore->getComponentTitle(); $pagekeys = $pagedesc = ''; cmsCore::c('page')->setTitle($pagetitle); cmsCore::c('page')->addPathway($pagetitle, '/board'); /////////////////////////////// VIEW CATEGORY ////////////////////////////////// if ($do == 'view') { //Получаем текущую категорию $category = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id); if (!$category || (!$category['published'] && !cmsCore::c('user')->is_admin)) { cmsCore::error404(); } if ($category['id'] != cmsCore::m('board')->root_cat['id']) { $pagetitle = $category['pagetitle'] ? $category['pagetitle'] : $category['title']; $pagekeys = $category['meta_keys']; $pagedesc = $category['meta_desc']; $category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $category['NSLeft'], $category['NSRight']); if ($category_path) { foreach($category_path as $pcat) { cmsCore::c('page')->addPathway($pcat['title'], '/board/'. $pcat['id']); } } } else { $category['title'] = $pagetitle = $inCore->menuTitle(); $category['description'] = cmsCore::m('board')->config['root_description']; $pagekeys = cmsCore::m('board')->config['meta_keys']; $pagedesc = cmsCore::m('board')->config['meta_desc']; } // rss в адресной строке $rss_cat_id = $category['id'] == cmsCore::m('board')->root_cat['id'] ? 'all' : $category['id']; cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'. $_LANG['BOARD'] .'" href="'. HOST .'/rss/board/'. $rss_cat_id .'/feed.rss">'); //Формируем категории $cats = cmsCore::m('board')->getSubCats($category['id']); // Формируем список объявлений // Устанавливаем категорию if ($category['id'] != cmsCore::m('board')->root_cat['id']) { cmsCore::m('board')->whereThisAndNestedCats($category['NSLeft'], $category['NSRight']); } //Город if (cmsCore::m('board')->city) { cmsCore::m('board')->whereCityIs(cmsCore::m('board')->city); $pagetitle .= ' :: '. cmsCore::m('board')->city; } // Типы объявлений if (cmsCore::m('board')->obtype && mb_stristr(icms_ucfirst($category['obtypes']), cmsCore::m('board')->obtype)) { cmsCore::m('board')->whereTypeIs(cmsCore::m('board')->obtype); $pagetitle .= ' :: '. cmsCore::m('board')->obtype; } // модератор или админ $is_moder = cmsCore::c('user')->is_admin || cmsCore::m('board')->is_moderator_by_group; // Общее количество объявлений по заданным выше условиям $total = cmsCore::m('board')->getAdvertsCount($is_moder, true); //устанавливаем сортировку $orderby = cmsCore::m('board')->getOrder('orderby', $category['orderby']); $orderto = cmsCore::m('board')->getOrder('orderto', $category['orderto']); cmsCore::c('db')->orderBy('is_vip DESC, '. $orderby, $orderto); //устанавливаем номер текущей страницы и кол-во объявлений на странице cmsCore::c('db')->limitPage(cmsCore::m('board')->page, $category['perpage']); // Получаем объявления $items = cmsCore::m('board')->getAdverts($is_moder, true, false, true); // Если объявлений на странице большей чем 1 нет, 404 if (!$items && cmsCore::m('board')->page > 1) { cmsCore::error404(); } // если не указаны ключевые слова, формируем их из названий рубрик и типов if (!$pagekeys && $cats) { foreach($cats as $c) { $keys[] = $c['title']; foreach (explode("\n", $c['obtypes']) as $obtype) { $keys[] = trim($obtype); } } $pagekeys = implode(',', $keys); } else if(!$cats) { $pagekeys = $category['title']; } // если не указано описание, формируем из текущих объявлений if (!$pagedesc && $items) { foreach ($items as $i) { $desc[] = $i['title']; } $pagedesc = implode('. ', $desc); } else if(!$items && $category['description']) { $pagedesc = crop($category['description']); } // Проставляем заголовки страницы и описание согласно выборки cmsCore::c('page')->setDescription(crop($pagedesc)); cmsCore::c('page')->setKeywords($pagekeys); cmsCore::c('page')->setTitle($pagetitle); // Отдаем в шаблон категории cmsPage::initTemplate('components', 'com_board_cats')-> assign('cats', $cats)-> assign('category', $category)-> assign('root_id', cmsCore::m('board')->root_cat['id'])-> assign('is_user', cmsCore::c('user')->id)-> assign('maxcols', cmsCore::m('board')->config['maxcols'])-> display(); $pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, $category['perpage'], '/board/%catid%-%page%', array('catid'=>$category['id'])); $order_form = $category['orderform'] ? cmsCore::m('board')->orderForm($orderby, $orderto, $category) : ''; // Отдаем в шаблон объявления cmsPage::initTemplate('components', 'com_board_items')-> assign('order_form', $order_form)-> assign('cfg', cmsCore::m('board')->config)-> assign('root_id', cmsCore::m('board')->root_cat['id'])-> assign('items', $items)-> assign('cat', $category)-> assign('maxcols', $category['maxcols'])-> assign('colwidth', round(100/$category['maxcols']))-> assign('pagebar', $pagebar)-> display(); } /////////////////////////////// VIEW USER ADV ////////////////////////////////// if ($do == 'by_user') { // логин пользователя $login = cmsCore::request('login', 'str', cmsCore::c('user')->login); // получаем данные пользователя $user = cmsUser::getShortUserData($login); if (!$user) { cmsCore::error404(); } $myprofile = cmsCore::m('board')->checkAccess($user['id']); cmsCore::c('page')->addPathway($user['nickname']); cmsCore::c('page')->setTitle($_LANG['BOARD'] .' - '. $user['nickname']); cmsCore::c('page')->setDescription($_LANG['BOARD'] .' - '. $user['nickname']); // Формируем список объявлений cmsCore::m('board')->whereUserIs($user['id']); // Общее количество объявлений по заданным выше условиям $total = cmsCore::m('board')->getAdvertsCount($myprofile); //устанавливаем сортировку cmsCore::c('db')->orderBy('pubdate', 'DESC'); //устанавливаем номер текущей страницы и кол-во объявлений на странице cmsCore::c('db')->limitPage(cmsCore::m('board')->page, 15); // Получаем объявления $items = cmsCore::m('board')->getAdverts($myprofile, true, false, true); // Если объявлений на странице большей чем 1 нет, 404 if(!$items && cmsCore::m('board')->page > 1){ cmsCore::error404(); } // Пагинация $pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, 15, '/board/by_user_'.$login.'/page-%page%'); // Показываем даты $category['showdate'] = 1; cmsPage::initTemplate('components', 'com_board_items')-> assign('cfg', cmsCore::m('board')->config)-> assign('page_title', $_LANG['BOARD'].' - '.$user['nickname'])-> assign('root_id', cmsCore::m('board')->root_cat['id'])-> assign('items', $items)-> assign('cat', $category)-> assign('maxcols', 1)-> assign('colwidth', 100)-> assign('pagebar', $pagebar)-> display(); } /////////////////////////////// VIEW ITEM ////////////////////////////////////// if ($do == 'read') { // получаем объявление $item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id); if (!$item) { cmsCore::error404(); } // неопубликованные показываем админам, модераторам и автору if (!$item['published'] && !$item['moderator']) { cmsCore::error404(); } // для неопубликованного показываем инфо: просрочено/на модерации if (!$item['published']) { $info_text = $item['is_overdue'] ? $_LANG['ADV_IS_EXTEND'] : $_LANG['ADV_IS_MODER']; cmsCore::addSessionMessage($info_text, 'info'); } else { // увеличиваем кол-во просмотров cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'hits', $item['hits']+1); } // формируем заголовок и тело сообщения $item['title'] = $item['obtype'].' '.$item['title']; $item['content'] = nl2br($item['content']); $item['content'] = cmsCore::m('board')->config['auto_link'] ? $inCore->parseSmiles($item['content']) : $item['content']; $category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $item['NSLeft'], $item['NSRight']); if ($category_path) { foreach ($category_path as $pcat) { cmsCore::c('page')->addPathway($pcat['title'], '/board/'.$pcat['id']); } } cmsCore::c('page')->addPathway($item['title']); $pagetitle = $item['pagetitle'] ? $item['pagetitle'] : $item['title']; $pagekeys = $item['meta_keys'] ? $item['meta_keys'] : $item['title']; $pagedesc = $item['meta_desc'] ? $item['meta_desc'] : $item['content']; cmsCore::c('page')->setTitle($pagetitle); cmsCore::c('page')->setDescription(crop($pagedesc)); cmsCore::c('page')->setKeywords($pagekeys); cmsPage::initTemplate('components', 'com_board_item')-> assign('item', $item)-> assign('cfg', cmsCore::m('board')->config)-> assign('user_id', cmsCore::c('user')->id)-> assign('is_admin', cmsCore::c('user')->is_admin)-> assign('formsdata', cmsForm::getFieldsValues($item['form_id'], $item['form_array']))-> assign('is_moder', cmsCore::m('board')->is_moderator_by_group)-> display(); } /////////////////////////////// NEW BOARD ITEM ///////////////////////////////// if ($do == 'additem') { // Получаем категории, в которые может загружать пользователь $catslist = cmsCore::m('board')->getPublicCats(cmsCore::m('board')->category_id); if (!$catslist) { cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV_ANY'], 'error'); $inCore->redirect('/board'); } $cat['is_photos'] = 1; $formsdata = array(); if (cmsCore::m('board')->category_id && cmsCore::m('board')->category_id != cmsCore::m('board')->root_cat['id']) { $cat = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id); $formsdata = cmsForm::getFieldsHtml($cat['form_id']); } cmsCore::c('page')->addPathway($_LANG['ADD_ADV']); if ( !cmsCore::inRequest('submit') ) { if (IS_BILLING) { cmsBilling::checkBalance('board', 'add_item'); } cmsCore::c('page')->setTitle($_LANG['ADD_ADV']); $item = cmsUser::sessionGet('item'); if ($item) { cmsUser::sessionDel('item'); } $item['city'] = !empty($item['city']) ? $item['city'] : cmsCore::c('user')->city; cmsPage::initTemplate('components', 'com_board_edit')-> assign('action', "/board/add.html")-> assign('form_do', 'add')-> assign('cfg', cmsCore::m('board')->config)-> assign('cat', $cat)-> assign('item', $item)-> assign('pagetitle', $_LANG['ADD_ADV'])-> assign('formsdata', $formsdata)-> assign('is_admin', cmsCore::c('user')->is_admin)-> assign('is_user', cmsCore::c('user')->id)-> assign('catslist', $catslist)-> assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)-> display(); cmsUser::sessionClearAll(); return; } if ( cmsCore::inRequest('submit') ) { // проверяем на заполненость скрытое поле $title_fake = cmsCore::request('title_fake', 'str', ''); // если оно заполнено, считаем что это бот, 404 if ($title_fake) { cmsCore::error404(); } $errors = false; // проверяем наличие категории if (!$cat['id']) { cmsCore::addSessionMessage($_LANG['NEED_CAT_ADV'], 'error'); $errors = true; } // Проверяем количество добавленных за сутки if (!cmsCore::m('board')->checkLoadedByUser24h($cat)){ cmsCore::addSessionMessage($_LANG['MAX_VALUE_OF_ADD_ADV'], 'error'); $errors = true; } // Можем ли добавлять в эту рубрику if (!cmsCore::m('board')->checkAdd($cat)){ cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV'], 'error'); $errors = true; } // входные данные $obtype = icms_ucfirst(cmsCore::request('obtype', 'str', '')); $title = trim(str_ireplace($obtype, '', cmsCore::request('title', 'str', ''))); $content = cmsCore::request('content', 'str', ''); $city = cmsCore::request('city', 'str', ''); if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) { $pagetitle = cmsCore::request('pagetitle', 'str', ''); $meta_keys = cmsCore::request('meta_keys', 'str', ''); $meta_desc = cmsCore::request('meta_desc', 'str', ''); } else { $pagetitle = $meta_keys = $meta_desc = ''; } $form_input = cmsForm::getFieldsInputValues($cat['form_id']); $formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values'])); $vipdays = cmsCore::request('vipdays', 'int', 0); $published = cmsCore::m('board')->checkPublished($cat); if (cmsCore::m('board')->config['srok']){ $pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50; } if (!cmsCore::m('board')->config['srok']){ $pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14; } // Проверяем значения if (!$title) { cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error'); $errors = true; } if (!$content) { cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error'); $errors = true; } if (!$city) { cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error'); $errors = true; } if (!cmsCore::c('user')->id && !cmsCore::checkCaptchaCode()) { cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error'); $errors = true; } // Проверяем значения формы foreach ($form_input['errors'] as $field_error) { if ($field_error) { cmsCore::addSessionMessage($field_error, 'error'); $errors = true; } } if ($errors) { $item['content'] = htmlspecialchars(stripslashes($_REQUEST['content'])); $item['city'] = stripslashes($city); $item['title'] = stripslashes($title); $item['obtype'] = $obtype; cmsUser::sessionPut('item', $item); cmsCore::redirect('/board/'. cmsCore::m('board')->category_id .'/add.html'); } if ($cat['is_photos']) { // Загружаем фото $file = cmsCore::m('board')->uploadPhoto('', $cat); } else { $file['filename'] = ''; cmsCore::addSessionMessage($_LANG['INFO_CAT_NO_PHOTO'], 'info'); } $add = array( 'category_id' => cmsCore::m('board')->category_id, 'user_id' => cmsCore::c('user')->id, 'obtype' => $obtype, 'title' => $title, 'content' => $content, 'formsdata' => $formsdata, 'city' => $city, 'pubdays' => $pubdays, 'published' => $published, 'pagetitle' => $pagetitle, 'meta_keys' => $meta_keys, 'meta_desc' => $meta_desc, 'file' => $file['filename'] ); $add['id'] = cmsCore::m('board')->addRecord($add); if (cmsCore::c('user')->is_admin && $vipdays) { cmsCore::m('board')->setVip($add['id'], $vipdays); } if (IS_BILLING) { cmsBilling::process('board', 'add_item'); if (cmsCore::m('board')->config['vip_enabled'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) { if ($vipdays > cmsCore::m('board')->config['vip_max_days']) { $vipdays = cmsCore::m('board')->config['vip_max_days']; } $summ = $vipdays * cmsCore::m('board')->config['vip_day_cost']; if (cmsCore::c('user')->balance >= $summ) { cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']); cmsCore::m('board')->setVip($add['id'], $vipdays); } } } cmsUser::sessionClearAll(); if ($published) { //регистрируем событие cmsActions::log('add_board', array( 'object' => $obtype .' '. $title, 'object_url' => '/board/read'. $add['id'] .'.html', 'object_id' => $add['id'], 'target' => $cat['title'], 'target_url' => '/board/'. $cat['id'], 'target_id' => $cat['id'], 'description' => '' )); cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'], 'success'); cmsCore::callEvent('ADD_BOARD_DONE', $add); cmsCore::redirect('/board/read'. $add['id'] .'.html'); } if (!$published) { $link = '<a href="/board/read'. $add['id'] .'.html">'. $obtype .' '. $title .'</a>'; if (cmsCore::c('user')->id) { $user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>'; } else { $user = $_LANG['BOARD_GUEST'] .', ip: '. cmsCore::c('user')->ip; } $message = str_replace('%user%', $user, $_LANG['MSG_ADV_SUBMIT']); $message = str_replace('%link%', $link, $message); cmsUser::sendMessage(USER_UPDATER, 1, $message); cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'] .'<br>'. $_LANG['ADV_PREMODER_TEXT'], 'success'); cmsCore::redirect('/board/'.cmsCore::m('board')->category_id); } } } /////////////////////////////// EDIT BOARD ITEM //////////////////////////////// if ($do == 'edititem') { $item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id); $cat = cmsCore::m('board')->getCategory($item['category_id']); if (!$cat || !$item) { cmsCore::error404(); } cmsCore::c('page')->setTitle($_LANG['EDIT_ADV']); cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']); cmsCore::c('page')->addPathway($_LANG['EDIT_ADV']); if (!$item['moderator']) { cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error'); cmsCore::redirect('/board/read'. $item['id'] .'.html'); } $errors = false; if (!cmsCore::inRequest('submit')) { cmsPage::initTemplate('components', 'com_board_edit')-> assign('action', "/board/edit{$item['id']}.html")-> assign('form_do', 'edit')-> assign('cfg', cmsCore::m('board')->config)-> assign('cat', $cat)-> assign('item', $item)-> assign('pagetitle', $_LANG['EDIT_ADV'])-> assign('is_admin', cmsCore::c('user')->is_admin)-> assign('catslist', cmsCore::m('board')->getPublicCats($item['category_id'], true))-> assign('formsdata', cmsForm::getFieldsHtml($cat['form_id'], $item['form_array']))-> assign('is_user', cmsCore::c('user')->id)-> assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)-> display(); cmsUser::sessionClearAll(); } if (cmsCore::inRequest('submit')) { $new_cat_id = cmsCore::request('category_id', 'int', 0); if ($new_cat_id) { $item['category_id'] = $new_cat_id; } $form_input = cmsForm::getFieldsInputValues($cat['form_id']); $formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values'])); if ($item['is_overdue'] && !$item['published']) { if (cmsCore::m('board')->config['srok']) { $pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50; } if (!cmsCore::m('board')->config['srok']) { $pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14; } $pubdate = date('Y-m-d H:i:s'); } else { $pubdays = $item['pubdays']; $pubdate = $item['fpubdate']; } $update['obtype'] = icms_ucfirst(cmsCore::request('obtype', 'str')); $update['title'] = trim(str_ireplace($update['obtype'], '', cmsCore::request('title', 'str', ''))); $update['category_id'] = $item['category_id']; $update['content'] = cmsCore::request('content', 'str', ''); $update['formsdata'] = $formsdata; $update['city'] = cmsCore::request('city', 'str', ''); $update['pubdate'] = $pubdate; $update['pubdays'] = $pubdays; $update['published'] = cmsCore::m('board')->checkPublished($cat, true); if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) { $update['pagetitle'] = cmsCore::request('pagetitle', 'str', ''); $update['meta_keys'] = cmsCore::request('meta_keys', 'str', ''); $update['meta_desc'] = cmsCore::request('meta_desc', 'str', ''); } if (!$update['title']) { cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error'); $errors = true; } if (!$update['content']) { cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error'); $errors = true; } if (!$update['city']) { cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error'); $errors = true; } // Проверяем значения формы foreach ($form_input['errors'] as $field_error) { if ($field_error) { cmsCore::addSessionMessage($field_error, 'error'); $errors = true; } } if ($errors) { $inCore->redirect('/board/edit'. $item['id'] .'.html'); } if ($cat['is_photos']) { // Загружаем фото $file = cmsCore::m('board')->uploadPhoto($item['file'], $cat); } $update['file'] = $file['filename'] ? $file['filename'] : $item['file']; // обновляем объявление cmsCore::m('board')->updateRecord($item['id'], $update); // обновляем запись в ленте активности cmsActions::updateLog('add_board', array('object' => $update['obtype'] .' '. $update['title']), $item['id']); $vipdays = cmsCore::request('vipdays', 'int', 0); if (cmsCore::c('user')->is_admin) { if ($vipdays > 0) { cmsCore::m('board')->setVip($item['id'], $vipdays); } if ($vipdays == -1) { cmsCore::m('board')->deleteVip($item['id']); } } if (IS_BILLING) { if (cmsCore::m('board')->config['vip_enabled'] && cmsCore::m('board')->config['vip_prolong'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) { if ($vipdays > cmsCore::m('board')->config['vip_max_days']) { $vipdays = cmsCore::m('board')->config['vip_max_days']; } $summ = $vipdays * cmsCore::m('board')->config['vip_day_cost']; if (cmsCore::c('user')->balance >= $summ) { cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']); cmsCore::m('board')->setVip($item['id'], $vipdays); } } } cmsUser::sessionClearAll(); if (!$update['published']) { $link = '<a href="/board/read'. $item['id'] .'.html">'. $update['obtype'] .' '. $update['title'] .'</a>'; $user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>'; $message = str_replace(array('%link%','%user%'), array($link,$user), $_LANG['MSG_ADV_EDITED']); cmsUser::sendMessage(USER_UPDATER, 1, $message); cmsCore::addSessionMessage($_LANG['ADV_EDIT_PREMODER_TEXT'], 'info'); } cmsCore::addSessionMessage($_LANG['ADV_MODIFIED'], 'success'); cmsCore::redirect('/board/read'. $item['id'] .'.html'); } } ///////////////////////// PUBLISH BOARD ITEM /////////////////////////////////// if ($do == 'publish') { $item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id); if (!$item) { cmsCore::error404(); } // если уже опубликовано, 404 if ($item['published']) { cmsCore::error404(); } // публиковать могут админы и модераторы доски if (!cmsCore::c('user')->is_admin && !cmsCore::m('board')->is_moderator_by_group) { cmsCore::error404(); } // публикуем cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'published', 1); cmsCore::callEvent('ADD_BOARD_DONE', $item); if ($item['user_id']) { //регистрируем событие cmsActions::log('add_board', array( 'object' => $item['obtype'] .' '. $item['title'], 'user_id' => $item['user_id'], 'object_url' => '/board/read'. $item['id'] .'.html', 'object_id' => $item['id'], 'target' => $item['category'], 'target_url' => '/board/'. $item['cat_id'], 'target_id' => $item['cat_id'], 'description' => '' )); $link = '<a href="/board/read'. $item['id'] .'.html">'. $item['obtype'] .' '. $item['title'] .'</a>'; $message = str_replace('%link%', $link, $_LANG['MSG_ADV_ACCEPTED']); cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message); } cmsCore::addSessionMessage($_LANG['ADV_IS_ACCEPTED'], 'success'); cmsCore::redirect('/board/read'. $item['id'] .'.html'); } /////////////////////////////// DELETE BOARD ITEM ////////////////////////////// if ($do == 'delete') { $item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id); if (!$item) { cmsCore::error404(); } if (!$item['moderator']) { cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error'); cmsCore::redirect('/board/'. $item['cat_id']); } if (!cmsCore::inRequest('godelete')) { cmsCore::c('page')->setTitle($_LANG['DELETE_ADV']); cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']); cmsCore::c('page')->addPathway($_LANG['DELETE_ADV']); $confirm['title'] = $_LANG['DELETING_ADV']; $confirm['text'] = $_LANG['YOU_SURE_DELETE_ADV'] .' "'. $item['title'] .'"?'; $confirm['action'] = $_SERVER['REQUEST_URI']; $confirm['yes_button']['name'] = 'godelete'; cmsPage::initTemplate('components', 'action_confirm')-> assign('confirm', $confirm)-> display(); } if (cmsCore::inRequest('godelete')) { cmsCore::m('board')->deleteRecord(cmsCore::m('board')->item_id); cmsCore::addSessionMessage($_LANG['ADV_IS_DELETED'], 'success'); cmsCore::redirect('/board/'. $item['cat_id']); } } }
function comments($target = '', $target_id = 0, $labels = array()) { $inCore = cmsCore::getInstance(); $inPage = cmsPage::getInstance(); $inDB = cmsDatabase::getInstance(); $inUser = cmsUser::getInstance(); cmsCore::loadModel('comments'); $model = new cms_model_comments($labels); // Проверяем включени ли компонент if (!$inCore->isComponentEnable('comments')) { return false; } // Инициализируем права доступа для группы текущего пользователя $model->initAccess(); global $_LANG; $do = $inCore->do; $page = cmsCore::request('page', 'int', 1); $id = cmsCore::request('id', 'int', 0); $login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', ''))); $inPage->addHeadJS('components/comments/js/comments.js'); $inPage->addHeadJsLang(array('EDIT_COMMENT', 'CONFIRM_DEL_COMMENT', 'COMMENT_IN_LINK')); //========================================================================================================================// //========================================================================================================================// if ($do == 'view' && !$target && !$target_id) { if (!$login) { $myprofile = false; $page_title = $inCore->getComponentTitle(); $inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . $_LANG['COMMENTS'] . '" href="' . HOST . '/rss/comments/all/feed.rss">'); } else { // проверяем что пользователь есть $user = cmsUser::getShortUserData($login); if (!$user) { cmsCore::error404(); } // Мои комментарии $myprofile = $inUser->id == $user['id']; $page_title = $_LANG['COMMENTS'] . ' - ' . $user['nickname']; $inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login'])); // Добавляем условие в выборку $model->whereUserIs($user['id']); } $inPage->setTitle($page_title); $inPage->addPathway($page_title); // флаг модератора $is_moder = $inUser->is_admin || $model->is_can_moderate; // Не админам только открытые комментарии if (!($is_moder || $myprofile)) { $model->whereIsShow(); } // Общее количество комментариев $total = $model->getCommentsCount(!($is_moder || $myprofile)); // Сортировка и разбивка на страницы $inDB->orderBy('c.pubdate', 'DESC'); $inDB->limitPage($page, $model->config['perpage']); // Сами комментарии $comments = $total ? $model->getComments(!($is_moder || $myprofile)) : array(); $inDB->resetConditions(); if (!$comments && $page > 1) { cmsCore::error404(); } // пагинация if (!$login) { $pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], '/comments/page-%page%'); } else { $pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], 'javascript:centerLink(\'/comments/by_user_' . $user['login'] . '/page-%page%\')'); } // Отдаем в шаблон cmsPage::initTemplate('components', 'com_comments_list_all')->assign('comments_count', $total)->assign('comments', $comments)->assign('pagebar', $pagebar)->assign('is_user', $inUser->id)->assign('page_title', $page_title)->assign('cfg', $model->config)->assign('is_admin', $is_moder)->display('com_comments_list_all.tpl'); } //========================================================================================================================// //========================================================================================================================// if (!in_array($do, array('add', 'edit', 'delete')) && $target && $target_id) { if (!$model->config['cmm_ajax']) { $model->whereTargetIs($target, $target_id); $inDB->orderBy('c.pubdate', 'ASC'); $comments = cmsCore::callEvent('BEFORE_SHOW_COMMENTS', $model->getComments(!($inUser->is_admin || $model->is_can_moderate), true)); $total = count($comments); ob_start(); cmsPage::initTemplate('components', 'com_comments_list')->assign('comments_count', $total)->assign('comments', $comments)->assign('user_can_moderate', $model->is_can_moderate)->assign('user_can_delete', $model->is_can_delete)->assign('user_can_add', $model->is_can_add)->assign('is_admin', $inUser->is_admin)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('labels', $model->labels)->assign('target', $target)->assign('target_id', $target_id)->display('com_comments_list.tpl'); $html = ob_get_clean(); } else { $model->whereTargetIs($target, $target_id); $total = $model->getCommentsCount(!($inUser->is_admin || $model->is_can_moderate)); $inDB->resetConditions(); } cmsPage::initTemplate('components', 'com_comments_view')->assign('comments_count', $total)->assign('target', $target)->assign('target_id', $target_id)->assign('is_admin', $inUser->is_admin)->assign('labels', $model->labels)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('user_can_add', $model->is_can_add)->assign('html', isset($html) ? $html : '')->assign('add_comment_js', "addComment('" . $target . "', '" . $target_id . "', 0)")->assign('user_subscribed', cmsUser::isSubscribed($inUser->id, $target, $target_id))->display('com_comments_view.tpl'); } //========================================================================================================================// //========================================================================================================================// // Добавление комментария, форма добавления в addform.php if ($do == 'add') { // Только аякс if (!cmsCore::isAjax()) { cmsCore::error404(); } // Очищаем буфер ob_end_clean(); // Добавлять могут только админы и те, кому разрешено в настройках группы if (!$model->is_can_add && !$inUser->is_admin) { cmsCore::error404(); } // Входные данные $comment['guestname'] = cmsCore::request('guestname', 'str', ''); $comment['user_id'] = $inUser->id; if ($model->is_can_bbcode) { $content = cmsCore::request('content', 'html', ''); $comment['content_bbcode'] = $inDB->escape_string($content); $content = cmsCore::parseSmiles($content, true); $comment['content'] = $inDB->escape_string($content); } else { $comment['content'] = cmsCore::request('content', 'str', ''); $comment['content_bbcode'] = $comment['content']; $comment['content'] = str_replace(array('\\r', '\\n'), '<br>', $comment['content']); } $comment['parent_id'] = cmsCore::request('parent_id', 'int', 0); $comment['target'] = cmsCore::request('target', 'str', ''); $comment['target_id'] = cmsCore::request('target_id', 'int', 0); $comment['ip'] = cmsCore::strClear($_SERVER['REMOTE_ADDR']); // Проверяем правильность/наличие входных парамеров // цель комментария if (!$comment['target'] || !$comment['target_id']) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'])); } // Имя гостя отсутствует if (!$comment['guestname'] && !$inUser->id) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_USER_NAME'])); } // Текст комментраия отсутствует if (!$comment['content']) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT'])); } // проверяем каптчу $need_captcha = $model->config['regcap'] ? true : ($inUser->id ? false : true); if ($need_captcha && !cmsCore::checkCaptchaCode(cmsCore::request('code', 'str', ''))) { cmsCore::jsonOutput(array('error' => true, 'is_captcha' => true, 'text' => $_LANG['ERR_CAPTCHA'])); } // получаем массив со ссылкой и заголовком цели комментария // для этого: // 1. узнаем ответственный компонент из cms_comment_targets $target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*'); if (!$target) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1')); } // 2. подключим модель этого компонента if (cmsCore::loadModel($target['component'])) { $model_class = 'cms_model_' . $target['component']; if (class_exists($model_class)) { $target_model = new $model_class(); } } if (!isset($target_model)) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #2')); } // 3. запросим массив $target_data[link, title] у метода getCommentTarget модели $target_data = $target_model->getCommentTarget($comment['target'], $comment['target_id']); if (!$target_data) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #3')); } $comment['target_title'] = $target_data['title']; $comment['target_link'] = $target_data['link']; // 4. Узнаем видимость комментария в модели $target_model if (method_exists($target_model, 'getVisibility')) { $comment['is_hidden'] = $target_model->getVisibility($comment['target'], $comment['target_id']); } else { $comment['is_hidden'] = 0; } // публикация согласно настроек $comment['published'] = $inUser->is_admin || $model->is_can_moderate || $model->is_add_published ? 1 : 0; // Проверяем токен перед самым добавлением комментария if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } // 5. добавляем комментарий в базу $comment_id = $model->addComment($comment); // 6. Пересчитываем количество комментариев у цели если нужно if (method_exists($target_model, 'updateCommentsCount')) { $target_model->updateCommentsCount($comment['target'], $comment['target_id']); } if (!$comment['is_hidden'] && $comment['published']) { //регистрируем событие $content_short = strip_tags($comment['content']); cmsActions::log('add_comment', array('object' => $_LANG['COMMENT'], 'object_url' => $comment['target_link'] . '#c' . $comment_id, 'object_id' => $comment_id, 'target' => $comment['target_title'], 'target_url' => $comment['target_link'], 'target_id' => $comment['target_id'], 'description' => mb_strlen($content_short) > 140 ? mb_substr($content_short, 0, 140) : $content_short)); } //////////////////////////////////////////////////////////////// ///////////////// Операции по уведомлениям ///////////////////// $inConf = cmsConfig::getInstance(); $from_nick = $inUser->id ? $inUser->nickname : $comment['guestname']; $targetlink = HOST . $comment['target_link'] . '#c' . $comment_id; //получаем ID и e-mail автора $author = $inUser->id ? $model->getTargetAuthor($target['target_table'], $comment['target_id']) : ''; //подписываем пользователя на обновления, если нужно if ($inUser->id && cmsCore::inRequest('subscribe')) { cmsUser::subscribe($inUser->id, $comment['target'], $comment['target_id']); } if ($comment['published']) { //рассылаем уведомления о новом комменте cmsUser::sendUpdateNotify($comment['target'], $comment['target_id'], array('link' => $comment['target_link'] . '#c' . $comment_id, 'title' => stripslashes($comment['target_title']), 'letter_file' => 'newcomment', 'author' => $inUser->id ? $inUser->nickname : $comment['guestname'])); //проверяем и выдаем награду если нужно cmsUser::checkAwards($inUser->id); } //отправляем админу уведомление о комментарии на e-mail, если нужно if ($model->config['email']) { $mailmsg = str_replace(array('{sitename}', '{date}', '{from}', '{subjtitle}', '{targetlink}', '{content}'), array($inConf->sitename, date('d/m/Y (H:i)'), $from_nick, stripslashes($comment['target_title']), $targetlink, strip_tags($comment['content'])), cmsCore::getLanguageTextFile('newcomment_admin')); $inCore->mailText($model->config['email'], '', $mailmsg); } //отправляем автору уведомление на e-mail if ($author && $comment['published']) { if ($model->isAuthorNeedMail($author['id']) && $inUser->id != $author['id']) { $letter = cmsCore::getLanguageTextFile('newpostcomment'); $letter = str_replace('{sitename}', $inConf->sitename, $letter); $letter = str_replace('{subj}', $target['subj'], $letter); $letter = str_replace('{subjtitle}', stripslashes($comment['target_title']), $letter); $letter = str_replace('{targetlink}', $targetlink, $letter); $letter = str_replace('{date}', date('d/m/Y H:i:s'), $letter); $letter = str_replace('{from}', $from_nick, $letter); $inCore->mailText($author['email'], '', $letter); } } if (!$comment['published']) { $message = str_replace(array('%user%', '%targetlink%'), array($from_nick, $targetlink), $_LANG['COMM_PREMODER_ADMIN_TEXT']); cmsUser::sendMessage(USER_UPDATER, 1, $message); } cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id'], 'is_premod' => $comment['published'] ? 0 : $_LANG['COMM_PREMODER_TEXT'], 'comment_id' => $comment_id)); } //========================================================================================================================// //========================================================================================================================// if ($do == 'edit') { if (!cmsCore::isAjax()) { cmsCore::error404(); } $comment = $model->getComment(cmsCore::request('comment_id', 'int', 0)); if (!$comment) { die; } // редактировать могут авторы (если время редактирования есть) // модераторы и администраторы if (!$model->is_can_moderate && !$inUser->is_admin && !($inUser->id == $comment['user_id'] && $comment['is_editable'])) { cmsCore::error404(); } if ($model->is_can_bbcode) { $content = cmsCore::request('content', 'html', ''); $com_new['content_bbcode'] = $inDB->escape_string($content); $com_new['content'] = $inDB->escape_string(cmsCore::parseSmiles($content, true)); } else { $com_new['content'] = cmsCore::request('content', 'str', ''); $com_new['content_bbcode'] = $com_new['content']; $com_new['content'] = str_replace(array('\\r', '\\n'), '<br>', $com_new['content']); } // Текст комментраия отсутствует if (!$com_new['content']) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT'])); } if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } //Если ошибок не было, //обновляем комментарий в базе $model->updateComment($comment['id'], $com_new); // Обновляем в ленте активности $content_short = mb_substr(strip_tags($com_new['content']), 0, 140); cmsActions::updateLog('add_comment', array('description' => $content_short), $comment['id']); $com_new['content'] = stripslashes(str_replace(array('\\r', '\\n'), ' ', $com_new['content'])); $com_new = cmsCore::callEvent('GET_COMMENT', $com_new); cmsCore::jsonOutput(array('error' => false, 'text' => $com_new['content'], 'comment_id' => $comment['id'])); } //========================================================================================================================// //========================================================================================================================// if ($do == 'delete') { if (!cmsCore::isAjax()) { cmsCore::error404(); } $comment = $model->getComment($id); if (!$comment) { cmsCore::error404(); } if (!$inUser->id && !($model->is_can_delete && $inUser->id == $comment['user_id']) && !$model->is_can_moderate && !$inUser->is_admin) { cmsCore::error404(); } //узнаем ответственный компонент из cms_comment_targets $target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*'); if (!$target) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1')); } if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $model->deleteComment($id); //подключим модель этого компонента if (cmsCore::loadModel($target['component'])) { $model_class = 'cms_model_' . $target['component']; if (class_exists($model_class)) { $target_model = new $model_class(); // Пересчитываем количество комментариев у цели если нужно if (method_exists($target_model, 'updateCommentsCount')) { $target_model->updateCommentsCount($comment['target'], $comment['target_id']); } } } cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id'])); } }
/** * Валидация каптчи * @return bool */ public static function checkCaptchaCode() { return cmsCore::checkCaptchaCode(); }
function registration(){ header('X-Frame-Options: DENY'); $inCore = cmsCore::getInstance(); global $_LANG; $do = $inCore->do; //============================================================================// if ($do == 'sendremind') { if (cmsCore::c('user')->id) { cmsCore::error404(); } cmsCore::c('page')->setTitle($_LANG['REMINDER_PASS']); cmsCore::c('page')->addPathway($_LANG['REMINDER_PASS']); if (!cmsCore::inRequest('goremind')){ cmsPage::initTemplate('components', 'com_registration_sendremind')-> display(); } else { if(!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $email = cmsCore::request('email', 'email', ''); if(!$email) { cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error'); cmsCore::redirectBack(); } $usr = cmsUser::getShortUserData($email); if(!$usr || $usr['is_locked'] || $usr['is_deleted']) { cmsCore::addSessionMessage($_LANG['ADRESS'].' "'.$email.'" '.$_LANG['NOT_IN_OUR_BASE'], 'error'); cmsCore::redirectBack(); } if (cmsUser::userIsAdmin($usr['id'])) { cmsCore::addSessionMessage($_LANG['NOT_ADMIN_SENDREMIND'], 'error'); cmsCore::redirectBack(); } $usercode = md5($usr['id'] . '-' . uniqid() . '-' . microtime() . '-' . PATH); $sql = "INSERT cms_users_activate (pubdate, user_id, code) VALUES (NOW(), '". $usr['id'] ."', '". $usercode ."')"; cmsCore::c('db')->query($sql); $newpass_link = HOST .'/registration/remind/'. $usercode; $mail_message = $_LANG['HELLO'].', ' . $usr['nickname'] . '!'. "\n\n"; $mail_message .= $_LANG['REMINDER_TEXT'].' "'.cmsCore::c('config')->sitename.'".' . "\n\n"; $mail_message .= $_LANG['YOUR_LOGIN'].': ' .$usr['login']. "\n\n"; $mail_message .= $_LANG['NEW_PASS_LINK'].":\n" .$newpass_link . "\n\n"; $mail_message .= $_LANG['LINK_EXPIRES']. "\n\n"; $mail_message .= $_LANG['SIGNATURE'].', '. cmsCore::c('config')->sitename . ' ('.HOST.').' . "\n"; $mail_message .= date('d-m-Y (H:i)'); $inCore->mailText($email, cmsCore::c('config')->sitename.' - '.$_LANG['REMINDER_PASS'], $mail_message); cmsCore::addSessionMessage($_LANG['NEW_PAS_SENDED'], 'info'); cmsCore::redirect('/login'); } } //============================================================================// if ($do == 'remind') { if (cmsCore::c('user')->id) { cmsCore::error404(); } $usercode = cmsCore::request('code', 'str', ''); //проверяем формат кода if (!preg_match('/^[0-9a-f]{32}$/i', $usercode)){ cmsCore::error404(); } // проверяем код $user_id = cmsCore::c('db')->get_field('cms_users_activate', "code = '". $usercode ."'", 'user_id'); if (!$user_id) { cmsCore::error404(); } //получаем пользователя $user = cmsCore::c('db')->get_fields('cms_users', "id = '". $user_id ."'", '*'); if (!$user) { cmsCore::error404(); } if (cmsUser::userIsAdmin($user['id'])) { cmsCore::error404(); } if (cmsCore::inRequest('submit')){ if(!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $errors = false; $pass = cmsCore::request('pass', 'str', ''); $pass2 = cmsCore::request('pass2', 'str', ''); if(!$pass) { cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error'); $errors = true; } if($pass && !$pass2) { cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error'); $errors = true; } if($pass && $pass2 && mb_strlen($pass)<6) { cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error'); $errors = true; } if($pass && $pass2 && $pass != $pass2) { cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error'); $errors = true; } if ($errors){ cmsCore::redirectBack(); } $md5_pass = md5($pass); cmsCore::c('db')->query("UPDATE cms_users SET password = '******', logdate = NOW() WHERE id = '". $user['id'] ."'"); cmsCore::c('db')->query("DELETE FROM cms_users_activate WHERE code = '". $usercode ."'"); cmsCore::addSessionMessage($_LANG['CHANGE_PASS_COMPLETED'], 'info'); cmsCore::c('user')->signInUser($user['login'], $pass, true); cmsCore::redirect(cmsUser::getProfileURL($user['login'])); } cmsCore::c('page')->setTitle($_LANG['RECOVER_PASS']); cmsCore::c('page')->addPathway($_LANG['RECOVER_PASS']); cmsPage::initTemplate('components', 'com_registration_remind')-> assign('cfg', cmsCore::m('registration')->config)-> assign('user', $user)-> display(); } //============================================================================// if ($do=='register'){ if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } if (cmsCore::c('user')->id && !cmsCore::c('user')->is_admin) { if ($inCore->menuId() == 1) { return; } else { cmsCore::error404(); } } // регистрация закрыта if (!cmsCore::m('registration')->config['is_on']){ cmsCore::error404(); } // регистрация по инвайтам if (cmsCore::m('registration')->config['reg_type']=='invite'){ if (!cmsCore::m('users')->checkInvite(cmsUser::sessionGet('invite_code'))) { cmsCore::error404(); } } $errors = false; // получаем данные $item['login'] = cmsCore::request('login', 'str', ''); $item['email'] = cmsCore::request('email', 'email'); $item['icq'] = cmsCore::request('icq', 'str', ''); $item['city'] = cmsCore::request('city', 'str', ''); $item['nickname'] = cmsCore::request('nickname', 'str', ''); $item['realname1'] = cmsCore::request('realname1', 'str', ''); $item['realname2'] = cmsCore::request('realname2', 'str', ''); $pass = cmsCore::request('pass', 'str', ''); $pass2 = cmsCore::request('pass2', 'str', ''); // проверяем логин if(mb_strlen($item['login'])<2 || mb_strlen($item['login'])>15 || is_numeric($item['login']) || !preg_match("/^([a-z0-9])+$/ui", $item['login'])) { cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error'); $errors = true; } // проверяем пароль if(!$pass) { cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error'); $errors = true; } if($pass && !$pass2) { cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error'); $errors = true; } if($pass && $pass2 && mb_strlen($pass)<6) { cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error'); $errors = true; } if($pass && $pass2 && $pass != $pass2) { cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error'); $errors = true; } // Проверяем nickname или имя и фамилию if(cmsCore::m('registration')->config['name_mode']=='nickname'){ if(!$item['nickname']) { cmsCore::addSessionMessage($_LANG['TYPE_NICKNAME'], 'error'); $errors = true; } } else { if(!$item['realname1']) { cmsCore::addSessionMessage($_LANG['TYPE_NAME'], 'error'); $errors = true; } if(!$item['realname2']) { cmsCore::addSessionMessage($_LANG['TYPE_SONAME'], 'error'); $errors = true; } $item['nickname'] = trim($item['realname1']) . ' ' . trim($item['realname2']); } if (mb_strlen($item['nickname'])<2) { cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error'); $errors = true; } if(cmsCore::m('registration')->getBadNickname($item['nickname'])){ cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error'); $errors = true; } // Проверяем email if(!$item['email']) { cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error'); $errors = true; } // День рождения list($item['bday'], $item['bmonth'], $item['byear']) = array_values(cmsCore::request('birthdate', 'array_int', array())); $item['birthdate'] = sprintf('%04d-%02d-%02d', $item['byear'], $item['bmonth'], $item['bday']); // получаем данные конструктора форм $item['formsdata'] = ''; if(isset(cmsCore::m('users')->config['privforms'])){ if (is_array(cmsCore::m('users')->config['privforms'])){ foreach(cmsCore::m('users')->config['privforms'] as $form_id){ $form_input = cmsForm::getFieldsInputValues($form_id); $item['formsdata'] .= cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values'])); // Проверяем значения формы foreach ($form_input['errors'] as $field_error) { if($field_error){ cmsCore::addSessionMessage($field_error, 'error'); $errors = true; } } } } } // Проверяем каптчу if(!cmsCore::checkCaptchaCode()) { cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error'); $errors = true; } // проверяем есть ли такой пользователь $user_exist = cmsCore::c('db')->get_fields('cms_users', "(login LIKE '{$item['login']}' OR email LIKE '{$item['email']}') AND is_deleted = 0", 'id, login, email'); if($user_exist){ if($user_exist['login'] == $item['login']){ cmsCore::addSessionMessage($_LANG['LOGIN'].' "'.$item['login'].'" '.$_LANG['IS_BUSY'], 'error'); $errors = true; } else { cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error'); $errors = true; } } // В случае ошибок, возвращаемся в форму if($errors){ cmsUser::sessionPut('item', $item); cmsCore::redirect('/registration'); } ////////////////////////////////////////////// //////////// РЕГИСТРАЦИЯ ///////////////////// ////////////////////////////////////////////// $item['is_locked'] = cmsCore::m('registration')->config['act']; $item['password'] = md5($pass); $item['orig_password'] = $pass; $item['group_id'] = cmsCore::m('registration')->config['default_gid']; $item['regdate'] = date('Y-m-d H:i:s'); $item['logdate'] = date('Y-m-d H:i:s'); if (cmsUser::sessionGet('invite_code')){ $invite_code = cmsUser::sessionGet('invite_code'); $item['invited_by'] = (int)cmsCore::m('users')->getInviteOwner($invite_code); if ($item['invited_by']){ cmsCore::m('users')->closeInvite($invite_code); } cmsUser::sessionDel('invite_code'); } else { $item['invited_by'] = 0; } $item = cmsCore::callEvent('USER_BEFORE_REGISTER', $item); $item['id'] = $item['user_id'] = cmsCore::c('db')->insert('cms_users', $item); if(!$item['id']){ cmsCore::error404(); } cmsCore::c('db')->insert('cms_user_profiles', $item); cmsCore::callEvent('USER_REGISTER', $item); if ($item['is_locked']){ cmsCore::m('registration')->sendActivationNotice($pass, $item['id']); cmsPage::includeTemplateFile('special/regactivate.php'); cmsCore::halt(); } else { cmsActions::log('add_user', array( 'object' => '', 'user_id' => $item['id'], 'object_url' => '', 'object_id' => $item['id'], 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => '' )); if (cmsCore::m('registration')->config['send_greetmsg']){ cmsCore::m('registration')->sendGreetsMessage($item['id']); } cmsCore::m('registration')->sendRegistrationNotice($pass, $item['id']); $back_url = cmsCore::c('user')->signInUser($item['login'], $pass, true); cmsCore::redirect($back_url); } } //============================================================================// if ($do=='view'){ $pagetitle = $inCore->getComponentTitle(); cmsCore::c('page')->setTitle($pagetitle); cmsCore::c('page')->addPathway($pagetitle); cmsCore::c('page')->addHeadJsLang(array('WRONG_PASS')); // Если пользователь авторизован, то не показываем форму регистрации, редирект в профиль. if (cmsCore::c('user')->id && !cmsCore::c('user')->is_admin) { if ($inCore->menuId() == 1) { return; } else { cmsCore::redirect(cmsUser::getProfileURL(cmsCore::c('user')->login)); } } $correct_invite = (cmsUser::sessionGet('invite_code') ? true : false); if (cmsCore::m('registration')->config['reg_type']=='invite' && cmsCore::inRequest('invite_code')){ $invite_code = cmsCore::request('invite_code', 'str', ''); $correct_invite = cmsCore::m('users')->checkInvite($invite_code); if ($correct_invite) { cmsUser::sessionPut('invite_code', $invite_code); } else { cmsCore::addSessionMessage($_LANG['INCORRECT_INVITE'], 'error'); } } $item = cmsUser::sessionGet('item'); if($item){ cmsUser::sessionDel('item'); } if(empty($item['birthdate'])){ $item['birthdate'] = date('Y-m-d'); } $private_forms = array(); if(isset(cmsCore::m('users')->config['privforms'])){ if (is_array(cmsCore::m('users')->config['privforms'])){ foreach(cmsCore::m('users')->config['privforms'] as $form_id){ $private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, array(), true)); } } } cmsPage::initTemplate('components', 'com_registration')-> assign('cfg', cmsCore::m('registration')->config)-> assign('item', $item)-> assign('pagetitle', $pagetitle)-> assign('correct_invite', $correct_invite)-> assign('private_forms', $private_forms)-> display(); } //============================================================================// if ($do=='activate'){ $code = cmsCore::request('code', 'str', ''); if (empty($code)) { cmsCore::error404(); } $user_id = cmsCore::c('db')->get_field('cms_users_activate', "code = '". $code ."'", 'user_id'); if (!$user_id){ cmsCore::error404(); } cmsCore::c('db')->query("UPDATE cms_users SET is_locked = 0 WHERE id = '$user_id'"); cmsCore::c('db')->query("DELETE FROM cms_users_activate WHERE code = '$code'"); cmsCore::callEvent('USER_ACTIVATED', $user_id); if (cmsCore::m('registration')->config['send_greetmsg']){ cmsCore::m('registration')->sendGreetsMessage($user_id); } // Регистрируем событие cmsActions::log('add_user', array( 'object' => '', 'user_id' => $user_id, 'object_url' => '', 'object_id' => $user_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => '' )); cmsCore::addSessionMessage($_LANG['ACTIVATION_COMPLETE'], 'info'); cmsUser::goToLogin(); } //============================================================================// if ($do=='auth'){ //====================// //== разлогивание ==// if (cmsCore::inRequest('logout')) { cmsCore::c('user')->logout(); cmsCore::redirect('/'); } //====================// //== авторизация ==// if( !cmsCore::inRequest('logout') ) { // флаг неуспешных авторизаций $anti_brute_force = cmsUser::sessionGet('anti_brute_force'); $login = cmsCore::request('login', 'str', ''); $passw = cmsCore::request('pass', 'str', ''); $remember_pass = cmsCore::inRequest('remember'); // если нет логина или пароля, показываем форму входа if (!$login || !$passw){ if(cmsCore::c('user')->id && !cmsCore::c('user')->is_admin) { cmsCore::redirect('/'); } cmsCore::c('page')->setTitle($_LANG['SITE_LOGIN']); cmsCore::c('page')->addPathway($_LANG['SITE_LOGIN']); cmsPage::initTemplate('components', 'com_registration_login')-> assign('cfg', cmsCore::m('registration')->config)-> assign('anti_brute_force', $anti_brute_force)-> assign('is_sess_back', cmsUser::sessionGet('auth_back_url'))-> display(); if (!mb_strstr(cmsCore::getBackURL(), 'login')) { cmsUser::sessionPut('auth_back_url', cmsCore::getBackURL()); } return; } if(!cmsUser::checkCsrfToken()) { cmsCore::error404(); } // Проверяем каптчу if($anti_brute_force && !cmsCore::checkCaptchaCode()) { cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error'); cmsCore::redirect('/login'); } cmsUser::sessionDel('anti_brute_force'); $back_url = cmsCore::c('user')->signInUser($login, $passw, $remember_pass); cmsCore::redirect($back_url); } } //============================================================================// if ($do=='autherror'){ cmsUser::sessionPut('anti_brute_force', 1); cmsPage::includeTemplateFile('special/autherror.php'); cmsCore::halt(); } //============================================================================// }