public function __construct(){
$this->inCore = cmsCore::getInstance();
$this->config = $this->inCore->loadComponentConfig('board');
$this->root_cat = cmsCore::c('db')->get_fields('cms_board_cats', 'parent_id=0', '*');
$this->category_id = cmsCore::request('category_id', 'int', $this->root_cat['id']);
$this->item_id = cmsCore::request('id', 'int', 0);
$this->page = cmsCore::request('page', 'int', 1);
$this->city = cmsCore::getSearchVar('city');
$this->obtype = cmsCore::getSearchVar('obtype');
$this->is_can_add_by_group = cmsUser::isUserCan('board/add');
$this->is_moderator_by_group = cmsUser::isUserCan('board/moderate');
cmsCore::loadClass('form');
}
// //
/******************************************************************************/
if ($fdo == 'view') {
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
if ($inUser->id) {
$inPage->addHeadJS('components/users/js/pageselfiles.js');
}
$inPage->setTitle($usr['nickname'] . ' - ' . $_LANG['FILES']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['FILES_ARCHIVE'], '/users/' . $id . '/files.html');
$inPage->addHeadJsLang(array('NO_SELECT_FILE'));
$orderby = cmsCore::getSearchVar('orderby', 'pubdate');
$orderto = cmsCore::getSearchVar('orderto', 'desc');
if (!in_array($orderby, array('pubdate', 'filename', 'filesize', 'hits'))) {
$orderby = 'pubdate';
}
if (!in_array($orderto, array('asc', 'desc'))) {
$orderto = 'desc';
}
$perpage = 20;
$myprofile = $inUser->id == $usr['id'];
$inDB->where("user_id = '{$usr['id']}'");
$total_files = $model->getUserFilesCount($myprofile || $inUser->is_admin);
$inDB->orderBy($orderby, $orderto);
$inDB->limitPage($page, $perpage);
$files = $model->getUserFiles($myprofile || $inUser->is_admin);
$free_mb = $model->config['filessize'] ? round($model->config['filessize'] - round($model->getUserFilesSize($usr['id']) / 1024 / 1024, 2), 2) : '';
cmsPage::initTemplate('components', 'com_users_file_view')->assign('usr', $usr)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('cfg', $model->config)->assign('total_files', $total_files)->assign('free_mb', $free_mb)->assign('pagination', cmsPage::getPagebar($total_files, $page, $perpage, '/users/' . $id . '/files%page%.html'))->assign('myprofile', $myprofile)->assign('is_admin', $inUser->is_admin)->assign('files', $files)->display('com_users_file_view.tpl');
function users()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_users();
// id пользователя
$id = cmsCore::request('id', 'int', 0);
// логин пользователя
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$pagetitle = $inCore->getComponentTitle();
if ($model->config['sw_search'] != 2) {
$inPage->addPathway($pagetitle, '/users');
}
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
// js только авторизованным
if ($inUser->id) {
$inPage->addHeadJS('components/users/js/profile.js');
$inPage->addHeadJsLang(array('CONFIRM_CLEAN_CAT', 'CHOOSE_RECIPIENT', 'SEND_TO_USER', 'FRIENDSHIP_OFFER', 'STOP_FRIENDLY', 'REALY_STOP_FRIENDLY', 'ENTER_STATUS', 'HAVE_JUST'));
}
//============================================================================//
//========================= Список пользователей ============================//
//============================================================================//
if ($do == 'view') {
// если запрещен просмотр всех пользователей, 404
if ($model->config['sw_search'] == 2) {
cmsCore::error404();
}
//очищаем поисковые запросы если пришли со другой страницы
if (!strstr(cmsCore::getBackURL(), '/users')) {
cmsUser::sessionClearAll();
}
$stext = array();
// Возможные входные переменные
$name = cmsCore::getSearchVar('name');
$city = cmsCore::getSearchVar('city');
$hobby = cmsCore::getSearchVar('hobby');
$gender = cmsCore::getSearchVar('gender');
$orderby = cmsCore::request('orderby', array('karma', 'rating', 'regdate'), 'regdate');
$orderto = cmsCore::request('orderto', array('asc', 'desc'), 'desc');
$age_to = (int) cmsCore::getSearchVar('ageto', 'all');
$age_fr = (int) cmsCore::getSearchVar('agefrom', 'all');
$group_id = cmsCore::request('group_id', 'int', 0);
// Флаг о показе только онлайн пользователей
if (cmsCore::inRequest('online')) {
cmsUser::sessionPut('usr_online', (bool) cmsCore::request('online', 'int'));
$page = 1;
}
$only_online = cmsUser::sessionGet('usr_online');
if ($only_online) {
$stext[] = $_LANG['SHOWING_ONLY_ONLINE'];
}
///////////////////////////////////////
//////////Условия выборки//////////////
///////////////////////////////////////
// группа
if ($group_id) {
$model->whereUserGroupIs($group_id);
$link['group'] = '/users/group/' . $group_id;
$_LANG['GROUP_SEARCH_NAME'] = cmsUser::getGroupTitle($group_id);
}
// Добавляем в выборку имя, если оно есть
if ($name) {
$model->whereNameIs($name);
$stext[] = $_LANG['NAME'] . " — " . htmlspecialchars(stripslashes($name));
}
// Добавляем в выборку город, если он есть
if ($city) {
$model->whereCityIs($city);
$stext[] = $_LANG['CITY'] . " — " . htmlspecialchars(stripslashes($city));
}
// Добавляем в выборку хобби, если есть
if ($hobby) {
$model->whereHobbyIs($hobby);
$stext[] = $_LANG['HOBBY'] . " — " . htmlspecialchars(stripslashes($hobby));
}
// Добавляем в выборку пол, если есть
if ($gender) {
$model->whereGenderIs($gender);
if ($gender == 'm') {
$stext[] = $_LANG['MALE'];
} else {
$stext[] = $_LANG['FEMALE'];
}
}
// Добавляем в выборку возраст, более
if ($age_fr) {
$model->whereAgeFrom($age_fr);
$stext[] = $_LANG['NOT_YOUNG'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Добавляем в выборку возраст, менее
if ($age_to) {
$model->whereAgeTo($age_to);
$stext[] = $_LANG['NOT_OLD'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Считаем общее количество согласно выборки
$total = $model->getUsersCount($only_online);
if ($total) {
//устанавливаем сортировку
$inDB->orderBy($orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во пользователей на странице
$inDB->limitPage($page, $model->config['users_perpage']);
// Загружаем пользователей согласно выборки
$users = $model->getUsers($only_online);
} else {
$inDB->resetConditions();
}
$link['latest'] = '/users';
$link['positive'] = '/users/positive.html';
$link['rating'] = '/users/rating.html';
if ($orderby == 'regdate') {
$link['selected'] = 'latest';
}
if ($orderby == 'karma') {
$link['selected'] = 'positive';
}
if ($orderby == 'rating') {
$link['selected'] = 'rating';
}
$pagebar_link = '/users/' . $link['selected'] . '%page%.html';
if ($group_id) {
$link['selected'] = 'group';
$pagebar_link = '/users/' . $link['selected'] . '/' . $group_id . '-%page%';
}
cmsPage::initTemplate('components', 'com_users_view')->assign('stext', $stext)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('users', $users)->assign('total', $total)->assign('only_online', $only_online)->assign('gender', $gender)->assign('name', stripslashes($name))->assign('city', stripslashes($city))->assign('hobby', stripslashes($hobby))->assign('age_to', $age_to)->assign('age_fr', $age_fr)->assign('cfg', $model->config)->assign('link', $link)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['users_perpage'], $pagebar_link))->display('com_users_view.tpl');
}
//============================================================================//
//======================= Редактирование профиля ============================//
//============================================================================//
if ($do == 'editprofile') {
// неавторизованным, не владельцам и не админам тут делать нечего
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = $model->getUser($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'edit');
// главного админа может редактировать только он сам
if ($id == 1 && $inUser->id != $id) {
cmsCore::error404();
}
// показываем форму
if ($opt == 'edit') {
$inPage->setTitle($_LANG['CONFIG_PROFILE'] . ' - ' . $usr['nickname']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['CONFIG_PROFILE']);
$private_forms = array();
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, $usr['formsdata']));
}
}
}
cmsPage::initTemplate('components', 'com_users_edit_profile')->assign('opt', $opt)->assign('usr', $usr)->assign('private_forms', $private_forms)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('cfg', $model->config)->display('com_users_edit_profile.tpl');
return;
}
// Если сохраняем профиль
if ($opt == 'save') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$users['nickname'] = cmsCore::request('nickname', 'str');
if (mb_strlen($users['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
cmsCore::loadModel('registration');
$modreg = new cms_model_registration();
if (!$inUser->is_admin) {
if ($modreg->getBadNickname($users['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
}
$profiles['gender'] = cmsCore::request('gender', 'str');
$profiles['city'] = cmsCore::request('city', 'str');
if (mb_strlen($profiles['city']) > 50) {
cmsCore::addSessionMessage($_LANG['LONG_CITY_NAME'], 'error');
$errors = true;
}
$users['email'] = cmsCore::request('email', 'email');
if (!$users['email']) {
cmsCore::addSessionMessage($_LANG['REALY_ADRESS_EMAIL'], 'error');
$errors = true;
}
if ($usr['email'] != $users['email']) {
$is_set_email = $inDB->get_field('cms_users', "email='{$users['email']}'", 'id');
if ($is_set_email) {
cmsCore::addSessionMessage($_LANG['ADRESS_EMAIL_IS_BUSY'], 'error');
$errors = true;
} else {
// формируем токен
$token = md5($usr['email'] . uniqid() . microtime());
$inDB->insert('cms_users_activate', array('user_id' => $inUser->id, 'pubdate' => date("Y-m-d H:i:s"), 'code' => $token));
$codelink = HOST . '/users/change_email/' . $token . '/' . $users['email'];
// по старому адресу высылаем письмо с подтверждением
$letter = cmsCore::getLanguageTextFile('change_email');
$letter = str_replace(array('{nickname}', '{codelink}'), array($inUser->nickname, $codelink), $letter);
cmsCore::mailText($usr['email'], '', $letter);
cmsCore::addSessionMessage(sprintf($_LANG['YOU_CHANGE_EMAIL'], $usr['email']), 'info');
// email не меняем
$users['email'] = $usr['email'];
}
}
$profiles['showphone'] = cmsCore::request('showphone', 'int', 0);
$profiles['showmail'] = cmsCore::request('showmail', 'int');
$profiles['email_newmsg'] = cmsCore::request('email_newmsg', 'int');
$profiles['showbirth'] = cmsCore::request('showbirth', 'int');
$profiles['description'] = cmsCore::request('description', 'str', '');
$users['birthdate'] = (int) $_REQUEST['birthdate']['year'] . '-' . (int) $_REQUEST['birthdate']['month'] . '-' . (int) $_REQUEST['birthdate']['day'];
$profiles['signature'] = $inDB->escape_string(cmsCore::badTagClear(cmsCore::request('signature', 'html', '')));
$profiles['signature_html'] = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('signature', 'html', ''), true));
$profiles['allow_who'] = cmsCore::request('allow_who', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['allow_who'])) {
$errors = true;
}
$users['icq'] = cmsCore::request('icq', 'str', '');
$profiles['showicq'] = cmsCore::request('showicq', 'int');
$profiles['cm_subscribe'] = cmsCore::request('cm_subscribe', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['cm_subscribe'])) {
$errors = true;
}
$users['phone'] = cmsCore::request('phone', 'int', 0);
// получаем данные форм
$profiles['formsdata'] = '';
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$profiles['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
if ($errors) {
cmsCore::redirectBack();
}
$inDB->update('cms_user_profiles', cmsCore::callEvent('UPDATE_USER_PROFILES', array_merge(array('id' => $usr['pid'], 'user_id' => $usr['id']), $profiles)), $usr['pid']);
$inDB->update('cms_users', cmsCore::callEvent('UPDATE_USER_USERS', array_merge(array('id' => $usr['id']), $users)), $usr['id']);
cmsCore::addSessionMessage($_LANG['PROFILE_SAVED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
if ($opt == 'changepass') {
$errors = false;
$oldpass = cmsCore::request('oldpass', 'str');
$newpass = cmsCore::request('newpass', 'str');
$newpass2 = cmsCore::request('newpass2', 'str');
if ($inUser->password != md5($oldpass)) {
cmsCore::addSessionMessage($_LANG['OLD_PASS_WRONG'], 'error');
$errors = true;
}
if ($newpass != $newpass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($oldpass && $newpass && $newpass2 && mb_strlen($newpass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
cmsCore::callEvent('UPDATE_USER_PASSWORD', array('user_id' => $usr['id'], 'oldpass' => $oldpass, 'newpass' => $newpass));
$sql = "UPDATE cms_users SET password='******' WHERE id = '{$id}' AND password='******'";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['PASS_CHANGED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//============================= Просмотр профиля ============================//
//============================================================================//
if ($do == 'profile') {
$inPage->addHeadJsLang(array('NEW_POST_ON_WALL', 'CONFIRM_DEL_POST_ON_WALL'));
// если просмотр профиля гостям запрещен
if (!$inUser->id && !$model->config['sw_guest']) {
cmsUser::goToLogin();
}
if (is_numeric($login)) {
cmsCore::error404();
}
$usr = $model->getUser($login);
if (!$usr) {
cmsCore::error404();
}
$myprofile = $inUser->id == $usr['id'];
$inPage->setTitle($usr['nickname']);
$inPage->addPathway($usr['nickname']);
// просмотр профиля запрещен
if (!cmsUser::checkUserContentAccess($usr['allow_who'], $usr['id'])) {
cmsPage::initTemplate('components', 'com_users_not_allow')->assign('is_auth', $inUser->id)->assign('usr', $usr)->display('com_users_not_allow.tpl');
return;
}
// Профиль удален
if ($usr['is_deleted']) {
cmsPage::initTemplate('components', 'com_users_deleted.tpl')->assign('usr', $usr)->assign('is_admin', $inUser->is_admin)->assign('others_active', $inDB->rows_count('cms_users', "login='******'login']}' AND is_deleted=0", 1))->display('com_users_deleted.tpl');
return;
}
// Данные о друзьях
$usr['friends_total'] = cmsUser::getFriendsCount($usr['id']);
$usr['friends'] = cmsUser::getFriends($usr['id']);
// очищать сессию друзей если в своем профиле и количество друзей из базы не совпадает с количеством друзей в сессии
if ($myprofile && sizeof($usr['friends']) != $usr['friends_total']) {
cmsUser::clearSessionFriends();
}
// обрезаем список
$usr['friends'] = array_slice($usr['friends'], 0, 6);
// выясняем друзья ли мы с текущим пользователем
$usr['isfriend'] = !$myprofile ? cmsUser::isFriend($usr['id']) : false;
// награды пользователя
$usr['awards'] = $model->config['sw_awards'] ? $model->getUserAwards($usr['id']) : false;
// стена
if ($model->config['sw_wall']) {
$inDB->limitPage(1, $model->config['wall_perpage']);
$usr['wall_html'] = cmsUser::getUserWall($usr['id'], 'users', $myprofile, $inUser->is_admin);
}
// можно ли пользователю изменять карму
$usr['can_change_karma'] = $model->isUserCanChangeKarma($usr['id']) && $inUser->id;
// Фотоальбомы пользователя
if ($model->config['sw_photo']) {
$usr['albums'] = $model->getPhotoAlbums($usr['id'], $usr['isfriend'], !$inCore->isComponentEnable('photos'));
$usr['albums_total'] = sizeof($usr['albums']);
$usr['albums_show'] = 6;
if ($usr['albums_total'] > $usr['albums_show']) {
array_splice($usr['albums'], $usr['albums_show']);
}
}
$usr['board_count'] = $model->config['sw_board'] ? $inDB->rows_count('cms_board_items', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['comments_count'] = $model->config['sw_comm'] ? $inDB->rows_count('cms_comments', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['forum_count'] = $model->config['sw_forum'] ? $inDB->rows_count('cms_forum_posts', "user_id = '{$usr['id']}'") : 0;
$usr['files_count'] = $model->config['sw_files'] ? $inDB->rows_count('cms_user_files', "user_id = '{$usr['id']}'") : 0;
$cfg_reg = $inCore->loadComponentConfig('registration');
$usr['invites_count'] = $inUser->id && $myprofile && $cfg_reg['reg_type'] == 'invite' ? $model->getUserInvitesCount($inUser->id) : 0;
$usr['blog'] = $model->config['sw_blogs'] ? $inDB->get_fields('cms_blogs', "user_id = '{$usr['id']}' AND owner = 'user'", 'title, seolink') : false;
$usr['form_fields'] = array();
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$usr['form_fields'] = array_merge($usr['form_fields'], cmsForm::getFieldsValues($form_id, $usr['formsdata']));
}
}
if ($usr['city']) {
cmsCore::loadModel('geo');
$geo = new cms_model_geo();
$city_parents = $geo->getCityParents($usr['city']);
if ($city_parents) {
$usr['country'] = $city_parents['country_name'];
}
}
$plugins = $model->getPluginsOutput($usr);
cmsPage::initTemplate('components', 'com_users_profile.tpl')->assign('usr', $usr)->assign('plugins', $plugins)->assign('cfg', $model->config)->assign('myprofile', $myprofile)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('is_admin', $inUser->is_admin)->assign('is_auth', $inUser->id)->display('com_users_profile.tpl');
}
//============================================================================//
//============================= Список сообщений ============================//
//============================================================================//
if ($do == 'messages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_MESS']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['MY_MESS'], '/users/' . $id . '/messages.html');
include 'components/users/messages.php';
}
//============================================================================//
//=========================== Отправка сообщения ============================//
//============================================================================//
if ($do == 'sendmessage') {
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id && !cmsCore::inRequest('massmail') && !cmsCore::request('send_to_group', 'int', 0)) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gosend')) {
$replyid = cmsCore::request('replyid', 'int', 0);
if ($replyid) {
$msg = $model->getReplyMessage($replyid, $inUser->id);
if (!$msg) {
cmsCore::halt();
}
}
$inPage->setRequestIsAjax();
cmsPage::initTemplate('components', 'com_users_messages_add')->assign('msg', isset($msg) ? $msg : array())->assign('is_reply_user', $replyid)->assign('id', $id)->assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->assign('groups', $inUser->is_admin ? cmsUser::getGroups(true) : array())->assign('friends', cmsUser::getFriends($inUser->id))->assign('id_admin', $inUser->is_admin)->display('com_users_messages_add.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
if (cmsCore::inRequest('gosend')) {
// Кому отправляем
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
$message = cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true);
if (mb_strlen($message) < 2) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$output = cmsCore::callEvent('USER_SEND_MESSEDGE', array('text' => $message, 'to_id' => $id));
$message = $output['text'];
$id = $output['to_id'];
$send_to_group = cmsCore::request('send_to_group', 'int', 0);
$group_id = cmsCore::request('group_id', 'int', 0);
//
// Обычная отправка (1 получатель)
//
if (!cmsCore::inRequest('massmail') && !$send_to_group) {
//отправляем сообщение
$msg_id = cmsUser::sendMessage($inUser->id, $id, $message);
// отправляем уведомление на email если нужно
$model->sendNotificationByEmail($id, $inUser->id, $msg_id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_MESS_OK']));
}
//
// далее идут массовые рассылки, доступные только админам
//
if (!$inUser->is_admin) {
cmsCore::halt();
}
// отправить всем: получаем список всех пользователей
if (cmsCore::inRequest('massmail')) {
$userlist = cmsUser::getAllUsers();
// проверяем что есть кому отправлять
if (!$userlist) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ERR_SEND_MESS']));
}
$count = array();
// отправляем всем по списку
foreach ($userlist as $usr) {
$count[] = cmsUser::sendMessage(USER_MASSMAIL, $usr['id'], $message);
}
cmsCore::jsonOutput(array('error' => false, 'text' => sprintf($_LANG['SEND_MESS_ALL_OK'], sizeof($count))));
}
// отправить группе: получаем список членов группы
if ($send_to_group) {
$count = cmsUser::sendMessageToGroup(USER_MASSMAIL, $group_id, $message);
$success_msg = sprintf($_LANG['SEND_MESS_GROUP_OK'], $count, cmsUser::getGroupTitle($group_id));
cmsCore::jsonOutput(array('error' => false, 'text' => $success_msg));
}
}
}
//============================================================================//
//============================= Удаление сообщения ==========================//
//============================================================================//
if ($do == 'delmessage') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$msg = $inDB->get_fields('cms_user_msg', "id='{$id}'", '*');
if (!$msg) {
cmsCore::halt();
}
$can_delete = $inUser->id == $msg['to_id'] || $inUser->id == $msg['from_id'] ? true : false;
if (!$can_delete && !$inUser->is_admin) {
cmsCore::halt();
}
// Сообщения с from_id < 0
if ($msg['from_id'] < 0) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_NOTICE_DEL_OK'];
}
// мне сообщение от пользователя
if ($msg['to_id'] == $inUser->id && $msg['from_id'] > 0) {
$inDB->query("UPDATE cms_user_msg SET to_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// от меня сообщение
if ($msg['from_id'] == $inUser->id && !$msg['is_new']) {
$inDB->query("UPDATE cms_user_msg SET from_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// отзываем сообщение
if ($msg['from_id'] == $inUser->id && $msg['is_new']) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_BACK_OK'];
}
// удаляем сообщения, которые удалены с двух сторон
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
cmsCore::jsonOutput(array('error' => false, 'text' => $info_text));
}
//============================================================================//
//=========================== Удаление сообщений ============================//
//============================================================================//
if ($do == 'delmessages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if ($inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'in');
if ($opt == 'notices') {
$inDB->query("DELETE FROM cms_user_msg WHERE to_id = '{$id}' AND from_id < 0");
} else {
$del_flag = $opt == 'in' ? 'to_del' : 'from_del';
$id_flag = $opt == 'in' ? 'to_id' : 'from_id';
$inDB->query("UPDATE cms_user_msg SET {$del_flag}=1 WHERE {$id_flag}='{$id}'");
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
}
cmsCore::addSessionMessage($_LANG['MESS_ALL_DEL_OK'], 'info');
cmsCore::redirectBack();
}
//============================================================================//
//============================= Загрузка аватара ============================//
//============================================================================//
if ($do == 'avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['LOAD_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['LOAD_AVATAR']);
if (cmsCore::inRequest('upload')) {
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/';
$inUploadPhoto->dir_medium = 'users/avatars/';
$inUploadPhoto->dir_small = 'users/avatars/small/';
$inUploadPhoto->small_size_w = $model->config['smallw'];
$inUploadPhoto->medium_size_w = $model->config['medw'];
$inUploadPhoto->medium_size_h = $model->config['medh'];
$inUploadPhoto->is_watermark = false;
$inUploadPhoto->input_name = 'picture';
$file = $inUploadPhoto->uploadPhoto($inUser->orig_imageurl);
if (!$file) {
cmsCore::addSessionMessage('<strong>' . $_LANG['ERROR'] . ':</strong> ' . cmsCore::uploadError() . '!', 'error');
cmsCore::redirect('/users/' . $id . '/avatar.html');
}
$sql = "UPDATE cms_user_profiles SET imageurl = '{$file['filename']}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $file['filename'] . '">
</a>'));
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
} else {
cmsPage::initTemplate('components', 'com_users_avatar_upload')->assign('id', $id)->display('com_users_avatar_upload.tpl');
}
}
//============================================================================//
//============================= Библиотека аватаров =========================//
//============================================================================//
if ($do == 'select_avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$avatars_dir = PATH . "/images/users/avatars/library";
$avatars_dir_rel = "/images/users/avatars/library";
$avatars_dir_handle = opendir($avatars_dir);
$avatars = array();
while ($nextfile = readdir($avatars_dir_handle)) {
if ($nextfile != '.' && $nextfile != '..' && (mb_strstr($nextfile, '.gif') || mb_strstr($nextfile, '.jpg') || mb_strstr($nextfile, '.jpeg') || mb_strstr($nextfile, '.png'))) {
$avatars[] = $nextfile;
}
}
closedir($avatars_dir_handle);
if (!cmsCore::inRequest('set_avatar')) {
$inPage->setTitle($_LANG['SELECT_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['SELECT_AVATAR']);
$perpage = 20;
$total = sizeof($avatars);
$avatars = array_slice($avatars, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_avatars')->assign('userid', $id)->assign('avatars', $avatars)->assign('avatars_dir', $avatars_dir_rel)->assign('page', $page)->assign('perpage', $perpage)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/users/%user_id%/select-avatar-%page%.html', array('user_id' => $id)))->display('com_users_avatars.tpl');
} else {
$avatar_id = cmsCore::request('avatar_id', 'int', 0);
$file = $avatars[$avatar_id];
if (file_exists($avatars_dir . '/' . $file)) {
$uploaddir = PATH . '/images/users/avatars/';
$realfile = $file;
$filename = md5($realfile . '-' . $id . '-' . time()) . '.jpg';
$uploadfile = $avatars_dir . '/' . $realfile;
$uploadavatar = $uploaddir . $filename;
$uploadthumb = $uploaddir . 'small/' . $filename;
if ($inUser->orig_imageurl && $inUser->orig_imageurl != 'nopic.jpg') {
@unlink(PATH . '/images/users/avatars/' . $inUser->orig_imageurl);
@unlink(PATH . '/images/users/avatars/small/' . $inUser->orig_imageurl);
}
cmsCore::includeGraphics();
copy($uploadfile, $uploadavatar);
@img_resize($uploadfile, $uploadthumb, $model->config['smallw'], $model->config['smallw']);
$sql = "UPDATE cms_user_profiles SET imageurl = '{$filename}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $filename . '">
</a>'));
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//======================== Работа с фотографиями ============================//
//============================================================================//
if ($do == 'photos') {
if (!$model->config['sw_photo']) {
cmsCore::error404();
}
$pdo = cmsCore::request('pdo', 'str', '');
include 'components/users/photos.php';
}
//============================================================================//
//============================= Друзья пользователя =========================//
//============================================================================//
if ($do == 'friendlist') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$perpage = 10;
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['FRIENDS']);
$inPage->setTitle($_LANG['FRIENDS']);
// все друзья
$friends = cmsUser::getFriends($usr['id']);
// их общее количество
$total = count($friends);
// получаем только нужных на странице
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_friends')->assign('friends', $friends)->assign('usr', $usr)->assign('myprofile', $id == $inUser->id)->assign('total', $total)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/friendlist%page%.html\')'))->display('com_users_friends.tpl');
}
//============================================================================//
//============================= Запрос на дружбу ============================//
//============================================================================//
if ($do == 'addfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
cmsUser::clearSessionFriends();
if (cmsUser::isFriend($id)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['YOU_ARE_BE_FRIENDS']));
}
// проверяем был ли ранее запрос на дружбу
// если был, то делаем accept запросу
$is_need_accept_id = cmsUser::getFriendFieldId($id, 0, 'to_me');
if ($is_need_accept_id) {
$inDB->query("UPDATE cms_user_friends SET is_accepted = 1 WHERE id = '{$is_need_accept_id}'");
//регистрируем событие
cmsActions::log('add_friend', array('object' => $inUser->nickname, 'user_id' => $usr['id'], 'object_url' => cmsUser::getProfileURL($inUser->login), 'object_id' => $is_need_accept_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::callEvent('USER_ACCEPT_FRIEND', $id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_FRIEND_OK'] . $usr['nickname']));
}
// Если пользователь пытается добавиться в друзья к
// пользователю, к которому уже отправил запрос
if (cmsUser::getFriendFieldId($id, 0, 'from_me')) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ADD_TO_FRIEND_SEND_ERR']));
}
// Мы вообще не друзья с пользователем, создаем запрос
cmsUser::addFriend($id);
cmsUser::sendMessage(USER_UPDATER, $id, sprintf($_LANG['RECEIVED_F_O'], cmsUser::getProfileLink($inUser->login, $inUser->nickname), '<a class="ajaxlink" href="javascript:void(0)" onclick="users.acceptFriend(' . $inUser->id . ', this);return false;">' . $_LANG['ACCEPT'] . '</a>', '<a class="ajaxlink" href="javascript:void(0)" onclick="users.rejectFriend(' . $inUser->id . ', this);return false;">' . $_LANG['REJECT'] . '</a>'));
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_TO_FRIEND_SEND']));
}
//============================================================================//
//============================= Прекращение дружбы ==========================//
//============================================================================//
if ($do == 'delfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
if (cmsUser::getFriendFieldId($id)) {
$is_accepted_friend = cmsUser::isFriend($id);
if (cmsUser::deleteFriend($id)) {
// Если подтвержденный друг
if ($is_accepted_friend) {
cmsCore::jsonOutput(array('error' => false, 'text' => $usr['nickname'] . $_LANG['DEL_FRIEND']));
} else {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['REJECT_FRIEND'] . $usr['nickname']));
}
} else {
cmsCore::halt();
}
} else {
cmsCore::halt();
}
}
//============================================================================//
//============================= История кармы ===============================//
//============================================================================//
if ($do == 'karma') {
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['KARMA_HISTORY']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['KARMA_HISTORY']);
cmsPage::initTemplate('components', 'com_users_karma')->assign('karma', $model->getUserKarma($usr['id']))->assign('usr', $usr)->display('com_users_karma.tpl');
}
//============================================================================//
//============================= Изменение кармы =============================//
//============================================================================//
if ($do == 'votekarma') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$points = cmsCore::request('sign', 'str', 'plus') == 'plus' ? 1 : -1;
$to = cmsCore::request('to', 'int', 0);
$user = cmsUser::getShortUserData($to);
if (!$user) {
cmsCore::halt();
}
if (!$model->isUserCanChangeKarma($to)) {
cmsCore::halt();
}
cmsCore::halt(cmsUser::changeKarmaUser($to, $points));
}
//============================================================================//
//======================= Наградить пользователя ============================//
//============================================================================//
if ($do == 'giveaward') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['AWARD_USER']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['AWARD']);
if (!cmsCore::inRequest('gosend')) {
cmsPage::initTemplate('components', 'com_users_awards_give')->assign('usr', $usr)->assign('awardslist', cmsUser::getAwardsImages())->display('com_users_awards_give.tpl');
} else {
$award['title'] = cmsCore::request('title', 'str', $_LANG['AWRD']);
$award['description'] = cmsCore::request('description', 'str', '');
$award['imageurl'] = cmsCore::request('imageurl', 'str', '');
$award['from_id'] = $inUser->id;
$award['id'] = 0;
cmsUser::giveAward($award, $id);
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
}
//============================================================================//
//============================= Удаление награды ============================//
//============================================================================//
if ($do == 'delaward') {
$aw = $inDB->get_fields('cms_user_awards', "id = '{$id}'", '*');
if (!$aw) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $aw['user_id'] && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->delete('cms_user_awards', "id = '{$id}'", 1);
cmsActions::removeObjectLog('add_award', $id);
cmsCore::redirectBack();
}
//============================================================================//
//============================= Награды на сайте ============================//
//============================================================================//
if ($do == 'awardslist') {
$inPage->setTitle($_LANG['SITE_AWARDS']);
$inPage->addPathway($_LANG['SITE_AWARDS']);
$awards = cmsUser::getAutoAwards();
if (!$awards) {
cmsCore::error404();
}
foreach ($awards as $aw) {
//Перебираем все награды и ищем пользователей с текущей наградой
$sql = "SELECT u.id as id, u.nickname as nickname, u.login as login, IFNULL(p.gender, 'm') as gender\r\n FROM cms_user_awards aw\r\n LEFT JOIN cms_users u ON u.id = aw.user_id\r\n LEFT JOIN cms_user_profiles p ON p.user_id = u.id\r\n WHERE aw.award_id = '{$aw['id']}'";
$rs = $inDB->query($sql);
$aw['uhtml'] = '';
if ($inDB->num_rows($rs)) {
while ($user = $inDB->fetch_assoc($rs)) {
$aw['uhtml'] .= cmsUser::getGenderLink($user['id'], $user['nickname'], $user['gender'], $user['login']) . ', ';
}
$aw['uhtml'] = rtrim($aw['uhtml'], ', ');
} else {
$aw['uhtml'] = $_LANG['NOT_USERS_WITH_THIS_AWARD'];
}
$aws[] = $aw;
}
cmsPage::initTemplate('components', 'com_users_awards_site')->assign('aws', $aws)->display('com_users_awards_site.tpl');
}
//============================================================================//
//============================= Удаление профиля ============================//
//============================================================================//
if ($do == 'delprofile') {
// неавторизованным тут делать нечего
if (!$inUser->id) {
cmsCore::error404();
}
// есть ли удаляемый профиль
$data = cmsUser::getShortUserData($id);
if (!$data) {
cmsCore::error404();
}
// владелец профиля или админ
if ($inUser->is_admin) {
// могут ли администраторы удалять профиль
if (!cmsUser::isAdminCan('admin/users', cmsUser::getAdminAccess())) {
cmsCore::error404();
}
// администратор сам себя не удалит
if ($inUser->id == $data['id']) {
cmsCore::error404();
}
} else {
// удаляем только свой профиль
if ($inUser->id != $data['id']) {
cmsCore::error404();
}
}
if (isset($_POST['csrf_token'])) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteUser($id);
if (!$inUser->is_admin) {
session_destroy();
cmsCore::redirect('/logout');
} else {
cmsCore::addSessionMessage($_LANG['DELETING_PROFILE_OK'], 'info');
cmsCore::redirect('/users');
}
} else {
$inPage->setTitle($_LANG['DELETING_PROFILE']);
$inPage->addPathway($data['nickname'], $inUser->getProfileURL($data['login']));
$inPage->addPathway($_LANG['DELETING_PROFILE']);
$confirm['title'] = $_LANG['DELETING_PROFILE'];
$confirm['text'] = '<p>' . $_LANG['REALLY_DEL_PROFILE'] . '</p>';
$confirm['action'] = '/users/' . $id . '/delprofile.html';
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
cmsPage::initTemplate('components', 'action_confirm.tpl')->assign('confirm', $confirm)->display('action_confirm.tpl');
}
}
//============================================================================//
//============================ Восстановить профиль =========================//
//============================================================================//
if ($do == 'restoreprofile') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_deleted = 0 WHERE id = '{$id}'");
cmsCore::redirectBack();
}
//============================================================================//
//============================= Файлы пользователей =========================//
//============================================================================//
if ($do == 'files') {
if (!$model->config['sw_files']) {
cmsCore::error404();
}
$fdo = cmsCore::request('fdo', 'str', '');
include 'components/users/files.php';
}
//============================================================================//
//================================ Инвайты =================================//
//============================================================================//
if ($do == 'invites') {
$reg_cfg = $inCore->loadComponentConfig('registration');
if ($reg_cfg['reg_type'] != 'invite') {
cmsCore::error404();
}
$invites_count = $model->getUserInvitesCount($inUser->id);
if (!$invites_count) {
cmsCore::error404();
}
if (!cmsCore::inRequest('send_invite')) {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_INVITES']);
cmsPage::initTemplate('components', 'com_users_invites')->assign('invites_count', $invites_count)->display('com_users_invites.tpl');
return;
}
if (cmsCore::inRequest('send_invite')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$invite_email = cmsCore::request('invite_email', 'email', '');
if (!$invite_email) {
cmsCore::redirectBack();
}
if ($model->sendInvite($inUser->id, $invite_email)) {
cmsCore::addSessionMessage(sprintf($_LANG['INVITE_SENDED'], $invite_email), 'success');
} else {
cmsCore::addSessionMessage($_LANG['INVITE_ERROR'], 'error');
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
if ($do == 'change_email') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$email = cmsCore::request('email', 'email', '');
$token = cmsCore::request('token', 'str', '');
// не занят ли email
$is_email = $inDB->get_field('cms_users', "email='{$email}'", 'id');
if ($is_email || !$email || !$token) {
cmsCore::error404();
}
// проверяем токен
$valid_id = $inDB->get_field('cms_users_activate', "code='{$token}' AND user_id = '{$inUser->id}'", 'id');
if (!$valid_id) {
cmsCore::error404();
}
$inDB->delete('cms_users_activate', "id = '{$valid_id}'");
// Сохраняем новый email
$inDB->update('cms_users', array('email' => $email), $inUser->id);
cmsCore::addSessionMessage($_LANG['NEW_EMAIL_SAVED'], 'success');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}
function photos()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
cmsCore::loadClass('photo');
$inPhoto = cmsPhoto::getInstance();
global $_LANG;
$model = new cms_model_photos();
$pagetitle = $inCore->menuTitle();
$root_album_id = $inDB->getNsRootCatId('cms_photo_albums');
$id = cmsCore::request('id', 'int', $root_album_id);
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$inPage->addPathway($inCore->getComponentTitle(), '/photos');
// только авторизованные пользуются js
if ($inUser->id) {
$inPage->addHeadJS('components/photos/js/photos.js');
$inPage->addHeadJsLang(array('NO_PUBLISH', 'EDIT_PHOTO', 'YOU_REALLY_DELETE_PHOTO', 'MOVE_PHOTO'));
}
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
/////////////////////////////// Просмотр альбома ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'view') {
$album = $inDB->getNsCategory('cms_photo_albums', $id, null);
if (!$album && $inCore->menuId() !== 1) {
cmsCore::error404();
}
// Неопубликованные альбомы показываем только админам
if (!$album['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $album);
// если не корневой альбом
if ($album['id'] != $root_album_id) {
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $album['NSLeft'], $album['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $album['title'] . ' - ' . $_LANG['PHOTOGALLERY'];
$inPage->setTitle($album['pagetitle'] ? $album['pagetitle'] : $pagetitle);
} else {
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['PHOTOGALLERY'];
$inPage->setTitle($pagetitle);
$album['title'] = $pagetitle;
}
//Формируем подкатегории альбома
$inDB->orderBy('f.' . $model->config['orderby'], $model->config['orderto']);
$subcats = $inPhoto->getAlbums($album['id']);
// Сортировка фотографий
$orderby = cmsCore::getSearchVar('orderby', $album['orderby']);
$orderto = cmsCore::getSearchVar('orderto', $album['orderto']);
if (!in_array($orderby, array('title', 'pubdate', 'rating', 'hits'))) {
$orderby = $album['orderby'];
}
if (!in_array($orderto, array('desc', 'asc'))) {
$orderto = $album['orderto'];
}
// Устанавливаем альбом
$inPhoto->whereAlbumIs($album['id']);
// Общее количество фото по заданным выше условиям
$total = $inPhoto->getPhotosCount($inUser->is_admin);
//устанавливаем сортировку
$inDB->orderBy('f.' . $orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во фото на странице
$inDB->limitPage($page, $album['perpage']);
$photos = $inPhoto->getPhotos($inUser->is_admin, $album['showdate']);
if (!$photos && $page > 1) {
cmsCore::error404();
}
if ($album['id'] != $root_album_id) {
// meta description
if ($album['meta_desc']) {
$meta_desc = $album['meta_desc'];
} elseif (mb_strlen(strip_tags($album['description'])) >= 250) {
$meta_desc = crop($album['description']);
} else {
$meta_desc = $album['title'];
}
$inPage->setDescription($meta_desc);
// meta keywords
if ($album['meta_keys']) {
$meta_keys = $album['meta_keys'];
} elseif ($photos) {
foreach ($photos as $p) {
$k[] = $p['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $album['title'];
}
$inPage->setKeywords($meta_keys);
}
cmsPage::initTemplate('components', 'com_photos_view')->assign('root_album_id', $root_album_id)->assign('cfg', $model->config)->assign('album', $album)->assign('can_add_photo', $album['public'] && $inUser->id || $inUser->is_admin)->assign('subcats', $subcats)->assign('photos', $photos)->assign('pagebar', cmsPage::getPagebar($total, $page, $album['perpage'], '/photos/' . $album['id'] . '-%page%'))->assign('total', $total)->assign('orderby', $orderby)->assign('orderto', $orderto)->display('com_photos_view.tpl');
// если есть фотограйии в альбоме и включены комментарии в альбоме, то показываем их
if ($album['is_comments'] && $photos && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('palbum', $album['id']);
}
}
/////////////////////////////// VIEW PHOTO ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'viewphoto') {
// получаем фото
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::error404();
}
// Если фото клуба редиректим на новый алрес
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::redirect('/clubs/photo' . $photo['id'] . '.html', '301');
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
// неопубликованное фото видно админам и автору
if (!$photo['published'] && !$inUser->is_admin && !$is_author) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $photo['NSLeft'], $photo['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
$inPage->addPathway($photo['title']);
$inPage->setTitle($photo['pagetitle'] ? $photo['pagetitle'] : $photo['title']);
$inPage->setKeywords($photo['meta_keys'] ? $photo['meta_keys'] : $photo['title']);
if (!$photo['meta_desc']) {
if ($photo['description']) {
$inPage->setDescription(crop($photo['description']));
} else {
$inPage->setDescription($photo['title']);
}
} else {
$inPage->setDescription($photo['meta_desc']);
}
// Обновляем количество просмотров фотографии
if (!$is_author) {
$inDB->setFlag('cms_photo_files', $photo['id'], 'hits', $photo['hits'] + 1);
}
//навигация
if ($photo['album_nav']) {
$nextid = $inDB->get_fields('cms_photo_files', 'id<' . $photo['id'] . ' AND album_id = ' . $photo['album_id'] . ' AND published=1', 'id, file', 'id DESC');
$previd = $inDB->get_fields('cms_photo_files', 'id>' . $photo['id'] . ' AND album_id = ' . $photo['album_id'] . ' AND published=1', 'id, file', 'id ASC');
} else {
$previd = false;
$nextid = false;
}
$photo['karma_buttons'] = cmsKarmaButtons('photo', $photo['id'], $photo['rating'], $is_author);
$photo['genderlink'] = cmsUser::getGenderLink($photo['user_id'], $photo['nickname'], $photo['gender'], $photo['login']);
cmsPage::initTemplate('components', 'com_photos_view_photo')->assign('photo', $photo)->assign('bbcode', '[IMG]' . HOST . '/images/photos/medium/' . $photo['file'] . '[/IMG]')->assign('previd', $previd)->assign('nextid', $nextid)->assign('cfg', $model->config)->assign('is_author', $is_author)->assign('is_admin', $inUser->is_admin)->assign('tagbar', $photo['a_tags'] ? cmsTagBar('photo', $photo['id']) : '')->display('com_photos_view_photo.tpl');
//выводим комментарии, если они разрешены и фото опубликовано
if ($photo['comments'] && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('photo', $photo['id'], array(), $is_author);
}
}
/////////////////////////////// PHOTO UPLOAD ////////////////////////////////////////////////////////////////////////////////
if ($do == 'addphoto') {
// Неавторизованных просим авторизоваться
if (!$inUser->id) {
cmsUser::goToLogin();
}
$do_photo = cmsCore::request('do_photo', 'str', 'addphoto');
// получаем альбом
$album = $inDB->getNsCategory('cms_photo_albums', $id);
if (!$album) {
cmsCore::error404();
}
if (!$album['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $album);
// права доступа
// загружаем только в разрешенные альбомы
if (!$album['public'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Смотрим ограничения загрузки в сутки
$today_uploaded = $album['uplimit'] ? $model->loadedByUser24h($inUser->id, $album['id']) : 0;
if (!$inUser->is_admin && $album['uplimit'] && $today_uploaded >= $album['uplimit']) {
cmsCore::addSessionMessage('<strong>' . $_LANG['MAX_UPLOAD_IN_DAY'] . '</strong> ' . $_LANG['CAN_UPLOAD_TOMORROW'], 'error');
cmsCore::redirectBack();
}
// глубиномер
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $album['NSLeft'], $album['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
include 'components/photos/add_photo.php';
}
/////////////////////////////// PHOTO EDIT ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'editphoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
// получаем фото
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
if (!$inUser->is_admin && !$is_author) {
cmsCore::halt();
}
if (cmsCore::inRequest('edit_photo')) {
$mod['title'] = cmsCore::request('title', 'str', '');
$mod['title'] = $mod['title'] ? $mod['title'] : $photo['title'];
$mod['description'] = cmsCore::request('description', 'str', '');
$mod['tags'] = cmsCore::request('tags', 'str', '');
$mod['comments'] = $inUser->is_admin ? cmsCore::request('comments', 'int') : $photo['comments'];
if ($model->config['seo_user_access'] || $inUser->is_admin) {
$mod['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$mod['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$mod['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
$file = $model->initUploadClass($inDB->getNsCategory('cms_photo_albums', $photo['album_id']))->uploadPhoto($photo['file']);
$mod['file'] = $file['filename'] ? $file['filename'] : $photo['file'];
$inPhoto->updatePhoto($mod, $photo['id']);
$description = '<a href="/photos/photo' . $photo['id'] . '.html" class="act_photo"><img src="/images/photos/small/' . $mod['file'] . '" alt="' . htmlspecialchars(stripslashes($mod['title'])) . '" /></a>';
cmsActions::updateLog('add_photo', array('object' => $mod['title'], 'description' => $description), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_SAVED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/photo' . $photo['id'] . '.html'));
} else {
$photo['tags'] = cmsTagLine('photo', $photo['id'], false);
cmsPage::initTemplate('components', 'com_photos_edit')->assign('photo', $photo)->assign('form_action', '/photos/editphoto' . $photo['id'] . '.html')->assign('no_tags', false)->assign('is_admin', $inUser->is_admin)->assign('cfg', $model->config)->display('com_photos_edit.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
}
/////////////////////////////// PHOTO MOVE /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'movephoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
if (!$inUser->is_admin) {
cmsCore::halt();
}
if (!cmsCore::inRequest('move_photo')) {
cmsPage::initTemplate('components', 'com_photos_move')->assign('form_action', '/photos/movephoto' . $photo['id'] . '.html')->assign('html', $inPhoto->getAlbumsOption('', $photo['album_id']))->display('com_photos_move.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int')));
if (!$album) {
cmsCore::halt();
}
if (!$album['public'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Смотрим ограничения загрузки в сутки
$today_uploaded = $album['uplimit'] ? $model->loadedByUser24h($inUser->id, $album['id']) : 0;
if (!$inUser->is_admin && $album['uplimit'] && $today_uploaded >= $album['uplimit']) {
cmsCore::jsonOutput(array('error' => true, 'text' => '<strong>' . $_LANG['MAX_UPLOAD_IN_DAY'] . '</strong> ' . $_LANG['CAN_UPLOAD_TOMORROW']));
}
$inDB->query("UPDATE cms_photo_files SET album_id = '{$album['id']}' WHERE id = '{$photo['id']}'");
cmsActions::updateLog('add_photo', array('target' => $album['title'], 'target_url' => '/photos/' . $album['id'], 'target_id' => $album['id']), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_MOVED'], 'info');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $album['id']));
}
}
/////////////////////////////// PHOTO DELETE /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'delphoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
if (!$inUser->is_admin && !$is_author) {
cmsCore::halt();
}
$inPhoto->deletePhoto($photo, $model->initUploadClass($inDB->getNsCategory('cms_photo_albums', $photo['album_id'])));
cmsCore::addSessionMessage($_LANG['PHOTO_DELETED'], 'success');
cmsUser::clearCsrfToken();
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $photo['album_id']));
}
/////////////////////////////// PHOTO PUBLISH /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'publish_photo') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (!$inUser->is_admin) {
cmsCore::halt();
}
$inPhoto->publishPhoto($photo['id']);
cmsCore::callEvent('ADD_PHOTO_DONE', $photo);
$description = '<a href="/photos/photo' . $photo['id'] . '.html" class="act_photo"><img src="/images/photos/small/' . $photo['file'] . '" alt="' . htmlspecialchars(stripslashes($photo['title'])) . '" /></a>';
cmsActions::log('add_photo', array('object' => $photo['title'], 'object_url' => '/photos/photo' . $photo['id'] . '.html', 'object_id' => $photo['id'], 'user_id' => $photo['user_id'], 'target' => $photo['cat_title'], 'target_id' => $photo['album_id'], 'target_url' => '/photos/' . $photo['album_id'], 'description' => $description));
cmsCore::halt('ok');
}
/////////////////////////////// VIEW LATEST/BEST PHOTOS //////////////////////////////////////////////////////////////////////////////
if (in_array($do, array('latest', 'best'))) {
if ($do == 'latest') {
$inDB->orderBy('f.pubdate', 'DESC');
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['NEW_PHOTO_IN_GALLERY'];
} else {
$inDB->orderBy('f.rating', 'DESC');
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['BEST_PHOTOS'];
}
$inDB->limit($model->config['best_latest_perpage']);
// выбираем категории фото
$inDB->addJoin("INNER JOIN cms_photo_albums a ON a.id = f.album_id AND a.published = 1 AND a.NSDiffer = ''");
$inDB->addSelect('a.title as cat_title');
$photos = $inPhoto->getPhotos(false, 'with_comments');
if (!$photos) {
cmsCore::error404();
}
$inPage->addPathway($pagetitle);
$inPage->setTitle($pagetitle);
cmsPage::initTemplate('components', 'com_photos_bl')->assign('maxcols', $model->config['best_latest_maxcols'])->assign('pagetitle', $pagetitle)->assign('photos', $photos)->display('com_photos_bl.tpl');
}
/////////////////////////////// /////////////////////////////// ////////////////
}
function forum()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_forum();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
cmsCore::loadClass('billing');
}
global $_LANG;
$pagetitle = $inCore->getComponentTitle();
$inPage->addPathway($pagetitle, '/forum');
$inPage->setTitle($pagetitle);
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
$id = cmsCore::request('id', 'int', 0);
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$inPage->addHeadJS('components/forum/js/common.js');
$inPage->addHeadJsLang(array('CONFIRM_DELETE_POLL', 'CONFIRM_DEL_POST', 'CONFIRM_DEL_THREAD', 'MOVE_THREAD', 'MOVE_POST', 'RENAME_THREAD', 'CONFIRM_DELETE_FILE', 'SELECT_NEW_FILE_UPLOAD', 'SELECT_TEXT_QUOTE', 'CONFIRM_DELETE_ALL_USER_POSTS'));
//============================================================================//
//=============================== Список Форумов ============================//
//============================================================================//
if ($do == 'view') {
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . $_LANG['FORUMS'] . '" href="' . HOST . '/rss/forum/all/feed.rss">');
$forums = $model->getForums();
cmsPage::initTemplate('components', 'com_forum_list')->assign('pagetitle', $pagetitle)->assign('forums', $forums)->assign('forum', array())->assign('user_id', $inUser->id)->assign('cfg', $model->config)->display('com_forum_list.tpl');
}
//============================================================================//
//================ Список тем форума + список подфорумов ====================//
//============================================================================//
if ($do == 'forum') {
$forum = $model->getForum($id);
if (!$forum) {
cmsCore::error404();
}
$forum = translations::process(cmsConfig::getConfig('lang'), 'forum_forums', $forum);
$moderators = $model->getForumModerators($forum['moder_list']);
// опции просмотра
$order_by = cmsCore::getSearchVar('order_by', 'pubdate');
$order_to = cmsCore::getSearchVar('order_to', 'desc');
if (!in_array($order_by, array('pubdate', 'title', 'post_count', 'hits'))) {
$order_by = 'pubdate';
}
if (!in_array($order_to, array('asc', 'desc'))) {
$order_to = 'desc';
}
$daysprune = (int) cmsCore::getSearchVar('daysprune');
if (!cmsCore::checkContentAccess($forum['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars($forum['title']) . '" href="' . HOST . '/rss/forum/' . $forum['id'] . '/feed.rss">');
$inPage->setTitle($forum['pagetitle'] ? $forum['pagetitle'] : $forum['title']);
$inPage->setDescription($forum['meta_desc'] ? $forum['meta_desc'] : crop($forum['description'] ? $forum['description'] : $forum['title']));
$inPage->setKeywords($forum['meta_keys'] ? $forum['meta_keys'] : $forum['title']);
// Получаем дерево форумов
$path_list = $inDB->getNsCategoryPath('cms_forums', $forum['NSLeft'], $forum['NSRight'], 'id, title, access_list, moder_list');
// Строим глубиномер
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'forum_forums', $path_list);
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
}
// Получим подфорумы
$model->whereNestedForum($forum['NSLeft'], $forum['NSRight']);
$sub_forums = $model->getForums();
cmsPage::initTemplate('components', 'com_forum_list')->assign('pagetitle', $forum['title'])->assign('forums', $sub_forums)->assign('forum', $forum)->assign('cfg', $model->config)->assign('user_id', $inUser->id)->display('com_forum_list.tpl');
// Получим темы
if ($daysprune) {
$model->whereDayIntervalIs($daysprune);
}
$model->whereForumIs($forum['id']);
$inDB->orderBy('t.pinned', 'DESC, t.' . $order_by . ' ' . $order_to);
$inDB->limitPage($page, $model->config['pp_forum']);
$threads = $model->getThreads();
if (!$threads && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_forum_view')->assign('threads', $threads)->assign('show_panel', true)->assign('order_by', $order_by)->assign('order_to', $order_to)->assign('daysprune', $daysprune)->assign('moderators', $moderators)->assign('pagination', cmsPage::getPagebar($forum['thread_count'], $page, $model->config['pp_forum'], '/forum/' . $forum['id'] . '-%page%'))->display('com_forum_view.tpl');
}
//============================================================================//
//======================== Просмотр темы форума =============================//
//============================================================================//
if ($do == 'thread') {
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::error404();
}
// Строим глубиномер
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'forum_forums', $path_list);
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
// Для последнего форума проверяем
// не модератор ли текущий пользователь
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$inPage->addPathway($thread['title'], '/forum/thread' . $thread['id'] . '.html');
if (!$thread['is_mythread']) {
$inDB->setFlag('cms_forum_threads', $thread['id'], 'hits', $thread['hits'] + 1);
}
// получаем посты
$model->whereThreadIs($thread['id']);
$inDB->orderBy('p.pinned', 'DESC, p.pubdate ASC');
$inDB->limitPage($page, $model->config['pp_thread']);
$posts = $model->getPosts();
if (!$posts) {
cmsCore::error404();
}
// SEO
$inPage->setTitle($thread['title']);
// meta description
if (!$thread['description']) {
$first_post = current($posts);
$first_post_content = strip_tags($first_post['content_html']);
if (mb_strlen($first_post_content) >= 100) {
$inPage->setDescription(crop($first_post_content));
} else {
$inPage->setDescription($thread['title']);
}
} else {
$inPage->setDescription(crop($thread['description']));
}
// meta keywords
$all_post_content = '';
foreach ($posts as $p) {
$all_post_content .= ' ' . strip_tags($p['content_html']);
}
$meta_keys = cmsCore::getKeywords($all_post_content);
$inPage->setKeywords($meta_keys ? $meta_keys : $thread['title']);
cmsCore::initAutoGrowText('#message');
cmsPage::initTemplate('components', 'com_forum_view_thread')->assign('forum', $pcat)->assign('forums', $model->getForums())->assign('is_subscribed', cmsUser::isSubscribed($inUser->id, 'forum', $thread['id']))->assign('thread', $thread)->assign('prev_thread', $inDB->get_fields('cms_forum_threads', "id < '{$thread['id']}' AND forum_id = '{$thread['forum_id']}'", 'id, title', 'id DESC'))->assign('next_thread', $inDB->get_fields('cms_forum_threads', "id > '{$thread['id']}' AND forum_id = '{$thread['forum_id']}'", 'id, title', 'id ASC'))->assign('posts', $posts)->assign('thread_poll', $model->getThreadPoll($thread['id']))->assign('page', $page)->assign('num', ($page - 1) * $model->config['pp_thread'] + 1)->assign('lastpage', ceil($thread['post_count'] / $model->config['pp_thread']))->assign('pagebar', cmsPage::getPagebar($thread['post_count'], $page, $model->config['pp_thread'], '/forum/thread' . $thread['id'] . '-%page%.html'))->assign('user_id', $inUser->id)->assign('do', $do)->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->assign('is_can_add_post', cmsUser::isUserCan('forum/add_post'))->assign('cfg', $model->config)->assign('bb_toolbar', $inUser->id && $model->config['fast_on'] && $model->config['fast_bb'] ? cmsPage::getBBCodeToolbar('message', $model->config['img_on']) : '')->assign('smilies', $inUser->id && $model->config['fast_on'] && $model->config['fast_bb'] ? cmsPage::getSmilesPanel('message') : '')->display('com_forum_view_thread.tpl');
}
//============================================================================//
//================ Новая тема, написать/редактировать пост ===================//
//============================================================================//
if (in_array($do, array('newthread', 'newpost', 'editpost'))) {
if (!$inUser->id) {
cmsUser::goToLogin();
}
// id первого поста в теме
$first_post_id = false;
// опросов по умолчанию нет
$thread_poll = array();
// применяется при редактировании поста
$is_allow_attach = true;
// ограничение по карме
if (in_array($do, array('newthread', 'newpost'))) {
if ($inUser->karma < $model->config['min_karma_add'] && !$inUser->is_admin) {
cmsCore::addSessionMessage(sprintf($_LANG['ADD_KARMA_LIMIT'], cmsCore::spellCount($model->config['min_karma_add'], $_LANG['KPOINT1'], $_LANG['KPOINT2'], $_LANG['KPOINT10']), $inUser->karma), 'error');
cmsCore::redirectBack();
}
}
// новая тема
if ($do == 'newthread') {
// права доступа
if (!cmsUser::isUserCan('forum/add_thread') && !$inUser->is_admin) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$forum = $model->getForum($id);
if (!$forum) {
cmsCore::error404();
}
if (!cmsCore::checkContentAccess($forum['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $forum['NSLeft'], $forum['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
if (IS_BILLING && $forum['topic_cost']) {
cmsBilling::checkBalance('forum', 'add_thread', false, $forum['topic_cost']);
}
$pagetitle = $_LANG['NEW_THREAD'];
$thread = cmsUser::sessionGet('thread');
if ($thread) {
cmsUser::sessionDel('thread');
}
$last_post['content'] = cmsUser::sessionGet('post_content');
if ($last_post['content']) {
cmsUser::sessionDel('post_content');
}
}
// новый пост
if ($do == 'newpost') {
// права доступа
if (!cmsUser::isUserCan('forum/add_post') && !$inUser->is_admin) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$thread = $model->getThread($id);
if (!$thread || $thread['closed']) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$inPage->addPathway($thread['title'], '/forum/thread' . $thread['id'] . '.html');
$pagetitle = $_LANG['NEW_POST'];
$last_post = $model->getPost(cmsCore::request('replyid', 'int', 0));
if ($last_post) {
$last_post['content'] = preg_replace('/\\[hide(.*?)\\](.*?)\\[\\/hide\\]/sui', '', $last_post['content']);
$last_post['content'] = preg_replace('/\\[hide(.*?)\\](.*?)$/sui', '', $last_post['content']);
$quote_nickname = $inDB->get_field('cms_users', "id = '{$last_post['user_id']}'", 'nickname');
$last_post['content'] = '[quote=' . $quote_nickname . ']' . "\r\n" . $last_post['content'] . "\r\n" . '[/quote]' . "\r\n\r\n";
$pagetitle = $_LANG['REPLY_FULL_QUOTE'];
}
}
// редактирование поста
if ($do == 'editpost') {
$last_post = $model->getPost($id);
if (!$last_post) {
cmsCore::error404();
}
$is_allow_attach = $last_post['attach_count'] < $model->config['fa_max'];
// уменьшаем значение настроек согласно загруженных файлов
$model->config['fa_max'] = $model->config['fa_max'] - $last_post['attach_count'];
$thread = $model->getThread($last_post['thread_id']);
if (!$thread || $thread['closed']) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$inPage->addPathway($thread['title'], '/forum/thread' . $thread['id'] . '.html');
$end_min = $model->checkEditTime($last_post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $last_post['user_id'] == $inUser->id;
// редактировать могут только администраторы, модераторы или авторы, если время есть
if (!$inUser->is_admin && !$is_forum_moder && !$is_author_can_edit) {
cmsCore::error404();
}
if (!$inUser->is_admin && !$is_forum_moder && $model->config['edit_minutes']) {
$msg_minute = str_replace('{min}', cmsCore::spellCount($end_min, $_LANG['MINUTE1'], $_LANG['MINUTE2'], $_LANG['MINUTE10']), $_LANG['EDIT_INFO']);
cmsCore::addSessionMessage($msg_minute, 'info');
}
$first_post_id = $inDB->get_field('cms_forum_posts', "thread_id = '{$thread['id']}' ORDER BY pubdate ASC", 'id');
$thread_poll = $model->getThreadPoll($thread['id']);
$pagetitle = $_LANG['EDIT_POST'];
}
/////////////////////////
/// Показываем форму ///
/////////////////////////
if (!cmsCore::inRequest('gosend')) {
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$inPage->addHeadJsLang(array('FILE_SELECTED', 'FILE_DENIED', 'FILE_DUPLICATE'));
cmsCore::initAutoGrowText('#message');
cmsPage::initTemplate('components', 'com_forum_add')->assign('pagetitle', $pagetitle)->assign('is_first_post', isset($last_post['id']) ? $first_post_id == $last_post['id'] : true)->assign('thread_poll', $thread_poll)->assign('cfg', $model->config)->assign('do', $do)->assign('forum', isset($forum) ? $forum : $pcat)->assign('is_subscribed', cmsUser::isSubscribed($inUser->id, 'forum', @$thread['id']))->assign('thread', $thread)->assign('post_content', htmlspecialchars($last_post['content']))->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->assign('is_allow_attach', cmsCore::checkContentAccess($model->config['group_access']) && $is_allow_attach)->assign('bb_toolbar', cmsPage::getBBCodeToolbar('message', $model->config['img_on'], 'forum', 'post', @$last_post['id']))->assign('smilies', cmsPage::getSmilesPanel('message'))->display('com_forum_add.tpl');
} else {
/////////////////////////
// Выполняем действия ///
/////////////////////////
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$message_bb = $inDB->escape_string(cmsCore::request('message', 'html', ''));
$message_html = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true));
if (!$message_html) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_POST'], 'error');
cmsCore::redirectBack();
}
$message_post = strip_tags($message_html);
$message_post = mb_strlen($message_post) > 200 ? mb_substr($message_post, 0, 200) : $message_post;
$post_pinned = 0;
if (in_array($do, array('newthread', 'newpost'))) {
if ($do == 'newthread') {
$thread['title'] = cmsCore::request('title', 'str', '');
$thread['description'] = cmsCore::request('description', 'str', '');
$post_pinned = 1;
if (!$thread['title']) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE_THREAD_YOUR_POST'], 'error');
cmsUser::sessionPut('thread', $thread);
cmsUser::sessionPut('post_content', stripcslashes($message_bb));
cmsCore::redirectBack();
}
$thread['is_hidden'] = cmsCore::yamlToArray($forum['access_list']) ? 1 : 0;
$thread['forum_id'] = $forum['id'];
$thread['user_id'] = $inUser->id;
$thread['pubdate'] = date("Y-m-d H:i:s");
$thread['hits'] = 0;
$thread['id'] = $model->addThread($thread);
$thread['NSLeft'] = $forum['NSLeft'];
$thread['NSRight'] = $forum['NSRight'];
$thread['post_count'] = 0;
if (IS_BILLING && $forum['topic_cost']) {
cmsBilling::process('forum', 'add_thread', $forum['topic_cost']);
}
}
$post_id = $model->addPost(array('thread_id' => $thread['id'], 'user_id' => $inUser->id, 'pinned' => $post_pinned, 'content' => $message_bb, 'content_html' => $message_html, 'pubdate' => date("Y-m-d H:i:s"), 'editdate' => date("Y-m-d H:i:s")));
// Обновляем количество постов в теме
$thread_post_count = $model->updateThreadPostCount($thread['id']);
// Закрываем тему если нужно
$is_fixed = cmsCore::request('fixed', 'int', 0);
if ($is_fixed && ($is_forum_moder || $inUser->is_admin || $thread['is_mythread'])) {
$model->closeThread($thread['id']);
}
// Загружаем аттачи
if ($model->config['fa_on'] && cmsCore::checkContentAccess($model->config['group_access'])) {
$file_error = $model->addUpdatePostAttachments($post_id);
if ($file_error === false) {
cmsCore::addSessionMessage($_LANG['CHECK_SIZE_TYPE_FILE'] . $model->config['fa_max'], 'error');
}
}
// Обновляем кеши
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
$total_pages = ceil($thread_post_count / $model->config['pp_thread']);
// Проверяем награды
cmsUser::checkAwards($inUser->id);
// Рассылаем уведомления тем, кто подписан
if ($do == 'newpost') {
cmsUser::sendUpdateNotify('forum', $thread['id'], array('link' => '/forum/thread' . $thread['id'] . '-' . $total_pages . '.html#' . $post_id, 'title' => stripslashes($thread['title']), 'letter_file' => 'newforumpost', 'author' => $inUser->nickname));
}
// Подписываемся сами если нужно
if (cmsCore::inRequest('subscribe')) {
cmsUser::subscribe($inUser->id, 'forum', $thread['id']);
}
// Если пост не в скрытый форум и не в объедненный с предыдущим, добавляем в ленту
if (!$thread['is_hidden'] && $thread_post_count > $thread['post_count']) {
if ($do == 'newthread') {
cmsActions::log('add_thread', array('object' => $thread['title'], 'object_url' => '/forum/thread' . $thread['id'] . '-1.html', 'object_id' => $thread['id'], 'target' => $forum['title'], 'target_url' => '/forum/' . $forum['id'], 'target_id' => $forum['id'], 'description' => $message_post));
} else {
cmsActions::log('add_fpost', array('object' => $_LANG['MESSAGE'], 'object_url' => '/forum/thread' . $thread['id'] . '-' . $total_pages . '.html#' . $post_id, 'object_id' => $post_id, 'target' => $thread['title'], 'target_url' => '/forum/thread' . $thread['id'] . '.html', 'target_id' => $thread['id'], 'description' => $message_post));
}
}
// Для новой темы прикрепляем опрос если нужно
if ($do == 'newthread') {
$model->addPoll(cmsCore::request('poll', 'array', array()), $thread['id']);
$last_poll_error = $model->getLastAddPollError();
if ($last_poll_error) {
cmsCore::addSessionMessage($last_poll_error, 'error');
cmsCore::redirect('/forum/editpost' . $post_id . '-1.html');
}
}
cmsCore::redirect('/forum/thread' . $thread['id'] . '-' . $total_pages . '.html#' . $post_id);
} elseif ($do == 'editpost') {
$model->updatePost(array('content' => $message_bb, 'content_html' => $message_html, 'edittimes' => $last_post['edittimes'] + 1, 'editdate' => date("Y-m-d H:i:s")), $last_post['id']);
if ($model->config['fa_on'] && cmsCore::checkContentAccess($model->config['group_access'])) {
$file_error = $model->addUpdatePostAttachments($last_post['id']);
if ($file_error === false) {
cmsCore::addSessionMessage($_LANG['CHECK_SIZE_TYPE_FILE'] . $model->config['fa_max'], 'error');
}
}
if ($first_post_id == $last_post['id']) {
cmsActions::updateLog('add_thread', array('description' => $message_post), $thread['id']);
if ($thread_poll) {
$model->updatePoll(cmsCore::request('poll', 'array', array()), $thread_poll);
} else {
$model->addPoll(cmsCore::request('poll', 'array', array()), $thread['id']);
}
$last_poll_error = $model->getLastAddPollError();
if ($last_poll_error) {
cmsUser::sessionPut('thread', $thread);
cmsUser::sessionPut('post_content', stripcslashes($message_bb));
cmsCore::addSessionMessage($last_poll_error, 'error');
cmsCore::redirectBack();
}
} else {
cmsActions::updateLog('add_fpost', array('description' => $message_post), $last_post['id']);
}
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
cmsCore::redirect('/forum/thread' . $thread['id'] . '-' . $page . '.html#' . $last_post['id']);
}
}
}
///////////////////////////// DELETE POST /////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'deletepost') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if (!$inUser->id) {
cmsCore::error404();
}
$post = $model->getPost($id);
if (!$post) {
cmsCore::error404();
}
$thread = $model->getThread($post['thread_id']);
if (!$thread) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list, NSLeft, NSRight');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::error404();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$end_min = $model->checkEditTime($post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $post['user_id'] == $inUser->id;
if (!$inUser->is_admin && !($is_forum_moder && !cmsUser::userIsAdmin($post['user_id'])) && !$is_author_can_edit) {
cmsCore::error404();
}
$model->deletePost($post['id']);
$model->updateThreadPostCount($post['thread_id']);
$model->cacheThreadLastPost($post['thread_id']);
if ($path_list) {
$path_list = array_reverse($path_list);
foreach ($path_list as $pcat) {
$model->updateForumCache($pcat['NSLeft'], $pcat['NSRight']);
}
}
cmsCore::addSessionMessage($_LANG['MSG_IS_DELETED'], 'info');
$total_pages = ceil(($thread['post_count'] - 1) / $model->config['pp_thread']);
if ($page > $total_pages) {
$page = $total_pages;
}
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/forum/thread' . $thread['id'] . '-' . $page . '.html'));
}
//============================================================================//
//========================== Операции с темами ===============================//
//============================================================================//
if (in_array($do, array('movethread', 'renamethread', 'deletethread', 'close', 'pin', 'pin_post', 'move_post'))) {
if (!$inUser->id) {
cmsCore::error404();
}
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::halt();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list, NSLeft, NSRight');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
//======================= Перемещение темы ===============================//
if ($do == 'movethread') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gomove')) {
cmsPage::initTemplate('components', 'com_forum_move_thread')->assign('thread', $thread)->assign('forums', $model->getForums())->display('com_forum_move_thread.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$new_forum = $model->getForum(cmsCore::request('forum_id', 'int', 0));
if (!$new_forum) {
cmsCore::error404();
}
$is_hidden = 0;
$path_list = $inDB->getNsCategoryPath('cms_forums', $new_forum['NSLeft'], $new_forum['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
if (cmsCore::yamlToArray($pcat['access_list'])) {
$is_hidden = 1;
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
if (!$is_forum_moder && !$inUser->is_admin) {
cmsCore::addSessionMessage($_LANG['YOU_NO_THIS_FORUM_MODER'], 'error');
cmsCore::redirect('/forum/thread' . $thread['id'] . '.html');
}
$inDB->query("UPDATE cms_forum_threads SET forum_id = '{$new_forum['id']}', is_hidden = '{$is_hidden}' WHERE id = '{$thread['id']}'");
cmsActions::updateLog('add_thread', array('target' => $new_forum['title'], 'target_url' => '/forum/' . $new_forum['id'], 'target_id' => $new_forum['id']), $thread['id']);
// Обновляем кешированные значения
// для старого форума
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
// для нового форума
$model->updateForumCache($new_forum['NSLeft'], $new_forum['NSRight'], true);
cmsCore::addSessionMessage($_LANG['THREAD_IS_MOVE'] . '"' . $new_forum['title'] . '"', 'success');
cmsCore::redirect('/forum/thread' . $thread['id'] . '.html');
}
}
//===================== Переименование темы ==============================//
if ($do == 'renamethread') {
if (!$inUser->is_admin && !$is_forum_moder && !$thread['is_mythread']) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gorename')) {
cmsPage::initTemplate('components', 'com_forum_rename_thread')->assign('thread', $thread)->display('com_forum_rename_thread.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$new_thread['title'] = cmsCore::request('title', 'str', $thread['title']);
$new_thread['description'] = cmsCore::request('description', 'str', '');
$model->updateThread($new_thread, $thread['id']);
cmsActions::updateLog('add_fpost', array('target' => $new_thread['title']), 0, $thread['id']);
cmsActions::updateLog('add_thread', array('object' => $new_thread['title']), $thread['id']);
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
cmsCore::jsonOutput(array('error' => false, 'title' => stripslashes($new_thread['title']), 'description' => stripslashes($new_thread['description'])));
}
}
//======================= Удаление темы ==================================//
if ($do == 'deletethread') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if (!$inUser->is_admin && !($is_forum_moder && !cmsUser::userIsAdmin($thread['user_id'])) && !$thread['is_mythread']) {
cmsCore::halt();
}
$model->deleteThread($thread['id']);
// Обновляем кешированные значения
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/forum/' . $thread['forum_id']));
}
//=============== Прикрепление/открепление темы ==========================//
if ($do == 'pin') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
$pinned = cmsCore::request('pinned', 'int', 0);
$inDB->query("UPDATE cms_forum_threads SET pinned = '{$pinned}' WHERE id = '{$thread['id']}'");
cmsCore::halt($pinned);
}
//========== Прикрепление/открепление сообщения темы =====================//
if ($do == 'pin_post') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
$pinned = cmsCore::request('pinned', 'int', 0);
$post_id = cmsCore::request('post_id', 'int', 0);
// Проверяем, принадлежит ли сообщение теме
if (!$model->isBelongsToPostTopic($post_id, $thread['id'])) {
cmsCore::halt();
}
$inDB->query("UPDATE cms_forum_posts SET pinned = '{$pinned}' WHERE id = '{$post_id}' AND thread_id = '{$thread['id']}'");
// Ниже строки для тех, кто обновлялся с 1.9, если чистая установка, их можно удалить
// Ставим принудительно для первого поста темы флаг pinned
if ($pinned) {
$first_post_id = $inDB->get_field('cms_forum_posts', "thread_id = '{$thread['id']}' ORDER BY pubdate ASC", 'id');
$inDB->query("UPDATE cms_forum_posts SET pinned = 1 WHERE id = '{$first_post_id}' AND thread_id = '{$thread['id']}'");
}
cmsCore::redirect('/forum/thread' . $thread['id'] . '-1.html#' . $post_id);
}
//=========================== Перенос сообщения темы =====================//
if ($do == 'move_post') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
$post_id = cmsCore::request('post_id', 'int', 0);
// Проверяем, принадлежит ли сообщение теме
if (!$model->isBelongsToPostTopic($post_id, $thread['id'])) {
cmsCore::halt();
}
cmsCore::callEvent('MOVE_FORUM_POST', array('thread' => $thread, 'post_id' => $post_id));
if (!cmsCore::inRequest('gomove')) {
cmsPage::initTemplate('components', 'com_forum_move_post')->assign('thread', $thread)->assign('post_id', $post_id)->assign('threads', cmsCore::getListItems('cms_forum_threads', $thread['id'], 'title', 'ASC', "forum_id = '{$thread['forum_id']}'"))->display('com_forum_move_post.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$new_thread = $model->getThread(cmsCore::request('new_thread_id', 'int', 0));
if (!$new_thread) {
cmsCore::error404();
}
$n_path_list = $inDB->getNsCategoryPath('cms_forums', $new_thread['NSLeft'], $new_thread['NSRight'], 'id, title, access_list, moder_list, NSLeft, NSRight');
if ($n_path_list) {
foreach ($n_path_list as $n_pcat) {
if (!cmsCore::checkContentAccess($n_pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($n_pcat['moder_list']);
}
if (!$is_forum_moder && !$inUser->is_admin) {
cmsCore::error404();
}
$model->updatePost(array('thread_id' => $new_thread['id'], 'pubdate' => date("Y-m-d H:i:s")), $post_id);
$model->updateThreadPostCount($thread['id']);
$thread_post_count = $model->updateThreadPostCount($new_thread['id']);
$total_pages = ceil($thread_post_count / $model->config['pp_thread']);
cmsActions::updateLog('add_fpost', array('target' => $new_thread['title'], 'target_url' => '/forum/thread' . $new_thread['id'] . '.html', 'target_id' => $new_thread['id'], 'object_url' => '/forum/thread' . $new_thread['id'] . '-' . $total_pages . '.html#' . $post_id, 'pubdate' => date("Y-m-d H:i:s")), $post_id);
$model->cacheThreadLastPost($thread['id']);
if ($path_list) {
$path_list = array_reverse($path_list);
foreach ($path_list as $pcat) {
$model->cacheLastPost($pcat['NSLeft'], $pcat['NSRight']);
}
}
if ($n_path_list) {
$n_path_list = array_reverse($n_path_list);
foreach ($n_path_list as $pcat) {
$model->cacheLastPost($pcat['NSLeft'], $pcat['NSRight']);
}
}
cmsCore::addSessionMessage($_LANG['POST_IS_MOVE'] . '"' . $new_thread['title'] . '"', 'success');
cmsCore::redirect('/forum/thread' . $new_thread['id'] . '-' . $total_pages . '.html#' . $post_id);
}
}
//==================== Открытие/закрытие темы ============================//
if ($do == 'close') {
if (!$inUser->is_admin && !$is_forum_moder && !$thread['is_mythread']) {
cmsCore::halt();
}
$closed = cmsCore::request('closed', 'int', 0);
if ($closed) {
$model->closeThread($thread['id']);
} else {
$model->openThread($thread['id']);
}
cmsCore::halt($closed);
}
cmsCore::halt();
}
//============================================================================//
//========================== Операции с файлами ==============================//
//============================================================================//
if (in_array($do, array('download', 'delfile', 'reloadfile'))) {
if (!$model->config['fa_on']) {
cmsCore::error404();
}
$file = $model->getPostAttachment($id);
if (!$file) {
cmsCore::error404();
}
$post = $model->getPost($file['post_id']);
if (!$post) {
cmsCore::error404();
}
$thread = $model->getThread($post['thread_id']);
if (!$thread) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::error404();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
//================= Скачивание прикрепленного файла ======================//
if ($do == 'download') {
$location = PATH . '/upload/forum/post' . $file['post_id'] . '/' . $file['filename'];
if (!file_exists($location)) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_forum_files SET hits = hits + 1 WHERE id = '{$file['id']}'");
ob_clean();
header('Content-Disposition: attachment; filename=' . htmlspecialchars($file['filename']));
header('Content-Type: application/x-force-download; name="' . htmlspecialchars($file['filename']) . '"');
header('Content-Length: ' . $file['filesize']);
header('Accept-Ranges: bytes');
cmsCore::halt(file_get_contents($location));
}
//=================== Удаление прикрепленного файла ======================//
if ($do == 'delfile') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$end_min = $model->checkEditTime($post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $post['user_id'] == $inUser->id && cmsCore::checkContentAccess($model->config['group_access']);
if (!$inUser->is_admin && !$is_forum_moder && !$is_author_can_edit) {
cmsCore::halt();
}
$model->deletePostAttachment($file);
cmsCore::halt(1);
}
//================== Перезакачка прикрепленного файла ====================//
if ($do == 'reloadfile') {
$end_min = $model->checkEditTime($post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $post['user_id'] == $inUser->id && cmsCore::checkContentAccess($model->config['group_access']);
if (!$inUser->is_admin && !$is_forum_moder && !$is_author_can_edit) {
cmsCore::error404();
}
if (!cmsCore::inRequest('goreload')) {
cmsPage::initTemplate('components', 'com_forum_file_reload')->assign('file', $file)->assign('cfg', $model->config)->display('com_forum_file_reload.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$success = $model->addUpdatePostAttachments($post['id'], $file);
if ($success) {
$post['attached_files'] = $model->getPostAttachments($post['id']);
$post['is_author_can_edit'] = $is_author_can_edit;
cmsPage::initTemplate('components', 'com_forum_attached_files')->assign('post', $post)->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->assign('cfg', $model->config)->display('com_forum_attached_files.tpl');
cmsCore::jsonOutput(array('error' => false, 'post_id' => $post['id'], 'html' => ob_get_clean()));
} else {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CHECK_SIZE_TYPE_FILE'] . $model->config['fa_max']));
}
}
}
cmsCore::halt();
}
//============================================================================//
//========================= Операции с опросами ==============================//
//============================================================================//
if ($do == 'view_poll') {
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::halt();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$thread_poll = $model->getThreadPoll($thread['id']);
if (!$thread_poll) {
cmsCore::halt();
}
if ($inUser->id && $thread_poll['is_user_vote'] && $thread_poll['options']['change'] && cmsCore::request('revote', 'int')) {
$model->deleteVote($thread_poll);
$thread_poll['is_user_vote'] = 0;
$thread_poll['vote_count'] -= 1;
}
if (!$thread_poll['is_user_vote'] && !$thread_poll['options']['result']) {
$thread_poll['show_result'] = cmsCore::request('show_result', 'int');
}
cmsPage::initTemplate('components', 'com_forum_thread_poll')->assign('thread', $thread)->assign('thread_poll', $thread_poll)->assign('user_id', $inUser->id)->assign('do', $thread_poll['show_result'] ? $do : 'thread')->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->display('com_forum_thread_poll.tpl');
cmsCore::halt(ob_get_clean());
}
if ($do == 'delete_poll') {
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::halt();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$thread_poll = $model->getThreadPoll($thread['id']);
if (!$thread_poll) {
cmsCore::halt();
}
if (!$is_forum_moder && !$inUser->is_admin) {
cmsCore::halt();
}
$model->deletePoll($thread_poll['id']);
cmsCore::halt(1);
}
if ($do == 'vote_poll') {
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$answer = cmsCore::request('answer', 'str', '');
$poll = $model->getPollById(cmsCore::request('poll_id', 'int'));
if (!$answer || !$poll) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['SELECT_THE_OPTION']));
}
if ($model->isUserVoted($poll['id'])) {
cmsCore::jsonOutput(array('error' => true, 'text' => ''));
}
$model->votePoll($poll, $answer);
cmsCore::jsonOutput(array('error' => false, 'text' => ''));
}
//============================================================================//
//========================= Последние сообщения ==============================//
//============================================================================//
if ($do == 'latest_posts') {
$inActions = cmsActions::getInstance();
$inPage->setTitle($_LANG['LATEST_POSTS_ON_FORUM']);
$inPage->addPathway($_LANG['FORUMS'], '/forum');
$inPage->addPathway($_LANG['LATEST_POSTS_ON_FORUM']);
$inActions->showTargets(true);
$action = $inActions->getAction('add_fpost');
$inActions->onlySelectedTypes(array($action['id']));
$total = $inActions->getCountActions();
$inDB->limitPage($page, 15);
$actions = $inActions->getActionsLog();
if (!$actions && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_forum_actions')->assign('actions', $actions)->assign('total', $total)->assign('do', $do)->assign('user_id', $inUser->id)->assign('pagetitle', $_LANG['LATEST_POSTS_ON_FORUM'])->assign('pagebar', cmsPage::getPagebar($total, $page, 15, '/forum/latest_posts/page-%page%'))->display('com_forum_actions.tpl');
}
//============================================================================//
//============================= Последние темы ===============================//
//============================================================================//
if ($do == 'latest_thread') {
$inActions = cmsActions::getInstance();
$inPage->setTitle($_LANG['NEW_THREADS_ON_FORUM']);
$inPage->addPathway($_LANG['FORUMS'], '/forum');
$inPage->addPathway($_LANG['NEW_THREADS_ON_FORUM']);
$inActions->showTargets(true);
$action = $inActions->getAction('add_thread');
$inActions->onlySelectedTypes(array($action['id']));
$total = $inActions->getCountActions();
$inDB->limitPage($page, 15);
$actions = $inActions->getActionsLog();
if (!$actions && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_forum_actions')->assign('actions', $actions)->assign('total', $total)->assign('do', $do)->assign('user_id', $inUser->id)->assign('pagetitle', $_LANG['NEW_THREADS_ON_FORUM'])->assign('pagebar', cmsPage::getPagebar($total, $page, 15, '/forum/latest_thread/page-%page%'))->display('com_forum_actions.tpl');
}
//============================================================================//
//========================== Просмотр категории ==============================//
//============================================================================//
if ($do == 'view_cat') {
$cat = $model->getForumCat(cmsCore::request('seolink', 'str', ''));
if (!$cat) {
cmsCore::error404();
}
$cat = translations::process(cmsConfig::getConfig('lang'), 'forum_forum_cats', $cat);
$inPage->setTitle($cat['pagetitle'] ? $cat['pagetitle'] : $cat['title']);
$inPage->setDescription($cat['meta_desc'] ? $cat['meta_desc'] : $cat['title']);
$inPage->setKeywords($cat['meta_keys'] ? $cat['meta_keys'] : $cat['title']);
$inPage->addPathway($cat['title']);
$model->whereForumCatIs($cat['id']);
$sub_forums = $model->getForums();
cmsPage::initTemplate('components', 'com_forum_list')->assign('pagetitle', $cat['title'])->assign('forums', $sub_forums)->assign('forum', array())->assign('cfg', $model->config)->assign('user_id', false)->display('com_forum_list.tpl');
$inDB->addJoin('INNER JOIN cms_forums f ON f.id = t.forum_id');
$inDB->where("t.is_hidden = 0");
$model->whereForumCatIs($cat['id']);
$inDB->orderBy('t.pubdate', 'DESC, t.hits DESC');
$inDB->limit(15);
$threads = $model->getThreads();
cmsPage::initTemplate('components', 'com_forum_view')->assign('threads', $threads)->display('com_forum_view.tpl');
}
//============================================================================//
//===================== Активность пользователя ==============================//
//============================================================================//
if ($do == 'user_activity') {
$login = cmsCore::request('login', 'str', $inUser->login);
$sub_do = cmsCore::request('sub_do', 'str', 'threads');
$user = cmsUser::getShortUserData($login);
if (!$user) {
cmsCore::error404();
}
$my_profile = $inUser->login == $login;
$pagetitle = $my_profile ? $_LANG['MY_ACTIVITY'] : $user['nickname'] . ' - ' . $_LANG['ACTIVITY_ON_FORUM'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$threads = array();
$posts = array();
if (!$my_profile && !$inUser->is_admin) {
$model->wherePublicThreads();
}
$model->whereThreadUserIs($user['id']);
$thread_count = $model->getThreadsCount();
if ($sub_do == 'threads' && $thread_count) {
$inDB->orderBy('t.pubdate', 'DESC, t.hits DESC');
$inDB->limitPage($page, 15);
$threads = $model->getThreads();
$pagination = cmsPage::getPagebar($thread_count, $page, 15, "javascript:forum.getUserActivity('threads','/forum/{$user['login']}_activity.html','%page%');");
}
$inDB->resetConditions();
// Если тем у пользователя нет, показываем вкладку сообщений
if (!$thread_count) {
$sub_do = 'posts';
}
$inDB->addSelect('t.title as thread_title');
$inDB->addJoin('INNER JOIN cms_forum_threads t ON t.id = p.thread_id');
$model->wherePostUserIs($user['id']);
if (!$my_profile && !$inUser->is_admin) {
$model->wherePublicThreads();
}
$post_count = $model->getPostsCount();
// Если сообщений нет, 404
if (!$post_count && !$my_profile) {
cmsCore::error404();
}
if ($sub_do == 'posts' && $post_count) {
$inDB->orderBy('p.thread_id', 'DESC, p.pubdate DESC');
$inDB->limitPage($page, 10);
$posts = $model->getPosts();
$pagination = cmsPage::getPagebar($post_count, $page, 10, "javascript:forum.getUserActivity('posts','/forum/{$user['login']}_activity.html','%page%');");
}
$inDB->resetConditions();
cmsPage::initTemplate('components', 'com_forum_user_activity')->assign('threads', $threads)->assign('posts', $posts)->assign('post_count', $post_count)->assign('thread_count', $thread_count)->assign('pagetitle', $pagetitle)->assign('sub_do', $sub_do)->assign('page', $page)->assign('user_id', $user['id'])->assign('my_profile', $my_profile)->assign('is_admin', $inUser->is_admin)->assign('is_moderator', cmsUser::isUserCan('forum/moderate'))->assign('pagination', $pagination)->assign('link', '/forum/' . $user['login'] . '_activity.html')->display('com_forum_user_activity.tpl');
}
////////////////////////////////////////////////////////////////////////////////
if ($do == 'delete_all_user_posts') {
if (!$inUser->id) {
cmsCore::error404();
}
if (!$inUser->is_admin && !cmsUser::isUserCan('forum/moderate')) {
cmsCore::error404();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$user = cmsUser::getShortUserData(cmsCore::request('user_id', 'int', 0));
if (!$user || $user['id'] == $inUser->id) {
cmsCore::error404();
}
$model->deleteAllUserPosts($user['id']);
cmsCore::addSessionMessage($_LANG['ALL_USERPOSTS_ISDELETED'], 'success');
cmsCore::halt();
}
}
