function forms()
{
cmsCore::loadClass('form');
$do = cmsCore::getInstance()->do;
global $_LANG;
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'view') {
// Получаем форму
$form = cmsForm::getFormData(cmsCore::request('form_id', 'int'));
if (!$form) {
cmsCore::error404();
}
// Получаем данные полей формы
$form_fields = cmsForm::getFormFields($form['id']);
// Если полей нет, 404
if (!$form_fields) {
cmsCore::error404();
}
$errors = array();
$attachment = array();
// Получаем данные формы
// Если не переданы, назад
$form_input = cmsForm::getFieldsInputValues($form['id']);
if (!$form_input) {
$errors[] = $_LANG['FORM_ERROR'];
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
$errors[] = $field_error;
}
}
// проверяем каптчу
if (!cmsPage::checkCaptchaCode()) {
$errors[] = $_LANG['ERR_CAPTCHA'];
}
if ($errors) {
if (cmsCore::isAjax()) {
cmsCore::jsonOutput(array('error' => true, 'text' => end($errors)));
} else {
foreach ($errors as $error) {
cmsCore::addSessionMessage($error, 'error');
}
cmsCore::redirectBack();
}
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// Подготовим начало письма
$mail_message = '<h3>' . $_LANG['FORM'] . ': ' . $form['title'] . '</h3>';
// Добавляем заполненные поля в письмо
foreach ($form_fields as $field) {
// Значение поля
$value = $form_input['values'][$field['id']];
if (!$value) {
continue;
}
if (is_string($value)) {
$mail_message .= '<h5>' . $field['title'] . '</h5><p>' . $value . '</p>';
} elseif (is_array($value)) {
// если массив, значит к форме прикреплен файл
if ($form['sendto'] == 'mail') {
$attachment[] = !empty($value['url']) ? PATH . $value['url'] : '';
} elseif (!empty($value['url'])) {
$mail_message .= '<h5>' . $field['title'] . '</h5><p><a href="' . $value['url'] . '">' . $value['name'] . '</a></p>';
}
}
}
// Отправляем форму
if ($form['sendto'] == 'mail') {
$emails = explode(',', $form['email']);
if ($emails) {
foreach ($emails as $email) {
cmsCore::mailText(trim($email), cmsConfig::getConfig('sitename') . ': ' . $form['title'], $mail_message, $attachment);
}
}
// удаляем прикрепленные файлы
foreach ($attachment as $attach) {
@unlink($attach);
}
} else {
cmsUser::sendMessage(-2, $form['user_id'], $mail_message);
}
cmsUser::sessionClearAll();
if (cmsCore::isAjax()) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['FORM_IS_SEND']));
} else {
cmsCore::addSessionMessage($_LANG['FORM_IS_SEND'], 'info');
cmsCore::redirectBack();
}
}
//========================================================================================================================//
}
function comments($target = '', $target_id = 0, $labels = array())
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
cmsCore::loadModel('comments');
$model = new cms_model_comments($labels);
// Проверяем включени ли компонент
if (!$inCore->isComponentEnable('comments')) {
return false;
}
// Инициализируем права доступа для группы текущего пользователя
$model->initAccess();
global $_LANG;
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$id = cmsCore::request('id', 'int', 0);
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$inPage->addHeadJS('components/comments/js/comments.js');
$inPage->addHeadJsLang(array('EDIT_COMMENT', 'CONFIRM_DEL_COMMENT', 'COMMENT_IN_LINK'));
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'view' && !$target && !$target_id) {
if (!$login) {
$myprofile = false;
$page_title = $inCore->getComponentTitle();
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . $_LANG['COMMENTS'] . '" href="' . HOST . '/rss/comments/all/feed.rss">');
} else {
// проверяем что пользователь есть
$user = cmsUser::getShortUserData($login);
if (!$user) {
cmsCore::error404();
}
// Мои комментарии
$myprofile = $inUser->id == $user['id'];
$page_title = $_LANG['COMMENTS'] . ' - ' . $user['nickname'];
$inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login']));
// Добавляем условие в выборку
$model->whereUserIs($user['id']);
}
$inPage->setTitle($page_title);
$inPage->addPathway($page_title);
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $page_title);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $page_title);
// флаг модератора
$is_moder = $inUser->is_admin || $model->is_can_moderate;
// Не админам только открытые комментарии
if (!($is_moder || $myprofile)) {
$model->whereIsShow();
}
// Общее количество комментариев
$total = $model->getCommentsCount(!($is_moder || $myprofile));
// Сортировка и разбивка на страницы
$inDB->orderBy('c.pubdate', 'DESC');
$inDB->limitPage($page, $model->config['perpage']);
// Сами комментарии
$comments = $total ? $model->getComments(!($is_moder || $myprofile)) : array();
$inDB->resetConditions();
if (!$comments && $page > 1) {
cmsCore::error404();
}
// пагинация
if (!$login) {
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], '/comments/page-%page%');
} else {
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], 'javascript:centerLink(\'/comments/by_user_' . $user['login'] . '/page-%page%\')');
}
// Отдаем в шаблон
cmsPage::initTemplate('components', 'com_comments_list_all')->assign('comments_count', $total)->assign('comments', $comments)->assign('pagebar', $pagebar)->assign('is_user', $inUser->id)->assign('page_title', $page_title)->assign('cfg', $model->config)->assign('is_admin', $is_moder)->display('com_comments_list_all.tpl');
}
//========================================================================================================================//
//========================================================================================================================//
if (!in_array($do, array('add', 'edit', 'delete')) && $target && $target_id) {
if (!$model->config['cmm_ajax']) {
$model->whereTargetIs($target, $target_id);
$inDB->orderBy('c.pubdate', 'ASC');
$comments = cmsCore::callEvent('BEFORE_SHOW_COMMENTS', $model->getComments(!($inUser->is_admin || $model->is_can_moderate), true));
$total = count($comments);
ob_start();
cmsPage::initTemplate('components', 'com_comments_list')->assign('comments_count', $total)->assign('comments', $comments)->assign('user_can_moderate', $model->is_can_moderate)->assign('user_can_delete', $model->is_can_delete)->assign('user_can_add', $model->is_can_add)->assign('is_admin', $inUser->is_admin)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('labels', $model->labels)->assign('target', $target)->assign('target_id', $target_id)->display('com_comments_list.tpl');
$html = ob_get_clean();
} else {
$model->whereTargetIs($target, $target_id);
$total = $model->getCommentsCount(!($inUser->is_admin || $model->is_can_moderate));
$inDB->resetConditions();
}
cmsPage::initTemplate('components', 'com_comments_view')->assign('comments_count', $total)->assign('target', $target)->assign('target_id', $target_id)->assign('is_admin', $inUser->is_admin)->assign('labels', $model->labels)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('user_can_add', $model->is_can_add)->assign('html', isset($html) ? $html : '')->assign('add_comment_js', "addComment('" . $target . "', '" . $target_id . "', 0)")->assign('user_subscribed', cmsUser::isSubscribed($inUser->id, $target, $target_id))->display('com_comments_view.tpl');
}
//========================================================================================================================//
//========================================================================================================================//
// Добавление комментария, форма добавления в addform.php
if ($do == 'add') {
// Только аякс
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
// Очищаем буфер
ob_end_clean();
// Добавлять могут только админы и те, кому разрешено в настройках группы
if (!$model->is_can_add && !$inUser->is_admin) {
cmsCore::error404();
}
// Входные данные
$comment['guestname'] = cmsCore::request('guestname', 'str', '');
$comment['user_id'] = $inUser->id;
if ($model->is_can_bbcode) {
$content = cmsCore::request('content', 'html', '');
$comment['content_bbcode'] = $inDB->escape_string($content);
$content = cmsCore::parseSmiles($content, true);
$comment['content'] = $inDB->escape_string($content);
} else {
$comment['content'] = cmsCore::request('content', 'str', '');
$comment['content_bbcode'] = $comment['content'];
$comment['content'] = str_replace(array('\\r', '\\n'), '<br>', $comment['content']);
}
$comment['parent_id'] = cmsCore::request('parent_id', 'int', 0);
$comment['target'] = cmsCore::request('target', 'str', '');
$comment['target_id'] = cmsCore::request('target_id', 'int', 0);
$comment['ip'] = cmsCore::strClear($_SERVER['REMOTE_ADDR']);
// Проверяем правильность/наличие входных парамеров
// цель комментария
if (!$comment['target'] || !$comment['target_id']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET']));
}
// Имя гостя отсутствует
if (!$comment['guestname'] && !$inUser->id) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_USER_NAME']));
}
// Текст комментраия отсутствует
if (!$comment['content']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT']));
}
// проверяем каптчу
$need_captcha = $model->config['regcap'] ? true : ($inUser->id ? false : true);
if ($need_captcha && !cmsPage::checkCaptchaCode()) {
cmsCore::jsonOutput(array('error' => true, 'is_captcha' => true, 'text' => $_LANG['ERR_CAPTCHA']));
}
// получаем массив со ссылкой и заголовком цели комментария
// для этого:
// 1. узнаем ответственный компонент из cms_comment_targets
$target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*');
if (!$target) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1'));
}
// 2. подключим модель этого компонента
if (cmsCore::loadModel($target['component'])) {
$model_class = 'cms_model_' . $target['component'];
if (class_exists($model_class)) {
$target_model = new $model_class();
}
}
if (!isset($target_model)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #2'));
}
// 3. запросим массив $target_data[link, title] у метода getCommentTarget модели
$target_data = $target_model->getCommentTarget($comment['target'], $comment['target_id']);
if (!$target_data) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #3'));
}
$comment['target_title'] = $target_data['title'];
$comment['target_link'] = $target_data['link'];
// 4. Узнаем видимость комментария в модели $target_model
if (method_exists($target_model, 'getVisibility')) {
$comment['is_hidden'] = $target_model->getVisibility($comment['target'], $comment['target_id']);
} else {
$comment['is_hidden'] = 0;
}
// публикация согласно настроек
$comment['published'] = $inUser->is_admin || $model->is_can_moderate || $model->is_add_published ? 1 : 0;
// Проверяем токен перед самым добавлением комментария
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// 5. добавляем комментарий в базу
$comment_id = $model->addComment($comment);
// 6. Пересчитываем количество комментариев у цели если нужно
if (method_exists($target_model, 'updateCommentsCount')) {
$target_model->updateCommentsCount($comment['target'], $comment['target_id']);
}
if (!$comment['is_hidden'] && $comment['published']) {
//регистрируем событие
$content_short = strip_tags($comment['content']);
cmsActions::log('add_comment', array('object' => $_LANG['COMMENT'], 'object_url' => $comment['target_link'] . '#c' . $comment_id, 'object_id' => $comment_id, 'target' => $comment['target_title'], 'target_url' => $comment['target_link'], 'target_id' => $comment['target_id'], 'description' => mb_strlen($content_short) > 140 ? mb_substr($content_short, 0, 140) : $content_short));
}
////////////////////////////////////////////////////////////////
///////////////// Операции по уведомлениям /////////////////////
$inConf = cmsConfig::getInstance();
$from_nick = $inUser->id ? $inUser->nickname : $comment['guestname'];
$targetlink = HOST . $comment['target_link'] . '#c' . $comment_id;
//получаем ID и e-mail автора
$author = $inUser->id ? $model->getTargetAuthor($target['target_table'], $comment['target_id']) : '';
//подписываем пользователя на обновления, если нужно
if ($inUser->id && cmsCore::inRequest('subscribe')) {
cmsUser::subscribe($inUser->id, $comment['target'], $comment['target_id']);
}
if ($comment['published']) {
//рассылаем уведомления о новом комменте
cmsUser::sendUpdateNotify($comment['target'], $comment['target_id'], array('link' => $comment['target_link'] . '#c' . $comment_id, 'title' => stripslashes($comment['target_title']), 'letter_file' => 'newcomment', 'author' => $inUser->id ? $inUser->nickname : $comment['guestname']));
//проверяем и выдаем награду если нужно
cmsUser::checkAwards($inUser->id);
}
//отправляем админу уведомление о комментарии на e-mail, если нужно
if ($model->config['email']) {
$mailmsg = str_replace(array('{sitename}', '{date}', '{from}', '{subjtitle}', '{targetlink}', '{content}'), array($inConf->sitename, date('d/m/Y (H:i)'), $from_nick, stripslashes($comment['target_title']), $targetlink, strip_tags($comment['content'])), cmsCore::getLanguageTextFile('newcomment_admin'));
$inCore->mailText($model->config['email'], '', $mailmsg);
}
//отправляем автору уведомление на e-mail
if ($author && $comment['published']) {
if ($model->isAuthorNeedMail($author['id']) && $inUser->id != $author['id']) {
$letter = cmsCore::getLanguageTextFile('newpostcomment');
$letter = str_replace('{sitename}', $inConf->sitename, $letter);
$letter = str_replace('{subj}', $target['subj'], $letter);
$letter = str_replace('{subjtitle}', stripslashes($comment['target_title']), $letter);
$letter = str_replace('{targetlink}', $targetlink, $letter);
$letter = str_replace('{date}', date('d/m/Y H:i:s'), $letter);
$letter = str_replace('{from}', $from_nick, $letter);
$inCore->mailText($author['email'], '', $letter);
}
}
if (!$comment['published']) {
$message = str_replace(array('%user%', '%targetlink%'), array($from_nick, $targetlink), $_LANG['COMM_PREMODER_ADMIN_TEXT']);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
}
cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id'], 'is_premod' => $comment['published'] ? 0 : $_LANG['COMM_PREMODER_TEXT'], 'comment_id' => $comment_id));
}
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'edit') {
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
$comment = $model->getComment(cmsCore::request('comment_id', 'int', 0));
if (!$comment) {
die;
}
// редактировать могут авторы (если время редактирования есть)
// модераторы и администраторы
if (!$model->is_can_moderate && !$inUser->is_admin && !($inUser->id == $comment['user_id'] && $comment['is_editable'])) {
cmsCore::error404();
}
if ($model->is_can_bbcode) {
$content = cmsCore::request('content', 'html', '');
$com_new['content_bbcode'] = $inDB->escape_string($content);
$com_new['content'] = $inDB->escape_string(cmsCore::parseSmiles($content, true));
} else {
$com_new['content'] = cmsCore::request('content', 'str', '');
$com_new['content_bbcode'] = $com_new['content'];
$com_new['content'] = str_replace(array('\\r', '\\n'), '<br>', $com_new['content']);
}
// Текст комментраия отсутствует
if (!$com_new['content']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
//Если ошибок не было,
//обновляем комментарий в базе
$model->updateComment($comment['id'], $com_new);
// Обновляем в ленте активности
$content_short = mb_substr(strip_tags($com_new['content']), 0, 140);
cmsActions::updateLog('add_comment', array('description' => $content_short), $comment['id']);
$com_new['content'] = stripslashes(str_replace(array('\\r', '\\n'), ' ', $com_new['content']));
$com_new = cmsCore::callEvent('GET_COMMENT', $com_new);
cmsCore::jsonOutput(array('error' => false, 'text' => $com_new['content'], 'comment_id' => $comment['id']));
}
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'delete') {
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
$comment = $model->getComment($id);
if (!$comment) {
cmsCore::error404();
}
if (!$inUser->id && !($model->is_can_delete && $inUser->id == $comment['user_id']) && !$model->is_can_moderate && !$inUser->is_admin) {
cmsCore::error404();
}
//узнаем ответственный компонент из cms_comment_targets
$target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*');
if (!$target) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1'));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteComment($id);
//подключим модель этого компонента
if (cmsCore::loadModel($target['component'])) {
$model_class = 'cms_model_' . $target['component'];
if (class_exists($model_class)) {
$target_model = new $model_class();
// Пересчитываем количество комментариев у цели если нужно
if (method_exists($target_model, 'updateCommentsCount')) {
$target_model->updateCommentsCount($comment['target'], $comment['target_id']);
}
}
}
cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id']));
}
}
function registration()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$inConf = cmsConfig::getInstance();
$model = new cms_model_registration();
cmsCore::loadModel('users');
$users_model = new cms_model_users();
global $_LANG;
$do = $inCore->do;
//============================================================================//
if ($do == 'sendremind') {
if ($inUser->id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['REMINDER_PASS']);
$inPage->addPathway($_LANG['REMINDER_PASS']);
if (!cmsCore::inRequest('goremind')) {
cmsPage::initTemplate('components', 'com_registration_sendremind')->display('com_registration_sendremind.tpl');
} else {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$email = cmsCore::request('email', 'email', '');
if (!$email) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
cmsCore::redirectBack();
}
$usr = cmsUser::getShortUserData($email);
if (!$usr || $usr['is_locked'] || $usr['is_deleted']) {
cmsCore::addSessionMessage($_LANG['ADRESS'] . ' "' . $email . '" ' . $_LANG['NOT_IN_OUR_BASE'], 'error');
cmsCore::redirectBack();
}
if (cmsUser::userIsAdmin($usr['id'])) {
cmsCore::addSessionMessage($_LANG['NOT_ADMIN_SENDREMIND'], 'error');
cmsCore::redirectBack();
}
$usercode = md5($usr['id'] . '-' . uniqid() . '-' . microtime() . '-' . PATH);
$sql = "INSERT cms_users_activate (pubdate, user_id, code)\n VALUES (NOW(), '{$usr['id']}', '{$usercode}')";
$inDB->query($sql);
$newpass_link = HOST . '/registration/remind/' . $usercode;
$mail_message = $_LANG['HELLO'] . ', ' . $usr['nickname'] . '!' . "\n\n";
$mail_message .= $_LANG['REMINDER_TEXT'] . ' "' . $inConf->sitename . '".' . "\n\n";
$mail_message .= $_LANG['YOUR_LOGIN'] . ': ' . $usr['login'] . "\n\n";
$mail_message .= $_LANG['NEW_PASS_LINK'] . ":\n" . $newpass_link . "\n\n";
$mail_message .= $_LANG['LINK_EXPIRES'] . "\n\n";
$mail_message .= $_LANG['SIGNATURE'] . ', ' . $inConf->sitename . ' (' . HOST . ').' . "\n";
$mail_message .= date('d-m-Y (H:i)');
$inCore->mailText($email, $inConf->sitename . ' - ' . $_LANG['REMINDER_PASS'], $mail_message);
cmsCore::addSessionMessage($_LANG['NEW_PAS_SENDED'], 'info');
cmsCore::redirect('/login');
}
}
//============================================================================//
if ($do == 'remind') {
if ($inUser->id) {
cmsCore::error404();
}
$usercode = cmsCore::request('code', 'str', '');
//проверяем формат кода
if (!preg_match('/^[0-9a-f]{32}$/i', $usercode)) {
cmsCore::error404();
}
// проверяем код
$user_id = $inDB->get_field('cms_users_activate', "code = '{$usercode}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
//получаем пользователя
$user = $inDB->get_fields('cms_users', "id = '{$user_id}'", '*');
if (!$user) {
cmsCore::error404();
}
if (cmsUser::userIsAdmin($user['id'])) {
cmsCore::error404();
}
if (cmsCore::inRequest('submit')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
$md5_pass = md5($pass);
$inDB->query("UPDATE cms_users SET password = '******', logdate = NOW() WHERE id = '{$user['id']}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$usercode}'");
cmsCore::addSessionMessage($_LANG['CHANGE_PASS_COMPLETED'], 'info');
$inUser->signInUser($user['login'], $pass, true);
cmsCore::redirect(cmsUser::getProfileURL($user['login']));
}
$inPage->setTitle($_LANG['RECOVER_PASS']);
$inPage->addPathway($_LANG['RECOVER_PASS']);
cmsPage::initTemplate('components', 'com_registration_remind')->assign('cfg', $model->config)->assign('user', $user)->display('com_registration_remind.tpl');
}
//============================================================================//
if ($do == 'register') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::error404();
}
}
// регистрация закрыта
if (!$model->config['is_on']) {
cmsCore::error404();
}
// регистрация по инвайтам
if ($model->config['reg_type'] == 'invite') {
if (!$users_model->checkInvite(cmsUser::sessionGet('invite_code'))) {
cmsCore::error404();
}
}
$errors = false;
// получаем данные
$item['login'] = cmsCore::request('login', 'str', '');
$item['email'] = cmsCore::request('email', 'email');
$item['icq'] = cmsCore::request('icq', 'str', '');
$item['city'] = cmsCore::request('city', 'str', '');
$item['nickname'] = cmsCore::request('nickname', 'str', '');
$item['realname1'] = cmsCore::request('realname1', 'str', '');
$item['realname2'] = cmsCore::request('realname2', 'str', '');
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
// проверяем логин
if (mb_strlen($item['login']) < 2 || mb_strlen($item['login']) > 15 || is_numeric($item['login']) || !preg_match("/^([a-z0-9])+\$/ui", $item['login'])) {
cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error');
$errors = true;
}
// проверяем пароль
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
// Проверяем nickname или имя и фамилию
if ($model->config['name_mode'] == 'nickname') {
if (!$item['nickname']) {
cmsCore::addSessionMessage($_LANG['TYPE_NICKNAME'], 'error');
$errors = true;
}
} else {
if (!$item['realname1']) {
cmsCore::addSessionMessage($_LANG['TYPE_NAME'], 'error');
$errors = true;
}
if (!$item['realname2']) {
cmsCore::addSessionMessage($_LANG['TYPE_SONAME'], 'error');
$errors = true;
}
$item['nickname'] = trim($item['realname1']) . ' ' . trim($item['realname2']);
}
if (mb_strlen($item['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
if ($model->getBadNickname($item['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
// Проверяем email
if (!$item['email']) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
$errors = true;
}
// День рождения
list($item['bday'], $item['bmonth'], $item['byear']) = array_values(cmsCore::request('birthdate', 'array_int', array()));
$item['birthdate'] = sprintf('%04d-%02d-%02d', $item['byear'], $item['bmonth'], $item['bday']);
// получаем данные конструктора форм
$item['formsdata'] = '';
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$item['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
// Проверяем каптчу
if (!cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// проверяем есть ли такой пользователь
$user_exist = $inDB->get_fields('cms_users', "(login LIKE '{$item['login']}' OR email LIKE '{$item['email']}') AND is_deleted = 0", 'id, login, email');
if ($user_exist) {
if ($user_exist['login'] == $item['login']) {
cmsCore::addSessionMessage($_LANG['LOGIN'] . ' "' . $item['login'] . '" ' . $_LANG['IS_BUSY'], 'error');
$errors = true;
} else {
cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error');
$errors = true;
}
}
// В случае ошибок, возвращаемся в форму
if ($errors) {
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/registration');
}
//////////////////////////////////////////////
//////////// РЕГИСТРАЦИЯ /////////////////////
//////////////////////////////////////////////
$item['is_locked'] = $model->config['act'];
$item['password'] = md5($pass);
$item['orig_password'] = $pass;
$item['group_id'] = $model->config['default_gid'];
$item['regdate'] = date('Y-m-d H:i:s');
$item['logdate'] = date('Y-m-d H:i:s');
if (cmsUser::sessionGet('invite_code')) {
$invite_code = cmsUser::sessionGet('invite_code');
$item['invited_by'] = (int) $users_model->getInviteOwner($invite_code);
if ($item['invited_by']) {
$users_model->closeInvite($invite_code);
}
cmsUser::sessionDel('invite_code');
} else {
$item['invited_by'] = 0;
}
$item = cmsCore::callEvent('USER_BEFORE_REGISTER', $item);
$item['id'] = $item['user_id'] = $inDB->insert('cms_users', $item);
if (!$item['id']) {
cmsCore::error404();
}
$inDB->insert('cms_user_profiles', $item);
cmsCore::callEvent('USER_REGISTER', $item);
if ($item['is_locked']) {
$model->sendActivationNotice($pass, $item['id']);
cmsPage::includeTemplateFile('special/regactivate.php');
cmsCore::halt();
} else {
cmsActions::log('add_user', array('object' => '', 'user_id' => $item['id'], 'object_url' => '', 'object_id' => $item['id'], 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($item['id']);
}
$model->sendRegistrationNotice($pass, $item['id']);
$back_url = $inUser->signInUser($item['login'], $pass, true);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'view') {
$pagetitle = $inCore->getComponentTitle();
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$inPage->addHeadJsLang(array('WRONG_PASS'));
// Если пользователь авторизован, то не показываем форму регистрации, редирект в профиль.
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
$correct_invite = cmsUser::sessionGet('invite_code') ? true : false;
if ($model->config['reg_type'] == 'invite' && cmsCore::inRequest('invite_code')) {
$invite_code = cmsCore::request('invite_code', 'str', '');
$correct_invite = $users_model->checkInvite($invite_code);
if ($correct_invite) {
cmsUser::sessionPut('invite_code', $invite_code);
} else {
cmsCore::addSessionMessage($_LANG['INCORRECT_INVITE'], 'error');
}
}
$item = cmsUser::sessionGet('item');
if ($item) {
cmsUser::sessionDel('item');
}
if (empty($item['birthdate'])) {
$item['birthdate'] = date('Y-m-d');
}
$private_forms = array();
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, array(), true));
}
}
}
cmsPage::initTemplate('components', 'com_registration')->assign('cfg', $model->config)->assign('item', $item)->assign('pagetitle', $pagetitle)->assign('correct_invite', $correct_invite)->assign('private_forms', $private_forms)->display('com_registration.tpl');
}
//============================================================================//
if ($do == 'activate') {
$code = cmsCore::request('code', 'str', '');
if (!$code) {
cmsCore::error404();
}
$user_id = $inDB->get_field('cms_users_activate', "code = '{$code}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_locked = 0 WHERE id = '{$user_id}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$code}'");
cmsCore::callEvent('USER_ACTIVATED', $user_id);
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($user_id);
}
// Регистрируем событие
cmsActions::log('add_user', array('object' => '', 'user_id' => $user_id, 'object_url' => '', 'object_id' => $user_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::addSessionMessage($_LANG['ACTIVATION_COMPLETE'], 'info');
cmsUser::goToLogin();
}
//============================================================================//
if ($do == 'auth') {
//====================//
//== разлогивание ==//
if (cmsCore::inRequest('logout')) {
$inUser->logout();
cmsCore::redirect('/');
}
//====================//
//== авторизация ==//
if (!cmsCore::inRequest('logout')) {
// флаг неуспешных авторизаций
$anti_brute_force = cmsUser::sessionGet('anti_brute_force');
$login = cmsCore::request('login', 'str', '');
$passw = cmsCore::request('pass', 'str', '');
$remember_pass = cmsCore::inRequest('remember');
// если нет логина или пароля, показываем форму входа
if (!$login || !$passw) {
if ($inUser->id && !$inUser->is_admin) {
cmsCore::redirect('/');
}
$inPage->setTitle($_LANG['SITE_LOGIN']);
$inPage->addPathway($_LANG['SITE_LOGIN']);
cmsPage::initTemplate('components', 'com_registration_login')->assign('cfg', $model->config)->assign('anti_brute_force', $anti_brute_force)->assign('is_sess_back', cmsUser::sessionGet('auth_back_url'))->display('com_registration_login.tpl');
if (!mb_strstr(cmsCore::getBackURL(), 'login')) {
cmsUser::sessionPut('auth_back_url', cmsCore::getBackURL());
}
return;
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// Проверяем каптчу
if ($anti_brute_force && !cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
cmsCore::redirect('/login');
}
cmsUser::sessionDel('anti_brute_force');
$back_url = $inUser->signInUser($login, $passw, $remember_pass);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'autherror') {
cmsUser::sessionPut('anti_brute_force', 1);
cmsPage::includeTemplateFile('special/autherror.php');
cmsCore::halt();
}
//============================================================================//
}
function board()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
cmsCore::loadClass('billing');
}
$model = new cms_model_board();
$do = $inCore->do;
$pagetitle = $inCore->getComponentTitle();
$pagekeys = $pagedesc = '';
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle, '/board');
/////////////////////////////// VIEW CATEGORY ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'view') {
//Получаем текущую категорию
$category = $model->getCategory($model->category_id);
if (!$category) {
cmsCore::error404();
}
if ($category['id'] != $model->root_cat['id']) {
$pagetitle = $category['pagetitle'] ? $category['pagetitle'] : $category['title'];
$pagekeys = $category['meta_keys'];
$pagedesc = $category['meta_desc'];
$category_path = $inDB->getNsCategoryPath('cms_board_cats', $category['NSLeft'], $category['NSRight']);
if ($category_path) {
foreach ($category_path as $pcat) {
$inPage->addPathway($pcat['title'], '/board/' . $pcat['id']);
}
}
} else {
$menu_title = $inCore->menuTitle();
$pagetitle = $menu_title ? $menu_title : $pagetitle;
$category['title'] = $pagetitle;
$category['description'] = $model->config['root_description'];
$pagekeys = $model->config['meta_keys'];
$pagedesc = $model->config['meta_desc'];
}
// rss в адресной строке
$rss_cat_id = $category['id'] == $model->root_cat['id'] ? 'all' : $category['id'];
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . $_LANG['BOARD'] . '" href="' . HOST . '/rss/board/' . $rss_cat_id . '/feed.rss">');
//Формируем категории
$cats = $model->getSubCats($category['id']);
// Формируем список объявлений
// Устанавливаем категорию
if ($category['id'] != $model->root_cat['id']) {
$model->whereThisAndNestedCats($category['NSLeft'], $category['NSRight']);
}
//Город
if ($model->city) {
$model->whereCityIs($model->city);
$pagetitle .= ' :: ' . $model->city;
}
// Типы объявлений
if ($model->obtype && mb_stristr(icms_ucfirst($category['obtypes']), $model->obtype)) {
$model->whereTypeIs($model->obtype);
$pagetitle .= ' :: ' . $model->obtype;
}
// модератор или админ
$is_moder = $inUser->is_admin || $model->is_moderator_by_group;
// Общее количество объявлений по заданным выше условиям
$total = $model->getAdvertsCount($is_moder, true);
//устанавливаем сортировку
$orderby = $model->getOrder('orderby', $category['orderby']);
$orderto = $model->getOrder('orderto', $category['orderto']);
$inDB->orderBy('is_vip DESC, ' . $orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во объявлений на странице
$inDB->limitPage($model->page, $category['perpage']);
// Получаем объявления
$items = $model->getAdverts($is_moder, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if (!$items && $model->page > 1) {
cmsCore::error404();
}
// если не указаны ключевые слова, формируем их из названий рубрик и типов
if (!$pagekeys && $cats) {
foreach ($cats as $c) {
$keys[] = $c['title'];
foreach (explode("\n", $c['obtypes']) as $obtype) {
$keys[] = trim($obtype);
}
}
$pagekeys = implode(',', $keys);
} elseif (!$cats) {
$pagekeys = $category['title'];
}
// если не указано описание, формируем из текущих объявлений
if (!$pagedesc && $items) {
foreach ($items as $i) {
$desc[] = $i['title'];
}
$pagedesc = implode('. ', $desc);
} elseif (!$items && $category['description']) {
$pagedesc = crop($category['description']);
}
// Проставляем заголовки страницы и описание согласно выборки
$inPage->setDescription(crop($pagedesc));
$inPage->setKeywords($pagekeys);
$inPage->setTitle($pagetitle);
// Отдаем в шаблон категории
cmsPage::initTemplate('components', 'com_board_cats')->assign('cats', $cats)->assign('category', $category)->assign('root_id', $model->root_cat['id'])->assign('is_user', $inUser->id)->assign('maxcols', $model->config['maxcols'])->display('com_board_cats.tpl');
$pagebar = cmsPage::getPagebar($total, $model->page, $category['perpage'], '/board/%catid%-%page%', array('catid' => $category['id']));
$order_form = $category['orderform'] ? $model->orderForm($orderby, $orderto, $category) : '';
// Отдаем в шаблон объявления
cmsPage::initTemplate('components', 'com_board_items')->assign('order_form', $order_form)->assign('cfg', $model->config)->assign('root_id', $model->root_cat['id'])->assign('items', $items)->assign('cat', $category)->assign('maxcols', $category['maxcols'])->assign('colwidth', round(100 / $category['maxcols']))->assign('pagebar', $pagebar)->display('com_board_items.tpl');
}
/////////////////////////////// VIEW USER ADV ///////////////////////////////////////////////////////////////////////////////////////
if ($do == 'by_user') {
// логин пользователя
$login = cmsCore::request('login', 'str', '' . $inUser->login . '');
// получаем данные пользователя
$user = cmsUser::getShortUserData($login);
if (!$user) {
cmsCore::error404();
}
$myprofile = $model->checkAccess($user['id']);
$inPage->addPathway($user['nickname']);
$inPage->setTitle($_LANG['BOARD'] . ' - ' . $user['nickname']);
$inPage->setDescription($_LANG['BOARD'] . ' - ' . $user['nickname']);
// Формируем список объявлений
$model->whereUserIs($user['id']);
// Общее количество объявлений по заданным выше условиям
$total = $model->getAdvertsCount($myprofile);
//устанавливаем сортировку
$inDB->orderBy('pubdate', 'DESC');
//устанавливаем номер текущей страницы и кол-во объявлений на странице
$inDB->limitPage($model->page, 15);
// Получаем объявления
$items = $model->getAdverts($myprofile, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if (!$items && $model->page > 1) {
cmsCore::error404();
}
// Пагинация
$pagebar = cmsPage::getPagebar($total, $model->page, 15, '/board/by_user_' . $login . '/page-%page%');
// Показываем даты
$category['showdate'] = 1;
cmsPage::initTemplate('components', 'com_board_items')->assign('cfg', $model->config)->assign('page_title', $_LANG['BOARD'] . ' - ' . $user['nickname'])->assign('root_id', $model->root_cat['id'])->assign('items', $items)->assign('cat', $category)->assign('maxcols', 1)->assign('colwidth', 100)->assign('pagebar', $pagebar)->display('com_board_items.tpl');
}
/////////////////////////////// VIEW ITEM ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'read') {
// получаем объявление
$item = $model->getRecord($model->item_id);
if (!$item) {
cmsCore::error404();
}
// неопубликованные показываем админам, модераторам и автору
if (!$item['published'] && !$item['moderator']) {
cmsCore::error404();
}
// для неопубликованного показываем инфо: просрочено/на модерации
if (!$item['published']) {
$info_text = $item['is_overdue'] ? $_LANG['ADV_IS_EXTEND'] : $_LANG['ADV_IS_MODER'];
cmsCore::addSessionMessage($info_text, 'info');
} else {
if ($inUser->id != $item['user_id']) {
// увеличиваем кол-во просмотров
$inDB->setFlag('cms_board_items', $model->item_id, 'hits', $item['hits'] + 1);
}
}
// формируем заголовок и тело сообщения
$item['title'] = $item['obtype'] . ' ' . $item['title'];
$item['content'] = nl2br($item['content']);
$item['content'] = $model->config['auto_link'] ? $inCore->parseSmiles($item['content']) : $item['content'];
$category_path = $inDB->getNsCategoryPath('cms_board_cats', $item['NSLeft'], $item['NSRight']);
if ($category_path) {
foreach ($category_path as $pcat) {
$inPage->addPathway($pcat['title'], '/board/' . $pcat['id']);
}
}
$inPage->addPathway($item['title']);
$pagetitle = $item['pagetitle'] ? $item['pagetitle'] : $item['title'];
$pagekeys = $item['meta_keys'] ? $item['meta_keys'] : $item['title'];
$pagedesc = $item['meta_desc'] ? $item['meta_desc'] : $item['content'];
$inPage->setTitle($pagetitle);
$inPage->setDescription(crop($pagedesc));
$inPage->setKeywords($pagekeys);
cmsPage::initTemplate('components', 'com_board_item')->assign('item', $item)->assign('cfg', $model->config)->assign('user_id', $inUser->id)->assign('is_admin', $inUser->is_admin)->assign('formsdata', cmsForm::getFieldsValues($item['form_id'], $item['form_array']))->assign('is_moder', $model->is_moderator_by_group)->display('com_board_item.tpl');
}
/////////////////////////////// NEW BOARD ITEM /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'additem') {
// Получаем категории, в которые может загружать пользователь
$catslist = $model->getPublicCats($model->category_id);
if (!$catslist) {
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV_ANY'], 'error');
$inCore->redirect('/board');
}
$cat['is_photos'] = 1;
$formsdata = array();
if ($model->category_id && $model->category_id != $model->root_cat['id']) {
$cat = $model->getCategory($model->category_id);
$formsdata = cmsForm::getFieldsHtml($cat['form_id']);
}
$inPage->addPathway($_LANG['ADD_ADV']);
if (!cmsCore::inRequest('submit')) {
if (IS_BILLING) {
cmsBilling::checkBalance('board', 'add_item');
}
$inPage->setTitle($_LANG['ADD_ADV']);
$item = cmsUser::sessionGet('item');
if ($item) {
cmsUser::sessionDel('item');
}
$item['city'] = !empty($item['city']) ? $item['city'] : $inUser->city;
cmsPage::initTemplate('components', 'com_board_edit')->assign('action', "/board/add.html")->assign('form_do', 'add')->assign('cfg', $model->config)->assign('cat', $cat)->assign('item', $item)->assign('pagetitle', $_LANG['ADD_ADV'])->assign('formsdata', $formsdata)->assign('is_admin', $inUser->is_admin)->assign('is_user', $inUser->id)->assign('catslist', $catslist)->assign('is_billing', IS_BILLING)->assign('balance', $inUser->balance)->display('com_board_edit.tpl');
cmsUser::sessionClearAll();
return;
}
if (cmsCore::inRequest('submit')) {
// проверяем на заполненость скрытое поле
$title_fake = cmsCore::request('title_fake', 'str', '');
// если оно заполнено, считаем что это бот, 404
if ($title_fake) {
cmsCore::error404();
}
$errors = false;
// проверяем наличие категории
if (!$cat['id']) {
cmsCore::addSessionMessage($_LANG['NEED_CAT_ADV'], 'error');
$errors = true;
}
// Проверяем количество добавленных за сутки
if (!$model->checkLoadedByUser24h($cat)) {
cmsCore::addSessionMessage($_LANG['MAX_VALUE_OF_ADD_ADV'], 'error');
$errors = true;
}
// Можем ли добавлять в эту рубрику
if (!$model->checkAdd($cat)) {
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV'], 'error');
$errors = true;
}
// входные данные
$obtype = icms_ucfirst(cmsCore::request('obtype', 'str', ''));
$title = trim(str_ireplace($obtype, '', cmsCore::request('title', 'str', '')));
$content = cmsCore::request('content', 'str', '');
$city = cmsCore::request('city', 'str', '');
$pagetitle = cmsCore::request('pagetitle', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$meta_desc = cmsCore::request('meta_desc', 'str', '');
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
$vipdays = cmsCore::request('vipdays', 'int', 0);
$published = $model->checkPublished($cat);
if ($model->config['srok']) {
$pubdays = cmsCore::request('pubdays', 'int') <= 50 ? cmsCore::request('pubdays', 'int') : 50;
}
if (!$model->config['srok']) {
$pubdays = isset($model->config['pubdays']) ? $model->config['pubdays'] : 14;
}
// Проверяем значения
if (!$title) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$content) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$city) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
if (!$inUser->id && !cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$item['content'] = htmlspecialchars(stripslashes($_REQUEST['content']));
$item['city'] = stripslashes($city);
$item['title'] = stripslashes($title);
$item['obtype'] = $obtype;
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/board/' . $model->category_id . '/add.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = $model->uploadPhoto('', $cat);
} else {
$file['filename'] = '';
cmsCore::addSessionMessage($_LANG['INFO_CAT_NO_PHOTO'], 'info');
}
$add = array('category_id' => $model->category_id, 'user_id' => $inUser->id, 'obtype' => $obtype, 'title' => $title, 'content' => $content, 'formsdata' => $formsdata, 'city' => $city, 'pubdays' => $pubdays, 'published' => $published, 'pagetitle' => $model->config['seo_user_access'] && $inUser->id || $inUser->is_admin ? $pagetitle : '', 'meta_keys' => $model->config['seo_user_access'] && $inUser->id || $inUser->is_admin ? $meta_keys : '', 'meta_desc' => $model->config['seo_user_access'] && $inUser->id || $inUser->is_admin ? $meta_desc : '', 'file' => $file['filename']);
$add['id'] = $model->addRecord($add);
if ($inUser->is_admin && $vipdays) {
$model->setVip($add['id'], $vipdays);
}
if (IS_BILLING) {
cmsBilling::process('board', 'add_item');
if ($model->config['vip_enabled'] && $vipdays && $model->config['vip_day_cost']) {
if ($vipdays > $model->config['vip_max_days']) {
$vipdays = $model->config['vip_max_days'];
}
$summ = $vipdays * $model->config['vip_day_cost'];
if ($inUser->balance >= $summ) {
cmsBilling::pay($inUser->id, $summ, $_LANG['VIP_ITEM']);
$model->setVip($add['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if ($published) {
//регистрируем событие
cmsActions::log('add_board', array('object' => $obtype . ' ' . $title, 'object_url' => '/board/read' . $add['id'] . '.html', 'object_id' => $add['id'], 'target' => $cat['title'], 'target_url' => '/board/' . $cat['id'], 'target_id' => $cat['id'], 'description' => ''));
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'], 'success');
cmsCore::callEvent('ADD_BOARD_DONE', $add);
cmsCore::redirect('/board/read' . $add['id'] . '.html');
}
if (!$published) {
$link = '<a href="/board/read' . $add['id'] . '.html">' . $obtype . ' ' . $title . '</a>';
if ($inUser->id) {
$user = '******' . cmsUser::getProfileURL($inUser->login) . '">' . $inUser->nickname . '</a>';
} else {
$user = $_LANG['BOARD_GUEST'] . ', ip: ' . $inUser->ip;
}
$message = str_replace('%user%', $user, $_LANG['MSG_ADV_SUBMIT']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'] . '<br>' . $_LANG['ADV_PREMODER_TEXT'], 'success');
cmsCore::redirect('/board/' . $model->category_id);
}
}
}
/////////////////////////////// EDIT BOARD ITEM /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'edititem') {
$item = $model->getRecord($model->item_id);
$cat = $model->getCategory($item['category_id']);
if (!$cat) {
cmsCore::error404();
}
if (!$item) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['EDIT_ADV']);
$inPage->addPathway($item['category'], '/board/' . $item['cat_id']);
$inPage->addPathway($_LANG['EDIT_ADV']);
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/read' . $item['id'] . '.html');
}
$errors = false;
if (!cmsCore::inRequest('submit')) {
cmsPage::initTemplate('components', 'com_board_edit')->assign('action', "/board/edit{$item['id']}.html")->assign('form_do', 'edit')->assign('cfg', $model->config)->assign('cat', $cat)->assign('item', $item)->assign('pagetitle', $_LANG['EDIT_ADV'])->assign('is_admin', $inUser->is_admin)->assign('catslist', $model->getPublicCats($item['category_id'], true))->assign('formsdata', cmsForm::getFieldsHtml($cat['form_id'], $item['form_array']))->assign('is_user', $inUser->id)->assign('is_billing', IS_BILLING)->assign('balance', $inUser->balance)->display('com_board_edit.tpl');
cmsUser::sessionClearAll();
}
if (cmsCore::inRequest('submit')) {
$new_cat_id = cmsCore::request('category_id', 'int', 0);
if ($new_cat_id) {
$item['category_id'] = $new_cat_id;
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
if ($item['is_overdue'] && !$item['published']) {
if ($model->config['srok']) {
$pubdays = cmsCore::request('pubdays', 'int') <= 50 ? cmsCore::request('pubdays', 'int') : 50;
}
if (!$model->config['srok']) {
$pubdays = isset($model->config['pubdays']) ? $model->config['pubdays'] : 14;
}
$pubdate = date("Y-m-d H:i:s");
} else {
$pubdays = $item['pubdays'];
$pubdate = $item['fpubdate'];
}
$update['obtype'] = icms_ucfirst(cmsCore::request('obtype', 'str'));
$update['title'] = trim(str_ireplace($update['obtype'], '', cmsCore::request('title', 'str', '')));
$update['category_id'] = $item['category_id'];
$update['content'] = cmsCore::request('content', 'str', '');
$update['formsdata'] = $formsdata;
$update['city'] = cmsCore::request('city', 'str', '');
$update['pubdate'] = $pubdate;
$update['pubdays'] = $pubdays;
$update['published'] = $model->checkPublished($cat, true);
if ($model->config['seo_user_access'] && $inUser->id || $inUser->is_admin) {
$update['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$update['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$update['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
if (!$update['title']) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$update['content']) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$update['city']) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$inCore->redirect('/board/edit' . $item['id'] . '.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = $model->uploadPhoto($item['file'], $cat);
}
$update['file'] = $file['filename'] ? $file['filename'] : $item['file'];
// обновляем объявление
$model->updateRecord($item['id'], $update);
// обновляем запись в ленте активности
cmsActions::updateLog('add_board', array('object' => $update['obtype'] . ' ' . $update['title']), $item['id']);
$vipdays = cmsCore::request('vipdays', 'int', 0);
if ($inUser->is_admin) {
if ($vipdays > 0) {
$model->setVip($item['id'], $vipdays);
}
if ($vipdays == -1) {
$model->deleteVip($item['id']);
}
}
if (IS_BILLING) {
if ($model->config['vip_enabled'] && $model->config['vip_prolong'] && $vipdays && $model->config['vip_day_cost']) {
if ($vipdays > $model->config['vip_max_days']) {
$vipdays = $model->config['vip_max_days'];
}
$summ = $vipdays * $model->config['vip_day_cost'];
if ($inUser->balance >= $summ) {
cmsBilling::pay($inUser->id, $summ, $_LANG['VIP_ITEM']);
$model->setVip($item['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if (!$update['published']) {
$link = '<a href="/board/read' . $item['id'] . '.html">' . $update['obtype'] . ' ' . $update['title'] . '</a>';
$user = '******' . cmsUser::getProfileURL($inUser->login) . '">' . $inUser->nickname . '</a>';
$message = str_replace(array('%link%', '%user%'), array($link, $user), $_LANG['MSG_ADV_EDITED']);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_EDIT_PREMODER_TEXT'], 'info');
}
cmsCore::addSessionMessage($_LANG['ADV_MODIFIED'], 'success');
cmsCore::redirect('/board/read' . $item['id'] . '.html');
}
}
///////////////////////// PUBLISH BOARD ITEM /////////////////////////////////////////////////////////////////////////////
if ($do == 'publish') {
$item = $model->getRecord($model->item_id);
if (!$item) {
cmsCore::error404();
}
// если уже опубликовано, 404
if ($item['published']) {
cmsCore::error404();
}
// публиковать могут админы и модераторы доски
if (!$inUser->is_admin && !$model->is_moderator_by_group) {
cmsCore::error404();
}
// публикуем
$inDB->setFlag('cms_board_items', $model->item_id, 'published', 1);
cmsCore::callEvent('ADD_BOARD_DONE', $item);
if ($item['user_id']) {
//регистрируем событие
cmsActions::log('add_board', array('object' => $item['obtype'] . ' ' . $item['title'], 'user_id' => $item['user_id'], 'object_url' => '/board/read' . $item['id'] . '.html', 'object_id' => $item['id'], 'target' => $item['category'], 'target_url' => '/board/' . $item['cat_id'], 'target_id' => $item['cat_id'], 'description' => ''));
$link = '<a href="/board/read' . $item['id'] . '.html">' . $item['obtype'] . ' ' . $item['title'] . '</a>';
$message = str_replace('%link%', $link, $_LANG['MSG_ADV_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message);
}
cmsCore::addSessionMessage($_LANG['ADV_IS_ACCEPTED'], 'success');
cmsCore::redirect('/board/read' . $item['id'] . '.html');
}
/////////////////////////////// DELETE BOARD ITEM /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'delete') {
$item = $model->getRecord($model->item_id);
if (!$item) {
cmsCore::error404();
}
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/' . $item['cat_id']);
}
if (!cmsCore::inRequest('godelete')) {
$inPage->setTitle($_LANG['DELETE_ADV']);
$inPage->addPathway($item['category'], '/board/' . $item['cat_id']);
$inPage->addPathway($_LANG['DELETE_ADV']);
$confirm['title'] = $_LANG['DELETING_ADV'];
$confirm['text'] = $_LANG['YOU_SURE_DELETE_ADV'] . ' "' . $item['title'] . '"?';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button']['name'] = 'godelete';
cmsPage::initTemplate('components', 'action_confirm')->assign('confirm', $confirm)->display('action_confirm.tpl');
}
if (cmsCore::inRequest('godelete')) {
$model->deleteRecord($model->item_id);
cmsCore::addSessionMessage($_LANG['ADV_IS_DELETED'], 'success');
cmsCore::redirect('/board/' . $item['cat_id']);
}
}
}
function faq()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_faq();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
$inCore->loadClass('billing');
}
global $_LANG;
$pagetitle = $inCore->getComponentTitle();
$inPage->addPathway($pagetitle, '/faq');
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
$inPage->addHeadJsLang(array('ERR_QUESTION'));
$cfg = $inCore->loadComponentConfig('faq');
if (!isset($cfg['guest_enabled'])) {
$cfg['guest_enabled'] = 1;
}
if (!isset($cfg['user_link'])) {
$cfg['user_link'] = 1;
}
if (!isset($cfg['publish'])) {
$cfg['publish'] = 0;
}
if (!isset($cfg['is_comment'])) {
$cfg['is_comment'] = 1;
}
$id = $inCore->request('id', 'int', 0);
$do = $inCore->do;
///////////////////////////////////// VIEW CATEGORY ////////////////////////////////////////////////////////////////////////////////
if ($do == 'view') {
if ($id > 0) {
//CURRENT CATEGORY
$sql = "SELECT *\r\n\t\t\t\tFROM cms_faq_cats\r\n\t\t\t\tWHERE id = '{$id}'\r\n\t\t\t\tORDER BY title ASC LIMIT 1\r\n\t\t\t\t";
$result = $inDB->query($sql);
if (!$inDB->num_rows($result)) {
cmsCore::error404();
}
$cat = $inDB->fetch_assoc($result);
//PAGE HEADING
$pagetitle = $cat['title'];
$inPage->setTitle($cat['title']);
$inPage->addPathway($cat['title']);
$inPage->setDescription($cat['title']);
}
//LIST OF SUBCATEGORIES
$sql = "SELECT *\r\n\t\t\tFROM cms_faq_cats\r\n\t\t\tWHERE parent_id = {$id} AND id > 0 AND published = 1\r\n\t\t\tORDER BY title ASC\r\n\t\t\t";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)) {
$subcats = array();
while ($subcat = $inDB->fetch_assoc($result)) {
$subcats[] = $subcat;
}
$is_subcats = true;
} else {
$is_subcats = false;
}
//CURRENT CATEGORY CONTENT
$perpage = 15;
$page = $inCore->request('page', 'int', 1);
$records = 0;
if ($id > 0) {
$sql = "SELECT q.*, u.login, u.nickname\r\n\t\t\t\tFROM cms_faq_quests q\r\n\t\t\t\tLEFT JOIN cms_users u ON u.id = q.user_id\r\n\t\t\t\tWHERE q.category_id = {$id} AND q.published = 1\r\n\t\t\t\tORDER BY q.pubdate DESC\r\n\t\t\t\tLIMIT " . ($page - 1) * $perpage . ", {$perpage}";
$result_total = $inDB->query("SELECT id FROM cms_faq_quests WHERE category_id = {$id} AND published = 1");
$records = $inDB->num_rows($result_total);
} else {
$sql = "SELECT q.*, c.title cat_title, c.id cid, u.login, u.nickname\r\n\t\t\t\tFROM cms_faq_quests q\r\n\t\t\t\tLEFT JOIN cms_faq_cats c ON c.id = q.category_id\r\n\t\t\t\tLEFT JOIN cms_users u ON u.id = q.user_id\r\n\t\t\t\tWHERE q.published = 1\r\n\t\t\t\tORDER BY q.pubdate DESC\r\n\t\t\t\tLIMIT 15";
}
$result = $inDB->query($sql);
if ($inDB->num_rows($result)) {
$quests = array();
while ($con = $inDB->fetch_assoc($result)) {
$con['pubdate'] = $inCore->dateFormat($con['pubdate'], true, false, false);
$con['quest'] = nl2br($con['quest']);
$quests[] = $con;
}
$is_quests = true;
} else {
$is_quests = false;
}
cmsPage::initTemplate('components', 'com_faq_view')->assign('pagetitle', $pagetitle)->assign('id', $id)->assign('subcats', $subcats)->assign('is_subcats', $is_subcats)->assign('quests', $quests)->assign('cfg', $cfg)->assign('is_quests', $is_quests)->assign('is_user', $inUser->id)->assign('pagebar', cmsPage::getPagebar($records, $page, $perpage, '/faq/%id%-%page%', array('id' => $id)))->display('com_faq_view.tpl');
}
///////////////////////////////////// READ QUESTION ////////////////////////////////////////////////////////////////////////////////
if ($do == 'read') {
$sql = "SELECT con.*,\r\n\t\t\t\tcat.title cat_title, cat.id cat_id, u.login, u.nickname\r\n\t\t\t\tFROM cms_faq_quests con\r\n\t\t\t\tLEFT JOIN cms_faq_cats cat ON cat.id = con.category_id\r\n\t\t\t\tLEFT JOIN cms_users u ON u.id = con.user_id\r\n\t\t\t\tWHERE con.id = {$id} LIMIT 1";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)) {
$inDB->query("UPDATE cms_faq_quests SET hits = hits + 1 WHERE id = {$id}");
$quest = $inDB->fetch_assoc($result);
$quest['pubdate'] = $inCore->dateFormat($quest['pubdate'], true, false, false);
$quest['answerdate'] = $inCore->dateFormat($quest['answerdate'], true, false, false);
if (mb_strlen($quest['quest']) > 40) {
$shortquest = mb_substr($quest['quest'], 0, 40) . '...';
} else {
$shortquest = $quest['quest'];
}
$quest['quest'] = nl2br($quest['quest']);
$inPage->setTitle($shortquest);
$inPage->setDescription($shortquest);
$inPage->addPathway($quest['cat_title'], '/faq/' . $quest['cat_id']);
$inPage->addPathway($shortquest);
cmsPage::initTemplate('components', 'com_faq_read')->assign('quest', $quest)->assign('cfg', $cfg)->assign('labels', array('comments' => $_LANG['ANSWERS'], 'add' => $_LANG['REPLY'], 'rss' => $_LANG['RSS_FEED'], 'not_comments' => $_LANG['NOT_ANSWERS']))->assign('is_admin', $inUser->is_admin)->display('com_faq_read.tpl');
} else {
cmsCore::error404();
}
}
///////////////////////////////////// SEND QUEST ////////////////////////////////////////////////////////////////////////////////
if ($do == 'sendquest') {
if (!$inUser->id && !$cfg['guest_enabled']) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['SET_QUESTION']);
$inPage->addPathway($_LANG['SET_QUESTION']);
$inPage->addHeadJS('components/faq/js/common.js');
$error = '';
$captha_code = $inCore->request('code', 'str', '');
$message = $inCore->request('message', 'str', '');
$category_id = $inCore->request('category_id', 'int', '');
$published = $inUser->is_admin || $cfg['publish'] ? 1 : 0;
$is_submit = $inCore->inRequest('message');
if ($is_submit && !$inUser->id && !cmsPage::checkCaptchaCode()) {
$error = $_LANG['ERR_CAPTCHA'];
}
if (!$is_submit || $error) {
if (IS_BILLING && $inUser->id) {
cmsBilling::checkBalance('faq', 'add_quest');
}
cmsPage::initTemplate('components', 'com_faq_add')->assign('catslist', $inCore->getListItems('cms_faq_cats', $category_id))->assign('user_id', $inUser->id)->assign('message', htmlspecialchars($inCore->request('message', 'html', '')))->assign('error', $error)->display('com_faq_add.tpl');
} else {
//SAVE QUESTION
$sql = "INSERT INTO cms_faq_quests (category_id, pubdate, published, quest, answer, user_id, answeruser_id, answerdate, hits)\r\n\t\t\t\tVALUES ('{$category_id}', NOW(), '{$published}', '{$message}', '', '{$inUser->id}', 0, NOW(), 0)";
$inDB->query($sql);
$quest_id = $inDB->get_last_id('cms_faq_quests');
if (IS_BILLING && $inUser->id) {
cmsBilling::process('faq', 'add_quest');
}
$inPage->setTitle($_LANG['QUESTION_SEND']);
$inPage->addPathway($_LANG['QUESTION_SEND']);
if (!$published) {
echo '<div class="con_heading">' . $_LANG['QUESTION_SEND'] . '</div>';
echo '<div style="margin-top:10px">' . $_LANG['QUESTION_PREMODER'] . '</div>';
echo '<div style="margin-top:10px"><a href="/faq">' . $_LANG['CONTINUE'] . '</a></div>';
} elseif ($published) {
$category = $inDB->get_field('cms_faq_cats', "id={$category_id}", 'title');
//регистрируем событие
cmsActions::log('add_quest', array('object' => $_LANG['QUESTION'], 'object_url' => '/faq/quest' . $quest_id . '.html', 'object_id' => $quest_id, 'target' => $category, 'target_url' => '/faq/' . $category_id, 'target_id' => $category_id, 'description' => strip_tags(mb_strlen(strip_tags($message)) > 100 ? mb_substr($message, 0, 100) : $message)));
$inCore->redirect('/faq/quest' . $quest_id . '.html');
} else {
$inCore->redirect('/faq/quest' . $quest_id . '.html');
}
}
}
///////////////////////////////////// DELETE QUEST ////////////////////////////////////////////////////////////////////////////////
if ($do == 'delquest') {
$quest_id = $inCore->request('quest_id', 'int', 0);
$user_id = $inUser->id;
$sql = "SELECT con.id, con.quest, con.category_id\r\n\t\t\t\tFROM cms_faq_quests con\r\n\t\t\t\tWHERE con.id = '{$quest_id}' LIMIT 1";
$result = $inDB->query($sql);
$quest = $inDB->fetch_assoc($result);
if (!$user_id || !$quest_id || !$quest) {
$inCore->redirectBack();
}
if (!$inCore->inRequest('confirm')) {
if (cmsUser::userIsAdmin($user_id)) {
$inPage->setTitle($_LANG['DEL_QUES']);
$inPage->addPathway($_LANG['DEL_QUES']);
$confirm['title'] = $_LANG['DELETE_QUES'];
$confirm['text'] = $_LANG['YOU_REALY_DELETE_QUES'] . ':<br> "<a href="/faq/quest' . $quest['id'] . '.html">' . $quest['quest'] . '</a>"<br><br>';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
$confirm['yes_button']['name'] = 'confirm';
cmsPage::initTemplate('components', 'action_confirm')->assign('confirm', $confirm)->display('action_confirm.tpl');
} else {
$inCore->redirectBack();
}
}
if ($inCore->inRequest('confirm')) {
if (cmsUser::userIsAdmin($user_id)) {
$model->deleteQuest($quest_id);
}
$inCore->redirect('/faq/' . $quest['category_id']);
}
}
}
function shopFinishOrder($cfg)
{
$inCore = cmsCore::getInstance();
$inDB = cmsDatabase::getInstance();
$inPage = cmsPage::getInstance();
$inUser = cmsUser::getInstance();
$inConf = cmsConfig::getInstance();
global $_LANG;
if (isset($inUser->id)) {
$user_id = $inUser->id;
} else {
$user_id = 0;
}
$sid = session_id();
$inPage->setTitle($_LANG['ORDER_COMPLETE']);
if ($user_id) {
$user_sql = "(c.user_id={$user_id} OR session_id='{$sid}')";
} else {
$user_sql = "(c.user_id=0 AND c.session_id='{$sid}')";
}
$sql = "SELECT i.title as title, i.id as id, i.canmany as canmany, i.price as price,\r\n\t\t\t\t\tc.id as cid, c.itemscount as itemscount,\r\n\t\t\t\t\tcat.id as category_id, cat.title as category\r\n\t\t\tFROM cms_uc_items i, cms_uc_cart c, cms_uc_cats cat\r\n\t\t\tWHERE {$user_sql} AND c.item_id = i.id AND i.category_id = cat.id\r\n\t\t\tORDER BY c.pubdate";
$rs = $inDB->query($sql);
if ($inDB->num_rows($rs)) {
//check user data
$customer = array();
if (!empty($_REQUEST['customer_fio'])) {
$customer['fio'] = $inCore->request('customer_fio', 'str');
} else {
$error .= $_LANG['EMPTY_NAME'] . '<br/>';
}
if (!empty($_REQUEST['customer_phone'])) {
$customer['phone'] = $inCore->request('customer_phone', 'str');
} else {
$error .= $_LANG['EMPTY_PHONE'] . '<br/>';
}
$customer['company'] = $inCore->request('customer_company', 'str');
$customer['email'] = $inCore->request('customer_email', 'str');
$customer['comment'] = $inCore->request('customer_comment', 'str');
if (!cmsPage::checkCaptchaCode()) {
$error .= $_LANG['ERR_CAPTCHA'] . '<br/>';
}
//BUILD MESSAGE
if ($error == '') {
// письмо администратору
$a_mail_message = $_LANG['GET_ORDER_FROM_CATALOG'] . " \"" . $inConf->sitename . "\".\n\n";
$a_mail_message .= $_LANG['CUSTOMER'] . "\n-----------------------------\r\n";
$a_mail_message .= $_LANG['FIO'] . ": " . $customer['fio'] . "\n";
if ($customer['company']) {
$a_mail_message .= $_LANG['COMPANY'] . ": " . $customer['company'] . "\n";
}
$a_mail_message .= $_LANG['PHONE'] . ": " . $customer['phone'] . "\n";
$a_mail_message .= "EMAIL: " . $customer['email'] . "\n";
if ($customer['comment']) {
$a_mail_message .= $_LANG['ORDER_COMMENT'] . ": " . @$customer['comment'] . "\n\n";
}
$a_mail_message .= $_LANG['ORDER'] . "\n---------------------------------\n";
//////////////////////////////////////////////////////////////////////////////////////
// список покупок
$row = 0;
$total = 0;
$item_mail_message = '';
while ($item = $inDB->fetch_assoc($rs)) {
$row++;
$item['price'] = shopDiscountPrice($item['id'], $item['category_id'], $item['price']);
$item['totalprice'] = $item['price'] * $item['itemscount'];
$item['price'] = number_format($item['price'], 2, '.', '');
$item['totalprice'] = number_format($item['totalprice'], 2, '.', '');
$total += $item['totalprice'];
$item_mail_message .= $row . '. ' . $item['title'] . ' (' . $item['itemscount'] . ' x ' . $item['price'] . ' ' . $_LANG['CURRENCY'] . ') = ' . $item['totalprice'] . ' ' . $_LANG['CURRENCY'] . "\n";
}
ob_start();
shopDiscountsInfo($total);
ob_clean();
$total = number_format($total, 2, '.', '');
$item_mail_message .= "\n" . $_LANG['TOTAL_ORDER_PRICE'] . ': ' . $total . ' ' . $_LANG['CURRENCY'] . "\n";
//////////////////////////////////////////////////////////////////////////////////////
$email_subj = str_replace('{sitename}', $inConf->sitename, $_LANG['EMAIL_SUBJECT']);
$inCore->mailText($cfg['email'], $_LANG['ADMIN_EMAIL_SUBJECT'], $a_mail_message . $item_mail_message);
if ($cfg['notice'] && $customer['email']) {
$inCore->mailText($customer['email'], $_LANG['CUSTOMER_EMAIL_SUBJECT'], $item_mail_message);
}
//order completed
echo '<div class="con_heading">' . $_LANG['THANK'] . '!</div>';
echo '<p style="clear:both"><b>' . $_LANG['CUSTOMER_EMAIL_SUBJECT'] . '.</b><br/>' . $_LANG['CUSTOMER_EMAIL_TEXT'] . '</p>';
echo '<p><a href="/">' . $_LANG['CONTINUE'] . '</a></p>';
shopClearCart();
} else {
//order failed
echo '<div class="con_heading">' . $_LANG['ERROR'] . '!</div>';
echo '<p style="clear:both; color:red">' . $error . '</p>';
echo '<p><a href="/catalog/order.html">' . $_LANG['BACK'] . '</a></p>';
}
} else {
//NO ITEMS
echo '<p>' . $_LANG['NOITEMS_IN_CART'] . '</p>';
echo '<div id="cart_buttons2">';
echo '<a href="/catalog" title="' . $_LANG['BACK_TO_SHOP'] . '">';
echo '<img src="/components/catalog/images/shop/cartback.jpg" border="0" alt="' . $_LANG['BACK_TO_SHOP'] . '"/>';
echo '</a> ';
echo '</div>';
}
}
