function shopFinishOrder($cfg){
$inCore = cmsCore::getInstance();
$inDB = cmsDatabase::getInstance();
$inPage = cmsPage::getInstance();
$inUser = cmsUser::getInstance();
$inConf = cmsConfig::getInstance();
global $_LANG;
if (isset($inUser->id)){ $user_id = $inUser->id; } else { $user_id = 0; }
$sid = session_id();
$inPage->setTitle($_LANG['ORDER_COMPLETE']);
if ($user_id){ $user_sql = "(c.user_id=$user_id OR session_id='$sid')"; } else { $user_sql = "(c.user_id=0 AND c.session_id='$sid')"; }
$sql = "SELECT i.title as title, i.id as id, i.canmany as canmany, i.price as price,
c.id as cid, c.itemscount as itemscount,
cat.id as category_id, cat.title as category
FROM cms_uc_items i, cms_uc_cart c, cms_uc_cats cat
WHERE $user_sql AND c.item_id = i.id AND i.category_id = cat.id
ORDER BY c.pubdate";
$rs = $inDB->query($sql) ;
if ($inDB->num_rows($rs)){
//check user data
$customer = array();
if(!empty($_REQUEST['customer_fio'])) { $customer['fio'] = $inCore->request('customer_fio', 'str'); } else { $error .= $_LANG['EMPTY_NAME'].'<br/>'; }
if(!empty($_REQUEST['customer_phone'])) { $customer['phone'] = $inCore->request('customer_phone', 'str'); } else { $error .= $_LANG['EMPTY_PHONE'].'<br/>'; }
$customer['company'] = $inCore->request('customer_company', 'str');
$customer['email'] = $inCore->request('customer_email', 'str');
$customer['comment'] = $inCore->request('customer_comment', 'str');
if(!cmsCore::checkCaptchaCode()) { $error .= $_LANG['ERR_CAPTCHA'].'<br/>'; }
//BUILD MESSAGE
if($error==''){
// письмо администратору
$a_mail_message = $_LANG['GET_ORDER_FROM_CATALOG']." \"".$inConf->sitename."\".\n\n";
$a_mail_message .= $_LANG['CUSTOMER']."\n-----------------------------\r\n";
$a_mail_message .= $_LANG['FIO'].": " . $customer['fio'] . "\n";
if($customer['company']){
$a_mail_message .= $_LANG['COMPANY'].": " . $customer['company'] . "\n";
}
$a_mail_message .= $_LANG['PHONE'].": " . $customer['phone'] . "\n";
$a_mail_message .= "EMAIL: " . $customer['email'] . "\n";
if($customer['comment']){
$a_mail_message .= $_LANG['ORDER_COMMENT'].": " . @$customer['comment'] . "\n\n";
}
$a_mail_message .= $_LANG['ORDER']."\n---------------------------------\n";
//////////////////////////////////////////////////////////////////////////////////////
// список покупок
$row=0; $total = 0;
$item_mail_message = '';
while($item = $inDB->fetch_assoc($rs)){
$row++;
$item['price'] = shopDiscountPrice($item['id'], $item['category_id'], $item['price']);
$item['totalprice'] = $item['price'] * $item['itemscount'];
$item['price'] = number_format($item['price'], 2, '.', '');
$item['totalprice'] = number_format($item['totalprice'], 2, '.', '');
$total += $item['totalprice'];
$item_mail_message .= $row . '. ' . $item['title'] . ' (' . $item['itemscount'] . ' x ' . $item['price'] . ' '.$_LANG['CURRENCY'].') = ' . $item['totalprice'] . ' '.$_LANG['CURRENCY'] . "\n";
}
ob_start(); shopDiscountsInfo($total); ob_clean();
$total = number_format($total, 2, '.', '');
$item_mail_message .= "\n" . $_LANG['TOTAL_ORDER_PRICE'].': '.$total.' '.$_LANG['CURRENCY'] . "\n";
//////////////////////////////////////////////////////////////////////////////////////
$email_subj = str_replace('{sitename}', $inConf->sitename, $_LANG['EMAIL_SUBJECT']);
$inCore->mailText($cfg['email'], $_LANG['ADMIN_EMAIL_SUBJECT'], $a_mail_message . $item_mail_message);
if ($cfg['notice'] && $customer['email']){
$inCore->mailText($customer['email'], $_LANG['CUSTOMER_EMAIL_SUBJECT'], $item_mail_message);
}
//order completed
echo '<div class="con_heading">'.$_LANG['THANK'].'!</div>';
echo '<p style="clear:both"><b>'.$_LANG['CUSTOMER_EMAIL_SUBJECT'].'.</b><br/>'.$_LANG['CUSTOMER_EMAIL_TEXT'].'</p>';
echo '<p><a href="/">'.$_LANG['CONTINUE'].'</a></p>';
shopClearCart();
} else {
//order failed
echo '<div class="con_heading">'.$_LANG['ERROR'].'!</div>';
echo '<p style="clear:both; color:red">'.$error.'</p>';
echo '<p><a href="/catalog/order.html">'.$_LANG['BACK'].'</a></p>';
}
} else {
//NO ITEMS
echo '<p>'.$_LANG['NOITEMS_IN_CART'].'</p>';
echo '<div id="cart_buttons2">';
echo '<a href="/catalog" title="'.$_LANG['BACK_TO_SHOP'].'">';
echo '<img src="/components/catalog/images/shop/cartback.jpg" border="0" alt="'.$_LANG['BACK_TO_SHOP'].'"/>';
echo '</a> ';
echo '</div>';
}
}
function forms()
{
cmsCore::loadClass('form');
$do = cmsCore::getInstance()->do;
global $_LANG;
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'view') {
// Получаем форму
$form = cmsForm::getFormData(cmsCore::request('form_id', 'int'));
if (!$form) {
cmsCore::error404();
}
// Получаем данные полей формы
$form_fields = cmsForm::getFormFields($form['id']);
// Если полей нет, 404
if (!$form_fields) {
cmsCore::error404();
}
$errors = array();
$attachment = array();
// Получаем данные формы
// Если не переданы, назад
$form_input = cmsForm::getFieldsInputValues($form['id']);
if (!$form_input) {
$errors[] = $_LANG['FORM_ERROR'];
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
$errors[] = $field_error;
}
}
// проверяем каптчу
if (!cmsCore::checkCaptchaCode(cmsCore::request('code', 'str'))) {
$errors[] = $_LANG['ERR_CAPTCHA'];
}
if ($errors) {
if (cmsCore::isAjax()) {
cmsCore::jsonOutput(array('error' => true, 'text' => end($errors)));
} else {
foreach ($errors as $error) {
cmsCore::addSessionMessage($error, 'error');
}
cmsCore::redirectBack();
}
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// Подготовим начало письма
$mail_message = '<h3>' . $_LANG['FORM'] . ': ' . $form['title'] . '</h3>';
// Добавляем заполненные поля в письмо
foreach ($form_fields as $field) {
// Значение поля
$value = $form_input['values'][$field['id']];
if (!$value) {
continue;
}
if (is_string($value)) {
$mail_message .= '<h5>' . $field['title'] . '</h5><p>' . $value . '</p>';
} elseif (is_array($value)) {
// если массив, значит к форме прикреплен файл
if ($form['sendto'] == 'mail') {
$attachment[] = !empty($value['url']) ? PATH . $value['url'] : '';
} elseif (!empty($value['url'])) {
$mail_message .= '<h5>' . $field['title'] . '</h5><p><a href="' . $value['url'] . '">' . $value['name'] . '</a></p>';
}
}
}
// Отправляем форму
if ($form['sendto'] == 'mail') {
cmsCore::mailText($form['email'], cmsConfig::getConfig('sitename') . ': ' . $form['title'], $mail_message, $attachment);
// удаляем прикрепленные файлы
foreach ($attachment as $attach) {
@unlink($attach);
}
} else {
cmsUser::sendMessage(-2, $form['user_id'], $mail_message);
}
cmsUser::sessionClearAll();
if (cmsCore::isAjax()) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['FORM_IS_SEND']));
} else {
cmsCore::addSessionMessage($_LANG['FORM_IS_SEND'], 'info');
cmsCore::redirectBack();
}
}
//========================================================================================================================//
}
function faq(){
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_faq();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { $inCore->loadClass('billing'); }
global $_LANG;
$pagetitle = $inCore->getComponentTitle();
$inPage->addPathway($pagetitle, '/faq');
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
$inPage->addHeadJsLang(array('ERR_QUESTION'));
$cfg = $inCore->loadComponentConfig('faq');
if(!isset($cfg['guest_enabled'])) { $cfg['guest_enabled'] = 1; }
if(!isset($cfg['user_link'])) { $cfg['user_link'] = 1; }
if(!isset($cfg['publish'])) { $cfg['publish'] = 0; }
if(!isset($cfg['is_comment'])) { $cfg['is_comment'] = 1; }
$id = $inCore->request('id', 'int', 0);
$do = $inCore->do;
///////////////////////////////////// VIEW CATEGORY ////////////////////////////////////////////////////////////////////////////////
if ($do=='view'){
if($id>0){
//CURRENT CATEGORY
$sql = "SELECT *
FROM cms_faq_cats
WHERE id = '$id'
ORDER BY title ASC LIMIT 1
";
$result = $inDB->query($sql) ;
if (!$inDB->num_rows($result)) { cmsCore::error404(); }
$cat = $inDB->fetch_assoc($result);
//PAGE HEADING
$pagetitle = $cat['title'];
$inPage->setTitle($cat['title']);
$inPage->addPathway($cat['title']);
$inPage->setDescription($cat['title']);
}
//LIST OF SUBCATEGORIES
$sql = "SELECT *
FROM cms_faq_cats
WHERE parent_id = $id AND id > 0 AND published = 1
ORDER BY title ASC
";
$result = $inDB->query($sql) ;
if ($inDB->num_rows($result)){
$subcats = array();
while($subcat = $inDB->fetch_assoc($result)){
$subcats[] = $subcat;
}
$is_subcats = true;
} else {
$is_subcats = false;
}
//CURRENT CATEGORY CONTENT
$perpage = 15;
$page = $inCore->request('page', 'int', 1);
$records = 0;
if ($id > 0){
$sql = "SELECT q.*, u.login, u.nickname
FROM cms_faq_quests q
LEFT JOIN cms_users u ON u.id = q.user_id
WHERE q.category_id = $id AND q.published = 1
ORDER BY q.pubdate DESC
LIMIT ".(($page-1)*$perpage).", $perpage";
$result_total = $inDB->query("SELECT id FROM cms_faq_quests WHERE category_id = $id AND published = 1") ;
$records = $inDB->num_rows($result_total);
} else {
$sql = "SELECT q.*, c.title cat_title, c.id cid, u.login, u.nickname
FROM cms_faq_quests q
LEFT JOIN cms_faq_cats c ON c.id = q.category_id
LEFT JOIN cms_users u ON u.id = q.user_id
WHERE q.published = 1
ORDER BY q.pubdate DESC
LIMIT 15";
}
$result = $inDB->query($sql) ;
if ($inDB->num_rows($result)){
$quests = array();
while($con = $inDB->fetch_assoc($result)){
$con['pubdate'] = $inCore->dateFormat($con['pubdate'], true, false, false);
$con['quest'] = nl2br($con['quest']);
$quests[] = $con;
}
$is_quests = true;
} else {
$is_quests = false;
}
cmsPage::initTemplate('components', 'com_faq_view')->
assign('pagetitle', $pagetitle)->
assign('id', $id)->
assign('subcats', $subcats)->
assign('is_subcats', $is_subcats)->
assign('quests', $quests)->
assign('cfg', $cfg)->
assign('is_quests', $is_quests)->
assign('is_user', $inUser->id)->
assign('pagebar', cmsPage::getPagebar($records, $page, $perpage, '/faq/%id%-%page%', array('id'=>$id)))->
display();
}
///////////////////////////////////// READ QUESTION ////////////////////////////////////////////////////////////////////////////////
if ($do=='read'){
$sql = "SELECT con.*,
cat.title cat_title, cat.id cat_id, u.login, u.nickname
FROM cms_faq_quests con
LEFT JOIN cms_faq_cats cat ON cat.id = con.category_id
LEFT JOIN cms_users u ON u.id = con.user_id
WHERE con.id = $id LIMIT 1";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)){
$inDB->query("UPDATE cms_faq_quests SET hits = hits + 1 WHERE id = $id") ;
$quest = $inDB->fetch_assoc($result);
$quest['pubdate'] = $inCore->dateFormat($quest['pubdate'], true, false, false);
$quest['answerdate'] = $inCore->dateFormat($quest['answerdate'], true, false, false);
if (mb_strlen($quest['quest'])>40) { $shortquest = mb_substr($quest['quest'], 0, 40).'...'; }
else { $shortquest = $quest['quest']; }
$quest['quest'] = nl2br($quest['quest']);
$inPage->setTitle($shortquest);
$inPage->setDescription($shortquest);
$inPage->addPathway($quest['cat_title'], '/faq/'.$quest['cat_id']);
$inPage->addPathway($shortquest);
cmsPage::initTemplate('components', 'com_faq_read')->
assign('quest', $quest)->
assign('cfg', $cfg)->
assign('labels', array('comments' => $_LANG['ANSWERS'], 'add' => $_LANG['REPLY'], 'rss' => $_LANG['RSS_FEED'], 'not_comments' => $_LANG['NOT_ANSWERS']))->
assign('is_admin', $inUser->is_admin)->
display();
} else { cmsCore::error404(); }
}
///////////////////////////////////// SEND QUEST ////////////////////////////////////////////////////////////////////////////////
if ($do=='sendquest'){
if (!$inUser->id && !$cfg['guest_enabled']){ cmsCore::error404(); }
$inPage->setTitle($_LANG['SET_QUESTION']);
$inPage->addPathway($_LANG['SET_QUESTION']);
$inPage->addHeadJS('components/faq/js/common.js');
$error = '';
$captha_code = $inCore->request('code', 'str', '');
$message = $inCore->request('message', 'str', '');
$category_id = $inCore->request('category_id', 'int', '');
$published = ($inUser->is_admin || $cfg['publish']) ? 1 : 0;
$is_submit = $inCore->inRequest('message');
if ($is_submit && !$inUser->id && !cmsCore::checkCaptchaCode()) { $error = $_LANG['ERR_CAPTCHA']; }
if (!$is_submit || $error){
if (IS_BILLING && $inUser->id){ cmsBilling::checkBalance('faq', 'add_quest'); }
cmsPage::initTemplate('components', 'com_faq_add')->
assign('catslist', $inCore->getListItems('cms_faq_cats', $category_id))->
assign('user_id', $inUser->id)->
assign('message', htmlspecialchars($inCore->request('message', 'html', '')))->
assign('error', $error)->
display();
} else {
//SAVE QUESTION
$sql = "INSERT INTO cms_faq_quests (category_id, pubdate, published, quest, answer, user_id, answeruser_id, answerdate, hits)
VALUES ('$category_id', NOW(), '$published', '$message', '', '{$inUser->id}', 0, NOW(), 0)";
$inDB->query($sql);
$quest_id = $inDB->get_last_id('cms_faq_quests');
if (IS_BILLING && $inUser->id){ cmsBilling::process('faq', 'add_quest'); }
$inPage->setTitle($_LANG['QUESTION_SEND']);
$inPage->addPathway($_LANG['QUESTION_SEND']);
if (!$published){
echo '<div class="con_heading">'.$_LANG['QUESTION_SEND'].'</div>';
echo '<div style="margin-top:10px">'.$_LANG['QUESTION_PREMODER'].'</div>';
echo '<div style="margin-top:10px"><a href="/faq">'.$_LANG['CONTINUE'].'</a></div>';
} elseif ($published) {
$category = $inDB->get_field('cms_faq_cats', "id={$category_id}", 'title');
//регистрируем событие
cmsActions::log('add_quest', array(
'object' => $_LANG['QUESTION'],
'object_url' => '/faq/quest'.$quest_id.'.html',
'object_id' => $quest_id,
'target' => $category,
'target_url' => '/faq/'.$category_id,
'target_id' => $category_id,
'description' => strip_tags( mb_strlen(strip_tags($message))>100 ? mb_substr($message, 0, 100) : $message )
));
$inCore->redirect('/faq/quest'.$quest_id.'.html');
} else { $inCore->redirect('/faq/quest'.$quest_id.'.html'); }
}
}
///////////////////////////////////// DELETE QUEST ////////////////////////////////////////////////////////////////////////////////
if ($do=='delquest'){
$quest_id = $inCore->request('quest_id', 'int', 0);
$user_id = $inUser->id;
$sql = "SELECT con.id, con.quest, con.category_id
FROM cms_faq_quests con
WHERE con.id = '$quest_id' LIMIT 1";
$result = $inDB->query($sql);
$quest = $inDB->fetch_assoc($result);
if (!$user_id || !$quest_id || !$quest) { $inCore->redirectBack(); }
if ( !$inCore->inRequest('confirm') ) {
if (cmsUser::userIsAdmin($user_id)){
$inPage->setTitle($_LANG['DEL_QUES']);
$inPage->addPathway($_LANG['DEL_QUES']);
$confirm['title'] = $_LANG['DELETE_QUES'];
$confirm['text'] = $_LANG['YOU_REALY_DELETE_QUES'].':<br> "<a href="/faq/quest'.$quest['id'].'.html">'.$quest['quest'].'</a>"<br><br>';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
$confirm['yes_button']['name'] = 'confirm';
cmsPage::initTemplate('components', 'action_confirm')->
assign('confirm', $confirm)->
display();
} else {
$inCore->redirectBack();
}
}
if ( $inCore->inRequest('confirm') ){
if (cmsUser::userIsAdmin($user_id)){
$model->deleteQuest($quest_id);
}
$inCore->redirect('/faq/'.$quest['category_id']);
}
}
} //function
function board() {
$inCore = cmsCore::getInstance();
global $_LANG;
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
$do = $inCore->do;
$pagetitle = $inCore->getComponentTitle();
$pagekeys = $pagedesc = '';
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->addPathway($pagetitle, '/board');
/////////////////////////////// VIEW CATEGORY //////////////////////////////////
if ($do == 'view') {
//Получаем текущую категорию
$category = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id);
if (!$category || (!$category['published'] && !cmsCore::c('user')->is_admin)) {
cmsCore::error404();
}
if ($category['id'] != cmsCore::m('board')->root_cat['id']) {
$pagetitle = $category['pagetitle'] ? $category['pagetitle'] : $category['title'];
$pagekeys = $category['meta_keys'];
$pagedesc = $category['meta_desc'];
$category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $category['NSLeft'], $category['NSRight']);
if ($category_path) {
foreach($category_path as $pcat) {
cmsCore::c('page')->addPathway($pcat['title'], '/board/'. $pcat['id']);
}
}
} else {
$category['title'] = $pagetitle = $inCore->menuTitle();
$category['description'] = cmsCore::m('board')->config['root_description'];
$pagekeys = cmsCore::m('board')->config['meta_keys'];
$pagedesc = cmsCore::m('board')->config['meta_desc'];
}
// rss в адресной строке
$rss_cat_id = $category['id'] == cmsCore::m('board')->root_cat['id'] ? 'all' : $category['id'];
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'. $_LANG['BOARD'] .'" href="'. HOST .'/rss/board/'. $rss_cat_id .'/feed.rss">');
//Формируем категории
$cats = cmsCore::m('board')->getSubCats($category['id']);
// Формируем список объявлений
// Устанавливаем категорию
if ($category['id'] != cmsCore::m('board')->root_cat['id']) {
cmsCore::m('board')->whereThisAndNestedCats($category['NSLeft'], $category['NSRight']);
}
//Город
if (cmsCore::m('board')->city) {
cmsCore::m('board')->whereCityIs(cmsCore::m('board')->city);
$pagetitle .= ' :: '. cmsCore::m('board')->city;
}
// Типы объявлений
if (cmsCore::m('board')->obtype && mb_stristr(icms_ucfirst($category['obtypes']), cmsCore::m('board')->obtype)) {
cmsCore::m('board')->whereTypeIs(cmsCore::m('board')->obtype);
$pagetitle .= ' :: '. cmsCore::m('board')->obtype;
}
// модератор или админ
$is_moder = cmsCore::c('user')->is_admin || cmsCore::m('board')->is_moderator_by_group;
// Общее количество объявлений по заданным выше условиям
$total = cmsCore::m('board')->getAdvertsCount($is_moder, true);
//устанавливаем сортировку
$orderby = cmsCore::m('board')->getOrder('orderby', $category['orderby']);
$orderto = cmsCore::m('board')->getOrder('orderto', $category['orderto']);
cmsCore::c('db')->orderBy('is_vip DESC, '. $orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во объявлений на странице
cmsCore::c('db')->limitPage(cmsCore::m('board')->page, $category['perpage']);
// Получаем объявления
$items = cmsCore::m('board')->getAdverts($is_moder, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if (!$items && cmsCore::m('board')->page > 1) { cmsCore::error404(); }
// если не указаны ключевые слова, формируем их из названий рубрик и типов
if (!$pagekeys && $cats) {
foreach($cats as $c) {
$keys[] = $c['title'];
foreach (explode("\n", $c['obtypes']) as $obtype) {
$keys[] = trim($obtype);
}
}
$pagekeys = implode(',', $keys);
} else if(!$cats) {
$pagekeys = $category['title'];
}
// если не указано описание, формируем из текущих объявлений
if (!$pagedesc && $items) {
foreach ($items as $i) {
$desc[] = $i['title'];
}
$pagedesc = implode('. ', $desc);
} else if(!$items && $category['description']) {
$pagedesc = crop($category['description']);
}
// Проставляем заголовки страницы и описание согласно выборки
cmsCore::c('page')->setDescription(crop($pagedesc));
cmsCore::c('page')->setKeywords($pagekeys);
cmsCore::c('page')->setTitle($pagetitle);
// Отдаем в шаблон категории
cmsPage::initTemplate('components', 'com_board_cats')->
assign('cats', $cats)->
assign('category', $category)->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('is_user', cmsCore::c('user')->id)->
assign('maxcols', cmsCore::m('board')->config['maxcols'])->
display();
$pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, $category['perpage'], '/board/%catid%-%page%', array('catid'=>$category['id']));
$order_form = $category['orderform'] ? cmsCore::m('board')->orderForm($orderby, $orderto, $category) : '';
// Отдаем в шаблон объявления
cmsPage::initTemplate('components', 'com_board_items')->
assign('order_form', $order_form)->
assign('cfg', cmsCore::m('board')->config)->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('items', $items)->
assign('cat', $category)->
assign('maxcols', $category['maxcols'])->
assign('colwidth', round(100/$category['maxcols']))->
assign('pagebar', $pagebar)->
display();
}
/////////////////////////////// VIEW USER ADV //////////////////////////////////
if ($do == 'by_user') {
// логин пользователя
$login = cmsCore::request('login', 'str', cmsCore::c('user')->login);
// получаем данные пользователя
$user = cmsUser::getShortUserData($login);
if (!$user) { cmsCore::error404(); }
$myprofile = cmsCore::m('board')->checkAccess($user['id']);
cmsCore::c('page')->addPathway($user['nickname']);
cmsCore::c('page')->setTitle($_LANG['BOARD'] .' - '. $user['nickname']);
cmsCore::c('page')->setDescription($_LANG['BOARD'] .' - '. $user['nickname']);
// Формируем список объявлений
cmsCore::m('board')->whereUserIs($user['id']);
// Общее количество объявлений по заданным выше условиям
$total = cmsCore::m('board')->getAdvertsCount($myprofile);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('pubdate', 'DESC');
//устанавливаем номер текущей страницы и кол-во объявлений на странице
cmsCore::c('db')->limitPage(cmsCore::m('board')->page, 15);
// Получаем объявления
$items = cmsCore::m('board')->getAdverts($myprofile, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if(!$items && cmsCore::m('board')->page > 1){ cmsCore::error404(); }
// Пагинация
$pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, 15, '/board/by_user_'.$login.'/page-%page%');
// Показываем даты
$category['showdate'] = 1;
cmsPage::initTemplate('components', 'com_board_items')->
assign('cfg', cmsCore::m('board')->config)->
assign('page_title', $_LANG['BOARD'].' - '.$user['nickname'])->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('items', $items)->
assign('cat', $category)->
assign('maxcols', 1)->
assign('colwidth', 100)->
assign('pagebar', $pagebar)->
display();
}
/////////////////////////////// VIEW ITEM //////////////////////////////////////
if ($do == 'read') {
// получаем объявление
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
// неопубликованные показываем админам, модераторам и автору
if (!$item['published'] && !$item['moderator']) { cmsCore::error404(); }
// для неопубликованного показываем инфо: просрочено/на модерации
if (!$item['published']) {
$info_text = $item['is_overdue'] ? $_LANG['ADV_IS_EXTEND'] : $_LANG['ADV_IS_MODER'];
cmsCore::addSessionMessage($info_text, 'info');
} else {
// увеличиваем кол-во просмотров
cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'hits', $item['hits']+1);
}
// формируем заголовок и тело сообщения
$item['title'] = $item['obtype'].' '.$item['title'];
$item['content'] = nl2br($item['content']);
$item['content'] = cmsCore::m('board')->config['auto_link'] ? $inCore->parseSmiles($item['content']) : $item['content'];
$category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $item['NSLeft'], $item['NSRight']);
if ($category_path) {
foreach ($category_path as $pcat) {
cmsCore::c('page')->addPathway($pcat['title'], '/board/'.$pcat['id']);
}
}
cmsCore::c('page')->addPathway($item['title']);
$pagetitle = $item['pagetitle'] ? $item['pagetitle'] : $item['title'];
$pagekeys = $item['meta_keys'] ? $item['meta_keys'] : $item['title'];
$pagedesc = $item['meta_desc'] ? $item['meta_desc'] : $item['content'];
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->setDescription(crop($pagedesc));
cmsCore::c('page')->setKeywords($pagekeys);
cmsPage::initTemplate('components', 'com_board_item')->
assign('item', $item)->
assign('cfg', cmsCore::m('board')->config)->
assign('user_id', cmsCore::c('user')->id)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('formsdata', cmsForm::getFieldsValues($item['form_id'], $item['form_array']))->
assign('is_moder', cmsCore::m('board')->is_moderator_by_group)->
display();
}
/////////////////////////////// NEW BOARD ITEM /////////////////////////////////
if ($do == 'additem') {
// Получаем категории, в которые может загружать пользователь
$catslist = cmsCore::m('board')->getPublicCats(cmsCore::m('board')->category_id);
if (!$catslist) {
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV_ANY'], 'error');
$inCore->redirect('/board');
}
$cat['is_photos'] = 1;
$formsdata = array();
if (cmsCore::m('board')->category_id && cmsCore::m('board')->category_id != cmsCore::m('board')->root_cat['id']) {
$cat = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id);
$formsdata = cmsForm::getFieldsHtml($cat['form_id']);
}
cmsCore::c('page')->addPathway($_LANG['ADD_ADV']);
if ( !cmsCore::inRequest('submit') ) {
if (IS_BILLING) { cmsBilling::checkBalance('board', 'add_item'); }
cmsCore::c('page')->setTitle($_LANG['ADD_ADV']);
$item = cmsUser::sessionGet('item');
if ($item) { cmsUser::sessionDel('item'); }
$item['city'] = !empty($item['city']) ? $item['city'] : cmsCore::c('user')->city;
cmsPage::initTemplate('components', 'com_board_edit')->
assign('action', "/board/add.html")->
assign('form_do', 'add')->
assign('cfg', cmsCore::m('board')->config)->
assign('cat', $cat)->
assign('item', $item)->
assign('pagetitle', $_LANG['ADD_ADV'])->
assign('formsdata', $formsdata)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('is_user', cmsCore::c('user')->id)->
assign('catslist', $catslist)->
assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)->
display();
cmsUser::sessionClearAll();
return;
}
if ( cmsCore::inRequest('submit') ) {
// проверяем на заполненость скрытое поле
$title_fake = cmsCore::request('title_fake', 'str', '');
// если оно заполнено, считаем что это бот, 404
if ($title_fake) { cmsCore::error404(); }
$errors = false;
// проверяем наличие категории
if (!$cat['id']) {
cmsCore::addSessionMessage($_LANG['NEED_CAT_ADV'], 'error');
$errors = true;
}
// Проверяем количество добавленных за сутки
if (!cmsCore::m('board')->checkLoadedByUser24h($cat)){
cmsCore::addSessionMessage($_LANG['MAX_VALUE_OF_ADD_ADV'], 'error');
$errors = true;
}
// Можем ли добавлять в эту рубрику
if (!cmsCore::m('board')->checkAdd($cat)){
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV'], 'error');
$errors = true;
}
// входные данные
$obtype = icms_ucfirst(cmsCore::request('obtype', 'str', ''));
$title = trim(str_ireplace($obtype, '', cmsCore::request('title', 'str', '')));
$content = cmsCore::request('content', 'str', '');
$city = cmsCore::request('city', 'str', '');
if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) {
$pagetitle = cmsCore::request('pagetitle', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$meta_desc = cmsCore::request('meta_desc', 'str', '');
} else {
$pagetitle = $meta_keys = $meta_desc = '';
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
$vipdays = cmsCore::request('vipdays', 'int', 0);
$published = cmsCore::m('board')->checkPublished($cat);
if (cmsCore::m('board')->config['srok']){ $pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50; }
if (!cmsCore::m('board')->config['srok']){ $pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14; }
// Проверяем значения
if (!$title) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$content) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$city) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
if (!cmsCore::c('user')->id && !cmsCore::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$item['content'] = htmlspecialchars(stripslashes($_REQUEST['content']));
$item['city'] = stripslashes($city);
$item['title'] = stripslashes($title);
$item['obtype'] = $obtype;
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/board/'. cmsCore::m('board')->category_id .'/add.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = cmsCore::m('board')->uploadPhoto('', $cat);
} else {
$file['filename'] = '';
cmsCore::addSessionMessage($_LANG['INFO_CAT_NO_PHOTO'], 'info');
}
$add = array(
'category_id' => cmsCore::m('board')->category_id,
'user_id' => cmsCore::c('user')->id,
'obtype' => $obtype,
'title' => $title,
'content' => $content,
'formsdata' => $formsdata,
'city' => $city,
'pubdays' => $pubdays,
'published' => $published,
'pagetitle' => $pagetitle,
'meta_keys' => $meta_keys,
'meta_desc' => $meta_desc,
'file' => $file['filename']
);
$add['id'] = cmsCore::m('board')->addRecord($add);
if (cmsCore::c('user')->is_admin && $vipdays) {
cmsCore::m('board')->setVip($add['id'], $vipdays);
}
if (IS_BILLING) {
cmsBilling::process('board', 'add_item');
if (cmsCore::m('board')->config['vip_enabled'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) {
if ($vipdays > cmsCore::m('board')->config['vip_max_days']) {
$vipdays = cmsCore::m('board')->config['vip_max_days'];
}
$summ = $vipdays * cmsCore::m('board')->config['vip_day_cost'];
if (cmsCore::c('user')->balance >= $summ) {
cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']);
cmsCore::m('board')->setVip($add['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if ($published) {
//регистрируем событие
cmsActions::log('add_board', array(
'object' => $obtype .' '. $title,
'object_url' => '/board/read'. $add['id'] .'.html',
'object_id' => $add['id'],
'target' => $cat['title'],
'target_url' => '/board/'. $cat['id'],
'target_id' => $cat['id'],
'description' => ''
));
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'], 'success');
cmsCore::callEvent('ADD_BOARD_DONE', $add);
cmsCore::redirect('/board/read'. $add['id'] .'.html');
}
if (!$published) {
$link = '<a href="/board/read'. $add['id'] .'.html">'. $obtype .' '. $title .'</a>';
if (cmsCore::c('user')->id) {
$user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>';
} else {
$user = $_LANG['BOARD_GUEST'] .', ip: '. cmsCore::c('user')->ip;
}
$message = str_replace('%user%', $user, $_LANG['MSG_ADV_SUBMIT']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'] .'<br>'. $_LANG['ADV_PREMODER_TEXT'], 'success');
cmsCore::redirect('/board/'.cmsCore::m('board')->category_id);
}
}
}
/////////////////////////////// EDIT BOARD ITEM ////////////////////////////////
if ($do == 'edititem') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
$cat = cmsCore::m('board')->getCategory($item['category_id']);
if (!$cat || !$item) { cmsCore::error404(); }
cmsCore::c('page')->setTitle($_LANG['EDIT_ADV']);
cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']);
cmsCore::c('page')->addPathway($_LANG['EDIT_ADV']);
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
$errors = false;
if (!cmsCore::inRequest('submit')) {
cmsPage::initTemplate('components', 'com_board_edit')->
assign('action', "/board/edit{$item['id']}.html")->
assign('form_do', 'edit')->
assign('cfg', cmsCore::m('board')->config)->
assign('cat', $cat)->
assign('item', $item)->
assign('pagetitle', $_LANG['EDIT_ADV'])->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('catslist', cmsCore::m('board')->getPublicCats($item['category_id'], true))->
assign('formsdata', cmsForm::getFieldsHtml($cat['form_id'], $item['form_array']))->
assign('is_user', cmsCore::c('user')->id)->
assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)->
display();
cmsUser::sessionClearAll();
}
if (cmsCore::inRequest('submit')) {
$new_cat_id = cmsCore::request('category_id', 'int', 0);
if ($new_cat_id) {
$item['category_id'] = $new_cat_id;
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
if ($item['is_overdue'] && !$item['published']) {
if (cmsCore::m('board')->config['srok']) {
$pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50;
}
if (!cmsCore::m('board')->config['srok']) {
$pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14;
}
$pubdate = date('Y-m-d H:i:s');
} else {
$pubdays = $item['pubdays'];
$pubdate = $item['fpubdate'];
}
$update['obtype'] = icms_ucfirst(cmsCore::request('obtype', 'str'));
$update['title'] = trim(str_ireplace($update['obtype'], '', cmsCore::request('title', 'str', '')));
$update['category_id'] = $item['category_id'];
$update['content'] = cmsCore::request('content', 'str', '');
$update['formsdata'] = $formsdata;
$update['city'] = cmsCore::request('city', 'str', '');
$update['pubdate'] = $pubdate;
$update['pubdays'] = $pubdays;
$update['published'] = cmsCore::m('board')->checkPublished($cat, true);
if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) {
$update['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$update['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$update['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
if (!$update['title']) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$update['content']) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$update['city']) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$inCore->redirect('/board/edit'. $item['id'] .'.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = cmsCore::m('board')->uploadPhoto($item['file'], $cat);
}
$update['file'] = $file['filename'] ? $file['filename'] : $item['file'];
// обновляем объявление
cmsCore::m('board')->updateRecord($item['id'], $update);
// обновляем запись в ленте активности
cmsActions::updateLog('add_board', array('object' => $update['obtype'] .' '. $update['title']), $item['id']);
$vipdays = cmsCore::request('vipdays', 'int', 0);
if (cmsCore::c('user')->is_admin) {
if ($vipdays > 0) {
cmsCore::m('board')->setVip($item['id'], $vipdays);
}
if ($vipdays == -1) {
cmsCore::m('board')->deleteVip($item['id']);
}
}
if (IS_BILLING) {
if (cmsCore::m('board')->config['vip_enabled'] && cmsCore::m('board')->config['vip_prolong'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) {
if ($vipdays > cmsCore::m('board')->config['vip_max_days']) {
$vipdays = cmsCore::m('board')->config['vip_max_days'];
}
$summ = $vipdays * cmsCore::m('board')->config['vip_day_cost'];
if (cmsCore::c('user')->balance >= $summ) {
cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']);
cmsCore::m('board')->setVip($item['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if (!$update['published']) {
$link = '<a href="/board/read'. $item['id'] .'.html">'. $update['obtype'] .' '. $update['title'] .'</a>';
$user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>';
$message = str_replace(array('%link%','%user%'), array($link,$user), $_LANG['MSG_ADV_EDITED']);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_EDIT_PREMODER_TEXT'], 'info');
}
cmsCore::addSessionMessage($_LANG['ADV_MODIFIED'], 'success');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
}
///////////////////////// PUBLISH BOARD ITEM ///////////////////////////////////
if ($do == 'publish') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
// если уже опубликовано, 404
if ($item['published']) { cmsCore::error404(); }
// публиковать могут админы и модераторы доски
if (!cmsCore::c('user')->is_admin && !cmsCore::m('board')->is_moderator_by_group) {
cmsCore::error404();
}
// публикуем
cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'published', 1);
cmsCore::callEvent('ADD_BOARD_DONE', $item);
if ($item['user_id']) {
//регистрируем событие
cmsActions::log('add_board', array(
'object' => $item['obtype'] .' '. $item['title'],
'user_id' => $item['user_id'],
'object_url' => '/board/read'. $item['id'] .'.html',
'object_id' => $item['id'],
'target' => $item['category'],
'target_url' => '/board/'. $item['cat_id'],
'target_id' => $item['cat_id'],
'description' => ''
));
$link = '<a href="/board/read'. $item['id'] .'.html">'. $item['obtype'] .' '. $item['title'] .'</a>';
$message = str_replace('%link%', $link, $_LANG['MSG_ADV_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message);
}
cmsCore::addSessionMessage($_LANG['ADV_IS_ACCEPTED'], 'success');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
/////////////////////////////// DELETE BOARD ITEM //////////////////////////////
if ($do == 'delete') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/'. $item['cat_id']);
}
if (!cmsCore::inRequest('godelete')) {
cmsCore::c('page')->setTitle($_LANG['DELETE_ADV']);
cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']);
cmsCore::c('page')->addPathway($_LANG['DELETE_ADV']);
$confirm['title'] = $_LANG['DELETING_ADV'];
$confirm['text'] = $_LANG['YOU_SURE_DELETE_ADV'] .' "'. $item['title'] .'"?';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button']['name'] = 'godelete';
cmsPage::initTemplate('components', 'action_confirm')->
assign('confirm', $confirm)->
display();
}
if (cmsCore::inRequest('godelete')) {
cmsCore::m('board')->deleteRecord(cmsCore::m('board')->item_id);
cmsCore::addSessionMessage($_LANG['ADV_IS_DELETED'], 'success');
cmsCore::redirect('/board/'. $item['cat_id']);
}
}
}
function comments($target = '', $target_id = 0, $labels = array())
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
cmsCore::loadModel('comments');
$model = new cms_model_comments($labels);
// Проверяем включени ли компонент
if (!$inCore->isComponentEnable('comments')) {
return false;
}
// Инициализируем права доступа для группы текущего пользователя
$model->initAccess();
global $_LANG;
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$id = cmsCore::request('id', 'int', 0);
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$inPage->addHeadJS('components/comments/js/comments.js');
$inPage->addHeadJsLang(array('EDIT_COMMENT', 'CONFIRM_DEL_COMMENT', 'COMMENT_IN_LINK'));
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'view' && !$target && !$target_id) {
if (!$login) {
$myprofile = false;
$page_title = $inCore->getComponentTitle();
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . $_LANG['COMMENTS'] . '" href="' . HOST . '/rss/comments/all/feed.rss">');
} else {
// проверяем что пользователь есть
$user = cmsUser::getShortUserData($login);
if (!$user) {
cmsCore::error404();
}
// Мои комментарии
$myprofile = $inUser->id == $user['id'];
$page_title = $_LANG['COMMENTS'] . ' - ' . $user['nickname'];
$inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login']));
// Добавляем условие в выборку
$model->whereUserIs($user['id']);
}
$inPage->setTitle($page_title);
$inPage->addPathway($page_title);
// флаг модератора
$is_moder = $inUser->is_admin || $model->is_can_moderate;
// Не админам только открытые комментарии
if (!($is_moder || $myprofile)) {
$model->whereIsShow();
}
// Общее количество комментариев
$total = $model->getCommentsCount(!($is_moder || $myprofile));
// Сортировка и разбивка на страницы
$inDB->orderBy('c.pubdate', 'DESC');
$inDB->limitPage($page, $model->config['perpage']);
// Сами комментарии
$comments = $total ? $model->getComments(!($is_moder || $myprofile)) : array();
$inDB->resetConditions();
if (!$comments && $page > 1) {
cmsCore::error404();
}
// пагинация
if (!$login) {
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], '/comments/page-%page%');
} else {
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], 'javascript:centerLink(\'/comments/by_user_' . $user['login'] . '/page-%page%\')');
}
// Отдаем в шаблон
cmsPage::initTemplate('components', 'com_comments_list_all')->assign('comments_count', $total)->assign('comments', $comments)->assign('pagebar', $pagebar)->assign('is_user', $inUser->id)->assign('page_title', $page_title)->assign('cfg', $model->config)->assign('is_admin', $is_moder)->display('com_comments_list_all.tpl');
}
//========================================================================================================================//
//========================================================================================================================//
if (!in_array($do, array('add', 'edit', 'delete')) && $target && $target_id) {
if (!$model->config['cmm_ajax']) {
$model->whereTargetIs($target, $target_id);
$inDB->orderBy('c.pubdate', 'ASC');
$comments = cmsCore::callEvent('BEFORE_SHOW_COMMENTS', $model->getComments(!($inUser->is_admin || $model->is_can_moderate), true));
$total = count($comments);
ob_start();
cmsPage::initTemplate('components', 'com_comments_list')->assign('comments_count', $total)->assign('comments', $comments)->assign('user_can_moderate', $model->is_can_moderate)->assign('user_can_delete', $model->is_can_delete)->assign('user_can_add', $model->is_can_add)->assign('is_admin', $inUser->is_admin)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('labels', $model->labels)->assign('target', $target)->assign('target_id', $target_id)->display('com_comments_list.tpl');
$html = ob_get_clean();
} else {
$model->whereTargetIs($target, $target_id);
$total = $model->getCommentsCount(!($inUser->is_admin || $model->is_can_moderate));
$inDB->resetConditions();
}
cmsPage::initTemplate('components', 'com_comments_view')->assign('comments_count', $total)->assign('target', $target)->assign('target_id', $target_id)->assign('is_admin', $inUser->is_admin)->assign('labels', $model->labels)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('user_can_add', $model->is_can_add)->assign('html', isset($html) ? $html : '')->assign('add_comment_js', "addComment('" . $target . "', '" . $target_id . "', 0)")->assign('user_subscribed', cmsUser::isSubscribed($inUser->id, $target, $target_id))->display('com_comments_view.tpl');
}
//========================================================================================================================//
//========================================================================================================================//
// Добавление комментария, форма добавления в addform.php
if ($do == 'add') {
// Только аякс
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
// Очищаем буфер
ob_end_clean();
// Добавлять могут только админы и те, кому разрешено в настройках группы
if (!$model->is_can_add && !$inUser->is_admin) {
cmsCore::error404();
}
// Входные данные
$comment['guestname'] = cmsCore::request('guestname', 'str', '');
$comment['user_id'] = $inUser->id;
if ($model->is_can_bbcode) {
$content = cmsCore::request('content', 'html', '');
$comment['content_bbcode'] = $inDB->escape_string($content);
$content = cmsCore::parseSmiles($content, true);
$comment['content'] = $inDB->escape_string($content);
} else {
$comment['content'] = cmsCore::request('content', 'str', '');
$comment['content_bbcode'] = $comment['content'];
$comment['content'] = str_replace(array('\\r', '\\n'), '<br>', $comment['content']);
}
$comment['parent_id'] = cmsCore::request('parent_id', 'int', 0);
$comment['target'] = cmsCore::request('target', 'str', '');
$comment['target_id'] = cmsCore::request('target_id', 'int', 0);
$comment['ip'] = cmsCore::strClear($_SERVER['REMOTE_ADDR']);
// Проверяем правильность/наличие входных парамеров
// цель комментария
if (!$comment['target'] || !$comment['target_id']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET']));
}
// Имя гостя отсутствует
if (!$comment['guestname'] && !$inUser->id) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_USER_NAME']));
}
// Текст комментраия отсутствует
if (!$comment['content']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT']));
}
// проверяем каптчу
$need_captcha = $model->config['regcap'] ? true : ($inUser->id ? false : true);
if ($need_captcha && !cmsCore::checkCaptchaCode(cmsCore::request('code', 'str', ''))) {
cmsCore::jsonOutput(array('error' => true, 'is_captcha' => true, 'text' => $_LANG['ERR_CAPTCHA']));
}
// получаем массив со ссылкой и заголовком цели комментария
// для этого:
// 1. узнаем ответственный компонент из cms_comment_targets
$target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*');
if (!$target) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1'));
}
// 2. подключим модель этого компонента
if (cmsCore::loadModel($target['component'])) {
$model_class = 'cms_model_' . $target['component'];
if (class_exists($model_class)) {
$target_model = new $model_class();
}
}
if (!isset($target_model)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #2'));
}
// 3. запросим массив $target_data[link, title] у метода getCommentTarget модели
$target_data = $target_model->getCommentTarget($comment['target'], $comment['target_id']);
if (!$target_data) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #3'));
}
$comment['target_title'] = $target_data['title'];
$comment['target_link'] = $target_data['link'];
// 4. Узнаем видимость комментария в модели $target_model
if (method_exists($target_model, 'getVisibility')) {
$comment['is_hidden'] = $target_model->getVisibility($comment['target'], $comment['target_id']);
} else {
$comment['is_hidden'] = 0;
}
// публикация согласно настроек
$comment['published'] = $inUser->is_admin || $model->is_can_moderate || $model->is_add_published ? 1 : 0;
// Проверяем токен перед самым добавлением комментария
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// 5. добавляем комментарий в базу
$comment_id = $model->addComment($comment);
// 6. Пересчитываем количество комментариев у цели если нужно
if (method_exists($target_model, 'updateCommentsCount')) {
$target_model->updateCommentsCount($comment['target'], $comment['target_id']);
}
if (!$comment['is_hidden'] && $comment['published']) {
//регистрируем событие
$content_short = strip_tags($comment['content']);
cmsActions::log('add_comment', array('object' => $_LANG['COMMENT'], 'object_url' => $comment['target_link'] . '#c' . $comment_id, 'object_id' => $comment_id, 'target' => $comment['target_title'], 'target_url' => $comment['target_link'], 'target_id' => $comment['target_id'], 'description' => mb_strlen($content_short) > 140 ? mb_substr($content_short, 0, 140) : $content_short));
}
////////////////////////////////////////////////////////////////
///////////////// Операции по уведомлениям /////////////////////
$inConf = cmsConfig::getInstance();
$from_nick = $inUser->id ? $inUser->nickname : $comment['guestname'];
$targetlink = HOST . $comment['target_link'] . '#c' . $comment_id;
//получаем ID и e-mail автора
$author = $inUser->id ? $model->getTargetAuthor($target['target_table'], $comment['target_id']) : '';
//подписываем пользователя на обновления, если нужно
if ($inUser->id && cmsCore::inRequest('subscribe')) {
cmsUser::subscribe($inUser->id, $comment['target'], $comment['target_id']);
}
if ($comment['published']) {
//рассылаем уведомления о новом комменте
cmsUser::sendUpdateNotify($comment['target'], $comment['target_id'], array('link' => $comment['target_link'] . '#c' . $comment_id, 'title' => stripslashes($comment['target_title']), 'letter_file' => 'newcomment', 'author' => $inUser->id ? $inUser->nickname : $comment['guestname']));
//проверяем и выдаем награду если нужно
cmsUser::checkAwards($inUser->id);
}
//отправляем админу уведомление о комментарии на e-mail, если нужно
if ($model->config['email']) {
$mailmsg = str_replace(array('{sitename}', '{date}', '{from}', '{subjtitle}', '{targetlink}', '{content}'), array($inConf->sitename, date('d/m/Y (H:i)'), $from_nick, stripslashes($comment['target_title']), $targetlink, strip_tags($comment['content'])), cmsCore::getLanguageTextFile('newcomment_admin'));
$inCore->mailText($model->config['email'], '', $mailmsg);
}
//отправляем автору уведомление на e-mail
if ($author && $comment['published']) {
if ($model->isAuthorNeedMail($author['id']) && $inUser->id != $author['id']) {
$letter = cmsCore::getLanguageTextFile('newpostcomment');
$letter = str_replace('{sitename}', $inConf->sitename, $letter);
$letter = str_replace('{subj}', $target['subj'], $letter);
$letter = str_replace('{subjtitle}', stripslashes($comment['target_title']), $letter);
$letter = str_replace('{targetlink}', $targetlink, $letter);
$letter = str_replace('{date}', date('d/m/Y H:i:s'), $letter);
$letter = str_replace('{from}', $from_nick, $letter);
$inCore->mailText($author['email'], '', $letter);
}
}
if (!$comment['published']) {
$message = str_replace(array('%user%', '%targetlink%'), array($from_nick, $targetlink), $_LANG['COMM_PREMODER_ADMIN_TEXT']);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
}
cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id'], 'is_premod' => $comment['published'] ? 0 : $_LANG['COMM_PREMODER_TEXT'], 'comment_id' => $comment_id));
}
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'edit') {
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
$comment = $model->getComment(cmsCore::request('comment_id', 'int', 0));
if (!$comment) {
die;
}
// редактировать могут авторы (если время редактирования есть)
// модераторы и администраторы
if (!$model->is_can_moderate && !$inUser->is_admin && !($inUser->id == $comment['user_id'] && $comment['is_editable'])) {
cmsCore::error404();
}
if ($model->is_can_bbcode) {
$content = cmsCore::request('content', 'html', '');
$com_new['content_bbcode'] = $inDB->escape_string($content);
$com_new['content'] = $inDB->escape_string(cmsCore::parseSmiles($content, true));
} else {
$com_new['content'] = cmsCore::request('content', 'str', '');
$com_new['content_bbcode'] = $com_new['content'];
$com_new['content'] = str_replace(array('\\r', '\\n'), '<br>', $com_new['content']);
}
// Текст комментраия отсутствует
if (!$com_new['content']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
//Если ошибок не было,
//обновляем комментарий в базе
$model->updateComment($comment['id'], $com_new);
// Обновляем в ленте активности
$content_short = mb_substr(strip_tags($com_new['content']), 0, 140);
cmsActions::updateLog('add_comment', array('description' => $content_short), $comment['id']);
$com_new['content'] = stripslashes(str_replace(array('\\r', '\\n'), ' ', $com_new['content']));
$com_new = cmsCore::callEvent('GET_COMMENT', $com_new);
cmsCore::jsonOutput(array('error' => false, 'text' => $com_new['content'], 'comment_id' => $comment['id']));
}
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'delete') {
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
$comment = $model->getComment($id);
if (!$comment) {
cmsCore::error404();
}
if (!$inUser->id && !($model->is_can_delete && $inUser->id == $comment['user_id']) && !$model->is_can_moderate && !$inUser->is_admin) {
cmsCore::error404();
}
//узнаем ответственный компонент из cms_comment_targets
$target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*');
if (!$target) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1'));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteComment($id);
//подключим модель этого компонента
if (cmsCore::loadModel($target['component'])) {
$model_class = 'cms_model_' . $target['component'];
if (class_exists($model_class)) {
$target_model = new $model_class();
// Пересчитываем количество комментариев у цели если нужно
if (method_exists($target_model, 'updateCommentsCount')) {
$target_model->updateCommentsCount($comment['target'], $comment['target_id']);
}
}
}
cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id']));
}
}
/**
* Валидация каптчи
* @return bool
*/
public static function checkCaptchaCode()
{
return cmsCore::checkCaptchaCode();
}
function registration(){
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
global $_LANG;
$do = $inCore->do;
//============================================================================//
if ($do == 'sendremind') {
if (cmsCore::c('user')->id) { cmsCore::error404(); }
cmsCore::c('page')->setTitle($_LANG['REMINDER_PASS']);
cmsCore::c('page')->addPathway($_LANG['REMINDER_PASS']);
if (!cmsCore::inRequest('goremind')){
cmsPage::initTemplate('components', 'com_registration_sendremind')->
display();
} else {
if(!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$email = cmsCore::request('email', 'email', '');
if(!$email) { cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error'); cmsCore::redirectBack(); }
$usr = cmsUser::getShortUserData($email);
if(!$usr || $usr['is_locked'] || $usr['is_deleted']) {
cmsCore::addSessionMessage($_LANG['ADRESS'].' "'.$email.'" '.$_LANG['NOT_IN_OUR_BASE'], 'error');
cmsCore::redirectBack();
}
if (cmsUser::userIsAdmin($usr['id'])) {
cmsCore::addSessionMessage($_LANG['NOT_ADMIN_SENDREMIND'], 'error');
cmsCore::redirectBack();
}
$usercode = md5($usr['id'] . '-' . uniqid() . '-' . microtime() . '-' . PATH);
$sql = "INSERT cms_users_activate (pubdate, user_id, code) VALUES (NOW(), '". $usr['id'] ."', '". $usercode ."')";
cmsCore::c('db')->query($sql);
$newpass_link = HOST .'/registration/remind/'. $usercode;
$mail_message = $_LANG['HELLO'].', ' . $usr['nickname'] . '!'. "\n\n";
$mail_message .= $_LANG['REMINDER_TEXT'].' "'.cmsCore::c('config')->sitename.'".' . "\n\n";
$mail_message .= $_LANG['YOUR_LOGIN'].': ' .$usr['login']. "\n\n";
$mail_message .= $_LANG['NEW_PASS_LINK'].":\n" .$newpass_link . "\n\n";
$mail_message .= $_LANG['LINK_EXPIRES']. "\n\n";
$mail_message .= $_LANG['SIGNATURE'].', '. cmsCore::c('config')->sitename . ' ('.HOST.').' . "\n";
$mail_message .= date('d-m-Y (H:i)');
$inCore->mailText($email, cmsCore::c('config')->sitename.' - '.$_LANG['REMINDER_PASS'], $mail_message);
cmsCore::addSessionMessage($_LANG['NEW_PAS_SENDED'], 'info');
cmsCore::redirect('/login');
}
}
//============================================================================//
if ($do == 'remind') {
if (cmsCore::c('user')->id) { cmsCore::error404(); }
$usercode = cmsCore::request('code', 'str', '');
//проверяем формат кода
if (!preg_match('/^[0-9a-f]{32}$/i', $usercode)){ cmsCore::error404(); }
// проверяем код
$user_id = cmsCore::c('db')->get_field('cms_users_activate', "code = '". $usercode ."'", 'user_id');
if (!$user_id) { cmsCore::error404(); }
//получаем пользователя
$user = cmsCore::c('db')->get_fields('cms_users', "id = '". $user_id ."'", '*');
if (!$user) { cmsCore::error404(); }
if (cmsUser::userIsAdmin($user['id'])) {
cmsCore::error404();
}
if (cmsCore::inRequest('submit')){
if(!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$errors = false;
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
if(!$pass) { cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error'); $errors = true; }
if($pass && !$pass2) { cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error'); $errors = true; }
if($pass && $pass2 && mb_strlen($pass)<6) { cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error'); $errors = true; }
if($pass && $pass2 && $pass != $pass2) { cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error'); $errors = true; }
if ($errors){ cmsCore::redirectBack(); }
$md5_pass = md5($pass);
cmsCore::c('db')->query("UPDATE cms_users SET password = '******', logdate = NOW() WHERE id = '". $user['id'] ."'");
cmsCore::c('db')->query("DELETE FROM cms_users_activate WHERE code = '". $usercode ."'");
cmsCore::addSessionMessage($_LANG['CHANGE_PASS_COMPLETED'], 'info');
cmsCore::c('user')->signInUser($user['login'], $pass, true);
cmsCore::redirect(cmsUser::getProfileURL($user['login']));
}
cmsCore::c('page')->setTitle($_LANG['RECOVER_PASS']);
cmsCore::c('page')->addPathway($_LANG['RECOVER_PASS']);
cmsPage::initTemplate('components', 'com_registration_remind')->
assign('cfg', cmsCore::m('registration')->config)->
assign('user', $user)->
display();
}
//============================================================================//
if ($do=='register'){
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
if (cmsCore::c('user')->id && !cmsCore::c('user')->is_admin) {
if ($inCore->menuId() == 1) { return; } else { cmsCore::error404(); }
}
// регистрация закрыта
if (!cmsCore::m('registration')->config['is_on']){
cmsCore::error404();
}
// регистрация по инвайтам
if (cmsCore::m('registration')->config['reg_type']=='invite'){
if (!cmsCore::m('users')->checkInvite(cmsUser::sessionGet('invite_code'))) {
cmsCore::error404();
}
}
$errors = false;
// получаем данные
$item['login'] = cmsCore::request('login', 'str', '');
$item['email'] = cmsCore::request('email', 'email');
$item['icq'] = cmsCore::request('icq', 'str', '');
$item['city'] = cmsCore::request('city', 'str', '');
$item['nickname'] = cmsCore::request('nickname', 'str', '');
$item['realname1'] = cmsCore::request('realname1', 'str', '');
$item['realname2'] = cmsCore::request('realname2', 'str', '');
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
// проверяем логин
if(mb_strlen($item['login'])<2 ||
mb_strlen($item['login'])>15 ||
is_numeric($item['login']) ||
!preg_match("/^([a-z0-9])+$/ui", $item['login'])) {
cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error'); $errors = true;
}
// проверяем пароль
if(!$pass) { cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error'); $errors = true; }
if($pass && !$pass2) { cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error'); $errors = true; }
if($pass && $pass2 && mb_strlen($pass)<6) { cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error'); $errors = true; }
if($pass && $pass2 && $pass != $pass2) { cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error'); $errors = true; }
// Проверяем nickname или имя и фамилию
if(cmsCore::m('registration')->config['name_mode']=='nickname'){
if(!$item['nickname']) { cmsCore::addSessionMessage($_LANG['TYPE_NICKNAME'], 'error'); $errors = true; }
} else {
if(!$item['realname1']) { cmsCore::addSessionMessage($_LANG['TYPE_NAME'], 'error'); $errors = true; }
if(!$item['realname2']) { cmsCore::addSessionMessage($_LANG['TYPE_SONAME'], 'error'); $errors = true; }
$item['nickname'] = trim($item['realname1']) . ' ' . trim($item['realname2']);
}
if (mb_strlen($item['nickname'])<2) { cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error'); $errors = true; }
if(cmsCore::m('registration')->getBadNickname($item['nickname'])){
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error'); $errors = true;
}
// Проверяем email
if(!$item['email']) { cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error'); $errors = true; }
// День рождения
list($item['bday'], $item['bmonth'], $item['byear']) = array_values(cmsCore::request('birthdate', 'array_int', array()));
$item['birthdate'] = sprintf('%04d-%02d-%02d', $item['byear'], $item['bmonth'], $item['bday']);
// получаем данные конструктора форм
$item['formsdata'] = '';
if(isset(cmsCore::m('users')->config['privforms'])){
if (is_array(cmsCore::m('users')->config['privforms'])){
foreach(cmsCore::m('users')->config['privforms'] as $form_id){
$form_input = cmsForm::getFieldsInputValues($form_id);
$item['formsdata'] .= cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if($field_error){ cmsCore::addSessionMessage($field_error, 'error'); $errors = true; }
}
}
}
}
// Проверяем каптчу
if(!cmsCore::checkCaptchaCode()) { cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error'); $errors = true; }
// проверяем есть ли такой пользователь
$user_exist = cmsCore::c('db')->get_fields('cms_users', "(login LIKE '{$item['login']}' OR email LIKE '{$item['email']}') AND is_deleted = 0", 'id, login, email');
if($user_exist){
if($user_exist['login'] == $item['login']){
cmsCore::addSessionMessage($_LANG['LOGIN'].' "'.$item['login'].'" '.$_LANG['IS_BUSY'], 'error'); $errors = true;
} else {
cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error'); $errors = true;
}
}
// В случае ошибок, возвращаемся в форму
if($errors){
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/registration');
}
//////////////////////////////////////////////
//////////// РЕГИСТРАЦИЯ /////////////////////
//////////////////////////////////////////////
$item['is_locked'] = cmsCore::m('registration')->config['act'];
$item['password'] = md5($pass);
$item['orig_password'] = $pass;
$item['group_id'] = cmsCore::m('registration')->config['default_gid'];
$item['regdate'] = date('Y-m-d H:i:s');
$item['logdate'] = date('Y-m-d H:i:s');
if (cmsUser::sessionGet('invite_code')){
$invite_code = cmsUser::sessionGet('invite_code');
$item['invited_by'] = (int)cmsCore::m('users')->getInviteOwner($invite_code);
if ($item['invited_by']){ cmsCore::m('users')->closeInvite($invite_code); }
cmsUser::sessionDel('invite_code');
} else {
$item['invited_by'] = 0;
}
$item = cmsCore::callEvent('USER_BEFORE_REGISTER', $item);
$item['id'] = $item['user_id'] = cmsCore::c('db')->insert('cms_users', $item);
if(!$item['id']){ cmsCore::error404(); }
cmsCore::c('db')->insert('cms_user_profiles', $item);
cmsCore::callEvent('USER_REGISTER', $item);
if ($item['is_locked']){
cmsCore::m('registration')->sendActivationNotice($pass, $item['id']);
cmsPage::includeTemplateFile('special/regactivate.php');
cmsCore::halt();
} else {
cmsActions::log('add_user', array(
'object' => '',
'user_id' => $item['id'],
'object_url' => '',
'object_id' => $item['id'],
'target' => '',
'target_url' => '',
'target_id' => 0,
'description' => ''
));
if (cmsCore::m('registration')->config['send_greetmsg']){ cmsCore::m('registration')->sendGreetsMessage($item['id']); }
cmsCore::m('registration')->sendRegistrationNotice($pass, $item['id']);
$back_url = cmsCore::c('user')->signInUser($item['login'], $pass, true);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do=='view'){
$pagetitle = $inCore->getComponentTitle();
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->addPathway($pagetitle);
cmsCore::c('page')->addHeadJsLang(array('WRONG_PASS'));
// Если пользователь авторизован, то не показываем форму регистрации, редирект в профиль.
if (cmsCore::c('user')->id && !cmsCore::c('user')->is_admin) {
if ($inCore->menuId() == 1) { return; } else { cmsCore::redirect(cmsUser::getProfileURL(cmsCore::c('user')->login)); }
}
$correct_invite = (cmsUser::sessionGet('invite_code') ? true : false);
if (cmsCore::m('registration')->config['reg_type']=='invite' && cmsCore::inRequest('invite_code')){
$invite_code = cmsCore::request('invite_code', 'str', '');
$correct_invite = cmsCore::m('users')->checkInvite($invite_code);
if ($correct_invite) {
cmsUser::sessionPut('invite_code', $invite_code);
} else {
cmsCore::addSessionMessage($_LANG['INCORRECT_INVITE'], 'error');
}
}
$item = cmsUser::sessionGet('item');
if($item){ cmsUser::sessionDel('item'); }
if(empty($item['birthdate'])){
$item['birthdate'] = date('Y-m-d');
}
$private_forms = array();
if(isset(cmsCore::m('users')->config['privforms'])){
if (is_array(cmsCore::m('users')->config['privforms'])){
foreach(cmsCore::m('users')->config['privforms'] as $form_id){
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, array(), true));
}
}
}
cmsPage::initTemplate('components', 'com_registration')->
assign('cfg', cmsCore::m('registration')->config)->
assign('item', $item)->
assign('pagetitle', $pagetitle)->
assign('correct_invite', $correct_invite)->
assign('private_forms', $private_forms)->
display();
}
//============================================================================//
if ($do=='activate'){
$code = cmsCore::request('code', 'str', '');
if (empty($code)) { cmsCore::error404(); }
$user_id = cmsCore::c('db')->get_field('cms_users_activate', "code = '". $code ."'", 'user_id');
if (!$user_id){ cmsCore::error404(); }
cmsCore::c('db')->query("UPDATE cms_users SET is_locked = 0 WHERE id = '$user_id'");
cmsCore::c('db')->query("DELETE FROM cms_users_activate WHERE code = '$code'");
cmsCore::callEvent('USER_ACTIVATED', $user_id);
if (cmsCore::m('registration')->config['send_greetmsg']){ cmsCore::m('registration')->sendGreetsMessage($user_id); }
// Регистрируем событие
cmsActions::log('add_user', array(
'object' => '',
'user_id' => $user_id,
'object_url' => '',
'object_id' => $user_id,
'target' => '',
'target_url' => '',
'target_id' => 0,
'description' => ''
));
cmsCore::addSessionMessage($_LANG['ACTIVATION_COMPLETE'], 'info');
cmsUser::goToLogin();
}
//============================================================================//
if ($do=='auth'){
//====================//
//== разлогивание ==//
if (cmsCore::inRequest('logout')) {
cmsCore::c('user')->logout();
cmsCore::redirect('/');
}
//====================//
//== авторизация ==//
if( !cmsCore::inRequest('logout') ) {
// флаг неуспешных авторизаций
$anti_brute_force = cmsUser::sessionGet('anti_brute_force');
$login = cmsCore::request('login', 'str', '');
$passw = cmsCore::request('pass', 'str', '');
$remember_pass = cmsCore::inRequest('remember');
// если нет логина или пароля, показываем форму входа
if (!$login || !$passw){
if(cmsCore::c('user')->id && !cmsCore::c('user')->is_admin) { cmsCore::redirect('/'); }
cmsCore::c('page')->setTitle($_LANG['SITE_LOGIN']);
cmsCore::c('page')->addPathway($_LANG['SITE_LOGIN']);
cmsPage::initTemplate('components', 'com_registration_login')->
assign('cfg', cmsCore::m('registration')->config)->
assign('anti_brute_force', $anti_brute_force)->
assign('is_sess_back', cmsUser::sessionGet('auth_back_url'))->
display();
if (!mb_strstr(cmsCore::getBackURL(), 'login')) {
cmsUser::sessionPut('auth_back_url', cmsCore::getBackURL());
}
return;
}
if(!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
// Проверяем каптчу
if($anti_brute_force && !cmsCore::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
cmsCore::redirect('/login');
}
cmsUser::sessionDel('anti_brute_force');
$back_url = cmsCore::c('user')->signInUser($login, $passw, $remember_pass);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do=='autherror'){
cmsUser::sessionPut('anti_brute_force', 1);
cmsPage::includeTemplateFile('special/autherror.php');
cmsCore::halt();
}
//============================================================================//
}
