/**
* Обновляет данные пользователя, если он не забанен
* заполняя ими свойства объекта
* @return bool
*/
public function update()
{
// привязка ip адреса к сессии
if (!$this->checkSpoofingSession()) {
$this->logout();
cmsCore::redirectBack();
}
$user_id = (int) (isset($_SESSION['user']['id']) ? $_SESSION['user']['id'] : 0);
// Свойства для гостя
if (!$user_id) {
self::setUserLogdate();
$guest_info = self::getGuestInfo();
foreach ($guest_info as $key => $value) {
$this->{$key} = $value;
}
} else {
// свойства для авторизованного пользователя
$info = $this->loadUser($user_id);
if (!$info) {
return false;
}
foreach ($info as $key => $value) {
$this->{$key} = $value;
}
$this->new_msg = self::getNewMessages($user_id);
$this->new_msg_count = $this->new_msg['total'];
$this->logdate = self::getUserLogdate();
}
// проверяем бан
$this->checkBan();
return true;
}
function subscribes(){
$inCore = cmsCore::getInstance();
$inUser = cmsUser::getInstance();
$do = $inCore->do;
//========================================================================================================================//
//========================================================================================================================//
if ($do=='view'){
$subscribe = cmsCore::request('subscribe', 'int', 0);
$target = cmsCore::request('target', 'str', '');
$target_id = cmsCore::request('target_id', 'int', 0);
if (!$target_id || !$target){
cmsCore::error404();
}
if ($inUser->id){
cmsUser::subscribe($inUser->id, $target, $target_id, $subscribe);
}
if(cmsCore::isAjax()){
cmsCore::jsonOutput(array('subscribe'=>$subscribe));
} else {
cmsCore::redirectBack();
}
}
}
function applet_cache()
{
$target = cmsCore::request('target', 'str', '');
$target_id = cmsCore::request('id', 'int', 0);
if (!$target || !$target_id) {
cmsCore::error404();
}
cmsCore::deleteCache($target, $target_id);
cmsCore::redirectBack();
}
function applet_templates()
{
global $adminAccess;
global $_LANG;
if (!cmsUser::isAdminCan('admin/config', $adminAccess)) {
cpAccessDenied();
}
$do = cmsCore::request('do', array('config', 'save_config'), 'main');
cmsCore::c('page')->setTitle($_LANG['AD_TEMPLATES_SETTING']);
cpAddPathway($_LANG['AD_TEMPLATES_SETTING'], 'index.php?view=templates');
if ($do == 'main') {
cmsCore::c('page')->initTemplate('applets', 'templates')->assign('templates', cmsCore::getDirsList('/templates'))->display();
}
if ($do == 'config') {
$template = cmsCore::request('template', 'str', '');
cpAddPathway($_LANG['AD_TEMPLATE'] . ': ' . $template, 'index.php?view=templates&do=config&template=' . $template);
if (!file_exists(PATH . '/templates/' . $template) || !file_exists(PATH . '/templates/' . $template . '/config.php')) {
cmsCore::error404();
}
include PATH . '/templates/' . $template . '/config.php';
if (function_exists('get_template_cfg_fields')) {
$tpl_cfgs = get_template_cfg_fields();
if (!empty($tpl_cfgs)) {
$tpl_cfgs_val = cmsCore::getTplCfg($template);
cmsCore::c('page')->initTemplate('applets', 'templates')->assign('template', $template)->assign('form_gen_form', cmsCore::c('form_gen')->generateForm($tpl_cfgs, $tpl_cfgs_val))->display();
} else {
cmsCore::addSessionMessage($_LANG['AD_TEMPLATE_NO_CONFIG'], 'error');
cmsCore::redirectBack();
}
} else {
cmsCore::addSessionMessage($_LANG['AD_TEMPLATE_CFG_ERROR'], 'error');
cmsCore::redirectBack();
}
}
if ($do == 'save_config') {
$template = cmsCore::request('template', 'str', '');
if (!file_exists(PATH . '/templates/' . $template) || !file_exists(PATH . '/templates/' . $template . '/config.php') || !cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
include PATH . '/templates/' . $template . '/config.php';
if (function_exists('get_template_cfg_fields')) {
$tpl_cfgs = get_template_cfg_fields();
if (!empty($tpl_cfgs)) {
$tpl_cfgs = cmsCore::c('form_gen')->requestForm($tpl_cfgs);
cmsCore::saveTplCfg($tpl_cfgs, $template);
cmsCore::addSessionMessage($_LANG['AD_TEMPLATE_CFG_SAVED'], 'success');
cmsCore::redirect('/admin/index.php?view=templates');
} else {
cmsCore::error404();
}
} else {
cmsCore::error404();
}
}
}
function applet_cache() {
$component = cmsCore::request('component', 'str', '');
$target = cmsCore::request('target', 'str', '');
$target_id = cmsCore::request('target_id', 'str', '');
if (empty($component) || empty($target_id)) { cmsCore::error404(); }
cmsCore::c('cache')->remove($component, $target_id, $target);
cmsCore::redirectBack();
}
function applet_clearcache()
{
global $adminAccess;
global $_LANG;
if (!cmsUser::isAdminCan('admin/config', $adminAccess)) {
cpAccessDenied();
}
cmsCore::clearCache();
cmsCore::addSessionMessage($_LANG['AD_CLEAR_CACHE_SUCCESS'], 'success');
cmsCore::redirectBack();
}
function applet_install() {
$inCore = cmsCore::getInstance();
global $_LANG;
cmsCore::c('page')->setTitle($_LANG['AD_SETUP_EXTENSION']);
$do = cmsCore::request('do', 'str', 'list');
global $adminAccess;
//-------------------------------- Модули ----------------------------------
//----------- Список модулей готовых к установке или обновлению ------------
if ($do == 'module') {
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) { cpAccessDenied(); }
cpAddPathway($_LANG['AD_SETUP_MODULES'], 'index.php?view=install&do=module');
$new_modules = $inCore->getNewModules();
$upd_modules = $inCore->getUpdatedModules();
echo '<h3>'. $_LANG['AD_SETUP_MODULES'] .'</h3>';
if (!$new_modules && !$upd_modules) {
echo '<p>'. $_LANG['AD_NO_SEARCH_MODULES'] .'</p>';
echo '<p>'. $_LANG['AD_IF_WANT_SETUP_MODULES'] .'</p>';
echo '<p><a class="btn btn-default" href="javascript:window.history.go(-1);">'. $_LANG['BACK'] .'</a></p>';
return;
}
if ($new_modules) {
echo '<div class="panel panel-default"><div class="panel-heading">'. $_LANG['AD_SEARCH_MODULES'] .'</div><div class="panel-body">';
modulesList($new_modules, $_LANG['AD_SETUP'], 'install_module');
echo '</div></div>';
}
if ($upd_modules) {
echo '<div class="panel panel-default"><div class="panel-heading">'. $_LANG['AD_MODULES_UPDATE'] .'</div><div class="panel-body">';
modulesList($upd_modules, $_LANG['AD_UPDATE'], 'upgrade_module');
echo '</div></div>';
}
echo '<p><a class="btn btn-default" href="javascript:window.history.go(-1);">'. $_LANG['BACK'] .'</a></p>';
}
//--------------------------- Установка модуля -----------------------------
if ($do == 'install_module') {
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) { cpAccessDenied(); }
$error = '';
$module_id = cmsCore::request('id', 'str', '');
if(!$module_id){ cmsCore::redirectBack(); }
if ($inCore->loadModuleInstaller($module_id)){
$_module = call_user_func('info_module_'.$module_id);
//////////////////////////////////////
$error = call_user_func('install_module_'.$module_id);
} else {
$error = $_LANG['AD_MODULE_WIZARD_FAILURE'];
}
if ($error === true) {
$inCore->installModule($_module, $_module['config']);
cmsCore::addSessionMessage($_LANG['AD_MODULE'].' <strong>"'.$_module['title'].'"</strong> '.$_LANG['AD_SUCCESS'].$_LANG['AD_IS_INSTALL'], 'success');
cmsCore::redirect('/admin/index.php?view=modules');
} else {
cmsCore::addSessionMessage($error , 'error');
cmsCore::redirectBack();
}
}
//--------------------------- Обновление модуля ----------------------------
if ($do == 'upgrade_module') {
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) { cpAccessDenied(); }
$error = '';
$module_id = cmsCore::request('id', 'str', '');
if(!$module_id){ cmsCore::redirectBack(); }
if ($inCore->loadModuleInstaller($module_id)) {
$_module = call_user_func('info_module_'.$module_id);
if (isset($_module['link'])) {
$_module['content'] = $_module['link'];
}
$error = call_user_func('upgrade_module_'.$module_id);
} else {
$error = $_LANG['AD_SETUP_WIZARD_FAILURE'];
}
if ($error === true) {
$inCore->upgradeModule($_module, $_module['config']);
cmsCore::addSessionMessage($_LANG['AD_MODULE'].' <strong>"'.$_module['title'].'"</strong> '.$_LANG['AD_SUCCESS'].$_LANG['AD_IS_UPDATE'], 'success');
cmsCore::redirect('/admin/index.php?view=modules');
} else {
cmsCore::addSessionMessage($error , 'error');
cmsCore::redirectBack();
}
}
//==========================================================================
//------------------------------ Компоненты --------------------------------
//--------- Список компонентов готовых к установке или обновлению ----------
if ($do == 'component') {
if (!cmsUser::isAdminCan('admin/components', $adminAccess)) { cpAccessDenied(); }
cpAddPathway($_LANG['AD_SETUP_COMPONENTS'], 'index.php?view=install&do=component');
$new_components = $inCore->getNewComponents();
$upd_components = $inCore->getUpdatedComponents();
echo '<h3>'. $_LANG['AD_SETUP_COMPONENTS'] .'</h3>';
if (!$new_components && !$upd_components) {
echo '<p>'. $_LANG['AD_NO_SEARCH_COMPONENTS'] .'</p>';
echo '<p>'. $_LANG['AD_IF_WANT_SETUP_COMPONENTS'] .'</p>';
echo '<p><a href="javascript:window.history.go(-1);" class="btn btn-default">'. $_LANG['BACK'] .'</a></p>';
return;
}
if ($new_components) {
echo '<div class="panel panel-default"><div class="panel-heading">'. $_LANG['AD_COMPONENTS_SETUP'] .'</div><div class="panel-body">';
componentsList($new_components, $_LANG['AD_SETUP'], 'install_component');
echo '</div></div>';
}
if ($upd_components) {
echo '<div class="panel panel-default"><div class="panel-heading">'. $_LANG['AD_COMPONENTS_UPDATE'] .'</div><div class="panel-body">';
componentsList($upd_components, $_LANG['AD_UPDATE'], 'upgrade_component');
echo '</div></div>';
}
echo '<p><a href="javascript:window.history.go(-1);" class="btn btn-default">'. $_LANG['BACK'] .'</a></p>';
}
//------------------------- Установка компонента ---------------------------
if ($do == 'install_component') {
$error = '';
$component = cmsCore::request('id', 'str', '');
if (!$component) { cmsCore::redirectBack(); }
if (!cmsUser::isAdminCan('admin/components', $adminAccess)) { cpAccessDenied(); }
if ($inCore->loadComponentInstaller($component)) {
$_component = call_user_func('info_component_'.$component);
$error = call_user_func('install_component_'.$component);
} else {
$error = $_LANG['AD_COMPONENT_WIZARD_FAILURE'];
}
if ($error === true) {
$inCore->installComponent($_component, $_component['config']);
$info_text = '<p>'. $_LANG['AD_COMPONENT'] .' <strong>"'. $_component['title'] .'"</strong> '. $_LANG['AD_SUCCESS'] . $_LANG['AD_IS_INSTALL'] .'</p>';
if (isset($_component['modules'])){
if (is_array($_component['modules'])) {
$info_text .= '<p>'. $_LANG['AD_OPT_INSTALL_MODULES'] .':</p>';
$info_text .= '<ul>';
foreach ($_component['modules'] as $module => $title) {
$info_text .= '<li>'. $title .'</li>';
}
$info_text .= '</ul>';
}
}
if (isset($_component['plugins'])){
if(is_array($_component['plugins'])){
$info_text .= '<p>'. $_LANG['AD_OPT_INSTALL_PLUGINS'] .':</p>';
$info_text .= '<ul>';
foreach($_component['plugins'] as $module=>$title){
$info_text .= '<li>'. $title .'</li>';
}
$info_text .= '</ul>';
}
}
cmsCore::addSessionMessage($info_text, 'success');
cmsCore::redirect('/admin/index.php?view=components');
} else {
cmsCore::addSessionMessage($error , 'error');
cmsCore::redirectBack();
}
}
//------------------------- Обновление компонента --------------------------
if ($do == 'upgrade_component') {
cpAddPathway($_LANG['AD_UPDATE_COMPONENTS'], 'index.php?view=install&do=component');
$error = '';
$component = cmsCore::request('id', 'str', '');
if (!$component) { cmsCore::redirectBack(); }
if (!cmsUser::isAdminCan('admin/components', $adminAccess)) { cpAccessDenied(); }
if (!cmsUser::isAdminCan('admin/com_'.$component, $adminAccess)) { cpAccessDenied(); }
if ($inCore->loadComponentInstaller($component)) {
$_component = call_user_func('info_component_'.$component);
$error = call_user_func('upgrade_component_'.$component);
} else {
$error = $_LANG['AD_COMPONENT_WIZARD_FAILURE'];
}
if ($error === true) {
$inCore->upgradeComponent($_component, $_component['config']);
$info_text = $_LANG['AD_COMPONENT'].' <strong>"'.$_component['title'].'"</strong> '.$_LANG['AD_SUCCESS'].$_LANG['AD_IS_UPDATE'];
cmsCore::addSessionMessage($info_text, 'success');
cmsCore::redirect('/admin/index.php?view=components');
} else {
cmsCore::addSessionMessage($error , 'error');
cmsCore::redirectBack();
}
}
//-------------------------- Удаление компонента ---------------------------
if ($do == 'remove_component') {
$component_id = cmsCore::request('id', 'int', '');
if (!$component_id) { cmsCore::redirectBack(); }
$com = $inCore->getComponentById($component_id);
if (!cmsUser::isAdminCan('admin/components', $adminAccess)) { cpAccessDenied(); }
if (!cmsUser::isAdminCan('admin/com_'.$com, $adminAccess)) { cpAccessDenied(); }
if ($inCore->loadComponentInstaller($com)) {
if (function_exists('remove_component_'. $com)) {
call_user_func('remove_component_'. $com);
}
}
$inCore->removeComponent($component_id);
cmsCore::addSessionMessage($_LANG['AD_COMPONENT_IS_DELETED'], 'success');
cmsCore::redirect('/admin/index.php?view=components');
}
//==========================================================================
//------------------------------- Плагины ----------------------------------
//---------- Список плагинов готовых к установке или обновлению ------------
if ($do == 'plugin') {
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) { cpAccessDenied(); }
cpAddPathway($_LANG['AD_SETUP_PLUGINS'] , 'index.php?view=install&do=plugin');
$new_plugins = $inCore->getNewPlugins();
$upd_plugins = $inCore->getUpdatedPlugins();
echo '<h3>'. $_LANG['AD_SETUP_PLUGINS'] .'</h3>';
if (!$new_plugins && !$upd_plugins) {
echo '<p>'. $_LANG['AD_NO_SEARCH_PLUGINS'] .'</p>';
echo '<p>'. $_LANG['AD_IF_WANT_SETUP_PLUGINS'] .'</p>';
echo '<p><a href="javascript:window.history.go(-1);" class="btn btn-default">'. $_LANG['BACK'] .'</a></p>';
return;
}
if ($new_plugins) {
echo '<div class="panel panel-default"><div class="panel-heading">'. $_LANG['AD_PLUGINS_SETUP'] .'</div><div class="panel-body">';
pluginsList($new_plugins, $_LANG['AD_SETUP'], 'install_plugin');
echo '</div></div>';
}
if ($upd_plugins) {
echo '<div class="panel panel-default"><div class="panel-heading">'. $_LANG['AD_PLUGINS_UPDATE'] .'</div><div class="panel-body">';
pluginsList($upd_plugins, $_LANG['AD_UPDATE'], 'upgrade_plugin');
echo '</div></div>';
}
echo '<p><a href="javascript:window.history.go(-1);" class="btn btn-default">'. $_LANG['BACK'] .'</a></p>';
}
//--------------------------- Установка плагина ----------------------------
if ($do == 'install_plugin') {
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) { cpAccessDenied(); }
cpAddPathway($_LANG['AD_SETUP_PLUGIN'] , 'index.php?view=install&do=plugin');
$error = '';
$plugin_id = cmsCore::request('id', 'str', '');
if (!$plugin_id) { cmsCore::redirectBack(); }
$plugin = $inCore->loadPlugin($plugin_id);
if (!$plugin) { $error = $_LANG['AD_PLUGIN_FAILURE'] ; }
if (!$error && $plugin->install()) {
cmsCore::addSessionMessage($_LANG['AD_PLUGIN'] .' <strong>"'. $plugin->info['title'] .'"</strong> '. $_LANG['AD_SUCCESS'] . $_LANG['AD_IS_INSTALL'] .'. '. $_LANG['AD_ENABLE_PLUGIN'], 'success');
cmsCore::redirect('/admin/index.php?view=plugins');
}
if ($error) { echo '<p style="color:red">'. $error .'</p>'; }
echo '<p><a href="index.php?view=install&do=plugin">'. $_LANG['BACK'] .'</a></p>';
}
//-------------------------- Обновление плагина ----------------------------
if ($do == 'upgrade_plugin') {
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) { cpAccessDenied(); }
cpAddPathway($_LANG['AD_UPDATE_PLUGIN'], 'index.php?view=install&do=plugin');
$error = '';
$plugin_id = cmsCore::request('id', 'str', '');
if (empty($plugin_id)) { cmsCore::redirectBack(); }
$plugin = $inCore->loadPlugin($plugin_id);
if (!$plugin) { $error = $_LANG['AD_PLUGIN_FAILURE']; }
if (!$error && $plugin->upgrade()) {
cmsCore::addSessionMessage($_LANG['AD_PLUGIN'] .' <strong>"'. $plugin->info['title'] .'"</strong> '. $_LANG['AD_SUCCESS'] . $_LANG['AD_IS_UPDATE'], 'success');
cmsCore::redirect('/admin/index.php?view=plugins');
}
if ($error) { echo '<p style="color:red">'. $error .'</p>'; }
echo '<p><a href="index.php?view=install&do=plugin">'. $_LANG['BACK'] .'</a></p>';
}
//--------------------------- Удаление плагина -----------------------------
if ($do == 'remove_plugin') {
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) { cpAccessDenied(); }
$plugin_name = $inCore->getPluginById(cmsCore::request('id', 'int', 0));
if (!$plugin_name) { cmsCore::redirectBack(); }
$plugin = $inCore->loadPlugin($plugin_name);
if (!$plugin) { $error = $_LANG['AD_PLUGIN_FAILURE']; }
$plugin->uninstall();
cmsCore::addSessionMessage($_LANG['AD_REMOVE_PLUGIN_OK'], 'success');
cmsCore::redirect('/admin/index.php?view=plugins');
}
//==========================================================================
}
function applet_usergroups()
{
$inDB = cmsDatabase::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/users', $adminAccess)) {
cpAccessDenied();
}
$GLOBALS['cp_page_title'] = $_LANG['AD_USERS_GROUP'];
cpAddPathway($_LANG['AD_USERS'], 'index.php?view=users');
cpAddPathway($_LANG['AD_USERS_GROUP'], 'index.php?view=usergroups');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
cmsCore::loadModel('users');
$model = new cms_model_users();
if ($do == 'list') {
$toolmenu[] = array('icon' => 'usergroupadd.gif', 'title' => $_LANG['AD_CREATE_GROUP'], 'link' => '?view=usergroups&do=add');
$toolmenu[] = array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=usergroups&do=edit&multiple=1');");
$toolmenu[] = array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:if(confirm('{$_LANG['AD_REMOVE_GROUP']}')) { checkSel('?view=users&do=delete&multiple=1'); }");
cpToolMenu($toolmenu);
$fields[] = array('title' => 'id', 'field' => 'id', 'width' => '30');
$fields[] = array('title' => $_LANG['TITLE'], 'field' => 'title', 'width' => '', 'link' => '?view=usergroups&do=edit&id=%id%', 'filter' => '12');
$fields[] = array('title' => $_LANG['AD_FROM_USERS'], 'field' => 'id', 'width' => '100', 'prc' => 'getCountUsers');
$fields[] = array('title' => $_LANG['AD_IF_ADMIN'], 'field' => 'is_admin', 'width' => '110', 'prc' => 'cpYesNo');
$fields[] = array('title' => $_LANG['AD_ALIAS'], 'field' => 'alias', 'width' => '75', 'filter' => '12');
$actions[] = array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=usergroups&do=edit&id=%id%');
$actions[] = array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_REMOVE_GROUP'], 'link' => '?view=usergroups&do=delete&id=%id%');
cpListTable('cms_user_groups', $fields, $actions);
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
$model->deleteGroup($id);
}
} else {
$model->deleteGroups(cmsCore::request('item', 'array_int', array()));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=usergroups');
}
if ($do == 'submit' || $do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$types = array('title' => array('title', 'str', ''), 'alias' => array('alias', 'str', ''), 'is_admin' => array('is_admin', 'int', 0), 'access' => array('access', 'array_str', array(), create_function('$a_list', 'return implode(\',\', $a_list);')));
$items = cmsCore::getArrayFromRequest($types);
if ($do == 'submit') {
$inDB->insert('cms_user_groups', $items);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=usergroups');
} else {
$inDB->update('cms_user_groups', $items, $id);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
if (empty($_SESSION['editlist'])) {
cmsCore::redirect('index.php?view=usergroups');
} else {
cmsCore::redirect('index.php?view=usergroups&do=edit');
}
}
}
if ($do == 'add' || $do == 'edit') {
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);');
cpToolMenu($toolmenu);
if ($do == 'add') {
cpAddPathway($_LANG['AD_CREATE_GROUP']);
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = $inDB->get_fields('cms_user_groups', "id = '{$item_id}'", '*');
if (!$mod) {
cmsCore::error404();
}
echo '<h3>' . $_LANG['AD_EDIT_GROUP'] . ' ' . $ostatok . '</h3>';
cpAddPathway($_LANG['AD_EDIT_GROUP'] . ' ' . $mod['title']);
}
if (isset($mod['access'])) {
$mod['access'] = str_replace(', ', ',', $mod['access']);
$mod['access'] = explode(',', $mod['access']);
}
?>
<form id="addform" name="addform" method="post" action="index.php?view=usergroups">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<table width="660" border="0" cellspacing="5" class="proptable">
<tr>
<td width="198" valign="top"><div><strong><?php
echo $_LANG['AD_GROUP_NAME'];
?>
: </strong></div><span class="hinttext"><?php
echo $_LANG['AD_VIEW_SITE'];
?>
</span></td>
<td width="475" valign="top"><input name="title" type="text" id="title" size="30" value="<?php
echo htmlspecialchars($mod['title']);
?>
"/></td>
</tr>
<tr>
<td valign="top"><div><strong><?php
echo $_LANG['AD_ALIAS'];
?>
:</strong></div><?php
if ($do == 'edit') {
?>
<span class="hinttext"><?php
echo $_LANG['AD_DONT_CHANGE'];
?>
</span><?php
}
?>
</td>
<td valign="top"><input name="alias" type="text" id="title3" <?php
if (@$mod['alias'] == 'guest') {
?>
readonly="readonly"<?php
}
?>
size="30" value="<?php
echo @$mod['alias'];
?>
"/></td>
</tr>
<tr>
<td><strong><?php
echo $_LANG['AD_IF_ADMIN'];
?>
</strong></td>
<td>
<label><input name="is_admin" type="radio" value="1" <?php
if (@$mod['is_admin']) {
echo 'checked="checked"';
}
?>
onclick="$('#accesstable').hide();$('#admin_accesstable').show();"/> <?php
echo $_LANG['YES'];
?>
</label>
<label><input name="is_admin" type="radio" value="0" <?php
if (@(!$mod['is_admin'])) {
echo 'checked="checked"';
}
?>
onclick="$('#accesstable').show();$('#admin_accesstable').hide();"/> <?php
echo $_LANG['NO'];
?>
</label>
</td>
</tr>
</table>
<!--------------------------------------------------------------------------------------------------------------------------------------------->
<table width="660" border="0" cellspacing="5" class="proptable" id="admin_accesstable" style="<?php
if (@(!$mod['is_admin'])) {
echo 'display:none;';
}
?>
">
<tr>
<td width="191" valign="top">
<div><strong><?php
echo $_LANG['AD_AVAILABLE_SECTIONS'];
?>
</strong></div>
<span class="hinttext"><?php
echo $_LANG['AD_ALL_SECTIONS'];
?>
</span>
</td>
<td width="475" valign="top">
<table width="100%" border="0" cellspacing="2" cellpadding="0">
<tr>
<td width="16"><input type="checkbox" name="access[]" id="admin_menu" value="admin/menu" <?php
if (isset($mod['access'])) {
if (in_array('admin/menu', $mod['access'])) {
echo 'checked="checked"';
}
}
?>
></td>
<td><label for="admin_menu"><?php
echo $_LANG['AD_MENU_CONTROL'];
?>
</label></td>
</tr>
<tr>
<td width="16"><input type="checkbox" name="access[]" id="admin_modules" value="admin/modules" <?php
if (isset($mod['access'])) {
if (in_array('admin/modules', $mod['access'])) {
echo 'checked="checked"';
}
}
?>
></td>
<td><label for="admin_modules"><?php
echo $_LANG['AD_MODULES_CONTROL'];
?>
</label></td>
</tr>
<tr>
<td width="16"><input type="checkbox" name="access[]" id="admin_content" value="admin/content" <?php
if (isset($mod['access'])) {
if (in_array('admin/content', $mod['access'])) {
echo 'checked="checked"';
}
}
?>
></td>
<td><label for="admin_content"><?php
echo $_LANG['AD_CONTENTS_CONTROL'];
?>
</label></td>
</tr>
<tr>
<td width="16"><input type="checkbox" name="access[]" id="admin_plugins" value="admin/plugins" <?php
if (isset($mod['access'])) {
if (in_array('admin/filters', $mod['access'])) {
echo 'checked="checked"';
}
}
?>
></td>
<td><label for="admin_plugins"><?php
echo $_LANG['AD_PLUGINS_CONTROL'];
?>
</label></td>
</tr>
<tr>
<td width="16"><input type="checkbox" name="access[]" id="admin_filters" value="admin/filters" <?php
if (isset($mod['access'])) {
if (in_array('admin/filters', $mod['access'])) {
echo 'checked="checked"';
}
}
?>
></td>
<td><label for="admin_filters"><?php
echo $_LANG['AD_FILTERS_CONTROL'];
?>
</label></td>
</tr>
<tr>
<td width="16"><input type="checkbox" name="access[]" id="admin_components" value="admin/components" <?php
if (isset($mod['access'])) {
if (in_array('admin/components', $mod['access'])) {
echo 'checked="checked"';
}
}
?>
></td>
<td><label for="admin_components"><?php
echo $_LANG['AD_COMPONENTS_CONTROL'];
?>
</label></td>
</tr>
<tr>
<td width="16"><input type="checkbox" name="access[]" id="admin_users" value="admin/users" <?php
if (isset($mod['access'])) {
if (in_array('admin/users', $mod['access'])) {
echo 'checked="checked"';
}
}
?>
></td>
<td><label for="admin_users"><?php
echo $_LANG['AD_USERS_CONTROL'];
?>
</label></td>
</tr>
<tr>
<td width="16"><input type="checkbox" name="access[]" id="admin_config" value="admin/config" <?php
if (isset($mod['access'])) {
if (in_array('admin/config', $mod['access'])) {
echo 'checked="checked"';
}
}
?>
></td>
<td><label for="admin_config"><?php
echo $_LANG['AD_SETTINGS_CONTROL'];
?>
</label></td>
</tr>
</table>
</td>
</tr>
<tr>
<td valign="top">
<div><strong><?php
echo $_LANG['AD_COMPONENTS_SETTINGS_FREE'];
?>
</strong></div>
<span class="hinttext"><?php
echo $_LANG['AD_COMPONENTS_SETTINGS_ON'];
?>
</span>
</td>
<td valign="top">
<table width="100%" border="0" cellspacing="2" cellpadding="0">
<?php
$coms = cmsCore::getInstance()->getAllComponents();
foreach ($coms as $com) {
if (!file_exists(PATH . '/admin/components/' . $com['link'] . '/backend.php')) {
continue;
}
?>
<tr>
<td width="16"><input type="checkbox" name="access[]" id="admin_com_<?php
echo $com['link'];
?>
" value="admin/com_<?php
echo $com['link'];
?>
" <?php
if (isset($mod['access'])) {
if (in_array('admin/com_' . $com['link'], $mod['access'])) {
echo 'checked="checked"';
}
}
?>
/></td>
<td><label for="admin_com_<?php
echo $com['link'];
?>
"><?php
echo $com['title'];
?>
</label></td>
</tr>
<?php
}
?>
</table>
</td>
</tr>
</table>
<!--------------------------------------------------------------------------------------------------------------------------------------------->
<table width="660" border="0" cellspacing="5" class="proptable" id="accesstable" style="<?php
if (@$mod['is_admin']) {
echo 'display:none;';
}
?>
">
<tr>
<td width="191" valign="top"><strong><?php
echo $_LANG['AD_GROUP_RULE'];
?>
</strong></td>
<td width="475" valign="top">
<table width="100%" border="0" cellspacing="2" cellpadding="0">
<?php
$sql = "SELECT * FROM cms_user_groups_access ORDER BY access_type";
$res = $inDB->query($sql);
while ($ga = $inDB->fetch_assoc($res)) {
if ($mod['alias'] == 'guest' && $ga['hide_for_guest']) {
continue;
}
?>
<tr>
<td width="16"><input type="checkbox" name="access[]" id="<?php
echo str_replace('/', '_', $ga['access_type']);
?>
" value="<?php
echo $ga['access_type'];
?>
" <?php
if (isset($mod['access'])) {
if (in_array($ga['access_type'], $mod['access'])) {
echo 'checked="checked"';
}
}
?>
></td>
<td><label for="<?php
echo str_replace('/', '_', $ga['access_type']);
?>
"><?php
echo $ga['access_name'];
?>
</label></td>
</tr>
<?php
}
?>
</table>
</td>
</tr>
</table>
<!--------------------------------------------------------------------------------------------------------------------------------------------->
<p>
<input name="add_mod" type="submit" id="add_mod" <?php
if ($do == 'add') {
echo 'value="' . $_LANG['AD_CREATE_GROUP'] . '"';
} else {
echo 'value="' . $_LANG['SAVE'] . '"';
}
?>
/>
<span style="margin-top:15px"><input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.history.back();"/></span>
<input name="do" type="hidden" id="do" <?php
if ($do == 'add') {
echo 'value="submit"';
} else {
echo 'value="update"';
}
?>
/>
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="' . $mod['id'] . '" />';
}
?>
</p>
</form>
<?php
}
}
$fields[] = array('title' => $_LANG['AD_BANNER_CTR'], 'field' => array('clicks', 'hits'), 'width' => '90', 'prc' => 'bannerCTRbyID');
$actions[] = array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=components&do=config&id=' . $id . '&opt=edit&item_id=%id%');
$actions[] = array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_BANNER_DEL_CONFIRM'], 'link' => '?view=components&do=config&id=' . $id . '&opt=delete&item_id=%id%');
cpListTable('cms_banners', $fields, $actions, '', 'pubdate DESC');
}
if ($opt == 'add' || $opt == 'edit') {
if ($opt == 'add') {
echo '<h3>' . $_LANG['AD_ADD_BANNER'] . '</h3>';
cpAddPathway($_LANG['AD_ADD_BANNER']);
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('item_id', 'int', 0);
}
$mod = cms_model_banners::getBanner($item_id);
if (!$mod) {
function applet_plugins()
{
global $_LANG;
$inCore = cmsCore::getInstance();
$GLOBALS['cp_page_title'] = $_LANG['AD_PLUGINS'];
cpAddPathway($_LANG['AD_PLUGINS'], 'index.php?view=plugins');
global $adminAccess;
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) {
cpAccessDenied();
}
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
// ===================================================================================== //
if ($do == 'hide') {
dbHide('cms_plugins', $id);
echo '1';
exit;
}
// ===================================================================================== //
if ($do == 'show') {
dbShow('cms_plugins', $id);
echo '1';
exit;
}
// ===================================================================================== //
if ($do == 'list') {
$toolmenu = array();
$toolmenu[1]['icon'] = 'install.gif';
$toolmenu[1]['title'] = $_LANG['AD_INSTALL_PLUGINS'];
$toolmenu[1]['link'] = '?view=install&do=plugin';
cpToolMenu($toolmenu);
$plugin_id = cmsCore::request('installed', 'str', '');
if ($plugin_id) {
$task = cmsCore::request('task', 'str', 'install');
if ($task == 'install' || $task == 'upgrade') {
$plugin = $inCore->loadPlugin($plugin_id);
$task_str = $task == 'install' ? $_LANG['AD_IS_INSTALL'] : $_LANG['AD_IS_UPDATE'];
echo '<div style="color:green;margin-top:12px;margin-bottom:5px;">' . $_LANG['AD_PLUGIN'] . ' <strong>"' . $plugin->info['title'] . '"</strong> ' . $task_str . '. ' . $_LANG['AD_ENABLE_PLUGIN'] . '.</div>';
}
if ($task == 'remove') {
echo '<div style="color:green;margin-top:12px;margin-bottom:5px;">' . $_LANG['AD_REMOVE_PLUGIN_OK'] . '.</div>';
}
}
$fields = array();
$fields[0]['title'] = 'id';
$fields[0]['field'] = 'id';
$fields[0]['width'] = '20';
$fields[1]['title'] = $_LANG['TITLE'];
$fields[1]['field'] = 'title';
$fields[1]['width'] = '250';
$fields[2]['title'] = $_LANG['DESCRIPTION'];
$fields[2]['field'] = 'description';
$fields[2]['width'] = '';
$fields[3]['title'] = $_LANG['AD_AUTHOR'];
$fields[3]['field'] = 'author';
$fields[3]['width'] = '160';
$fields[4]['title'] = $_LANG['AD_VERSION'];
$fields[4]['field'] = 'version';
$fields[4]['width'] = '50';
$fields[5]['title'] = $_LANG['AD_FOLDER'];
$fields[5]['field'] = 'plugin';
$fields[5]['width'] = '100';
$fields[6]['title'] = $_LANG['AD_ENABLE'];
$fields[6]['field'] = 'published';
$fields[6]['width'] = '60';
$actions = array();
$actions[0]['title'] = $_LANG['AD_CONFIG'];
$actions[0]['icon'] = 'config.gif';
$actions[0]['link'] = '?view=plugins&do=config&id=%id%';
$actions[1]['title'] = $_LANG['DELETE'];
$actions[1]['icon'] = 'delete.gif';
$actions[1]['confirm'] = $_LANG['AD_REMOVE_PLUGIN_FROM'];
$actions[1]['link'] = '?view=install&do=remove_plugin&id=%id%';
cpListTable('cms_plugins', $fields, $actions);
}
// ===================================================================================== //
if ($do == 'save_config') {
if (!cmsCore::validateForm()) {
cmsCore::error404();
}
$plugin_name = cmsCore::request('plugin', 'str', 0);
$config = cmsCore::request('config', 'array_str');
if (!$config || !$plugin_name) {
cmsCore::redirectBack();
}
$inCore->savePluginConfig($plugin_name, $config);
cmsUser::clearCsrfToken();
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=plugins');
}
// ===================================================================================== //
if ($do == 'config') {
$plugin_name = $inCore->getPluginById($id);
if (!$plugin_name) {
cmsCore::error404();
}
$plugin = $inCore->loadPlugin($plugin_name);
$config = $inCore->loadPluginConfig($plugin_name);
$GLOBALS['cp_page_title'] = $plugin->info['title'];
cpAddPathway($plugin->info['title'], 'index.php?view=plugins&do=config&id=' . $id);
echo '<h3>' . $plugin->info['title'] . '</h3>';
if (!$config) {
echo '<p>' . $_LANG['AD_PLUGIN_DISABLE'] . '.</p>';
echo '<p><a href="javascript:window.history.go(-1);">' . $_LANG['BACK'] . '</a></p>';
return;
}
echo '<form action="index.php?view=plugins&do=save_config&plugin=' . $plugin_name . '" method="POST">';
echo '<input type="hidden" name="csrf_token" value="' . cmsUser::getCsrfToken() . '" />';
echo '<table class="proptable" width="605" cellpadding="8" cellspacing="0" border="0">';
foreach ($config as $field => $value) {
echo '<tr>';
echo '<td width="150"><strong>' . (isset($_LANG[mb_strtoupper($field)]) ? $_LANG[mb_strtoupper($field)] : $field) . ':</strong></td>';
echo '<td><input type="text" style="width:90%" name="config[' . $field . ']" value="' . htmlspecialchars($value) . '" /></td>';
echo '</tr>';
}
echo '</table>';
echo '<div style="margin-top:6px;">';
echo '<input type="submit" name="save" value="' . $_LANG['SAVE'] . '" /> ';
echo '<input type="button" name="back" value="' . $_LANG['CANCEL'] . '" onclick="window.history.go(-1)" />';
echo '</div>';
echo '</form>';
}
// ===================================================================================== //
}
function applet_modules()
{
$inCore = cmsCore::getInstance();
$inDB = cmsDatabase::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) {
cpAccessDenied();
}
$GLOBALS['cp_page_title'] = $_LANG['AD_MODULES'];
cpAddPathway($_LANG['AD_MODULES'], 'index.php?view=modules');
$GLOBALS['cp_page_head'][] = '<script language="JavaScript" type="text/javascript" src="js/modules.js"></script>';
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
$co = cmsCore::request('co', 'int', -1);
//============================================================================//
//============================================================================//
if ($do == 'config') {
$module_name = cpModuleById($id);
$module_title = cpModuleTitleById($id);
if (!$module_name) {
cmsCore::redirect('index.php?view=modules&do=edit&id=' . $id);
}
$xml_file = PATH . '/admin/modules/' . $module_name . '/backend.xml';
$php_file = 'modules/' . $module_name . '/backend.php';
if (!file_exists($xml_file)) {
if (file_exists($php_file)) {
include $php_file;
return;
}
cmsCore::halt();
}
$cfg = $inCore->loadModuleConfig($id);
cmsCore::loadClass('formgen');
$formGen = new cmsFormGen($xml_file, $cfg);
cpAddPathway($module_title, '?view=modules&do=edit&id=' . $id);
cpAddPathway($_LANG['AD_SETTINGS']);
echo '<h3>' . $module_title . '</h3>';
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:submitModuleConfig();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=modules');
$toolmenu[] = array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_MODULE_VIEW'], 'link' => '?view=modules&do=edit&id=' . $id);
cpToolMenu($toolmenu);
echo '<form action="index.php?view=modules&do=save_auto_config&id=' . $id . '" method="post" name="optform" target="_self" id="optform">';
echo $formGen->getHTML();
echo '</form>';
return;
}
//============================================================================//
//============================================================================//
if ($do == 'save_auto_config') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$module_name = cpModuleById($id);
$is_ajax = cmsCore::inRequest('ajax');
if ($is_ajax) {
$title = cmsCore::request('title', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$inDB->query("UPDATE cms_modules SET title='{$title}', published='{$published}' WHERE id={$id}");
if (cmsCore::inRequest('content')) {
$content = $inDB->escape_string(cmsCore::request('content', 'html'));
$inDB->query("UPDATE cms_modules SET content='{$content}' WHERE id={$id}");
}
// Добавим возможность изменять css_префикс с фронта
if (cmsCore::inRequest('css_prefix')) {
// На шаблонах не не отдающих параметра затирать класс не будем
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$inDB->query("UPDATE cms_modules SET css_prefix='{$css_prefix}' WHERE id='{$id}'");
}
}
if (cmsCore::inRequest('title_only')) {
cmsCore::redirectBack();
}
$xml_file = PATH . '/admin/modules/' . $module_name . '/backend.xml';
if (!file_exists($xml_file)) {
cmsCore::halt();
}
$cfg = array();
$backend = simplexml_load_file($xml_file);
foreach ($backend->params->param as $param) {
$name = (string) $param['name'];
$type = (string) $param['type'];
$default = (string) $param['default'];
switch ($param['type']) {
case 'number':
$value = cmsCore::request($name, 'int', $default);
break;
case 'string':
$value = cmsCore::request($name, 'str', $default);
break;
case 'html':
$value = cmsCore::badTagClear(cmsCore::request($name, 'html', $default));
break;
case 'flag':
$value = cmsCore::request($name, 'int', 0);
break;
case 'list':
$value = is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default);
break;
case 'list_function':
$value = cmsCore::request($name, 'str', $default);
break;
case 'list_db':
$value = is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default);
break;
}
$cfg[$name] = $value;
}
$inCore->saveModuleConfig($id, $cfg);
if (!$is_ajax) {
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
}
cmsCore::redirectBack();
}
//============================================================================//
//============================================================================//
if ($do == 'list') {
$toolmenu[] = array('icon' => 'new.gif', 'title' => $_LANG['AD_MODULE_ADD'], 'link' => '?view=modules&do=add');
$toolmenu[] = array('icon' => 'install.gif', 'title' => $_LANG['AD_MODULES_SETUP'], 'link' => '?view=install&do=module');
$toolmenu[] = array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=edit&multiple=1');");
$toolmenu[] = array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=delete&multiple=1');");
$toolmenu[] = array('icon' => 'show.gif', 'title' => $_LANG['AD_ALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=show&multiple=1');");
$toolmenu[] = array('icon' => 'hide.gif', 'title' => $_LANG['AD_DISALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=hide&multiple=1');");
$toolmenu[] = array('icon' => 'autoorder.gif', 'title' => $_LANG['AD_MODULE_ORDER'], 'link' => '?view=modules&do=autoorder');
$toolmenu[] = array('icon' => 'reorder.gif', 'title' => $_LANG['AD_SAVE_ORDER'], 'link' => "javascript:checkSel('?view=modules&do=saveorder');");
$toolmenu[] = array('icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=modules');
cpToolMenu($toolmenu);
$fields[] = array('title' => 'id', 'field' => 'id', 'width' => '30');
$fields[] = array('title' => $_LANG['AD_TITLE'], 'field' => array('title', 'titles'), 'width' => '', 'link' => '?view=modules&do=edit&id=%id%', 'prc' => function ($i) {
$i['titles'] = cmsCore::yamlToArray($i['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($i['titles'][cmsConfig::getConfig('lang')])) {
$i['title'] = $i['titles'][cmsConfig::getConfig('lang')];
}
return $i['title'];
});
$fields[] = array('title' => $_LANG['TITLE'], 'field' => 'name', 'width' => '220', 'filter' => '15');
$fields[] = array('title' => $_LANG['AD_VERSION'], 'field' => 'version', 'width' => '55');
$fields[] = array('title' => $_LANG['AD_AUTHOR'], 'field' => 'author', 'width' => '110');
$fields[] = array('title' => $_LANG['SHOW'], 'field' => 'published', 'width' => '65');
$fields[] = array('title' => $_LANG['AD_ORDER'], 'field' => 'ordering', 'width' => '75');
$fields[] = array('title' => $_LANG['AD_POSITION'], 'field' => 'position', 'width' => '70', 'filter' => '10', 'filterlist' => cpGetList('positions'));
$actions[] = array('title' => $_LANG['AD_CONFIG'], 'icon' => 'config.gif', 'link' => '?view=modules&do=config&id=%id%', 'condition' => 'cpModuleHasConfig');
$actions[] = array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=modules&do=edit&id=%id%');
$actions[] = array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_MODULE_DELETE'], 'link' => '?view=modules&do=delete&id=%id%');
cpListTable('cms_modules', $fields, $actions, '', 'published DESC, position, ordering ASC');
}
//============================================================================//
//============================================================================//
if ($do == 'autoorder') {
$rs = $inDB->query("SELECT id, position FROM cms_modules ORDER BY position");
if ($inDB->num_rows($rs)) {
$ord = 1;
while ($item = $inDB->fetch_assoc($rs)) {
if (isset($latest_pos)) {
if ($latest_pos != $item['position']) {
$ord = 1;
}
}
$inDB->query("UPDATE cms_modules SET ordering = {$ord} WHERE id='{$item['id']}'");
$ord += 1;
$latest_pos = $item['position'];
}
}
cmsCore::redirect('index.php?view=modules');
}
//============================================================================//
//============================================================================//
if ($do == 'move_up') {
if ($id >= 0) {
dbMoveUp('cms_modules', $id, $co);
}
cmsCore::redirectBack();
}
if ($do == 'move_down') {
if ($id >= 0) {
dbMoveDown('cms_modules', $id, $co);
}
cmsCore::redirectBack();
}
//============================================================================//
//============================================================================//
if ($do == 'saveorder') {
if (isset($_REQUEST['ordering'])) {
$ord = $_REQUEST['ordering'];
$ids = $_REQUEST['ids'];
foreach ($ord as $id => $ordering) {
$inDB->query("UPDATE cms_modules SET ordering = '" . (int) $ordering . "' WHERE id = '" . (int) $ids[$id] . "'");
}
cmsCore::redirect('index.php?view=modules');
}
}
//============================================================================//
//============================================================================//
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbShow('cms_modules', $id);
}
echo '1';
exit;
} else {
dbShowList('cms_modules', cmsCore::request('item', 'array_int', array()));
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbHide('cms_modules', $id);
}
echo '1';
exit;
} else {
dbHideList('cms_modules', cmsCore::request('item', 'array_int', array()));
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
$inCore->removeModule($id);
} else {
$inCore->removeModule(cmsCore::request('item', 'array_int', array()));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=modules');
}
//============================================================================//
//============================================================================//
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$id = cmsCore::request('id', 'int', 0);
$name = cmsCore::request('name', 'str', '');
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$position = cmsCore::request('position', 'str', '');
$showtitle = cmsCore::request('showtitle', 'int', 0);
$content = $inDB->escape_string(cmsCore::request('content', 'html', ''));
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_strict_bind = cmsCore::request('is_strict_bind', 'int', 0);
$is_strict_bind_hidden = cmsCore::request('is_strict_bind_hidden', 'int', 0);
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int', array()));
}
$template = cmsCore::request('template', 'str', '');
$cache = cmsCore::request('cache', 'int', 0);
$cachetime = cmsCore::request('cachetime', 'int', 0);
$cacheint = cmsCore::request('cacheint', 'str', '');
$sql = "UPDATE cms_modules\r\n SET name='{$name}',\r\n title='{$title}',\r\n titles='{$titles}',\r\n position='{$position}',\r\n template='{$template}',\r\n showtitle={$showtitle},";
if ($content) {
$sql .= "content='{$content}',";
}
$sql .= "\r\n published={$published},\r\n css_prefix='{$css_prefix}',\r\n access_list='{$access_list}',\r\n hidden_menu_ids='',\r\n cachetime = '{$cachetime}',\r\n cacheint = '{$cacheint}',\r\n cache = '{$cache}',\r\n is_strict_bind = '{$is_strict_bind}',\r\n is_strict_bind_hidden = '{$is_strict_bind_hidden}'\r\n WHERE id = '{$id}'\r\n LIMIT 1";
$inDB->query($sql);
$sql = "DELETE FROM cms_modules_bind WHERE module_id = {$id}";
$inDB->query($sql);
if (cmsCore::request('show_all', 'int', 0)) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position)\r\n VALUES ({$id}, 0, '{$position}')";
$inDB->query($sql);
$hidden_menu_ids = cmsCore::request('hidden_menu_ids', 'array_int', array());
if ($hidden_menu_ids) {
$hidden_menu_ids = cmsCore::arrayToYaml($hidden_menu_ids);
$inDB->query("UPDATE cms_modules SET hidden_menu_ids='{$hidden_menu_ids}' WHERE id = '{$id}' LIMIT 1");
}
} else {
$showin = cmsCore::request('showin', 'array_int', array());
$showpos = cmsCore::request('showpos', 'array_str', array());
if ($showin) {
foreach ($showin as $key => $value) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position)\r\n VALUES ({$id}, {$value}, '{$showpos[$value]}')";
$inDB->query($sql);
}
}
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
if (!isset($_SESSION['editlist']) || @sizeof($_SESSION['editlist']) == 0) {
cmsCore::redirect('index.php?view=modules');
} else {
cmsCore::redirect('index.php?view=modules&do=edit');
}
}
//============================================================================//
//============================================================================//
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$sql = "SELECT ordering as max_o FROM cms_menu ORDER BY ordering DESC LIMIT 1";
$result = $inDB->query($sql);
$row = $inDB->fetch_assoc($result);
$maxorder = $row['max_o'] + 1;
$name = cmsCore::request('name', 'str', '');
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$position = cmsCore::request('position', 'str', '');
$showtitle = cmsCore::request('showtitle', 'int', 0);
$content = $inDB->escape_string(cmsCore::request('content', 'html', ''));
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int', array()));
}
$template = cmsCore::request('template', 'str', '');
$cache = cmsCore::request('cache', 'int', 0);
$cachetime = cmsCore::request('cachetime', 'int', 0);
$cacheint = cmsCore::request('cacheint', 'str', '');
$operate = cmsCore::request('operate', 'str', '');
$is_strict_bind = cmsCore::request('is_strict_bind', 'int', 0);
$is_strict_bind_hidden = cmsCore::request('is_strict_bind_hidden', 'int', 0);
if ($operate == 'user') {
//USER MODULE
$sql = "INSERT INTO cms_modules (position, name, title, titles, is_external, content, ordering, showtitle, published, user, original, css_prefix, access_list, template, is_strict_bind, is_strict_bind_hidden)\r\n\t\t\t\t\tVALUES ('{$position}', '{$name}', '{$title}', '{$titles}', 0, '{$content}', '{$maxorder}', '{$showtitle}', '{$published}', 1, 1, '{$css_prefix}', '{$access_list}', '{$template}', '{$is_strict_bind}', '{$is_strict_bind_hidden}')";
$inDB->query($sql);
}
if ($operate == 'clone') {
//DUPLICATE MODULE
$mod_id = cmsCore::request('clone_id', 'int', 0);
$sql = "SELECT * FROM cms_modules WHERE id = {$mod_id} LIMIT 1";
$result = $inDB->query($sql);
$original = $inDB->escape_string($inDB->fetch_assoc($result));
$is_original = cmsCore::request('del_orig', 'int', 0) ? 1 : 0;
$sql = "INSERT INTO cms_modules (position, name, title, titles, is_external,\r\n content, ordering, showtitle, published,\r\n original, user, config, css_prefix, template,\r\n access_list, is_strict_bind, is_strict_bind_hidden,\r\n cache, cachetime, cacheint, version)\r\n\t\t\t\t\tVALUES (\r\n\t\t\t\t\t\t\t'{$position}',\r\n\t\t\t\t\t\t\t'{$original['name']}',\r\n\t\t\t\t\t\t\t'{$title}',\r\n\t\t\t\t\t\t\t'{$titles}',\r\n\t\t\t\t\t\t\t'{$original['is_external']}',\r\n\t\t\t\t\t\t\t'{$original['content']}',\r\n\t\t\t\t\t\t\t'{$maxorder}',\r\n\t\t\t\t\t\t\t'{$showtitle}',\r\n\t\t\t\t\t\t\t'{$published}',\r\n\t\t\t\t\t\t\t'{$is_original}',\r\n\t\t\t\t\t\t\t'{$original['user']}',\r\n\t\t\t\t\t\t\t'{$original['config']}',\r\n\t\t\t\t\t\t\t'{$css_prefix}',\r\n '{$template}',\r\n '{$access_list}',\r\n '{$is_strict_bind}',\r\n '{$is_strict_bind_hidden}',\r\n '{$cache}', '{$cachetime}', '{$cacheint}', '{$original['version']}'\r\n )";
$inDB->query($sql);
if ($is_original) {
$sql = "DELETE FROM cms_modules WHERE id = {$mod_id}";
$inDB->query($sql);
}
}
$lastid = $inDB->get_last_id('cms_modules');
if (cmsCore::request('show_all', 'int', 0)) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position)\r\n\t\t\t\t\tVALUES ({$lastid}, 0, '{$position}')";
$inDB->query($sql);
$hidden_menu_ids = cmsCore::request('hidden_menu_ids', 'array_int', array());
if ($hidden_menu_ids) {
$hidden_menu_ids = cmsCore::arrayToYaml($hidden_menu_ids);
$inDB->query("UPDATE cms_modules SET hidden_menu_ids='{$hidden_menu_ids}' WHERE id = '{$lastid}' LIMIT 1");
}
} else {
$showin = cmsCore::request('showin', 'array_int', array());
$showpos = cmsCore::request('showpos', 'array_str', array());
if ($showin) {
foreach ($showin as $key => $value) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position)\r\n\t\t\t\t\t\t\tVALUES ({$lastid}, {$value}, '{$showpos[$value]}')";
$inDB->query($sql);
}
}
}
cmsCore::addSessionMessage($_LANG['AD_MODULE_ADD_SITE'], 'success');
cmsCore::redirect('index.php?view=modules');
}
//============================================================================//
//============================================================================//
if ($do == 'add' || $do == 'edit') {
require '../includes/jwtabs.php';
$GLOBALS['cp_page_head'][] = jwHeader();
$langs = cmsCore::getDirsList('/languages');
if ($do == 'add') {
cpAddPathway($_LANG['AD_MODULE_ADD']);
echo '<h3>' . $_LANG['AD_MODULE_ADD'] . '</h3>';
$show_all = false;
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = $inDB->get_fields('cms_modules', "id = '{$item_id}'", '*');
if (!$mod) {
cmsCore::error404();
}
$mod['hidden_menu_ids'] = cmsCore::yamlToArray($mod['hidden_menu_ids']);
$mod['titles'] = cmsCore::yamlToArray($mod['titles']);
$sql = "SELECT id FROM cms_modules_bind WHERE module_id = {$id} AND menu_id = 0 LIMIT 1";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)) {
$show_all = true;
} else {
$show_all = false;
}
echo '<h3>' . $_LANG['AD_EDIT_MODULE'] . $ostatok . '</h3>';
cpAddPathway($mod['name']);
}
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);');
if (@$mod['is_external']) {
$php_file = 'modules/' . $mod['content'] . '/backend.php';
$xml_file = 'modules/' . $mod['content'] . '/backend.xml';
if (file_exists($php_file) || file_exists($xml_file)) {
$toolmenu[] = array('icon' => 'config.gif', 'title' => $_LANG['CONFIG_MODULE'], 'link' => '?view=modules&do=config&id=' . $mod['id']);
}
}
cpToolMenu($toolmenu);
?>
<form id="addform" name="addform" method="post" action="index.php">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<input type="hidden" name="view" value="modules" />
<table class="proptable" width="100%" cellpadding="15" cellspacing="2">
<tr>
<!-- главная ячейка -->
<td valign="top">
<div><strong><?php
echo $_LANG['AD_MODULE_TITLE'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_VIEW_IN_SITE'];
?>
</span></div>
<div>
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td><input name="title" type="text" id="title" style="width:100%" value="<?php
echo htmlspecialchars($mod['title']);
?>
" /></td>
<td style="width:15px;padding-left:10px;padding-right:0px;">
<input type="checkbox" title="<?php
echo $_LANG['AD_VIEW_TITLE'];
?>
" name="showtitle" <?php
if ($mod['showtitle'] || $do == 'add') {
echo 'checked="checked"';
}
?>
value="1">
</td>
</tr>
</table>
</div>
<?php
if (count($langs) > 1) {
?>
<div><strong><?php
echo $_LANG['AD_LANG_TITLES'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_LANG_TITLES_HINT'];
?>
</span></div>
<?php
foreach ($langs as $lang) {
?>
<div><strong><?php
echo $lang;
?>
:</strong> <input name="titles[<?php
echo $lang;
?>
]" type="text" style="width:97%" value="<?php
echo htmlspecialchars(@$mod['titles'][$lang]);
?>
" placeholder="<?php
echo $_LANG['AD_HINT_DEFAULT'];
?>
" /></div>
<?php
}
?>
<?php
}
?>
<table width="100%" cellpadding="0" cellspacing="0" border="0" style="margin-top:10px;">
<tr>
<td valign="top">
<div>
<strong><?php
echo $_LANG['AD_MODULE_NAME'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_SHOW_ADMIN'];
?>
</span>
</div>
<div>
<?php
if (!isset($mod['user']) || @$mod['user'] == 1) {
?>
<input name="name" type="text" id="name" style="width:99%" value="<?php
echo htmlspecialchars($mod['name']);
?>
" />
<?php
} else {
?>
<input name="" type="text" id="name" style="width:99%" value="<?php
echo @$mod['name'];
?>
" disabled="disabled" />
<input name="name" type="hidden" value="<?php
echo htmlspecialchars($mod['name']);
?>
" />
<?php
}
?>
</div>
</td>
<td valign="top" width="160" style="padding-left:10px;">
<div>
<strong><?php
echo $_LANG['AD_PREFIX_CSS'];
?>
</strong>
</div>
<div>
<input name="css_prefix" type="text" id="css_prefix" value="<?php
echo @$mod['css_prefix'];
?>
" style="width:154px" />
</div>
</td>
</tr>
</table>
<div style="margin-top:8px">
<strong><?php
echo $_LANG['AD_DEFOLT_VIEW'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_POSITION_MUST_BE'];
?>
</span>
</div>
<div>
<?php
$pos = cpModulePositions(cmsConfig::getConfig('template'));
?>
<table width="100%" cellpadding="0" cellspacing="0" border="0" style="margin-top:5px;">
<tr>
<td valign="top">
<select name="position" id="position" style="width:100%">
<?php
if ($pos) {
foreach ($pos as $key => $position) {
if (@$mod['position'] == $position) {
echo '<option value="' . $position . '" selected>' . $position . '</option>';
} else {
echo '<option value="' . $position . '">' . $position . '</option>';
}
}
}
?>
</select>
</td>
<?php
if (file_exists(PATH . '/templates/' . TEMPLATE . '/positions.jpg')) {
?>
<td valign="top" width="160" style="padding-left:10px;">
<script>
$(function() {
$('#pos').dialog({modal: true, autoOpen: false, closeText: LANG_CLOSE, width: 'auto'});
});
</script>
<a onclick="$('#pos').dialog('open');return false;" href="#" class="ajaxlink"><?php
echo $_LANG['AD_SEE_VISUALLY'];
?>
</a>
<div id="pos" title="<?php
echo $_LANG['AD_TPL_POS'];
?>
"><img src="/templates/<?php
echo TEMPLATE;
?>
/positions.jpg" alt="<?php
echo $_LANG['AD_TPL_POS'];
?>
" /></div>
</td>
<?php
}
?>
</tr>
</table>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_MODULE_TEMPLATE'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_FOLDER_MODULES'];
?>
</span>
</div>
<div>
<?php
$tpls = cmsAdmin::getModuleTemplates();
?>
<select name="template" id="template" style="width:100%">
<?php
foreach ($tpls as $tpl) {
$selected = $mod['template'] == $tpl || !$mod['template'] && $tpl == 'module.tpl' ? 'selected="selected"' : '';
echo '<option value="' . $tpl . '" ' . $selected . '>' . $tpl . '</option>';
}
?>
</select>
</div>
<?php
if ($do == 'add') {
?>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_MODULE_TYPE'];
?>
</strong>
</div>
<div>
<select name="operate" id="operate" onchange="checkDiv()" style="width:100%">
<option value="user" selected="selected"><?php
echo $_LANG['AD_MODULE_TYPE_NEW'];
?>
</option>
<option value="clone"><?php
echo $_LANG['AD_MODULE_TYPE_COPY'];
?>
</option>
</select>
</div>
<?php
}
?>
<?php
if (!isset($mod['user']) || $mod['user'] == 1 || $do == 'add') {
?>
<div id="user_div">
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_MODULE_CONTENT'];
?>
</strong>
</div>
<div><?php
insertPanel();
?>
</div>
<div>
<?php
$inCore->insertEditor('content', $mod['content'], '250', '100%');
?>
</div>
</div>
<?php
}
?>
<div id="clone_div" style="display:none;">
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_MODULE_COPY'];
?>
</strong>
</div>
<div>
<select name="clone_id" id="clone_id" style="width:100%">
<?php
echo $inCore->getListItems('cms_modules');
?>
</select>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:6px">
<tr>
<td width="20"><input type="checkbox" name="del_orig" id="del_orig" value="1" /></td>
<td><label for="del_orig"><?php
echo $_LANG['AD_ORIGINAL_MODULE_DELETE'];
?>
</label></td>
</tr>
</table>
</div>
</div>
</td>
<!-- боковая ячейка -->
<td width="300" valign="top" style="background:#ECECEC;">
<?php
ob_start();
?>
{tab=<?php
echo $_LANG['AD_TAB_PUBLISH'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20"><input type="checkbox" name="published" id="published" value="1" <?php
if ($mod['published'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="published"><strong><?php
echo $_LANG['AD_MODULE_PUBLIC'];
?>
</strong></label></td>
</tr>
<tr>
<td width="20"><input name="show_all" id="show_all" type="checkbox" value="1" onclick="checkGroupList()" <?php
if ($show_all) {
echo 'checked';
}
?>
/></td>
<td><label for="show_all"><strong><?php
echo $_LANG['AD_VIEW_ALL_PAGES'];
?>
</strong></label></td>
</tr>
</table>
<?php
if ($do == 'edit') {
$bind_sql = "SELECT * FROM cms_modules_bind WHERE module_id = " . $mod['id'];
$bind_res = $inDB->query($bind_sql);
$bind = array();
$bind_pos = array();
while ($r = $inDB->fetch_assoc($bind_res)) {
$bind[] = $r['menu_id'];
$bind_pos[$r['menu_id']] = $r['position'];
}
}
$menu_sql = "SELECT * FROM cms_menu ORDER BY NSLeft, ordering";
$menu_res = $inDB->query($menu_sql);
$menu_items = array();
if ($inDB->num_rows($menu_res)) {
while ($item = $inDB->fetch_assoc($menu_res)) {
if ($do == 'edit') {
if (in_array($item['id'], $bind)) {
$item['selected'] = true;
$item['position'] = $bind_pos[$item['id']];
}
}
$item['titles'] = cmsCore::yamlToArray($item['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($item['titles'][cmsConfig::getConfig('lang')])) {
$item['title'] = $item['titles'][cmsConfig::getConfig('lang')];
}
$item['title'] = str_replace($_LANG['AD_ROOT_PAGES'], $_LANG['AD_MAIN'], $item['title']);
$menu_items[] = $item;
}
}
?>
<div id="grp">
<div style="margin-top:13px">
<strong class="show_list"><?php
echo $_LANG['AD_WHERE_MODULE_VIEW'];
?>
</strong>
<strong class="hide_list"><?php
echo $_LANG['AD_WHERE_MODULE_NOT_VIEW'];
?>
</strong>
</div>
<div style="height:300px;overflow: auto;border: solid 1px #999; padding:5px 10px; background: #FFF;">
<table cellpadding="0" cellspacing="0" border="0" width="100%" align="center">
<tr>
<td colspan="2" height="25"><strong><?php
echo $_LANG['AD_MENU'];
?>
</strong></td>
<td class="show_list" align="center" width="50"><strong><?php
echo $_LANG['AD_POSITION'];
?>
</strong></td>
</tr>
<?php
foreach ($menu_items as $i) {
?>
<tr class="show_list">
<td width="20" height="25">
<input type="checkbox" name="showin[]" id="mid<?php
echo $i['id'];
?>
" value="<?php
echo $i['id'];
?>
" <?php
if ($i['selected']) {
?>
checked="checked"<?php
}
?>
onclick="$('#p<?php
echo $i['id'];
?>
').toggle()"/>
</td>
<td style="padding-left:<?php
echo $i['NSLevel'] * 6 - 6;
?>
px"><label for="mid<?php
echo $i['id'];
?>
"><?php
echo $i['title'];
?>
</label></td>
<td align="center">
<select id="p<?php
echo $i['id'];
?>
" name="showpos[<?php
echo $i['id'];
?>
]" style="<?php
if (!$i['selected']) {
?>
display:none<?php
}
?>
">
<?php
foreach ($pos as $position) {
?>
<option value="<?php
echo $position;
?>
" <?php
if ($i['position'] == $position) {
?>
selected="selected"<?php
}
?>
><?php
echo $position;
?>
</option>
<?php
}
?>
</select>
</td>
</tr>
<?php
}
?>
<?php
foreach ($menu_items as $it) {
?>
<tr class="hide_list">
<td width="20" height="25">
<input type="checkbox" name="hidden_menu_ids[]" id="hmid<?php
echo $it['id'];
?>
" value="<?php
echo $it['id'];
?>
" <?php
if (in_array($it['id'], $mod['hidden_menu_ids'])) {
?>
checked="checked"<?php
}
?>
/>
</td>
<td style="padding-left:<?php
echo $it['NSLevel'] * 6 - 6;
?>
px"><label for="hmid<?php
echo $it['id'];
?>
"><?php
echo $it['title'];
?>
</label></td>
</tr>
<?php
}
?>
</table>
</div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist show_list">
<tr>
<td width="20"><input type="checkbox" name="is_strict_bind" id="is_strict_bind" value="1" <?php
if ($mod['is_strict_bind']) {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="is_strict_bind"><strong><?php
echo $_LANG['AD_DONT_VIEW'];
?>
</strong></label></td>
</tr>
</table>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist hide_list">
<tr>
<td width="20"><input type="checkbox" name="is_strict_bind_hidden" id="is_strict_bind_hidden" value="1" <?php
if ($mod['is_strict_bind_hidden']) {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="is_strict_bind_hidden"><strong><?php
echo $_LANG['AD_EXCEPT_NESTED'];
?>
</strong></label></td>
</tr>
</table>
</div>
<?php
if ($mod['is_external'] && $do == 'edit' || $do == 'add') {
?>
{tab=<?php
echo $_LANG['AD_MODULE_CACHE'];
?>
}
<div style="margin-top:4px">
<strong><?php
echo $_LANG['AD_DO_MODULE_CACHE'];
?>
</strong>
</div>
<div>
<select name="cache" id="cache" style="width:100%">
<option value="0" <?php
if (@(!$mod['cache'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['NO'];
?>
</option>
<option value="1" <?php
if (@$mod['cache']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['YES'];
?>
</option>
</select>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_MODULE_CACHE_PERIOD'];
?>
</strong>
</div>
<div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" style="margin-top:5px;">
<tr>
<td valign="top" width="100">
<input name="cachetime" type="text" id="int_1" style="width:99%" value="<?php
echo @(int) $mod['cachetime'];
?>
"/>
</td>
<td valign="top" style="padding-left:5px">
<select name="cacheint" id="int_2" style="width:100%">
<option value="MINUTE" <?php
if (@mb_strstr($mod['cacheint'], 'MINUTE')) {
echo 'selected="selected"';
}
?>
><?php
echo cmsCore::spellCount((int) @$mod['cachetime'], $_LANG['MINUTE1'], $_LANG['MINUTE2'], $_LANG['MINUTE10'], false);
?>
</option>
<option value="HOUR" <?php
if (@mb_strstr($mod['cacheint'], 'HOUR')) {
echo 'selected="selected"';
}
?>
><?php
echo cmsCore::spellCount((int) @$mod['cachetime'], $_LANG['HOUR1'], $_LANG['HOUR2'], $_LANG['HOUR10'], false);
?>
</option>
<option value="DAY" <?php
if (@mb_strstr($mod['cacheint'], 'DAY')) {
echo 'selected="selected"';
}
?>
><?php
echo cmsCore::spellCount((int) @$mod['cachetime'], $_LANG['DAY1'], $_LANG['DAY2'], $_LANG['DAY10'], false);
?>
</option>
<option value="MONTH" <?php
if (@mb_strstr($mod['cacheint'], 'MONTH')) {
echo 'selected="selected"';
}
?>
><?php
echo cmsCore::spellCount((int) @$mod['cachetime'], $_LANG['MONTH1'], $_LANG['MONTH2'], $_LANG['MONTH10'], false);
?>
</option>
</select>
</td>
</tr>
</table>
</div>
<div style="margin-top:15px">
<?php
if ($do == 'edit') {
if ($inCore->isCached('module', $mod['id'], $mod['cachetime'], $mod['cacheint'])) {
$t = 'module' . $mod['id'];
$cfile = PATH . '/cache/' . md5($t) . '.html';
if (file_exists($cfile)) {
$kb = round(filesize($cfile) / 1024, 2);
echo '<a href="index.php?view=cache&do=delcache&target=module&id=' . $mod['id'] . '">' . $_LANG['AD_MODULE_CACHE_DELETE'] . '</a> (' . $kb . $_LANG['SIZE_KB'] . ')';
}
} else {
echo '<span style="color:gray">' . $_LANG['AD_NO_CACHE'] . '</span>';
}
}
?>
</div>
<?php
}
?>
{tab=<?php
echo $_LANG['AD_TAB_ACCESS'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<?php
$groups = cmsUser::getGroups();
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
if ($mod['access_list']) {
$public = '';
$style = '';
$access_list = $inCore->yamlToArray($mod['access_list']);
}
}
?>
<input name="is_public" type="checkbox" id="is_public" onclick="checkAccesList()" value="1" <?php
echo $public;
?>
/>
</td>
<td><label for="is_public"><strong><?php
echo $_LANG['AD_SHARE'];
?>
</strong></label></td>
</tr>
</table>
<div style="padding:5px">
<span class="hinttext">
<?php
echo $_LANG['AD_IF_CHECKED'];
?>
</span>
</div>
<div style="margin-top:10px;padding:5px;padding-right:0px;">
<div>
<strong><?php
echo $_LANG['AD_GROUPS_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<?php
echo '<select style="width: 99%" name="allow_group[]" id="allow_group" size="6" multiple="multiple" ' . $style . '>';
if ($groups) {
foreach ($groups as $group) {
echo '<option value="' . $group['id'] . '"';
if ($do == 'edit' && $mod['access_list']) {
if (inArray($access_list, $group['id'])) {
echo 'selected="selected"';
}
}
echo '>';
echo $group['title'] . '</option>';
}
}
echo '</select>';
?>
</div>
</div>
{/tabs}
<?php
echo jwTabs(ob_get_clean());
?>
</td>
</tr>
</table>
<p>
<input name="add_mod" type="submit" id="add_mod" value="<?php
echo $_LANG['SAVE'];
?>
" />
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.history.back();" />
<input name="do" type="hidden" id="do" <?php
if ($do == 'add') {
echo 'value="submit"';
} else {
echo 'value="update"';
}
?>
/>
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="' . $mod['id'] . '" />';
}
?>
</p>
</form>
<?php
}
//============================================================================//
//============================================================================//
}
function applet_content() {
$inCore = cmsCore::getInstance();
cmsCore::m('content');
global $_LANG;
//check access
global $adminAccess;
if (!cmsUser::isAdminCan('admin/content', $adminAccess)) { cpAccessDenied(); }
$cfg = $inCore->loadComponentConfig('content');
cmsCore::c('page')->setTitle($_LANG['AD_ARTICLES']);
cpAddPathway($_LANG['AD_ARTICLES'], 'index.php?view=tree');
$do = cmsCore::request('do', 'str', 'add');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'arhive_on') {
cmsCore::c('db')->setFlag('cms_content', $id, 'is_arhive', '1');
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_TO_ARHIVE'], 'success');
cmsCore::redirectBack();
}
if ($do == 'move') {
$item_id = cmsCore::request('id', 'int', 0);
$cat_id = cmsCore::request('cat_id', 'int', 0);
$dir = cmsCore::request('dir', 'str');
$step = 1;
cmsCore::m('content')->moveItem($item_id, $cat_id, $dir, $step);
cmsCore::halt(1);
}
if ($do == 'move_to_cat') {
$items = cmsCore::request('item', 'array_int');
$to_cat_id = cmsCore::request('obj_id', 'int', 0);
if ($items && $to_cat_id) {
$last_ordering = (int)cmsCore::c('db')->get_field('cms_content', "category_id = '". $to_cat_id ."' ORDER BY ordering DESC", 'ordering');
foreach ($items as $item_id) {
$article = cmsCore::m('content')->getArticle($item_id);
if (!$article) { continue; }
$last_ordering++;
cmsCore::m('content')->updateArticle(
$article['id'],
array(
'category_id' => $to_cat_id,
'ordering' => $last_ordering,
'url' => $article['url'],
'title' => cmsCore::c('db')->escape_string($article['title']),
'id' => $article['id'],
'user_id' => $article['user_id']
)
);
}
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_TO'], 'success');
}
cmsCore::redirect('?view=tree&cat_id='. $to_cat_id);
}
if ($do == 'show') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) { cmsCore::c('db')->setFlag('cms_content', $id, 'published', '1'); }
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_content', cmsCore::request('item', 'array_int'), 'published', '1');
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) { cmsCore::c('db')->setFlag('cms_content', $id, 'published', '0'); }
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_content', cmsCore::request('item', 'array_int'), 'published', '0');
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) {
cmsCore::m('content')->deleteArticle($id);
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_REMOVE'], 'success');
}
} else {
cmsCore::m('content')->deleteArticles(cmsCore::request('item', 'array_int'));
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_REMOVE'], 'success');
}
cmsCore::redirectBack();
}
if ($do == 'update'){
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
if (cmsCore::inRequest('id')) {
$id = cmsCore::request('id', 'int', 0);
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['title'] = cmsCore::request('title', 'str');
$article['url'] = cmsCore::request('url', 'str');
$article['showtitle'] = cmsCore::request('showtitle', 'int', 0);
$article['description'] = cmsCore::request('description', 'html', '');
$article['description'] = cmsCore::c('db')->escape_string($article['description']);
$article['content'] = cmsCore::request('content', 'html', '');
$article['content'] = cmsCore::c('db')->escape_string($article['content']);
$article['published'] = cmsCore::request('published', 'int', 0);
$article['showdate'] = cmsCore::request('showdate', 'int', 0);
$article['showlatest'] = cmsCore::request('showlatest', 'int', 0);
$article['showpath'] = cmsCore::request('showpath', 'int', 0);
$article['comments'] = cmsCore::request('comments', 'int', 0);
$article['canrate'] = cmsCore::request('canrate', 'int', 0);
$enddate = explode('.', cmsCore::request('enddate', 'str'));
$article['enddate'] = $enddate[2] .'-'. $enddate[1] .'-'. $enddate[0];
$article['is_end'] = cmsCore::request('is_end', 'int', 0);
$article['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$article['tags'] = cmsCore::request('tags', 'str');
$olddate = cmsCore::request('olddate', 'str', '');
$pubdate = cmsCore::request('pubdate', 'str', '');
$article['user_id'] = cmsCore::request('user_id', 'int', cmsCore::c('user')->id);
$article['tpl'] = cmsCore::request('tpl', 'str', 'com_content_read');
if ($olddate != $pubdate) {
$date = explode('.', $pubdate);
$article['pubdate'] = $date[2] .'-'. $date[1] .'-'. $date[0] .' '. date('H:i');
}
$autokeys = cmsCore::request('autokeys', 'int');
switch($autokeys){
case 1: $article['meta_keys'] = $inCore->getKeywords($article['content']);
$article['meta_desc'] = $article['title'];
break;
case 2: $article['meta_desc'] = strip_tags($article['description']);
$article['meta_keys'] = $article['tags'];
break;
case 3: $article['meta_desc'] = cmsCore::request('meta_desc', 'str');
$article['meta_keys'] = cmsCore::request('meta_keys', 'str');
break;
}
cmsCore::m('content')->updateArticle($id, $article);
if (!cmsCore::request('is_public', 'int', 0)) {
$showfor = cmsCore::request('showfor', 'array_int', array());
cmsCore::setAccess($id, $showfor, 'material');
} else {
cmsCore::clearAccess($id, 'material');
}
cmsCore::m('content')->uploadArticeImage($id, cmsCore::request('delete_image', 'int', 0));
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_SAVE'], 'success');
if (!isset($_SESSION['editlist']) || count($_SESSION['editlist']) == 0) {
cmsCore::redirect('?view=tree&cat_id='.$article['category_id']);
} else {
cmsCore::redirect('?view=content&do=edit');
}
}
}
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['title'] = cmsCore::request('title', 'str');
$article['url'] = cmsCore::request('url', 'str');
$article['showtitle'] = cmsCore::request('showtitle', 'int', 0);
$article['description'] = cmsCore::request('description', 'html', '');
$article['description'] = cmsCore::c('db')->escape_string($article['description']);
$article['content'] = cmsCore::request('content', 'html', '');
$article['content'] = cmsCore::c('db')->escape_string($article['content']);
$article['published'] = cmsCore::request('published', 'int', 0);
$article['showdate'] = cmsCore::request('showdate', 'int', 0);
$article['showlatest'] = cmsCore::request('showlatest', 'int', 0);
$article['showpath'] = cmsCore::request('showpath', 'int', 0);
$article['comments'] = cmsCore::request('comments', 'int', 0);
$article['canrate'] = cmsCore::request('canrate', 'int', 0);
$enddate = explode('.', cmsCore::request('enddate', 'str'));
$article['enddate'] = $enddate[2] .'-'. $enddate[1] .'-'. $enddate[0];
$article['is_end'] = cmsCore::request('is_end', 'int', 0);
$article['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$article['tags'] = cmsCore::request('tags', 'str');
$article['pubdate'] = cmsCore::request('pubdate', 'str');
$date = explode('.', $article['pubdate']);
$article['pubdate'] = $date[2] .'-'. $date[1] .'-'. $date[0] .' '. date('H:i');
$article['user_id'] = cmsCore::request('user_id', 'int', cmsCore::c('user')->id);
$article['tpl'] = cmsCore::request('tpl', 'str', 'com_content_read');
$autokeys = cmsCore::request('autokeys', 'int');
switch ($autokeys) {
case 1: $article['meta_keys'] = $inCore->getKeywords($article['content']);
$article['meta_desc'] = $article['title'];
break;
case 2: $article['meta_desc'] = strip_tags($article['description']);
$article['meta_keys'] = $article['tags'];
break;
case 3: $article['meta_desc'] = cmsCore::request('meta_desc', 'str');
$article['meta_keys'] = cmsCore::request('meta_keys', 'str');
break;
}
$article['id'] = cmsCore::m('content')->addArticle($article);
if (!cmsCore::request('is_public', 'int', 0)) {
$showfor = cmsCore::request('showfor', 'array_int', array());
cmsCore::setAccess($article['id'], $showfor, 'material');
}
$inmenu = cmsCore::request('createmenu', 'str', '');
if ($inmenu) {
createMenuItem($inmenu, $article['id'], $article['title']);
}
cmsCore::m('content')->uploadArticeImage($article['id']);
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_ADD'], 'success');
cmsCore::redirect('?view=tree&cat_id='. $article['category_id']);
}
if ($do == 'add' || $do == 'edit') {
$toolmenu = array(
array( 'icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();' ),
array( 'icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);' )
);
cpToolMenu($toolmenu);
$menu_list = cpGetList('menu');
if ($do == 'add') {
echo '<h3>'. $_LANG['AD_CREATE_ARTICLE'] .'</h3>';
cpAddPathway($_LANG['AD_CREATE_ARTICLE'], 'index.php?view=content&do=add');
$mod = array(
'category_id' => cmsCore::request('to', 'int'),
'showpath' => 1,
'tpl' => 'com_content_read'
);
} else {
if (isset($_REQUEST['item'])){
$_SESSION['editlist'] = $_REQUEST['item'];
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$id = array_shift($_SESSION['editlist']);
if (count($_SESSION['editlist'])==0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '('. $_LANG['AD_NEXT_IN'] . count($_SESSION['editlist']) .')';
}
} else {
$id = (int)$_REQUEST['id'];
}
$sql = "SELECT *, (TO_DAYS(enddate) - TO_DAYS(CURDATE())) as daysleft, DATE_FORMAT(pubdate, '%d.%m.%Y') as pubdate, DATE_FORMAT(enddate, '%d.%m.%Y') as enddate
FROM cms_content
WHERE id = ". $id ." LIMIT 1";
$result = cmsCore::c('db')->query($sql) ;
if (cmsCore::c('db')->num_rows($result)) {
$mod = cmsCore::c('db')->fetch_assoc($result);
if (!empty($mod['images'])) {
$mod['images'] = json_decode($mod['images'], true);
}
}
echo '<h3>'. $_LANG['AD_EDIT_ARTICLE'] . $ostatok .'</h3>';
cpAddPathway($mod['title'], 'index.php?view=content&do=edit&id='. $mod['id']);
}
$ajaxUploader = cmsCore::c('page')->initAjaxUpload(
'plupload',
array(
'component' => 'content',
'target_id' => cmsCore::getArrVal($mod, 'id', 0),
'insertEditor' => 'content'
),
cmsCore::getArrVal($mod, 'images', false)
);
$tab_plugins = cmsCore::callTabEventPlugins('ADMIN_CONTENT_TABS', !empty($mod['id']) ? $mod : array());
?>
<form id="addform" name="addform" method="post" action="index.php" enctype="multipart/form-data">
<input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" />
<input type="hidden" name="view" value="content" />
<table class="table">
<tr>
<!-- главная ячейка -->
<td valign="top">
<table width="100%" cellpadding="0" cellspacing="4" border="0">
<tr>
<td valign="top">
<label><?php echo $_LANG['AD_ARTICLE_NAME']; ?></label>
<div>
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td><input type="text" class="form-control" name="title" value="<?php echo htmlspecialchars($mod['title']);?>" /></td>
<td style="width:15px;padding-left:10px;padding-right:10px;">
<input type="checkbox" class="uittip" title="<?php echo $_LANG['AD_VIEW_TITLE']; ?>" name="showtitle" <?php if ($mod['showtitle'] || $do=='add') { echo 'checked="checked"'; } ?> value="1">
</td>
</tr>
</table>
</div>
</td>
<td width="130" valign="top">
<label><?php echo $_LANG['AD_PUBLIC_DATE']; ?></label>
<div>
<input type="text" id="pubdate" class="form-control" name="pubdate" style="width:100px;display: inline-block" <?php if(@!$mod['pubdate']) { echo 'value="'.date('d.m.Y').'"'; } else { echo 'value="'.$mod['pubdate'].'"'; } ?>/>
<input type="hidden" name="olddate" value="<?php echo @$mod['pubdate']?>" />
</div>
</td>
<td width="16" valign="bottom" style="padding-bottom:10px">
<input type="checkbox" id="showdate" class="uittip" name="showdate" title="<?php echo $_LANG['AD_VIEW_DATE_AND_AUTHOR']; ?>" value="1" <?php if ($mod['showdate'] || $do=='add') { echo 'checked="checked"'; } ?>/>
</td>
<td width="160" valign="top">
<label><?php echo $_LANG['AD_ARTICLE_TEMPLATE']; ?></label>
<div><input type="text" class="form-control" style="width:160px" name="tpl" value="<?php echo @$mod['tpl'];?>"></div>
</td>
</tr>
</table>
<div class="form-group">
<label><?php echo $_LANG['AD_ARTICLE_NOTICE']; ?></label>
<div><?php $inCore->insertEditor('description', $mod['description'], '200', '100%'); ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_ARTICLE_TEXT']; ?></label>
<?php insertPanel(); ?>
<div><?php $inCore->insertEditor('content', $mod['content'], '400', '100%'); ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_ARTICLE_TAGS']; ?></label>
<input type="text" id="tags" class="form-control" name="tags" value="<?php if (isset($mod['id'])) { echo cmsTagLine('content', $mod['id'], false); } ?>" />
</div>
<div>
<label>
<input type="radio" name="autokeys" <?php if ($do == 'add' && $cfg['autokeys']) { ?>checked="checked"<?php } ?> value="1"/>
<?php echo $_LANG['AD_AUTO_GEN_KEY']; ?>
</label>
</div>
<div>
<label>
<input type="radio" name="autokeys" value="2" />
<?php echo $_LANG['AD_TAGS_AS_KEY']; ?>
</label>
</div>
<div>
<label>
<input type="radio" name="autokeys" id="autokeys3" value="3" <?php if ($do == 'edit' || !$cfg['autokeys']) { ?>checked="checked"<?php } ?>/>
<?php echo $_LANG['AD_MANUAL_KEY']; ?>
</label>
</div>
<?php if ($cfg['af_on'] && $do=='add') { ?>
<div>
<label>
<input type="checkbox" name="noforum" id="noforum" value="1" />
<?php echo $_LANG['AD_NO_CREATE_THEME']; ?>
</label>
</div>
<?php } ?>
</td>
<!-- боковая ячейка -->
<td valign="top" style="width:450px">
<div class="uitabs">
<ul id="tabs">
<li><a href="#upr_publish"><span><?php echo $_LANG['AD_TAB_PUBLISH']; ?></span></a></li>
<li><a href="#upr_restrictions"><span><?php echo $_LANG['AD_RESTRICTIONS']; ?></span></a></li>
<li><a href="#upr_photos"><span><?php echo $_LANG['AD_PHOTOS']; ?></span></a></li>
<?php if (!empty($tab_plugins)){ foreach ($tab_plugins as $tab_plugin){ ?>
<li><a href="<?php if ($tab_plugin['ajax_link']){ echo $tab_plugin['ajax_link']; }else{ echo '#upr_'. $tab_plugin['name']; } ?>" title="<?php echo $tab_plugin['name']; ?>"><span><?php echo $tab_plugin['title']; ?></span></a></li>
<?php }} ?>
</ul>
<div id="upr_publish">
<div class="form-group">
<label>
<input type="checkbox" name="published" id="published" value="1" <?php if ($mod['published'] || $do=='add') { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_PUBLIC_ARTICLE']; ?>
</label>
</div>
<div class="form-group">
<select id="category_id" class="form-control" style="height:200px" name="category_id" size="10">
<option value="1" <?php if (@$mod['category_id']==1 || !isset($mod['category_id'])) { echo 'selected="selected"'; }?>><?php echo $_LANG['AD_ROOT_CATEGORY'] ; ?></option>
<?php
if (isset($mod['category_id'])){
echo $inCore->getListItemsNS('cms_category', $mod['category_id']);
} else {
echo $inCore->getListItemsNS('cms_category');
}
?>
</select>
<select id="showpath" name="showpath" class="form-control">
<option value="0" <?php if (@!$mod['showpath']) { echo 'selected="selected"'; } ?>><?php echo $_LANG['AD_PATHWAY_NAME_ONLY']; ?></option>
<option value="1" <?php if (@$mod['showpath']) { echo 'selected="selected"'; } ?>><?php echo $_LANG['AD_PATHWAY_FULL']; ?></option>
</select>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_ARTICLE_URL']; ?></label>
<input type="text" class="form-control" name="url" value="<?php echo $mod['url']; ?>" />
<div class="help-block"><?php echo $_LANG['AD_IF_UNKNOWN_PAGETITLE']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_ARTICLE_AUTHOR']; ?></label>
<select id="user_id" class="form-control" name="user_id">
<?php
if (isset($mod['user_id'])) {
echo $inCore->getListItems('cms_users', $mod['user_id'], 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
} else {
echo $inCore->getListItems('cms_users', cmsCore::c('user')->id, 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
}
?>
</select>
</div>
<h4><?php echo $_LANG['AD_PUBLIC_PARAMETRS']; ?></h4>
<div class="form-group">
<label>
<input type="checkbox" name="showlatest" value="1" <?php if ($mod['showlatest'] || $do=='add') { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_VIEW_NEW_ARTICLES']; ?>
</label>
<label>
<input type="checkbox" name="comments" value="1" <?php if ($mod['comments'] || $do=='add') { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_ENABLE_COMMENTS']; ?>
</label>
<label>
<input type="checkbox" name="canrate" value="1" <?php if ($mod['canrate']) { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_ENABLE_RATING']; ?>
</label>
</div>
<h4>SEO</h4>
<div class="form-group">
<label><?php echo $_LANG['AD_PAGE_TITLE']; ?></label>
<input type="text" class="form-control" name="pagetitle" value="<?php if (isset($mod['pagetitle'])) { echo htmlspecialchars($mod['pagetitle']); } ?>" />
<div class="help-block"><?php echo $_LANG['AD_IF_UNKNOWN']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['KEYWORDS']; ?></label>
<textarea class="form-control" name="meta_keys" rows="4"><?php echo htmlspecialchars($mod['meta_keys']);?></textarea>
<div class="help-block"><?php echo $_LANG['AD_FROM_COMMA']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['DESCRIPTION']; ?></label>
<textarea class="form-control" name="meta_desc" rows="6"><?php echo htmlspecialchars($mod['meta_desc']);?></textarea>
<div class="help-block"><?php echo $_LANG['AD_LESS_THAN']; ?></div>
</div>
<?php if ($do=='add'){ ?>
<div class="form-group">
<label><?php echo $_LANG['AD_CREATE_LINK']; ?></label>
<select class="form-control" name="createmenu">
<option value="0" selected="selected"><?php echo $_LANG['AD_DONT_CREATE_LINK']; ?></option>
<?php foreach ($menu_list as $menu) { ?>
<option value="<?php echo $menu['id']; ?>">
<?php echo $menu['title']; ?>
</option>
<?php } ?>
</select>
</div>
<?php } ?>
</div>
<div id="upr_restrictions">
<div class="form-group">
<label><?php echo $_LANG['AD_ARTICLE_TIME']; ?></label>
<select class="form-control" name="is_end" onchange="if($(this).val() == 1){ $('#final_time').show(); }else {$('#final_time').hide();}">
<option value="0" <?php if (@!$mod['is_end']) { echo 'selected="selected"'; } ?>><?php echo $_LANG['AD_UNLIMITED']; ?></option>
<option value="1" <?php if (@$mod['is_end']) { echo 'selected="selected"'; } ?>><?php echo $_LANG['AD_TO_FINAL_TIME']; ?></option>
</select>
</div>
<div id="final_time" class="form-group" <?php if (@!$mod['is_end']) { echo 'style="display: none"'; } ?>>
<label><?php echo $_LANG['AD_FINAL_TIME']; ?></label>
<input type="text" id="enddate" class="form-control" name="enddate" <?php if(@!$mod['is_end']) { echo 'value="'.date('d.m.Y').'"'; } else { echo 'value="'. $mod['enddate'] .'"'; } ?> />
<div class="help-block"><?php echo $_LANG['AD_CALENDAR_FORMAT']; ?></div>
</div>
<div class="form-group">
<?php
$sql = "SELECT * FROM cms_user_groups";
$result = cmsCore::c('db')->query($sql) ;
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
$sql2 = "SELECT * FROM cms_content_access WHERE content_id = ".$mod['id']." AND content_type = 'material'";
$result2 = cmsCore::c('db')->query($sql2);
$ord = array();
if (cmsCore::c('db')->num_rows($result2)){
$public = '';
$style = '';
while ($r = cmsCore::c('db')->fetch_assoc($result2)){
$ord[] = $r['group_id'];
}
}
}
?>
<label>
<input name="is_public" type="checkbox" id="is_public" onclick="checkGroupList()" value="1" <?php echo $public?> />
<?php echo $_LANG['AD_SHARE']; ?>
</label>
<div class="help-block"><?php echo $_LANG['AD_IF_NOTED']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_GROUPS_VIEW']; ?></label>
<?php
echo '<select id="showin" class="form-control" name="showfor[]" size="6" multiple="multiple" '.$style.'>';
if (cmsCore::c('db')->num_rows($result)){
while ($item = cmsCore::c('db')->fetch_assoc($result)){
echo '<option value="'.$item['id'].'"';
if ($do=='edit'){
if (in_array($item['id'], $ord)){
echo 'selected="selected"';
}
}
echo '>';
echo $item['title'].'</option>';
}
}
echo '</select>';
?>
<div class="help-block"><?php echo $_LANG['AD_SELECT_MULTIPLE_CTRL']; ?></div>
</div>
</div>
<div id="upr_photos">
<div class="form-group">
<label><?php echo $_LANG['AD_PHOTO']; ?></label>
<?php
if ($do == 'edit' && file_exists(PATH.'/images/photos/small/article'. $mod['id'] .'.jpg')){
?>
<div style="margin-top:3px;margin-bottom:3px;padding:10px;border:solid 1px gray;text-align:center">
<img src="/images/photos/small/article<?php echo $id; ?>.jpg" border="0" />
</div>
<label>
<input type="checkbox" name="delete_image" value="1" />
<?php echo $_LANG['AD_PHOTO_REMOVE']; ?>
</label>
<?php
}
?>
<input type="file" class="form-control" name="picture" />
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_INSERTED_IMAGES']; ?></label>
<?php echo $ajaxUploader; ?>
</div>
</div>
<?php foreach ($tab_plugins as $tab_plugin) { ?>
<div id="upr_<?php echo $tab_plugin['name']; ?>"><?php echo $tab_plugin['html']; ?></div>
<?php } ?>
</div>
</td>
</tr>
</table>
<div>
<input type="submit" class="btn btn-primary" name="add_mod" <?php if ($do == 'add') { echo 'value="'. $_LANG['AD_CREATE_CONTENT'] .'"'; } else { echo 'value="'. $_LANG['AD_SAVE_CONTENT'] .'"'; } ?> />
<input type="button" class="btn btn-default" name="back" value="<?php echo $_LANG['CANCEL']; ?>" onclick="window.history.back();"/>
<input type="hidden" name="do" <?php if ($do == 'add') { echo 'value="submit"'; } else { echo 'value="update"'; } ?> />
<?php
if ($do == 'edit') {
echo '<input type="hidden" name="id" value="'. $mod['id'] .'" />';
}
?>
</div>
</form>
<?php
}
}
function applet_plugins()
{
global $_LANG;
$inCore = cmsCore::getInstance();
cmsCore::c('page')->setTitle($_LANG['AD_PLUGINS']);
cpAddPathway($_LANG['AD_PLUGINS'], 'index.php?view=plugins');
global $adminAccess;
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) {
cpAccessDenied();
}
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'hide') {
cmsCore::c('db')->setFlag('cms_plugins', $id, 'published', '0');
cmsCore::halt('1');
}
if ($do == 'show') {
cmsCore::c('db')->setFlag('cms_plugins', $id, 'published', '1');
cmsCore::halt('1');
}
if ($do == 'list') {
$toolmenu = array(array('icon' => 'install.gif', 'title' => $_LANG['AD_INSTALL_PLUGINS'], 'link' => '?view=install&do=plugin'), array('icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=plugins'));
cpToolMenu($toolmenu);
$fields = array(array('title' => 'id', 'field' => 'id', 'width' => '40'), array('title' => $_LANG['TITLE'], 'field' => 'title', 'link' => '?view=plugins&do=config&id=%id%', 'width' => '250'), array('title' => $_LANG['DESCRIPTION'], 'field' => 'description', 'width' => ''), array('title' => $_LANG['AD_AUTHOR'], 'field' => 'author', 'width' => '160'), array('title' => $_LANG['AD_VERSION'], 'field' => 'version', 'width' => '80'), array('title' => $_LANG['AD_FOLDER'], 'field' => 'plugin', 'width' => '100'), array('title' => $_LANG['AD_ENABLE'], 'field' => 'published', 'width' => '80'));
$actions = array(array('title' => $_LANG['AD_CONFIG'], 'icon' => 'config.gif', 'link' => '?view=plugins&do=config&id=%id%'), array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'link' => '?view=install&do=remove_plugin&id=%id%', 'confirm' => $_LANG['AD_REMOVE_PLUGIN_FROM']));
cpListTable('cms_plugins', $fields, $actions);
}
if ($do == 'save_config') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$plugin_name = cmsCore::request('plugin', 'str', 0);
$plugin = $inCore->loadPlugin($plugin_name);
$plugin_cfg_fields = $plugin->getConfigFields();
if (empty($plugin_cfg_fields)) {
$config = cmsCore::request('config', 'array_str');
} else {
$config = cmsCore::c('form_gen')->requestForm($plugin->getConfigFields());
}
if (!$config || !$plugin_name) {
cmsCore::redirectBack();
}
$inCore->savePluginConfig($plugin_name, $config);
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=plugins');
}
if ($do == 'save_auto_config') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$plugin_name = cmsCore::request('plugin', 'str', '');
$xml_file = PATH . '/plugins/' . $plugin_name . '/backend.xml';
if (!file_exists($xml_file)) {
cmsCore::error404();
}
$cfg = array();
$backend = simplexml_load_file($xml_file);
foreach ($backend->params->param as $param) {
$name = (string) $param['name'];
$type = (string) $param['type'];
$default = (string) $param['default'];
switch ($param['type']) {
case 'number':
$value = cmsCore::request($name, 'int', $default);
break;
case 'string':
$value = cmsCore::request($name, 'str', $default);
break;
case 'html':
$value = cmsCore::badTagClear(cmsCore::request($name, 'html', $default));
break;
case 'flag':
$value = cmsCore::request($name, 'int', 0);
break;
case 'list':
$value = is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default);
break;
case 'list_function':
$value = cmsCore::request($name, 'str', $default);
break;
case 'list_db':
$value = is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default);
break;
}
$cfg[$name] = $value;
}
if (!$cfg || !$plugin_name) {
cmsCore::redirectBack();
}
$inCore->savePluginConfig($plugin_name, $cfg);
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=plugins');
}
if ($do == 'config') {
$plugin_name = $inCore->getPluginById($id);
if (!$plugin_name) {
cmsCore::error404();
}
$plugin = $inCore->loadPlugin($plugin_name);
$config = $inCore->loadPluginConfig($plugin_name);
$plugin_cfg_fields = $plugin->getConfigFields();
cmsCore::c('page')->setTitle($plugin->info['title']);
cpAddPathway($plugin->info['title'], 'index.php?view=plugins&do=config&id=' . $id);
$xml_file = PATH . '/plugins/' . $plugin_name . '/backend.xml';
$tpl = cmsCore::c('page')->initTemplate('applets', 'plugins_config')->assign('plugin_title', $plugin->info['title'])->assign('config', $config)->assign('plugin_cfg_fields', $plugin_cfg_fields)->assign('xml_file_exist', file_exists($xml_file))->assign('plugin_name', $plugin_name);
if (!empty($plugin_cfg_fields)) {
$tpl->assign('form_gen_form', cmsCore::c('form_gen')->generateForm($plugin->getConfigFields(), $config));
} else {
if (file_exists($xml_file)) {
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=modules');
cpToolMenu($toolmenu);
cmsCore::loadClass('formgen');
$formGen = new cmsFormGen($xml_file, $config);
$tpl->assign('form_gen_form', $formGen->getHTML());
}
}
$tpl->display();
}
}
function applet_checksystem() {
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/checksystem', $adminAccess)) { cpAccessDenied(); }
cmsCore::c('page')->setTitle($_LANG['AD_CHECK_SYSTEM']);
cpAddPathway($_LANG['AD_CHECK_SYSTEM'], 'index.php?view=checksystem');
$do = cmsCore::request('do', array('last_check', 'save', 'start', 'start_scan'), 'last_check');
$toolmenu = array(
array( 'icon' => 'liststuff.gif', 'title' => $_LANG['AD_LAST_CHECK_RESULT'], 'link' => 'index.php?view=checksystem&do=last_check' ),
array( 'icon' => 'start.png', 'title' => $_LANG['AD_START_NEW_CHECK'], 'link' => 'index.php?view=checksystem&do=start' ),
array( 'icon' => 'save.png', 'title' => $_LANG['AD_CREATE_NEW_IMG'], 'link' => 'index.php?view=checksystem&do=save' )
);
cpToolMenu($toolmenu, 'last_check', 'do');
if ($do == 'last_check') {
cpAddPathway($_LANG['AD_LAST_CHECK_RESULT'], 'index.php?view=checksystem&do=last_check');
$data = false;
if (file_exists(PATH .'/cache/last_check_result.serialize')) {
$data = unserialize(file_get_contents(PATH .'/cache/last_check_result.serialize'));
}
echo '<p>'. $_LANG['AD_TIME_LAST_CHECK'] .' <b>'. (isset($data['date']) ? $data['date'] : $_LANG['AD_NEVER']) .'</b>, '. $_LANG['AD_IMG'] .': <b>'. (isset($data['img']) ? $data['img'] : '') .'</b></p>';
if (!empty($data)) {
echo '<div class="uitabs"><ul id="tabs"><li><a href="#tab1"><span>'. $_LANG['AD_MODIFY_FILES'] .'</span></a></li><li><a href="#tab2"><span>'. $_LANG['AD_NEW_FILES'] .'</span></a></li><li><a href="#tab3"><span>'. $_LANG['AD_DELETED_FILES'] .'</span></a></li></ul>';
echo '<div id="tab1">';
if (!empty($data['modified_files'])) {
foreach ($data['modified_files'] as $path) {
echo '<div>'. $path .'</div>';
}
} else {
echo '<p>'. $_LANG['AD_MODIFY_FILES_NOT_FOUND'] .'</p>';
}
echo '</div>';
echo '<div id="tab2">';
if (!empty($data['new_files'])) {
foreach ($data['new_files'] as $path) {
echo '<div>'. $path .'</div>';
}
} else {
echo '<p>'. $_LANG['AD_NEW_FILES_NOT_FOUND'] .'</p>';
}
echo '</div>';
echo '<div id="tab3">';
if (!empty($data['old_files'])) {
foreach ($data['old_files'] as $path) {
echo '<div>'. $path .'</div>';
}
} else {
echo '<p>'. $_LANG['AD_DELETED_FILES_NOT_FOUND'] .'</p>';
}
echo '</div>';
echo '</div>';
} else {
echo '<p>'. $_LANG['AD_LAST_CHECK_RESULT_NOT_FOUND'] .'</p>';
}
}
if ($do == 'start') {
cpAddPathway($_LANG['AD_START_NEW_CHECK']);
$imageFiles = getSystemImageFiles();
?>
<form class="form-horizontal" role="form" action="/admin/index.php?view=checksystem&do=start_scan" method="post" name="CFGform" target="_self" style="margin-bottom:30px">
<input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" />
<div style="width:750px;">
<div class="form-group">
<label class="col-sm-5 control-label"><?php echo $_LANG['AD_SELECT_IMG']; ?></label>
<div class="col-sm-7">
<select id="image" class="form-control" name="image">
<?php foreach ($imageFiles as $if) { ?>
<option value="<?php echo $if; ?>"><?php echo $if; ?></option>
<?php } ?>
</select>
</div>
</div>
<div>
<input type="submit" class="btn btn-primary" name="save" value="<?php echo $_LANG['AD_START']; ?>" />
<input type="button" class="btn btn-default" name="back" value="<?php echo $_LANG['CANCEL']; ?>" onclick="window.history.back();" />
</div>
</div>
</form>
<?php
}
if ($do == 'start_scan') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$image = cmsCore::request('image', 'str', '');
if (empty($image) || !file_exists(PATH .'/cache/system/'. $image)) {
cmsCore::error404();
}
genSystemImage(PATH);
$old_files = unserialize(file_get_contents(PATH .'/cache/system/'. $image));
$data = array(
'modified_files' => array(),
'new_files' => array(),
'old_files' => array()
);
foreach ($GLOBALS['SYSTEM_IMAGE'] as $k=>$v) {
if (isset($old_files[$k])) {
if ($old_files[$k] != $v) {
$data['modified_files'][] = $k;
}
unset($old_files[$k]);
} else {
$data['new_files'][] = $k;
}
unset($GLOBALS['SYSTEM_IMAGE'][$k]);
}
foreach ($old_files as $k => $v) {
$data['old_files'][] = $k;
}
$data['date'] = date('Y-m-d H:i:s');
$data['img'] = $image;
file_put_contents(PATH .'/cache/last_check_result.serialize', serialize($data));
cmsCore::addSessionMessage($_LANG['AD_CHECK_SYSTEM_SUCCES'], 'success');
cmsCore::redirect('index.php?view=checksystem');
}
if ($do == 'save') {
$GLOBALS['SYSTEM_IMAGE'] = array();
genSystemImage(PATH);
$d = date('Y-m-d_H-i-s');
file_put_contents(PATH . '/cache/system/systemImage_'. $d .'.serialize', serialize($GLOBALS['SYSTEM_IMAGE']));
unset($GLOBALS['SYSTEM_IMAGE']);
cmsCore::addSessionMessage($_LANG['AD_NEW_IMG_GENERATED'] .': /cache/system/systemImage_'. $d .'.serialize', 'success');
cmsCore::redirectBack();
}
}
function applet_modules() {
$inCore = cmsCore::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) { cpAccessDenied(); }
cmsCore::c('page')->setTitle($_LANG['AD_MODULES']);
cpAddPathway($_LANG['AD_MODULES'], 'index.php?view=modules');
cmsCore::c('page')->addHeadJS('admin/js/modules.js');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
$co = cmsCore::request('co', 'int', -1);
if ($do == 'config') {
$module_name = cpModuleById($id);
$module_title = cpModuleTitleById($id);
if (!$module_name) { cmsCore::redirect('index.php?view=modules&do=edit&id='. $id); }
$xml_file = PATH .'/admin/modules/'. $module_name .'/backend.xml';
$php_file = 'modules/'. $module_name .'/backend.php';
if (file_exists($php_file)) {
include $php_file;
return;
}
$cfg = $inCore->loadModuleConfig($id);
cpAddPathway($module_title, '?view=modules&do=edit&id='. $id);
cpAddPathway($_LANG['AD_SETTINGS']);
echo '<h3>'. $module_title .'</h3>';
$toolmenu = array(
array( 'icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:submitModuleConfig();' ),
array( 'icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=modules' ),
array( 'icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_MODULE_VIEW'], 'link' => '?view=modules&do=edit&id='. $id )
);
cpToolMenu($toolmenu);
?>
<form action="index.php?view=modules&do=save_auto_config&id=<?php echo $id; ?>" method="post" name="optform" target="_self" id="optform">
<div class="panel panel-default" style="width:650px;">
<div class="panel-body">
<?php
if (file_exists($xml_file)) {
cmsCore::loadClass('formgen');
$formGen = new cmsFormGen($xml_file, $cfg);
echo $formGen->getHTML();
} else {
?>
<div class="form-group">
<label class="col-sm-5 control-label"><?php echo $_LANG['AD_MODULE_TEMPLATE']; ?></label>
<div class="col-sm-7">
<input type="text" class="form-control" value="<?php echo $cfg['tpl']; ?>" />
</div>
</div>
<?php
}
?>
</div>
<div class="panel-footer">
<input type="submit" name="save" class="btn btn-primary" value="<?php echo $_LANG['SAVE']; ?>" />
</div>
</div>
<script type="text/javascript">
function submitModuleConfig(){
$('#optform').submit();
}
</script>
</form>
<?php
return;
}
if ($do == 'save_auto_config') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$module_name = cpModuleById($id);
$is_ajax = cmsCore::inRequest('ajax');
if ($is_ajax) {
$title = cmsCore::request('title', 'str', '');
$published = cmsCore::request('published', 'int', 0);
cmsCore::c('db')->query("UPDATE cms_modules SET title='". $title ."', published='". $published ."' WHERE id=". $id);
if (cmsCore::inRequest('content')) {
$content = cmsCore::c('db')->escape_string(cmsCore::request('content', 'html'));
cmsCore::c('db')->query("UPDATE cms_modules SET content='". $content ."' WHERE id=". $id);
}
}
if (cmsCore::inRequest('title_only')) { cmsCore::redirectBack(); }
$xml_file = PATH .'/admin/modules/'. $module_name .'/backend.xml';
if (file_exists($xml_file)) {
$cfg = array();
$backend = simplexml_load_file($xml_file);
foreach ($backend->params->param as $param) {
$name = (string)$param['name'];
$type = (string)$param['type'];
$default = (string)$param['default'];
switch($param['type']) {
case 'number': $value = cmsCore::request($name, 'int', $default); break;
case 'string': $value = cmsCore::request($name, 'str', $default); break;
case 'html': $value = cmsCore::badTagClear(cmsCore::request($name, 'html', $default)); break;
case 'flag': $value = cmsCore::request($name, 'int', 0); break;
case 'list': $value = (is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default)); break;
case 'list_function': $value = cmsCore::request($name, 'str', $default); break;
case 'list_db': $value = (is_array($_POST[$name]) ? cmsCore::request($name, 'array_str', $default) : cmsCore::request($name, 'str', $default)); break;
}
$cfg[$name] = $value;
}
}
$cfg['tpl'] = cmsCore::request('tpl', 'str', $module_name);
$inCore->saveModuleConfig($id, $cfg);
if (!$is_ajax) {
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
}
cmsCore::redirectBack();
}
if ($do == 'list') {
$toolmenu = array(
array( 'icon' => 'new.gif', 'title' => $_LANG['AD_MODULE_ADD'], 'link' => '?view=modules&do=add' ),
array( 'icon' => 'install.gif', 'title' => $_LANG['AD_MODULES_SETUP'], 'link' => '?view=install&do=module' ),
array( 'icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=edit&multiple=1');" ),
array( 'icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=delete&multiple=1');" ),
array( 'icon' => 'show.gif', 'title' => $_LANG['AD_ALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=show&multiple=1');" ),
array( 'icon' => 'hide.gif', 'title' => $_LANG['AD_DISALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=modules&do=hide&multiple=1');" ),
array( 'icon' => 'autoorder.gif', 'title' => $_LANG['AD_MODULE_ORDER'], 'link' => '?view=modules&do=autoorder' ),
array( 'icon' => 'reorder.gif', 'title' => $_LANG['AD_SAVE_ORDER'], 'link' => "javascript:checkSel('?view=modules&do=saveorder');" ),
array( 'icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=modules' )
);
cpToolMenu($toolmenu);
$fields = array(
array( 'title' => 'id', 'field' => 'id', 'width' => '40' ),
array(
'title' => $_LANG['AD_TITLE'],
'field' => array('title','titles'), 'width'=>'',
'link' => '?view=modules&do=edit&id=%id%',
'prc' => function ($i) {
$i['titles'] = cmsCore::yamlToArray($i['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($i['titles'][cmsConfig::getConfig('lang')])) {
$i['title'] = $i['titles'][cmsConfig::getConfig('lang')];
}
return $i['title'];
}
),
array( 'title' => $_LANG['TITLE'], 'field' => 'name', 'width' => '220', 'filter' => '15' ),
array( 'title' => $_LANG['AD_VERSION'], 'field' => 'version', 'width' => '70' ),
array( 'title' => $_LANG['AD_AUTHOR'], 'field' => 'author', 'width' => '110' ),
array( 'title' => $_LANG['SHOW'], 'field' => 'published', 'width' => '80' ),
array( 'title' => $_LANG['AD_ORDER'], 'field' => 'ordering', 'width' => '100' ),
array( 'title' => $_LANG['AD_POSITION'], 'field' => 'position', 'width' => '80', 'filter' => '10', 'filterlist' => cpGetList('positions') )
);
$actions = array(
array( 'title' => $_LANG['AD_CONFIG'], 'icon' => 'config.gif', 'link' => '?view=modules&do=config&id=%id%', 'condition' => 'cpModuleHasConfig' ),
array( 'title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=modules&do=edit&id=%id%' ),
array( 'title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_MODULE_DELETE'], 'link' => '?view=modules&do=delete&id=%id%' )
);
cpListTable('cms_modules', $fields, $actions, '', 'published DESC, position, ordering ASC');
}
if ($do == 'autoorder'){
$rs = cmsCore::c('db')->query("SELECT id, position FROM cms_modules ORDER BY position") ;
if (cmsCore::c('db')->num_rows($rs)) {
$ord = 1;
while ($item = cmsCore::c('db')->fetch_assoc($rs)) {
if (isset($latest_pos)) {
if ($latest_pos != $item['position']) {
$ord = 1;
}
}
cmsCore::c('db')->query("UPDATE cms_modules SET ordering = ". $ord ." WHERE id=". $item['id']) ;
$ord += 1;
$latest_pos = $item['position'];
}
}
cmsCore::redirect('index.php?view=modules');
}
if ($do == 'move_up') {
if ($id >= 0) { dbMoveUp('cms_modules', $id, $co); }
cmsCore::redirectBack();
}
if ($do == 'move_down') {
if ($id >= 0) { dbMoveDown('cms_modules', $id, $co); }
cmsCore::redirectBack();
}
if ($do == 'saveorder') {
if (isset($_REQUEST['ordering'])) {
$ord = $_REQUEST['ordering'];
$ids = $_REQUEST['ids'];
foreach ($ord as $id=>$ordering) {
cmsCore::c('db')->query("UPDATE cms_modules SET ordering = ". (int)$ordering ." WHERE id = ". (int)$ids[$id]);
}
cmsCore::redirect('index.php?view=modules');
}
}
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) { cmsCore::c('db')->setFlag('cms_modules', $id, 'published', '1'); }
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_modules', $_REQUEST['item'], 'published', '1');
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) { cmsCore::c('db')->setFlag('cms_modules', $id, 'published', '0'); }
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_modules', $_REQUEST['item'], 'published', '0');
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
$inCore->removeModule($id);
} else {
$inCore->removeModule(cmsCore::request('item', 'array_int', array()));
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=modules');
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$id = cmsCore::request('id', 'int', 0);
$mod = cmsCore::c('db')->get_fields('cms_modules', "id = ". $id ."", '*');
$module = array(
'name' => cmsCore::request('name', 'str', ''),
'title' => cmsCore::request('title', 'str', ''),
'titles' => cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array())),
'position' => cmsCore::request('position', 'str', ''),
'showtitle' => cmsCore::request('showtitle', 'int', 0),
'published' => cmsCore::request('published', 'int', 0),
'css_prefix' => cmsCore::request('css_prefix', 'str', ''),
'is_strict_bind' => cmsCore::request('is_strict_bind', 'int', 0),
'is_strict_bind_hidden' => cmsCore::request('is_strict_bind_hidden', 'int', 0),
'template' => cmsCore::request('template', 'str', ''),
'cache' => cmsCore::request('cache', 'int', 0),
'cachetime' => cmsCore::request('cachetime', 'int', 0),
'cacheint' => cmsCore::request('cacheint', 'str', ''),
'access_list' => '',
'hidden_menu_ids' => ''
);
if (!$mod['is_external']) {
$module['content'] = cmsCore::c('db')->escape_string(cmsCore::request('content', 'html', ''));
}
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$module['access_list'] = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int', array()));
}
cmsCore::c('db')->update('cms_modules', $module, $id);
cmsCore::c('db')->delete('cms_modules_bind', "module_id=". $id ." AND tpl='". cmsCore::c('config')->template ."'");
if (cmsCore::request('show_all', 'int', 0)) {
cmsCore::c('db')->insert(
'cms_modules_bind',
array(
'module_id' => $id,
'menu_id' => 0,
'position' => $module['position'],
'tpl' => cmsCore::c('config')->template
)
);
$hidden_menu_ids = cmsCore::request('hidden_menu_ids', 'array_int', array());
if (!empty($hidden_menu_ids)) {
$hidden_menu_ids = cmsCore::arrayToYaml($hidden_menu_ids);
cmsCore::c('db')->query("UPDATE cms_modules SET hidden_menu_ids='". $hidden_menu_ids ."' WHERE id = '". $id ."' LIMIT 1");
}
} else {
$showin = cmsCore::request('showin', 'array_int', array());
$showpos = cmsCore::request('showpos', 'array_str', array());
if (count($showin) > 0) {
foreach ($showin as $key => $value) {
cmsCore::c('db')->insert(
'cms_modules_bind',
array(
'module_id' => $id,
'menu_id' => $value,
'position' => $showpos[$value],
'tpl' => cmsCore::c('config')->template
)
);
}
}
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'] , 'success');
if (!isset($_SESSION['editlist']) || count($_SESSION['editlist']) == 0) {
cmsCore::redirect('index.php?view=modules');
} else {
cmsCore::redirect('index.php?view=modules&do=edit');
}
}
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$maxorder = cmsCore::c('db')->get_field('cms_menu', '1=1 ORDER BY ordering DESC', 'ordering') + 1;
$name = cmsCore::request('name', 'str', '');
$title = cmsCore::request('title', 'str', '');
$titles = cmsCore::arrayToYaml(cmsCore::request('titles', 'array_str', array()));
$position = cmsCore::request('position', 'str', '');
$showtitle = cmsCore::request('showtitle', 'int', 0);
$content = cmsCore::c('db')->escape_string(cmsCore::request('content', 'html', ''));
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int', array()));
}
$template = cmsCore::request('template', 'str', '');
$cache = cmsCore::request('cache', 'int', 0);
$cachetime = cmsCore::request('cachetime', 'int', 0);
$cacheint = cmsCore::request('cacheint', 'str', '');
$operate = cmsCore::request('operate', array('user', 'clone'), '');
$is_strict_bind = cmsCore::request('is_strict_bind', 'int', 0);
$is_strict_bind_hidden = cmsCore::request('is_strict_bind_hidden', 'int', 0);
if ($operate == 'user') { //USER MODULE
$sql = "INSERT INTO cms_modules (position, name, title, titles, is_external, content, ordering, showtitle, published, user, original, css_prefix, access_list, template, is_strict_bind, is_strict_bind_hidden)
VALUES ('". $position ."', '". $name ."', '". $title ."', '". $titles ."', 0, '". $content ."', '". $maxorder ."', '". $showtitle ."', '". $published ."', 1, 1, '". $css_prefix ."', '". $access_list ."', '". $template ."', '". $is_strict_bind ."', '". $is_strict_bind_hidden ."')";
cmsCore::c('db')->query($sql) ;
}
if ($operate == 'clone') { //DUPLICATE MODULE
$mod_id = cmsCore::request('clone_id', 'int', 0);
$sql = "SELECT * FROM cms_modules WHERE id = ". $mod_id ." LIMIT 1";
$result = cmsCore::c('db')->query($sql) ;
$original = cmsCore::c('db')->escape_string(cmsCore::c('db')->fetch_assoc($result));
$is_original = cmsCore::request('del_orig', 'int', 0) ? 1 : 0;
$sql = "INSERT INTO cms_modules (position, name, title, titles, is_external, content, ordering, showtitle, published, original, user, config, css_prefix, template, access_list, is_strict_bind, is_strict_bind_hidden, cache, cachetime, cacheint, version)
VALUES (
'". $position ."',
'". $original['name'] ."',
'". $title ."',
'". $titles ."',
'". $original['is_external'] ."',
'". $original['content'] ."',
'". $maxorder ."',
'". $showtitle ."',
'". $published ."',
'". $is_original ."',
'". $original['user'] ."',
'". $original['config'] ."',
'". $css_prefix ."',
'". $template ."',
'". $access_list ."',
'". $is_strict_bind ."',
'". $is_strict_bind_hidden ."',
'". $cache ."',
'". $cachetime ."',
'". $cacheint ."',
'". $original['version'] ."'
)";
cmsCore::c('db')->query($sql);
if (cmsCore::request('del_orig', 'int', 0)) {
$sql = "DELETE FROM cms_modules WHERE id = ". $mod_id;
cmsCore::c('db')->query($sql) ;
}
}
$lastid = cmsCore::c('db')->get_last_id('cms_modules');
if (cmsCore::request('show_all', 'int', 0)) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position, tpl)
VALUES (". $lastid .", 0, '". $position ."', '". cmsCore::c('config')->template ."')";
cmsCore::c('db')->query($sql) ;
$hidden_menu_ids = cmsCore::request('hidden_menu_ids', 'array_int', array());
if ($hidden_menu_ids) {
$hidden_menu_ids = cmsCore::arrayToYaml($hidden_menu_ids);
cmsCore::c('db')->query("UPDATE cms_modules SET hidden_menu_ids='". $hidden_menu_ids ."' WHERE id = '". $lastid ."' LIMIT 1");
}
} else {
$showin = cmsCore::request('showin', 'array', array());
$showpos = cmsCore::request('showpos', 'array', array());
if (count($showin) > 0) {
foreach ($showin as $key=>$value) {
$sql = "INSERT INTO cms_modules_bind (module_id, menu_id, position, tpl)
VALUES (". $lastid .", ". $value .", '". $showpos[$value] ."', '". cmsCore::c('config')->template ."')";
cmsCore::c('db')->query($sql) ;
}
}
}
cmsCore::addSessionMessage($_LANG['AD_MODULE_ADD_SITE'] , 'success');
cmsCore::redirect('index.php?view=modules');
}
if ($do == 'add' || $do == 'edit') {
$langs = cmsCore::getDirsList('/languages');
if ($do == 'add') {
cpAddPathway($_LANG['AD_MODULE_ADD']);
echo '<h3>'. $_LANG['AD_MODULE_ADD'] .'</h3>';
$show_all = false;
} else {
if (cmsCore::inRequest('multiple')) {
if (cmsCore::inRequest('item')) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (count($_SESSION['editlist'])==0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '('. $_LANG['AD_NEXT_IN'] . count($_SESSION['editlist']) .')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = cmsCore::c('db')->get_fields('cms_modules', "id = '". $item_id ."'", '*');
if (!$mod) { cmsCore::error404(); }
$mod['hidden_menu_ids'] = cmsCore::yamlToArray($mod['hidden_menu_ids']);
$mod['titles'] = cmsCore::yamlToArray($mod['titles']);
$show_all = false;
$default_position = cmsCore::c('db')->get_field('cms_modules_bind', "module_id='". $mod['id'] ."' AND menu_id=0 AND tpl='". cmsCore::c('config')->template ."'", 'position');
if (!empty($default_position)) {
$show_all = true;
$mod['position'] = $default_position;
}
echo '<h3>'. $_LANG['AD_EDIT_MODULE'] . $ostatok .'</h3>';
cpAddPathway($mod['name']);
}
$toolmenu[] = array( 'icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();' );
$toolmenu[] = array( 'icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);' );
if (cmsCore::getArrVal($mod, 'is_external')) {
$php_file = 'modules/'. $mod['content'] .'/backend.php';
$xml_file = 'modules/'. $mod['content'] .'/backend.xml';
if (file_exists($php_file) || file_exists($xml_file)) {
$toolmenu[] = array( 'icon' => 'config.gif', 'title' => $_LANG['CONFIG_MODULE'], 'link' => '?view=modules&do=config&id='. $mod['id'] );
}
}
cpToolMenu($toolmenu);
?>
<form id="addform" name="addform" method="post" action="index.php">
<input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" />
<input type="hidden" name="view" value="modules" />
<table class="table">
<tr><td>
<div class="panel panel-default">
<div class="panel-body">
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_TITLE']; ?> (<input type="checkbox" class="uittip" title="<?php echo $_LANG['AD_VIEW_TITLE'];?>" name="showtitle" <?php if ($mod['showtitle'] || $do == 'add') { echo 'checked="checked"'; } ?> value="1" />)</label>
<input type="text" id="title" class="form-control" style="width:100%" name="title" value="<?php echo htmlspecialchars($mod['title']);?>" />
<div class="help-block"><?php echo $_LANG['AD_VIEW_IN_SITE']; ?></div>
</div>
<?php if (count($langs) > 1) { ?>
<label><?php echo $_LANG['AD_LANG_TITLES']; ?></label>
<?php foreach ($langs as $lang) { ?>
<div>
<strong><?php echo $lang; ?>:</strong>
<input name="titles[<?php echo $lang; ?>]" type="text" style="width:97%" value="<?php echo htmlspecialchars($mod['titles'][$lang]); ?>" placeholder="<?php echo $_LANG['AD_HINT_DEFAULT']; ?>" />
</div>
<?php } ?>
<div class="help-block"><?php echo $_LANG['AD_LANG_TITLES_HINT']; ?></div>
<?php } ?>
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_NAME']; ?></label>
<?php if (!isset($mod['user']) || @$mod['user'] == 1) { ?>
<input type="text" id="name" class="form-control" style="width:99%" name="name" value="<?php echo htmlspecialchars($mod['name']);?>" />
<?php } else { ?>
<input type="text" id="name" class="form-control" style="width:99%" name="" value="<?php echo @$mod['name'];?>" disabled="disabled" />
<input type="hidden" name="name" value="<?php echo htmlspecialchars($mod['name']);?>" />
<?php } ?>
<div class="help-block"><?php echo $_LANG['AD_SHOW_ADMIN']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_PREFIX_CSS']; ?></label>
<input type="text" id="css_prefix" class="form-control" style="width:154px" name="css_prefix" value="<?php echo @$mod['css_prefix'];?>" />
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_DEFOLT_VIEW']; ?></label>
<?php
$pos = cpModulePositions(cmsConfig::getConfig('template'));
?>
<select id="position" class="form-control" style="width:100%" name="position">
<?php
if ($pos){
foreach($pos as $key=>$position) {
if (@$mod['position']==$position) {
echo '<option value="'.$position.'" selected>'.$position.'</option>';
} else {
echo '<option value="'.$position.'">'.$position.'</option>';
}
}
}
?>
</select>
<div class="help-block">
<?php echo $_LANG['AD_POSITION_MUST_BE']; ?>
<?php if (file_exists(PATH .'/templates/'. cmsCore::c('config')->template .'/positions.jpg')) { ?>
<a href="#myModal" role="button" class="btn btn-sm btn-default" data-toggle="modal"><?php echo $_LANG['AD_SEE_VISUALLY']; ?></a>
<div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h4 class="modal-title" id="myModalLabel"><?php echo $_LANG['AD_TPL_POS']; ?></h4>
</div>
<div class="modal-body">
<img src="/templates/<?php echo cmsCore::c('config')->template; ?>/positions.jpg" alt="<?php echo $_LANG['AD_TPL_POS']; ?>" style="width:100%;height:auto;" />
</div>
</div>
</div>
</div>
<?php } ?>
</div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_TEMPLATE']; ?></label>
<?php
$tpls = cmsAdmin::getModuleTemplates();
?>
<select id="template" class="form-control" style="width:100%" name="template">
<?php
foreach ($tpls as $tpl) {
$selected = ($mod['template'] == $tpl || (!$mod['template'] && $tpl == 'module' )) ? 'selected="selected"' : '';
echo '<option value="'. $tpl .'" '. $selected .'>'. $tpl .'</option>';
}
?>
</select>
<div class="help-block"><?php echo $_LANG['AD_FOLDER_MODULES'];?></div>
</div>
<?php if ($do == 'add') { ?>
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_TYPE']; ?></label>
<select id="operate" class="form-control" style="width:100%" name="operate" onchange="checkDiv()" >
<option value="user" selected="selected"><?php echo $_LANG['AD_MODULE_TYPE_NEW'];?></option>
<option value="clone"><?php echo $_LANG['AD_MODULE_TYPE_COPY'];?></option>
</select>
</div>
<?php } ?>
<?php if (!isset($mod['user']) || $mod['user'] == 1 || $do == 'add') { ?>
<div id="user_div" class="form-group">
<label><?php echo $_LANG['AD_MODULE_CONTENT']; ?></label>
<div><?php insertPanel(); ?></div>
<div><?php $inCore->insertEditor('content', $mod['content'], '250', '100%'); ?></div>
</div>
<?php } ?>
<div id="clone_div" class="form-group" style="display:none;">
<label><?php echo $_LANG['AD_MODULE_COPY']; ?></label>
<select id="clone_id" class="form-control" style="width:100%" name="clone_id">
<?php
echo $inCore->getListItems('cms_modules');
?>
</select>
<label>
<input type="checkbox" name="del_orig" value="1" />
<?php echo $_LANG['AD_ORIGINAL_MODULE_DELETE'];?>
</label>
</div>
</div>
</div>
</td>
<!-- боковая ячейка -->
<td width="400" valign="top">
<div class="uitabs">
<ul id="tabs">
<li><a href="#upr_publish"><span><?php echo $_LANG['AD_TAB_PUBLISH']; ?></span></a></li>
<?php if ((($mod['is_external'] && $do == 'edit') || $do == 'add') && cmsCore::c('config')->cache) { ?>
<li><a href="#upr_cache"><span><?php echo $_LANG['AD_MODULE_CACHE']; ?></span></a></li>
<?php } ?>
<li><a href="#upr_access"><span><?php echo $_LANG['AD_TAB_ACCESS']; ?></span></a></li>
</ul>
<div id="upr_publish">
<div class="form-group">
<label>
<input type="checkbox" name="published" id="published" value="1" <?php if ($mod['published'] || $do=='add') { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_MODULE_PUBLIC'];?>
</label>
</div>
<div class="form-group">
<label>
<input name="show_all" id="show_all" type="checkbox" value="1" onclick="checkGroupList()" <?php if ($show_all) { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_VIEW_ALL_PAGES'];?>
</label>
</div>
<?php
if ($do == 'edit') {
$bind_sql = "SELECT * FROM cms_modules_bind WHERE module_id = ". $mod['id'] ." AND tpl = '". cmsConfig::getConfig('template') ."'";
$bind_res = cmsCore::c('db')->query($bind_sql);
$bind = array();
$bind_pos = array();
while ($r = cmsCore::c('db')->fetch_assoc($bind_res)) {
$bind[] = $r['menu_id'];
$bind_pos[$r['menu_id']] = $r['position'];
}
}
$menu_sql = "SELECT * FROM cms_menu ORDER BY NSLeft, ordering";
$menu_res = cmsCore::c('db')->query($menu_sql) ;
$menu_items = array();
if (cmsCore::c('db')->num_rows($menu_res)) {
while ($item = cmsCore::c('db')->fetch_assoc($menu_res)) {
if ($do == 'edit') {
if (in_array($item['id'], $bind)) {
$item['selected'] = true;
$item['position'] = $bind_pos[$item['id']];
}
}
$item['titles'] = cmsCore::yamlToArray($item['titles']);
// переопределяем название пункта меню в зависимости от языка
if (!empty($item['titles'][cmsCore::c('config')->lang])) {
$item['title'] = $item['titles'][cmsCore::c('config')->lang];
}
$item['title'] = str_replace($_LANG['AD_ROOT_PAGES'], $_LANG['AD_MAIN'], $item['title']);
$menu_items[] = $item;
}
}
?>
<div id="grp" class="form-group">
<label>
<span class="show_list"><?php echo $_LANG['AD_WHERE_MODULE_VIEW'];?></span>
<span class="hide_list"><?php echo $_LANG['AD_WHERE_MODULE_NOT_VIEW'];?></span>
</label>
<div style="height:400px;overflow: auto;border: solid 1px #999; padding:5px 10px; background: #FFF;">
<table class="table">
<tr>
<td colspan="2" height="25"><strong><?php echo $_LANG['AD_MENU'];?></strong></td>
<td class="show_list" align="center" width="50"><strong><?php echo $_LANG['AD_POSITION'];?></strong></td>
</tr>
<?php foreach($menu_items as $i) { ?>
<tr class="show_list">
<td width="20" height="25">
<input type="checkbox" name="showin[]" id="mid<?php echo $i['id']; ?>" value="<?php echo $i['id']; ?>" <?php if ($i['selected']){ ?>checked="checked"<?php } ?> onclick="$('#p<?php echo $i['id']; ?>').toggle()"/>
</td>
<td style="padding-left:<?php echo ($i['NSLevel'])*6-6; ?>px"><label for="mid<?php echo $i['id']; ?>"><?php echo $i['title']; ?></label></td>
<td align="center">
<select id="p<?php echo $i['id']; ?>" name="showpos[<?php echo $i['id']; ?>]" style="<?php if (!$i['selected']) { ?>display:none<?php } ?>">
<?php foreach($pos as $position){ ?>
<option value="<?php echo $position; ?>" <?php if ($i['position']==$position){ ?>selected="selected"<?php } ?>><?php echo $position; ?></option>
<?php } ?>
</select>
</td>
</tr>
<?php } ?>
<?php foreach($menu_items as $it) { ?>
<tr class="hide_list">
<td width="20" height="25">
<input type="checkbox" name="hidden_menu_ids[]" id="hmid<?php echo $it['id']; ?>" value="<?php echo $it['id']; ?>" <?php if (in_array($it['id'], $mod['hidden_menu_ids'])){ ?>checked="checked"<?php } ?> />
</td>
<td style="padding-left:<?php echo ($it['NSLevel'])*6-6; ?>px"><label for="hmid<?php echo $it['id']; ?>"><?php echo $it['title']; ?></label></td>
</tr>
<?php } ?>
</table>
</div>
<label class="show_list">
<input type="checkbox" name="is_strict_bind" id="is_strict_bind" value="1" <?php if ($mod['is_strict_bind']) { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_DONT_VIEW']; ?>
</label>
<label class="hide_list">
<input type="checkbox" name="is_strict_bind_hidden" id="is_strict_bind_hidden" value="1" <?php if ($mod['is_strict_bind_hidden']) { echo 'checked="checked"'; } ?> />
<?php echo $_LANG['AD_EXCEPT_NESTED']; ?>
</label>
</div>
</div>
<?php if ((($mod['is_external'] && $do == 'edit') || $do == 'add') && cmsCore::c('config')->cache) { ?>
<div id="upr_cache">
<div class="form-group">
<label><?php echo $_LANG['AD_DO_MODULE_CACHE']; ?></label>
<select id="cache" class="form-control" style="width:100%" name="cache">
<option value="0" <?php if (!cmsCore::getArrVal($mod, 'cache')) { echo 'selected="selected"'; } ?>><?php echo $_LANG['NO']; ?></option>
<option value="1" <?php if (cmsCore::getArrVal($mod, 'cache')) { echo 'selected="selected"'; } ?>><?php echo $_LANG['YES']; ?></option>
</select>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_MODULE_CACHE_PERIOD']; ?></label>
<table class="table">
<tr>
<td valign="top" width="100">
<input id="int_1" class="form-control" style="width:99%" name="cachetime" type="text" value="<?php echo cmsCore::getArrVal($mod, 'cachetime', 0); ?>"/>
</td>
<td valign="top" style="padding-left:5px">
<select id="int_2" class="form-control" style="width:100%" name="cacheint">
<option value="MINUTE" <?php if(mb_strstr(cmsCore::getArrVal($mod, 'cacheint', 'MINUTES'), 'MINUTE')) { echo 'selected="selected"'; } ?>><?php echo cmsCore::spellCount(cmsCore::getArrVal($mod, 'cachetime', 0), $_LANG['MINUTE1'], $_LANG['MINUTE2'], $_LANG['MINUTE10'], false); ?></option>
<option value="HOUR" <?php if(mb_strstr(cmsCore::getArrVal($mod, 'cacheint', 'MINUTES'), 'HOUR')) { echo 'selected="selected"'; } ?>><?php echo cmsCore::spellCount(cmsCore::getArrVal($mod, 'cachetime', 0), $_LANG['HOUR1'], $_LANG['HOUR2'], $_LANG['HOUR10'], false); ?></option>
<option value="DAY" <?php if(mb_strstr(cmsCore::getArrVal($mod, 'cacheint', 'MINUTES'), 'DAY')) { echo 'selected="selected"'; } ?>><?php echo cmsCore::spellCount(cmsCore::getArrVal($mod, 'cachetime', 0), $_LANG['DAY1'], $_LANG['DAY2'], $_LANG['DAY10'], false); ?></option>
<option value="MONTH" <?php if(mb_strstr(cmsCore::getArrVal($mod, 'cacheint', 'MINUTES'), 'MONTH')) { echo 'selected="selected"'; } ?>><?php echo cmsCore::spellCount(cmsCore::getArrVal($mod, 'cachetime', 0), $_LANG['MONTH1'], $_LANG['MONTH2'], $_LANG['MONTH10'], false); ?></option>
</select>
</td>
</tr>
</table>
<div style="margin-top:15px">
<?php
if ($do == 'edit') {
$cache = cmsCore::c('cache')->get('modules', $mod['id'], $mod['content'], array(cmsCore::getArrVal($mod, 'cachetime', 1), cmsCore::getArrVal($mod, 'cacheint', 'MINUTES')));
if (!empty($cache)){
$kb = round(mb_strlen($cache)/1024, 2);
unset($cache);
echo '<a href="index.php?view=cache&component=modules&target='. $mod['content'] .'&target_id='. $mod['id'] .'">'. $_LANG['AD_MODULE_CACHE_DELETE'] .'</a> ('. $kb . $_LANG['SIZE_KB'] .')';
} else {
echo '<span style="color:gray">'. $_LANG['AD_NO_CACHE'] .'</span>';
}
}
?>
</div>
</div>
</div>
<?php } ?>
<div id="upr_access">
<div class="form-group">
<?php
$groups = cmsUser::getGroups();
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
if ($mod['access_list']) {
$public = '';
$style = '';
$access_list = $inCore->yamlToArray($mod['access_list']);
}
}
?>
<label>
<input name="is_public" type="checkbox" id="is_public" onclick="checkAccesList()" value="1" <?php echo $public; ?> />
<?php echo $_LANG['AD_SHARE']; ?>
</label>
<div class="help-block"><?php echo $_LANG['AD_IF_CHECKED']; ?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_GROUPS_VIEW']; ?></label>
<?php
echo '<select style="width: 99%" name="allow_group[]" id="allow_group" size="6" multiple="multiple" '.$style.'>';
if ($groups) {
foreach($groups as $group) {
echo '<option value="'.$group['id'].'"';
if ($do == 'edit' && $mod['access_list']) {
if (in_array($group['id'], $access_list)) {
echo 'selected="selected"';
}
}
echo '>';
echo $group['title'].'</option>';
}
}
echo '</select>';
?>
<div class="help-block"><?php echo $_LANG['AD_SELECT_MULTIPLE_CTRL']; ?></div>
</div>
</div>
</div>
</td></tr>
</table>
<p>
<input type="submit" id="add_mod" class="btn btn-primary" name="add_mod" value="<?php echo $_LANG['SAVE']; ?>" />
<input type="button" id="back" class="btn btn-default" name="back" value="<?php echo $_LANG['CANCEL']; ?>" onclick="window.history.back();" />
<input type="hidden" id="do" name="do" <?php if ($do == 'add') { echo 'value="submit"'; } else { echo 'value="update"'; } ?> />
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="'. $mod['id'] .'" />';
}
?>
</p>
</form>
<?php
}
}
function actions()
{
$inCore = cmsCore::getInstance();
$inUser = cmsUser::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inActions = cmsActions::getInstance();
$model = new cms_model_actions();
global $_LANG;
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$user_id = cmsCore::request('user_id', 'int', 0);
$perpage = 6;
$pagetitle = $inCore->getComponentTitle();
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle, '/actions');
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
//============================================================================//
if ($do == 'delete') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$id = cmsCore::request('id', 'int', 0);
if (!$id) {
cmsCore::error404();
}
$model->deleteAction($id);
cmsCore::redirectBack();
}
//============================================================================//
if ($do == 'view') {
$inActions->showTargets($model->config['show_target']);
if ($model->config['act_type'] && !$model->config['is_all']) {
$inActions->onlySelectedTypes($model->config['act_type']);
}
$total = $inActions->getCountActions();
$inDB->limitPage($page, $model->config['perpage']);
$actions = $inActions->getActionsLog();
if (!$actions && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_actions_view')->assign('actions', $actions)->assign('pagetitle', $pagetitle)->assign('total', $total)->assign('user_id', $inUser->id)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['perpage'], '/actions/page-%page%'))->display('com_actions_view.tpl');
}
//============================================================================//
if ($do == 'view_user_feed') {
if (!$inUser->id) {
cmsCore::error404();
}
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
// Получаем друзей
$friends = cmsUser::getFriends($inUser->id);
$friends_total = count($friends);
// нам нужно только определенное количество друзей
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage, true);
if ($friends) {
$inActions->onlyMyFriends();
$inActions->showTargets($model->config['show_target']);
$inDB->limitIs($model->config['perpage_tab']);
$actions = $inActions->getActionsLog();
} else {
$actions = array();
}
cmsPage::initTemplate('components', 'com_actions_view_tab')->assign('actions', $actions)->assign('friends', $friends)->assign('user_id', $user_id)->assign('page', $page)->assign('cfg', $model->config)->assign('total_pages', ceil($friends_total / $perpage))->assign('friends_total', $friends_total)->display('com_actions_view_tab.tpl');
}
//============================================================================//
if ($do == 'view_user_feed_only') {
if (!$inUser->id) {
cmsCore::error404();
}
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
if ($user_id) {
if (!cmsUser::isFriend($user_id)) {
cmsCore::error404();
}
$inActions->whereUserIs($user_id);
} else {
$inActions->onlyMyFriends();
}
$inActions->showTargets($model->config['show_target']);
$inDB->limitIs($model->config['perpage_tab']);
$actions = $inActions->getActionsLog();
// получаем последний элемент массива для выборки имя пользователя и ссылки на профиль.
if ($actions) {
$user = end($actions);
} else {
$user = cmsUser::getShortUserData($user_id);
}
cmsPage::initTemplate('components', 'com_actions_tab')->assign('actions', $actions)->assign('user_id', $user_id)->assign('user', $user)->assign('cfg', $model->config)->display('com_actions_tab.tpl');
}
//============================================================================//
if ($do == 'view_user_friends_only') {
if (!$inUser->id) {
cmsCore::error404();
}
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
// Получаем друзей
$friends = cmsUser::getFriends($inUser->id);
$friends_total = count($friends);
// нам нужно только определенное количество друзей
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage, true);
cmsPage::initTemplate('components', 'com_actions_friends')->assign('friends', $friends)->assign('page', $page)->assign('user_id', $user_id)->assign('total_pages', ceil($friends_total / $perpage))->assign('friends_total', $friends_total)->display('com_actions_friends.tpl');
}
}
function clubs() {
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_clubs();
$inPhoto = $model->initPhoto();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
// js только авторизованным
if($inUser->id){
$inPage->addHeadJS('components/clubs/js/clubs.js');
}
$pagetitle = $inCore->getComponentTitle();
$id = cmsCore::request('id', 'int', 0);
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$inPage->setTitle($pagetitle);
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
$inPage->addPathway($pagetitle, '/clubs');
$inPage->addHeadJsLang(array('NO_PUBLISH','EDIT_PHOTO','YOU_REALLY_DELETE_PHOTO','YOU_REALLY_DELETE_ALBUM','RENAME_ALBUM','ALBUM_TITLE','ADD_PHOTOALBUM','REALY_EXIT_FROM_CLUB','JOINING_CLUB','SEND_MESSAGE','CREATE','CREATE_CLUB','SEND_INVITE_CLUB','YOU_NO_SELECT_USER'));
//////////////////////// КЛУБЫ ПОЛЬЗОВАТЕЛЯ/////////////////////////////////////
if ($do == 'user_clubs') {
if (!cmsCore::isAjax()) { return false; }
$inPage->displayLangJS(array('CREATE','CREATE_CLUB'));
$user_id = cmsCore::request('user_id', 'int', $inUser->id);
$user = cmsUser::getShortUserData($user_id);
if (!$user) { return false; }
// получаем клубы, в которых пользователь админ
$model->whereAdminIs($user['id']);
$inDB->orderBy('c.pubdate', 'DESC');
$clubs = $model->getClubs();
// получаем клубы, в которых состоит пользователь
$inDB->addSelect('uc.role');
$inDB->addJoin("INNER JOIN cms_user_clubs uc ON uc.club_id = c.id AND uc.user_id = '{$user['id']}'");
$inDB->orderBy('uc.role', 'DESC, uc.pubdate DESC');
$inclubs = $model->getClubs();
cmsPage::initTemplate('components', 'com_clubs_user')->
assign('can_create', (($inUser->id == $user['id']) && ($model->config['cancreate'] || $inUser->is_admin)))->
assign('clubs', array_merge($clubs, $inclubs))->
assign('user', $user)->
assign('my_profile', $user['id'] == $inUser->id)->
display();
}
//////////////////////// ВСЕ КЛУБЫ /////////////////////////////////////////////
if ($do=='view'){
$inDB->orderBy('is_vip', 'DESC, rating DESC');
$inDB->limitPage($page, $model->config['perpage']);
$total = $model->getClubsCount();
$clubs = $model->getClubs();
if (!$clubs && $page > 1) { return false; }
if ($page > 1) {
foreach ($clubs as $c) {
$keys[] = $c['title'];
}
$inPage->setKeywords(implode(',', $keys));
}
cmsPage::initTemplate('components', 'com_clubs_view')->
assign('pagetitle', $pagetitle)->
assign('can_create', ($inUser->id && $model->config['cancreate'] || $inUser->is_admin))->
assign('clubs', $clubs)->
assign('total', $total)->
assign('pagination', cmsPage::getPagebar($total, $page, $model->config['perpage'], '/clubs/page-%page%'))->
display();
}
/////////////////////// ПРОСМОТР КЛУБА /////////////////////////////////////////
if ($do=='club'){
$club = $model->getClub($id);
if (!$club) { return false; }
if (!$club['published'] && !$inUser->is_admin) { return false; }
$inPage->setTitle($club['pagetitle'] ? $club['pagetitle'] : $club['title']);
$inPage->setKeywords($club['meta_keys'] ? $club['meta_keys'] : $club['title']);
if (!$club['meta_desc']) {
if ($club['description']) {
$inPage->setDescription(crop($club['description']));
} else {
$inPage->setDescription($club['title']);
}
} else {
$inPage->setDescription($club['meta_desc']);
}
$inPage->addPathway($club['title']);
$inPage->addHeadJsLang(array('NEW_POST_ON_WALL','CONFIRM_DEL_POST_ON_WALL'));
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub('member');
// Приватный или публичный клуб
$is_access = true;
if ($club['clubtype']=='private' && (!$is_admin && !$is_moder && !$is_member)){
$is_access = false;
}
// Общее количество участников
$club['members'] = $model->club_total_members;
// Общее количество участников
$club['moderators'] = $model->club_total_moderators;
// Массив членов клуба
if($club['members']){
$inDB->limit($model->config['club_perpage']);
$club['members_list'] = $model->getClubMembers($club['id'], 'member');
} else { $club['members_list'] = array(); }
// Массив модераторов клуба
if($club['moderators']){
$club['moderators_list'] = $model->getClubMembers($club['id'], 'moderator');
}
// Стена клуба
// количество записей на стене берем из настроек
$inDB->limitPage(1, $model->config['wall_perpage']);
$club['wall_html'] = cmsUser::getUserWall($club['id'], 'clubs', ($is_moder || $is_admin), ($is_moder || $is_admin));
/////////////////////////////////////////////
//////////// ПОСТЫ БЛОГА КЛУБА //////////////
/////////////////////////////////////////////
if ($club['enabled_blogs']){
$inBlog = $model->initBlog();
$inBlog->whereBlogUserIs($club['id']);
$club['total_posts'] = $inBlog->getPostsCount($is_admin || $is_moder);
$inDB->addSelect('b.user_id as bloglink');
$inDB->orderBy('p.pubdate', 'DESC');
$inDB->limit($model->config['club_posts_perpage']);
$club['blog_posts'] = $inBlog->getPosts(($is_admin || $is_moder), $model, true);
}
/////////////////////////////////////////////
//////////// ФОТОАЛЬБОМЫ КЛУБА //////////////
/////////////////////////////////////////////
if ($club['enabled_photos']){
// Общее количество альбомов
$club['all_albums'] = $inDB->rows_count('cms_photo_albums', "NSDiffer = 'club{$club['id']}' AND user_id = '{$club['id']}' AND parent_id > 0");
// получаем альбомы
if($club['all_albums']){
$inDB->limit($model->config['club_album_perpage']);
$inDB->orderBy('f.pubdate', 'DESC');
$club['photo_albums'] = $inPhoto->getAlbums(0, 'club'.$club['id']);
} else {
$club['photo_albums'] = array();
}
}
// Получаем плагины
$plugins = cmsCore::callTabEventPlugins('GET_SINGLE_CLUB', $club);
cmsPage::initTemplate('components', 'com_clubs_view_club')->
assign('club', $club)->
assign('is_access', $is_access)->
assign('user_id', $inUser->id)->
assign('is_admin', $is_admin)->
assign('is_moder', $is_moder)->
assign('plugins', $plugins)->
assign('is_member', $is_member)->
assign('is_photo_karma_enabled', ((($inUser->karma >= $club['photo_min_karma']) && $is_member) ? true : false))->
assign('is_blog_karma_enabled', ((($inUser->karma >= $club['blog_min_karma']) && $is_member) ? true : false))->
assign('cfg', $model->config)->
display();
}
///////////////////////// СОЗДАНИЕ КЛУБА ///////////////////////////////////////
if ($do == 'create'){
if(!cmsCore::isAjax()) { return false; }
if(!$inUser->id){ return false; }
$can_create = $model->canCreate();
// показываем форму
if (!cmsCore::inRequest('create') ){
cmsPage::initTemplate('components', 'com_clubs_create')->
assign('can_create', $can_create)->
assign('last_message', $model->last_message)->
display();
cmsCore::jsonOutput(array('error' => false,
'can_create' => (bool)$can_create,
'html' => ob_get_clean()));
}
if (cmsCore::inRequest('create')){
if (!$can_create){ return false; }
$title = $inCore->request('title', 'str');
$clubtype = $inCore->request('clubtype', 'str');
if (!$title || !in_array($clubtype, array('public','private'))){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CLUB_REQ_TITLE']));
}
if ($inDB->get_field('cms_clubs', "LOWER(title) = '".mb_strtolower($title)."'", 'id')){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CLUB_EXISTS']));
}
if(!cmsUser::checkCsrfToken()) { return false; }
$club_id = $model->addClub(array('admin_id'=>$inUser->id,
'title'=>$title,
'clubtype'=>$clubtype,
'create_karma'=>$inUser->karma,
'enabled_blogs'=>$model->config['enabled_blogs'],
'enabled_photos'=>$model->config['enabled_photos']));
if($club_id){
//регистрируем событие
cmsActions::log('add_club', array(
'object' => $title,
'object_url' => '/clubs/'.$club_id,
'object_id' => $club_id,
'target' => '',
'target_url' => '',
'target_id' => 0,
'description' => ''
));
}
cmsCore::addSessionMessage($_LANG['CLUB_IS_CREATED'], 'success');
cmsCore::jsonOutput(array('error' => false,
'club_id' => $club_id));
}
}
///////////////////////// НАСТРОЙКИ КЛУБА //////////////////////////////////////
if ($do == 'config'){
if (!$inUser->id){ return false; }
$club = $model->getClub($id);
if (!$club){ return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// настраивать клуб могут только администраторы
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
if (!$is_admin){ return false; }
if (cmsCore::inRequest('save')){
if (!cmsUser::checkCsrfToken()) { return false; }
$description = cmsCore::badTagClear(cmsCore::request('description', 'html', ''));
$new_club['description'] = $inDB->escape_string($description);
$new_club['title'] = cmsCore::request('title', 'str', $club['title']);
$new_club['clubtype'] = cmsCore::request('clubtype', 'str', 'public');
$new_club['maxsize'] = cmsCore::request('maxsize', 'int', 0);
$new_club['blog_min_karma'] = cmsCore::request('blog_min_karma', 'int', 0);
$new_club['photo_min_karma'] = cmsCore::request('photo_min_karma', 'int', 0);
$new_club['album_min_karma'] = cmsCore::request('album_min_karma', 'int', 0);
$new_club['blog_premod'] = cmsCore::request('blog_premod', 'int', 0);
$new_club['photo_premod'] = cmsCore::request('photo_premod', 'int', 0);
$new_club['join_karma_limit'] = cmsCore::request('join_karma_limit', 'int', 0);
$new_club['join_min_karma'] = cmsCore::request('join_min_karma', 'int', 0);
if ($model->config['seo_user_access'] || $inUser->is_admin) {
$new_club['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$new_club['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$new_club['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
// загружаем изображение клуба
$new_imageurl = $model->uploadClubImage($club['imageurl']);
$new_club['imageurl'] = @$new_imageurl['filename'] ? $new_imageurl['filename'] : $club['imageurl'];
// Сохраняем
$model->updateClub($club['id'], $new_club);
// Обновляем ленту активности
cmsActions::updateLog('add_club', array('object' => $new_club['title']), $club['id']);
cmsActions::updateLog('add_club_user', array('object' => $new_club['title']), $club['id']);
if ($inUser->is_admin && IS_BILLING){
$is_vip = cmsCore::request('is_vip', 'int', 0);
$join_cost = cmsCore::request('join_cost', 'int', 0);
$model->setVip($club['id'], $is_vip, $join_cost);
}
$moders = cmsCore::request('moderslist', 'array_int', array());
$members = cmsCore::request('memberslist', 'array_int', array());
$all_users = array_merge($members, $moders);
// Сохраняем пользователей
$model->clubSaveUsers($club['id'], $all_users);
$model->clubSetRole($club['id'], $moders, 'moderator');
// Кешируем количество
$model->setClubMembersCount($club['id']);
cmsCore::addSessionMessage($_LANG['CONFIG_SAVE_OK'], 'info');
cmsCore::redirect('/clubs/'.$club['id']);
}
if (!cmsCore::inRequest('save')){
// Заголовки и пафвей
$inPage->addPathway($club['title'], '/clubs/'.$club['id']);
$inPage->addPathway($_LANG['CONFIG_CLUB']);
$inPage->setTitle($_LANG['CONFIG_CLUB']);
// Список друзей, отсутствующих в клубе
$friends_list = '';
// массив id друзей не в клубе
$friends_ids = array();
// Получаем список друзей
$friends = cmsUser::getFriends($inUser->id);
// Получаем список участников
$members = $model->getClubMembersIds();
// Формируем список друзей, которые еще не в клубе
foreach($friends as $key=>$friend){
if (!in_array($friend['id'], $members) && $friend['id'] != $club['admin_id']){
$friends_list .= '<option value="'.$friend['id'].'">'.$friend['nickname'].'</option>';
$friends_ids[] = $friend['id'];
}
}
// Получаем модераторов клуба
$moderators = $model->getClubMembersIds('moderator');
// формируем список друзья не в клубе + участники клуба кроме модераторов
$fr_plus_members = $members ? array_merge($friends_ids, $members) : $friends_ids;
// Убираем модераторов если они есть
$fr_plus_members = $moderators ? array_diff($fr_plus_members, $moderators) : $fr_plus_members;
// Формируем список option друзей (которые еще не в этом клубе) и участников
if ($fr_plus_members) { $fr_members_list = cmsUser::getAuthorsList($fr_plus_members); } else { $fr_members_list = ''; }
// Формируем список option участников клуба
if ($moderators) { $moders_list = cmsUser::getAuthorsList($moderators); } else { $moders_list = ''; }
if ($members) { $members_list = cmsUser::getAuthorsList($members); } else { $members_list = ''; }
cmsPage::initTemplate('components', 'com_clubs_config')->
assign('club', $club)->
assign('moders_list', $moders_list)->
assign('members_list', $members_list)->
assign('friends_list', $friends_list)->
assign('fr_members_list', $fr_members_list)->
assign('is_billing', IS_BILLING)->
assign('is_admin', $inUser->is_admin)->
assign('cfg', $model->config)->
display();
}
}
///////////////////////// ВЫХОД ИЗ КЛУБА ///////////////////////////////////////////
if ($do == 'leave'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
$club = $model->getClub($id);
if(!$club){ cmsCore::halt(); }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// Выйти из клуба могут только его участники
$is_admin = $inUser->id == $club['admin_id'];
$is_member = $model->checkUserRightsInClub();
if ($is_admin || !$is_member){ cmsCore::halt(); }
if (cmsCore::inRequest('confirm')){
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
cmsCore::callEvent('LEAVE_CLUB', $club);
$model->removeUserFromClub($club['id'], $inUser->id);
// Пересчитываем рейтинг
$model->setClubRating($club['id']);
// Кешируем (пересчитываем) количество участников
$model->setClubMembersCount($club['id']);
// Добавляем событие в ленте активности
cmsActions::removeObjectLog('add_club_user', $club['id'], $inUser->id);
cmsCore::addSessionMessage($_LANG['YOU_LEAVE_CLUB'].'"'.$club['title'].'"', 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/clubs/'.$club['id']));
}
}
///////////////////////// ВСТУПЛЕНИЕ В КЛУБ ////////////////////////////////////
if ($do == 'join'){
if (!$inUser->id){ cmsCore::halt(); }
$club = $model->getClub($id);
if(!$club){ cmsCore::halt(); }
// В приватный клуб участников добавляет администратор
if ($club['clubtype']=='private'){ cmsCore::halt(); }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// проверяем наличие пользователя в клубе
$is_admin = $inUser->id == $club['admin_id'];
$is_member = $model->checkUserRightsInClub();
if ($is_admin || $is_member){ cmsCore::halt(); }
// Проверяем ограничения на количество участников
if ($club['maxsize'] && ($model->club_total_members >= $club['maxsize']) && !$inUser->is_admin){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CLUB_SIZE_LIMIT']));
}
// Проверяем ограничения по карме на вступление
if($club['join_karma_limit'] && ($inUser->karma < $club['join_min_karma']) && !$inUser->is_admin){
cmsCore::jsonOutput(array('error' => true, 'text' => '<p><strong>'.$_LANG['NEED_KARMA_TEXT'].'</strong></p><p>'.$_LANG['NEEDED'].' '.$club['join_min_karma'].', '.$_LANG['HAVE_ONLY'].' '.$inUser->karma.'.</p><p>'.$_LANG['WANT_SEE'].' <a href="/users/'.$inUser->id.'/karma.html">'.$_LANG['HISTORY_YOUR_KARMA'].'</a>?</p>'));
}
//
// Обработка заявки
//
if (cmsCore::inRequest('confirm')){
cmsCore::callEvent('JOIN_CLUB', $club);
//списываем оплату если клуб платный
if (IS_BILLING && $club['is_vip'] && $club['join_cost'] && !$inUser->is_admin){
if ($inUser->balance >= $club['join_cost']){
//если средств на балансе хватает
cmsBilling::pay($inUser->id, $club['join_cost'], sprintf($_LANG['VIP_CLUB_BUY_JOIN'], $club['title']));
} else {
//недостаточно средств, создаем тикет
//и отправляем оплачивать
$billing_ticket = array(
'action' => sprintf($_LANG['VIP_CLUB_BUY_JOIN'], $club['title']),
'cost' => $club['join_cost'],
'amount' => $club['join_cost'] - $inUser->balance,
'url' => $_SERVER['REQUEST_URI'].'?confirm=1'
);
cmsUser::sessionPut('billing_ticket', $billing_ticket);
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/billing/pay'));
}
}
//добавляем пользователя в клуб
$model->addUserToClub($club['id'], $inUser->id);
// Пересчитываем рейтинг клуба
$model->setClubRating($club['id']);
// Кешируем (пересчитываем) количество участников
$model->setClubMembersCount($club['id']);
//регистрируем событие
cmsActions::log('add_club_user', array(
'object' => $club['title'],
'object_url' => '/clubs/'.$club['id'],
'object_id' => $club['id'],
'target' => '',
'target_url' => '',
'target_id' => 0,
'description' => ''
));
cmsCore::addSessionMessage($_LANG['YOU_JOIN_CLUB'].'"'.$club['title'].'"', 'success');
if($_SERVER['REQUEST_URI'] != '/clubs/'.$club['id'].'/join.html'){
cmsCore::redirect('/clubs/'.$club['id']);
} else {
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/clubs/'.$club['id']));
}
}
//
// Форма подтверждения заявки
//
if (!cmsCore::inRequest('confirm')){
$text = '<p>'.$_LANG['YOU_REALY_JOIN_TO'].' <strong>"'.$club['title'].'"</strong>?</p>';
if ($club['is_vip'] && $club['join_cost'] && !$inUser->is_admin){
$text .= '<p>'.$_LANG['VIP_CLUB_JOIN_COST'].' — <strong>'.$club['join_cost'].' '.$_LANG['BILLING_POINT10'].'</strong></p>';
}
cmsCore::jsonOutput(array('error' => false, 'text' => $text));
}
}
///////////////////// РАССЫЛКА СООБЩЕНИЯ УЧАСТНИКАМ ////////////////////////////
if ($do == 'send_message'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
$club = $model->getClub($id);
if(!$club){ cmsCore::halt(); }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// Расылать могут только участники и администраторы
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
if (!$is_admin){ cmsCore::halt(); }
if (!cmsCore::inRequest('gosend')){
$inPage->setRequestIsAjax();
cmsPage::initTemplate('components', 'com_clubs_messages_member')->
assign('club', $club)->
assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->
assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->
display();
cmsCore::jsonOutput(array('error' => false,'html' => ob_get_clean()));
} else {
// Здесь не эскейпим, в методе sendMessage эскейпится
$message = cmsCore::parseSmiles(cmsCore::request('content', 'html', ''), true);
$moderators_list = $model->getClubMembersIds('moderator');
$members_list = $model->getClubMembersIds();
$result_list = cmsCore::inRequest('only_mod') ? $moderators_list : $members_list;
if (mb_strlen($message)<3){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS']));
}
if (!$result_list){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS_NO_MEMBERS']));
}
if (!cmsUser::checkCsrfToken()) { return false; }
$message = str_replace('%club%', '<a href="/clubs/'.$club['id'].'">'.$club['title'].'</a>', $_LANG['MESSAGE_FROM ADMIN']).$message;
cmsUser::sendMessages(USER_UPDATER, $result_list, $message);
$info = cmsCore::inRequest('only_mod') ? $_LANG['SEND_MESS_TO_MODERS_OK'] : $_LANG['SEND_MESS_TO_MEMBERS_OK'];
cmsCore::jsonOutput(array('error' => false, 'text' => $info));
}
}
///////////////////////// ПРИГЛАСИТЬ ДРУЗЕЙ В КЛУБ /////////////////////////////
if ($do == 'join_member'){
if (!$inUser->id) { return false; }
if (!cmsCore::isAjax()) { return false; }
$club = $model->getClub($id);
if(!$club){ cmsCore::halt(); }
if (!$club['published'] && !$inUser->is_admin) { cmsCore::halt(); }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// Расылать могут только участники и администраторы
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_member = $model->checkUserRightsInClub();
if (!$is_admin && !$is_member){ cmsCore::halt(); }
// В приватный клуб приглашения не рассылаем
if ($club['clubtype']=='private'){ cmsCore::halt(); }
// Получаем список друзей
$friends = cmsUser::getFriends($inUser->id);
// Получаем список участников
$members = $model->getClubMembersIds();
// Проверяем наличие друга в списке участников клуба или является ли он администратором
foreach($friends as $key=>$friend){
if (in_array($friend['id'], $members) || $friend['id'] == $club['admin_id']) { unset($friends[$key]); }
}
// Если нет друзей или все друзья уже в этом клубе, то выводим ошибку и возвращаемся назад
if (!$friends){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['SEND_INVITE_ERROR']));
}
// показываем форму для приглашения
if (!cmsCore::inRequest('join')){
// Выводим шаблон
cmsPage::initTemplate('components', 'com_clubs_join_member')->
assign('club', $club)->
assign('friends', $friends)->
display();
cmsCore::jsonOutput(array('error' => false,'html' => ob_get_clean()));
} else { // Приглашаем
$users = cmsCore::request('users', 'array_int', array());
if ($users){
$club_link = '<a href="/clubs/'.$club['id'].'">'.$club['title'].'</a>';
$user_link = cmsUser::getProfileLink($inUser->login, $inUser->nickname);
$link_join = '<a href="/clubs/'.$club['id'].'">'.$_LANG['JOIN_CLUB'] .'</a>';
$message = str_replace(array('%user%','%club%','%link_join%'),
array($user_link,$club_link,$link_join), $_LANG['INVITE_CLUB_TEXT']);
cmsUser::sendMessages(USER_UPDATER, $users, $message);
}
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_INVITE_OK']));
}
}
///////////////////////// ПРОСМОТР УЧАСТНИКОВ //////////////////////////////////
if ($do=='members'){
$club = $model->getClub($id);
if(!$club){ return false; }
if (!$club['published'] && !$inUser->is_admin) { return false; }
$inPage->setTitle($_LANG['CLUB_MEMBERS'].' - '.$club['title']);
$inPage->setDescription($_LANG['CLUB_MEMBERS'].' - '.$club['title']);
$inPage->addPathway($club['title'], '/clubs/'.$club['id']);
$inPage->addPathway($_LANG['CLUB_MEMBERS'].' - '.$club['title']);
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub();
// Приватный или публичный клуб
if ($club['clubtype']=='private' && (!$is_admin && !$is_moder && !$is_member)){
return false;
}
// Общее количество участников
$total_members = $model->club_total_members;
// Массив членов клуба
if($total_members){
$inDB->limitPage($page, $model->config['member_perpage']);
$members = $model->getClubMembers($club['id']);
if(!$members) { return false; }
} else { return false; }
$pagebar = cmsPage::getPagebar($total_members, $page, $model->config['member_perpage'], '/clubs/%id%/members-%page%', array('id'=>$club['id']));
cmsPage::initTemplate('components', 'com_clubs_view_member')->
assign('pagebar', $pagebar)->
assign('page', $page)->
assign('members', $members)->
assign('club', $club)->
assign('total_members', $total_members)->
display();
}
////////////////////////////// ВСЕ АЛЬБОМЫ КЛУБА //////////////////////////////
if ($do=='view_albums'){
$club = $model->getClub($id);
if(!$club){ return false; }
if (!$club['published'] && !$inUser->is_admin) { return false; }
$pagetitle = $_LANG['PHOTOALBUMS'].' - '.$club['title'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($club['title'], '/clubs/'.$club['id']);
$inPage->addPathway($_LANG['PHOTOALBUMS']);
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub('member');
$is_karma_enabled = (($inUser->karma >= $club['photo_min_karma']) && $is_member) ? true : false;
// Приватный или публичный клуб
if ($club['clubtype']=='private' && (!$is_admin && !$is_moder && !$is_member)){
return false;
}
$inDB->orderBy('f.pubdate', 'DESC');
$club['photo_albums'] = $inPhoto->getAlbums(0, 'club'.$club['id']);
if(!$club['photo_albums']) { return false; }
// SEO
$inPage->setDescription($pagetitle);
$keys = array($club['title'], $_LANG['PHOTOALBUMS']);
foreach ($club['photo_albums'] as $p) {
$keys[] = $p['title'];
}
$inPage->setKeywords(implode(',', $keys));
cmsPage::initTemplate('components', 'com_clubs_albums')->
assign('club', $club)->
assign('is_admin', $is_admin)->
assign('is_moder', $is_moder)->
assign('is_karma_enabled', $is_karma_enabled)->
assign('show_title', true)->
assign('pagetitle', $pagetitle)->
display();
}
///////////////////////// ПРОСМОТР АЛЬБОМА КЛУБА ///////////////////////////////
if ($do=='view_album'){
// Получаем альбом
$album = $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int', 0), null);
if (!$album) { return false; }
// Неопубликованные альбомы показываем только админам
if (!$album['published'] && !$inUser->is_admin) { return false; }
if ($album['NSDiffer'] != 'club'. $album['user_id']) { return false; }
// получаем клуб
$club = $model->getClub($album['user_id']);
if(!$club) { return false; }
if (!$club['published'] && !$inUser->is_admin) { return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub();
// Приватный или публичный клуб
if ($club['clubtype']=='private' && (!$is_admin && !$is_moder && !$is_member)){
return false;
}
$hidden = (bool)($is_admin || $is_moder);
// Устанавливаем альбом
$inPhoto->whereAlbumIs($album['id']);
// Общее количество фото по заданным выше условиям
$total = $inPhoto->getPhotosCount($hidden);
//устанавливаем сортировку
$inDB->orderBy('f.id', 'DESC');
//устанавливаем номер текущей страницы и кол-во фото на странице
$inDB->limitPage($page, $model->config['photo_perpage']);
$photos = $inPhoto->getPhotos($hidden);
if (!$photos && $page > 1) { cmsCore::error404(); }
$inPage->addPathway($club['title'], '/clubs/'.$club['id']);
$inPage->addPathway($album['title'], '/clubs/photoalbum'.$album['id']);
$inPage->setTitle($album['title']);
$inPage->setDescription($album['title'].' - '.$_LANG['CLUB_PHOTO_ALBUM'].' "'.$club['title'].'"');
$keys = array($album['title'], $club['title']);
if ($photos) {
foreach ($photos as $p) {
$keys[] = $p['title'];
}
}
$inPage->setKeywords(implode(',', $keys));
cmsPage::initTemplate('components', 'com_clubs_view_album')->
assign('club', $club)->
assign('total', $total)->
assign('album', $album)->
assign('photos', $photos)->
assign('is_admin', $is_admin)->
assign('is_moder', $is_moder)->
assign('is_member', $is_member)->
assign('cfg', $model->config)->
assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['photo_perpage'], '/clubs/photoalbum'.$album['id'].'/page-%page%'))->
display();
}
///////////////////////// УДАЛЕНИЕ АЛЬБОМА /////////////////////////////////////
if ($do=='delete_album'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
if(!cmsUser::checkCsrfToken()) { return false; }
$album = $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int', 0), null);
if (!$album) { cmsCore::halt(); }
$club = $model->getClub($album['user_id']);
if(!$club) { cmsCore::halt(); }
$model->initClubMembers($club['id']);
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
if(!$is_admin && !$is_moder) { cmsCore::halt(); }
$inPhoto->deleteAlbum($album['id'], 'club'.$club['id'], $model->initUploadClass());
cmsCore::addSessionMessage($_LANG['ALBUM_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/clubs/'.$club['id']));
}
//////////////////////////////// ПРОСМОТР ФОТО /////////////////////////////////
if ($do=='view_photo'){
// Получаем фото
$photo = $inPhoto->getPhoto(cmsCore::request('photo_id', 'int', 0));
if (!$photo) { return false; }
$photo = cmsCore::callEvent('VIEW_CLUB_PHOTO', $photo);
// получаем клуб
$club = $model->getClub($photo['auser_id']);
if(!$club) { return false; }
if (!$club['published'] && !$inUser->is_admin) { return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub();
$is_author = $photo['user_id'] == $inUser->id;
if (!$photo['published'] && !$is_admin && !$is_moder) { return false; }
// Фото приватного клуба показываем только участникам
if ($club['clubtype']=='private' && !$is_member && !$is_admin){ return false; }
$inPage->addPathway($club['title'], '/clubs/'. $club['id']);
$inPage->addPathway($photo['cat_title'], '/clubs/photoalbum'.$photo['album_id']);
$inPage->addPathway($photo['title']);
$inPage->setTitle($photo['pagetitle'] ? $photo['pagetitle'] : $photo['title']);
$inPage->setKeywords($photo['meta_keys'] ? $photo['meta_keys'] : $photo['title']);
if (!$photo['meta_desc']) {
if ($photo['description']) {
$inPage->setDescription(crop($photo['description']));
} else {
$inPage->setDescription($photo['title']);
}
} else {
$inPage->setDescription($photo['meta_desc']);
}
// ссылки вперед назад
$photo['nextid'] = $inDB->get_fields('cms_photo_files', 'id<'.$photo['id'].' AND album_id = '.$photo['album_id'], 'id, file, title', 'id DESC');
$photo['previd'] = $inDB->get_fields('cms_photo_files', 'id>'.$photo['id'].' AND album_id = '.$photo['album_id'], 'id, file, title', 'id ASC');
// кнопки голосования
$photo['karma_buttons'] = cmsKarmaButtons('club_photo', $photo['id'], $photo['rating'], $is_author);
// Обновляем кол-во просмотров
if(!$is_author){
$inDB->setFlag('cms_photo_files', $photo['id'], 'hits', $photo['hits']+1);
}
// выводим в шаблон
cmsPage::initTemplate('components', 'com_clubs_view_photo')->
assign('club', $club)->
assign('photo', $photo)->
assign('is_admin', $is_admin)->
assign('is_moder', $is_moder)->
assign('is_exists_original', (file_exists(PATH.'/images/photos/'. $photo['file'])))->
assign('is_author', $is_author)->
display();
//если есть, выводим комментарии
if ($photo['comments'] && $inCore->isComponentEnable('comments')) {
cmsCore::includeComments();
comments('club_photo', $photo['id'], array(), $is_author);
}
}
////////////////////////////// УДАЛИТЬ ФОТО ////////////////////////////////////
if ($do=='delete_photo'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
if(!cmsUser::checkCsrfToken()) { return false; }
$photo = $inPhoto->getPhoto(cmsCore::request('photo_id', 'int', 0));
if (!$photo) { cmsCore::halt(); }
// получаем клуб
$club = $model->getClub($photo['auser_id']);
if(!$club) { cmsCore::halt(); }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
// удалять могут только модераторы и администраторы
if(!$is_admin && !$is_moder) { cmsCore::halt(); }
$inPhoto->deletePhoto($photo, $model->initUploadClass());
cmsCore::addSessionMessage($_LANG['PHOTO_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/clubs/photoalbum'.$photo['album_id']));
}
///////////////////////// РЕДАКТИРОВАТЬ ФОТО ///////////////////////////////////
if ($do=='edit_photo'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
$photo = $inPhoto->getPhoto(cmsCore::request('photo_id', 'int', 0));
if (!$photo) { cmsCore::halt(); }
// получаем клуб
$club = $model->getClub($photo['auser_id']);
if(!$club) { cmsCore::halt(); }
if (!$club['published'] && !$inUser->is_admin) { return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_author = $photo['user_id'] == $inUser->id;
if(!$is_admin && !$is_moder && !$is_author) { cmsCore::halt(); }
if (!cmsCore::inRequest('edit_photo')){
cmsPage::initTemplate('components', 'com_photos_edit')->
assign('photo', $photo)->
assign('form_action', '/clubs/editphoto'.$photo['id'].'.html')->
assign('no_tags', true)->
assign('is_admin', ($is_admin || $is_moder))->
display();
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$mod['title'] = cmsCore::request('title', 'str', '');
$mod['title'] = $mod['title'] ? $mod['title'] : $photo['title'];
$mod['description'] = cmsCore::request('description', 'str', '');
$mod['comments'] = ($is_admin || $is_moder) ? cmsCore::request('comments', 'int') : $photo['comments'];
if ($model->config['seo_user_access'] || $inUser->is_admin) {
$mod['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$mod['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$mod['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
$file = $model->initUploadClass()->uploadPhoto($photo['file']);
$mod['file'] = $file['filename'] ? $file['filename'] : $photo['file'];
$inPhoto->updatePhoto($mod, $photo['id']);
$description = '<a href="/clubs/photo'.$photo['id'].'.html" class="act_photo"><img border="0" src="/images/photos/small/'.$mod['file'].'" /></a>';
cmsActions::updateLog('add_photo_club', array('object' => $mod['title'], 'description' => $description), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_SAVED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/clubs/photo'.$photo['id'].'.html'));
}
}
/////////////////////////////// PHOTO PUBLISH //////////////////////////////////
if ($do=='publish_photo'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
$photo = $inPhoto->getPhoto(cmsCore::request('photo_id', 'int', 0));
if (!$photo) { cmsCore::halt(); }
// получаем клуб
$club = $model->getClub($photo['auser_id']);
if(!$club) { cmsCore::halt(); }
if (!$club['published'] && !$inUser->is_admin) { return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
if(!$is_admin && !$is_moder) { cmsCore::halt(); }
$inPhoto->publishPhoto($photo['id']);
$description = $club['clubtype']=='private' ? '' :
'<a href="/clubs/photo'.$photo['id'].'.html" class="act_photo"><img border="0" src="/images/photos/small/'.$photo['file'].'" /></a>';
cmsActions::log('add_photo_club', array(
'object' => $photo['title'],
'object_url' => '/clubs/photo'.$photo['id'].'.html',
'object_id' => $photo['id'],
'user_id' => $photo['user_id'],
'target' => $club['title'],
'target_id' => $photo['album_id'],
'target_url' => '/clubs/'.$club['id'],
'description' => $description
));
cmsCore::halt('ok');
}
///////////////////////// ЗАГРУЗКА ФОТО ////////////////////////////////////////
if ($do=='add_photo'){
// Неавторизованных просим авторизоваться
if (!$inUser->id) { cmsUser::goToLogin(); }
$do_photo = cmsCore::request('do_photo', 'str', 'addphoto');
$album = $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int', 0), null);
if (!$album) { return false; }
if (!$album['published'] && !$inUser->is_admin) { return false; }
$club = $model->getClub($album['user_id']);
if(!$club) { return false; }
// если фотоальбомы запрещены
if(!$club['enabled_photos']){ return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub('member');
$is_karma_enabled = (($inUser->karma >= $club['photo_min_karma']) && $is_member) ? true : false;
if(!$is_karma_enabled && !$is_admin && !$is_moder) {
cmsCore::addSessionMessage('<p><strong>'.$_LANG['NEED_KARMA_PHOTO'].'</strong></p><p>'.$_LANG['NEEDED'].' '.$club['photo_min_karma'].', '.$_LANG['HAVE_ONLY'].' '.$inUser->karma.'.</p><p>'.$_LANG['WANT_SEE'].' <a href="/users/'.$inUser->id.'/karma.html">'.$_LANG['HISTORY_YOUR_KARMA'].'</a>?</p>', 'error');
cmsCore::redirectBack();
}
$inPage->addPathway($club['title'], '/clubs/'.$club['id']);
$inPage->addPathway($album['title'], '/clubs/photoalbum'.$album['id']);
return include 'components/clubs/add_photo.php';
}
///////////////////////// БЛОГИ КЛУБОВ /////////////////////////////////////////
if ($do == 'club_blogs') {
$bdo = cmsCore::request('bdo', 'str', 'view_clubs_posts');
$post_id = cmsCore::request('post_id', 'int', 0);
$cat_id = cmsCore::request('cat_id', 'int', 0);
$seolink = cmsCore::request('seolink', 'str', '');
$on_moderate = cmsCore::request('on_moderate', 'int', 0);
$inBlog = $model->initBlog();
$inPage->addHeadJsLang(array('NEW_CAT','RENAME_CAT','YOU_REALY_DELETE_CAT','YOU_REALY_DELETE_POST','NO_PUBLISHED'));
return include 'components/clubs/club_blogs.php';
}
}
function applet_userbanlist()
{
$inCore = cmsCore::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/users', $adminAccess)) {
cpAccessDenied();
}
cmsCore::c('page')->setTitle($_LANG['AD_BANLIST']);
cpAddPathway($_LANG['AD_USERS'], 'index.php?view=users');
cpAddPathway($_LANG['AD_BANLIST'], 'index.php?view=userbanlist');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
$to = cmsCore::request('to', 'int', 0);
// для редиректа обратно в профиль на сайт
if ($to) {
cmsUser::sessionPut('back_url', cmsCore::getBackURL());
}
if ($do == 'list') {
$toolmenu = array(array('icon' => 'useradd.gif', 'title' => $_LANG['AD_TO_BANLIST_ADD'], 'link' => '?view=userbanlist&do=add'), array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=userbanlist&do=edit&multiple=1');"), array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=userbanlist&do=delete&multiple=1');"));
cpToolMenu($toolmenu);
$fields = array(array('title' => 'id', 'field' => 'id', 'width' => '40'), array('title' => $_LANG['AD_IS_ACTIVE'], 'field' => 'status', 'width' => '65', 'prc' => 'cpYesNo'), array('title' => $_LANG['AD_BANLIST_USER'], 'field' => 'user_id', 'width' => '120', 'filter' => '12', 'prc' => 'cpUserNick'), array('title' => $_LANG['AD_BANLIST_IP'], 'field' => 'ip', 'width' => '100', 'link' => '?view=userbanlist&do=edit&id=%id%', 'filter' => '12'), array('title' => $_LANG['DATE'], 'field' => 'bandate', 'width' => '', 'fdate' => '%d/%m/%Y %H:%i:%s', 'filter' => '12'), array('title' => $_LANG['AD_BANLIST_TIME'], 'field' => 'int_num', 'width' => '55'), array('title' => '', 'field' => 'int_period', 'width' => '70'), array('title' => $_LANG['AD_AUTOREMOVE'], 'field' => 'autodelete', 'width' => '100', 'prc' => 'cpYesNo'));
$actions = array(array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=userbanlist&do=edit&id=%id%'), array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_REMOVE_RULE'], 'link' => '?view=userbanlist&do=delete&id=%id%'));
cpListTable('cms_banlist', $fields, $actions, '1=1', 'ip DESC');
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) {
dbDelete('cms_banlist', $id);
}
} else {
dbDeleteList('cms_banlist', cmsCore::request('item', 'array_int', array()));
}
cmsCore::redirect('?view=userbanlist');
}
if ($do == 'submit' || $do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$types = array('user_id' => array('user_id', 'int', 0), 'ip' => array('ip', 'str', ''), 'cause' => array('cause', 'str', ''), 'autodelete' => array('autodelete', 'int', 0), 'int_num' => array('int_num', 'int', 0), 'int_period' => array('int_period', 'str', '', create_function('$p', 'if(!in_array($p, array("MONTH","DAY","HOUR","MINUTE"))){ $p = "MINUTE"; } return $p;')));
$items = cmsCore::getArrayFromRequest($types);
$error = false;
if (!$items['ip']) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_NEED_IP'], 'error');
}
if ($items['ip'] == $_SERVER['REMOTE_ADDR'] || $items['user_id'] == cmsCore::c('user')->id) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_ITS_YOUR_IP'], 'error');
}
if (cmsUser::userIsAdmin($items['user_id'])) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_ITS_ADMIN'], 'error');
}
if ($error) {
cmsCore::redirectBack();
}
if ($do == 'update') {
cmsCore::c('db')->update('cms_banlist', $items, $id);
if (empty($_SESSION['editlist'])) {
cmsCore::redirect('?view=userbanlist');
} else {
cmsCore::redirect('?view=userbanlist&do=edit');
}
}
cmsCore::c('db')->insert('cms_banlist', $items);
$back_url = cmsUser::sessionGet('back_url');
cmsUser::sessionDel('back_url');
cmsCore::redirect($back_url ? $back_url : '?view=userbanlist');
}
if ($do == 'add' || $do == 'edit') {
cmsCore::c('page')->addHeadJS('admin/js/banlist.js');
$toolmenu = array(array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();'), array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);'));
cpToolMenu($toolmenu);
if ($do == 'add') {
echo '<h3>' . $_LANG['AD_TO_BANLIST_ADD'] . '</h3>';
cpAddPathway($_LANG['AD_TO_BANLIST_ADD']);
} else {
if (cmsCore::inRequest('multiple')) {
if (cmsCore::inRequest('item')) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (count($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . count($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = cmsCore::c('db')->get_fields('cms_banlist', "id = '" . $item_id . "'", '*');
if (!$mod) {
cmsCore::error404();
}
echo '<h3>' . $_LANG['AD_EDIT_RULE'] . ' ' . $ostatok . '</h3>';
cpAddPathway($_LANG['AD_EDIT_RULE']);
}
if ($do == 'add' && $to) {
$mod['user_id'] = $to;
$mod['ip'] = cmsCore::c('db')->get_field('cms_users', 'id=' . $to, 'last_ip');
}
cmsCore::c('page')->initTemplate('applets', 'userbanlist_add')->assign('do', $do)->assign('mod', $mod)->assign('users_opt', $inCore->getListItems('cms_users', cmsCore::getArrVal($mod, 'user_id', 0), 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname'))->display();
}
}
function applet_users() {
$inCore = cmsCore::getInstance();
cmsCore::loadClass('actions');
cmsCore::loadModel('users');
$model = new cms_model_users();
// подключаем язык компонента регистрации
cmsCore::loadLanguage('components/registration');
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/users', $adminAccess)) { cpAccessDenied(); }
cmsCore::c('page')->setTitle($_LANG['AD_USERS']);
cpAddPathway($_LANG['AD_USERS'], 'index.php?view=users');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', 0);
if ($do == 'list') {
$toolmenu = array(
array( 'icon' => 'useradd.gif', 'title' => $_LANG['AD_USER_ADD'], 'link' => '?view=users&do=add' ),
array( 'icon' => 'useredit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=users&do=edit&multiple=1');" ),
array( 'icon' => 'userdelete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:if(confirm('". $_LANG['AD_IF_USERS_SELECT_REMOVE'] ."')) { checkSel('?view=users&do=delete&multiple=1'); }" ),
array( 'icon' => 'usergroup.gif', 'title' => $_LANG['AD_USERS_GROUP'], 'link' => '?view=usergroups' ),
array( 'icon' => 'userbanlist.gif', 'title' => $_LANG['AD_BANLIST'], 'link' => '?view=userbanlist' ),
array( 'icon' => 'user_go.png', 'title' => $_LANG['AD_USERS_SELECT_ACTIVATE'], 'link' => "javascript:if(confirm('". $_LANG['AD_IF_USERS_SELECT_ACTIVATE'] ."')) { checkSel('?view=users&do=activate&multiple=1'); }" ),
array( 'icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=users' )
);
cpToolMenu($toolmenu);
$fields = array(
array( 'title' => 'id', 'field' => 'id', 'width' => '40' ),
array( 'title' => $_LANG['LOGIN'], 'field' => 'login', 'width' => '100', 'link' => '?view=users&do=edit&id=%id%', 'filter' => 12 ),
array( 'title' => $_LANG['NICKNAME'], 'field' => 'nickname', 'width' => '', 'link' => '?view=users&do=edit&id=%id%', 'filter' => 12 ),
array( 'title' => $_LANG['AD_RATING'], 'field' => array( 'rating', 'id' ), 'width' => '70', 'prc' => 'setRating' ),
array( 'title' => $_LANG['AD_GROUP'], 'field' => 'group_id', 'width' => '110', 'prc' => 'cpGroupById', 'filter' => 1, 'filterlist' => cpGetList('cms_user_groups') ),
array( 'title' => $_LANG['EMAIL'], 'field' => 'email', 'width' => '120' ),
array( 'title' => $_LANG['AD_REGISTRATION_DATE'], 'field' => 'regdate', 'width' => '100' ),
array( 'title' => $_LANG['AD_LAST_LOGIN'], 'field' => 'logdate', 'width' => '100' ),
array( 'title' => $_LANG['AD_LAST_IP'], 'field' => 'last_ip', 'width' => '90', 'prc' => 'getIpLink' ),
array( 'title' => $_LANG['AD_IS_LOCKED'], 'field' => 'is_locked', 'width' => '110', 'prc' => 'viewAct' ),
array( 'title' => $_LANG['AD_IS_DELETED'], 'field' => 'is_deleted', 'width' => '80', 'prc' => 'viewDel' )
);
$actions = array(
array( 'title' => $_LANG['AD_PROFILE'], 'icon' => 'profile.gif', 'link' => '/users/%login%' ),
array( 'title' => $_LANG['AD_BANNED'], 'icon' => 'ban.gif', 'link' => '?view=userbanlist&do=add&to=%id%' ),
array( 'title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_IS_USER_DELETE'], 'link' => '?view=users&do=delete&id=%id%' ),
array( 'title' => $_LANG['AD_FOREVER_USER_DELETE'], 'icon' => 'off.gif', 'confirm' => $_LANG['AD_IF_FOREVER_USER_DELETE'], 'link' => '?view=users&do=delete_full&id=%id%' )
);
cpListTable('cms_users', $fields, $actions, '1=1', 'regdate DESC');
}
if ($do == 'rerating') {
$user_id = cmsCore::request('user_id', 'int');
if (!$user_id) { cmsCore::redirectBack(); }
$rating = cmsUser::getRating($user_id);
$user_sql = "UPDATE cms_users
SET rating = ". $rating ."
WHERE id = '". $user_id ."'";
cmsCore::c('db')->query($user_sql);
cmsCore::redirectBack();
}
if ($do == 'activate') {
$user_ids = cmsCore::request('item', 'array_int');
if (!$user_ids) { cmsCore::redirectBack(); }
foreach ($user_ids as $user_id) {
$code = cmsCore::c('db')->get_field('cms_users_activate', "user_id = '". $user_id ."'", 'code');
$sql = "UPDATE cms_users SET is_locked = 0 WHERE id = '". $user_id ."'";
cmsCore::c('db')->query($sql);
$sql = "DELETE FROM cms_users_activate WHERE code = '". $code ."'";
cmsCore::c('db')->query($sql);
cmsCore::callEvent('USER_ACTIVATED', $user_id);
// Регистрируем событие
cmsActions::log(
'add_user',
array(
'object' => '',
'user_id' => $user_id,
'object_url' => '',
'object_id' => $user_id,
'target' => '',
'target_url' => '',
'target_id' => 0,
'description' => ''
)
);
}
cmsCore::redirectBack();
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) {
$model->deleteUser($id);
}
} else {
$model->deleteUsers(cmsCore::request('item', 'array_int', array()));
}
cmsCore::redirectBack();
}
if ($do == 'delete_full') {
$model->deleteUser($id, true);
cmsCore::redirectBack();
}
if ($do == 'submit' || $do == 'update') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$types = array(
'login' => array( 'login', 'str', '' ),
'nickname' => array( 'nickname', 'str', '', 'htmlspecialchars' ),
'email' => array( 'email', 'email', '' ),
'group_id' => array( 'group_id', 'int', 1 ),
'is_locked' => array( 'is_locked', 'int', 0 ),
'password' => array( 'pass', 'str', '', 'stripslashes' ),
'pass2' => array( 'pass2', 'str', '', 'stripslashes' )
);
$items = cmsCore::getArrayFromRequest($types);
$errors = false;
// проверяем логин
if (mb_strlen($items['login']) < 2 ||
mb_strlen($items['login']) > 15 ||
is_numeric($items['login']) ||
!preg_match("/^([a-zA-Z0-9])+$/ui", $items['login'])) {
cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error');
$errors = true;
}
// проверяем пароль
if ($do == 'submit') {
if (!$items['password']) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
}
if ($items['password'] && !$items['pass2']) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($items['password'] && $items['pass2'] && mb_strlen($items['password']) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($items['password'] && $items['pass2'] && $items['password'] != $items['pass2']) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
// никнейм
if (mb_strlen($items['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
// Проверяем email
if (!$items['email']) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
$errors = true;
}
// проверяем есть ли такой пользователь
if ($do == 'submit') {
$user_exist = cmsCore::c('db')->get_fields('cms_users', "(login LIKE '". $items['login'] ."' OR email LIKE '". $items['email'] ."') AND is_deleted = 0", 'login');
if ($user_exist) {
if ($user_exist['login'] == $items['login']) {
cmsCore::addSessionMessage($_LANG['LOGIN'] .' "'. $items['login'] .'" '. $_LANG['IS_BUSY'], 'error');
$errors = true;
} else {
cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error');
$errors = true;
}
}
}
if ($errors) {
if ($do == 'submit') {
cmsUser::sessionPut('items', $items);
}
cmsCore::redirectBack();
}
if ($do == 'submit') {
$items['regdate'] = date('Y-m-d H:i:s');
$items['logdate'] = date('Y-m-d H:i:s');
$items['password'] = md5($items['password']);
$items['user_id'] = cmsCore::c('db')->insert('cms_users', $items);
if (!$items['user_id']) { cmsCore::error404(); }
cmsCore::c('db')->insert('cms_user_profiles', $items);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('?view=users');
} else {
// главного админа может редактировать только он сам
if ($id == 1 && cmsCore::c('user')->id != $id) {
cmsCore::error404();
}
if ($id == 1) {
unset($items['group_id']);
unset($items['is_locked']);
}
if (!$items['password']) {
unset($items['password']);
} else {
$items['password'] = md5($items['password']);
}
cmsCore::c('db')->update('cms_users', $items, $id);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
if (empty($_SESSION['editlist'])) {
cmsCore::redirect('index.php?view=users');
} else {
cmsCore::redirect('index.php?view=users&do=edit');
}
}
}
if ($do == 'edit' || $do == 'add') {
$toolmenu = array(
array( 'icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();' ),
array( 'icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);' )
);
cpToolMenu($toolmenu);
if ($do == 'edit') {
if (cmsCore::inRequest('multiple')){
if (cmsCore::inRequest('item')){
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (count($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '('. $_LANG['AD_NEXT_IN'] . count($_SESSION['editlist']) .')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = cmsCore::c('db')->get_fields('cms_users', "id = '". $item_id ."'", '*');
if (!$mod) { cmsCore::error404(); }
echo '<h3>'. $_LANG['AD_USER_EDIT'] .' '. $ostatok .'</h3>';
cpAddPathway($mod['nickname']);
} else {
$mod = cmsUser::sessionGet('items');
if ($mod) { cmsUser::sessionDel('items'); }
cpAddPathway($_LANG['AD_USER_ADD']);
}
cmsCore::c('page')->addHeadJS('components/registration/js/check.js');
?>
<form action="index.php?view=users" method="post" enctype="multipart/form-data" name="addform" id="addform">
<input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" />
<div style="width:500px;">
<div class="form-group">
<label><?php echo $_LANG['LOGIN']; ?>:</label>
<input type="text" id="logininput" class="form-control" name="login" value="<?php echo cmsCore::getArrVal($mod, 'login', ''); ?>" onchange="checkLogin()" />
<?php if ($do == 'edit') { echo '<div class="help-block" style="text-align:right;"><a target="_blank" href="/users/'. $mod['login'] .'" title="'. $_LANG['AD_USER_PROFILE'] .'">'. $_LANG['AD_USER_PROFILE'] .'</a></div>'; } ?>
</div>
<div class="form-group">
<label><?php echo $_LANG['NICKNAME']; ?>:</label>
<input type="text" id="login" class="form-control" name="nickname" value="<?php echo htmlspecialchars(cmsCore::getArrVal($mod, 'nickname', '')); ?>" />
</div>
<div class="form-group">
<label><?php echo $_LANG['EMAIL']; ?>:</label>
<input type="text" id="nickname" class="form-control" name="email" value="<?php echo cmsCore::getArrVal($mod, 'email', ''); ?>" />
</div>
<div class="form-group">
<label><?php if ($do == 'edit') { echo $_LANG['AD_NEW_PASS']; } else { echo $_LANG['PASS']; } ?></label>
<input type="password" id="pass" class="form-control" name="pass" />
</div>
<div class="form-group">
<label><?php echo $_LANG['REPEAT_PASS']; ?>:</label>
<input type="password" id="pass2" class="form-control" name="pass2" />
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_GROUP']; ?>:</label>
<select id="group_id" class="form-control" name="group_id">
<?php
echo $inCore->getListItems('cms_user_groups', cmsCore::getArrVal($mod, 'group_id', 0));
?>
</select>
<?php if ($do == 'edit') { echo '<div class="help-block" style="text-align:right;"><a target="_blank" href="?view=usergroups&do=edit&id='. $mod['group_id'] .'">'. $_LANG['EDIT'] .'</a></div>'; } ?>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_IF_ACCAUNT_LOCK']; ?></label>
<div class="btn-group" data-toggle="buttons" style="float:right;">
<label class="btn btn-default <?php if ($mod['is_locked']) { echo 'active'; } ?>">
<input type="radio" name="is_locked" <?php if ($mod['is_locked']) { echo 'checked="checked"'; } ?> value="1" /> <?php echo $_LANG['YES']; ?>
</label>
<label class="btn btn-default <?php if (!$mod['is_locked']) { echo 'active'; } ?>">
<input type="radio" name="is_locked" <?php if (!$mod['is_locked']) { echo 'checked="checked"'; } ?> value="0" /> <?php echo $_LANG['NO']; ?>
</label>
</div>
</div>
</div>
<div>
<?php if ($do == 'edit') { ?>
<input type="hidden" name="do" value="update" />
<input type="submit" class="btn btn-primary" name="add_mod" value="<?php echo $_LANG['SAVE']; ?>" />
<?php } else { ?>
<input type="hidden" name="do" value="submit" />
<input type="submit" class="btn btn-primary" name="add_mod" value="<?php echo $_LANG['AD_USER_ADD']; ?>" />
<?php } ?>
<input type="button" class="btn btn-default" name="back2" value="<?php echo $_LANG['CANCEL']; ?>" onclick="window.history.back();" />
<?php
if ($do == 'edit') {
echo '<input type="hidden" name="id" value="'. $mod['id'] .'" />';
}
?>
</div>
</form>
<?php
}
}
function blogs() {
$inCore = cmsCore::getInstance();
cmsCore::c('blog')->owner = 'user';
global $_LANG;
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
//Получаем параметры
$id = cmsCore::request('id', 'int', 0);
$post_id = cmsCore::request('post_id', 'int', 0);
$bloglink = cmsCore::request('bloglink', 'str', '');
$seolink = cmsCore::request('seolink', 'str', '');
$page = cmsCore::request('page', 'int', 1);
$cat_id = cmsCore::request('cat_id', 'int', 0);
$ownertype = cmsCore::request('ownertype', 'str', '');
$on_moderate = cmsCore::request('on_moderate', 'int', 0);
$pagetitle = $inCore->getComponentTitle();
cmsCore::c('page')->addPathway($pagetitle, '/blogs');
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->setDescription(cmsCore::m('blogs')->config['meta_desc'] ? cmsCore::m('blogs')->config['meta_desc'] : $pagetitle);
cmsCore::c('page')->setKeywords(cmsCore::m('blogs')->config['meta_keys'] ? cmsCore::m('blogs')->config['meta_keys'] : $pagetitle);
cmsCore::c('page')->addHeadJsLang(array('CONFIG_BLOG','DEL_BLOG','YOU_REALY_DELETE_BLOG','NEW_CAT','RENAME_CAT','YOU_REALY_DELETE_CAT','YOU_REALY_DELETE_POST','NO_PUBLISHED'));
///////////////////////// МОЙ БЛОГ /////////////////////////////////////////
if ($inCore->do == 'my_blog'){
if(!cmsCore::c('user')->id){ cmsCore::error404(); }
$my_blog = cmsCore::c('blog')->getBlogByUserId(cmsCore::c('user')->id);
if (!$my_blog) {
cmsCore::redirect('/blogs/createblog.html');
} else {
cmsCore::redirect(cmsCore::m('blogs')->getBlogURL($my_blog['seolink']));
}
}
///////////////////////// ПОСЛЕДНИЕ ПОСТЫ //////////////////////////////////
if ($inCore->do=='view'){
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'.$_LANG['RSS_BLOGS'].'" href="'.HOST.'/rss/blogs/all/feed.rss">');
// кроме админов в списке только с доступом для всех
if(!cmsCore::c('user')->is_admin){
cmsCore::c('blog')->whereOnlyPublic();
}
// ограничиваем по рейтингу если надо
if(cmsCore::m('blogs')->config['list_min_rating']){
cmsCore::c('blog')->ratingGreaterThan(cmsCore::m('blogs')->config['list_min_rating']);
}
// всего постов
$total = cmsCore::c('blog')->getPostsCount(cmsCore::c('user')->is_admin);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('p.pubdate', 'DESC');
cmsCore::c('db')->limitPage($page, cmsCore::m('blogs')->config['perpage']);
// сами посты
$posts = cmsCore::c('blog')->getPosts(cmsCore::c('user')->is_admin, cmsCore::m('blogs'));
if(!$posts && $page > 1){ cmsCore::error404(); }
cmsPage::initTemplate('components', 'com_blog_view_posts')->
assign('pagetitle', $pagetitle)->
assign('ownertype', $ownertype)->
assign('total', $total)->
assign('posts', $posts)->
assign('pagination', cmsPage::getPagebar($total, $page, cmsCore::m('blogs')->config['perpage'], '/blogs/latest-%page%.html'))->
assign('cfg', cmsCore::m('blogs')->config)->
display();
}
////////// СОЗДАНИЕ БЛОГА //////////////////////////////////////////////////
if ($inCore->do=='create'){
//Проверяем авторизацию
if (!cmsCore::c('user')->id){ cmsUser::goToLogin(); }
//Если у пользователя уже есть блог, то выходим
if (cmsCore::c('blog')->getUserBlogId(cmsCore::c('user')->id)) { cmsCore::redirectBack(); }
cmsCore::c('page')->addPathway($_LANG['PATH_CREATING_BLOG']);
cmsCore::c('page')->setTitle($_LANG['CREATE_BLOG']);
if (IS_BILLING){ cmsBilling::checkBalance('blogs', 'add_blog'); }
//Показ формы создания блога
if (!cmsCore::inRequest('goadd')){
cmsPage::initTemplate('components', 'com_blog_create')->
assign('is_restrictions', (!cmsCore::c('user')->is_admin && cmsCore::m('blogs')->config['min_karma']))->
assign('cfg', cmsCore::m('blogs')->config)->
display();
}
//Сам процесс создания блога
if (cmsCore::inRequest('goadd')){
$title = cmsCore::request('title', 'str');
$allow_who = cmsCore::request('allow_who', 'str', 'all');
$ownertype = cmsCore::request('ownertype', 'str', 'single');
//Проверяем название
if (mb_strlen($title)<5){
cmsCore::addSessionMessage($_LANG['BLOG_ERR_TITLE'], 'error');
cmsCore::redirect('/blogs/createblog.html');
}
//Проверяем хватает ли кармы, но только если это не админ
if (cmsCore::m('blogs')->config['min_karma'] && !cmsCore::c('user')->is_admin){
// если персональный блог
if ($ownertype=='single' && (cmsCore::c('user')->karma < cmsCore::m('blogs')->config['min_karma_private'])){
cmsCore::addSessionMessage($_LANG['BLOG_YOU_NEED'].' <a href="/users/'.cmsCore::c('user')->id.'/karma.html">'.$_LANG['BLOG_KARMS'].'</a> '.$_LANG['FOR_CREATE_PERSON_BLOG'].' — '.cmsCore::m('blogs')->config['min_karma_private'].', '.$_LANG['BLOG_HEAVING'].' — '.cmsCore::c('user')->karma, 'error');
cmsCore::redirect('/blogs/createblog.html');
}
// если коллективный блог
if ($ownertype=='multi' && (cmsCore::c('user')->karma < cmsCore::m('blogs')->config['min_karma_public'])){
cmsCore::addSessionMessage($_LANG['BLOG_YOU_NEED'].' <a href="/users/'.cmsCore::c('user')->id.'/karma.html">'.$_LANG['BLOG_KARMS'].'</a> '.$_LANG['FOR_CREATE_TEAM_BLOG'].' — '.cmsCore::m('blogs')->config['min_karma_public'].', '.$_LANG['BLOG_HEAVING'].' — '.cmsCore::c('user')->karma, 'error');
cmsCore::redirect('/blogs/createblog.html');
}
}
//Добавляем блог в базу
$blog_id = cmsCore::c('blog')->addBlog(array('user_id'=>cmsCore::c('user')->id, 'title'=>$title, 'allow_who'=>$allow_who, 'ownertype'=>$ownertype, 'forall'=>1));
$blog_link = cmsCore::c('db')->get_field('cms_blogs', "id='{$blog_id}'", 'seolink');
//регистрируем событие
cmsActions::log('add_blog', array(
'object' => $title,
'object_url' => cmsCore::m('blogs')->getBlogURL($blog_link),
'object_id' => $blog_id,
'target' => '',
'target_url' => '',
'target_id' => 0,
'description' => ''
));
if (IS_BILLING){ cmsBilling::process('blogs', 'add_blog'); }
cmsCore::addSessionMessage($_LANG['BLOG_CREATED_TEXT'], 'info');
cmsCore::redirect(cmsCore::m('blogs')->getBlogURL($blog_link));
}
}
////////// НАСТРОЙКИ БЛОГА /////////////////////////////////////////////////
if ($inCore->do=='config'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
// получаем блог
$blog = cmsCore::c('blog')->getBlog($id);
if (!$blog) { cmsCore::error404(); }
//Проверяем является пользователь хозяином блога или админом
if ($blog['user_id'] != cmsCore::c('user')->id && !cmsCore::c('user')->is_admin ) { cmsCore::halt(); }
//Если нет запроса на сохранение, показываем форму настроек блога
if (!cmsCore::inRequest('goadd')){
//Получаем список авторов блога
$authors = cmsCore::c('blog')->getBlogAuthors($blog['id']);
cmsPage::initTemplate('components', 'com_blog_config')->
assign('blog', $blog)->
assign('form_action', '/blogs/'.$blog['id'].'/editblog.html')->
assign('authors_list', cmsUser::getAuthorsList($authors))->
assign('users_list', cmsUser::getUsersList(false, $authors))->
assign('is_restrictions', (!cmsCore::c('user')->is_admin && cmsCore::m('blogs')->config['min_karma']))->
assign('cfg', cmsCore::m('blogs')->config)->
assign('is_admin', cmsCore::c('user')->is_admin)->
display();
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
//Если пришел запрос на сохранение
if (cmsCore::inRequest('goadd')){
//Получаем настройки
$title = cmsCore::request('title', 'str');
$allow_who = cmsCore::request('allow_who', 'str', 'all');
$ownertype = cmsCore::request('ownertype', 'str', 'single');
$premod = cmsCore::request('premod', 'int', 0);
$forall = cmsCore::request('forall', 'int', 1);
$showcats = cmsCore::request('showcats', 'int', 1);
$authors = cmsCore::request('authorslist', 'array_int', array());
if (cmsCore::m('blogs')->config['seo_user_access'] || cmsCore::c('user')->is_admin) {
$page_title = cmsCore::request('pagetitle', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$meta_desc = cmsCore::request('meta_desc', 'str', '');
} else {
$page_title = $meta_keys = $meta_desc = '';
}
//Проверяем настройки
if (mb_strlen($title)<5) { $title = $blog['title']; }
//Проверяем ограничения по карме (для смены типа блога)
if (cmsCore::m('blogs')->config['min_karma'] && !cmsCore::c('user')->is_admin){
// если персональный блог
if ($ownertype=='single' && (cmsCore::c('user')->karma < cmsCore::m('blogs')->config['min_karma_private'])){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['BLOG_YOU_NEED'].' <a href="/users/'.cmsCore::c('user')->id.'/karma.html">'.$_LANG['BLOG_KARMS'].'</a> '.$_LANG['FOR_CREATE_PERSON_BLOG'].' — '.cmsCore::m('blogs')->config['min_karma_private'].', '.$_LANG['BLOG_HEAVING'].' — '.cmsCore::c('user')->karma));
}
// если коллективный блог
if ($ownertype=='multi' && (cmsCore::c('user')->karma < cmsCore::m('blogs')->config['min_karma_public'])){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['BLOG_YOU_NEED'].' <a href="/users/'.cmsCore::c('user')->id.'/karma.html">'.$_LANG['BLOG_KARMS'].'</a> '.$_LANG['FOR_CREATE_TEAM_BLOG'].' — '.cmsCore::m('blogs')->config['min_karma_public'].', '.$_LANG['BLOG_HEAVING'].' — '.cmsCore::c('user')->karma));
}
}
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
//сохраняем авторов
cmsCore::c('blog')->updateBlogAuthors($blog['id'], $authors);
//сохраняем настройки блога
$blog['seolink_new'] = cmsCore::c('blog')->updateBlog($blog['id'], array(
'title' => $title,
'pagetitle' => $page_title,
'meta_keys' => $meta_keys,
'meta_desc' => $meta_desc,
'allow_who' => $allow_who,
'showcats' => $showcats,
'ownertype' => $ownertype,
'premod' => $premod,
'forall' => $forall
), cmsCore::m('blogs')->config['update_seo_link_blog']);
$blog['seolink'] = $blog['seolink_new'] ? $blog['seolink_new'] : $blog['seolink'];
if(stripslashes($title) != $blog['title']){
// обновляем записи постов
cmsActions::updateLog('add_post', array('target' => $title, 'target_url' => cmsCore::m('blogs')->getBlogURL($blog['seolink'])), 0, $blog['id']);
// обновляем запись добавления блога
cmsActions::updateLog('add_blog', array('object' => $title, 'object_url' => cmsCore::m('blogs')->getBlogURL($blog['seolink'])), $blog['id']);
}
cmsCore::jsonOutput(array('error' => false, 'redirect' => cmsCore::m('blogs')->getBlogURL($blog['seolink'])));
}
}
////////// СПИСОК БЛОГОВ ///////////////////////////////////////////////////
if ($inCore->do=='view_blogs'){
// rss в адресной строке
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'.$_LANG['BLOGS'].'" href="'.HOST.'/rss/blogs/all/feed.rss">');
// тип блога
if($ownertype && $ownertype != 'all'){
cmsCore::c('blog')->whereOwnerTypeIs($ownertype);
}
// всего блогов
$total = cmsCore::c('blog')->getBlogsCount();
//устанавливаем сортировку
cmsCore::c('db')->orderBy('b.rating', 'DESC');
cmsCore::c('db')->limitPage($page, cmsCore::m('blogs')->config['perpage_blog']);
//Получаем список блогов
$blogs = cmsCore::c('blog')->getBlogs(cmsCore::m('blogs'));
if(!$blogs && $page > 1){ cmsCore::error404(); }
//Генерируем панель со страницами и устанавливаем заголовки страниц и глубиномера
switch ($ownertype){
case 'all':
cmsCore::c('page')->setTitle($_LANG['ALL_BLOGS']);
cmsCore::c('page')->setDescription($_LANG['BLOGS'] .' - '. $_LANG['ALL_BLOGS']);
cmsCore::c('page')->addPathway($_LANG['ALL_BLOGS']);
$link = '/blogs/all-%page%.html';
break;
case 'single':
cmsCore::c('page')->setTitle($_LANG['PERSONALS']);
cmsCore::c('page')->setDescription($_LANG['PERSONALS'] .' '. $_LANG['BLOGS']);
cmsCore::c('page')->addPathway($_LANG['PERSONALS']);
$link = '/blogs/single-%page%.html';
break;
case 'multi':
cmsCore::c('page')->setTitle($_LANG['COLLECTIVES']);
cmsCore::c('page')->setDescription($_LANG['COLLECTIVES'] .' '. $_LANG['BLOGS']);
cmsCore::c('page')->addPathway($_LANG['COLLECTIVES']);
$link = '/blogs/multi-%page%.html';
break;
}
if ($blogs) {
foreach ($blogs as $b) {
$k[] = $b['title'];
}
cmsCore::c('page')->setKeywords(implode(', ', $k));
}
cmsPage::initTemplate('components', 'com_blog_view_all')->
assign('cfg', cmsCore::m('blogs')->config)->
assign('total', $total)->
assign('ownertype', $ownertype)->
assign('blogs', $blogs)->
assign('pagination', cmsPage::getPagebar($total, $page, cmsCore::m('blogs')->config['perpage_blog'], $link))->
display();
}
////////// ПРОСМОТР БЛОГА //////////////////////////////////////////////////
if ($inCore->do == 'blog'){
// получаем блог
$blog = cmsCore::c('blog')->getBlog($bloglink);
// Совместимость со старыми ссылками на клубные блоги
// Пробуем клубный блог получить по ссылке
if (!$blog) {
$blog_user_id = cmsCore::c('db')->get_field('cms_blogs', "seolink = '$bloglink' AND owner = 'club'", 'user_id');
if($blog_user_id){
cmsCore::redirect('/clubs/'.$blog_user_id.'_blog', '301');
}
}
if (!$blog) { cmsCore::error404(); }
// Права доступа
$myblog = (cmsCore::c('user')->id && cmsCore::c('user')->id == $blog['user_id']); // автор блога
$is_writer = cmsCore::c('blog')->isUserBlogWriter($blog, cmsCore::c('user')->id); // может ли пользователь писать в блог
cmsCore::c('page')->addPathway($blog['title'], cmsCore::m('blogs')->getBlogURL($blog['seolink']));
// rss в адресной строке
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'.htmlspecialchars(strip_tags($blog['title'])).'" href="'.HOST.'/rss/blogs/'.$blog['id'].'/feed.rss">');
if($myblog || cmsCore::c('user')->is_admin){
cmsCore::c('page')->addHeadJS('components/blogs/js/blog.js');
}
//Если доступа нет, возвращаемся и выводим сообщение об ошибке
if (!cmsUser::checkUserContentAccess($blog['allow_who'], $blog['user_id'])){
cmsCore::addSessionMessage($_LANG['CLOSED_BLOG'].'<br>'.$_LANG['CLOSED_BLOG_TEXT'], 'error');
cmsCore::redirect('/blogs');
}
// Если показываем посты на модерации, если запрашиваем их
if($on_moderate){
if(!cmsCore::c('user')->is_admin && !($myblog && $blog['ownertype'] == 'multi' && $blog['premod'])){
cmsCore::error404();
}
cmsCore::c('blog')->whereNotPublished();
cmsCore::c('page')->setTitle($_LANG['POSTS_ON_MODERATE']);
cmsCore::c('page')->addPathway($_LANG['POSTS_ON_MODERATE']);
$blog['title'] .= ' - '.$_LANG['POSTS_ON_MODERATE'];
}
//Получаем html-код ссылки на автора с иконкой его пола
$blog['author'] = cmsUser::getGenderLink($blog['user_id']);
// посты данного блога
cmsCore::c('blog')->whereBlogIs($blog['id']);
// кроме админов автора в списке только с доступом для всех
if(!cmsCore::c('user')->is_admin && !$myblog && !cmsCore::c('user')->isFriend($blog['user_id'])){
cmsCore::c('blog')->whereOnlyPublic();
}
// если пришла категория
if($cat_id){
$all_total = cmsCore::c('blog')->getPostsCount(cmsCore::c('user')->is_admin || $myblog);
cmsCore::c('blog')->whereCatIs($cat_id);
}
// всего постов
$total = cmsCore::c('blog')->getPostsCount(cmsCore::c('user')->is_admin || $myblog);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('p.pubdate', 'DESC');
cmsCore::c('db')->limitPage($page, cmsCore::m('blogs')->config['perpage']);
// сами посты
$posts = cmsCore::c('blog')->getPosts((cmsCore::c('user')->is_admin || $myblog), cmsCore::m('blogs'));
if(!$posts && $page > 1){ cmsCore::error404(); }
//Если нужно, получаем список рубрик (категорий) этого блога
$blogcats = $blog['showcats'] ? cmsCore::c('blog')->getBlogCats($blog['id']) : false;
//Считаем количество постов, ожидающих модерации
$on_moderate = (cmsCore::c('user')->is_admin || $myblog) && !$on_moderate ? cmsCore::c('blog')->getModerationCount($blog['id']) : false;
// админлинки
$blog['moderate_link'] = cmsCore::m('blogs')->getBlogURL($blog['seolink']).'/moderate.html';
$blog['blog_link'] = cmsCore::m('blogs')->getBlogURL($blog['seolink']);
$blog['add_post_link'] = '/blogs/'.$blog['id'].'/newpost'.($cat_id ? $cat_id : '').'.html';
//Генерируем панель со страницами
if ($cat_id){
$pagination = cmsPage::getPagebar($total, $page, cmsCore::m('blogs')->config['perpage'], $blog['blog_link'].'/page-%page%/cat-'.$cat_id);
} else {
$pagination = cmsPage::getPagebar($total, $page, cmsCore::m('blogs')->config['perpage'], $blog['blog_link'].'/page-%page%');
}
// SEO
cmsCore::c('page')->setTitle($blog['pagetitle'] ? $blog['pagetitle'] : $blog['title']);
cmsCore::c('page')->setDescription($blog['meta_desc'] ? $blog['meta_desc'] : $blog['title']);
// keywords
if ($blog['meta_keys']) {
$meta_keys = $blog['meta_keys'];
} else if ($posts) {
foreach ($posts as $p) {
$k[] = $p['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $blog['title'];
}
cmsCore::c('page')->setKeywords($meta_keys);
cmsPage::initTemplate('components', 'com_blog_view')->
assign('myblog', $myblog)->
assign('is_config', true)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('is_writer', $is_writer)->
assign('on_moderate', $on_moderate)->
assign('cat_id', $cat_id)->
assign('blogcats', $blogcats)->
assign('total', $total)->
assign('all_total', (isset($all_total) ? $all_total : 0))->
assign('blog', $blog)->assign('posts', $posts)->
assign('pagination', $pagination)->
display();
}
////////// НОВЫЙ ПОСТ / РЕДАКТИРОВАНИЕ ПОСТА ///////////////////////////////
if ($inCore->do == 'newpost' || $inCore->do == 'editpost'){
if (!cmsCore::c('user')->id){ cmsUser::goToLogin(); }
// для редактирования сначала получаем пост
if($inCore->do == 'editpost'){
$post = cmsCore::c('blog')->getPost($post_id);
if (!$post){ cmsCore::error404(); }
$id = $post['blog_id'];
$post['tags'] = cmsTagLine('blogpost', $post['id'], false);
}
// получаем блог
$blog = cmsCore::c('blog')->getBlog($id);
if (!$blog) { cmsCore::error404(); }
//Если доступа нет, возвращаемся и выводим сообщение об ошибке
if (!cmsUser::checkUserContentAccess($blog['allow_who'], $blog['user_id'])){
cmsCore::addSessionMessage($_LANG['CLOSED_BLOG'].'<br>'.$_LANG['CLOSED_BLOG_TEXT'], 'error');
cmsCore::redirect('/blogs');
}
// Права доступа
$myblog = (cmsCore::c('user')->id && cmsCore::c('user')->id == $blog['user_id']); // автор блога
$is_writer = cmsCore::c('blog')->isUserBlogWriter($blog, cmsCore::c('user')->id); // может ли пользователь писать в блог
// если не его блог, пользователь не писатель и не админ, вне зависимости от авторства показываем 404
if (!$myblog && !$is_writer && !cmsCore::c('user')->is_admin ) { cmsCore::error404(); }
// проверяем является ли пользователь автором, если редактируем пост
if (($inCore->do == 'editpost') && !cmsCore::c('user')->is_admin && $post['user_id'] != cmsCore::c('user')->id) { cmsCore::error404(); }
//Если еще не было запроса на сохранение
if (!cmsCore::inRequest('goadd')){
cmsCore::c('page')->addPathway($blog['title'], cmsCore::m('blogs')->getBlogURL($blog['seolink']));
//для нового поста
if ($inCore->do == 'newpost'){
if (IS_BILLING){ cmsBilling::checkBalance('blogs', 'add_post'); }
cmsCore::c('page')->addPathway($_LANG['NEW_POST']);
cmsCore::c('page')->setTitle($_LANG['NEW_POST']);
$post = cmsUser::sessionGet('mod');
if ($post){
cmsUser::sessionDel('mod');
} else {
$post['cat_id'] = $cat_id;
$post['comments'] = 1;
}
}
//для редактирования поста
if ($inCore->do=='editpost'){
cmsCore::c('page')->addPathway($post['title'], cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink']));
cmsCore::c('page')->addPathway($_LANG['EDIT_POST']);
cmsCore::c('page')->setTitle($_LANG['EDIT_POST']);
}
cmsCore::c('page')->initAutocomplete();
$autocomplete_js = cmsCore::c('page')->getAutocompleteJS('tagsearch', 'tags');
//получаем рубрики блога
$cat_list = cmsCore::getListItems('cms_blog_cats', $post['cat_id'], 'id', 'ASC', "blog_id = '{$blog['id']}'");
//получаем код панелей bbcode и смайлов
$bb_toolbar = cmsPage::getBBCodeToolbar('message',cmsCore::m('blogs')->config['img_on'], 'blogs', 'blog_post', $post_id);
$smilies = cmsPage::getSmilesPanel('message');
$inCore->initAutoGrowText('#message');
//показываем форму
cmsPage::initTemplate('components', 'com_blog_edit_post')->
assign('blog', $blog)->
assign('pagetitle', ($inCore->do=='editpost' ? $_LANG['EDIT_POST'] : $_LANG['NEW_POST']))->
assign('mod', $post)->
assign('cat_list', $cat_list)->
assign('bb_toolbar', $bb_toolbar)->
assign('smilies', $smilies)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('cfg', cmsCore::m('blogs')->config)->
assign('myblog', $myblog)->
assign('user_can_iscomments', cmsUser::isUserCan('comments/iscomments'))->
assign('autocomplete_js', $autocomplete_js)->
display();
}
//Если есть запрос на сохранение
if (cmsCore::inRequest('goadd')) {
$errors = false;
//Получаем параметры
$mod['title'] = cmsCore::request('title', 'str');
$mod['content'] = cmsCore::request('content', 'html');
$mod['feel'] = cmsCore::request('feel', 'str', '');
$mod['music'] = cmsCore::request('music', 'str', '');
$mod['cat_id'] = cmsCore::request('cat_id', 'int');
$mod['allow_who']= cmsCore::request('allow_who', 'str', $blog['allow_who']);
$mod['tags'] = cmsCore::request('tags', 'str', '');
$mod['comments'] = cmsCore::request('comments', 'int', 1);
if (cmsCore::m('blogs')->config['seo_user_access'] || cmsCore::c('user')->is_admin) {
$mod['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$mod['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$mod['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
$mod['published']= ($myblog || !$blog['premod']) ? 1 : 0;
$mod['blog_id'] = $blog['id'];
//Проверяем их
if (mb_strlen($mod['title'])<2) { cmsCore::addSessionMessage($_LANG['POST_ERR_TITLE'], 'error'); $errors = true; }
if (mb_strlen($mod['content'])<5) { cmsCore::addSessionMessage($_LANG['POST_ERR_TEXT'], 'error'); $errors = true; }
// Если есть ошибки, возвращаемся назад
if($errors){
cmsUser::sessionPut('mod', $mod);
cmsCore::redirectBack();
}
//Если нет ошибок
//добавляем новый пост...
if ($inCore->do=='newpost'){
if (IS_BILLING){ cmsBilling::process('blogs', 'add_post'); }
$mod['pubdate'] = date( 'Y-m-d H:i:s');
$mod['user_id'] = cmsCore::c('user')->id;
// добавляем пост, получая его id и seolink
$added = cmsCore::c('blog')->addPost($mod);
$mod = array_merge($mod, $added);
if ($mod['published']) {
$mod['seolink'] = cmsCore::m('blogs')->getPostURL($blog['seolink'], $mod['seolink']);
if ($blog['allow_who'] != 'nobody' && $mod['allow_who'] != 'nobody') {
cmsCore::callEvent('ADD_POST_DONE', $mod);
cmsActions::log('add_post', array(
'object' => $mod['title'],
'object_url' => $mod['seolink'],
'object_id' => $mod['id'],
'target' => $blog['title'],
'target_url' => cmsCore::m('blogs')->getBlogURL($blog['seolink']),
'target_id' => $blog['id'],
'description' => '',
'is_friends_only' => (int)($blog['allow_who'] == 'friends' || $mod['allow_who'] == 'friends')
));
}
cmsCore::addSessionMessage($_LANG['POST_CREATED'], 'success');
cmsCore::redirect($mod['seolink']);
}
if (!$mod['published']) {
$message = str_replace('%user%', cmsUser::getProfileLink(cmsCore::c('user')->login, cmsCore::c('user')->nickname), $_LANG['MSG_POST_SUBMIT']);
$message = str_replace('%post%', '<a href="'.cmsCore::m('blogs')->getPostURL($blog['seolink'], $added['seolink']).'">'.$mod['title'].'</a>', $message);
$message = str_replace('%blog%', '<a href="'.cmsCore::m('blogs')->getBlogURL($blog['seolink']).'">'.$blog['title'].'</a>', $message);
cmsUser::sendMessage(USER_UPDATER, $blog['user_id'], $message);
cmsCore::addSessionMessage($_LANG['POST_PREMODER_TEXT'], 'info');
cmsCore::redirect(cmsCore::m('blogs')->getBlogURL($blog['seolink']));
}
}
//...или сохраняем пост после редактирования
if ($inCore->do=='editpost') {
if (cmsCore::m('blogs')->config['update_date']){
$mod['pubdate'] = date( 'Y-m-d H:i:s');
}
$mod['edit_times'] = (int)$post['edit_times']+1;
$new_post_seolink = cmsCore::c('blog')->updatePost($post['id'], $mod, cmsCore::m('blogs')->config['update_seo_link']);
$post['seolink'] = is_string($new_post_seolink) ? $new_post_seolink : $post['seolink'];
cmsActions::updateLog(
'add_post',
array(
'object' => $mod['title'],
'pubdate' => cmsCore::m('blogs')->config['update_date'] ? $mod['pubdate'] : $post['pubdate'],
'object_url' => cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink'])
),
$post['id']
);
if (!$mod['published']) {
$message = str_replace('%user%', cmsUser::getProfileLink(cmsCore::c('user')->login, cmsCore::c('user')->nickname), $_LANG['MSG_POST_UPDATE']);
$message = str_replace('%post%', '<a href="'.cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink']).'">'.$mod['title'].'</a>', $message);
$message = str_replace('%blog%', '<a href="'.cmsCore::m('blogs')->getBlogURL($blog['seolink']).'">'.$blog['title'].'</a>', $message);
cmsUser::sendMessage(USER_UPDATER, $blog['user_id'], $message);
cmsCore::addSessionMessage($_LANG['POST_PREMODER_TEXT'], 'info');
} else {
cmsCore::addSessionMessage($_LANG['POST_UPDATED'], 'success');
}
cmsCore::redirect(cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink']));
}
}
}
////////// НОВАЯ РУБРИКА / РЕДАКТИРОВАНИЕ РУБРИКИ //////////////////////////
if ($inCore->do == 'newcat' || $inCore->do == 'editcat'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
$cat = array();
// Для редактирования сначала получаем рубрику
if ($inCore->do == 'editcat'){
$cat = cmsCore::c('blog')->getBlogCategory($cat_id);
if (!$cat) { cmsCore::halt(); }
$id = $cat['blog_id'];
}
// получаем блог
$blog = cmsCore::c('blog')->getBlog($id);
if (!$blog) { cmsCore::halt(); }
//Проверяем является пользователь хозяином блога или админом
if ($blog['user_id'] != cmsCore::c('user')->id && !cmsCore::c('user')->is_admin ) { cmsCore::halt(); }
//Если нет запроса на сохранение
if (!cmsCore::inRequest('goadd')){
cmsPage::initTemplate('components', 'com_blog_edit_cat')->
assign('mod', $cat)->
assign('form_action', ($inCore->do=='newcat' ? '/blogs/'.$blog['id'].'/newcat.html' : '/blogs/editcat'.$cat['id'].'.html'))->
display();
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
//Если есть запрос на сохранение
if (cmsCore::inRequest('goadd')){
$new_cat['title'] = cmsCore::request('title', 'str', '');
$new_cat['description'] = cmsCore::request('description', 'str', '');
$new_cat['blog_id'] = $blog['id'];
if (mb_strlen($new_cat['title'])<3) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CAT_ERR_TITLE'])); }
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
//новая рубрика
if ($inCore->do=='newcat'){
$cat['id'] = cmsCore::c('blog')->addBlogCategory($new_cat);
cmsCore::addSessionMessage($_LANG['CAT_IS_ADDED'], 'success');
}
//редактирование рубрики
if ($inCore->do=='editcat'){
cmsCore::c('blog')->updateBlogCategory($cat['id'], $new_cat);
cmsCore::addSessionMessage($_LANG['CAT_IS_UPDATED'], 'success');
}
cmsCore::jsonOutput(array('error' => false, 'redirect' => cmsCore::m('blogs')->getBlogURL($blog['seolink'], 1, $cat['id'])));
}
}
///////////////////////// УДАЛЕНИЕ РУБРИКИ /////////////////////////////////
if ($inCore->do == 'delcat'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
$cat = cmsCore::c('blog')->getBlogCategory($cat_id);
if (!$cat) { cmsCore::halt(); }
$blog = cmsCore::c('blog')->getBlog($cat['blog_id']);
if (!$blog) { cmsCore::halt(); }
if ($blog['user_id'] != cmsCore::c('user')->id && !cmsCore::c('user')->is_admin) { cmsCore::halt(); }
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
cmsCore::c('blog')->deleteBlogCategory($cat['id']);
cmsCore::addSessionMessage($_LANG['CAT_IS_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => cmsCore::m('blogs')->getBlogURL($blog['seolink'])));
}
////////////////////////// ПРОСМОТР ПОСТА //////////////////////////////////
if($inCore->do == 'post'){
$post = cmsCore::c('blog')->getPost($seolink);
if (!$post){ cmsCore::error404(); }
$blog = cmsCore::c('blog')->getBlog($post['blog_id']);
// Совместимость со старыми ссылками на клубные посты блога
if (!$blog) {
$blog_user_id = cmsCore::c('db')->get_field('cms_blogs', "id = '{$post['blog_id']}' AND owner = 'club'", 'user_id');
if($blog_user_id){
cmsCore::redirect('/clubs/'.$blog_user_id.'_'.$post['seolink'].'.html', '301');
}
}
if (!$blog) { cmsCore::error404(); }
// Проверяем сеолинк блога и делаем редирект если он изменился
if($bloglink != $blog['seolink']) {
cmsCore::redirect(cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink']), '301');
}
// право просмотра блога
if (!cmsUser::checkUserContentAccess($blog['allow_who'], $blog['user_id'])){
cmsCore::addSessionMessage($_LANG['CLOSED_BLOG'].'<br>'.$_LANG['CLOSED_BLOG_TEXT'], 'error');
cmsCore::redirect('/blogs');
}
// право просмотра самого поста
if (!cmsUser::checkUserContentAccess($post['allow_who'], $post['user_id'])){
cmsCore::addSessionMessage($_LANG['CLOSED_POST'].'<br>'.$_LANG['CLOSED_POST_TEXT'], 'error');
cmsCore::redirect(cmsCore::m('blogs')->getBlogURL($blog['seolink']));
}
if (cmsCore::c('user')->id) {
cmsCore::c('page')->addHeadJS('components/blogs/js/blog.js');
}
cmsCore::c('page')->addPathway($blog['title'], cmsCore::m('blogs')->getBlogURL($blog['seolink']));
cmsCore::c('page')->addPathway($post['title']);
cmsCore::c('page')->setTitle($post['pagetitle'] ? $post['pagetitle'] : $post['title']);
cmsCore::c('page')->setDescription($post['meta_desc'] ? $post['meta_desc'] : crop($post['content_html']));
cmsCore::c('page')->setKeywords($post['meta_keys'] ? $post['meta_keys'] : $post['title']);
if ($post['cat_id']){
$cat = cmsCore::c('blog')->getBlogCategory($post['cat_id']);
}
$post['tags'] = cmsTagBar('blogpost', $post['id']);
$is_author = (cmsCore::c('user')->id && cmsCore::c('user')->id == $post['user_id']);
// увеличиваем кол-во просмотров
if (!$is_author) {
cmsCore::c('db')->setFlag('cms_blog_posts', $post['id'], 'hits', $post['hits']+1);
}
cmsPage::initTemplate('components', 'com_blog_view_post')->
assign('post', $post)->
assign('blog', $blog)->assign('cat', $cat)->
assign('is_author', $is_author)->
assign('is_writer', cmsCore::c('blog')->isUserBlogWriter($blog, cmsCore::c('user')->id))->
assign('myblog', (cmsCore::c('user')->id && cmsCore::c('user')->id == $blog['user_id']))->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('karma_form', cmsKarmaForm('blogpost', $post['id'], $post['rating'], $is_author))->
assign('navigation', cmsCore::c('blog')->getPostNavigation($post['id'], $blog['id'], cmsCore::m('blogs'), $blog['seolink']))->
display();
if ($inCore->isComponentEnable('comments') && $post['comments']) {
cmsCore::includeComments();
comments('blog', $post['id'], array(), $is_author);
}
}
///////////////////////// УДАЛЕНИЕ ПОСТА ///////////////////////////////////
if ($inCore->do == 'delpost'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
$post = cmsCore::c('blog')->getPost($post_id);
if (!$post){ cmsCore::halt(); }
$blog = cmsCore::c('blog')->getBlog($post['blog_id']);
if (!$blog) { cmsCore::halt(); }
$myblog = (cmsCore::c('user')->id == $blog['user_id']); // автор блога
$is_writer = cmsCore::c('blog')->isUserBlogWriter($blog, cmsCore::c('user')->id);
// если не его блог, пользователь не писатель и не админ
if (!$myblog && !$is_writer && !cmsCore::c('user')->is_admin ) { cmsCore::halt(); }
// проверяем является ли пользователь автором
if (!cmsCore::c('user')->is_admin && !$myblog && $post['user_id'] != cmsCore::c('user')->id) { cmsCore::halt(); }
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
cmsCore::c('blog')->deletePost($post['id']);
if (cmsCore::c('user')->id != $post['user_id']){
cmsUser::sendMessage(USER_UPDATER, $post['user_id'], $_LANG['YOUR_POST'].' <b>«'.$post['title'].'»</b> '.$_LANG['WAS_DELETED_FROM_BLOG'].' <b>«<a href="'.cmsCore::m('blogs')->getBlogURL($blog['seolink']).'">'.$blog['title'].'</a>»</b>');
}
cmsCore::addSessionMessage($_LANG['POST_IS_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => cmsCore::m('blogs')->getBlogURL($blog['seolink'])));
}
///////////////////////// ПУБЛИКАЦИЯ ПОСТА /////////////////////////////////
if ($inCore->do == 'publishpost'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
$post = cmsCore::c('blog')->getPost($post_id);
if (!$post){ cmsCore::halt(); }
$blog = cmsCore::c('blog')->getBlog($post['blog_id']);
if (!$blog) { cmsCore::halt(); }
// публикуют авторы блога и админы
if ($blog['user_id'] != cmsCore::c('user')->id && !cmsCore::c('user')->is_admin) { cmsCore::halt(); }
cmsCore::c('blog')->publishPost($post_id);
$post['seolink'] = cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink']);
if ($blog['allow_who'] == 'all' && $post['allow_who'] == 'all') { cmsCore::callEvent('ADD_POST_DONE', $post); }
if ($blog['allow_who'] != 'nobody' && $post['allow_who'] != 'nobody'){
cmsActions::log('add_post', array(
'object' => $post['title'],
'user_id' => $post['user_id'],
'object_url' => $post['seolink'],
'object_id' => $post['id'],
'target' => $blog['title'],
'target_url' => cmsCore::m('blogs')->getBlogURL($blog['seolink']),
'target_id' => $blog['id'],
'description' => '',
'is_friends_only' => (int)($blog['allow_who'] == 'friends' || $post['allow_who'] == 'friends')
));
}
cmsUser::sendMessage(USER_UPDATER, $post['user_id'], $_LANG['YOUR_POST'].' <b>«<a href="'.$post['seolink'].'">'.$post['title'].'</a>»</b> '.$_LANG['PUBLISHED_IN_BLOG'].' <b>«<a href="'.cmsCore::m('blogs')->getBlogURL($blog['seolink']).'">'.$blog['title'].'</a>»</b>');
cmsCore::halt('ok');
}
///////////////////////// УДАЛЕНИЕ БЛОГА ///////////////////////////////////
if ($inCore->do == 'delblog'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
// получаем блог
$blog = cmsCore::c('blog')->getBlog($id);
if (!$blog) { cmsCore::error404(); }
//Проверяем является пользователь хозяином блога или админом
if ($blog['user_id'] != cmsCore::c('user')->id && !cmsCore::c('user')->is_admin ) { cmsCore::halt(); }
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
cmsCore::c('blog')->deleteBlog($blog['id']);
cmsCore::addSessionMessage($_LANG['BLOG_IS_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/blogs'));
}
////////// VIEW POPULAR POSTS //////////////////////////////////////////////
if ($inCore->do=='best'){
cmsCore::c('page')->setTitle($_LANG['POPULAR_IN_BLOGS']);
cmsCore::c('page')->addPathway($_LANG['POPULAR_IN_BLOGS']);
cmsCore::c('page')->setDescription($_LANG['POPULAR_IN_BLOGS']);
// кроме админов в списке только с доступом для всех
if(!cmsCore::c('user')->is_admin){
cmsCore::c('blog')->whereOnlyPublic();
}
// ограничиваем по рейтингу если надо
if(cmsCore::m('blogs')->config['list_min_rating']){
cmsCore::c('blog')->ratingGreaterThan(cmsCore::m('blogs')->config['list_min_rating']);
}
// всего постов
$total = cmsCore::c('blog')->getPostsCount(cmsCore::c('user')->is_admin);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('p.rating', 'DESC');
cmsCore::c('db')->limitPage($page, cmsCore::m('blogs')->config['perpage']);
// сами посты
$posts = cmsCore::c('blog')->getPosts(cmsCore::c('user')->is_admin, cmsCore::m('blogs'));
if(!$posts && $page > 1){ cmsCore::error404(); }
cmsPage::initTemplate('components', 'com_blog_view_posts')->
assign('pagetitle', $_LANG['POPULAR_IN_BLOGS'])->
assign('total', $total)->
assign('ownertype', $ownertype)->
assign('posts', $posts)->
assign('pagination', cmsPage::getPagebar($total, $page, cmsCore::m('blogs')->config['perpage'], '/blogs/popular-%page%.html'))->
assign('cfg', cmsCore::m('blogs')->config)->
display();
}
}
function registration()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$inConf = cmsConfig::getInstance();
$model = new cms_model_registration();
cmsCore::loadModel('users');
$users_model = new cms_model_users();
global $_LANG;
$do = $inCore->do;
//============================================================================//
if ($do == 'sendremind') {
if ($inUser->id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['REMINDER_PASS']);
$inPage->addPathway($_LANG['REMINDER_PASS']);
if (!cmsCore::inRequest('goremind')) {
cmsPage::initTemplate('components', 'com_registration_sendremind')->display('com_registration_sendremind.tpl');
} else {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$email = cmsCore::request('email', 'email', '');
if (!$email) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
cmsCore::redirectBack();
}
$usr = cmsUser::getShortUserData($email);
if (!$usr || $usr['is_locked'] || $usr['is_deleted']) {
cmsCore::addSessionMessage($_LANG['ADRESS'] . ' "' . $email . '" ' . $_LANG['NOT_IN_OUR_BASE'], 'error');
cmsCore::redirectBack();
}
if (cmsUser::userIsAdmin($usr['id'])) {
cmsCore::addSessionMessage($_LANG['NOT_ADMIN_SENDREMIND'], 'error');
cmsCore::redirectBack();
}
$usercode = md5($usr['id'] . '-' . uniqid() . '-' . microtime() . '-' . PATH);
$sql = "INSERT cms_users_activate (pubdate, user_id, code)\n VALUES (NOW(), '{$usr['id']}', '{$usercode}')";
$inDB->query($sql);
$newpass_link = HOST . '/registration/remind/' . $usercode;
$mail_message = $_LANG['HELLO'] . ', ' . $usr['nickname'] . '!' . "\n\n";
$mail_message .= $_LANG['REMINDER_TEXT'] . ' "' . $inConf->sitename . '".' . "\n\n";
$mail_message .= $_LANG['YOUR_LOGIN'] . ': ' . $usr['login'] . "\n\n";
$mail_message .= $_LANG['NEW_PASS_LINK'] . ":\n" . $newpass_link . "\n\n";
$mail_message .= $_LANG['LINK_EXPIRES'] . "\n\n";
$mail_message .= $_LANG['SIGNATURE'] . ', ' . $inConf->sitename . ' (' . HOST . ').' . "\n";
$mail_message .= date('d-m-Y (H:i)');
$inCore->mailText($email, $inConf->sitename . ' - ' . $_LANG['REMINDER_PASS'], $mail_message);
cmsCore::addSessionMessage($_LANG['NEW_PAS_SENDED'], 'info');
cmsCore::redirect('/login');
}
}
//============================================================================//
if ($do == 'remind') {
if ($inUser->id) {
cmsCore::error404();
}
$usercode = cmsCore::request('code', 'str', '');
//проверяем формат кода
if (!preg_match('/^[0-9a-f]{32}$/i', $usercode)) {
cmsCore::error404();
}
// проверяем код
$user_id = $inDB->get_field('cms_users_activate', "code = '{$usercode}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
//получаем пользователя
$user = $inDB->get_fields('cms_users', "id = '{$user_id}'", '*');
if (!$user) {
cmsCore::error404();
}
if (cmsUser::userIsAdmin($user['id'])) {
cmsCore::error404();
}
if (cmsCore::inRequest('submit')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
$md5_pass = md5($pass);
$inDB->query("UPDATE cms_users SET password = '******', logdate = NOW() WHERE id = '{$user['id']}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$usercode}'");
cmsCore::addSessionMessage($_LANG['CHANGE_PASS_COMPLETED'], 'info');
$inUser->signInUser($user['login'], $pass, true);
cmsCore::redirect(cmsUser::getProfileURL($user['login']));
}
$inPage->setTitle($_LANG['RECOVER_PASS']);
$inPage->addPathway($_LANG['RECOVER_PASS']);
cmsPage::initTemplate('components', 'com_registration_remind')->assign('cfg', $model->config)->assign('user', $user)->display('com_registration_remind.tpl');
}
//============================================================================//
if ($do == 'register') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::error404();
}
}
// регистрация закрыта
if (!$model->config['is_on']) {
cmsCore::error404();
}
// регистрация по инвайтам
if ($model->config['reg_type'] == 'invite') {
if (!$users_model->checkInvite(cmsUser::sessionGet('invite_code'))) {
cmsCore::error404();
}
}
$errors = false;
// получаем данные
$item['login'] = cmsCore::request('login', 'str', '');
$item['email'] = cmsCore::request('email', 'email');
$item['icq'] = cmsCore::request('icq', 'str', '');
$item['city'] = cmsCore::request('city', 'str', '');
$item['nickname'] = cmsCore::request('nickname', 'str', '');
$item['realname1'] = cmsCore::request('realname1', 'str', '');
$item['realname2'] = cmsCore::request('realname2', 'str', '');
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
// проверяем логин
if (mb_strlen($item['login']) < 2 || mb_strlen($item['login']) > 15 || is_numeric($item['login']) || !preg_match("/^([a-z0-9])+\$/ui", $item['login'])) {
cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error');
$errors = true;
}
// проверяем пароль
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
// Проверяем nickname или имя и фамилию
if ($model->config['name_mode'] == 'nickname') {
if (!$item['nickname']) {
cmsCore::addSessionMessage($_LANG['TYPE_NICKNAME'], 'error');
$errors = true;
}
} else {
if (!$item['realname1']) {
cmsCore::addSessionMessage($_LANG['TYPE_NAME'], 'error');
$errors = true;
}
if (!$item['realname2']) {
cmsCore::addSessionMessage($_LANG['TYPE_SONAME'], 'error');
$errors = true;
}
$item['nickname'] = trim($item['realname1']) . ' ' . trim($item['realname2']);
}
if (mb_strlen($item['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
if ($model->getBadNickname($item['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
// Проверяем email
if (!$item['email']) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
$errors = true;
}
// День рождения
list($item['bday'], $item['bmonth'], $item['byear']) = array_values(cmsCore::request('birthdate', 'array_int', array()));
$item['birthdate'] = sprintf('%04d-%02d-%02d', $item['byear'], $item['bmonth'], $item['bday']);
// получаем данные конструктора форм
$item['formsdata'] = '';
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$item['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
// Проверяем каптчу
if (!cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// проверяем есть ли такой пользователь
$user_exist = $inDB->get_fields('cms_users', "(login LIKE '{$item['login']}' OR email LIKE '{$item['email']}') AND is_deleted = 0", 'id, login, email');
if ($user_exist) {
if ($user_exist['login'] == $item['login']) {
cmsCore::addSessionMessage($_LANG['LOGIN'] . ' "' . $item['login'] . '" ' . $_LANG['IS_BUSY'], 'error');
$errors = true;
} else {
cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error');
$errors = true;
}
}
// В случае ошибок, возвращаемся в форму
if ($errors) {
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/registration');
}
//////////////////////////////////////////////
//////////// РЕГИСТРАЦИЯ /////////////////////
//////////////////////////////////////////////
$item['is_locked'] = $model->config['act'];
$item['password'] = md5($pass);
$item['orig_password'] = $pass;
$item['group_id'] = $model->config['default_gid'];
$item['regdate'] = date('Y-m-d H:i:s');
$item['logdate'] = date('Y-m-d H:i:s');
if (cmsUser::sessionGet('invite_code')) {
$invite_code = cmsUser::sessionGet('invite_code');
$item['invited_by'] = (int) $users_model->getInviteOwner($invite_code);
if ($item['invited_by']) {
$users_model->closeInvite($invite_code);
}
cmsUser::sessionDel('invite_code');
} else {
$item['invited_by'] = 0;
}
$item = cmsCore::callEvent('USER_BEFORE_REGISTER', $item);
$item['id'] = $item['user_id'] = $inDB->insert('cms_users', $item);
if (!$item['id']) {
cmsCore::error404();
}
$inDB->insert('cms_user_profiles', $item);
cmsCore::callEvent('USER_REGISTER', $item);
if ($item['is_locked']) {
$model->sendActivationNotice($pass, $item['id']);
cmsPage::includeTemplateFile('special/regactivate.php');
cmsCore::halt();
} else {
cmsActions::log('add_user', array('object' => '', 'user_id' => $item['id'], 'object_url' => '', 'object_id' => $item['id'], 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($item['id']);
}
$model->sendRegistrationNotice($pass, $item['id']);
$back_url = $inUser->signInUser($item['login'], $pass, true);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'view') {
$pagetitle = $inCore->getComponentTitle();
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$inPage->addHeadJsLang(array('WRONG_PASS'));
// Если пользователь авторизован, то не показываем форму регистрации, редирект в профиль.
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
$correct_invite = cmsUser::sessionGet('invite_code') ? true : false;
if ($model->config['reg_type'] == 'invite' && cmsCore::inRequest('invite_code')) {
$invite_code = cmsCore::request('invite_code', 'str', '');
$correct_invite = $users_model->checkInvite($invite_code);
if ($correct_invite) {
cmsUser::sessionPut('invite_code', $invite_code);
} else {
cmsCore::addSessionMessage($_LANG['INCORRECT_INVITE'], 'error');
}
}
$item = cmsUser::sessionGet('item');
if ($item) {
cmsUser::sessionDel('item');
}
if (empty($item['birthdate'])) {
$item['birthdate'] = date('Y-m-d');
}
$private_forms = array();
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, array(), true));
}
}
}
cmsPage::initTemplate('components', 'com_registration')->assign('cfg', $model->config)->assign('item', $item)->assign('pagetitle', $pagetitle)->assign('correct_invite', $correct_invite)->assign('private_forms', $private_forms)->display('com_registration.tpl');
}
//============================================================================//
if ($do == 'activate') {
$code = cmsCore::request('code', 'str', '');
if (!$code) {
cmsCore::error404();
}
$user_id = $inDB->get_field('cms_users_activate', "code = '{$code}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_locked = 0 WHERE id = '{$user_id}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$code}'");
cmsCore::callEvent('USER_ACTIVATED', $user_id);
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($user_id);
}
// Регистрируем событие
cmsActions::log('add_user', array('object' => '', 'user_id' => $user_id, 'object_url' => '', 'object_id' => $user_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::addSessionMessage($_LANG['ACTIVATION_COMPLETE'], 'info');
cmsUser::goToLogin();
}
//============================================================================//
if ($do == 'auth') {
//====================//
//== разлогивание ==//
if (cmsCore::inRequest('logout')) {
$inUser->logout();
cmsCore::redirect('/');
}
//====================//
//== авторизация ==//
if (!cmsCore::inRequest('logout')) {
// флаг неуспешных авторизаций
$anti_brute_force = cmsUser::sessionGet('anti_brute_force');
$login = cmsCore::request('login', 'str', '');
$passw = cmsCore::request('pass', 'str', '');
$remember_pass = cmsCore::inRequest('remember');
// если нет логина или пароля, показываем форму входа
if (!$login || !$passw) {
if ($inUser->id && !$inUser->is_admin) {
cmsCore::redirect('/');
}
$inPage->setTitle($_LANG['SITE_LOGIN']);
$inPage->addPathway($_LANG['SITE_LOGIN']);
cmsPage::initTemplate('components', 'com_registration_login')->assign('cfg', $model->config)->assign('anti_brute_force', $anti_brute_force)->assign('is_sess_back', cmsUser::sessionGet('auth_back_url'))->display('com_registration_login.tpl');
if (!mb_strstr(cmsCore::getBackURL(), 'login')) {
cmsUser::sessionPut('auth_back_url', cmsCore::getBackURL());
}
return;
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// Проверяем каптчу
if ($anti_brute_force && !cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
cmsCore::redirect('/login');
}
cmsUser::sessionDel('anti_brute_force');
$back_url = $inUser->signInUser($login, $passw, $remember_pass);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'autherror') {
cmsUser::sessionPut('anti_brute_force', 1);
cmsPage::includeTemplateFile('special/autherror.php');
cmsCore::halt();
}
//============================================================================//
}
function applet_install()
{
$inCore = cmsCore::getInstance();
global $_LANG;
$GLOBALS['cp_page_title'] = $_LANG['AD_SETUP_EXTENSION'];
$do = cmsCore::request('do', 'str', 'list');
global $adminAccess;
// ========================================================================== //
if ($do == 'module') {
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) {
cpAccessDenied();
}
cpAddPathway($_LANG['AD_SETUP_MODULES'], 'index.php?view=install&do=module');
$new_modules = $inCore->getNewModules();
$upd_modules = $inCore->getUpdatedModules();
echo '<h3>' . $_LANG['AD_SETUP_MODULES'] . '</h3>';
if (!$new_modules && !$upd_modules) {
echo '<p>' . $_LANG['AD_NO_SEARCH_MODULES'] . '</p>';
echo '<p>' . $_LANG['AD_IF_WANT_SETUP_MODULES'] . '</p>';
echo '<p><a href="javascript:window.history.go(-1);">' . $_LANG['BACK'] . '</a></p>';
return;
}
if ($new_modules) {
echo '<p><strong>' . $_LANG['AD_SEARCH_MODULES'] . '</strong></p>';
modulesList($new_modules, $_LANG['AD_SETUP'], 'install_module');
}
if ($upd_modules) {
echo '<p><strong>' . $_LANG['AD_MODULES_UPDATE'] . '</strong></p>';
modulesList($upd_modules, $_LANG['AD_UPDATE'], 'upgrade_module');
}
echo '<p>' . $_LANG['AD_CLICK_TO_CONTINUE_MODULE'] . '</p>';
echo '<p><a href="javascript:window.history.go(-1);">' . $_LANG['BACK'] . '</a></p>';
}
// ========================================================================== //
if ($do == 'install_module') {
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) {
cpAccessDenied();
}
$error = '';
$module_id = cmsCore::request('id', 'str', '');
if (!$module_id) {
cmsCore::redirectBack();
}
if ($inCore->loadModuleInstaller($module_id)) {
$_module = call_user_func('info_module_' . $module_id);
//////////////////////////////////////
$error = call_user_func('install_module_' . $module_id);
} else {
$error = $_LANG['AD_MODULE_WIZARD_FAILURE'];
}
if ($error === true) {
$inCore->installModule($_module, $_module['config']);
cmsCore::addSessionMessage($_LANG['AD_MODULE'] . ' <strong>"' . $_module['title'] . '"</strong> ' . $_LANG['AD_SUCCESS'] . $_LANG['AD_IS_INSTALL'], 'success');
cmsCore::redirect('/admin/index.php?view=modules');
} else {
cmsCore::addSessionMessage($error, 'error');
cmsCore::redirectBack();
}
}
// ========================================================================== //
if ($do == 'upgrade_module') {
if (!cmsUser::isAdminCan('admin/modules', $adminAccess)) {
cpAccessDenied();
}
$error = '';
$module_id = cmsCore::request('id', 'str', '');
if (!$module_id) {
cmsCore::redirectBack();
}
if ($inCore->loadModuleInstaller($module_id)) {
$_module = call_user_func('info_module_' . $module_id);
if (isset($_module['link'])) {
$_module['content'] = $_module['link'];
}
$error = call_user_func('upgrade_module_' . $module_id);
} else {
$error = $_LANG['AD_SETUP_WIZARD_FAILURE'];
}
if ($error === true) {
$inCore->upgradeModule($_module, $_module['config']);
cmsCore::addSessionMessage($_LANG['AD_MODULE'] . ' <strong>"' . $_module['title'] . '"</strong> ' . $_LANG['AD_SUCCESS'] . $_LANG['AD_IS_UPDATE'], 'success');
cmsCore::redirect('/admin/index.php?view=modules');
} else {
cmsCore::addSessionMessage($error, 'error');
cmsCore::redirectBack();
}
}
// ========================================================================== //
if ($do == 'component') {
if (!cmsUser::isAdminCan('admin/components', $adminAccess)) {
cpAccessDenied();
}
cpAddPathway($_LANG['AD_SETUP_COMPONENTS'], 'index.php?view=install&do=component');
$new_components = $inCore->getNewComponents();
$upd_components = $inCore->getUpdatedComponents();
echo '<h3>' . $_LANG['AD_SETUP_COMPONENTS'] . '</h3>';
if (!$new_components && !$upd_components) {
echo '<p>' . $_LANG['AD_NO_SEARCH_COMPONENTS'] . '</p>';
echo '<p>' . $_LANG['AD_IF_WANT_SETUP_COMPONENTS'] . '</p>';
?>
<h3><?php
echo $_LANG['AD_TRY_PREMIUM'];
?>
</h3>
<div class="advert_iaudio"><a href="http://www.instantvideo.ru/software/iaudio.html"><strong>iAudio</strong></a> — <?php
echo $_LANG['AD_AUDIO_GALERY'];
?>
</div>
<div class="advert_billing"><a href="http://www.cms.vadyus.com/billing/about.html"><strong><?php
echo $_LANG['AD_BILLING'];
?>
</strong></a> — <?php
echo $_LANG['AD_GAIN'];
?>
</div>
<div class="advert_inmaps"><a href="http://www.instantmaps.ru/"><strong>InstantMaps</strong></a> — <?php
echo $_LANG['AD_OBJECT_TO_MAP'];
?>
</div>
<div class="advert_inshop"><a href="http://www.cms.vadyus.com/blogs/InstantSoft/professionalnyi-magazin-dlja-vadyus.html"><strong>InstantShop</strong></a> — <?php
echo $_LANG['AD_SHOP'];
?>
</div>
<div class="advert_invideo"><a href="http://www.instantvideo.ru/software/instantvideo.html"><strong>InstantVideo</strong></a> — <?php
echo $_LANG['AD_VIDEO_GALERY'];
?>
</div>
<?php
return;
}
if ($new_components) {
echo '<p><strong>' . $_LANG['AD_COMPONENTS_SETUP'] . '</strong></p>';
componentsList($new_components, $_LANG['AD_SETUP'], 'install_component');
}
if ($upd_components) {
echo '<p><strong>' . $_LANG['AD_COMPONENTS_UPDATE'] . '</strong></p>';
componentsList($upd_components, $_LANG['AD_UPDATE'], 'upgrade_component');
}
echo '<p>' . $_LANG['AD_CLICK_TO_CONTINUE_COMPONENT'] . '</p>';
echo '<p><a href="javascript:window.history.go(-1);">' . $_LANG['BACK'] . '</a></p>';
}
// ========================================================================== //
if ($do == 'install_component') {
$error = '';
$component = cmsCore::request('id', 'str', '');
if (!$component) {
cmsCore::redirectBack();
}
if (!cmsUser::isAdminCan('admin/components', $adminAccess)) {
cpAccessDenied();
}
if ($inCore->loadComponentInstaller($component)) {
$_component = call_user_func('info_component_' . $component);
$error = call_user_func('install_component_' . $component);
} else {
$error = $_LANG['AD_COMPONENT_WIZARD_FAILURE'];
}
if ($error === true) {
$inCore->installComponent($_component, $_component['config']);
$info_text = '<p>' . $_LANG['AD_COMPONENT'] . ' <strong>"' . $_component['title'] . '"</strong> ' . $_LANG['AD_SUCCESS'] . $_LANG['AD_IS_INSTALL'] . '</p>';
if (isset($_component['modules'])) {
if (is_array($_component['modules'])) {
$info_text .= '<p>' . $_LANG['AD_OPT_INSTALL_MODULES'] . ':</p>';
$info_text .= '<ul>';
foreach ($_component['modules'] as $module => $title) {
$info_text .= '<li>' . $title . '</li>';
}
$info_text .= '</ul>';
}
}
if (isset($_component['plugins'])) {
if (is_array($_component['plugins'])) {
$info_text .= '<p>' . $_LANG['AD_OPT_INSTALL_PLUGINS'] . ':</p>';
$info_text .= '<ul>';
foreach ($_component['plugins'] as $module => $title) {
$info_text .= '<li>' . $title . '</li>';
}
$info_text .= '</ul>';
}
}
cmsCore::addSessionMessage($info_text, 'success');
cmsCore::redirect('/admin/index.php?view=components');
} else {
cmsCore::addSessionMessage($error, 'error');
cmsCore::redirectBack();
}
}
// ========================================================================== //
if ($do == 'upgrade_component') {
cpAddPathway($_LANG['AD_UPDATE_COMPONENTS'], 'index.php?view=install&do=component');
$error = '';
$component = cmsCore::request('id', 'str', '');
if (!$component) {
cmsCore::redirectBack();
}
if (!cmsUser::isAdminCan('admin/components', $adminAccess)) {
cpAccessDenied();
}
if (!cmsUser::isAdminCan('admin/com_' . $component, $adminAccess)) {
cpAccessDenied();
}
if ($inCore->loadComponentInstaller($component)) {
$_component = call_user_func('info_component_' . $component);
$error = call_user_func('upgrade_component_' . $component);
} else {
$error = $_LANG['AD_COMPONENT_WIZARD_FAILURE'];
}
if ($error === true) {
$inCore->upgradeComponent($_component, $_component['config']);
$info_text = $_LANG['AD_COMPONENT'] . ' <strong>"' . $_component['title'] . '"</strong> ' . $_LANG['AD_SUCCESS'] . $_LANG['AD_IS_UPDATE'];
cmsCore::addSessionMessage($info_text, 'success');
cmsCore::redirect('/admin/index.php?view=components');
} else {
cmsCore::addSessionMessage($error, 'error');
cmsCore::redirectBack();
}
}
// ========================================================================== //
if ($do == 'remove_component') {
$component_id = cmsCore::request('id', 'int', '');
if (!$component_id) {
cmsCore::redirectBack();
}
$com = $inCore->getComponentById($component_id);
if (!cmsUser::isAdminCan('admin/components', $adminAccess)) {
cpAccessDenied();
}
if (!cmsUser::isAdminCan('admin/com_' . $com, $adminAccess)) {
cpAccessDenied();
}
if ($inCore->loadComponentInstaller($com)) {
if (function_exists('remove_component_' . $com)) {
call_user_func('remove_component_' . $com);
}
}
$inCore->removeComponent($component_id);
cmsCore::addSessionMessage($_LANG['AD_COMPONENT_IS_DELETED'], 'success');
cmsCore::redirect('/admin/index.php?view=components');
}
// ========================================================================== //
if ($do == 'plugin') {
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) {
cpAccessDenied();
}
cpAddPathway($_LANG['AD_SETUP_PLUGINS'], 'index.php?view=install&do=plugin');
$new_plugins = $inCore->getNewPlugins();
$upd_plugins = $inCore->getUpdatedPlugins();
echo '<h3>' . $_LANG['AD_SETUP_PLUGINS'] . '</h3>';
if (!$new_plugins && !$upd_plugins) {
echo '<p>' . $_LANG['AD_NO_SEARCH_PLUGINS'] . '</p>';
echo '<p>' . $_LANG['AD_IF_WANT_SETUP_PLUGINS'] . '</p>';
echo '<p><a href="javascript:window.history.go(-1);">' . $_LANG['BACK'] . '</a></p>';
return;
}
if ($new_plugins) {
echo '<p><strong>' . $_LANG['AD_PLUGINS_SETUP'] . '</strong></p>';
pluginsList($new_plugins, $_LANG['AD_SETUP'], 'install_plugin');
}
if ($upd_plugins) {
echo '<p><strong>' . $_LANG['AD_PLUGINS_UPDATE'] . '</strong></p>';
pluginsList($upd_plugins, $_LANG['AD_UPDATE'], 'upgrade_plugin');
}
echo '<p>' . $_LANG['AD_CLICK_TO_CONTINUE_PLUGIN'] . '</p>';
echo '<p><a href="javascript:window.history.go(-1);">' . $_LANG['BACK'] . '</a></p>';
}
// ========================================================================== //
if ($do == 'install_plugin') {
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) {
cpAccessDenied();
}
cpAddPathway($_LANG['AD_SETUP_PLUGIN'], 'index.php?view=install&do=plugin');
$error = '';
$plugin_id = cmsCore::request('id', 'str', '');
if (!$plugin_id) {
cmsCore::redirectBack();
}
$plugin = $inCore->loadPlugin($plugin_id);
if (!$plugin) {
$error = $_LANG['AD_PLUGIN_FAILURE'];
}
if (!$error && $plugin->install()) {
cmsCore::addSessionMessage($_LANG['AD_PLUGIN'] . ' <strong>"' . $plugin->info['title'] . '"</strong> ' . $_LANG['AD_SUCCESS'] . $_LANG['AD_IS_INSTALL'] . '. ' . $_LANG['AD_ENABLE_PLUGIN'], 'success');
cmsCore::redirect('/admin/index.php?view=plugins');
}
if ($error) {
echo '<p style="color:red">' . $error . '</p>';
}
echo '<p><a href="index.php?view=install&do=plugin">' . $_LANG['BACK'] . '</a></p>';
}
// ========================================================================== //
if ($do == 'upgrade_plugin') {
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) {
cpAccessDenied();
}
cpAddPathway($_LANG['AD_UPDATE_PLUGIN'], 'index.php?view=install&do=plugin');
$error = '';
$plugin_id = cmsCore::request('id', 'str', '');
if (!$plugin_id) {
cmsCore::redirectBack();
}
$plugin = $inCore->loadPlugin($plugin_id);
if (!$plugin) {
$error = $_LANG['AD_PLUGIN_FAILURE'];
}
if (!$error && $plugin->upgrade()) {
cmsCore::addSessionMessage($_LANG['AD_PLUGIN'] . ' <strong>"' . $plugin->info['title'] . '"</strong> ' . $_LANG['AD_SUCCESS'] . $_LANG['AD_IS_UPDATE'], 'success');
cmsCore::redirect('/admin/index.php?view=plugins');
}
if ($error) {
echo '<p style="color:red">' . $error . '</p>';
}
echo '<p><a href="index.php?view=install&do=plugin">' . $_LANG['BACK'] . '</a></p>';
}
// ========================================================================== //
if ($do == 'remove_plugin') {
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) {
cpAccessDenied();
}
$plugin_id = cmsCore::request('id', 'str', '');
if (!$plugin_id) {
cmsCore::redirectBack();
}
$inCore->removePlugin($plugin_id);
cmsCore::addSessionMessage($_LANG['AD_REMOVE_PLUGIN_OK'], 'success');
cmsCore::redirect('/admin/index.php?view=plugins');
}
}
function applet_userbanlist()
{
$inCore = cmsCore::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/users', $adminAccess)) {
cpAccessDenied();
}
$GLOBALS['cp_page_title'] = $_LANG['AD_BANLIST'];
cpAddPathway($_LANG['AD_USERS'], 'index.php?view=users');
cpAddPathway($_LANG['AD_BANLIST'], 'index.php?view=userbanlist');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
$to = cmsCore::request('to', 'int', 0);
// для редиректа обратно в профиль на сайт
if ($to) {
cmsUser::sessionPut('back_url', cmsCore::getBackURL());
}
if ($do == 'list') {
$toolmenu[] = array('icon' => 'useradd.gif', 'title' => $_LANG['AD_TO_BANLIST_ADD'], 'link' => '?view=userbanlist&do=add');
$toolmenu[] = array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=userbanlist&do=edit&multiple=1');");
$toolmenu[] = array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=userbanlist&do=delete&multiple=1');");
cpToolMenu($toolmenu);
$fields[] = array('title' => 'id', 'field' => 'id', 'width' => '30');
$fields[] = array('title' => $_LANG['AD_IS_ACTIVE'], 'field' => 'status', 'width' => '55', 'prc' => 'cpYesNo');
$fields[] = array('title' => $_LANG['AD_BANLIST_USER'], 'field' => 'user_id', 'width' => '120', 'filter' => '12', 'prc' => 'cpUserNick');
$fields[] = array('title' => $_LANG['AD_BANLIST_IP'], 'field' => 'ip', 'width' => '100', 'link' => '?view=userbanlist&do=edit&id=%id%', 'filter' => '12');
$fields[] = array('title' => $_LANG['DATE'], 'field' => 'bandate', 'width' => '', 'fdate' => '%d/%m/%Y %H:%i:%s', 'filter' => '12');
$fields[] = array('title' => $_LANG['AD_BANLIST_TIME'], 'field' => 'int_num', 'width' => '55');
$fields[] = array('title' => '', 'field' => 'int_period', 'width' => '70');
$fields[] = array('title' => $_LANG['AD_AUTOREMOVE'], 'field' => 'autodelete', 'width' => '90', 'prc' => 'cpYesNo');
$actions[] = array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=userbanlist&do=edit&id=%id%');
$actions[] = array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_REMOVE_RULE'], 'link' => '?view=userbanlist&do=delete&id=%id%');
cpListTable('cms_banlist', $fields, $actions, '1=1', 'ip DESC');
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbDelete('cms_banlist', $id);
}
} else {
dbDeleteList('cms_banlist', cmsCore::request('item', 'array_int', array()));
}
cmsCore::redirect('?view=userbanlist');
}
if ($do == 'submit' || $do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$types = array('user_id' => array('user_id', 'int', 0), 'ip' => array('ip', 'str', ''), 'cause' => array('cause', 'str', ''), 'autodelete' => array('autodelete', 'int', 0), 'int_num' => array('int_num', 'int', 0), 'int_period' => array('int_period', 'str', '', create_function('$p', 'if(!in_array($p, array("MONTH","DAY","HOUR","MINUTE"))){ $p = "MINUTE"; } return $p;')));
$items = cmsCore::getArrayFromRequest($types);
$error = false;
if (!$items['ip']) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_NEED_IP'], 'error');
}
if ($items['ip'] == $_SERVER['REMOTE_ADDR'] || $items['user_id'] == $inUser->id) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_ITS_YOUR_IP'], 'error');
}
if (cmsUser::userIsAdmin($items['user_id'])) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_ITS_ADMIN'], 'error');
}
if ($error) {
cmsCore::redirectBack();
}
if ($do == 'update') {
$inDB->update('cms_banlist', $items, $id);
if (empty($_SESSION['editlist'])) {
cmsCore::redirect('?view=userbanlist');
} else {
cmsCore::redirect('?view=userbanlist&do=edit');
}
}
$inDB->insert('cms_banlist', $items);
$back_url = cmsUser::sessionGet('back_url');
cmsUser::sessionDel('back_url');
cmsCore::redirect($back_url ? $back_url : '?view=userbanlist');
}
if ($do == 'add' || $do == 'edit') {
$GLOBALS['cp_page_head'][] = '<script language="JavaScript" type="text/javascript" src="/admin/js/banlist.js"></script>';
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);');
cpToolMenu($toolmenu);
if ($do == 'add') {
echo '<h3>' . $_LANG['AD_TO_BANLIST_ADD'] . '</h3>';
cpAddPathway($_LANG['AD_TO_BANLIST_ADD']);
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = $inDB->get_fields('cms_banlist', "id = '{$item_id}'", '*');
if (!$mod) {
cmsCore::error404();
}
echo '<h3>' . $_LANG['AD_EDIT_RULE'] . ' ' . $ostatok . '</h3>';
cpAddPathway($_LANG['AD_EDIT_RULE']);
}
?>
<div style="margin-top:2px;padding:10px;border:dotted 1px silver; width:508px;background:#FFFFCC">
<div style="font-weight:bold"><?php
echo $_LANG['ATTENTION'];
?>
!</div>
<div><?php
echo $_LANG['AD_CAUTION_INFO_0'];
?>
</div>
<div><?php
echo $_LANG['AD_CAUTION_INFO_1'];
?>
</div>
</div>
<form id="addform" name="addform" method="post" action="index.php?view=userbanlist">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<table width="530" border="0" cellspacing="5" class="proptable">
<tr>
<td width="150" valign="top"><div><strong><?php
echo $_LANG['AD_BANLIST_USER'];
?>
: </strong></div></td>
<?php
if ($do == 'add' && $to) {
$mod['user_id'] = $to;
$mod['ip'] = $inDB->get_field('cms_users', 'id=' . $to, 'last_ip');
}
?>
<td valign="top">
<select name="user_id" id="user_id" onchange="loadUserIp()" style="width: 250px;">
<option value="0" <?php
if (@(!$mod['user_id'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_WHITHOUT_USER'];
?>
</option>
<?php
if (isset($mod['user_id'])) {
echo $inCore->getListItems('cms_users', $mod['user_id'], 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
} else {
echo $inCore->getListItems('cms_users', 0, 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
}
?>
</select>
</td>
</tr>
<tr>
<td valign="top"><strong><?php
echo $_LANG['AD_BANLIST_IP'];
?>
:</strong></td>
<td valign="top"><input name="ip" type="text" id="ip" style="width: 244px;" value="<?php
echo @$mod['ip'];
?>
"/></td>
</tr>
<tr>
<td valign="top"><strong><?php
echo $_LANG['AD_BANLIST_CAUSE'];
?>
:</strong></td>
<td valign="top">
<textarea name="cause" style="width:240px" rows="5"><?php
echo @$mod['cause'];
?>
</textarea>
</td>
</tr>
<?php
$forever = false;
if (!@$mod['int_num']) {
$forever = true;
}
?>
<tr>
<td valign="top"><strong><?php
echo $_LANG['AD_BAN_FOREVER'];
?>
</strong></td>
<td valign="top"><input type="checkbox" name="forever" value="1" <?php
if ($forever) {
echo 'checked="checked"';
}
?>
onclick="$('tr.bantime').toggle();"/></td>
</tr>
<tr class="bantime">
<td valign="top"><strong><?php
echo $_LANG['AD_BAN_FOR_TIME'];
?>
</strong> </td>
<td valign="top"><p>
<input name="int_num" type="text" id="int_num" size="5" value="<?php
echo @(int) $mod['int_num'];
?>
"/>
<select name="int_period" id="int_period">
<option value="MINUTE" <?php
if (@mb_strstr($mod['int_period'], 'MINUTE')) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['MINUTE10'];
?>
</option>]
<option value="HOUR" <?php
if (@mb_strstr($mod['int_period'], 'HOUR')) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['HOUR10'];
?>
</option>
<option value="DAY" <?php
if (@mb_strstr($mod['int_period'], 'DAY')) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['DAY10'];
?>
</option>
<option value="MONTH" <?php
if (@mb_strstr($mod['int_period'], 'MONTH')) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['MONTH10'];
?>
</option>
</select>
</p>
<p><label><input name="autodelete" type="checkbox" id="autodelete" value="1" <?php
if ($mod['autodelete']) {
echo 'checked="checked"';
}
?>
/> <?php
echo $_LANG['AD_REMOVE_BAN'];
?>
</label></p>
</td>
</tr>
<?php
if ($forever) {
?>
<script type="text/javascript">$('tr.bantime').hide();</script><?php
}
?>
</table>
<p>
<label>
<input name="add_mod" type="submit" id="add_mod" <?php
if ($do == 'add') {
echo 'value="' . $_LANG['AD_TO_BANLIST_ADD'] . '"';
} else {
echo 'value="' . $_LANG['SAVE'] . '"';
}
?>
/>
</label>
<label><span style="margin-top:15px">
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.history.back();"/>
</span></label>
<input name="do" type="hidden" id="do" <?php
if ($do == 'add') {
echo 'value="submit"';
} else {
echo 'value="update"';
}
?>
/>
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="' . $mod['id'] . '" />';
}
?>
</p>
</form>
<?php
}
}
function applet_templates() {
global $adminAccess;
global $_LANG;
if (!cmsUser::isAdminCan('admin/config', $adminAccess)) { cpAccessDenied(); }
$do = cmsCore::request('do', array('config', 'save_config'), 'main');
cmsCore::c('page')->setTitle($_LANG['AD_TEMPLATES_SETTING']);
cpAddPathway($_LANG['AD_TEMPLATES_SETTING'], 'index.php?view=templates');
if ($do == 'main') {
$templates = cmsCore::getDirsList('/templates');
echo '<div class="panel panel-default"><div class="panel-heading">'. $_LANG['AD_TEMPLATES_LIST'] .'</div><div class="panel-body">';
echo '<table class="table table-striped"><thead><tr>';
echo '<th>'. $_LANG['AD_TEMPLATE'] .'</th>';
echo '<th width="200">'. $_LANG['AD_TEMPLATE_AUTHOR'] .'</th>';
echo '<th width="200">'. $_LANG['AD_TEMPLATE_RENDERER'] .'</th>';
echo '<th width="200">'. $_LANG['AD_TEMPLATE_EXT'] .'</th><th width="100"></th><th width="100"></th>';
echo '</tr></thead><tbody>';
foreach ($templates as $template) {
if ($template == 'admin') { continue; }
$tpl_info = cmsCore::c('page')->getTplInfo($template);
echo '<tr>';
echo '<td><strong>'. $template .'</strong></td>';
echo '<td>'. $tpl_info['author'] .'</td>';
echo '<td>'. $tpl_info['renderer'] .'</td>';
echo '<td>'. $tpl_info['ext'] .'</td><td>';
if (file_exists(PATH .'/templates/'. $template .'/positions.jpg')) {
echo '<a href="#'. $template .'" role="button" class="btn btn-sm btn-default" data-toggle="modal">'. $_LANG['AD_TPL_POS'] .'</a>
<div class="modal fade" id="'. $template .'" tabindex="-1" role="dialog" aria-labelledby="'. $template .'Label" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h4 class="modal-title" id="'. $template .'Label">'. $_LANG['AD_TPL_POS'] .'</h4>
</div>
<div class="modal-body">
<img src="/templates/'. $template .'/positions.jpg" alt="'. $_LANG['AD_TPL_POS'] .'" style="width:100%;height:auto;" />
</div>
</div>
</div>
</div>';
}
echo '</td><td>';
if (file_exists(PATH .'/templates/'. $template .'/config.php')) {
echo '<a href="/admin/index.php?view=templates&do=config&template='. $template .'" class="btn btn-sm btn-primary">'. $_LANG['AD_CONFIG'] .'</a>';
}
echo '</td></tr>';
}
echo '</tbody></table></div></div>';
}
if ($do == 'config') {
$template = cmsCore::request('template', 'str', '');
cpAddPathway($_LANG['AD_TEMPLATE'] .': '. $template, 'index.php?view=templates&do=config&template='. $template);
if (!file_exists(PATH .'/templates/'. $template) || !file_exists(PATH .'/templates/'. $template .'/config.php')) {
cmsCore::error404();
}
include(PATH .'/templates/'. $template .'/config.php');
if (function_exists('get_template_cfg_fields')) {
$tpl_cfgs = get_template_cfg_fields();
if (!empty($tpl_cfgs)) {
$tpl_cfgs_val = cmsCore::getTplCfg($template);
echo '<form action="/admin/index.php?view=templates&template='. $template .'&do=save_config" method="post" style="width:650px;margin-bottom:30px">';
echo cmsCore::c('form_gen')->generateForm($tpl_cfgs, $tpl_cfgs_val);
echo '<div>';
echo '<input type="submit" class="btn btn-primary" name="save" value="'. $_LANG['SAVE'] .'" /> ';
echo '<input type="button" class="btn btn-default" name="back" value="'. $_LANG['CANCEL'] .'" onclick="window.history.back();" />';
echo '</div>';
echo '</form>';
} else {
cmsCore::addSessionMessage($_LANG['AD_TEMPLATE_NO_CONFIG'], 'error');
cmsCore::redirectBack();
}
} else {
cmsCore::addSessionMessage($_LANG['AD_TEMPLATE_CFG_ERROR'], 'error');
cmsCore::redirectBack();
}
}
if ($do == 'save_config') {
$template = cmsCore::request('template', 'str', '');
if (!file_exists(PATH .'/templates/'. $template) || !file_exists(PATH .'/templates/'. $template .'/config.php') || !cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
include(PATH .'/templates/'. $template .'/config.php');
if (function_exists('get_template_cfg_fields')) {
$tpl_cfgs = get_template_cfg_fields();
if (!empty($tpl_cfgs)) {
$tpl_cfgs = cmsCore::c('form_gen')->requestForm($tpl_cfgs);
cmsCore::saveTplCfg($tpl_cfgs, $template);
cmsCore::addSessionMessage($_LANG['AD_TEMPLATE_CFG_SAVED'], 'success');
cmsCore::redirect('/admin/index.php?view=templates');
} else {
cmsCore::error404();
}
} else {
cmsCore::error404();
}
}
}
function users()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_users();
// id пользователя
$id = cmsCore::request('id', 'int', 0);
// логин пользователя
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$pagetitle = $inCore->getComponentTitle();
if ($model->config['sw_search'] != 2) {
$inPage->addPathway($pagetitle, '/users');
}
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
// js только авторизованным
if ($inUser->id) {
$inPage->addHeadJS('components/users/js/profile.js');
$inPage->addHeadJsLang(array('CONFIRM_CLEAN_CAT', 'CHOOSE_RECIPIENT', 'SEND_TO_USER', 'FRIENDSHIP_OFFER', 'STOP_FRIENDLY', 'REALY_STOP_FRIENDLY', 'ENTER_STATUS', 'HAVE_JUST'));
}
//============================================================================//
//========================= Список пользователей ============================//
//============================================================================//
if ($do == 'view') {
// если запрещен просмотр всех пользователей, 404
if ($model->config['sw_search'] == 2) {
cmsCore::error404();
}
//очищаем поисковые запросы если пришли со другой страницы
if (!strstr(cmsCore::getBackURL(), '/users')) {
cmsUser::sessionClearAll();
}
$stext = array();
// Возможные входные переменные
$name = cmsCore::getSearchVar('name');
$city = cmsCore::getSearchVar('city');
$hobby = cmsCore::getSearchVar('hobby');
$gender = cmsCore::getSearchVar('gender');
$orderby = cmsCore::request('orderby', array('karma', 'rating', 'regdate'), 'regdate');
$orderto = cmsCore::request('orderto', array('asc', 'desc'), 'desc');
$age_to = (int) cmsCore::getSearchVar('ageto', 'all');
$age_fr = (int) cmsCore::getSearchVar('agefrom', 'all');
$group_id = cmsCore::request('group_id', 'int', 0);
// Флаг о показе только онлайн пользователей
if (cmsCore::inRequest('online')) {
cmsUser::sessionPut('usr_online', (bool) cmsCore::request('online', 'int'));
$page = 1;
}
$only_online = cmsUser::sessionGet('usr_online');
if ($only_online) {
$stext[] = $_LANG['SHOWING_ONLY_ONLINE'];
}
///////////////////////////////////////
//////////Условия выборки//////////////
///////////////////////////////////////
// группа
if ($group_id) {
$model->whereUserGroupIs($group_id);
$link['group'] = '/users/group/' . $group_id;
$_LANG['GROUP_SEARCH_NAME'] = cmsUser::getGroupTitle($group_id);
}
// Добавляем в выборку имя, если оно есть
if ($name) {
$model->whereNameIs($name);
$stext[] = $_LANG['NAME'] . " — " . htmlspecialchars(stripslashes($name));
}
// Добавляем в выборку город, если он есть
if ($city) {
$model->whereCityIs($city);
$stext[] = $_LANG['CITY'] . " — " . htmlspecialchars(stripslashes($city));
}
// Добавляем в выборку хобби, если есть
if ($hobby) {
$model->whereHobbyIs($hobby);
$stext[] = $_LANG['HOBBY'] . " — " . htmlspecialchars(stripslashes($hobby));
}
// Добавляем в выборку пол, если есть
if ($gender) {
$model->whereGenderIs($gender);
if ($gender == 'm') {
$stext[] = $_LANG['MALE'];
} else {
$stext[] = $_LANG['FEMALE'];
}
}
// Добавляем в выборку возраст, более
if ($age_fr) {
$model->whereAgeFrom($age_fr);
$stext[] = $_LANG['NOT_YOUNG'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Добавляем в выборку возраст, менее
if ($age_to) {
$model->whereAgeTo($age_to);
$stext[] = $_LANG['NOT_OLD'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Считаем общее количество согласно выборки
$total = $model->getUsersCount($only_online);
if ($total) {
//устанавливаем сортировку
$inDB->orderBy($orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во пользователей на странице
$inDB->limitPage($page, $model->config['users_perpage']);
// Загружаем пользователей согласно выборки
$users = $model->getUsers($only_online);
} else {
$inDB->resetConditions();
}
$link['latest'] = '/users';
$link['positive'] = '/users/positive.html';
$link['rating'] = '/users/rating.html';
if ($orderby == 'regdate') {
$link['selected'] = 'latest';
}
if ($orderby == 'karma') {
$link['selected'] = 'positive';
}
if ($orderby == 'rating') {
$link['selected'] = 'rating';
}
$pagebar_link = '/users/' . $link['selected'] . '%page%.html';
if ($group_id) {
$link['selected'] = 'group';
$pagebar_link = '/users/' . $link['selected'] . '/' . $group_id . '-%page%';
}
cmsPage::initTemplate('components', 'com_users_view')->assign('stext', $stext)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('users', $users)->assign('total', $total)->assign('only_online', $only_online)->assign('gender', $gender)->assign('name', stripslashes($name))->assign('city', stripslashes($city))->assign('hobby', stripslashes($hobby))->assign('age_to', $age_to)->assign('age_fr', $age_fr)->assign('cfg', $model->config)->assign('link', $link)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['users_perpage'], $pagebar_link))->display('com_users_view.tpl');
}
//============================================================================//
//======================= Редактирование профиля ============================//
//============================================================================//
if ($do == 'editprofile') {
// неавторизованным, не владельцам и не админам тут делать нечего
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = $model->getUser($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'edit');
// главного админа может редактировать только он сам
if ($id == 1 && $inUser->id != $id) {
cmsCore::error404();
}
// показываем форму
if ($opt == 'edit') {
$inPage->setTitle($_LANG['CONFIG_PROFILE'] . ' - ' . $usr['nickname']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['CONFIG_PROFILE']);
$private_forms = array();
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, $usr['formsdata']));
}
}
}
cmsPage::initTemplate('components', 'com_users_edit_profile')->assign('opt', $opt)->assign('usr', $usr)->assign('private_forms', $private_forms)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('cfg', $model->config)->display('com_users_edit_profile.tpl');
return;
}
// Если сохраняем профиль
if ($opt == 'save') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$users['nickname'] = cmsCore::request('nickname', 'str');
if (mb_strlen($users['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
cmsCore::loadModel('registration');
$modreg = new cms_model_registration();
if (!$inUser->is_admin) {
if ($modreg->getBadNickname($users['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
}
$profiles['gender'] = cmsCore::request('gender', 'str');
$profiles['city'] = cmsCore::request('city', 'str');
if (mb_strlen($profiles['city']) > 50) {
cmsCore::addSessionMessage($_LANG['LONG_CITY_NAME'], 'error');
$errors = true;
}
$users['email'] = cmsCore::request('email', 'email');
if (!$users['email']) {
cmsCore::addSessionMessage($_LANG['REALY_ADRESS_EMAIL'], 'error');
$errors = true;
}
if ($usr['email'] != $users['email']) {
$is_set_email = $inDB->get_field('cms_users', "email='{$users['email']}'", 'id');
if ($is_set_email) {
cmsCore::addSessionMessage($_LANG['ADRESS_EMAIL_IS_BUSY'], 'error');
$errors = true;
} else {
// формируем токен
$token = md5($usr['email'] . uniqid() . microtime());
$inDB->insert('cms_users_activate', array('user_id' => $inUser->id, 'pubdate' => date("Y-m-d H:i:s"), 'code' => $token));
$codelink = HOST . '/users/change_email/' . $token . '/' . $users['email'];
// по старому адресу высылаем письмо с подтверждением
$letter = cmsCore::getLanguageTextFile('change_email');
$letter = str_replace(array('{nickname}', '{codelink}'), array($inUser->nickname, $codelink), $letter);
cmsCore::mailText($usr['email'], '', $letter);
cmsCore::addSessionMessage(sprintf($_LANG['YOU_CHANGE_EMAIL'], $usr['email']), 'info');
// email не меняем
$users['email'] = $usr['email'];
}
}
$profiles['showphone'] = cmsCore::request('showphone', 'int', 0);
$profiles['showmail'] = cmsCore::request('showmail', 'int');
$profiles['email_newmsg'] = cmsCore::request('email_newmsg', 'int');
$profiles['showbirth'] = cmsCore::request('showbirth', 'int');
$profiles['description'] = cmsCore::request('description', 'str', '');
$users['birthdate'] = (int) $_REQUEST['birthdate']['year'] . '-' . (int) $_REQUEST['birthdate']['month'] . '-' . (int) $_REQUEST['birthdate']['day'];
$profiles['signature'] = $inDB->escape_string(cmsCore::badTagClear(cmsCore::request('signature', 'html', '')));
$profiles['signature_html'] = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('signature', 'html', ''), true));
$profiles['allow_who'] = cmsCore::request('allow_who', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['allow_who'])) {
$errors = true;
}
$users['icq'] = cmsCore::request('icq', 'str', '');
$profiles['showicq'] = cmsCore::request('showicq', 'int');
$profiles['cm_subscribe'] = cmsCore::request('cm_subscribe', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['cm_subscribe'])) {
$errors = true;
}
$users['phone'] = cmsCore::request('phone', 'int', 0);
// получаем данные форм
$profiles['formsdata'] = '';
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$profiles['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
if ($errors) {
cmsCore::redirectBack();
}
$inDB->update('cms_user_profiles', cmsCore::callEvent('UPDATE_USER_PROFILES', array_merge(array('id' => $usr['pid'], 'user_id' => $usr['id']), $profiles)), $usr['pid']);
$inDB->update('cms_users', cmsCore::callEvent('UPDATE_USER_USERS', array_merge(array('id' => $usr['id']), $users)), $usr['id']);
cmsCore::addSessionMessage($_LANG['PROFILE_SAVED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
if ($opt == 'changepass') {
$errors = false;
$oldpass = cmsCore::request('oldpass', 'str');
$newpass = cmsCore::request('newpass', 'str');
$newpass2 = cmsCore::request('newpass2', 'str');
if ($inUser->password != md5($oldpass)) {
cmsCore::addSessionMessage($_LANG['OLD_PASS_WRONG'], 'error');
$errors = true;
}
if ($newpass != $newpass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($oldpass && $newpass && $newpass2 && mb_strlen($newpass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
cmsCore::callEvent('UPDATE_USER_PASSWORD', array('user_id' => $usr['id'], 'oldpass' => $oldpass, 'newpass' => $newpass));
$sql = "UPDATE cms_users SET password='******' WHERE id = '{$id}' AND password='******'";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['PASS_CHANGED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//============================= Просмотр профиля ============================//
//============================================================================//
if ($do == 'profile') {
$inPage->addHeadJsLang(array('NEW_POST_ON_WALL', 'CONFIRM_DEL_POST_ON_WALL'));
// если просмотр профиля гостям запрещен
if (!$inUser->id && !$model->config['sw_guest']) {
cmsUser::goToLogin();
}
if (is_numeric($login)) {
cmsCore::error404();
}
$usr = $model->getUser($login);
if (!$usr) {
cmsCore::error404();
}
$myprofile = $inUser->id == $usr['id'];
$inPage->setTitle($usr['nickname']);
$inPage->addPathway($usr['nickname']);
// просмотр профиля запрещен
if (!cmsUser::checkUserContentAccess($usr['allow_who'], $usr['id'])) {
cmsPage::initTemplate('components', 'com_users_not_allow')->assign('is_auth', $inUser->id)->assign('usr', $usr)->display('com_users_not_allow.tpl');
return;
}
// Профиль удален
if ($usr['is_deleted']) {
cmsPage::initTemplate('components', 'com_users_deleted.tpl')->assign('usr', $usr)->assign('is_admin', $inUser->is_admin)->assign('others_active', $inDB->rows_count('cms_users', "login='******'login']}' AND is_deleted=0", 1))->display('com_users_deleted.tpl');
return;
}
// Данные о друзьях
$usr['friends_total'] = cmsUser::getFriendsCount($usr['id']);
$usr['friends'] = cmsUser::getFriends($usr['id']);
// очищать сессию друзей если в своем профиле и количество друзей из базы не совпадает с количеством друзей в сессии
if ($myprofile && sizeof($usr['friends']) != $usr['friends_total']) {
cmsUser::clearSessionFriends();
}
// обрезаем список
$usr['friends'] = array_slice($usr['friends'], 0, 6);
// выясняем друзья ли мы с текущим пользователем
$usr['isfriend'] = !$myprofile ? cmsUser::isFriend($usr['id']) : false;
// награды пользователя
$usr['awards'] = $model->config['sw_awards'] ? $model->getUserAwards($usr['id']) : false;
// стена
if ($model->config['sw_wall']) {
$inDB->limitPage(1, $model->config['wall_perpage']);
$usr['wall_html'] = cmsUser::getUserWall($usr['id'], 'users', $myprofile, $inUser->is_admin);
}
// можно ли пользователю изменять карму
$usr['can_change_karma'] = $model->isUserCanChangeKarma($usr['id']) && $inUser->id;
// Фотоальбомы пользователя
if ($model->config['sw_photo']) {
$usr['albums'] = $model->getPhotoAlbums($usr['id'], $usr['isfriend'], !$inCore->isComponentEnable('photos'));
$usr['albums_total'] = sizeof($usr['albums']);
$usr['albums_show'] = 6;
if ($usr['albums_total'] > $usr['albums_show']) {
array_splice($usr['albums'], $usr['albums_show']);
}
}
$usr['board_count'] = $model->config['sw_board'] ? $inDB->rows_count('cms_board_items', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['comments_count'] = $model->config['sw_comm'] ? $inDB->rows_count('cms_comments', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['forum_count'] = $model->config['sw_forum'] ? $inDB->rows_count('cms_forum_posts', "user_id = '{$usr['id']}'") : 0;
$usr['files_count'] = $model->config['sw_files'] ? $inDB->rows_count('cms_user_files', "user_id = '{$usr['id']}'") : 0;
$cfg_reg = $inCore->loadComponentConfig('registration');
$usr['invites_count'] = $inUser->id && $myprofile && $cfg_reg['reg_type'] == 'invite' ? $model->getUserInvitesCount($inUser->id) : 0;
$usr['blog'] = $model->config['sw_blogs'] ? $inDB->get_fields('cms_blogs', "user_id = '{$usr['id']}' AND owner = 'user'", 'title, seolink') : false;
$usr['form_fields'] = array();
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$usr['form_fields'] = array_merge($usr['form_fields'], cmsForm::getFieldsValues($form_id, $usr['formsdata']));
}
}
if ($usr['city']) {
cmsCore::loadModel('geo');
$geo = new cms_model_geo();
$city_parents = $geo->getCityParents($usr['city']);
if ($city_parents) {
$usr['country'] = $city_parents['country_name'];
}
}
$plugins = $model->getPluginsOutput($usr);
cmsPage::initTemplate('components', 'com_users_profile.tpl')->assign('usr', $usr)->assign('plugins', $plugins)->assign('cfg', $model->config)->assign('myprofile', $myprofile)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('is_admin', $inUser->is_admin)->assign('is_auth', $inUser->id)->display('com_users_profile.tpl');
}
//============================================================================//
//============================= Список сообщений ============================//
//============================================================================//
if ($do == 'messages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_MESS']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['MY_MESS'], '/users/' . $id . '/messages.html');
include 'components/users/messages.php';
}
//============================================================================//
//=========================== Отправка сообщения ============================//
//============================================================================//
if ($do == 'sendmessage') {
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id && !cmsCore::inRequest('massmail') && !cmsCore::request('send_to_group', 'int', 0)) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gosend')) {
$replyid = cmsCore::request('replyid', 'int', 0);
if ($replyid) {
$msg = $model->getReplyMessage($replyid, $inUser->id);
if (!$msg) {
cmsCore::halt();
}
}
$inPage->setRequestIsAjax();
cmsPage::initTemplate('components', 'com_users_messages_add')->assign('msg', isset($msg) ? $msg : array())->assign('is_reply_user', $replyid)->assign('id', $id)->assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->assign('groups', $inUser->is_admin ? cmsUser::getGroups(true) : array())->assign('friends', cmsUser::getFriends($inUser->id))->assign('id_admin', $inUser->is_admin)->display('com_users_messages_add.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
if (cmsCore::inRequest('gosend')) {
// Кому отправляем
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
$message = cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true);
if (mb_strlen($message) < 2) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$output = cmsCore::callEvent('USER_SEND_MESSEDGE', array('text' => $message, 'to_id' => $id));
$message = $output['text'];
$id = $output['to_id'];
$send_to_group = cmsCore::request('send_to_group', 'int', 0);
$group_id = cmsCore::request('group_id', 'int', 0);
//
// Обычная отправка (1 получатель)
//
if (!cmsCore::inRequest('massmail') && !$send_to_group) {
//отправляем сообщение
$msg_id = cmsUser::sendMessage($inUser->id, $id, $message);
// отправляем уведомление на email если нужно
$model->sendNotificationByEmail($id, $inUser->id, $msg_id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_MESS_OK']));
}
//
// далее идут массовые рассылки, доступные только админам
//
if (!$inUser->is_admin) {
cmsCore::halt();
}
// отправить всем: получаем список всех пользователей
if (cmsCore::inRequest('massmail')) {
$userlist = cmsUser::getAllUsers();
// проверяем что есть кому отправлять
if (!$userlist) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ERR_SEND_MESS']));
}
$count = array();
// отправляем всем по списку
foreach ($userlist as $usr) {
$count[] = cmsUser::sendMessage(USER_MASSMAIL, $usr['id'], $message);
}
cmsCore::jsonOutput(array('error' => false, 'text' => sprintf($_LANG['SEND_MESS_ALL_OK'], sizeof($count))));
}
// отправить группе: получаем список членов группы
if ($send_to_group) {
$count = cmsUser::sendMessageToGroup(USER_MASSMAIL, $group_id, $message);
$success_msg = sprintf($_LANG['SEND_MESS_GROUP_OK'], $count, cmsUser::getGroupTitle($group_id));
cmsCore::jsonOutput(array('error' => false, 'text' => $success_msg));
}
}
}
//============================================================================//
//============================= Удаление сообщения ==========================//
//============================================================================//
if ($do == 'delmessage') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$msg = $inDB->get_fields('cms_user_msg', "id='{$id}'", '*');
if (!$msg) {
cmsCore::halt();
}
$can_delete = $inUser->id == $msg['to_id'] || $inUser->id == $msg['from_id'] ? true : false;
if (!$can_delete && !$inUser->is_admin) {
cmsCore::halt();
}
// Сообщения с from_id < 0
if ($msg['from_id'] < 0) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_NOTICE_DEL_OK'];
}
// мне сообщение от пользователя
if ($msg['to_id'] == $inUser->id && $msg['from_id'] > 0) {
$inDB->query("UPDATE cms_user_msg SET to_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// от меня сообщение
if ($msg['from_id'] == $inUser->id && !$msg['is_new']) {
$inDB->query("UPDATE cms_user_msg SET from_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// отзываем сообщение
if ($msg['from_id'] == $inUser->id && $msg['is_new']) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_BACK_OK'];
}
// удаляем сообщения, которые удалены с двух сторон
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
cmsCore::jsonOutput(array('error' => false, 'text' => $info_text));
}
//============================================================================//
//=========================== Удаление сообщений ============================//
//============================================================================//
if ($do == 'delmessages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if ($inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'in');
if ($opt == 'notices') {
$inDB->query("DELETE FROM cms_user_msg WHERE to_id = '{$id}' AND from_id < 0");
} else {
$del_flag = $opt == 'in' ? 'to_del' : 'from_del';
$id_flag = $opt == 'in' ? 'to_id' : 'from_id';
$inDB->query("UPDATE cms_user_msg SET {$del_flag}=1 WHERE {$id_flag}='{$id}'");
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
}
cmsCore::addSessionMessage($_LANG['MESS_ALL_DEL_OK'], 'info');
cmsCore::redirectBack();
}
//============================================================================//
//============================= Загрузка аватара ============================//
//============================================================================//
if ($do == 'avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['LOAD_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['LOAD_AVATAR']);
if (cmsCore::inRequest('upload')) {
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/';
$inUploadPhoto->dir_medium = 'users/avatars/';
$inUploadPhoto->dir_small = 'users/avatars/small/';
$inUploadPhoto->small_size_w = $model->config['smallw'];
$inUploadPhoto->medium_size_w = $model->config['medw'];
$inUploadPhoto->medium_size_h = $model->config['medh'];
$inUploadPhoto->is_watermark = false;
$inUploadPhoto->input_name = 'picture';
$file = $inUploadPhoto->uploadPhoto($inUser->orig_imageurl);
if (!$file) {
cmsCore::addSessionMessage('<strong>' . $_LANG['ERROR'] . ':</strong> ' . cmsCore::uploadError() . '!', 'error');
cmsCore::redirect('/users/' . $id . '/avatar.html');
}
$sql = "UPDATE cms_user_profiles SET imageurl = '{$file['filename']}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $file['filename'] . '">
</a>'));
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
} else {
cmsPage::initTemplate('components', 'com_users_avatar_upload')->assign('id', $id)->display('com_users_avatar_upload.tpl');
}
}
//============================================================================//
//============================= Библиотека аватаров =========================//
//============================================================================//
if ($do == 'select_avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$avatars_dir = PATH . "/images/users/avatars/library";
$avatars_dir_rel = "/images/users/avatars/library";
$avatars_dir_handle = opendir($avatars_dir);
$avatars = array();
while ($nextfile = readdir($avatars_dir_handle)) {
if ($nextfile != '.' && $nextfile != '..' && (mb_strstr($nextfile, '.gif') || mb_strstr($nextfile, '.jpg') || mb_strstr($nextfile, '.jpeg') || mb_strstr($nextfile, '.png'))) {
$avatars[] = $nextfile;
}
}
closedir($avatars_dir_handle);
if (!cmsCore::inRequest('set_avatar')) {
$inPage->setTitle($_LANG['SELECT_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['SELECT_AVATAR']);
$perpage = 20;
$total = sizeof($avatars);
$avatars = array_slice($avatars, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_avatars')->assign('userid', $id)->assign('avatars', $avatars)->assign('avatars_dir', $avatars_dir_rel)->assign('page', $page)->assign('perpage', $perpage)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/users/%user_id%/select-avatar-%page%.html', array('user_id' => $id)))->display('com_users_avatars.tpl');
} else {
$avatar_id = cmsCore::request('avatar_id', 'int', 0);
$file = $avatars[$avatar_id];
if (file_exists($avatars_dir . '/' . $file)) {
$uploaddir = PATH . '/images/users/avatars/';
$realfile = $file;
$filename = md5($realfile . '-' . $id . '-' . time()) . '.jpg';
$uploadfile = $avatars_dir . '/' . $realfile;
$uploadavatar = $uploaddir . $filename;
$uploadthumb = $uploaddir . 'small/' . $filename;
if ($inUser->orig_imageurl && $inUser->orig_imageurl != 'nopic.jpg') {
@unlink(PATH . '/images/users/avatars/' . $inUser->orig_imageurl);
@unlink(PATH . '/images/users/avatars/small/' . $inUser->orig_imageurl);
}
cmsCore::includeGraphics();
copy($uploadfile, $uploadavatar);
@img_resize($uploadfile, $uploadthumb, $model->config['smallw'], $model->config['smallw']);
$sql = "UPDATE cms_user_profiles SET imageurl = '{$filename}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $filename . '">
</a>'));
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//======================== Работа с фотографиями ============================//
//============================================================================//
if ($do == 'photos') {
if (!$model->config['sw_photo']) {
cmsCore::error404();
}
$pdo = cmsCore::request('pdo', 'str', '');
include 'components/users/photos.php';
}
//============================================================================//
//============================= Друзья пользователя =========================//
//============================================================================//
if ($do == 'friendlist') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$perpage = 10;
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['FRIENDS']);
$inPage->setTitle($_LANG['FRIENDS']);
// все друзья
$friends = cmsUser::getFriends($usr['id']);
// их общее количество
$total = count($friends);
// получаем только нужных на странице
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_friends')->assign('friends', $friends)->assign('usr', $usr)->assign('myprofile', $id == $inUser->id)->assign('total', $total)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/friendlist%page%.html\')'))->display('com_users_friends.tpl');
}
//============================================================================//
//============================= Запрос на дружбу ============================//
//============================================================================//
if ($do == 'addfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
cmsUser::clearSessionFriends();
if (cmsUser::isFriend($id)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['YOU_ARE_BE_FRIENDS']));
}
// проверяем был ли ранее запрос на дружбу
// если был, то делаем accept запросу
$is_need_accept_id = cmsUser::getFriendFieldId($id, 0, 'to_me');
if ($is_need_accept_id) {
$inDB->query("UPDATE cms_user_friends SET is_accepted = 1 WHERE id = '{$is_need_accept_id}'");
//регистрируем событие
cmsActions::log('add_friend', array('object' => $inUser->nickname, 'user_id' => $usr['id'], 'object_url' => cmsUser::getProfileURL($inUser->login), 'object_id' => $is_need_accept_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::callEvent('USER_ACCEPT_FRIEND', $id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_FRIEND_OK'] . $usr['nickname']));
}
// Если пользователь пытается добавиться в друзья к
// пользователю, к которому уже отправил запрос
if (cmsUser::getFriendFieldId($id, 0, 'from_me')) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ADD_TO_FRIEND_SEND_ERR']));
}
// Мы вообще не друзья с пользователем, создаем запрос
cmsUser::addFriend($id);
cmsUser::sendMessage(USER_UPDATER, $id, sprintf($_LANG['RECEIVED_F_O'], cmsUser::getProfileLink($inUser->login, $inUser->nickname), '<a class="ajaxlink" href="javascript:void(0)" onclick="users.acceptFriend(' . $inUser->id . ', this);return false;">' . $_LANG['ACCEPT'] . '</a>', '<a class="ajaxlink" href="javascript:void(0)" onclick="users.rejectFriend(' . $inUser->id . ', this);return false;">' . $_LANG['REJECT'] . '</a>'));
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_TO_FRIEND_SEND']));
}
//============================================================================//
//============================= Прекращение дружбы ==========================//
//============================================================================//
if ($do == 'delfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
if (cmsUser::getFriendFieldId($id)) {
$is_accepted_friend = cmsUser::isFriend($id);
if (cmsUser::deleteFriend($id)) {
// Если подтвержденный друг
if ($is_accepted_friend) {
cmsCore::jsonOutput(array('error' => false, 'text' => $usr['nickname'] . $_LANG['DEL_FRIEND']));
} else {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['REJECT_FRIEND'] . $usr['nickname']));
}
} else {
cmsCore::halt();
}
} else {
cmsCore::halt();
}
}
//============================================================================//
//============================= История кармы ===============================//
//============================================================================//
if ($do == 'karma') {
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['KARMA_HISTORY']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['KARMA_HISTORY']);
cmsPage::initTemplate('components', 'com_users_karma')->assign('karma', $model->getUserKarma($usr['id']))->assign('usr', $usr)->display('com_users_karma.tpl');
}
//============================================================================//
//============================= Изменение кармы =============================//
//============================================================================//
if ($do == 'votekarma') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$points = cmsCore::request('sign', 'str', 'plus') == 'plus' ? 1 : -1;
$to = cmsCore::request('to', 'int', 0);
$user = cmsUser::getShortUserData($to);
if (!$user) {
cmsCore::halt();
}
if (!$model->isUserCanChangeKarma($to)) {
cmsCore::halt();
}
cmsCore::halt(cmsUser::changeKarmaUser($to, $points));
}
//============================================================================//
//======================= Наградить пользователя ============================//
//============================================================================//
if ($do == 'giveaward') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['AWARD_USER']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['AWARD']);
if (!cmsCore::inRequest('gosend')) {
cmsPage::initTemplate('components', 'com_users_awards_give')->assign('usr', $usr)->assign('awardslist', cmsUser::getAwardsImages())->display('com_users_awards_give.tpl');
} else {
$award['title'] = cmsCore::request('title', 'str', $_LANG['AWRD']);
$award['description'] = cmsCore::request('description', 'str', '');
$award['imageurl'] = cmsCore::request('imageurl', 'str', '');
$award['from_id'] = $inUser->id;
$award['id'] = 0;
cmsUser::giveAward($award, $id);
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
}
//============================================================================//
//============================= Удаление награды ============================//
//============================================================================//
if ($do == 'delaward') {
$aw = $inDB->get_fields('cms_user_awards', "id = '{$id}'", '*');
if (!$aw) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $aw['user_id'] && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->delete('cms_user_awards', "id = '{$id}'", 1);
cmsActions::removeObjectLog('add_award', $id);
cmsCore::redirectBack();
}
//============================================================================//
//============================= Награды на сайте ============================//
//============================================================================//
if ($do == 'awardslist') {
$inPage->setTitle($_LANG['SITE_AWARDS']);
$inPage->addPathway($_LANG['SITE_AWARDS']);
$awards = cmsUser::getAutoAwards();
if (!$awards) {
cmsCore::error404();
}
foreach ($awards as $aw) {
//Перебираем все награды и ищем пользователей с текущей наградой
$sql = "SELECT u.id as id, u.nickname as nickname, u.login as login, IFNULL(p.gender, 'm') as gender\r\n FROM cms_user_awards aw\r\n LEFT JOIN cms_users u ON u.id = aw.user_id\r\n LEFT JOIN cms_user_profiles p ON p.user_id = u.id\r\n WHERE aw.award_id = '{$aw['id']}'";
$rs = $inDB->query($sql);
$aw['uhtml'] = '';
if ($inDB->num_rows($rs)) {
while ($user = $inDB->fetch_assoc($rs)) {
$aw['uhtml'] .= cmsUser::getGenderLink($user['id'], $user['nickname'], $user['gender'], $user['login']) . ', ';
}
$aw['uhtml'] = rtrim($aw['uhtml'], ', ');
} else {
$aw['uhtml'] = $_LANG['NOT_USERS_WITH_THIS_AWARD'];
}
$aws[] = $aw;
}
cmsPage::initTemplate('components', 'com_users_awards_site')->assign('aws', $aws)->display('com_users_awards_site.tpl');
}
//============================================================================//
//============================= Удаление профиля ============================//
//============================================================================//
if ($do == 'delprofile') {
// неавторизованным тут делать нечего
if (!$inUser->id) {
cmsCore::error404();
}
// есть ли удаляемый профиль
$data = cmsUser::getShortUserData($id);
if (!$data) {
cmsCore::error404();
}
// владелец профиля или админ
if ($inUser->is_admin) {
// могут ли администраторы удалять профиль
if (!cmsUser::isAdminCan('admin/users', cmsUser::getAdminAccess())) {
cmsCore::error404();
}
// администратор сам себя не удалит
if ($inUser->id == $data['id']) {
cmsCore::error404();
}
} else {
// удаляем только свой профиль
if ($inUser->id != $data['id']) {
cmsCore::error404();
}
}
if (isset($_POST['csrf_token'])) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteUser($id);
if (!$inUser->is_admin) {
session_destroy();
cmsCore::redirect('/logout');
} else {
cmsCore::addSessionMessage($_LANG['DELETING_PROFILE_OK'], 'info');
cmsCore::redirect('/users');
}
} else {
$inPage->setTitle($_LANG['DELETING_PROFILE']);
$inPage->addPathway($data['nickname'], $inUser->getProfileURL($data['login']));
$inPage->addPathway($_LANG['DELETING_PROFILE']);
$confirm['title'] = $_LANG['DELETING_PROFILE'];
$confirm['text'] = '<p>' . $_LANG['REALLY_DEL_PROFILE'] . '</p>';
$confirm['action'] = '/users/' . $id . '/delprofile.html';
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
cmsPage::initTemplate('components', 'action_confirm.tpl')->assign('confirm', $confirm)->display('action_confirm.tpl');
}
}
//============================================================================//
//============================ Восстановить профиль =========================//
//============================================================================//
if ($do == 'restoreprofile') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_deleted = 0 WHERE id = '{$id}'");
cmsCore::redirectBack();
}
//============================================================================//
//============================= Файлы пользователей =========================//
//============================================================================//
if ($do == 'files') {
if (!$model->config['sw_files']) {
cmsCore::error404();
}
$fdo = cmsCore::request('fdo', 'str', '');
include 'components/users/files.php';
}
//============================================================================//
//================================ Инвайты =================================//
//============================================================================//
if ($do == 'invites') {
$reg_cfg = $inCore->loadComponentConfig('registration');
if ($reg_cfg['reg_type'] != 'invite') {
cmsCore::error404();
}
$invites_count = $model->getUserInvitesCount($inUser->id);
if (!$invites_count) {
cmsCore::error404();
}
if (!cmsCore::inRequest('send_invite')) {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_INVITES']);
cmsPage::initTemplate('components', 'com_users_invites')->assign('invites_count', $invites_count)->display('com_users_invites.tpl');
return;
}
if (cmsCore::inRequest('send_invite')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$invite_email = cmsCore::request('invite_email', 'email', '');
if (!$invite_email) {
cmsCore::redirectBack();
}
if ($model->sendInvite($inUser->id, $invite_email)) {
cmsCore::addSessionMessage(sprintf($_LANG['INVITE_SENDED'], $invite_email), 'success');
} else {
cmsCore::addSessionMessage($_LANG['INVITE_ERROR'], 'error');
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
if ($do == 'change_email') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$email = cmsCore::request('email', 'email', '');
$token = cmsCore::request('token', 'str', '');
// не занят ли email
$is_email = $inDB->get_field('cms_users', "email='{$email}'", 'id');
if ($is_email || !$email || !$token) {
cmsCore::error404();
}
// проверяем токен
$valid_id = $inDB->get_field('cms_users_activate', "code='{$token}' AND user_id = '{$inUser->id}'", 'id');
if (!$valid_id) {
cmsCore::error404();
}
$inDB->delete('cms_users_activate', "id = '{$valid_id}'");
// Сохраняем новый email
$inDB->update('cms_users', array('email' => $email), $inUser->id);
cmsCore::addSessionMessage($_LANG['NEW_EMAIL_SAVED'], 'success');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}
function applet_menu()
{
$inCore = cmsCore::getInstance();
$inDB = cmsDatabase::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/menu', $adminAccess)) {
cpAccessDenied();
}
$GLOBALS['cp_page_title'] = $_LANG['AD_MENU'];
cpAddPathway($_LANG['AD_MENU'], 'index.php?view=menu');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'list') {
$toolmenu[] = array('icon' => 'new.gif', 'title' => $_LANG['AD_MENU_POINT_ADD'], 'link' => '?view=menu&do=add');
$toolmenu[] = array('icon' => 'newmenu.gif', 'title' => $_LANG['AD_MENU_ADD'], 'link' => '?view=menu&do=addmenu');
$toolmenu[] = array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=edit&multiple=1');");
$toolmenu[] = array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=delete&multiple=1');");
$toolmenu[] = array('icon' => 'show.gif', 'title' => $_LANG['AD_ALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=show&multiple=1');");
$toolmenu[] = array('icon' => 'hide.gif', 'title' => $_LANG['AD_DISALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=hide&multiple=1');");
$toolmenu[] = array('icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=menu');
cpToolMenu($toolmenu);
$fields[] = array('title' => 'Lt', 'field' => 'NSLeft', 'width' => '30');
$fields[] = array('title' => $_LANG['TITLE'], 'field' => 'title', 'width' => '', 'link' => '?view=menu&do=edit&id=%id%');
$fields[] = array('title' => $_LANG['SHOW'], 'field' => 'published', 'width' => '60');
$fields[] = array('title' => $_LANG['AD_ORDER'], 'field' => 'ordering', 'width' => '100');
$fields[] = array('title' => $_LANG['AD_LINK'], 'field' => array('linktype', 'linkid', 'link'), 'width' => '240', 'prc' => 'cpMenutypeById');
$fields[] = array('title' => $_LANG['AD_MENU'], 'field' => 'menu', 'width' => '70', 'filter' => '10', 'filterlist' => cpGetList('menu'), 'prc' => 'list_menu');
$fields[] = array('title' => $_LANG['TEMPLATE'], 'field' => 'template', 'width' => '70', 'prc' => 'cpTemplateById');
$actions[] = array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=menu&do=edit&id=%id%');
$actions[] = array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_MENU_POINT_CONFIRM'], 'link' => '?view=menu&do=delete&id=%id%');
cpListTable('cms_menu', $fields, $actions, 'parent_id>0', 'NSLeft, ordering');
} else {
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=menu');
cpToolMenu($toolmenu);
}
if ($do == 'move_up') {
$inDB->moveNsCategory('cms_menu', $id, 'up');
cmsCore::redirectBack();
}
if ($do == 'move_down') {
$inDB->moveNsCategory('cms_menu', $id, 'down');
cmsCore::redirectBack();
}
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbShow('cms_menu', $id);
}
echo '1';
exit;
} else {
dbShowList('cms_menu', $_REQUEST['item']);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbHide('cms_menu', $id);
}
echo '1';
exit;
} else {
dbHideList('cms_menu', cmsCore::request('item', 'array_int', array()));
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
$inDB->deleteNS('cms_menu', (int) $id);
}
} else {
$items = cmsCore::request('item', 'array_int', array());
foreach ($items as $item_id) {
$inDB->deleteNS('cms_menu', $item_id);
}
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$id = cmsCore::request('id', 'int', 0);
if (!$id) {
cmsCore::redirectBack();
}
$title = cmsCore::request('title', 'str', '');
$menu = cmsCore::arrayToYaml(cmsCore::request('menu', 'array_str', ''));
$linktype = cmsCore::request('mode', 'str', '');
$linkid = cmsCore::request($linktype, 'str', '');
$link = $inCore->getMenuLink($linktype, $linkid);
$target = cmsCore::request('target', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$template = cmsCore::request('template', 'str', '');
$iconurl = cmsCore::request('iconurl', 'str', '');
$parent_id = cmsCore::request('parent_id', 'int', 0);
$oldparent = cmsCore::request('oldparent', 'int', 0);
$is_lax = cmsCore::request('is_lax', 'int', 0);
$css_class = cmsCore::request('css_class', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$ns = $inCore->nestedSetsInit('cms_menu');
if ($oldparent != $parent_id) {
$ns->MoveNode($id, $parent_id);
}
$sql = "UPDATE cms_menu\n SET title='{$title}',\n css_class='{$css_class}',\n menu='{$menu}',\n link='{$link}',\n linktype='{$linktype}',\n linkid='{$linkid}',\n target='{$target}',\n published='{$published}',\n template='{$template}',\n access_list='{$access_list}',\n is_lax='{$is_lax}',\n iconurl='{$iconurl}'\n WHERE id = '{$id}'\n LIMIT 1";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
if (!isset($_SESSION['editlist']) || @sizeof($_SESSION['editlist']) == 0) {
cmsCore::redirect('?view=menu');
} else {
cmsCore::redirect('?view=menu&do=edit');
}
}
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$title = cmsCore::request('title', 'str', '');
$menu = cmsCore::arrayToYaml(cmsCore::request('menu', 'array_str', ''));
$linktype = cmsCore::request('mode', 'str', '');
$linkid = cmsCore::request($linktype, 'str', '');
$link = $inCore->getMenuLink($linktype, $linkid);
$target = cmsCore::request('target', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$template = cmsCore::request('template', 'str', '');
$iconurl = cmsCore::request('iconurl', 'str', '');
$parent_id = cmsCore::request('parent_id', 'int', 0);
$css_class = cmsCore::request('css_class', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
$is_lax = cmsCore::request('is_lax', 'int', 0);
if (!$is_public) {
$access_list = cmsCore::arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$ns = $inCore->nestedSetsInit('cms_menu');
$myid = $ns->AddNode($parent_id);
$sql = "UPDATE cms_menu\n\t\t\t\tSET menu='{$menu}',\n\t\t\t\t\ttitle='{$title}',\n css_class='{$css_class}',\n\t\t\t\t\tlink='{$link}',\n\t\t\t\t\tlinktype='{$linktype}',\n\t\t\t\t\tlinkid='{$linkid}',\n\t\t\t\t\ttarget='{$target}',\n\t\t\t\t\tpublished='{$published}',\n\t\t\t\t\ttemplate='{$template}',\n\t\t\t\t\taccess_list='{$access_list}',\n\t\t\t\t\tis_lax='{$is_lax}',\n\t\t\t\t\ticonurl='{$iconurl}'\n\t\t\t\tWHERE id = '{$myid}'";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('?view=menu');
}
if ($do == 'submitmenu') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$sql = "SELECT ordering as max_o FROM cms_modules ORDER BY ordering DESC LIMIT 1";
$result = $inDB->query($sql);
$row = $inDB->fetch_assoc($result);
$maxorder = $row['max_o'] + 1;
$menu = cmsCore::request('menu', 'str', '');
$title = cmsCore::request('title', 'str', '');
$position = cmsCore::request('position', 'str', '');
$published = cmsCore::request('published', 'int', 0);
$css_prefix = cmsCore::request('css_prefix', 'str', '');
$is_public = cmsCore::request('is_public', 'int', '');
if (!$is_public) {
$access_list = $inCore->arrayToYaml(cmsCore::request('allow_group', 'array_int'));
}
$cfg['menu'] = $menu;
$cfg_str = cmsCore::arrayToYaml($cfg);
$sql = "INSERT INTO cms_modules (position, name, title, is_external, content, ordering, showtitle, published, user, config, css_prefix, access_list)\n VALUES ('{$position}', '{$_LANG['AD_MENU']}', '{$title}', 1, 'mod_menu', {$maxorder}, 1, {$published}, 0, '{$cfg_str}', '{$css_prefix}', '{$access_list}')";
$inDB->query($sql);
$newid = $inDB->get_last_id('cms_modules');
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirect('?view=modules&do=edit&id=' . $newid);
}
if ($do == 'addmenu' || $do == 'add' || $do == 'edit') {
$GLOBALS['cp_page_head'][] = '<script language="JavaScript" type="text/javascript" src="js/menu.js"></script>';
echo '<script>';
echo cmsPage::getLangJS('AD_SPECIFY_LINK_MENU');
echo '</script>';
}
if ($do == 'addmenu') {
$GLOBALS['cp_page_title'] = $_LANG['AD_MENU_ADD'];
cpAddPathway($_LANG['AD_MENU_ADD']);
$menu_list = cpGetList('menu');
?>
<form id="addform" name="addform" action="index.php?view=menu&do=submitmenu" method="post">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<table class="proptable" width="650" cellspacing="10" cellpadding="10">
<tr>
<td width="300" valign="top">
<strong><?php
echo $_LANG['AD_MODULE_MENU_TITLE'];
?>
</strong>
</td>
<td valign="top">
<input name="title" type="text" id="title2" style="width:99%" value=""/>
</td>
</tr>
<tr>
<td valign="top">
<strong><?php
echo $_LANG['AD_MENU_TO_VIEW'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_TO_CREATE_NEW_POINT'];
?>
</span>
</td>
<td valign="top">
<select name="menu" id="menu" style="width:99%">
<?php
foreach ($menu_list as $menu) {
?>
<option value="<?php
echo $menu['id'];
?>
">
<?php
echo $menu['title'];
?>
</option>
<?php
}
?>
</select>
</td>
</tr>
<tr>
<td valign="top">
<strong><?php
echo $_LANG['AD_POSITION_TO_VIEW'];
?>
</strong><br />
<span class="hinttext"><?php
echo $_LANG['AD_POSITION_MUST_BE'];
?>
</span>
</td>
<td valign="top">
<?php
$pos = cpModulePositions(cmsConfig::getConfig('template'));
?>
<select name="position" id="position" style="width:99%">
<?php
if ($pos) {
foreach ($pos as $key => $position) {
if (@$mod['position'] == $position) {
echo '<option value="' . $position . '" selected>' . $position . '</option>';
} else {
echo '<option value="' . $position . '">' . $position . '</option>';
}
}
}
?>
</select>
<input name="is_external" type="hidden" id="is_external" value="0" />
</td>
</tr>
<tr>
<td valign="top"><strong><?php
echo $_LANG['AD_MENU_PUBLIC'];
?>
</strong></td>
<td valign="top">
<label><input name="published" type="radio" value="1" checked="checked" <?php
if (@$mod['published']) {
echo 'checked="checked"';
}
?>
/> <?php
echo $_LANG['YES'];
?>
</label>
<label><input name="published" type="radio" value="0" <?php
if (@(!$mod['published'])) {
echo 'checked="checked"';
}
?>
/> <?php
echo $_LANG['NO'];
?>
</label>
</td>
</tr>
<tr>
<td valign="top"><strong><?php
echo $_LANG['AD_PREFIX_CSS'];
?>
</strong></td>
<td valign="top">
<input name="css_prefix" type="text" id="css_prefix" value="<?php
echo @$mod['css_prefix'];
?>
" style="width:99%" />
</td>
</tr>
<tr>
<td valign="top">
<strong><?php
echo $_LANG['AD_TAB_ACCESS'];
?>
:</strong><br />
<span class="hinttext"><?php
echo $_LANG['AD_GROUP_ACCESS'];
?>
</span>
</td>
<td valign="top">
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<?php
$groups = cmsUser::getGroups();
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
if ($mod['access_list']) {
$public = '';
$style = '';
$access_list = $inCore->yamlToArray($mod['access_list']);
}
}
?>
<input name="is_public" type="checkbox" id="is_public" onclick="checkAccesList()" value="1" <?php
echo $public;
?>
/>
</td>
<td><label for="is_public"><strong><?php
echo $_LANG['AD_SHARE'];
?>
</strong></label></td>
</tr>
</table>
<div style="padding:5px">
<span class="hinttext">
<?php
echo $_LANG['AD_VIEW_IF_CHECK'];
?>
</span>
</div>
<div style="margin-top:10px;padding:5px;padding-right:0px;" id="grp">
<div>
<strong><?php
echo $_LANG['AD_GROUPS_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<?php
echo '<select style="width: 99%" name="allow_group[]" id="allow_group" size="6" multiple="multiple" ' . $style . '>';
if ($groups) {
foreach ($groups as $group) {
echo '<option value="' . $group['id'] . '"';
if ($do == 'edit') {
if (inArray($access_list, $group['id'])) {
echo 'selected="selected"';
}
}
echo '>';
echo $group['title'] . '</option>';
}
}
echo '</select>';
?>
</div>
</div>
</td>
</tr>
<tr>
<td colspan="2" valign="top">
<div style="padding:10px;margin:4px;background-color:#EBEBEB;border:solid 1px gray">
<?php
echo $_LANG['AD_NEW_MENU_NEW_MODULE'];
?>
</div>
</td>
</tr>
</table>
<div style="margin-top:5px">
<input name="save" type="submit" id="save" value="<?php
echo $_LANG['AD_MENU_ADD'];
?>
" />
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.location.href='index.php?view=menu';" />
</div>
</form>
<?php
}
if ($do == 'add' || $do == 'edit') {
require '../includes/jwtabs.php';
$GLOBALS['cp_page_head'][] = jwHeader();
$menu_list = cpGetList('menu');
if ($do == 'add') {
cpAddPathway($_LANG['AD_MENU_POINT_ADD']);
$mod['menu'] = array('mainmenu');
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = $inDB->get_fields('cms_menu', "id = '{$item_id}'", '*');
if (!$mod) {
cmsCore::error404();
}
$mod['menu'] = cmsCore::yamlToArray($mod['menu']);
cpAddPathway($_LANG['AD_MENU_POINT_EDIT'] . $ostatok . ' "' . $mod['title'] . '"');
}
?>
<form id="addform" name="addform" method="post" action="index.php">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<input type="hidden" name="view" value="menu" />
<table class="proptable" width="100%" cellpadding="15" cellspacing="2">
<tr>
<td valign="top">
<div><strong><?php
echo $_LANG['AD_MENU_POINT_TITLE'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_VIEW_IN_SITE'];
?>
</span></div>
<div><input name="title" type="text" id="title" style="width:100%" value="<?php
echo htmlspecialchars($mod['title']);
?>
" /></div>
<div><strong><?php
echo $_LANG['AD_PARENT_POINT'];
?>
</strong></div>
<div>
<?php
$rootid = $inDB->get_field('cms_menu', 'parent_id=0', 'id');
?>
<select name="parent_id" size="10" id="parent_id" style="width:100%">
<option value="<?php
echo $rootid;
?>
" <?php
if (@$mod['parent_id'] == $rootid || !isset($mod['parent_id'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_MENU_ROOT'];
?>
</option>
<?php
if (isset($mod['parent_id'])) {
echo $inCore->getListItemsNS('cms_menu', $mod['parent_id']);
} else {
echo $inCore->getListItemsNS('cms_menu');
}
?>
</select>
<input type="hidden" name="oldparent" value="<?php
echo @$mod['parent_id'];
?>
" />
</div>
<div><strong><?php
echo $_LANG['AD_MENU_POINT_ACTION'];
?>
</strong></div>
<div>
<select name="mode" id="linktype" style="width:100%" onchange="showMenuTarget()">
<option value="link" <?php
if (@$mod['linktype'] == 'link' || !isset($mod['mode'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_LINK'];
?>
</option>
<option value="content" <?php
if (@$mod['linktype'] == 'content') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_ARTICLE'];
?>
</option>
<option value="category" <?php
if (@$mod['linktype'] == 'category') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_PARTITION'];
?>
</option>
<?php
if ($inCore->isComponentInstalled('video')) {
?>
<option value="video_cat" <?php
if (@$mod['linktype'] == 'video_cat') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_VIDEO_PARTITION'];
?>
</option>
<?php
}
?>
<option value="component" <?php
if (@$mod['linktype'] == 'component') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_COMPONENT'];
?>
</option>
<option value="blog" <?php
if (@$mod['linktype'] == 'blog') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_BLOG'];
?>
</option>
<option value="uccat" <?php
if (@$mod['linktype'] == 'uccat') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_CATEGORY'];
?>
</option>
<option value="photoalbum" <?php
if (@$mod['linktype'] == 'photoalbum') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_OPEN_ALBUM'];
?>
</option>
</select>
</div>
<div id="t_link" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'link' || $mod['linktype'] == 'ext' || !$mod['linktype']) {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_LINK'];
?>
</strong> <span class="hinttext">— <?php
echo $_LANG['AD_LINK_HINT'];
?>
<b>http://</b></span>
</div>
<div>
<input name="link" type="text" id="link" size="50" style="width:100%" <?php
if (@$mod['linktype'] == 'link' || @$mod['linktype'] == 'ext') {
echo 'value="' . $mod['link'] . '"';
}
?>
/>
</div>
</div>
<div id="t_content" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'content') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_ARTICLE'];
?>
</strong>
</div>
<div>
<select name="content" id="content" style="width:100%">
<?php
if (@$mod['linktype'] == 'content') {
echo $inCore->getListItems('cms_content', $mod['linkid']);
} else {
echo $inCore->getListItems('cms_content');
}
?>
</select>
</div>
</div>
<?php
if ($inCore->isComponentInstalled('video')) {
?>
<div id="t_video_cat" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'video_cat') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_PARTITION'];
?>
</strong>
</div>
<div>
<select name="video_cat" id="video_cat" style="width:100%">
<?php
if (@$mod['linktype'] == 'video_cat') {
echo $inCore->getListItemsNS('cms_video_category', $mod['linkid']);
} else {
echo $inCore->getListItemsNS('cms_video_category');
}
?>
</select>
</div>
</div>
<?php
}
?>
<div id="t_category" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'category') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_PARTITION'];
?>
</strong>
</div>
<div>
<select name="category" id="category" style="width:100%">
<?php
if (@$mod['linktype'] == 'category') {
echo $inCore->getListItemsNS('cms_category', $mod['linkid']);
} else {
echo $inCore->getListItemsNS('cms_category');
}
?>
</select>
</div>
</div>
<div id="t_component" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'component') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_COMPONENT'];
?>
</strong>
</div>
<div>
<select name="component" id="component" style="width:100%">
<?php
if (@$mod['linktype'] == 'component') {
echo $inCore->getListItems('cms_components', $mod['linkid'], 'title', 'asc', 'internal=0', 'link');
} else {
echo $inCore->getListItems('cms_components', 0, 'title', 'asc', 'internal=0', 'link');
}
?>
</select>
</div>
</div>
<div id="t_blog" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'blog') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_BLOG'];
?>
</strong>
</div>
<div>
<select name="blog" id="blog" style="width:100%">
<?php
if (@$mod['linktype'] == 'blog') {
echo $inCore->getListItems('cms_blogs', $mod['linkid'], 'title', 'asc', "owner='user'");
} else {
echo $inCore->getListItems('cms_blogs', 0, 'title', 'asc', "owner='user'");
}
?>
</select>
</div>
</div>
<div id="t_uccat" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'uccat') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_CATEGORY'];
?>
</strong>
</div>
<div>
<select name="uccat" id="uccat" style="width:100%">
<?php
if (@$mod['linktype'] == 'uccat') {
echo $inCore->getListItems('cms_uc_cats', $mod['linkid']);
} else {
echo $inCore->getListItems('cms_uc_cats');
}
?>
</select>
</div>
</div>
<div id="t_photoalbum" class="menu_target" style="display:<?php
if ($mod['linktype'] == 'photoalbum') {
echo 'block';
} else {
echo 'none';
}
?>
">
<div>
<strong><?php
echo $_LANG['AD_CHECK_ALBUM'];
?>
</strong>
</div>
<div>
<select name="photoalbum" id="photoalbum" style="width:100%">
<?php
if (@$mod['linktype'] == 'photoalbum') {
echo $inCore->getListItems('cms_photo_albums', $mod['linkid'], 'id', 'ASC', 'NSDiffer = ""');
} else {
echo $inCore->getListItems('cms_photo_albums', 0, 'id', 'ASC', 'NSDiffer = ""');
}
?>
</select>
</div>
</div>
</td>
<td width="300" valign="top" style="background:#ECECEC;">
<?php
ob_start();
?>
{tab=<?php
echo $_LANG['AD_TAB_PUBLISH'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20"><input type="checkbox" name="published" id="published" value="1" <?php
if ($mod['published'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="published"><strong><?php
echo $_LANG['AD_MENU_POINT_PUBLIC'];
?>
</strong></label></td>
</tr>
</table>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_OPEN_POINT'];
?>
</strong>
</div>
<div>
<select name="target" id="target" style="width:100%">
<option value="_self" <?php
if (@$mod['target'] == '_self') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_SELF'];
?>
</option>
<option value="_parent"><?php
echo $_LANG['AD_PARENT'];
?>
</option>
<option value="_blank" <?php
if (@$mod['target'] == '_blank') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BLANK'];
?>
</option>
<option value="_top" <?php
if (@$mod['target'] == '_top') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_TOP'];
?>
</option>
</select>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['TEMPLATE'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_DESIGN_CHANGE'];
?>
</span>
</div>
<div>
<select name="template" id="template" style="width:100%">
<option value="0" <?php
if (@$mod['template'] == 0 || !$mod['template']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_DEFAULT'];
?>
</option>
<?php
$templates = cmsCore::getDirsList('/templates');
foreach ($templates as $template) {
echo '<option value="' . $template . '" ' . (@$mod['template'] == $template ? 'selected="selected"' : '') . '>' . $template . '</option>';
}
?>
</select>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_ICON_PICTURE'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_ICON_FILENAME'];
?>
</span>
</div>
<div>
<input name="iconurl" type="text" id="iconurl" size="30" value="<?php
echo @$mod['iconurl'];
?>
" style="width:100%"/>
<div>
<a id="iconlink" style="display:block;" href="javascript:showIcons()"><?php
echo $_LANG['AD_CHECK_ICON'];
?>
</a>
<div id="icondiv" style="display:none; padding:6px;border:solid 1px gray;background:#FFF">
<div><?php
iconList();
?>
</div>
</div>
</div>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_CSS_CLASS'];
?>
</strong>
</div>
<div>
<input name="css_class" type="text" size="30" value="<?php
echo @$mod['css_class'];
?>
" style="width:100%"/>
</div>
{tab=<?php
echo $_LANG['AD_TAB_ACCESS'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<?php
$groups = cmsUser::getGroups();
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
if ($mod['access_list']) {
$public = '';
$style = '';
$access_list = $inCore->yamlToArray($mod['access_list']);
}
}
?>
<input name="is_public" type="checkbox" id="is_public" onclick="checkAccesList()" value="1" <?php
echo $public;
?>
/>
</td>
<td><label for="is_public"><strong><?php
echo $_LANG['AD_SHARE'];
?>
</strong></label></td>
</tr>
</table>
<div style="padding:5px">
<span class="hinttext">
<?php
echo $_LANG['AD_VIEW_IF_CHECK'];
?>
</span>
</div>
<div style="margin-top:10px;padding:5px;padding-right:0px;" id="grp">
<div>
<strong><?php
echo $_LANG['AD_GROUPS_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<?php
echo '<select style="width: 99%" name="allow_group[]" id="allow_group" size="6" multiple="multiple" ' . $style . '>';
if ($groups) {
foreach ($groups as $group) {
echo '<option value="' . $group['id'] . '"';
if ($do == 'edit' && $mod['access_list']) {
if (inArray($access_list, $group['id'])) {
echo 'selected="selected"';
}
}
echo '>';
echo $group['title'] . '</option>';
}
}
echo '</select>';
?>
</div>
</div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<input name="is_lax" type="checkbox" id="is_lax" value="1" <?php
if (@$mod['is_lax']) {
?>
checked="checked"<?php
}
?>
/>
</td>
<td><label for="is_lax"><strong><?php
echo $_LANG['AD_ONLY_CHILD_ITEM'];
?>
</strong></label></td>
</tr>
</table>
{tab=<?php
echo $_LANG['AD_MENU'];
?>
}
<div style="padding:5px;padding-right:0px;">
<div>
<strong><?php
echo $_LANG['AD_MENU_TO_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<select style="width: 99%" name="menu[]" size="9" multiple="multiple">
<?php
foreach ($menu_list as $menu) {
?>
<option value="<?php
echo $menu['id'];
?>
" <?php
if (@in_array($menu['id'], @$mod['menu'])) {
echo 'selected="selected"';
}
?>
>
<?php
echo $menu['title'];
?>
</option>
<?php
}
?>
</select>
</div>
</div>
{/tabs}
<?php
echo jwTabs(ob_get_clean());
?>
</td>
</tr>
</table>
<p>
<input name="add_mod" type="button" onclick="submitItem()" id="add_mod" value="<?php
echo $_LANG['SAVE'];
?>
" />
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.location.href='index.php?view=menu';" />
<input name="do" type="hidden" id="do" <?php
if ($do == 'add') {
echo 'value="submit"';
} else {
echo 'value="update"';
}
?>
/>
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="' . $mod['id'] . '" />';
}
?>
</p>
</form>
<?php
}
}
function applet_content()
{
$inCore = cmsCore::getInstance();
$inUser = cmsUser::getInstance();
$inDB = cmsDatabase::getInstance();
global $_LANG;
//check access
global $adminAccess;
if (!cmsUser::isAdminCan('admin/content', $adminAccess)) {
cpAccessDenied();
}
$cfg = $inCore->loadComponentConfig('content');
cmsCore::loadModel('content');
$model = new cms_model_content();
$GLOBALS['cp_page_title'] = $_LANG['AD_ARTICLES'];
cpAddPathway($_LANG['AD_ARTICLES'], 'index.php?view=tree');
$do = cmsCore::request('do', 'str', 'add');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'arhive_on') {
$inDB->query("UPDATE cms_content SET is_arhive = 1 WHERE id = '{$id}'");
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_TO_ARHIVE'], 'success');
cmsCore::redirectBack();
}
if ($do == 'move') {
$item_id = cmsCore::request('id', 'int', 0);
$cat_id = cmsCore::request('cat_id', 'int', 0);
$dir = $_REQUEST['dir'];
$step = 1;
$model->moveItem($item_id, $cat_id, $dir, $step);
echo '1';
exit;
}
if ($do == 'move_to_cat') {
$items = cmsCore::request('item', 'array_int');
$to_cat_id = cmsCore::request('obj_id', 'int', 0);
if ($items && $to_cat_id) {
$last_ordering = (int) $inDB->get_field('cms_content', "category_id = '{$to_cat_id}' ORDER BY ordering DESC", 'ordering');
foreach ($items as $item_id) {
$article = $model->getArticle($item_id);
if (!$article) {
continue;
}
$last_ordering++;
$model->updateArticle($article['id'], array('category_id' => $to_cat_id, 'ordering' => $last_ordering, 'url' => $article['url'], 'title' => $inDB->escape_string($article['title']), 'id' => $article['id'], 'user_id' => $article['user_id']));
}
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_TO'], 'success');
}
cmsCore::redirect('?view=tree&cat_id=' . $to_cat_id);
}
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbShow('cms_content', $id);
}
echo '1';
exit;
} else {
dbShowList('cms_content', cmsCore::request('item', 'array_int'));
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbHide('cms_content', $id);
}
echo '1';
exit;
} else {
dbHideList('cms_content', cmsCore::request('item', 'array_int'));
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
$model->deleteArticle($id);
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_REMOVE'], 'success');
}
} else {
$model->deleteArticles(cmsCore::request('item', 'array_int'));
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_REMOVE'], 'success');
}
cmsCore::redirectBack();
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if (isset($_REQUEST['id'])) {
$id = cmsCore::request('id', 'int', 0);
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['title'] = cmsCore::request('title', 'str');
$article['url'] = cmsCore::request('url', 'str');
$article['showtitle'] = cmsCore::request('showtitle', 'int', 0);
$article['description'] = cmsCore::request('description', 'html', '');
$article['description'] = $inDB->escape_string($article['description']);
$article['content'] = cmsCore::request('content', 'html', '');
$article['content'] = $inDB->escape_string($article['content']);
$article['for_img'] = cmsCore::request('for_img', 'html', '');
$article['for_img'] = $inDB->escape_string($article['for_img']);
$article['published'] = cmsCore::request('published', 'int', 0);
$article['showdate'] = cmsCore::request('showdate', 'int', 0);
$article['showlatest'] = cmsCore::request('showlatest', 'int', 0);
$article['show_in_new'] = cmsCore::request('show_in_new', 'int', 0);
//new
$article['show_in_footer'] = cmsCore::request('show_in_footer', 'int', 0);
//new
$article['showpath'] = cmsCore::request('showpath', 'int', 0);
$article['comments'] = cmsCore::request('comments', 'int', 0);
$article['canrate'] = cmsCore::request('canrate', 'int', 0);
$article['add_text'] = cmsCore::request('add_text', 'str');
$enddate = explode('.', cmsCore::request('enddate', 'str'));
$article['enddate'] = $enddate[2] . '-' . $enddate[1] . '-' . $enddate[0];
$article['is_end'] = cmsCore::request('is_end', 'int', 0);
$article['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$article['tags'] = cmsCore::request('tags', 'str');
$olddate = cmsCore::request('olddate', 'str', '');
$pubdate = cmsCore::request('pubdate', 'str', '');
$article['user_id'] = cmsCore::request('user_id', 'int', $inUser->id);
$article['tpl'] = cmsCore::request('tpl', 'str', 'com_content_read.tpl');
$date = explode('.', $pubdate);
$article['pubdate'] = $date[2] . '-' . $date[1] . '-' . $date[0] . ' ' . date('H:i');
$autokeys = cmsCore::request('autokeys', 'int');
switch ($autokeys) {
case 1:
$article['meta_keys'] = $inCore->getKeywords($article['content']);
$article['meta_desc'] = $article['title'];
break;
case 2:
$article['meta_desc'] = strip_tags($article['description']);
$article['meta_keys'] = $article['tags'];
break;
case 3:
$article['meta_desc'] = cmsCore::request('meta_desc', 'str');
$article['meta_keys'] = cmsCore::request('meta_keys', 'str');
break;
}
$model->updateArticle($id, $article);
if (!cmsCore::request('is_public', 'int', 0)) {
$showfor = $_REQUEST['showfor'];
cmsCore::setAccess($id, $showfor, 'material');
} else {
cmsCore::clearAccess($id, 'material');
}
if (isset($_SESSION['lang']) && $_SESSION['lang'] != 'ru') {
$file = 'article' . $id . '_' . $_SESSION['lang'] . '.jpg';
} else {
$file = 'article' . $id . '.jpg';
}
//$file = 'article'.$id.'.jpg';
if (cmsCore::request('delete_image', 'int', 0)) {
@unlink(PATH . "/images/photos/small/{$file}");
@unlink(PATH . "/images/photos/medium/{$file}");
} else {
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $model->config['img_small_w'];
$inUploadPhoto->medium_size_w = $model->config['img_big_w'];
$inUploadPhoto->thumbsqr = $model->config['img_sqr'];
$inUploadPhoto->is_watermark = $model->config['watermark'];
$inUploadPhoto->input_name = 'picture';
$inUploadPhoto->filename = $file;
// Процесс загрузки фото
$inUploadPhoto->uploadPhoto();
}
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_SAVE'], 'success');
if (!isset($_SESSION['editlist']) || @sizeof($_SESSION['editlist']) == 0) {
cmsCore::redirect('?view=tree&cat_id=' . $article['category_id']);
} else {
cmsCore::redirect('?view=content&do=edit');
}
}
}
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['title'] = cmsCore::request('title', 'str');
$article['url'] = cmsCore::request('url', 'str');
$article['showtitle'] = cmsCore::request('showtitle', 'int', 0);
$article['description'] = cmsCore::request('description', 'html', '');
$article['description'] = $inDB->escape_string($article['description']);
$article['content'] = cmsCore::request('content', 'html', '');
$article['content'] = $inDB->escape_string($article['content']);
$article['for_img'] = cmsCore::request('for_img', 'html', '');
$article['for_img'] = $inDB->escape_string($article['for_img']);
$article['published'] = cmsCore::request('published', 'int', 0);
$article['showdate'] = cmsCore::request('showdate', 'int', 0);
$article['showlatest'] = cmsCore::request('showlatest', 'int', 0);
$article['show_in_new'] = cmsCore::request('show_in_new', 'int', 0);
//new
$article['show_in_footer'] = cmsCore::request('show_in_footer', 'int', 0);
//new
$article['showpath'] = cmsCore::request('showpath', 'int', 0);
$article['comments'] = cmsCore::request('comments', 'int', 0);
$article['canrate'] = cmsCore::request('canrate', 'int', 0);
$article['add_text'] = cmsCore::request('add_text', 'str');
$enddate = explode('.', cmsCore::request('enddate', 'str'));
$article['enddate'] = $enddate[2] . '-' . $enddate[1] . '-' . $enddate[0];
$article['is_end'] = cmsCore::request('is_end', 'int', 0);
$article['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$article['tags'] = cmsCore::request('tags', 'str');
$article['pubdate'] = $_REQUEST['pubdate'];
$date = explode('.', $article['pubdate']);
$article['pubdate'] = $date[2] . '-' . $date[1] . '-' . $date[0] . ' ' . date('H:i');
$article['user_id'] = cmsCore::request('user_id', 'int', $inUser->id);
$article['tpl'] = cmsCore::request('tpl', 'str', 'com_content_read.tpl');
$autokeys = cmsCore::request('autokeys', 'int');
switch ($autokeys) {
case 1:
$article['meta_keys'] = $inCore->getKeywords($article['content']);
$article['meta_desc'] = $article['title'];
break;
case 2:
$article['meta_desc'] = strip_tags($article['description']);
$article['meta_keys'] = $article['tags'];
break;
case 3:
$article['meta_desc'] = cmsCore::request('meta_desc', 'str');
$article['meta_keys'] = cmsCore::request('meta_keys', 'str');
break;
}
$article['id'] = $model->addArticle($article);
if (!cmsCore::request('is_public', 'int', 0)) {
$showfor = $_REQUEST['showfor'];
if (sizeof($showfor) > 0 && !cmsCore::request('is_public', 'int', 0)) {
cmsCore::setAccess($article['id'], $showfor, 'material');
}
}
$inmenu = cmsCore::request('createmenu', 'str', '');
if ($inmenu) {
createMenuItem($inmenu, $article['id'], $article['title']);
}
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $model->config['img_small_w'];
$inUploadPhoto->medium_size_w = $model->config['img_big_w'];
$inUploadPhoto->thumbsqr = $model->config['img_sqr'];
$inUploadPhoto->is_watermark = $model->config['watermark'];
$inUploadPhoto->input_name = 'picture';
$inUploadPhoto->filename = 'article' . $article['id'] . '.jpg';
// Процесс загрузки фото
$inUploadPhoto->uploadPhoto();
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_ADD'], 'success');
cmsCore::redirect('?view=tree&cat_id=' . $article['category_id']);
}
if ($do == 'add' || $do == 'edit') {
require '../includes/jwtabs.php';
$GLOBALS['cp_page_head'][] = jwHeader();
$toolmenu = array();
$toolmenu[0]['icon'] = 'save.gif';
$toolmenu[0]['title'] = $_LANG['SAVE'];
$toolmenu[0]['link'] = 'javascript:document.addform.submit();';
$toolmenu[1]['icon'] = 'cancel.gif';
$toolmenu[1]['title'] = $_LANG['CANCEL'];
$toolmenu[1]['link'] = 'javascript:history.go(-1);';
cpToolMenu($toolmenu);
$menu_list = cpGetList('menu');
if ($do == 'add') {
echo '<h3>' . $_LANG['AD_CREATE_ARTICLE'] . '</h3>';
cpAddPathway($_LANG['AD_CREATE_ARTICLE'], 'index.php?view=content&do=add');
$mod['category_id'] = (int) $_REQUEST['to'];
$mod['showpath'] = 1;
$mod['tpl'] = 'com_content_read.tpl';
} else {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = $_REQUEST['item'];
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$id = (int) $_REQUEST['id'];
}
$sql = "SELECT *, (TO_DAYS(enddate) - TO_DAYS(CURDATE())) as daysleft, DATE_FORMAT(pubdate, '%d.%m.%Y') as pubdate, DATE_FORMAT(enddate, '%d.%m.%Y') as enddate\n\t\t\t\t\t FROM cms_content\n\t\t\t\t\t WHERE id = {$id} LIMIT 1";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)) {
$mod = $inDB->fetch_assoc($result);
}
echo '<h3>' . $_LANG['AD_EDIT_ARTICLE'] . $ostatok . '</h3>';
cpAddPathway($mod['title'], 'index.php?view=content&do=edit&id=' . $mod['id']);
}
?>
<form id="addform" name="addform" method="post" action="index.php" enctype="multipart/form-data">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<input type="hidden" name="view" value="content" />
<table class="proptable" width="100%" cellpadding="5" cellspacing="2">
<tr>
<!-- главная ячейка -->
<td valign="top">
<table width="100%" cellpadding="0" cellspacing="4" border="0">
<tr>
<td valign="top">
<div><strong><?php
echo $_LANG['AD_ARTICLE_NAME'];
?>
</strong></div>
<div>
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td><input name="title" type="text" id="title" style="width:100%" value="<?php
echo htmlspecialchars($mod['title']);
?>
" /></td>
<td style="width:15px;padding-left:10px;padding-right:10px;">
<input type="checkbox" title="<?php
echo $_LANG['AD_VIEW_TITLE'];
?>
" name="showtitle" <?php
if ($mod['showtitle'] || $do == 'add') {
echo 'checked="checked"';
}
?>
value="1">
</td>
</tr>
</table>
</div>
</td>
<td width="130" valign="top">
<div><strong><?php
echo $_LANG['AD_PUBLIC_DATE'];
?>
</strong></div>
<div>
<input name="pubdate" type="text" id="pubdate" style="width:100px" <?php
if (@(!$mod['pubdate'])) {
echo 'value="' . date('d.m.Y') . '"';
} else {
echo 'value="' . $mod['pubdate'] . '"';
}
?>
/>
<input type="hidden" name="olddate" value="<?php
echo @$mod['pubdate'];
?>
" />
</div>
</td>
<td width="16" valign="bottom" style="padding-bottom:10px">
<input type="checkbox" name="showdate" id="showdate" title="<?php
echo $_LANG['AD_VIEW_DATE_AND_AUTHOR'];
?>
" value="1" <?php
if ($mod['showdate'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/>
</td>
<!-- <td width="160" valign="top">
<div><strong><?php
echo $_LANG['AD_ARTICLE_TEMPLATE'];
?>
</strong></div>
<div><input name="tpl" type="text" style="width:160px" value="<?php
echo @$mod['tpl'];
?>
"></div>
</td> -->
<td width="160" valign="top">
<div><strong>Шаблон статьи</strong></div>
<?php
$inConf = cmsConfig::getInstance();
//задаём имя директории
$directory = PATH . "/templates/" . $inConf->template . "/components";
$scan_dir = scandir($directory);
if (is_dir($directory)) {
//проверяем наличие директории
//директория существует
echo '<select name="tpl">';
$scan_dir = scandir($directory);
//сканируем (получаем массив файлов)
array_shift($scan_dir);
// удаляем из массива '.'
array_shift($scan_dir);
// удаляем из массива '..'
for ($i = 0; $i < sizeof($scan_dir); $i++) {
$tpl = explode("_", $scan_dir[$i]);
if ($_GET['view'] == $tpl['1']) {
if ($_GET['view']) {
//выводим все файлы
if (@$mod["tpl"] == $scan_dir[$i]) {
echo '<option selected>' . $scan_dir[$i] . '</option>';
} else {
echo '<option>' . $scan_dir[$i] . '</option>';
}
}
}
}
echo '</select>';
} else {
echo '<input name="tpl" type="text" style="width:160px" value="' . @$mod["tpl"] . '">';
}
?>
</td>
</tr>
</table>
<div><strong><?php
echo $_LANG['AD_ARTICLE_NOTICE'];
?>
</strong></div>
<div><?php
$inCore->insertEditor('description', $mod['description'], '200', '100%');
?>
</div>
<div><strong><?php
echo $_LANG['AD_ARTICLE_TEXT'];
?>
</strong></div>
<?php
insertPanel();
?>
<div><?php
$inCore->insertEditor('content', $mod['content'], '400', '100%');
?>
</div><!--Editor text in articles-->
<div><strong><?php
echo $_LANG['AD_ARTICLE_IMG'];
?>
</strong></div>
<div><?php
$inCore->insertEditor('for_img', $mod['for_img'], '200', '100%');
?>
</div>
<div><strong><?php
echo $_LANG['AD_ARTICLE_ADD_TEXT'];
?>
</strong></div>
<div><input name="add_text" type="text" id="add_text" style="width:99%" value="<?php
echo htmlspecialchars($mod['add_text']);
?>
" /></div>
<div><strong><?php
echo $_LANG['AD_ARTICLE_TAGS'];
?>
</strong></div>
<div><input name="tags" type="text" id="tags" style="width:99%" value="<?php
if (isset($mod['id'])) {
echo cmsTagLine('content', $mod['id'], false);
}
?>
" /></div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20">
<input type="radio" name="autokeys" id="autokeys1" <?php
if ($do == 'add' && $cfg['autokeys']) {
?>
checked="checked"<?php
}
?>
value="1"/>
</td>
<td>
<label for="autokeys1"><strong><?php
echo $_LANG['AD_AUTO_GEN_KEY'];
?>
</strong></label>
</td>
</tr>
<tr>
<td width="20">
<input type="radio" name="autokeys" id="autokeys2" value="2"/>
</td>
<td>
<label for="autokeys2"><strong><?php
echo $_LANG['AD_TAGS_AS_KEY'];
?>
</strong></label>
</td>
</tr>
<tr>
<td width="20">
<input type="radio" name="autokeys" id="autokeys3" value="3" <?php
if ($do == 'edit' || !$cfg['autokeys']) {
?>
checked="checked"<?php
}
?>
/>
</td>
<td>
<label for="autokeys3"><strong><?php
echo $_LANG['AD_MANUAL_KEY'];
?>
</strong></label>
</td>
</tr>
<?php
if ($cfg['af_on'] && $do == 'add') {
?>
<tr>
<td width="20"><input type="checkbox" name="noforum" id="noforum" value="1" /> </td>
<td><label for="noforum"><strong><?php
echo $_LANG['AD_NO_CREATE_THEME'];
?>
</strong></label></td>
</tr>
<?php
}
?>
</table>
</td>
<!-- боковая ячейка -->
<td width="300" valign="top" style="background:#ECECEC;">
<?php
ob_start();
?>
{tab=<?php
echo $_LANG['AD_TAB_PUBLISH'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20"><input type="checkbox" name="published" id="published" value="1" <?php
if ($mod['published'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="published"><strong><?php
echo $_LANG['AD_PUBLIC_ARTICLE'];
?>
</strong></label></td>
</tr>
</table>
<div style="margin-top:7px">
<select name="category_id" size="10" id="category_id" style="width:99%;height:200px">
<option value="1" <?php
if (@$mod['category_id'] == 1 || !isset($mod['category_id'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_ROOT_CATEGORY'];
?>
</option>
<?php
if (isset($mod['category_id'])) {
echo $inCore->getListItemsNS('cms_category', $mod['category_id']);
} else {
echo $inCore->getListItemsNS('cms_category');
}
?>
</select>
</div>
<div style="margin-bottom:10px">
<select name="showpath" id="showpath" style="width:99%">
<option value="0" <?php
if (@(!$mod['showpath'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_PATHWAY_NAME_ONLY'];
?>
</option>
<option value="1" <?php
if (@$mod['showpath']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_PATHWAY_FULL'];
?>
</option>
</select>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_ARTICLE_URL'];
?>
</strong><br/>
<div style="color:gray"><?php
echo $_LANG['AD_IF_UNKNOWN'];
?>
</div>
</div>
<div>
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td><input type="text" name="url" value="<?php
echo $mod['url'];
?>
" style="width:100%"/></td>
<td width="40" align="center">.html</td>
</tr>
</table>
</div>
<div style="margin-top:10px">
<strong><?php
echo $_LANG['AD_ARTICLE_AUTHOR'];
?>
</strong>
</div>
<div>
<select name="user_id" id="user_id" style="width:99%">
<?php
if (isset($mod['user_id'])) {
echo $inCore->getListItems('cms_users', $mod['user_id'], 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
} else {
echo $inCore->getListItems('cms_users', $inUser->id, 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
}
?>
</select>
</div>
<div style="margin-top:12px"><strong><?php
echo $_LANG['AD_PHOTO'];
?>
</strong></div>
<div style="margin-bottom:10px">
<?php
if ($do == 'edit') {
if (isset($_SESSION['lang']) && $_SESSION['lang'] != 'ru') {
$mod_id = $mod['id'] . '_' . $_SESSION['lang'];
$id_art = $mod['id'] . '_' . $_SESSION['lang'];
} else {
$mod_id = $mod['id'];
$id_art = $id;
}
//if (file_exists(PATH.'/images/photos/small/article'.$mod['id'].'.jpg')){
if (file_exists(PATH . '/images/photos/small/article' . $mod_id . '.jpg')) {
?>
<div style="margin-top:3px;margin-bottom:3px;padding:10px;border:solid 1px gray;text-align:center">
<?/*php<img src="/images/photos/small/article<?php
echo $id;
?>
.jpg" border="0" />*/?>
<img src="/images/photos/small/article<?php
echo $id_art;
?>
.jpg" border="0" />
</div>
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td width="16"><input type="checkbox" id="delete_image" name="delete_image" value="1" /></td>
<td><label for="delete_image"><?php
echo $_LANG['AD_PHOTO_REMOVE'];
?>
</label></td>
</tr>
</table>
<?php
}
}
?>
<input type="file" name="picture" style="width:100%" />
</div>
<div style="margin-top:25px"><strong><?php
echo $_LANG['AD_PUBLIC_PARAMETRS'];
?>
</strong></div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20"><input type="checkbox" name="show_in_new" id="show_in_new" value="1" <?php
if ($mod['show_in_new'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="show_in_new"><?php
echo $_LANG['AD_VIEW_NEW_CATS'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="show_in_footer" id="show_in_footer" value="1" <?php
if ($mod['show_in_footer'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="show_in_footer"><?php
echo $_LANG['AD_VIEW_FOOTER'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="showlatest" id="showlatest" value="1" <?php
if ($mod['showlatest'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="showlatest"><?php
echo $_LANG['AD_VIEW_NEW_ARTICLES'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="comments" id="comments" value="1" <?php
if ($mod['comments'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="comments"><?php
echo $_LANG['AD_ENABLE_COMMENTS'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="canrate" id="canrate" value="1" <?php
if ($mod['canrate']) {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="canrate"><?php
echo $_LANG['AD_ENABLE_RATING'];
?>
</label></td>
</tr>
</table>
<?php
if ($do == 'add') {
?>
<div style="margin-top:25px">
<strong><?php
echo $_LANG['AD_CREATE_LINK'];
?>
</strong>
</div>
<div>
<select name="createmenu" id="createmenu" style="width:99%">
<option value="0" selected="selected"><?php
echo $_LANG['AD_DONT_CREATE_LINK'];
?>
</option>
<?php
foreach ($menu_list as $menu) {
?>
<option value="<?php
echo $menu['id'];
?>
">
<?php
echo $menu['title'];
?>
</option>
<?php
}
?>
</select>
</div>
<?php
}
?>
{tab=<?php
echo $_LANG['AD_DATE'];
?>
}
<div style="margin-top:5px">
<strong><?php
echo $_LANG['AD_ARTICLE_TIME'];
?>
</strong>
</div>
<div>
<select name="is_end" id="is_end" style="width:99%" onchange="if($(this).val() == 1){ $('#final_time').show(); }else {$('#final_time').hide();}">
<option value="0" <?php
if (@(!$mod['is_end'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_UNLIMITED'];
?>
</option>
<option value="1" <?php
if (@$mod['is_end']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_TO_FINAL_TIME'];
?>
</option>
</select>
</div>
<div id="final_time" <?php
if (@(!$mod['is_end'])) {
echo 'style="display: none"';
}
?>
>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['AD_FINAL_TIME'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_CALENDAR_FORMAT'];
?>
</span>
</div>
<div><input name="enddate" type="text" style="width:80%" <?php
if (@(!$mod['is_end'])) {
echo 'value="' . date('d.m.Y') . '"';
} else {
echo 'value="' . $mod['enddate'] . '"';
}
?>
id="enddate" /></div></div>
{tab=SEO}
<div style="margin-top:5px">
<strong><?php
echo $_LANG['AD_PAGE_TITLE'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_IF_UNKNOWN_PAGETITLE'];
?>
</span>
</div>
<div>
<input name="pagetitle" type="text" id="pagetitle" style="width:99%" value="<?php
if (isset($mod['pagetitle'])) {
echo htmlspecialchars($mod['pagetitle']);
}
?>
" />
</div>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['KEYWORDS'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_FROM_COMMA'];
?>
</span>
</div>
<div>
<textarea name="meta_keys" style="width:97%" rows="4" id="meta_keys"><?php
echo htmlspecialchars($mod['meta_keys']);
?>
</textarea>
</div>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['DESCRIPTION'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_LESS_THAN'];
?>
</span>
</div>
<div>
<textarea name="meta_desc" style="width:97%" rows="6" id="meta_desc"><?php
echo htmlspecialchars($mod['meta_desc']);
?>
</textarea>
</div>
{tab=<?php
echo $_LANG['AD_TAB_ACCESS'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<?php
$sql = "SELECT * FROM cms_user_groups";
$result = $inDB->query($sql);
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
$sql2 = "SELECT * FROM cms_content_access WHERE content_id = " . $mod['id'] . " AND content_type = 'material'";
$result2 = $inDB->query($sql2);
$ord = array();
if ($inDB->num_rows($result2)) {
$public = '';
$style = '';
while ($r = $inDB->fetch_assoc($result2)) {
$ord[] = $r['group_id'];
}
}
}
?>
<input name="is_public" type="checkbox" id="is_public" onclick="checkGroupList()" value="1" <?php
echo $public;
?>
/>
</td>
<td><label for="is_public"><strong><?php
echo $_LANG['AD_SHARE'];
?>
</strong></label></td>
</tr>
</table>
<div style="padding:5px">
<span class="hinttext">
<?php
echo $_LANG['AD_IF_NOTED'];
?>
</span>
</div>
<div style="margin-top:10px;padding:5px;padding-right:0px;" id="grp">
<div>
<strong><?php
echo $_LANG['AD_GROUPS_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<?php
echo '<select style="width: 99%" name="showfor[]" id="showin" size="6" multiple="multiple" ' . $style . '>';
if ($inDB->num_rows($result)) {
while ($item = $inDB->fetch_assoc($result)) {
echo '<option value="' . $item['id'] . '"';
if ($do == 'edit') {
if (inArray($ord, $item['id'])) {
echo 'selected="selected"';
}
}
echo '>';
echo $item['title'] . '</option>';
}
}
echo '</select>';
?>
</div>
</div>
{/tabs}
<?php
echo jwTabs(ob_get_clean());
?>
</td>
</tr>
</table>
<p>
<input name="add_mod" type="submit" id="add_mod" <?php
if ($do == 'add') {
echo 'value="' . $_LANG['AD_CREATE_CONTENT'] . '"';
} else {
echo 'value="' . $_LANG['AD_SAVE_CONTENT'] . '"';
}
?>
/>
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.history.back();"/>
<input name="do" type="hidden" id="do" <?php
if ($do == 'add') {
echo 'value="submit"';
} else {
echo 'value="update"';
}
?>
/>
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="' . $mod['id'] . '" />';
}
?>
</p>
</form>
<?php
}
}
function photos()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
cmsCore::loadClass('photo');
$inPhoto = cmsPhoto::getInstance();
global $_LANG;
$model = new cms_model_photos();
$pagetitle = $inCore->menuTitle();
$root_album_id = $inDB->getNsRootCatId('cms_photo_albums');
$id = cmsCore::request('id', 'int', $root_album_id);
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$inPage->addPathway($inCore->getComponentTitle(), '/photos');
// только авторизованные пользуются js
if ($inUser->id) {
$inPage->addHeadJS('components/photos/js/photos.js');
$inPage->addHeadJsLang(array('NO_PUBLISH', 'EDIT_PHOTO', 'YOU_REALLY_DELETE_PHOTO', 'MOVE_PHOTO'));
}
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
/////////////////////////////// Просмотр альбома ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'view') {
$album = $inDB->getNsCategory('cms_photo_albums', $id, null);
if (!$album && $inCore->menuId() !== 1) {
cmsCore::error404();
}
// Неопубликованные альбомы показываем только админам
if (!$album['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $album);
// если не корневой альбом
if ($album['id'] != $root_album_id) {
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $album['NSLeft'], $album['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $album['title'] . ' - ' . $_LANG['PHOTOGALLERY'];
$inPage->setTitle($album['pagetitle'] ? $album['pagetitle'] : $pagetitle);
} else {
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['PHOTOGALLERY'];
$inPage->setTitle($pagetitle);
$album['title'] = $pagetitle;
}
//Формируем подкатегории альбома
$inDB->orderBy('f.' . $model->config['orderby'], $model->config['orderto']);
$subcats = $inPhoto->getAlbums($album['id']);
// Сортировка фотографий
$orderby = cmsCore::getSearchVar('orderby', $album['orderby']);
$orderto = cmsCore::getSearchVar('orderto', $album['orderto']);
if (!in_array($orderby, array('title', 'pubdate', 'rating', 'hits'))) {
$orderby = $album['orderby'];
}
if (!in_array($orderto, array('desc', 'asc'))) {
$orderto = $album['orderto'];
}
// Устанавливаем альбом
$inPhoto->whereAlbumIs($album['id']);
// Общее количество фото по заданным выше условиям
$total = $inPhoto->getPhotosCount($inUser->is_admin);
//устанавливаем сортировку
$inDB->orderBy('f.' . $orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во фото на странице
$inDB->limitPage($page, $album['perpage']);
$photos = $inPhoto->getPhotos($inUser->is_admin, $album['showdate']);
if (!$photos && $page > 1) {
cmsCore::error404();
}
if ($album['id'] != $root_album_id) {
// meta description
if ($album['meta_desc']) {
$meta_desc = $album['meta_desc'];
} elseif (mb_strlen(strip_tags($album['description'])) >= 250) {
$meta_desc = crop($album['description']);
} else {
$meta_desc = $album['title'];
}
$inPage->setDescription($meta_desc);
// meta keywords
if ($album['meta_keys']) {
$meta_keys = $album['meta_keys'];
} elseif ($photos) {
foreach ($photos as $p) {
$k[] = $p['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $album['title'];
}
$inPage->setKeywords($meta_keys);
}
cmsPage::initTemplate('components', 'com_photos_view')->assign('root_album_id', $root_album_id)->assign('cfg', $model->config)->assign('album', $album)->assign('can_add_photo', $album['public'] && $inUser->id || $inUser->is_admin)->assign('subcats', $subcats)->assign('photos', $photos)->assign('pagebar', cmsPage::getPagebar($total, $page, $album['perpage'], '/photos/' . $album['id'] . '-%page%'))->assign('total', $total)->assign('orderby', $orderby)->assign('orderto', $orderto)->display('com_photos_view.tpl');
// если есть фотограйии в альбоме и включены комментарии в альбоме, то показываем их
if ($album['is_comments'] && $photos && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('palbum', $album['id']);
}
}
/////////////////////////////// VIEW PHOTO ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'viewphoto') {
// получаем фото
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::error404();
}
// Если фото клуба редиректим на новый алрес
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::redirect('/clubs/photo' . $photo['id'] . '.html', '301');
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
// неопубликованное фото видно админам и автору
if (!$photo['published'] && !$inUser->is_admin && !$is_author) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $photo['NSLeft'], $photo['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
$inPage->addPathway($photo['title']);
$inPage->setTitle($photo['pagetitle'] ? $photo['pagetitle'] : $photo['title']);
$inPage->setKeywords($photo['meta_keys'] ? $photo['meta_keys'] : $photo['title']);
if (!$photo['meta_desc']) {
if ($photo['description']) {
$inPage->setDescription(crop($photo['description']));
} else {
$inPage->setDescription($photo['title']);
}
} else {
$inPage->setDescription($photo['meta_desc']);
}
// Обновляем количество просмотров фотографии
if (!$is_author) {
$inDB->setFlag('cms_photo_files', $photo['id'], 'hits', $photo['hits'] + 1);
}
//навигация
if ($photo['album_nav']) {
$nextid = $inDB->get_fields('cms_photo_files', 'id<' . $photo['id'] . ' AND album_id = ' . $photo['album_id'] . ' AND published=1', 'id, file', 'id DESC');
$previd = $inDB->get_fields('cms_photo_files', 'id>' . $photo['id'] . ' AND album_id = ' . $photo['album_id'] . ' AND published=1', 'id, file', 'id ASC');
} else {
$previd = false;
$nextid = false;
}
$photo['karma_buttons'] = cmsKarmaButtons('photo', $photo['id'], $photo['rating'], $is_author);
$photo['genderlink'] = cmsUser::getGenderLink($photo['user_id'], $photo['nickname'], $photo['gender'], $photo['login']);
cmsPage::initTemplate('components', 'com_photos_view_photo')->assign('photo', $photo)->assign('bbcode', '[IMG]' . HOST . '/images/photos/medium/' . $photo['file'] . '[/IMG]')->assign('previd', $previd)->assign('nextid', $nextid)->assign('cfg', $model->config)->assign('is_author', $is_author)->assign('is_admin', $inUser->is_admin)->assign('tagbar', $photo['a_tags'] ? cmsTagBar('photo', $photo['id']) : '')->display('com_photos_view_photo.tpl');
//выводим комментарии, если они разрешены и фото опубликовано
if ($photo['comments'] && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('photo', $photo['id'], array(), $is_author);
}
}
/////////////////////////////// PHOTO UPLOAD ////////////////////////////////////////////////////////////////////////////////
if ($do == 'addphoto') {
// Неавторизованных просим авторизоваться
if (!$inUser->id) {
cmsUser::goToLogin();
}
$do_photo = cmsCore::request('do_photo', 'str', 'addphoto');
// получаем альбом
$album = $inDB->getNsCategory('cms_photo_albums', $id);
if (!$album) {
cmsCore::error404();
}
if (!$album['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $album);
// права доступа
// загружаем только в разрешенные альбомы
if (!$album['public'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Смотрим ограничения загрузки в сутки
$today_uploaded = $album['uplimit'] ? $model->loadedByUser24h($inUser->id, $album['id']) : 0;
if (!$inUser->is_admin && $album['uplimit'] && $today_uploaded >= $album['uplimit']) {
cmsCore::addSessionMessage('<strong>' . $_LANG['MAX_UPLOAD_IN_DAY'] . '</strong> ' . $_LANG['CAN_UPLOAD_TOMORROW'], 'error');
cmsCore::redirectBack();
}
// глубиномер
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $album['NSLeft'], $album['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
include 'components/photos/add_photo.php';
}
/////////////////////////////// PHOTO EDIT ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'editphoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
// получаем фото
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
if (!$inUser->is_admin && !$is_author) {
cmsCore::halt();
}
if (cmsCore::inRequest('edit_photo')) {
$mod['title'] = cmsCore::request('title', 'str', '');
$mod['title'] = $mod['title'] ? $mod['title'] : $photo['title'];
$mod['description'] = cmsCore::request('description', 'str', '');
$mod['tags'] = cmsCore::request('tags', 'str', '');
$mod['comments'] = $inUser->is_admin ? cmsCore::request('comments', 'int') : $photo['comments'];
if ($model->config['seo_user_access'] || $inUser->is_admin) {
$mod['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$mod['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$mod['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
$file = $model->initUploadClass($inDB->getNsCategory('cms_photo_albums', $photo['album_id']))->uploadPhoto($photo['file']);
$mod['file'] = $file['filename'] ? $file['filename'] : $photo['file'];
$inPhoto->updatePhoto($mod, $photo['id']);
$description = '<a href="/photos/photo' . $photo['id'] . '.html" class="act_photo"><img src="/images/photos/small/' . $mod['file'] . '" alt="' . htmlspecialchars(stripslashes($mod['title'])) . '" /></a>';
cmsActions::updateLog('add_photo', array('object' => $mod['title'], 'description' => $description), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_SAVED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/photo' . $photo['id'] . '.html'));
} else {
$photo['tags'] = cmsTagLine('photo', $photo['id'], false);
cmsPage::initTemplate('components', 'com_photos_edit')->assign('photo', $photo)->assign('form_action', '/photos/editphoto' . $photo['id'] . '.html')->assign('no_tags', false)->assign('is_admin', $inUser->is_admin)->assign('cfg', $model->config)->display('com_photos_edit.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
}
/////////////////////////////// PHOTO MOVE /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'movephoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
if (!$inUser->is_admin) {
cmsCore::halt();
}
if (!cmsCore::inRequest('move_photo')) {
cmsPage::initTemplate('components', 'com_photos_move')->assign('form_action', '/photos/movephoto' . $photo['id'] . '.html')->assign('html', $inPhoto->getAlbumsOption('', $photo['album_id']))->display('com_photos_move.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int')));
if (!$album) {
cmsCore::halt();
}
if (!$album['public'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Смотрим ограничения загрузки в сутки
$today_uploaded = $album['uplimit'] ? $model->loadedByUser24h($inUser->id, $album['id']) : 0;
if (!$inUser->is_admin && $album['uplimit'] && $today_uploaded >= $album['uplimit']) {
cmsCore::jsonOutput(array('error' => true, 'text' => '<strong>' . $_LANG['MAX_UPLOAD_IN_DAY'] . '</strong> ' . $_LANG['CAN_UPLOAD_TOMORROW']));
}
$inDB->query("UPDATE cms_photo_files SET album_id = '{$album['id']}' WHERE id = '{$photo['id']}'");
cmsActions::updateLog('add_photo', array('target' => $album['title'], 'target_url' => '/photos/' . $album['id'], 'target_id' => $album['id']), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_MOVED'], 'info');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $album['id']));
}
}
/////////////////////////////// PHOTO DELETE /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'delphoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
if (!$inUser->is_admin && !$is_author) {
cmsCore::halt();
}
$inPhoto->deletePhoto($photo, $model->initUploadClass($inDB->getNsCategory('cms_photo_albums', $photo['album_id'])));
cmsCore::addSessionMessage($_LANG['PHOTO_DELETED'], 'success');
cmsUser::clearCsrfToken();
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $photo['album_id']));
}
/////////////////////////////// PHOTO PUBLISH /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'publish_photo') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (!$inUser->is_admin) {
cmsCore::halt();
}
$inPhoto->publishPhoto($photo['id']);
cmsCore::callEvent('ADD_PHOTO_DONE', $photo);
$description = '<a href="/photos/photo' . $photo['id'] . '.html" class="act_photo"><img src="/images/photos/small/' . $photo['file'] . '" alt="' . htmlspecialchars(stripslashes($photo['title'])) . '" /></a>';
cmsActions::log('add_photo', array('object' => $photo['title'], 'object_url' => '/photos/photo' . $photo['id'] . '.html', 'object_id' => $photo['id'], 'user_id' => $photo['user_id'], 'target' => $photo['cat_title'], 'target_id' => $photo['album_id'], 'target_url' => '/photos/' . $photo['album_id'], 'description' => $description));
cmsCore::halt('ok');
}
/////////////////////////////// VIEW LATEST/BEST PHOTOS //////////////////////////////////////////////////////////////////////////////
if (in_array($do, array('latest', 'best'))) {
if ($do == 'latest') {
$inDB->orderBy('f.pubdate', 'DESC');
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['NEW_PHOTO_IN_GALLERY'];
} else {
$inDB->orderBy('f.rating', 'DESC');
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['BEST_PHOTOS'];
}
$inDB->limit($model->config['best_latest_perpage']);
// выбираем категории фото
$inDB->addJoin("INNER JOIN cms_photo_albums a ON a.id = f.album_id AND a.published = 1 AND a.NSDiffer = ''");
$inDB->addSelect('a.title as cat_title');
$photos = $inPhoto->getPhotos(false, 'with_comments');
if (!$photos) {
cmsCore::error404();
}
$inPage->addPathway($pagetitle);
$inPage->setTitle($pagetitle);
cmsPage::initTemplate('components', 'com_photos_bl')->assign('maxcols', $model->config['best_latest_maxcols'])->assign('pagetitle', $pagetitle)->assign('photos', $photos)->display('com_photos_bl.tpl');
}
/////////////////////////////// /////////////////////////////// ////////////////
}
function forms()
{
cmsCore::loadClass('form');
$do = cmsCore::getInstance()->do;
global $_LANG;
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'view') {
// Получаем форму
$form = cmsForm::getFormData(cmsCore::request('form_id', 'int'));
if (!$form) {
cmsCore::error404();
}
// Получаем данные полей формы
$form_fields = cmsForm::getFormFields($form['id']);
// Если полей нет, 404
if (!$form_fields) {
cmsCore::error404();
}
$errors = array();
$attachment = array();
// Получаем данные формы
// Если не переданы, назад
$form_input = cmsForm::getFieldsInputValues($form['id']);
if (!$form_input) {
$errors[] = $_LANG['FORM_ERROR'];
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
$errors[] = $field_error;
}
}
// проверяем каптчу
if (!cmsPage::checkCaptchaCode()) {
$errors[] = $_LANG['ERR_CAPTCHA'];
}
if ($errors) {
if (cmsCore::isAjax()) {
cmsCore::jsonOutput(array('error' => true, 'text' => end($errors)));
} else {
foreach ($errors as $error) {
cmsCore::addSessionMessage($error, 'error');
}
cmsCore::redirectBack();
}
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// Подготовим начало письма
$mail_message = '<h3>' . $_LANG['FORM'] . ': ' . $form['title'] . '</h3>';
// Добавляем заполненные поля в письмо
foreach ($form_fields as $field) {
// Значение поля
$value = $form_input['values'][$field['id']];
if (!$value) {
continue;
}
if (is_string($value)) {
$mail_message .= '<h5>' . $field['title'] . '</h5><p>' . $value . '</p>';
} elseif (is_array($value)) {
// если массив, значит к форме прикреплен файл
if ($form['sendto'] == 'mail') {
$attachment[] = !empty($value['url']) ? PATH . $value['url'] : '';
} elseif (!empty($value['url'])) {
$mail_message .= '<h5>' . $field['title'] . '</h5><p><a href="' . $value['url'] . '">' . $value['name'] . '</a></p>';
}
}
}
// Отправляем форму
if ($form['sendto'] == 'mail') {
$emails = explode(',', $form['email']);
if ($emails) {
foreach ($emails as $email) {
cmsCore::mailText(trim($email), cmsConfig::getConfig('sitename') . ': ' . $form['title'], $mail_message, $attachment);
}
}
// удаляем прикрепленные файлы
foreach ($attachment as $attach) {
@unlink($attach);
}
} else {
cmsUser::sendMessage(-2, $form['user_id'], $mail_message);
}
cmsUser::sessionClearAll();
if (cmsCore::isAjax()) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['FORM_IS_SEND']));
} else {
cmsCore::addSessionMessage($_LANG['FORM_IS_SEND'], 'info');
cmsCore::redirectBack();
}
}
//========================================================================================================================//
}
function content()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_content();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
cmsCore::loadClass('billing');
}
global $_LANG;
$id = cmsCore::request('id', 'int', 0);
$do = $inCore->do;
$seolink = cmsCore::strClear(urldecode(cmsCore::request('seolink', 'html', '')));
if (is_numeric($seolink)) {
cmsCore::error404();
}
$page = cmsCore::request('page', 'int', 1);
///////////////////////////////////// VIEW CATEGORY ////////////////////////////////////////////////////////////////////////////////
if ($do == 'view') {
$cat = $inDB->getNsCategory('cms_category', $seolink);
// если не найдена категория и мы не на главной, 404
if (!$cat && $inCore->menuId() !== 1) {
cmsCore::error404();
}
// языки
$cat = translations::process(cmsConfig::getConfig('lang'), 'content_category', $cat);
// Плагины
$cat = cmsCore::callEvent('GET_CONTENT_CAT', $cat);
// Неопубликованные показываем только админам
if (!$cat['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Проверяем доступ к категории
if (!$inCore->checkUserAccess('category', $cat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
// если не корень категорий
if ($cat['NSLevel'] > 0) {
$inPage->setTitle($cat['pagetitle'] ? $cat['pagetitle'] : $cat['title']);
$pagetitle = $cat['title'];
$showdate = $cat['showdate'];
$showcomm = $cat['showcomm'];
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars($cat['title']) . '" href="' . HOST . '/rss/content/' . $cat['id'] . '/feed.rss">');
}
// Если корневая категория
if ($cat['NSLevel'] == 0) {
if ($model->config['hide_root']) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['CATALOG_ARTICLES']);
$pagetitle = $_LANG['CATALOG_ARTICLES'];
$showdate = 1;
$showcomm = 1;
}
// Получаем дерево категорий
$path_list = $inDB->getNsCategoryPath('cms_category', $cat['NSLeft'], $cat['NSRight'], 'id, title, NSLevel, seolink, url');
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'content_category', $path_list);
foreach ($path_list as $pcat) {
if (!$inCore->checkUserAccess('category', $pcat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
$inPage->addPathway($pcat['title'], $model->getCategoryURL(null, $pcat['seolink']));
}
}
// Получаем подкатегории
$subcats_list = $model->getSubCats($cat['id']);
// Привязанный фотоальбом
$cat_photos = $model->getCatPhotoAlbum($cat['photoalbum']);
// Получаем статьи
// Редактор/администратор
$is_editor = $cat['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd') || $inUser->is_admin;
// Условия
$model->whereCatIs($cat['id']);
// Общее количество статей
$total = $model->getArticlesCount($is_editor);
// Сортировка и разбивка на страницы
$inDB->orderBy($cat['orderby'], $cat['orderto']);
$inDB->limitPage($page, $model->config['perpage']);
// Получаем статьи
$content_list = $total ? $model->getArticlesList(!$is_editor) : array();
$inDB->resetConditions();
if (!$content_list && $page > 1) {
cmsCore::error404();
}
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], $model->getCategoryURL(null, $cat['seolink'], 0, true));
$template = $cat['tpl'] ? $cat['tpl'] : 'com_content_view.tpl';
if ($cat['NSLevel'] > 0) {
// meta description
if ($cat['meta_desc']) {
$meta_desc = $cat['meta_desc'];
} elseif (mb_strlen(strip_tags($cat['description'])) >= 250) {
$meta_desc = crop($cat['description']);
} else {
$meta_desc = $cat['title'];
}
$inPage->setDescription($meta_desc);
// meta keywords
if ($cat['meta_keys']) {
$meta_keys = $cat['meta_keys'];
} elseif ($content_list) {
foreach ($content_list as $c) {
$k[] = $c['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $cat['title'];
}
$inPage->setKeywords($meta_keys);
}
cmsPage::initTemplate('components', $template)->assign('cat', $cat)->assign('is_homepage', (bool) ($inCore->menuId() == 1))->assign('showdate', $showdate)->assign('showcomm', $showcomm)->assign('pagetitle', $pagetitle)->assign('subcats', $subcats_list)->assign('cat_photos', $cat_photos)->assign('articles', $content_list)->assign('pagebar', $pagebar)->display($template);
}
///////////////////////////////////// READ ARTICLE ////////////////////////////////////////////////////////////////////////////////
if ($do == 'read') {
// Получаем статью
$article = $model->getArticle($seolink);
if (!$article) {
cmsCore::error404();
}
$article = translations::process(cmsConfig::getConfig('lang'), 'content_content', $article);
$article = cmsCore::callEvent('GET_ARTICLE', $article);
$is_admin = $inUser->is_admin;
$is_author = $inUser->id == $article['user_id'];
$is_author_del = cmsUser::isUserCan('content/delete');
$is_editor = $article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd');
// если статья не опубликована или дата публикации позже, 404
if ((!$article['published'] || strtotime($article['pubdate']) > time()) && !$is_admin && !$is_editor && !$is_author) {
cmsCore::error404();
}
if (!$inCore->checkUserAccess('material', $article['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect($model->getCategoryURL(null, $article['catseolink']));
}
// увеличиваем кол-во просмотров
if (@(!$is_author)) {
$inDB->setFlag('cms_content', $article['id'], 'hits', $article['hits'] + 1);
}
// Картинка статьи
$article['image'] = file_exists(PATH . '/images/photos/medium/article' . $article['id'] . '.jpg') ? 'article' . $article['id'] . '.jpg' : '';
// Заголовок страницы
$article['pagetitle'] = $article['pagetitle'] ? $article['pagetitle'] : $article['title'];
// Тело статьи в зависимости от настроек
$article['content'] = $model->config['readdesc'] ? $article['description'] . $article['content'] : $article['content'];
// Дата публикации
$article['pubdate'] = cmsCore::dateFormat($article['pubdate']);
// Шаблон статьи
$article['tpl'] = $article['tpl'] ? $article['tpl'] : 'com_content_read.tpl';
$inPage->setTitle($article['pagetitle']);
// Получаем дерево категорий
$path_list = $article['showpath'] ? $inDB->getNsCategoryPath('cms_category', $article['leftkey'], $article['rightkey'], 'id, title, NSLevel, seolink, url') : array();
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'content_category', $path_list);
foreach ($path_list as $pcat) {
if (!$inCore->checkUserAccess('category', $pcat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
$inPage->addPathway($pcat['title'], $model->getCategoryURL(null, $pcat['seolink']));
}
}
$inPage->addPathway($article['title']);
// Мета теги KEYWORDS и DESCRIPTION
if ($article['meta_keys']) {
$inPage->setKeywords($article['meta_keys']);
} else {
if (mb_strlen($article['content']) > 30) {
$inPage->setKeywords(cmsCore::getKeywords(cmsCore::strClear($article['content'])));
}
}
if (mb_strlen($article['meta_desc'])) {
$inPage->setDescription($article['meta_desc']);
}
// Выполняем фильтры
$article['content'] = cmsCore::processFilters($article['content']);
// Разбивка статей на страницы
$pt_pages = array();
if (!empty($GLOBALS['pt'])) {
foreach ($GLOBALS['pt'] as $num => $page_title) {
$pt_pages[$num]['title'] = $page_title;
$pt_pages[$num]['url'] = $model->getArticleURL(null, $article['seolink'], $num + 1);
}
}
// Рейтинг статьи
if ($model->config['rating'] && $article['canrate']) {
$karma = cmsKarma('content', $article['id']);
$karma_points = cmsKarmaFormatSmall($karma['points']);
$btns = cmsKarmaButtonsText('content', $article['id'], $karma['points'], $is_author);
}
cmsPage::initTemplate('components', $article['tpl'])->assign('article', $article)->assign('cfg', $model->config)->assign('page', $page)->assign('is_pages', !empty($GLOBALS['pt']))->assign('pt_pages', $pt_pages)->assign('is_admin', $is_admin)->assign('is_editor', $is_editor)->assign('is_author', $is_author)->assign('is_author_del', $is_author_del)->assign('tagbar', cmsTagBar('content', $article['id']))->assign('karma_points', @$karma_points)->assign('karma_votes', @$karma['votes'])->assign('karma_buttons', @$btns)->display($article['tpl']);
// Комментарии статьи
if ($article['published'] && $article['comments'] && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('article', $article['id'], array(), $is_author);
}
}
///////////////////////////////////// ADD ARTICLE //////////////////////////////////////////////////////////////////////////////////
if ($do == 'addarticle' || $do == 'editarticle') {
$is_add = cmsUser::isUserCan('content/add');
// может добавлять статьи
$is_auto_add = cmsUser::isUserCan('content/autoadd');
// добавлять статьи без модерации
if (!$is_add && !$is_auto_add) {
cmsCore::error404();
}
// Для редактирования получаем статью и проверяем доступ
if ($do == 'editarticle') {
// Получаем статью
$item = $model->getArticle($id);
if (!$item) {
cmsCore::error404();
}
$pubcats = array();
// доступ к редактированию админам, авторам и редакторам
if (!$inUser->is_admin && $item['user_id'] != $inUser->id && !($item['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd'))) {
cmsCore::error404();
}
}
// Для добавления проверяем не вводили ли мы данные ранее
if ($do == 'addarticle') {
$item = cmsUser::sessionGet('article');
if ($item) {
cmsUser::sessionDel('article');
}
// Категории, в которые разрешено публиковать
$pubcats = $model->getPublicCats();
if (!$pubcats) {
cmsCore::addSessionMessage($_LANG['ADD_ARTICLE_ERR_CAT'], 'error');
cmsCore::redirectBack();
}
}
// не было запроса на сохранение, показываем форму
if (!cmsCore::inRequest('add_mod')) {
$dynamic_cost = false;
// Если добавляем статью
if ($do == 'addarticle') {
$pagetitle = $_LANG['ADD_ARTICLE'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_ARTICLES'], '/content/my.html');
$inPage->addPathway($pagetitle);
// поддержка биллинга
if (IS_BILLING) {
$action = cmsBilling::getAction('content', 'add_content');
foreach ($pubcats as $p => $pubcat) {
if ($pubcat['cost']) {
$dynamic_cost = true;
} else {
$pubcats[$p]['cost'] = $action['point_cost'][$inUser->group_id];
}
}
cmsBilling::checkBalance('content', 'add_content', $dynamic_cost);
}
}
// Если редактируем статью
if ($do == 'editarticle') {
$pagetitle = $_LANG['EDIT_ARTICLE'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
if ($item['user_id'] != $inUser->id) {
$user = $inDB->get_fields('cms_users', "id='{$item['user_id']}'", 'login, nickname');
$inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login']));
} else {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
}
$inPage->addPathway($_LANG['MY_ARTICLES'], '/content/my.html');
$inPage->addPathway($pagetitle);
$item['tags'] = cmsTagLine('content', $item['id'], false);
$item['image'] = file_exists(PATH . '/images/photos/small/article' . $item['id'] . '.jpg') ? 'article' . $item['id'] . '.jpg' : '';
if (!$is_auto_add) {
cmsCore::addSessionMessage($_LANG['ATTENTION'] . ': ' . $_LANG['EDIT_ARTICLE_PREMODER'], 'info');
}
}
$inPage->initAutocomplete();
$autocomplete_js = $inPage->getAutocompleteJS('tagsearch', 'tags');
$item = cmsCore::callEvent('PRE_EDIT_ARTICLE', @$item ? $item : array());
cmsPage::initTemplate('components', 'com_content_edit')->assign('mod', $item)->assign('do', $do)->assign('cfg', $model->config)->assign('pubcats', $pubcats)->assign('pagetitle', $pagetitle)->assign('is_admin', $inUser->is_admin)->assign('is_billing', IS_BILLING)->assign('dynamic_cost', $dynamic_cost)->assign('autocomplete_js', $autocomplete_js)->display('com_content_edit.tpl');
}
// Пришел запрос на сохранение статьи
if (cmsCore::inRequest('add_mod')) {
$errors = false;
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['user_id'] = $item['user_id'] ? $item['user_id'] : $inUser->id;
$article['title'] = cmsCore::request('title', 'str', '');
$article['tags'] = cmsCore::request('tags', 'str', '');
$article['description'] = cmsCore::request('description', 'html', '');
$article['content'] = cmsCore::request('content', 'html', '');
$article['description'] = cmsCore::badTagClear($article['description']);
$article['content'] = cmsCore::badTagClear($article['content']);
$article['published'] = $is_auto_add ? 1 : 0;
if ($do == 'editarticle') {
$article['published'] = $item['published'] == 0 ? $item['published'] : $article['published'];
}
$article['pubdate'] = $do == 'editarticle' ? $item['pubdate'] : date('Y-m-d H:i');
$article['enddate'] = $do == 'editarticle' ? $item['enddate'] : $article['pubdate'];
$article['is_end'] = $do == 'editarticle' ? $item['is_end'] : 0;
$article['showtitle'] = $do == 'editarticle' ? $item['showtitle'] : 1;
$article['meta_desc'] = $do == 'addarticle' ? mb_strtolower($article['title']) : $inDB->escape_string($item['meta_desc']);
$article['meta_keys'] = $do == 'addarticle' ? $inCore->getKeywords($article['content']) : $inDB->escape_string($item['meta_keys']);
$article['showdate'] = $do == 'editarticle' ? $item['showdate'] : 1;
$article['showlatest'] = $do == 'editarticle' ? $item['showlatest'] : 1;
$article['showpath'] = $do == 'editarticle' ? $item['showpath'] : 1;
$article['comments'] = $do == 'editarticle' ? $item['comments'] : 1;
$article['canrate'] = $do == 'editarticle' ? $item['canrate'] : 1;
$article['pagetitle'] = '';
if ($do == 'editarticle') {
$article['tpl'] = $item['tpl'];
}
if (mb_strlen($article['title']) < 2) {
cmsCore::addSessionMessage($_LANG['REQ_TITLE'], 'error');
$errors = true;
}
if (mb_strlen($article['content']) < 10) {
cmsCore::addSessionMessage($_LANG['REQ_CONTENT'], 'error');
$errors = true;
}
if ($errors) {
// При добавлении статьи при ошибках сохраняем введенные поля
if ($do == 'addarticle') {
cmsUser::sessionPut('article', $article);
}
cmsCore::redirectBack();
}
$article['description'] = $inDB->escape_string($article['description']);
$article['content'] = $inDB->escape_string($article['content']);
$article = cmsCore::callEvent('AFTER_EDIT_ARTICLE', $article);
// добавление статьи
if ($do == 'addarticle') {
$article_id = $model->addArticle($article);
}
// загрузка фото
$file = 'article' . (@$article_id ? $article_id : $item['id']) . '.jpg';
if (cmsCore::request('delete_image', 'int', 0)) {
@unlink(PATH . "/images/photos/small/{$file}");
@unlink(PATH . "/images/photos/medium/{$file}");
}
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $model->config['img_small_w'];
$inUploadPhoto->medium_size_w = $model->config['img_big_w'];
$inUploadPhoto->thumbsqr = $model->config['img_sqr'];
$inUploadPhoto->is_watermark = $model->config['watermark'];
$inUploadPhoto->input_name = 'picture';
$inUploadPhoto->filename = $file;
// Процесс загрузки фото
$inUploadPhoto->uploadPhoto();
// операции после добавления/редактирования статьи
// добавление статьи
if ($do == 'addarticle') {
// Получаем добавленную статью
$article = $model->getArticle($article_id);
if (!$article['published']) {
cmsCore::addSessionMessage($_LANG['ARTICLE_PREMODER_TEXT'], 'info');
// отсылаем уведомление администраторам
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_ARTICLE_SUBMIT']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessageToGroup(USER_UPDATER, cmsUser::getAdminGroups(), $message);
} else {
//регистрируем событие
cmsActions::log('add_article', array('object' => $article['title'], 'object_url' => $model->getArticleURL(null, $article['seolink']), 'object_id' => $article['id'], 'target' => $article['cat_title'], 'target_url' => $model->getCategoryURL(null, $article['catseolink']), 'target_id' => $article['category_id'], 'description' => ''));
if (IS_BILLING) {
$category_cost = $article['cost'] === '' ? false : (int) $article['cost'];
cmsBilling::process('content', 'add_content', $category_cost);
}
cmsUser::checkAwards($inUser->id);
}
cmsCore::addSessionMessage($_LANG['ARTICLE_SAVE'], 'info');
cmsCore::redirect('/my.html');
}
// Редактирование статьи
if ($do == 'editarticle') {
$model->updateArticle($item['id'], $article, true);
cmsActions::updateLog('add_article', array('object' => $article['title']), $item['id']);
if (!$article['published']) {
$link = '<a href="' . $model->getArticleURL(null, $item['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_ARTICLE_EDITED']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessageToGroup(USER_UPDATER, cmsUser::getAdminGroups(), $message);
}
$mess = $article['published'] ? $_LANG['ARTICLE_SAVE'] : $_LANG['ARTICLE_SAVE'] . ' ' . $_LANG['ARTICLE_PREMODER_TEXT'];
cmsCore::addSessionMessage($mess, 'info');
cmsCore::redirect($model->getArticleURL(null, $item['seolink']));
}
}
}
///////////////////////// PUBLISH ARTICLE /////////////////////////////////////////////////////////////////////////////
if ($do == 'publisharticle') {
if (!$inUser->id) {
cmsCore::error404();
}
$article = $model->getArticle($id);
if (!$article) {
cmsCore::error404();
}
// Редактор с правами на добавление без модерации или администраторы могут публиковать
if (!($article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd')) && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->setFlag('cms_content', $article['id'], 'published', 1);
cmsCore::callEvent('ADD_ARTICLE_DONE', $article);
if (IS_BILLING) {
$author = $inDB->get_fields('cms_users', "id='{$article['user_id']}'", '*');
$category_cost = $article['cost'] === '' ? false : (int) $article['cost'];
cmsBilling::process('content', 'add_content', $category_cost, $author);
}
//регистрируем событие
cmsActions::log('add_article', array('object' => $article['title'], 'user_id' => $article['user_id'], 'object_url' => $model->getArticleURL(null, $article['seolink']), 'object_id' => $article['id'], 'target' => $article['cat_title'], 'target_url' => $model->getCategoryURL(null, $article['catseolink']), 'target_id' => $article['cat_id'], 'description' => ''));
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%link%', $link, $_LANG['MSG_ARTICLE_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $article['user_id'], $message);
cmsUser::checkAwards($article['user_id']);
cmsCore::redirectBack();
}
///////////////////////////////////// DELETE ARTICLE ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'deletearticle') {
if (!$inUser->id) {
cmsCore::error404();
}
$article = $model->getArticle($id);
if (!$article) {
cmsCore::error404();
}
// права доступа
$is_author = cmsUser::isUserCan('content/delete') && $article['user_id'] == $inUser->id;
$is_editor = $article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd');
if (!$is_author && !$is_editor && !$inUser->is_admin) {
cmsCore::error404();
}
if (!cmsCore::inRequest('goadd')) {
$inPage->setTitle($_LANG['ARTICLE_REMOVAL']);
$inPage->addPathway($_LANG['ARTICLE_REMOVAL']);
$confirm['title'] = $_LANG['ARTICLE_REMOVAL'];
$confirm['text'] = $_LANG['ARTICLE_REMOVAL_TEXT'] . ' <a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>?';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
$confirm['yes_button']['name'] = 'goadd';
cmsPage::initTemplate('components', 'action_confirm')->assign('confirm', $confirm)->display('action_confirm.tpl');
} else {
$model->deleteArticle($article['id']);
if ($_SERVER['HTTP_REFERER'] == '/my.html') {
cmsCore::addSessionMessage($_LANG['ARTICLE_DELETED'], 'info');
cmsCore::redirectBack();
} else {
// если удалили как администратор или редактор и мы не авторы статьи, отсылаем сообщение автору
if (($is_editor || $inUser->is_admin) && $article['user_id'] != $inUser->id) {
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%link%', $link, $article['published'] ? $_LANG['MSG_ARTICLE_DELETED'] : $_LANG['MSG_ARTICLE_REJECTED']);
cmsUser::sendMessage(USER_UPDATER, $article['user_id'], $message);
} else {
cmsCore::addSessionMessage($_LANG['ARTICLE_DELETED'], 'info');
}
cmsCore::redirect($model->getCategoryURL(null, $article['catseolink']));
}
}
}
///////////////////////////////////// MY ARTICLES ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'my') {
if (!cmsUser::isUserCan('content/add')) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_ARTICLES']);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_ARTICLES']);
$perpage = 15;
// Условия
$model->whereUserIs($inUser->id);
// Общее количество статей
$total = $model->getArticlesCount(false);
// Сортировка и разбивка на страницы
$inDB->orderBy('con.pubdate', 'DESC');
$inDB->limitPage($page, $perpage);
// Получаем статьи
$content_list = $total ? $model->getArticlesList(false) : array();
$inDB->resetConditions();
cmsPage::initTemplate('components', 'com_content_my')->assign('articles', $content_list)->assign('total', $total)->assign('user_can_delete', cmsUser::isUserCan('content/delete'))->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/content/my%page%.html'))->display('com_content_my.tpl');
}
///////////////////////////////////// BEST ARTICLES ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'best') {
$inPage->setTitle($_LANG['ARTICLES_RATING']);
$inPage->addPathway($_LANG['ARTICLES_RATING']);
// Только статьи, за которые можно голосовать
$inDB->where("con.canrate = 1");
// Сортировка и разбивка на страницы
$inDB->orderBy('con.rating', 'DESC');
$inDB->limitPage(1, 30);
// Получаем статьи
$content_list = $model->getArticlesList();
cmsPage::initTemplate('components', 'com_content_rating')->assign('articles', $content_list)->display('com_content_rating.tpl');
}
}
