function f_pages(&$text)
{
if (mb_strpos($text, 'pagebreak') === false) {
return true;
}
$seolink = urldecode(cmsCore::request('seolink', 'str', ''));
$seolink = preg_replace('/[^a-zа-я-яёіїєґА-ЯЁІЇЄҐ0-9_\\/\\-]/ui', '', $seolink);
if (!$seolink) {
return true;
}
$regex = '/{(pagebreak)\\s*(.*?)}/iu';
$pages = preg_split($regex, $text);
$n = count($pages);
if ($n <= 1) {
return true;
} else {
$page = cmsCore::request('page', 'int', 1);
$text = $pages[$page - 1];
if (!$text) {
cmsCore::error404();
}
cmsCore::loadModel('content');
$text .= cmsPage::getPagebar($n, $page, 1, cms_model_content::getArticleURL(null, $seolink, '%page%'));
return true;
}
}
function mod_latest($module_id, $cfg)
{
$inDB = cmsDatabase::getInstance();
cmsCore::loadModel('content');
$model = new cms_model_content();
if (!isset($cfg['showrss'])) {
$cfg['showrss'] = 1;
}
if (!isset($cfg['subs'])) {
$cfg['subs'] = 1;
}
if (!isset($cfg['cat_id'])) {
$cfg['cat_id'] = 1;
}
if (!isset($cfg['newscount'])) {
$cfg['newscount'] = 5;
}
if (!isset($cfg['is_pag'])) {
$cfg['is_pag'] = 0;
}
if (!isset($cfg['page'])) {
$cfg['page'] = 1;
}
if ($cfg['cat_id']) {
if (!$cfg['subs']) {
//выбираем из категории
$model->whereCatIs($cfg['cat_id']);
} else {
//выбираем из категории и подкатегорий
$rootcat = $inDB->getNsCategory('cms_category', $cfg['cat_id']);
if (!$rootcat) {
return false;
}
$model->whereThisAndNestedCats($rootcat['NSLeft'], $rootcat['NSRight']);
}
}
$inDB->where("con.showlatest = 1");
if ($cfg['is_pag']) {
$total = $model->getArticlesCount();
}
$inDB->orderBy('con.pubdate', 'DESC');
$inDB->limitPage($cfg['page'], $cfg['newscount']);
$content_list = $model->getArticlesList();
if (!$content_list) {
return false;
}
$pagebar = $cfg['is_pag'] ? cmsPage::getPagebar($total, $cfg['page'], $cfg['newscount'], 'javascript:conPage(%page%, ' . $module_id . ')') : '';
cmsPage::initTemplate('modules', 'mod_latest')->assign('articles', $content_list)->assign('pagebar_module', $pagebar)->assign('module_id', $module_id)->assign('cfg', $cfg)->display('mod_latest.tpl');
return true;
}
function applet_main()
{
$inCore = cmsCore::getInstance();
global $_LANG;
cmsCore::c('page')->setTitle($_LANG['PATH_HOME']);
$new = array();
$tpl = cmsCore::c('page')->initTemplate('applets', 'main')->assign('users_count', cmsCore::c('db')->rows_count('cms_users', 'is_deleted=0'))->assign('today_users_count', (int) cmsCore::c('db')->get_field('cms_users', "DATE_FORMAT(regdate, '%d-%m-%Y') = DATE_FORMAT(NOW(), '%d-%m-%Y') AND is_deleted = 0", 'COUNT(id)'))->assign('week_users_count', (int) cmsCore::c('db')->get_field('cms_users', "regdate >= DATE_SUB(NOW(), INTERVAL 7 DAY)", 'COUNT(id)'))->assign('month_users_count', (int) cmsCore::c('db')->get_field('cms_users', "regdate >= DATE_SUB(NOW(), INTERVAL 1 MONTH)", 'COUNT(id)'))->assign('people', cmsUser::getOnlineCount());
if ($inCore->isComponentEnable('content')) {
$tpl->assign('content_enable', true);
$new['content'] = (int) newContent('cms_content');
}
if ($inCore->isComponentEnable('photos')) {
$tpl->assign('photos_enable', true);
$new['photos'] = (int) newContent('cms_photo_files');
}
if ($inCore->isComponentEnable('video')) {
$tpl->assign('video_enable', true);
$new['video'] = (int) newContent('cms_video_movie');
}
if ($inCore->isComponentEnable('maps')) {
$tpl->assign('maps_enable', true);
$new['maps'] = (int) newContent('cms_map_items');
}
if ($inCore->isComponentEnable('faq')) {
$tpl->assign('faq_enable', true);
$new['faq'] = (int) newContent('cms_faq_quests');
}
if ($inCore->isComponentEnable('board')) {
$tpl->assign('board_enable', true);
$new['board'] = (int) newContent('cms_board_items');
}
if ($inCore->isComponentEnable('catalog')) {
$tpl->assign('catalog_enable', true);
$new['catalog'] = (int) newContent('cms_uc_items');
}
if ($inCore->isComponentEnable('forum')) {
$tpl->assign('forum_enable', true);
$new['forum'] = (int) newContent('cms_forum_posts');
}
cmsCore::c('actions')->showTargets(true);
$total = cmsCore::c('actions')->getCountActions();
cmsCore::c('db')->limitPage(1, 10);
$actions_html = cmsCore::c('page')->initTemplate('components', 'actions_list')->assign('actions', cmsCore::c('actions')->getActionsLog())->assign('pagebar', cmsPage::getPagebar($total, 1, 10, '#" onclick="$.post(\'/admin/ajax/getActions.php\', \'page=%page%\', function(m){ $(\'#actions\').html(m); }); return false'))->fetch();
$tpl->assign('new', $new)->assign('rssfeed_installed', $inCore->isComponentInstalled('rssfeed'))->assign('actions_html', $actions_html)->assign('new_quests', cmsCore::c('db')->rows_count('cms_faq_quests', 'published = 0'))->assign('new_content', cmsCore::c('db')->rows_count('cms_content', 'published = 0 AND is_arhive = 0'))->assign('new_catalog', cmsCore::c('db')->rows_count('cms_uc_items', 'on_moderate = 1'))->display();
}
function mod_latest($mod, $cfg) {
$cfg = array_merge(array(
'showrss' => 1,
'subs' => 1,
'cat_id' => 1,
'newscount'=> 5,
'is_pag' => 0,
'page' => 1
),$cfg);
if ($cfg['cat_id']) {
if (!$cfg['subs']) {
//выбираем из категории
cmsCore::m('content')->whereCatIs($cfg['cat_id']);
} else {
//выбираем из категории и подкатегорий
$rootcat = cmsCore::c('db')->getNsCategory('cms_category', $cfg['cat_id']);
if (!$rootcat) { return false; }
cmsCore::m('content')->whereThisAndNestedCats($rootcat['NSLeft'], $rootcat['NSRight']);
}
}
cmsCore::c('db')->where("con.showlatest = 1");
if ($cfg['is_pag']) {
$total = cmsCore::m('content')->getArticlesCount();
}
cmsCore::c('db')->orderBy('con.pubdate', 'DESC');
cmsCore::c('db')->limitPage($cfg['page'], $cfg['newscount']);
$content_list = cmsCore::m('content')->getArticlesList();
if (!$content_list) { return false; }
$pagebar = $cfg['is_pag'] ? cmsPage::getPagebar($total, $cfg['page'], $cfg['newscount'], 'javascript:conPage(%page%, '. $mod['id'] .')') : '';
cmsPage::initTemplate('modules', $cfg['tpl'])->
assign('articles', $content_list)->
assign('pagebar_module', $pagebar)->
assign('module_id', $mod['id'])->
assign('cfg', $cfg)->
display();
return true;
}
function users()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_users();
// id пользователя
$id = cmsCore::request('id', 'int', 0);
// логин пользователя
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$pagetitle = $inCore->getComponentTitle();
if ($model->config['sw_search'] != 2) {
$inPage->addPathway($pagetitle, '/users');
}
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
// js только авторизованным
if ($inUser->id) {
$inPage->addHeadJS('components/users/js/profile.js');
$inPage->addHeadJsLang(array('CONFIRM_CLEAN_CAT', 'CHOOSE_RECIPIENT', 'SEND_TO_USER', 'FRIENDSHIP_OFFER', 'STOP_FRIENDLY', 'REALY_STOP_FRIENDLY', 'ENTER_STATUS', 'HAVE_JUST'));
}
//============================================================================//
//========================= Список пользователей ============================//
//============================================================================//
if ($do == 'view') {
// если запрещен просмотр всех пользователей, 404
if ($model->config['sw_search'] == 2) {
cmsCore::error404();
}
//очищаем поисковые запросы если пришли со другой страницы
if (!strstr(cmsCore::getBackURL(), '/users')) {
cmsUser::sessionClearAll();
}
$stext = array();
// Возможные входные переменные
$name = cmsCore::getSearchVar('name');
$city = cmsCore::getSearchVar('city');
$hobby = cmsCore::getSearchVar('hobby');
$gender = cmsCore::getSearchVar('gender');
$orderby = cmsCore::request('orderby', array('karma', 'rating', 'regdate'), 'regdate');
$orderto = cmsCore::request('orderto', array('asc', 'desc'), 'desc');
$age_to = (int) cmsCore::getSearchVar('ageto', 'all');
$age_fr = (int) cmsCore::getSearchVar('agefrom', 'all');
$group_id = cmsCore::request('group_id', 'int', 0);
// Флаг о показе только онлайн пользователей
if (cmsCore::inRequest('online')) {
cmsUser::sessionPut('usr_online', (bool) cmsCore::request('online', 'int'));
$page = 1;
}
$only_online = cmsUser::sessionGet('usr_online');
if ($only_online) {
$stext[] = $_LANG['SHOWING_ONLY_ONLINE'];
}
///////////////////////////////////////
//////////Условия выборки//////////////
///////////////////////////////////////
// группа
if ($group_id) {
$model->whereUserGroupIs($group_id);
$link['group'] = '/users/group/' . $group_id;
$_LANG['GROUP_SEARCH_NAME'] = cmsUser::getGroupTitle($group_id);
}
// Добавляем в выборку имя, если оно есть
if ($name) {
$model->whereNameIs($name);
$stext[] = $_LANG['NAME'] . " — " . htmlspecialchars(stripslashes($name));
}
// Добавляем в выборку город, если он есть
if ($city) {
$model->whereCityIs($city);
$stext[] = $_LANG['CITY'] . " — " . htmlspecialchars(stripslashes($city));
}
// Добавляем в выборку хобби, если есть
if ($hobby) {
$model->whereHobbyIs($hobby);
$stext[] = $_LANG['HOBBY'] . " — " . htmlspecialchars(stripslashes($hobby));
}
// Добавляем в выборку пол, если есть
if ($gender) {
$model->whereGenderIs($gender);
if ($gender == 'm') {
$stext[] = $_LANG['MALE'];
} else {
$stext[] = $_LANG['FEMALE'];
}
}
// Добавляем в выборку возраст, более
if ($age_fr) {
$model->whereAgeFrom($age_fr);
$stext[] = $_LANG['NOT_YOUNG'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Добавляем в выборку возраст, менее
if ($age_to) {
$model->whereAgeTo($age_to);
$stext[] = $_LANG['NOT_OLD'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Считаем общее количество согласно выборки
$total = $model->getUsersCount($only_online);
if ($total) {
//устанавливаем сортировку
$inDB->orderBy($orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во пользователей на странице
$inDB->limitPage($page, $model->config['users_perpage']);
// Загружаем пользователей согласно выборки
$users = $model->getUsers($only_online);
} else {
$inDB->resetConditions();
}
$link['latest'] = '/users';
$link['positive'] = '/users/positive.html';
$link['rating'] = '/users/rating.html';
if ($orderby == 'regdate') {
$link['selected'] = 'latest';
}
if ($orderby == 'karma') {
$link['selected'] = 'positive';
}
if ($orderby == 'rating') {
$link['selected'] = 'rating';
}
$pagebar_link = '/users/' . $link['selected'] . '%page%.html';
if ($group_id) {
$link['selected'] = 'group';
$pagebar_link = '/users/' . $link['selected'] . '/' . $group_id . '-%page%';
}
cmsPage::initTemplate('components', 'com_users_view')->assign('stext', $stext)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('users', $users)->assign('total', $total)->assign('only_online', $only_online)->assign('gender', $gender)->assign('name', stripslashes($name))->assign('city', stripslashes($city))->assign('hobby', stripslashes($hobby))->assign('age_to', $age_to)->assign('age_fr', $age_fr)->assign('cfg', $model->config)->assign('link', $link)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['users_perpage'], $pagebar_link))->display('com_users_view.tpl');
}
//============================================================================//
//======================= Редактирование профиля ============================//
//============================================================================//
if ($do == 'editprofile') {
// неавторизованным, не владельцам и не админам тут делать нечего
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = $model->getUser($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'edit');
// главного админа может редактировать только он сам
if ($id == 1 && $inUser->id != $id) {
cmsCore::error404();
}
// показываем форму
if ($opt == 'edit') {
$inPage->setTitle($_LANG['CONFIG_PROFILE'] . ' - ' . $usr['nickname']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['CONFIG_PROFILE']);
$private_forms = array();
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, $usr['formsdata']));
}
}
}
cmsPage::initTemplate('components', 'com_users_edit_profile')->assign('opt', $opt)->assign('usr', $usr)->assign('private_forms', $private_forms)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('cfg', $model->config)->display('com_users_edit_profile.tpl');
return;
}
// Если сохраняем профиль
if ($opt == 'save') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$users['nickname'] = cmsCore::request('nickname', 'str');
if (mb_strlen($users['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
cmsCore::loadModel('registration');
$modreg = new cms_model_registration();
if (!$inUser->is_admin) {
if ($modreg->getBadNickname($users['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
}
$profiles['gender'] = cmsCore::request('gender', 'str');
$profiles['city'] = cmsCore::request('city', 'str');
if (mb_strlen($profiles['city']) > 50) {
cmsCore::addSessionMessage($_LANG['LONG_CITY_NAME'], 'error');
$errors = true;
}
$users['email'] = cmsCore::request('email', 'email');
if (!$users['email']) {
cmsCore::addSessionMessage($_LANG['REALY_ADRESS_EMAIL'], 'error');
$errors = true;
}
if ($usr['email'] != $users['email']) {
$is_set_email = $inDB->get_field('cms_users', "email='{$users['email']}'", 'id');
if ($is_set_email) {
cmsCore::addSessionMessage($_LANG['ADRESS_EMAIL_IS_BUSY'], 'error');
$errors = true;
} else {
// формируем токен
$token = md5($usr['email'] . uniqid() . microtime());
$inDB->insert('cms_users_activate', array('user_id' => $inUser->id, 'pubdate' => date("Y-m-d H:i:s"), 'code' => $token));
$codelink = HOST . '/users/change_email/' . $token . '/' . $users['email'];
// по старому адресу высылаем письмо с подтверждением
$letter = cmsCore::getLanguageTextFile('change_email');
$letter = str_replace(array('{nickname}', '{codelink}'), array($inUser->nickname, $codelink), $letter);
cmsCore::mailText($usr['email'], '', $letter);
cmsCore::addSessionMessage(sprintf($_LANG['YOU_CHANGE_EMAIL'], $usr['email']), 'info');
// email не меняем
$users['email'] = $usr['email'];
}
}
$profiles['showphone'] = cmsCore::request('showphone', 'int', 0);
$profiles['showmail'] = cmsCore::request('showmail', 'int');
$profiles['email_newmsg'] = cmsCore::request('email_newmsg', 'int');
$profiles['showbirth'] = cmsCore::request('showbirth', 'int');
$profiles['description'] = cmsCore::request('description', 'str', '');
$users['birthdate'] = (int) $_REQUEST['birthdate']['year'] . '-' . (int) $_REQUEST['birthdate']['month'] . '-' . (int) $_REQUEST['birthdate']['day'];
$profiles['signature'] = $inDB->escape_string(cmsCore::badTagClear(cmsCore::request('signature', 'html', '')));
$profiles['signature_html'] = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('signature', 'html', ''), true));
$profiles['allow_who'] = cmsCore::request('allow_who', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['allow_who'])) {
$errors = true;
}
$users['icq'] = cmsCore::request('icq', 'str', '');
$profiles['showicq'] = cmsCore::request('showicq', 'int');
$profiles['cm_subscribe'] = cmsCore::request('cm_subscribe', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['cm_subscribe'])) {
$errors = true;
}
$users['phone'] = cmsCore::request('phone', 'int', 0);
// получаем данные форм
$profiles['formsdata'] = '';
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$profiles['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
if ($errors) {
cmsCore::redirectBack();
}
$inDB->update('cms_user_profiles', cmsCore::callEvent('UPDATE_USER_PROFILES', array_merge(array('id' => $usr['pid'], 'user_id' => $usr['id']), $profiles)), $usr['pid']);
$inDB->update('cms_users', cmsCore::callEvent('UPDATE_USER_USERS', array_merge(array('id' => $usr['id']), $users)), $usr['id']);
cmsCore::addSessionMessage($_LANG['PROFILE_SAVED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
if ($opt == 'changepass') {
$errors = false;
$oldpass = cmsCore::request('oldpass', 'str');
$newpass = cmsCore::request('newpass', 'str');
$newpass2 = cmsCore::request('newpass2', 'str');
if ($inUser->password != md5($oldpass)) {
cmsCore::addSessionMessage($_LANG['OLD_PASS_WRONG'], 'error');
$errors = true;
}
if ($newpass != $newpass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($oldpass && $newpass && $newpass2 && mb_strlen($newpass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
cmsCore::callEvent('UPDATE_USER_PASSWORD', array('user_id' => $usr['id'], 'oldpass' => $oldpass, 'newpass' => $newpass));
$sql = "UPDATE cms_users SET password='******' WHERE id = '{$id}' AND password='******'";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['PASS_CHANGED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//============================= Просмотр профиля ============================//
//============================================================================//
if ($do == 'profile') {
$inPage->addHeadJsLang(array('NEW_POST_ON_WALL', 'CONFIRM_DEL_POST_ON_WALL'));
// если просмотр профиля гостям запрещен
if (!$inUser->id && !$model->config['sw_guest']) {
cmsUser::goToLogin();
}
if (is_numeric($login)) {
cmsCore::error404();
}
$usr = $model->getUser($login);
if (!$usr) {
cmsCore::error404();
}
$myprofile = $inUser->id == $usr['id'];
$inPage->setTitle($usr['nickname']);
$inPage->addPathway($usr['nickname']);
// просмотр профиля запрещен
if (!cmsUser::checkUserContentAccess($usr['allow_who'], $usr['id'])) {
cmsPage::initTemplate('components', 'com_users_not_allow')->assign('is_auth', $inUser->id)->assign('usr', $usr)->display('com_users_not_allow.tpl');
return;
}
// Профиль удален
if ($usr['is_deleted']) {
cmsPage::initTemplate('components', 'com_users_deleted.tpl')->assign('usr', $usr)->assign('is_admin', $inUser->is_admin)->assign('others_active', $inDB->rows_count('cms_users', "login='******'login']}' AND is_deleted=0", 1))->display('com_users_deleted.tpl');
return;
}
// Данные о друзьях
$usr['friends_total'] = cmsUser::getFriendsCount($usr['id']);
$usr['friends'] = cmsUser::getFriends($usr['id']);
// очищать сессию друзей если в своем профиле и количество друзей из базы не совпадает с количеством друзей в сессии
if ($myprofile && sizeof($usr['friends']) != $usr['friends_total']) {
cmsUser::clearSessionFriends();
}
// обрезаем список
$usr['friends'] = array_slice($usr['friends'], 0, 6);
// выясняем друзья ли мы с текущим пользователем
$usr['isfriend'] = !$myprofile ? cmsUser::isFriend($usr['id']) : false;
// награды пользователя
$usr['awards'] = $model->config['sw_awards'] ? $model->getUserAwards($usr['id']) : false;
// стена
if ($model->config['sw_wall']) {
$inDB->limitPage(1, $model->config['wall_perpage']);
$usr['wall_html'] = cmsUser::getUserWall($usr['id'], 'users', $myprofile, $inUser->is_admin);
}
// можно ли пользователю изменять карму
$usr['can_change_karma'] = $model->isUserCanChangeKarma($usr['id']) && $inUser->id;
// Фотоальбомы пользователя
if ($model->config['sw_photo']) {
$usr['albums'] = $model->getPhotoAlbums($usr['id'], $usr['isfriend'], !$inCore->isComponentEnable('photos'));
$usr['albums_total'] = sizeof($usr['albums']);
$usr['albums_show'] = 6;
if ($usr['albums_total'] > $usr['albums_show']) {
array_splice($usr['albums'], $usr['albums_show']);
}
}
$usr['board_count'] = $model->config['sw_board'] ? $inDB->rows_count('cms_board_items', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['comments_count'] = $model->config['sw_comm'] ? $inDB->rows_count('cms_comments', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['forum_count'] = $model->config['sw_forum'] ? $inDB->rows_count('cms_forum_posts', "user_id = '{$usr['id']}'") : 0;
$usr['files_count'] = $model->config['sw_files'] ? $inDB->rows_count('cms_user_files', "user_id = '{$usr['id']}'") : 0;
$cfg_reg = $inCore->loadComponentConfig('registration');
$usr['invites_count'] = $inUser->id && $myprofile && $cfg_reg['reg_type'] == 'invite' ? $model->getUserInvitesCount($inUser->id) : 0;
$usr['blog'] = $model->config['sw_blogs'] ? $inDB->get_fields('cms_blogs', "user_id = '{$usr['id']}' AND owner = 'user'", 'title, seolink') : false;
$usr['form_fields'] = array();
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$usr['form_fields'] = array_merge($usr['form_fields'], cmsForm::getFieldsValues($form_id, $usr['formsdata']));
}
}
if ($usr['city']) {
cmsCore::loadModel('geo');
$geo = new cms_model_geo();
$city_parents = $geo->getCityParents($usr['city']);
if ($city_parents) {
$usr['country'] = $city_parents['country_name'];
}
}
$plugins = $model->getPluginsOutput($usr);
cmsPage::initTemplate('components', 'com_users_profile.tpl')->assign('usr', $usr)->assign('plugins', $plugins)->assign('cfg', $model->config)->assign('myprofile', $myprofile)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('is_admin', $inUser->is_admin)->assign('is_auth', $inUser->id)->display('com_users_profile.tpl');
}
//============================================================================//
//============================= Список сообщений ============================//
//============================================================================//
if ($do == 'messages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_MESS']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['MY_MESS'], '/users/' . $id . '/messages.html');
include 'components/users/messages.php';
}
//============================================================================//
//=========================== Отправка сообщения ============================//
//============================================================================//
if ($do == 'sendmessage') {
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id && !cmsCore::inRequest('massmail') && !cmsCore::request('send_to_group', 'int', 0)) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gosend')) {
$replyid = cmsCore::request('replyid', 'int', 0);
if ($replyid) {
$msg = $model->getReplyMessage($replyid, $inUser->id);
if (!$msg) {
cmsCore::halt();
}
}
$inPage->setRequestIsAjax();
cmsPage::initTemplate('components', 'com_users_messages_add')->assign('msg', isset($msg) ? $msg : array())->assign('is_reply_user', $replyid)->assign('id', $id)->assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->assign('groups', $inUser->is_admin ? cmsUser::getGroups(true) : array())->assign('friends', cmsUser::getFriends($inUser->id))->assign('id_admin', $inUser->is_admin)->display('com_users_messages_add.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
if (cmsCore::inRequest('gosend')) {
// Кому отправляем
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
$message = cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true);
if (mb_strlen($message) < 2) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$output = cmsCore::callEvent('USER_SEND_MESSEDGE', array('text' => $message, 'to_id' => $id));
$message = $output['text'];
$id = $output['to_id'];
$send_to_group = cmsCore::request('send_to_group', 'int', 0);
$group_id = cmsCore::request('group_id', 'int', 0);
//
// Обычная отправка (1 получатель)
//
if (!cmsCore::inRequest('massmail') && !$send_to_group) {
//отправляем сообщение
$msg_id = cmsUser::sendMessage($inUser->id, $id, $message);
// отправляем уведомление на email если нужно
$model->sendNotificationByEmail($id, $inUser->id, $msg_id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_MESS_OK']));
}
//
// далее идут массовые рассылки, доступные только админам
//
if (!$inUser->is_admin) {
cmsCore::halt();
}
// отправить всем: получаем список всех пользователей
if (cmsCore::inRequest('massmail')) {
$userlist = cmsUser::getAllUsers();
// проверяем что есть кому отправлять
if (!$userlist) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ERR_SEND_MESS']));
}
$count = array();
// отправляем всем по списку
foreach ($userlist as $usr) {
$count[] = cmsUser::sendMessage(USER_MASSMAIL, $usr['id'], $message);
}
cmsCore::jsonOutput(array('error' => false, 'text' => sprintf($_LANG['SEND_MESS_ALL_OK'], sizeof($count))));
}
// отправить группе: получаем список членов группы
if ($send_to_group) {
$count = cmsUser::sendMessageToGroup(USER_MASSMAIL, $group_id, $message);
$success_msg = sprintf($_LANG['SEND_MESS_GROUP_OK'], $count, cmsUser::getGroupTitle($group_id));
cmsCore::jsonOutput(array('error' => false, 'text' => $success_msg));
}
}
}
//============================================================================//
//============================= Удаление сообщения ==========================//
//============================================================================//
if ($do == 'delmessage') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$msg = $inDB->get_fields('cms_user_msg', "id='{$id}'", '*');
if (!$msg) {
cmsCore::halt();
}
$can_delete = $inUser->id == $msg['to_id'] || $inUser->id == $msg['from_id'] ? true : false;
if (!$can_delete && !$inUser->is_admin) {
cmsCore::halt();
}
// Сообщения с from_id < 0
if ($msg['from_id'] < 0) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_NOTICE_DEL_OK'];
}
// мне сообщение от пользователя
if ($msg['to_id'] == $inUser->id && $msg['from_id'] > 0) {
$inDB->query("UPDATE cms_user_msg SET to_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// от меня сообщение
if ($msg['from_id'] == $inUser->id && !$msg['is_new']) {
$inDB->query("UPDATE cms_user_msg SET from_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// отзываем сообщение
if ($msg['from_id'] == $inUser->id && $msg['is_new']) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_BACK_OK'];
}
// удаляем сообщения, которые удалены с двух сторон
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
cmsCore::jsonOutput(array('error' => false, 'text' => $info_text));
}
//============================================================================//
//=========================== Удаление сообщений ============================//
//============================================================================//
if ($do == 'delmessages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if ($inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'in');
if ($opt == 'notices') {
$inDB->query("DELETE FROM cms_user_msg WHERE to_id = '{$id}' AND from_id < 0");
} else {
$del_flag = $opt == 'in' ? 'to_del' : 'from_del';
$id_flag = $opt == 'in' ? 'to_id' : 'from_id';
$inDB->query("UPDATE cms_user_msg SET {$del_flag}=1 WHERE {$id_flag}='{$id}'");
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
}
cmsCore::addSessionMessage($_LANG['MESS_ALL_DEL_OK'], 'info');
cmsCore::redirectBack();
}
//============================================================================//
//============================= Загрузка аватара ============================//
//============================================================================//
if ($do == 'avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['LOAD_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['LOAD_AVATAR']);
if (cmsCore::inRequest('upload')) {
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/';
$inUploadPhoto->dir_medium = 'users/avatars/';
$inUploadPhoto->dir_small = 'users/avatars/small/';
$inUploadPhoto->small_size_w = $model->config['smallw'];
$inUploadPhoto->medium_size_w = $model->config['medw'];
$inUploadPhoto->medium_size_h = $model->config['medh'];
$inUploadPhoto->is_watermark = false;
$inUploadPhoto->input_name = 'picture';
$file = $inUploadPhoto->uploadPhoto($inUser->orig_imageurl);
if (!$file) {
cmsCore::addSessionMessage('<strong>' . $_LANG['ERROR'] . ':</strong> ' . cmsCore::uploadError() . '!', 'error');
cmsCore::redirect('/users/' . $id . '/avatar.html');
}
$sql = "UPDATE cms_user_profiles SET imageurl = '{$file['filename']}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $file['filename'] . '">
</a>'));
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
} else {
cmsPage::initTemplate('components', 'com_users_avatar_upload')->assign('id', $id)->display('com_users_avatar_upload.tpl');
}
}
//============================================================================//
//============================= Библиотека аватаров =========================//
//============================================================================//
if ($do == 'select_avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$avatars_dir = PATH . "/images/users/avatars/library";
$avatars_dir_rel = "/images/users/avatars/library";
$avatars_dir_handle = opendir($avatars_dir);
$avatars = array();
while ($nextfile = readdir($avatars_dir_handle)) {
if ($nextfile != '.' && $nextfile != '..' && (mb_strstr($nextfile, '.gif') || mb_strstr($nextfile, '.jpg') || mb_strstr($nextfile, '.jpeg') || mb_strstr($nextfile, '.png'))) {
$avatars[] = $nextfile;
}
}
closedir($avatars_dir_handle);
if (!cmsCore::inRequest('set_avatar')) {
$inPage->setTitle($_LANG['SELECT_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['SELECT_AVATAR']);
$perpage = 20;
$total = sizeof($avatars);
$avatars = array_slice($avatars, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_avatars')->assign('userid', $id)->assign('avatars', $avatars)->assign('avatars_dir', $avatars_dir_rel)->assign('page', $page)->assign('perpage', $perpage)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/users/%user_id%/select-avatar-%page%.html', array('user_id' => $id)))->display('com_users_avatars.tpl');
} else {
$avatar_id = cmsCore::request('avatar_id', 'int', 0);
$file = $avatars[$avatar_id];
if (file_exists($avatars_dir . '/' . $file)) {
$uploaddir = PATH . '/images/users/avatars/';
$realfile = $file;
$filename = md5($realfile . '-' . $id . '-' . time()) . '.jpg';
$uploadfile = $avatars_dir . '/' . $realfile;
$uploadavatar = $uploaddir . $filename;
$uploadthumb = $uploaddir . 'small/' . $filename;
if ($inUser->orig_imageurl && $inUser->orig_imageurl != 'nopic.jpg') {
@unlink(PATH . '/images/users/avatars/' . $inUser->orig_imageurl);
@unlink(PATH . '/images/users/avatars/small/' . $inUser->orig_imageurl);
}
cmsCore::includeGraphics();
copy($uploadfile, $uploadavatar);
@img_resize($uploadfile, $uploadthumb, $model->config['smallw'], $model->config['smallw']);
$sql = "UPDATE cms_user_profiles SET imageurl = '{$filename}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $filename . '">
</a>'));
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//======================== Работа с фотографиями ============================//
//============================================================================//
if ($do == 'photos') {
if (!$model->config['sw_photo']) {
cmsCore::error404();
}
$pdo = cmsCore::request('pdo', 'str', '');
include 'components/users/photos.php';
}
//============================================================================//
//============================= Друзья пользователя =========================//
//============================================================================//
if ($do == 'friendlist') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$perpage = 10;
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['FRIENDS']);
$inPage->setTitle($_LANG['FRIENDS']);
// все друзья
$friends = cmsUser::getFriends($usr['id']);
// их общее количество
$total = count($friends);
// получаем только нужных на странице
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_friends')->assign('friends', $friends)->assign('usr', $usr)->assign('myprofile', $id == $inUser->id)->assign('total', $total)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/friendlist%page%.html\')'))->display('com_users_friends.tpl');
}
//============================================================================//
//============================= Запрос на дружбу ============================//
//============================================================================//
if ($do == 'addfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
cmsUser::clearSessionFriends();
if (cmsUser::isFriend($id)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['YOU_ARE_BE_FRIENDS']));
}
// проверяем был ли ранее запрос на дружбу
// если был, то делаем accept запросу
$is_need_accept_id = cmsUser::getFriendFieldId($id, 0, 'to_me');
if ($is_need_accept_id) {
$inDB->query("UPDATE cms_user_friends SET is_accepted = 1 WHERE id = '{$is_need_accept_id}'");
//регистрируем событие
cmsActions::log('add_friend', array('object' => $inUser->nickname, 'user_id' => $usr['id'], 'object_url' => cmsUser::getProfileURL($inUser->login), 'object_id' => $is_need_accept_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::callEvent('USER_ACCEPT_FRIEND', $id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_FRIEND_OK'] . $usr['nickname']));
}
// Если пользователь пытается добавиться в друзья к
// пользователю, к которому уже отправил запрос
if (cmsUser::getFriendFieldId($id, 0, 'from_me')) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ADD_TO_FRIEND_SEND_ERR']));
}
// Мы вообще не друзья с пользователем, создаем запрос
cmsUser::addFriend($id);
cmsUser::sendMessage(USER_UPDATER, $id, sprintf($_LANG['RECEIVED_F_O'], cmsUser::getProfileLink($inUser->login, $inUser->nickname), '<a class="ajaxlink" href="javascript:void(0)" onclick="users.acceptFriend(' . $inUser->id . ', this);return false;">' . $_LANG['ACCEPT'] . '</a>', '<a class="ajaxlink" href="javascript:void(0)" onclick="users.rejectFriend(' . $inUser->id . ', this);return false;">' . $_LANG['REJECT'] . '</a>'));
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_TO_FRIEND_SEND']));
}
//============================================================================//
//============================= Прекращение дружбы ==========================//
//============================================================================//
if ($do == 'delfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
if (cmsUser::getFriendFieldId($id)) {
$is_accepted_friend = cmsUser::isFriend($id);
if (cmsUser::deleteFriend($id)) {
// Если подтвержденный друг
if ($is_accepted_friend) {
cmsCore::jsonOutput(array('error' => false, 'text' => $usr['nickname'] . $_LANG['DEL_FRIEND']));
} else {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['REJECT_FRIEND'] . $usr['nickname']));
}
} else {
cmsCore::halt();
}
} else {
cmsCore::halt();
}
}
//============================================================================//
//============================= История кармы ===============================//
//============================================================================//
if ($do == 'karma') {
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['KARMA_HISTORY']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['KARMA_HISTORY']);
cmsPage::initTemplate('components', 'com_users_karma')->assign('karma', $model->getUserKarma($usr['id']))->assign('usr', $usr)->display('com_users_karma.tpl');
}
//============================================================================//
//============================= Изменение кармы =============================//
//============================================================================//
if ($do == 'votekarma') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$points = cmsCore::request('sign', 'str', 'plus') == 'plus' ? 1 : -1;
$to = cmsCore::request('to', 'int', 0);
$user = cmsUser::getShortUserData($to);
if (!$user) {
cmsCore::halt();
}
if (!$model->isUserCanChangeKarma($to)) {
cmsCore::halt();
}
cmsCore::halt(cmsUser::changeKarmaUser($to, $points));
}
//============================================================================//
//======================= Наградить пользователя ============================//
//============================================================================//
if ($do == 'giveaward') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['AWARD_USER']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['AWARD']);
if (!cmsCore::inRequest('gosend')) {
cmsPage::initTemplate('components', 'com_users_awards_give')->assign('usr', $usr)->assign('awardslist', cmsUser::getAwardsImages())->display('com_users_awards_give.tpl');
} else {
$award['title'] = cmsCore::request('title', 'str', $_LANG['AWRD']);
$award['description'] = cmsCore::request('description', 'str', '');
$award['imageurl'] = cmsCore::request('imageurl', 'str', '');
$award['from_id'] = $inUser->id;
$award['id'] = 0;
cmsUser::giveAward($award, $id);
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
}
//============================================================================//
//============================= Удаление награды ============================//
//============================================================================//
if ($do == 'delaward') {
$aw = $inDB->get_fields('cms_user_awards', "id = '{$id}'", '*');
if (!$aw) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $aw['user_id'] && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->delete('cms_user_awards', "id = '{$id}'", 1);
cmsActions::removeObjectLog('add_award', $id);
cmsCore::redirectBack();
}
//============================================================================//
//============================= Награды на сайте ============================//
//============================================================================//
if ($do == 'awardslist') {
$inPage->setTitle($_LANG['SITE_AWARDS']);
$inPage->addPathway($_LANG['SITE_AWARDS']);
$awards = cmsUser::getAutoAwards();
if (!$awards) {
cmsCore::error404();
}
foreach ($awards as $aw) {
//Перебираем все награды и ищем пользователей с текущей наградой
$sql = "SELECT u.id as id, u.nickname as nickname, u.login as login, IFNULL(p.gender, 'm') as gender\r\n FROM cms_user_awards aw\r\n LEFT JOIN cms_users u ON u.id = aw.user_id\r\n LEFT JOIN cms_user_profiles p ON p.user_id = u.id\r\n WHERE aw.award_id = '{$aw['id']}'";
$rs = $inDB->query($sql);
$aw['uhtml'] = '';
if ($inDB->num_rows($rs)) {
while ($user = $inDB->fetch_assoc($rs)) {
$aw['uhtml'] .= cmsUser::getGenderLink($user['id'], $user['nickname'], $user['gender'], $user['login']) . ', ';
}
$aw['uhtml'] = rtrim($aw['uhtml'], ', ');
} else {
$aw['uhtml'] = $_LANG['NOT_USERS_WITH_THIS_AWARD'];
}
$aws[] = $aw;
}
cmsPage::initTemplate('components', 'com_users_awards_site')->assign('aws', $aws)->display('com_users_awards_site.tpl');
}
//============================================================================//
//============================= Удаление профиля ============================//
//============================================================================//
if ($do == 'delprofile') {
// неавторизованным тут делать нечего
if (!$inUser->id) {
cmsCore::error404();
}
// есть ли удаляемый профиль
$data = cmsUser::getShortUserData($id);
if (!$data) {
cmsCore::error404();
}
// владелец профиля или админ
if ($inUser->is_admin) {
// могут ли администраторы удалять профиль
if (!cmsUser::isAdminCan('admin/users', cmsUser::getAdminAccess())) {
cmsCore::error404();
}
// администратор сам себя не удалит
if ($inUser->id == $data['id']) {
cmsCore::error404();
}
} else {
// удаляем только свой профиль
if ($inUser->id != $data['id']) {
cmsCore::error404();
}
}
if (isset($_POST['csrf_token'])) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteUser($id);
if (!$inUser->is_admin) {
session_destroy();
cmsCore::redirect('/logout');
} else {
cmsCore::addSessionMessage($_LANG['DELETING_PROFILE_OK'], 'info');
cmsCore::redirect('/users');
}
} else {
$inPage->setTitle($_LANG['DELETING_PROFILE']);
$inPage->addPathway($data['nickname'], $inUser->getProfileURL($data['login']));
$inPage->addPathway($_LANG['DELETING_PROFILE']);
$confirm['title'] = $_LANG['DELETING_PROFILE'];
$confirm['text'] = '<p>' . $_LANG['REALLY_DEL_PROFILE'] . '</p>';
$confirm['action'] = '/users/' . $id . '/delprofile.html';
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
cmsPage::initTemplate('components', 'action_confirm.tpl')->assign('confirm', $confirm)->display('action_confirm.tpl');
}
}
//============================================================================//
//============================ Восстановить профиль =========================//
//============================================================================//
if ($do == 'restoreprofile') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_deleted = 0 WHERE id = '{$id}'");
cmsCore::redirectBack();
}
//============================================================================//
//============================= Файлы пользователей =========================//
//============================================================================//
if ($do == 'files') {
if (!$model->config['sw_files']) {
cmsCore::error404();
}
$fdo = cmsCore::request('fdo', 'str', '');
include 'components/users/files.php';
}
//============================================================================//
//================================ Инвайты =================================//
//============================================================================//
if ($do == 'invites') {
$reg_cfg = $inCore->loadComponentConfig('registration');
if ($reg_cfg['reg_type'] != 'invite') {
cmsCore::error404();
}
$invites_count = $model->getUserInvitesCount($inUser->id);
if (!$invites_count) {
cmsCore::error404();
}
if (!cmsCore::inRequest('send_invite')) {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_INVITES']);
cmsPage::initTemplate('components', 'com_users_invites')->assign('invites_count', $invites_count)->display('com_users_invites.tpl');
return;
}
if (cmsCore::inRequest('send_invite')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$invite_email = cmsCore::request('invite_email', 'email', '');
if (!$invite_email) {
cmsCore::redirectBack();
}
if ($model->sendInvite($inUser->id, $invite_email)) {
cmsCore::addSessionMessage(sprintf($_LANG['INVITE_SENDED'], $invite_email), 'success');
} else {
cmsCore::addSessionMessage($_LANG['INVITE_ERROR'], 'error');
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
if ($do == 'change_email') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$email = cmsCore::request('email', 'email', '');
$token = cmsCore::request('token', 'str', '');
// не занят ли email
$is_email = $inDB->get_field('cms_users', "email='{$email}'", 'id');
if ($is_email || !$email || !$token) {
cmsCore::error404();
}
// проверяем токен
$valid_id = $inDB->get_field('cms_users_activate', "code='{$token}' AND user_id = '{$inUser->id}'", 'id');
if (!$valid_id) {
cmsCore::error404();
}
$inDB->delete('cms_users_activate', "id = '{$valid_id}'");
// Сохраняем новый email
$inDB->update('cms_users', array('email' => $email), $inUser->id);
cmsCore::addSessionMessage($_LANG['NEW_EMAIL_SAVED'], 'success');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}
function battleways()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$inCore->loadModel('battleways');
$model = new cms_model_battleways();
$usr = cmsCore::request('id', 'int', 0);
$cfg = $inCore->loadComponentConfig('battleways');
// Проверяем включени ли компонент
if (!$cfg['component_enabled']) {
cmsCore::error404();
}
$id = $inCore->request('id', 'int', 0);
$do = $inCore->request('do', 'str', 'view');
$tag = $inCore->request('tag', 'str', '');
$color = $inCore->request('color', 'str', '');
$page = $inCore->request('page', 'int', 1);
$select_tag = 0;
$t = urldecode($tag);
if (!empty($t)) {
$sql = "SELECT * \nFROM `cms_battleways` \nWHERE `type` LIKE '%" . $t . "%'";
if ($inDB->query($sql)) {
$select_tag = 1;
}
}
if (!isset($cfg['perpage'])) {
$cfg['perpage'] = 10;
}
if (!isset($cfg['images'])) {
$cfg['images'] = 0;
}
if ($_SESSION['user']['id'] == 0) {
echo "Гостям запрещено просматривать данный раздел";
} else {
if ($do == 'view_battleway') {
//if($model->authorBattleway($id))
//{
$battleway = $model->getBattleway($id);
$smarty = $inCore->initSmarty('components', 'com_battleways_view.tpl');
$smarty->assign('is_posts_view', (bool) sizeof($battleway));
$smarty->assign('pagetitle', $battleway['title']);
$smarty->assign('content', $battleway['content']);
$smarty->display('com_battleways_view.tpl');
// }
// else
// {
// cmsCore::error404();
// }
}
if ($do == 'del') {
$del = $model->delBattleway($id);
$inCore->redirect('/battleways/');
}
if ($do == 'view') {
if ($select_tag == 0) {
$total_battleways = $model->totalPosts();
$pagination = cmsPage::getPagebar($total_battleways, $page, $cfg['perpage'], '/battleways/page%page%.html');
}
$user_id = $inUser->id;
//GET ENTRIES
$posts_list = $model->getAllPosts($page, $cfg['perpage'], $select_tag, $t, $color, $user_id);
if ($posts_list) {
foreach ($posts_list as $post) {
$post['datetime'] = $inCore->dateFormat($post['datetime'], 1, 0, 1);
/* if(!empty($post['type']))
{
$sql="select * from `cms_battleways_color` where `id`='".$post['color']."';";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)){
$color = $inDB->fetch_assoc($result);
$post['status'] = "<a href='/battleways/".$post['type']."/".$post['color']."/' style='background: ".$color['color'].";border-radius: 3px;color: ".$color['font_color'].";display: inline-block;height: 19px;margin: 5px 3px 2px 2px;outline: #FFFFFF 0px;padding: 1px 4px;text-decoration: none;text-indent: 0px;vertical-align: middle;white-space: nowrap;'>".$post['type']."</a>";
}
else
{
$post['status'] = "<a href='/battleways/".$post['type']."/' style='background: #E6E6E6;border:1px solid #e1e1e1;padding:5px;border-radius: 8px;border-radius: 3px;color:#333333;text-shadow: #FFFFFF 1px 1px 0px;display: inline-block;height: 19px;margin: 5px 3px 2px 2px;outline: #FFFFFF 0px;padding: 1px 4px;text-decoration: none;text-indent: 0px;vertical-align: middle;white-space: nowrap;cursor:pointer;'>".$post['type']."</a>";
}
} */
$posts[] = $post;
}
}
$smarty = $inCore->initSmarty('components', 'com_battleways_view.tpl');
$smarty->assign('is_posts', (bool) sizeof($posts_list));
if ($select_tag == 0) {
$smarty->assign('pagination', $pagination);
}
$smarty->assign('mark', $model->getMarks());
$smarty->assign('pagetitle', "Ваши минизаписки");
if ($posts) {
$smarty->assign('posts', $posts);
}
$smarty->display('com_battleways_view.tpl');
}
if ($do == 'add_battleway') {
$user_id = $inUser->id;
$title = $inCore->request('title', 'str', '');
$type = $inCore->request('type', 'str', '');
$color = $inCore->request('color', 'int', '');
if (!empty($title)) {
$describe_full = $inCore->request('full', 'html', '');
//парсим bb-код перед записью в базу
$describe_full_html = $inCore->parseSmiles($describe_full, true);
// Экранируем специальные символы
$describe_full_html = $inDB->escape_string($describe_full_html);
$sql = "INSERT INTO `cms_battleways` (\n`id` ,\n`datetime` ,\n`title` ,\n`content` ,\n`user` ,\n`type` ,\n`color` \n)\nVALUES (\nNULL , NOW(), '" . $title . "', '" . $describe_full_html . "', '" . $user_id . "', '" . $type . "', '" . $color . "'\n);";
$result = $inDB->query($sql);
$inCore->redirect('/battleways/');
}
$inPage->addHeadJS('components/battleways/js/battleways.js');
$bb_toolbar = cmsPage::getBBCodeToolbar('message', $cfg['images'], 'battleways');
$smilies = cmsPage::getSmilesPanel('message');
$smarty = $inCore->initSmarty('components', 'com_battleways_add.tpl');
$smarty->assign('mark_insert', $model->getAutoMark());
$smarty->assign('select_color', $model->getColors());
$smarty->assign('title', "Добавление записки");
$smarty->assign('bb_toolbar', $bb_toolbar);
$smarty->assign('smilies', $smilies);
$smarty->display('com_battleways_add.tpl');
}
if ($do == 'edit_battleway') {
$battleway = $model->getBattleway($id);
$smarty = $inCore->initSmarty('components', 'com_battleways_edit.tpl');
$smarty->assign('is_posts_view', (bool) sizeof($battleway));
$smarty->assign('pagetitle', $battleway['title']);
$smarty->assign('content', $battleway['content']);
$user_id = $inUser->id;
$title = $inCore->request('title', 'str', '');
$type = $inCore->request('type', 'str', '');
$color = $inCore->request('color', 'int', '');
if (!empty($title)) {
$describe_full = $inCore->request('full', 'html', '');
//парсим bb-код перед записью в базу
$describe_full_html = $inCore->parseSmiles($describe_full, true);
// Экранируем специальные символы
$describe_full_html = $inDB->escape_string($describe_full_html);
$sql = "INSERT INTO `cms_battleways` (\n\t\t\t\t\t`id` ,\n\t\t\t\t\t`datetime` ,\n\t\t\t\t\t`title` ,\n\t\t\t\t\t`content` ,\n\t\t\t\t\t`user` ,\n\t\t\t\t\t`type` ,\n\t\t\t\t\t`color` \n\t\t\t\t\t)\n\t\t\t\t\tVALUES (\n\t\t\t\t\tNULL , NOW(), '" . $title . "', '" . $describe_full_html . "', '" . $user_id . "', '" . $type . "', '" . $color . "'\n\t\t\t\t\t);";
$result = $inDB->query($sql);
$inCore->redirect('/battleways/');
}
$inPage->addHeadJS('components/battleways/js/battleways.js');
$bb_toolbar = cmsPage::getBBCodeToolbar('message', $cfg['images'], 'battleways');
$smilies = cmsPage::getSmilesPanel('message');
$smarty = $inCore->initSmarty('components', 'com_battleways_edit.tpl');
$smarty->assign('mark_insert', $model->getAutoMark());
$smarty->assign('select_color', $model->getColors());
$smarty->assign('title', "Добавление записки");
$smarty->assign('bb_toolbar', $bb_toolbar);
$smarty->assign('smilies', $smilies);
$smarty->display('com_battleways_edit.tpl');
}
}
/////////////////////////////////////////////////
}
function comments($target = '', $target_id = 0, $labels = array())
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
cmsCore::loadModel('comments');
$model = new cms_model_comments($labels);
// Проверяем включени ли компонент
if (!$inCore->isComponentEnable('comments')) {
return false;
}
// Инициализируем права доступа для группы текущего пользователя
$model->initAccess();
global $_LANG;
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$id = cmsCore::request('id', 'int', 0);
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$inPage->addHeadJS('components/comments/js/comments.js');
$inPage->addHeadJsLang(array('EDIT_COMMENT', 'CONFIRM_DEL_COMMENT', 'COMMENT_IN_LINK'));
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'view' && !$target && !$target_id) {
if (!$login) {
$myprofile = false;
$page_title = $inCore->getComponentTitle();
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . $_LANG['COMMENTS'] . '" href="' . HOST . '/rss/comments/all/feed.rss">');
} else {
// проверяем что пользователь есть
$user = cmsUser::getShortUserData($login);
if (!$user) {
cmsCore::error404();
}
// Мои комментарии
$myprofile = $inUser->id == $user['id'];
$page_title = $_LANG['COMMENTS'] . ' - ' . $user['nickname'];
$inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login']));
// Добавляем условие в выборку
$model->whereUserIs($user['id']);
}
$inPage->setTitle($page_title);
$inPage->addPathway($page_title);
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $page_title);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $page_title);
// флаг модератора
$is_moder = $inUser->is_admin || $model->is_can_moderate;
// Не админам только открытые комментарии
if (!($is_moder || $myprofile)) {
$model->whereIsShow();
}
// Общее количество комментариев
$total = $model->getCommentsCount(!($is_moder || $myprofile));
// Сортировка и разбивка на страницы
$inDB->orderBy('c.pubdate', 'DESC');
$inDB->limitPage($page, $model->config['perpage']);
// Сами комментарии
$comments = $total ? $model->getComments(!($is_moder || $myprofile)) : array();
$inDB->resetConditions();
if (!$comments && $page > 1) {
cmsCore::error404();
}
// пагинация
if (!$login) {
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], '/comments/page-%page%');
} else {
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], 'javascript:centerLink(\'/comments/by_user_' . $user['login'] . '/page-%page%\')');
}
// Отдаем в шаблон
cmsPage::initTemplate('components', 'com_comments_list_all')->assign('comments_count', $total)->assign('comments', $comments)->assign('pagebar', $pagebar)->assign('is_user', $inUser->id)->assign('page_title', $page_title)->assign('cfg', $model->config)->assign('is_admin', $is_moder)->display('com_comments_list_all.tpl');
}
//========================================================================================================================//
//========================================================================================================================//
if (!in_array($do, array('add', 'edit', 'delete')) && $target && $target_id) {
if (!$model->config['cmm_ajax']) {
$model->whereTargetIs($target, $target_id);
$inDB->orderBy('c.pubdate', 'ASC');
$comments = cmsCore::callEvent('BEFORE_SHOW_COMMENTS', $model->getComments(!($inUser->is_admin || $model->is_can_moderate), true));
$total = count($comments);
ob_start();
cmsPage::initTemplate('components', 'com_comments_list')->assign('comments_count', $total)->assign('comments', $comments)->assign('user_can_moderate', $model->is_can_moderate)->assign('user_can_delete', $model->is_can_delete)->assign('user_can_add', $model->is_can_add)->assign('is_admin', $inUser->is_admin)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('labels', $model->labels)->assign('target', $target)->assign('target_id', $target_id)->display('com_comments_list.tpl');
$html = ob_get_clean();
} else {
$model->whereTargetIs($target, $target_id);
$total = $model->getCommentsCount(!($inUser->is_admin || $model->is_can_moderate));
$inDB->resetConditions();
}
cmsPage::initTemplate('components', 'com_comments_view')->assign('comments_count', $total)->assign('target', $target)->assign('target_id', $target_id)->assign('is_admin', $inUser->is_admin)->assign('labels', $model->labels)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('user_can_add', $model->is_can_add)->assign('html', isset($html) ? $html : '')->assign('add_comment_js', "addComment('" . $target . "', '" . $target_id . "', 0)")->assign('user_subscribed', cmsUser::isSubscribed($inUser->id, $target, $target_id))->display('com_comments_view.tpl');
}
//========================================================================================================================//
//========================================================================================================================//
// Добавление комментария, форма добавления в addform.php
if ($do == 'add') {
// Только аякс
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
// Очищаем буфер
ob_end_clean();
// Добавлять могут только админы и те, кому разрешено в настройках группы
if (!$model->is_can_add && !$inUser->is_admin) {
cmsCore::error404();
}
// Входные данные
$comment['guestname'] = cmsCore::request('guestname', 'str', '');
$comment['user_id'] = $inUser->id;
if ($model->is_can_bbcode) {
$content = cmsCore::request('content', 'html', '');
$comment['content_bbcode'] = $inDB->escape_string($content);
$content = cmsCore::parseSmiles($content, true);
$comment['content'] = $inDB->escape_string($content);
} else {
$comment['content'] = cmsCore::request('content', 'str', '');
$comment['content_bbcode'] = $comment['content'];
$comment['content'] = str_replace(array('\\r', '\\n'), '<br>', $comment['content']);
}
$comment['parent_id'] = cmsCore::request('parent_id', 'int', 0);
$comment['target'] = cmsCore::request('target', 'str', '');
$comment['target_id'] = cmsCore::request('target_id', 'int', 0);
$comment['ip'] = cmsCore::strClear($_SERVER['REMOTE_ADDR']);
// Проверяем правильность/наличие входных парамеров
// цель комментария
if (!$comment['target'] || !$comment['target_id']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET']));
}
// Имя гостя отсутствует
if (!$comment['guestname'] && !$inUser->id) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_USER_NAME']));
}
// Текст комментраия отсутствует
if (!$comment['content']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT']));
}
// проверяем каптчу
$need_captcha = $model->config['regcap'] ? true : ($inUser->id ? false : true);
if ($need_captcha && !cmsPage::checkCaptchaCode()) {
cmsCore::jsonOutput(array('error' => true, 'is_captcha' => true, 'text' => $_LANG['ERR_CAPTCHA']));
}
// получаем массив со ссылкой и заголовком цели комментария
// для этого:
// 1. узнаем ответственный компонент из cms_comment_targets
$target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*');
if (!$target) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1'));
}
// 2. подключим модель этого компонента
if (cmsCore::loadModel($target['component'])) {
$model_class = 'cms_model_' . $target['component'];
if (class_exists($model_class)) {
$target_model = new $model_class();
}
}
if (!isset($target_model)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #2'));
}
// 3. запросим массив $target_data[link, title] у метода getCommentTarget модели
$target_data = $target_model->getCommentTarget($comment['target'], $comment['target_id']);
if (!$target_data) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #3'));
}
$comment['target_title'] = $target_data['title'];
$comment['target_link'] = $target_data['link'];
// 4. Узнаем видимость комментария в модели $target_model
if (method_exists($target_model, 'getVisibility')) {
$comment['is_hidden'] = $target_model->getVisibility($comment['target'], $comment['target_id']);
} else {
$comment['is_hidden'] = 0;
}
// публикация согласно настроек
$comment['published'] = $inUser->is_admin || $model->is_can_moderate || $model->is_add_published ? 1 : 0;
// Проверяем токен перед самым добавлением комментария
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// 5. добавляем комментарий в базу
$comment_id = $model->addComment($comment);
// 6. Пересчитываем количество комментариев у цели если нужно
if (method_exists($target_model, 'updateCommentsCount')) {
$target_model->updateCommentsCount($comment['target'], $comment['target_id']);
}
if (!$comment['is_hidden'] && $comment['published']) {
//регистрируем событие
$content_short = strip_tags($comment['content']);
cmsActions::log('add_comment', array('object' => $_LANG['COMMENT'], 'object_url' => $comment['target_link'] . '#c' . $comment_id, 'object_id' => $comment_id, 'target' => $comment['target_title'], 'target_url' => $comment['target_link'], 'target_id' => $comment['target_id'], 'description' => mb_strlen($content_short) > 140 ? mb_substr($content_short, 0, 140) : $content_short));
}
////////////////////////////////////////////////////////////////
///////////////// Операции по уведомлениям /////////////////////
$inConf = cmsConfig::getInstance();
$from_nick = $inUser->id ? $inUser->nickname : $comment['guestname'];
$targetlink = HOST . $comment['target_link'] . '#c' . $comment_id;
//получаем ID и e-mail автора
$author = $inUser->id ? $model->getTargetAuthor($target['target_table'], $comment['target_id']) : '';
//подписываем пользователя на обновления, если нужно
if ($inUser->id && cmsCore::inRequest('subscribe')) {
cmsUser::subscribe($inUser->id, $comment['target'], $comment['target_id']);
}
if ($comment['published']) {
//рассылаем уведомления о новом комменте
cmsUser::sendUpdateNotify($comment['target'], $comment['target_id'], array('link' => $comment['target_link'] . '#c' . $comment_id, 'title' => stripslashes($comment['target_title']), 'letter_file' => 'newcomment', 'author' => $inUser->id ? $inUser->nickname : $comment['guestname']));
//проверяем и выдаем награду если нужно
cmsUser::checkAwards($inUser->id);
}
//отправляем админу уведомление о комментарии на e-mail, если нужно
if ($model->config['email']) {
$mailmsg = str_replace(array('{sitename}', '{date}', '{from}', '{subjtitle}', '{targetlink}', '{content}'), array($inConf->sitename, date('d/m/Y (H:i)'), $from_nick, stripslashes($comment['target_title']), $targetlink, strip_tags($comment['content'])), cmsCore::getLanguageTextFile('newcomment_admin'));
$inCore->mailText($model->config['email'], '', $mailmsg);
}
//отправляем автору уведомление на e-mail
if ($author && $comment['published']) {
if ($model->isAuthorNeedMail($author['id']) && $inUser->id != $author['id']) {
$letter = cmsCore::getLanguageTextFile('newpostcomment');
$letter = str_replace('{sitename}', $inConf->sitename, $letter);
$letter = str_replace('{subj}', $target['subj'], $letter);
$letter = str_replace('{subjtitle}', stripslashes($comment['target_title']), $letter);
$letter = str_replace('{targetlink}', $targetlink, $letter);
$letter = str_replace('{date}', date('d/m/Y H:i:s'), $letter);
$letter = str_replace('{from}', $from_nick, $letter);
$inCore->mailText($author['email'], '', $letter);
}
}
if (!$comment['published']) {
$message = str_replace(array('%user%', '%targetlink%'), array($from_nick, $targetlink), $_LANG['COMM_PREMODER_ADMIN_TEXT']);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
}
cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id'], 'is_premod' => $comment['published'] ? 0 : $_LANG['COMM_PREMODER_TEXT'], 'comment_id' => $comment_id));
}
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'edit') {
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
$comment = $model->getComment(cmsCore::request('comment_id', 'int', 0));
if (!$comment) {
die;
}
// редактировать могут авторы (если время редактирования есть)
// модераторы и администраторы
if (!$model->is_can_moderate && !$inUser->is_admin && !($inUser->id == $comment['user_id'] && $comment['is_editable'])) {
cmsCore::error404();
}
if ($model->is_can_bbcode) {
$content = cmsCore::request('content', 'html', '');
$com_new['content_bbcode'] = $inDB->escape_string($content);
$com_new['content'] = $inDB->escape_string(cmsCore::parseSmiles($content, true));
} else {
$com_new['content'] = cmsCore::request('content', 'str', '');
$com_new['content_bbcode'] = $com_new['content'];
$com_new['content'] = str_replace(array('\\r', '\\n'), '<br>', $com_new['content']);
}
// Текст комментраия отсутствует
if (!$com_new['content']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
//Если ошибок не было,
//обновляем комментарий в базе
$model->updateComment($comment['id'], $com_new);
// Обновляем в ленте активности
$content_short = mb_substr(strip_tags($com_new['content']), 0, 140);
cmsActions::updateLog('add_comment', array('description' => $content_short), $comment['id']);
$com_new['content'] = stripslashes(str_replace(array('\\r', '\\n'), ' ', $com_new['content']));
$com_new = cmsCore::callEvent('GET_COMMENT', $com_new);
cmsCore::jsonOutput(array('error' => false, 'text' => $com_new['content'], 'comment_id' => $comment['id']));
}
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'delete') {
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
$comment = $model->getComment($id);
if (!$comment) {
cmsCore::error404();
}
if (!$inUser->id && !($model->is_can_delete && $inUser->id == $comment['user_id']) && !$model->is_can_moderate && !$inUser->is_admin) {
cmsCore::error404();
}
//узнаем ответственный компонент из cms_comment_targets
$target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*');
if (!$target) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1'));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteComment($id);
//подключим модель этого компонента
if (cmsCore::loadModel($target['component'])) {
$model_class = 'cms_model_' . $target['component'];
if (class_exists($model_class)) {
$target_model = new $model_class();
// Пересчитываем количество комментариев у цели если нужно
if (method_exists($target_model, 'updateCommentsCount')) {
$target_model->updateCommentsCount($comment['target'], $comment['target_id']);
}
}
}
cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id']));
}
}
function clubs() {
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_clubs();
$inPhoto = $model->initPhoto();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
// js только авторизованным
if($inUser->id){
$inPage->addHeadJS('components/clubs/js/clubs.js');
}
$pagetitle = $inCore->getComponentTitle();
$id = cmsCore::request('id', 'int', 0);
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$inPage->setTitle($pagetitle);
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
$inPage->addPathway($pagetitle, '/clubs');
$inPage->addHeadJsLang(array('NO_PUBLISH','EDIT_PHOTO','YOU_REALLY_DELETE_PHOTO','YOU_REALLY_DELETE_ALBUM','RENAME_ALBUM','ALBUM_TITLE','ADD_PHOTOALBUM','REALY_EXIT_FROM_CLUB','JOINING_CLUB','SEND_MESSAGE','CREATE','CREATE_CLUB','SEND_INVITE_CLUB','YOU_NO_SELECT_USER'));
//////////////////////// КЛУБЫ ПОЛЬЗОВАТЕЛЯ/////////////////////////////////////
if ($do == 'user_clubs') {
if (!cmsCore::isAjax()) { return false; }
$inPage->displayLangJS(array('CREATE','CREATE_CLUB'));
$user_id = cmsCore::request('user_id', 'int', $inUser->id);
$user = cmsUser::getShortUserData($user_id);
if (!$user) { return false; }
// получаем клубы, в которых пользователь админ
$model->whereAdminIs($user['id']);
$inDB->orderBy('c.pubdate', 'DESC');
$clubs = $model->getClubs();
// получаем клубы, в которых состоит пользователь
$inDB->addSelect('uc.role');
$inDB->addJoin("INNER JOIN cms_user_clubs uc ON uc.club_id = c.id AND uc.user_id = '{$user['id']}'");
$inDB->orderBy('uc.role', 'DESC, uc.pubdate DESC');
$inclubs = $model->getClubs();
cmsPage::initTemplate('components', 'com_clubs_user')->
assign('can_create', (($inUser->id == $user['id']) && ($model->config['cancreate'] || $inUser->is_admin)))->
assign('clubs', array_merge($clubs, $inclubs))->
assign('user', $user)->
assign('my_profile', $user['id'] == $inUser->id)->
display();
}
//////////////////////// ВСЕ КЛУБЫ /////////////////////////////////////////////
if ($do=='view'){
$inDB->orderBy('is_vip', 'DESC, rating DESC');
$inDB->limitPage($page, $model->config['perpage']);
$total = $model->getClubsCount();
$clubs = $model->getClubs();
if (!$clubs && $page > 1) { return false; }
if ($page > 1) {
foreach ($clubs as $c) {
$keys[] = $c['title'];
}
$inPage->setKeywords(implode(',', $keys));
}
cmsPage::initTemplate('components', 'com_clubs_view')->
assign('pagetitle', $pagetitle)->
assign('can_create', ($inUser->id && $model->config['cancreate'] || $inUser->is_admin))->
assign('clubs', $clubs)->
assign('total', $total)->
assign('pagination', cmsPage::getPagebar($total, $page, $model->config['perpage'], '/clubs/page-%page%'))->
display();
}
/////////////////////// ПРОСМОТР КЛУБА /////////////////////////////////////////
if ($do=='club'){
$club = $model->getClub($id);
if (!$club) { return false; }
if (!$club['published'] && !$inUser->is_admin) { return false; }
$inPage->setTitle($club['pagetitle'] ? $club['pagetitle'] : $club['title']);
$inPage->setKeywords($club['meta_keys'] ? $club['meta_keys'] : $club['title']);
if (!$club['meta_desc']) {
if ($club['description']) {
$inPage->setDescription(crop($club['description']));
} else {
$inPage->setDescription($club['title']);
}
} else {
$inPage->setDescription($club['meta_desc']);
}
$inPage->addPathway($club['title']);
$inPage->addHeadJsLang(array('NEW_POST_ON_WALL','CONFIRM_DEL_POST_ON_WALL'));
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub('member');
// Приватный или публичный клуб
$is_access = true;
if ($club['clubtype']=='private' && (!$is_admin && !$is_moder && !$is_member)){
$is_access = false;
}
// Общее количество участников
$club['members'] = $model->club_total_members;
// Общее количество участников
$club['moderators'] = $model->club_total_moderators;
// Массив членов клуба
if($club['members']){
$inDB->limit($model->config['club_perpage']);
$club['members_list'] = $model->getClubMembers($club['id'], 'member');
} else { $club['members_list'] = array(); }
// Массив модераторов клуба
if($club['moderators']){
$club['moderators_list'] = $model->getClubMembers($club['id'], 'moderator');
}
// Стена клуба
// количество записей на стене берем из настроек
$inDB->limitPage(1, $model->config['wall_perpage']);
$club['wall_html'] = cmsUser::getUserWall($club['id'], 'clubs', ($is_moder || $is_admin), ($is_moder || $is_admin));
/////////////////////////////////////////////
//////////// ПОСТЫ БЛОГА КЛУБА //////////////
/////////////////////////////////////////////
if ($club['enabled_blogs']){
$inBlog = $model->initBlog();
$inBlog->whereBlogUserIs($club['id']);
$club['total_posts'] = $inBlog->getPostsCount($is_admin || $is_moder);
$inDB->addSelect('b.user_id as bloglink');
$inDB->orderBy('p.pubdate', 'DESC');
$inDB->limit($model->config['club_posts_perpage']);
$club['blog_posts'] = $inBlog->getPosts(($is_admin || $is_moder), $model, true);
}
/////////////////////////////////////////////
//////////// ФОТОАЛЬБОМЫ КЛУБА //////////////
/////////////////////////////////////////////
if ($club['enabled_photos']){
// Общее количество альбомов
$club['all_albums'] = $inDB->rows_count('cms_photo_albums', "NSDiffer = 'club{$club['id']}' AND user_id = '{$club['id']}' AND parent_id > 0");
// получаем альбомы
if($club['all_albums']){
$inDB->limit($model->config['club_album_perpage']);
$inDB->orderBy('f.pubdate', 'DESC');
$club['photo_albums'] = $inPhoto->getAlbums(0, 'club'.$club['id']);
} else {
$club['photo_albums'] = array();
}
}
// Получаем плагины
$plugins = cmsCore::callTabEventPlugins('GET_SINGLE_CLUB', $club);
cmsPage::initTemplate('components', 'com_clubs_view_club')->
assign('club', $club)->
assign('is_access', $is_access)->
assign('user_id', $inUser->id)->
assign('is_admin', $is_admin)->
assign('is_moder', $is_moder)->
assign('plugins', $plugins)->
assign('is_member', $is_member)->
assign('is_photo_karma_enabled', ((($inUser->karma >= $club['photo_min_karma']) && $is_member) ? true : false))->
assign('is_blog_karma_enabled', ((($inUser->karma >= $club['blog_min_karma']) && $is_member) ? true : false))->
assign('cfg', $model->config)->
display();
}
///////////////////////// СОЗДАНИЕ КЛУБА ///////////////////////////////////////
if ($do == 'create'){
if(!cmsCore::isAjax()) { return false; }
if(!$inUser->id){ return false; }
$can_create = $model->canCreate();
// показываем форму
if (!cmsCore::inRequest('create') ){
cmsPage::initTemplate('components', 'com_clubs_create')->
assign('can_create', $can_create)->
assign('last_message', $model->last_message)->
display();
cmsCore::jsonOutput(array('error' => false,
'can_create' => (bool)$can_create,
'html' => ob_get_clean()));
}
if (cmsCore::inRequest('create')){
if (!$can_create){ return false; }
$title = $inCore->request('title', 'str');
$clubtype = $inCore->request('clubtype', 'str');
if (!$title || !in_array($clubtype, array('public','private'))){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CLUB_REQ_TITLE']));
}
if ($inDB->get_field('cms_clubs', "LOWER(title) = '".mb_strtolower($title)."'", 'id')){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CLUB_EXISTS']));
}
if(!cmsUser::checkCsrfToken()) { return false; }
$club_id = $model->addClub(array('admin_id'=>$inUser->id,
'title'=>$title,
'clubtype'=>$clubtype,
'create_karma'=>$inUser->karma,
'enabled_blogs'=>$model->config['enabled_blogs'],
'enabled_photos'=>$model->config['enabled_photos']));
if($club_id){
//регистрируем событие
cmsActions::log('add_club', array(
'object' => $title,
'object_url' => '/clubs/'.$club_id,
'object_id' => $club_id,
'target' => '',
'target_url' => '',
'target_id' => 0,
'description' => ''
));
}
cmsCore::addSessionMessage($_LANG['CLUB_IS_CREATED'], 'success');
cmsCore::jsonOutput(array('error' => false,
'club_id' => $club_id));
}
}
///////////////////////// НАСТРОЙКИ КЛУБА //////////////////////////////////////
if ($do == 'config'){
if (!$inUser->id){ return false; }
$club = $model->getClub($id);
if (!$club){ return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// настраивать клуб могут только администраторы
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
if (!$is_admin){ return false; }
if (cmsCore::inRequest('save')){
if (!cmsUser::checkCsrfToken()) { return false; }
$description = cmsCore::badTagClear(cmsCore::request('description', 'html', ''));
$new_club['description'] = $inDB->escape_string($description);
$new_club['title'] = cmsCore::request('title', 'str', $club['title']);
$new_club['clubtype'] = cmsCore::request('clubtype', 'str', 'public');
$new_club['maxsize'] = cmsCore::request('maxsize', 'int', 0);
$new_club['blog_min_karma'] = cmsCore::request('blog_min_karma', 'int', 0);
$new_club['photo_min_karma'] = cmsCore::request('photo_min_karma', 'int', 0);
$new_club['album_min_karma'] = cmsCore::request('album_min_karma', 'int', 0);
$new_club['blog_premod'] = cmsCore::request('blog_premod', 'int', 0);
$new_club['photo_premod'] = cmsCore::request('photo_premod', 'int', 0);
$new_club['join_karma_limit'] = cmsCore::request('join_karma_limit', 'int', 0);
$new_club['join_min_karma'] = cmsCore::request('join_min_karma', 'int', 0);
if ($model->config['seo_user_access'] || $inUser->is_admin) {
$new_club['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$new_club['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$new_club['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
// загружаем изображение клуба
$new_imageurl = $model->uploadClubImage($club['imageurl']);
$new_club['imageurl'] = @$new_imageurl['filename'] ? $new_imageurl['filename'] : $club['imageurl'];
// Сохраняем
$model->updateClub($club['id'], $new_club);
// Обновляем ленту активности
cmsActions::updateLog('add_club', array('object' => $new_club['title']), $club['id']);
cmsActions::updateLog('add_club_user', array('object' => $new_club['title']), $club['id']);
if ($inUser->is_admin && IS_BILLING){
$is_vip = cmsCore::request('is_vip', 'int', 0);
$join_cost = cmsCore::request('join_cost', 'int', 0);
$model->setVip($club['id'], $is_vip, $join_cost);
}
$moders = cmsCore::request('moderslist', 'array_int', array());
$members = cmsCore::request('memberslist', 'array_int', array());
$all_users = array_merge($members, $moders);
// Сохраняем пользователей
$model->clubSaveUsers($club['id'], $all_users);
$model->clubSetRole($club['id'], $moders, 'moderator');
// Кешируем количество
$model->setClubMembersCount($club['id']);
cmsCore::addSessionMessage($_LANG['CONFIG_SAVE_OK'], 'info');
cmsCore::redirect('/clubs/'.$club['id']);
}
if (!cmsCore::inRequest('save')){
// Заголовки и пафвей
$inPage->addPathway($club['title'], '/clubs/'.$club['id']);
$inPage->addPathway($_LANG['CONFIG_CLUB']);
$inPage->setTitle($_LANG['CONFIG_CLUB']);
// Список друзей, отсутствующих в клубе
$friends_list = '';
// массив id друзей не в клубе
$friends_ids = array();
// Получаем список друзей
$friends = cmsUser::getFriends($inUser->id);
// Получаем список участников
$members = $model->getClubMembersIds();
// Формируем список друзей, которые еще не в клубе
foreach($friends as $key=>$friend){
if (!in_array($friend['id'], $members) && $friend['id'] != $club['admin_id']){
$friends_list .= '<option value="'.$friend['id'].'">'.$friend['nickname'].'</option>';
$friends_ids[] = $friend['id'];
}
}
// Получаем модераторов клуба
$moderators = $model->getClubMembersIds('moderator');
// формируем список друзья не в клубе + участники клуба кроме модераторов
$fr_plus_members = $members ? array_merge($friends_ids, $members) : $friends_ids;
// Убираем модераторов если они есть
$fr_plus_members = $moderators ? array_diff($fr_plus_members, $moderators) : $fr_plus_members;
// Формируем список option друзей (которые еще не в этом клубе) и участников
if ($fr_plus_members) { $fr_members_list = cmsUser::getAuthorsList($fr_plus_members); } else { $fr_members_list = ''; }
// Формируем список option участников клуба
if ($moderators) { $moders_list = cmsUser::getAuthorsList($moderators); } else { $moders_list = ''; }
if ($members) { $members_list = cmsUser::getAuthorsList($members); } else { $members_list = ''; }
cmsPage::initTemplate('components', 'com_clubs_config')->
assign('club', $club)->
assign('moders_list', $moders_list)->
assign('members_list', $members_list)->
assign('friends_list', $friends_list)->
assign('fr_members_list', $fr_members_list)->
assign('is_billing', IS_BILLING)->
assign('is_admin', $inUser->is_admin)->
assign('cfg', $model->config)->
display();
}
}
///////////////////////// ВЫХОД ИЗ КЛУБА ///////////////////////////////////////////
if ($do == 'leave'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
$club = $model->getClub($id);
if(!$club){ cmsCore::halt(); }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// Выйти из клуба могут только его участники
$is_admin = $inUser->id == $club['admin_id'];
$is_member = $model->checkUserRightsInClub();
if ($is_admin || !$is_member){ cmsCore::halt(); }
if (cmsCore::inRequest('confirm')){
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
cmsCore::callEvent('LEAVE_CLUB', $club);
$model->removeUserFromClub($club['id'], $inUser->id);
// Пересчитываем рейтинг
$model->setClubRating($club['id']);
// Кешируем (пересчитываем) количество участников
$model->setClubMembersCount($club['id']);
// Добавляем событие в ленте активности
cmsActions::removeObjectLog('add_club_user', $club['id'], $inUser->id);
cmsCore::addSessionMessage($_LANG['YOU_LEAVE_CLUB'].'"'.$club['title'].'"', 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/clubs/'.$club['id']));
}
}
///////////////////////// ВСТУПЛЕНИЕ В КЛУБ ////////////////////////////////////
if ($do == 'join'){
if (!$inUser->id){ cmsCore::halt(); }
$club = $model->getClub($id);
if(!$club){ cmsCore::halt(); }
// В приватный клуб участников добавляет администратор
if ($club['clubtype']=='private'){ cmsCore::halt(); }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// проверяем наличие пользователя в клубе
$is_admin = $inUser->id == $club['admin_id'];
$is_member = $model->checkUserRightsInClub();
if ($is_admin || $is_member){ cmsCore::halt(); }
// Проверяем ограничения на количество участников
if ($club['maxsize'] && ($model->club_total_members >= $club['maxsize']) && !$inUser->is_admin){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CLUB_SIZE_LIMIT']));
}
// Проверяем ограничения по карме на вступление
if($club['join_karma_limit'] && ($inUser->karma < $club['join_min_karma']) && !$inUser->is_admin){
cmsCore::jsonOutput(array('error' => true, 'text' => '<p><strong>'.$_LANG['NEED_KARMA_TEXT'].'</strong></p><p>'.$_LANG['NEEDED'].' '.$club['join_min_karma'].', '.$_LANG['HAVE_ONLY'].' '.$inUser->karma.'.</p><p>'.$_LANG['WANT_SEE'].' <a href="/users/'.$inUser->id.'/karma.html">'.$_LANG['HISTORY_YOUR_KARMA'].'</a>?</p>'));
}
//
// Обработка заявки
//
if (cmsCore::inRequest('confirm')){
cmsCore::callEvent('JOIN_CLUB', $club);
//списываем оплату если клуб платный
if (IS_BILLING && $club['is_vip'] && $club['join_cost'] && !$inUser->is_admin){
if ($inUser->balance >= $club['join_cost']){
//если средств на балансе хватает
cmsBilling::pay($inUser->id, $club['join_cost'], sprintf($_LANG['VIP_CLUB_BUY_JOIN'], $club['title']));
} else {
//недостаточно средств, создаем тикет
//и отправляем оплачивать
$billing_ticket = array(
'action' => sprintf($_LANG['VIP_CLUB_BUY_JOIN'], $club['title']),
'cost' => $club['join_cost'],
'amount' => $club['join_cost'] - $inUser->balance,
'url' => $_SERVER['REQUEST_URI'].'?confirm=1'
);
cmsUser::sessionPut('billing_ticket', $billing_ticket);
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/billing/pay'));
}
}
//добавляем пользователя в клуб
$model->addUserToClub($club['id'], $inUser->id);
// Пересчитываем рейтинг клуба
$model->setClubRating($club['id']);
// Кешируем (пересчитываем) количество участников
$model->setClubMembersCount($club['id']);
//регистрируем событие
cmsActions::log('add_club_user', array(
'object' => $club['title'],
'object_url' => '/clubs/'.$club['id'],
'object_id' => $club['id'],
'target' => '',
'target_url' => '',
'target_id' => 0,
'description' => ''
));
cmsCore::addSessionMessage($_LANG['YOU_JOIN_CLUB'].'"'.$club['title'].'"', 'success');
if($_SERVER['REQUEST_URI'] != '/clubs/'.$club['id'].'/join.html'){
cmsCore::redirect('/clubs/'.$club['id']);
} else {
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/clubs/'.$club['id']));
}
}
//
// Форма подтверждения заявки
//
if (!cmsCore::inRequest('confirm')){
$text = '<p>'.$_LANG['YOU_REALY_JOIN_TO'].' <strong>"'.$club['title'].'"</strong>?</p>';
if ($club['is_vip'] && $club['join_cost'] && !$inUser->is_admin){
$text .= '<p>'.$_LANG['VIP_CLUB_JOIN_COST'].' — <strong>'.$club['join_cost'].' '.$_LANG['BILLING_POINT10'].'</strong></p>';
}
cmsCore::jsonOutput(array('error' => false, 'text' => $text));
}
}
///////////////////// РАССЫЛКА СООБЩЕНИЯ УЧАСТНИКАМ ////////////////////////////
if ($do == 'send_message'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
$club = $model->getClub($id);
if(!$club){ cmsCore::halt(); }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// Расылать могут только участники и администраторы
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
if (!$is_admin){ cmsCore::halt(); }
if (!cmsCore::inRequest('gosend')){
$inPage->setRequestIsAjax();
cmsPage::initTemplate('components', 'com_clubs_messages_member')->
assign('club', $club)->
assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->
assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->
display();
cmsCore::jsonOutput(array('error' => false,'html' => ob_get_clean()));
} else {
// Здесь не эскейпим, в методе sendMessage эскейпится
$message = cmsCore::parseSmiles(cmsCore::request('content', 'html', ''), true);
$moderators_list = $model->getClubMembersIds('moderator');
$members_list = $model->getClubMembersIds();
$result_list = cmsCore::inRequest('only_mod') ? $moderators_list : $members_list;
if (mb_strlen($message)<3){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS']));
}
if (!$result_list){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS_NO_MEMBERS']));
}
if (!cmsUser::checkCsrfToken()) { return false; }
$message = str_replace('%club%', '<a href="/clubs/'.$club['id'].'">'.$club['title'].'</a>', $_LANG['MESSAGE_FROM ADMIN']).$message;
cmsUser::sendMessages(USER_UPDATER, $result_list, $message);
$info = cmsCore::inRequest('only_mod') ? $_LANG['SEND_MESS_TO_MODERS_OK'] : $_LANG['SEND_MESS_TO_MEMBERS_OK'];
cmsCore::jsonOutput(array('error' => false, 'text' => $info));
}
}
///////////////////////// ПРИГЛАСИТЬ ДРУЗЕЙ В КЛУБ /////////////////////////////
if ($do == 'join_member'){
if (!$inUser->id) { return false; }
if (!cmsCore::isAjax()) { return false; }
$club = $model->getClub($id);
if(!$club){ cmsCore::halt(); }
if (!$club['published'] && !$inUser->is_admin) { cmsCore::halt(); }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// Расылать могут только участники и администраторы
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_member = $model->checkUserRightsInClub();
if (!$is_admin && !$is_member){ cmsCore::halt(); }
// В приватный клуб приглашения не рассылаем
if ($club['clubtype']=='private'){ cmsCore::halt(); }
// Получаем список друзей
$friends = cmsUser::getFriends($inUser->id);
// Получаем список участников
$members = $model->getClubMembersIds();
// Проверяем наличие друга в списке участников клуба или является ли он администратором
foreach($friends as $key=>$friend){
if (in_array($friend['id'], $members) || $friend['id'] == $club['admin_id']) { unset($friends[$key]); }
}
// Если нет друзей или все друзья уже в этом клубе, то выводим ошибку и возвращаемся назад
if (!$friends){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['SEND_INVITE_ERROR']));
}
// показываем форму для приглашения
if (!cmsCore::inRequest('join')){
// Выводим шаблон
cmsPage::initTemplate('components', 'com_clubs_join_member')->
assign('club', $club)->
assign('friends', $friends)->
display();
cmsCore::jsonOutput(array('error' => false,'html' => ob_get_clean()));
} else { // Приглашаем
$users = cmsCore::request('users', 'array_int', array());
if ($users){
$club_link = '<a href="/clubs/'.$club['id'].'">'.$club['title'].'</a>';
$user_link = cmsUser::getProfileLink($inUser->login, $inUser->nickname);
$link_join = '<a href="/clubs/'.$club['id'].'">'.$_LANG['JOIN_CLUB'] .'</a>';
$message = str_replace(array('%user%','%club%','%link_join%'),
array($user_link,$club_link,$link_join), $_LANG['INVITE_CLUB_TEXT']);
cmsUser::sendMessages(USER_UPDATER, $users, $message);
}
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_INVITE_OK']));
}
}
///////////////////////// ПРОСМОТР УЧАСТНИКОВ //////////////////////////////////
if ($do=='members'){
$club = $model->getClub($id);
if(!$club){ return false; }
if (!$club['published'] && !$inUser->is_admin) { return false; }
$inPage->setTitle($_LANG['CLUB_MEMBERS'].' - '.$club['title']);
$inPage->setDescription($_LANG['CLUB_MEMBERS'].' - '.$club['title']);
$inPage->addPathway($club['title'], '/clubs/'.$club['id']);
$inPage->addPathway($_LANG['CLUB_MEMBERS'].' - '.$club['title']);
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub();
// Приватный или публичный клуб
if ($club['clubtype']=='private' && (!$is_admin && !$is_moder && !$is_member)){
return false;
}
// Общее количество участников
$total_members = $model->club_total_members;
// Массив членов клуба
if($total_members){
$inDB->limitPage($page, $model->config['member_perpage']);
$members = $model->getClubMembers($club['id']);
if(!$members) { return false; }
} else { return false; }
$pagebar = cmsPage::getPagebar($total_members, $page, $model->config['member_perpage'], '/clubs/%id%/members-%page%', array('id'=>$club['id']));
cmsPage::initTemplate('components', 'com_clubs_view_member')->
assign('pagebar', $pagebar)->
assign('page', $page)->
assign('members', $members)->
assign('club', $club)->
assign('total_members', $total_members)->
display();
}
////////////////////////////// ВСЕ АЛЬБОМЫ КЛУБА //////////////////////////////
if ($do=='view_albums'){
$club = $model->getClub($id);
if(!$club){ return false; }
if (!$club['published'] && !$inUser->is_admin) { return false; }
$pagetitle = $_LANG['PHOTOALBUMS'].' - '.$club['title'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($club['title'], '/clubs/'.$club['id']);
$inPage->addPathway($_LANG['PHOTOALBUMS']);
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub('member');
$is_karma_enabled = (($inUser->karma >= $club['photo_min_karma']) && $is_member) ? true : false;
// Приватный или публичный клуб
if ($club['clubtype']=='private' && (!$is_admin && !$is_moder && !$is_member)){
return false;
}
$inDB->orderBy('f.pubdate', 'DESC');
$club['photo_albums'] = $inPhoto->getAlbums(0, 'club'.$club['id']);
if(!$club['photo_albums']) { return false; }
// SEO
$inPage->setDescription($pagetitle);
$keys = array($club['title'], $_LANG['PHOTOALBUMS']);
foreach ($club['photo_albums'] as $p) {
$keys[] = $p['title'];
}
$inPage->setKeywords(implode(',', $keys));
cmsPage::initTemplate('components', 'com_clubs_albums')->
assign('club', $club)->
assign('is_admin', $is_admin)->
assign('is_moder', $is_moder)->
assign('is_karma_enabled', $is_karma_enabled)->
assign('show_title', true)->
assign('pagetitle', $pagetitle)->
display();
}
///////////////////////// ПРОСМОТР АЛЬБОМА КЛУБА ///////////////////////////////
if ($do=='view_album'){
// Получаем альбом
$album = $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int', 0), null);
if (!$album) { return false; }
// Неопубликованные альбомы показываем только админам
if (!$album['published'] && !$inUser->is_admin) { return false; }
if ($album['NSDiffer'] != 'club'. $album['user_id']) { return false; }
// получаем клуб
$club = $model->getClub($album['user_id']);
if(!$club) { return false; }
if (!$club['published'] && !$inUser->is_admin) { return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub();
// Приватный или публичный клуб
if ($club['clubtype']=='private' && (!$is_admin && !$is_moder && !$is_member)){
return false;
}
$hidden = (bool)($is_admin || $is_moder);
// Устанавливаем альбом
$inPhoto->whereAlbumIs($album['id']);
// Общее количество фото по заданным выше условиям
$total = $inPhoto->getPhotosCount($hidden);
//устанавливаем сортировку
$inDB->orderBy('f.id', 'DESC');
//устанавливаем номер текущей страницы и кол-во фото на странице
$inDB->limitPage($page, $model->config['photo_perpage']);
$photos = $inPhoto->getPhotos($hidden);
if (!$photos && $page > 1) { cmsCore::error404(); }
$inPage->addPathway($club['title'], '/clubs/'.$club['id']);
$inPage->addPathway($album['title'], '/clubs/photoalbum'.$album['id']);
$inPage->setTitle($album['title']);
$inPage->setDescription($album['title'].' - '.$_LANG['CLUB_PHOTO_ALBUM'].' "'.$club['title'].'"');
$keys = array($album['title'], $club['title']);
if ($photos) {
foreach ($photos as $p) {
$keys[] = $p['title'];
}
}
$inPage->setKeywords(implode(',', $keys));
cmsPage::initTemplate('components', 'com_clubs_view_album')->
assign('club', $club)->
assign('total', $total)->
assign('album', $album)->
assign('photos', $photos)->
assign('is_admin', $is_admin)->
assign('is_moder', $is_moder)->
assign('is_member', $is_member)->
assign('cfg', $model->config)->
assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['photo_perpage'], '/clubs/photoalbum'.$album['id'].'/page-%page%'))->
display();
}
///////////////////////// УДАЛЕНИЕ АЛЬБОМА /////////////////////////////////////
if ($do=='delete_album'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
if(!cmsUser::checkCsrfToken()) { return false; }
$album = $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int', 0), null);
if (!$album) { cmsCore::halt(); }
$club = $model->getClub($album['user_id']);
if(!$club) { cmsCore::halt(); }
$model->initClubMembers($club['id']);
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
if(!$is_admin && !$is_moder) { cmsCore::halt(); }
$inPhoto->deleteAlbum($album['id'], 'club'.$club['id'], $model->initUploadClass());
cmsCore::addSessionMessage($_LANG['ALBUM_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/clubs/'.$club['id']));
}
//////////////////////////////// ПРОСМОТР ФОТО /////////////////////////////////
if ($do=='view_photo'){
// Получаем фото
$photo = $inPhoto->getPhoto(cmsCore::request('photo_id', 'int', 0));
if (!$photo) { return false; }
$photo = cmsCore::callEvent('VIEW_CLUB_PHOTO', $photo);
// получаем клуб
$club = $model->getClub($photo['auser_id']);
if(!$club) { return false; }
if (!$club['published'] && !$inUser->is_admin) { return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub();
$is_author = $photo['user_id'] == $inUser->id;
if (!$photo['published'] && !$is_admin && !$is_moder) { return false; }
// Фото приватного клуба показываем только участникам
if ($club['clubtype']=='private' && !$is_member && !$is_admin){ return false; }
$inPage->addPathway($club['title'], '/clubs/'. $club['id']);
$inPage->addPathway($photo['cat_title'], '/clubs/photoalbum'.$photo['album_id']);
$inPage->addPathway($photo['title']);
$inPage->setTitle($photo['pagetitle'] ? $photo['pagetitle'] : $photo['title']);
$inPage->setKeywords($photo['meta_keys'] ? $photo['meta_keys'] : $photo['title']);
if (!$photo['meta_desc']) {
if ($photo['description']) {
$inPage->setDescription(crop($photo['description']));
} else {
$inPage->setDescription($photo['title']);
}
} else {
$inPage->setDescription($photo['meta_desc']);
}
// ссылки вперед назад
$photo['nextid'] = $inDB->get_fields('cms_photo_files', 'id<'.$photo['id'].' AND album_id = '.$photo['album_id'], 'id, file, title', 'id DESC');
$photo['previd'] = $inDB->get_fields('cms_photo_files', 'id>'.$photo['id'].' AND album_id = '.$photo['album_id'], 'id, file, title', 'id ASC');
// кнопки голосования
$photo['karma_buttons'] = cmsKarmaButtons('club_photo', $photo['id'], $photo['rating'], $is_author);
// Обновляем кол-во просмотров
if(!$is_author){
$inDB->setFlag('cms_photo_files', $photo['id'], 'hits', $photo['hits']+1);
}
// выводим в шаблон
cmsPage::initTemplate('components', 'com_clubs_view_photo')->
assign('club', $club)->
assign('photo', $photo)->
assign('is_admin', $is_admin)->
assign('is_moder', $is_moder)->
assign('is_exists_original', (file_exists(PATH.'/images/photos/'. $photo['file'])))->
assign('is_author', $is_author)->
display();
//если есть, выводим комментарии
if ($photo['comments'] && $inCore->isComponentEnable('comments')) {
cmsCore::includeComments();
comments('club_photo', $photo['id'], array(), $is_author);
}
}
////////////////////////////// УДАЛИТЬ ФОТО ////////////////////////////////////
if ($do=='delete_photo'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
if(!cmsUser::checkCsrfToken()) { return false; }
$photo = $inPhoto->getPhoto(cmsCore::request('photo_id', 'int', 0));
if (!$photo) { cmsCore::halt(); }
// получаем клуб
$club = $model->getClub($photo['auser_id']);
if(!$club) { cmsCore::halt(); }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
// удалять могут только модераторы и администраторы
if(!$is_admin && !$is_moder) { cmsCore::halt(); }
$inPhoto->deletePhoto($photo, $model->initUploadClass());
cmsCore::addSessionMessage($_LANG['PHOTO_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/clubs/photoalbum'.$photo['album_id']));
}
///////////////////////// РЕДАКТИРОВАТЬ ФОТО ///////////////////////////////////
if ($do=='edit_photo'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
$photo = $inPhoto->getPhoto(cmsCore::request('photo_id', 'int', 0));
if (!$photo) { cmsCore::halt(); }
// получаем клуб
$club = $model->getClub($photo['auser_id']);
if(!$club) { cmsCore::halt(); }
if (!$club['published'] && !$inUser->is_admin) { return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_author = $photo['user_id'] == $inUser->id;
if(!$is_admin && !$is_moder && !$is_author) { cmsCore::halt(); }
if (!cmsCore::inRequest('edit_photo')){
cmsPage::initTemplate('components', 'com_photos_edit')->
assign('photo', $photo)->
assign('form_action', '/clubs/editphoto'.$photo['id'].'.html')->
assign('no_tags', true)->
assign('is_admin', ($is_admin || $is_moder))->
display();
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$mod['title'] = cmsCore::request('title', 'str', '');
$mod['title'] = $mod['title'] ? $mod['title'] : $photo['title'];
$mod['description'] = cmsCore::request('description', 'str', '');
$mod['comments'] = ($is_admin || $is_moder) ? cmsCore::request('comments', 'int') : $photo['comments'];
if ($model->config['seo_user_access'] || $inUser->is_admin) {
$mod['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$mod['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$mod['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
$file = $model->initUploadClass()->uploadPhoto($photo['file']);
$mod['file'] = $file['filename'] ? $file['filename'] : $photo['file'];
$inPhoto->updatePhoto($mod, $photo['id']);
$description = '<a href="/clubs/photo'.$photo['id'].'.html" class="act_photo"><img border="0" src="/images/photos/small/'.$mod['file'].'" /></a>';
cmsActions::updateLog('add_photo_club', array('object' => $mod['title'], 'description' => $description), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_SAVED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/clubs/photo'.$photo['id'].'.html'));
}
}
/////////////////////////////// PHOTO PUBLISH //////////////////////////////////
if ($do=='publish_photo'){
if(!$inUser->id) { return false; }
if(!cmsCore::isAjax()) { return false; }
$photo = $inPhoto->getPhoto(cmsCore::request('photo_id', 'int', 0));
if (!$photo) { cmsCore::halt(); }
// получаем клуб
$club = $model->getClub($photo['auser_id']);
if(!$club) { cmsCore::halt(); }
if (!$club['published'] && !$inUser->is_admin) { return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
if(!$is_admin && !$is_moder) { cmsCore::halt(); }
$inPhoto->publishPhoto($photo['id']);
$description = $club['clubtype']=='private' ? '' :
'<a href="/clubs/photo'.$photo['id'].'.html" class="act_photo"><img border="0" src="/images/photos/small/'.$photo['file'].'" /></a>';
cmsActions::log('add_photo_club', array(
'object' => $photo['title'],
'object_url' => '/clubs/photo'.$photo['id'].'.html',
'object_id' => $photo['id'],
'user_id' => $photo['user_id'],
'target' => $club['title'],
'target_id' => $photo['album_id'],
'target_url' => '/clubs/'.$club['id'],
'description' => $description
));
cmsCore::halt('ok');
}
///////////////////////// ЗАГРУЗКА ФОТО ////////////////////////////////////////
if ($do=='add_photo'){
// Неавторизованных просим авторизоваться
if (!$inUser->id) { cmsUser::goToLogin(); }
$do_photo = cmsCore::request('do_photo', 'str', 'addphoto');
$album = $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int', 0), null);
if (!$album) { return false; }
if (!$album['published'] && !$inUser->is_admin) { return false; }
$club = $model->getClub($album['user_id']);
if(!$club) { return false; }
// если фотоальбомы запрещены
if(!$club['enabled_photos']){ return false; }
// Инициализируем участников клуба
$model->initClubMembers($club['id']);
// права доступа
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
$is_member = $model->checkUserRightsInClub('member');
$is_karma_enabled = (($inUser->karma >= $club['photo_min_karma']) && $is_member) ? true : false;
if(!$is_karma_enabled && !$is_admin && !$is_moder) {
cmsCore::addSessionMessage('<p><strong>'.$_LANG['NEED_KARMA_PHOTO'].'</strong></p><p>'.$_LANG['NEEDED'].' '.$club['photo_min_karma'].', '.$_LANG['HAVE_ONLY'].' '.$inUser->karma.'.</p><p>'.$_LANG['WANT_SEE'].' <a href="/users/'.$inUser->id.'/karma.html">'.$_LANG['HISTORY_YOUR_KARMA'].'</a>?</p>', 'error');
cmsCore::redirectBack();
}
$inPage->addPathway($club['title'], '/clubs/'.$club['id']);
$inPage->addPathway($album['title'], '/clubs/photoalbum'.$album['id']);
return include 'components/clubs/add_photo.php';
}
///////////////////////// БЛОГИ КЛУБОВ /////////////////////////////////////////
if ($do == 'club_blogs') {
$bdo = cmsCore::request('bdo', 'str', 'view_clubs_posts');
$post_id = cmsCore::request('post_id', 'int', 0);
$cat_id = cmsCore::request('cat_id', 'int', 0);
$seolink = cmsCore::request('seolink', 'str', '');
$on_moderate = cmsCore::request('on_moderate', 'int', 0);
$inBlog = $model->initBlog();
$inPage->addHeadJsLang(array('NEW_CAT','RENAME_CAT','YOU_REALY_DELETE_CAT','YOU_REALY_DELETE_POST','NO_PUBLISHED'));
return include 'components/clubs/club_blogs.php';
}
}
<?php
header('Content-Type: text/html; charset=utf-8');
header('X-Frame-Options: DENY');
session_start();
define("VALID_CMS", 1);
define("VALID_CMS_ADMIN", 1);
define('PATH', $_SERVER['DOCUMENT_ROOT']);
require PATH . '/core/cms.php';
require PATH . '/admin/includes/cp.php';
$inCore = cmsCore::getInstance(false, true);
cmsCore::loadClass('page');
cmsCore::loadClass('user');
cmsCore::loadClass('actions');
if (!cmsCore::c('user')->update() || !cmsCore::isAjax()) {
cmsCore::error404();
}
if (!cmsCore::c('user')->is_admin) {
cmsCore::halt($_LANG['ACCESS_DENIED']);
}
cmsCore::c('actions')->showTargets(true);
$total = cmsCore::c('actions')->getCountActions();
$page = cmsCore::request('page', 'int', 1);
cmsCore::c('db')->limitPage($page, 10);
cmsCore::c('page')->initTemplate('components', 'actions_list')->assign('actions', cmsCore::c('actions')->getActionsLog())->assign('pagebar', cmsPage::getPagebar($total, $page, 10, '#" onclick="$.post(\'/admin/ajax/getActions.php\', \'page=%page%\', function(m){ $(\'#actions\').html(m); }); return false'))->display();
function photos()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
cmsCore::loadClass('photo');
$inPhoto = cmsPhoto::getInstance();
global $_LANG;
$model = new cms_model_photos();
$pagetitle = $inCore->menuTitle();
$root_album_id = $inDB->getNsRootCatId('cms_photo_albums');
$id = cmsCore::request('id', 'int', $root_album_id);
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$inPage->addPathway($inCore->getComponentTitle(), '/photos');
// только авторизованные пользуются js
if ($inUser->id) {
$inPage->addHeadJS('components/photos/js/photos.js');
$inPage->addHeadJsLang(array('NO_PUBLISH', 'EDIT_PHOTO', 'YOU_REALLY_DELETE_PHOTO', 'MOVE_PHOTO'));
}
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
/////////////////////////////// Просмотр альбома ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'view') {
$album = $inDB->getNsCategory('cms_photo_albums', $id, null);
if (!$album && $inCore->menuId() !== 1) {
cmsCore::error404();
}
// Неопубликованные альбомы показываем только админам
if (!$album['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $album);
// если не корневой альбом
if ($album['id'] != $root_album_id) {
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $album['NSLeft'], $album['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $album['title'] . ' - ' . $_LANG['PHOTOGALLERY'];
$inPage->setTitle($album['pagetitle'] ? $album['pagetitle'] : $pagetitle);
} else {
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['PHOTOGALLERY'];
$inPage->setTitle($pagetitle);
$album['title'] = $pagetitle;
}
//Формируем подкатегории альбома
$inDB->orderBy('f.' . $model->config['orderby'], $model->config['orderto']);
$subcats = $inPhoto->getAlbums($album['id']);
// Сортировка фотографий
$orderby = cmsCore::getSearchVar('orderby', $album['orderby']);
$orderto = cmsCore::getSearchVar('orderto', $album['orderto']);
if (!in_array($orderby, array('title', 'pubdate', 'rating', 'hits'))) {
$orderby = $album['orderby'];
}
if (!in_array($orderto, array('desc', 'asc'))) {
$orderto = $album['orderto'];
}
// Устанавливаем альбом
$inPhoto->whereAlbumIs($album['id']);
// Общее количество фото по заданным выше условиям
$total = $inPhoto->getPhotosCount($inUser->is_admin);
//устанавливаем сортировку
$inDB->orderBy('f.' . $orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во фото на странице
$inDB->limitPage($page, $album['perpage']);
$photos = $inPhoto->getPhotos($inUser->is_admin, $album['showdate']);
if (!$photos && $page > 1) {
cmsCore::error404();
}
if ($album['id'] != $root_album_id) {
// meta description
if ($album['meta_desc']) {
$meta_desc = $album['meta_desc'];
} elseif (mb_strlen(strip_tags($album['description'])) >= 250) {
$meta_desc = crop($album['description']);
} else {
$meta_desc = $album['title'];
}
$inPage->setDescription($meta_desc);
// meta keywords
if ($album['meta_keys']) {
$meta_keys = $album['meta_keys'];
} elseif ($photos) {
foreach ($photos as $p) {
$k[] = $p['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $album['title'];
}
$inPage->setKeywords($meta_keys);
}
cmsPage::initTemplate('components', 'com_photos_view')->assign('root_album_id', $root_album_id)->assign('cfg', $model->config)->assign('album', $album)->assign('can_add_photo', $album['public'] && $inUser->id || $inUser->is_admin)->assign('subcats', $subcats)->assign('photos', $photos)->assign('pagebar', cmsPage::getPagebar($total, $page, $album['perpage'], '/photos/' . $album['id'] . '-%page%'))->assign('total', $total)->assign('orderby', $orderby)->assign('orderto', $orderto)->display('com_photos_view.tpl');
// если есть фотограйии в альбоме и включены комментарии в альбоме, то показываем их
if ($album['is_comments'] && $photos && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('palbum', $album['id']);
}
}
/////////////////////////////// VIEW PHOTO ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'viewphoto') {
// получаем фото
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::error404();
}
// Если фото клуба редиректим на новый алрес
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::redirect('/clubs/photo' . $photo['id'] . '.html', '301');
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
// неопубликованное фото видно админам и автору
if (!$photo['published'] && !$inUser->is_admin && !$is_author) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $photo['NSLeft'], $photo['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
$inPage->addPathway($photo['title']);
$inPage->setTitle($photo['pagetitle'] ? $photo['pagetitle'] : $photo['title']);
$inPage->setKeywords($photo['meta_keys'] ? $photo['meta_keys'] : $photo['title']);
if (!$photo['meta_desc']) {
if ($photo['description']) {
$inPage->setDescription(crop($photo['description']));
} else {
$inPage->setDescription($photo['title']);
}
} else {
$inPage->setDescription($photo['meta_desc']);
}
// Обновляем количество просмотров фотографии
if (!$is_author) {
$inDB->setFlag('cms_photo_files', $photo['id'], 'hits', $photo['hits'] + 1);
}
//навигация
if ($photo['album_nav']) {
$nextid = $inDB->get_fields('cms_photo_files', 'id<' . $photo['id'] . ' AND album_id = ' . $photo['album_id'] . ' AND published=1', 'id, file', 'id DESC');
$previd = $inDB->get_fields('cms_photo_files', 'id>' . $photo['id'] . ' AND album_id = ' . $photo['album_id'] . ' AND published=1', 'id, file', 'id ASC');
} else {
$previd = false;
$nextid = false;
}
$photo['karma_buttons'] = cmsKarmaButtons('photo', $photo['id'], $photo['rating'], $is_author);
$photo['genderlink'] = cmsUser::getGenderLink($photo['user_id'], $photo['nickname'], $photo['gender'], $photo['login']);
cmsPage::initTemplate('components', 'com_photos_view_photo')->assign('photo', $photo)->assign('bbcode', '[IMG]' . HOST . '/images/photos/medium/' . $photo['file'] . '[/IMG]')->assign('previd', $previd)->assign('nextid', $nextid)->assign('cfg', $model->config)->assign('is_author', $is_author)->assign('is_admin', $inUser->is_admin)->assign('tagbar', $photo['a_tags'] ? cmsTagBar('photo', $photo['id']) : '')->display('com_photos_view_photo.tpl');
//выводим комментарии, если они разрешены и фото опубликовано
if ($photo['comments'] && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('photo', $photo['id'], array(), $is_author);
}
}
/////////////////////////////// PHOTO UPLOAD ////////////////////////////////////////////////////////////////////////////////
if ($do == 'addphoto') {
// Неавторизованных просим авторизоваться
if (!$inUser->id) {
cmsUser::goToLogin();
}
$do_photo = cmsCore::request('do_photo', 'str', 'addphoto');
// получаем альбом
$album = $inDB->getNsCategory('cms_photo_albums', $id);
if (!$album) {
cmsCore::error404();
}
if (!$album['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $album);
// права доступа
// загружаем только в разрешенные альбомы
if (!$album['public'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Смотрим ограничения загрузки в сутки
$today_uploaded = $album['uplimit'] ? $model->loadedByUser24h($inUser->id, $album['id']) : 0;
if (!$inUser->is_admin && $album['uplimit'] && $today_uploaded >= $album['uplimit']) {
cmsCore::addSessionMessage('<strong>' . $_LANG['MAX_UPLOAD_IN_DAY'] . '</strong> ' . $_LANG['CAN_UPLOAD_TOMORROW'], 'error');
cmsCore::redirectBack();
}
// глубиномер
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $album['NSLeft'], $album['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
include 'components/photos/add_photo.php';
}
/////////////////////////////// PHOTO EDIT ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'editphoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
// получаем фото
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
if (!$inUser->is_admin && !$is_author) {
cmsCore::halt();
}
if (cmsCore::inRequest('edit_photo')) {
$mod['title'] = cmsCore::request('title', 'str', '');
$mod['title'] = $mod['title'] ? $mod['title'] : $photo['title'];
$mod['description'] = cmsCore::request('description', 'str', '');
$mod['tags'] = cmsCore::request('tags', 'str', '');
$mod['comments'] = $inUser->is_admin ? cmsCore::request('comments', 'int') : $photo['comments'];
if ($model->config['seo_user_access'] || $inUser->is_admin) {
$mod['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$mod['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$mod['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
$file = $model->initUploadClass($inDB->getNsCategory('cms_photo_albums', $photo['album_id']))->uploadPhoto($photo['file']);
$mod['file'] = $file['filename'] ? $file['filename'] : $photo['file'];
$inPhoto->updatePhoto($mod, $photo['id']);
$description = '<a href="/photos/photo' . $photo['id'] . '.html" class="act_photo"><img src="/images/photos/small/' . $mod['file'] . '" alt="' . htmlspecialchars(stripslashes($mod['title'])) . '" /></a>';
cmsActions::updateLog('add_photo', array('object' => $mod['title'], 'description' => $description), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_SAVED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/photo' . $photo['id'] . '.html'));
} else {
$photo['tags'] = cmsTagLine('photo', $photo['id'], false);
cmsPage::initTemplate('components', 'com_photos_edit')->assign('photo', $photo)->assign('form_action', '/photos/editphoto' . $photo['id'] . '.html')->assign('no_tags', false)->assign('is_admin', $inUser->is_admin)->assign('cfg', $model->config)->display('com_photos_edit.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
}
/////////////////////////////// PHOTO MOVE /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'movephoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
if (!$inUser->is_admin) {
cmsCore::halt();
}
if (!cmsCore::inRequest('move_photo')) {
cmsPage::initTemplate('components', 'com_photos_move')->assign('form_action', '/photos/movephoto' . $photo['id'] . '.html')->assign('html', $inPhoto->getAlbumsOption('', $photo['album_id']))->display('com_photos_move.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int')));
if (!$album) {
cmsCore::halt();
}
if (!$album['public'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Смотрим ограничения загрузки в сутки
$today_uploaded = $album['uplimit'] ? $model->loadedByUser24h($inUser->id, $album['id']) : 0;
if (!$inUser->is_admin && $album['uplimit'] && $today_uploaded >= $album['uplimit']) {
cmsCore::jsonOutput(array('error' => true, 'text' => '<strong>' . $_LANG['MAX_UPLOAD_IN_DAY'] . '</strong> ' . $_LANG['CAN_UPLOAD_TOMORROW']));
}
$inDB->query("UPDATE cms_photo_files SET album_id = '{$album['id']}' WHERE id = '{$photo['id']}'");
cmsActions::updateLog('add_photo', array('target' => $album['title'], 'target_url' => '/photos/' . $album['id'], 'target_id' => $album['id']), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_MOVED'], 'info');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $album['id']));
}
}
/////////////////////////////// PHOTO DELETE /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'delphoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
if (!$inUser->is_admin && !$is_author) {
cmsCore::halt();
}
$inPhoto->deletePhoto($photo, $model->initUploadClass($inDB->getNsCategory('cms_photo_albums', $photo['album_id'])));
cmsCore::addSessionMessage($_LANG['PHOTO_DELETED'], 'success');
cmsUser::clearCsrfToken();
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $photo['album_id']));
}
/////////////////////////////// PHOTO PUBLISH /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'publish_photo') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (!$inUser->is_admin) {
cmsCore::halt();
}
$inPhoto->publishPhoto($photo['id']);
cmsCore::callEvent('ADD_PHOTO_DONE', $photo);
$description = '<a href="/photos/photo' . $photo['id'] . '.html" class="act_photo"><img src="/images/photos/small/' . $photo['file'] . '" alt="' . htmlspecialchars(stripslashes($photo['title'])) . '" /></a>';
cmsActions::log('add_photo', array('object' => $photo['title'], 'object_url' => '/photos/photo' . $photo['id'] . '.html', 'object_id' => $photo['id'], 'user_id' => $photo['user_id'], 'target' => $photo['cat_title'], 'target_id' => $photo['album_id'], 'target_url' => '/photos/' . $photo['album_id'], 'description' => $description));
cmsCore::halt('ok');
}
/////////////////////////////// VIEW LATEST/BEST PHOTOS //////////////////////////////////////////////////////////////////////////////
if (in_array($do, array('latest', 'best'))) {
if ($do == 'latest') {
$inDB->orderBy('f.pubdate', 'DESC');
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['NEW_PHOTO_IN_GALLERY'];
} else {
$inDB->orderBy('f.rating', 'DESC');
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['BEST_PHOTOS'];
}
$inDB->limit($model->config['best_latest_perpage']);
// выбираем категории фото
$inDB->addJoin("INNER JOIN cms_photo_albums a ON a.id = f.album_id AND a.published = 1 AND a.NSDiffer = ''");
$inDB->addSelect('a.title as cat_title');
$photos = $inPhoto->getPhotos(false, 'with_comments');
if (!$photos) {
cmsCore::error404();
}
$inPage->addPathway($pagetitle);
$inPage->setTitle($pagetitle);
cmsPage::initTemplate('components', 'com_photos_bl')->assign('maxcols', $model->config['best_latest_maxcols'])->assign('pagetitle', $pagetitle)->assign('photos', $photos)->display('com_photos_bl.tpl');
}
/////////////////////////////// /////////////////////////////// ////////////////
}
function actions()
{
$inCore = cmsCore::getInstance();
$inUser = cmsUser::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inActions = cmsActions::getInstance();
$model = new cms_model_actions();
global $_LANG;
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$user_id = cmsCore::request('user_id', 'int', 0);
$perpage = 6;
$pagetitle = $inCore->getComponentTitle();
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle, '/actions');
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
//============================================================================//
if ($do == 'delete') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$id = cmsCore::request('id', 'int', 0);
if (!$id) {
cmsCore::error404();
}
$model->deleteAction($id);
cmsCore::redirectBack();
}
//============================================================================//
if ($do == 'view') {
$inActions->showTargets($model->config['show_target']);
if ($model->config['act_type'] && !$model->config['is_all']) {
$inActions->onlySelectedTypes($model->config['act_type']);
}
$total = $inActions->getCountActions();
$inDB->limitPage($page, $model->config['perpage']);
$actions = $inActions->getActionsLog();
if (!$actions && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_actions_view')->assign('actions', $actions)->assign('pagetitle', $pagetitle)->assign('total', $total)->assign('user_id', $inUser->id)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['perpage'], '/actions/page-%page%'))->display('com_actions_view.tpl');
}
//============================================================================//
if ($do == 'view_user_feed') {
if (!$inUser->id) {
cmsCore::error404();
}
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
// Получаем друзей
$friends = cmsUser::getFriends($inUser->id);
$friends_total = count($friends);
// нам нужно только определенное количество друзей
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage, true);
if ($friends) {
$inActions->onlyMyFriends();
$inActions->showTargets($model->config['show_target']);
$inDB->limitIs($model->config['perpage_tab']);
$actions = $inActions->getActionsLog();
} else {
$actions = array();
}
cmsPage::initTemplate('components', 'com_actions_view_tab')->assign('actions', $actions)->assign('friends', $friends)->assign('user_id', $user_id)->assign('page', $page)->assign('cfg', $model->config)->assign('total_pages', ceil($friends_total / $perpage))->assign('friends_total', $friends_total)->display('com_actions_view_tab.tpl');
}
//============================================================================//
if ($do == 'view_user_feed_only') {
if (!$inUser->id) {
cmsCore::error404();
}
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
if ($user_id) {
if (!cmsUser::isFriend($user_id)) {
cmsCore::error404();
}
$inActions->whereUserIs($user_id);
} else {
$inActions->onlyMyFriends();
}
$inActions->showTargets($model->config['show_target']);
$inDB->limitIs($model->config['perpage_tab']);
$actions = $inActions->getActionsLog();
// получаем последний элемент массива для выборки имя пользователя и ссылки на профиль.
if ($actions) {
$user = end($actions);
} else {
$user = cmsUser::getShortUserData($user_id);
}
cmsPage::initTemplate('components', 'com_actions_tab')->assign('actions', $actions)->assign('user_id', $user_id)->assign('user', $user)->assign('cfg', $model->config)->display('com_actions_tab.tpl');
}
//============================================================================//
if ($do == 'view_user_friends_only') {
if (!$inUser->id) {
cmsCore::error404();
}
if (!cmsCore::isAjax()) {
cmsCore::error404();
}
// Получаем друзей
$friends = cmsUser::getFriends($inUser->id);
$friends_total = count($friends);
// нам нужно только определенное количество друзей
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage, true);
cmsPage::initTemplate('components', 'com_actions_friends')->assign('friends', $friends)->assign('page', $page)->assign('user_id', $user_id)->assign('total_pages', ceil($friends_total / $perpage))->assign('friends_total', $friends_total)->display('com_actions_friends.tpl');
}
}
function forum()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_forum();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
cmsCore::loadClass('billing');
}
global $_LANG;
$pagetitle = $inCore->getComponentTitle();
$inPage->addPathway($pagetitle, '/forum');
$inPage->setTitle($pagetitle);
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
$id = cmsCore::request('id', 'int', 0);
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$inPage->addHeadJS('components/forum/js/common.js');
$inPage->addHeadJsLang(array('CONFIRM_DELETE_POLL', 'CONFIRM_DEL_POST', 'CONFIRM_DEL_THREAD', 'MOVE_THREAD', 'MOVE_POST', 'RENAME_THREAD', 'CONFIRM_DELETE_FILE', 'SELECT_NEW_FILE_UPLOAD', 'SELECT_TEXT_QUOTE', 'CONFIRM_DELETE_ALL_USER_POSTS'));
//============================================================================//
//=============================== Список Форумов ============================//
//============================================================================//
if ($do == 'view') {
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . $_LANG['FORUMS'] . '" href="' . HOST . '/rss/forum/all/feed.rss">');
$forums = $model->getForums();
cmsPage::initTemplate('components', 'com_forum_list')->assign('pagetitle', $pagetitle)->assign('forums', $forums)->assign('forum', array())->assign('user_id', $inUser->id)->assign('cfg', $model->config)->display('com_forum_list.tpl');
}
//============================================================================//
//================ Список тем форума + список подфорумов ====================//
//============================================================================//
if ($do == 'forum') {
$forum = $model->getForum($id);
if (!$forum) {
cmsCore::error404();
}
$forum = translations::process(cmsConfig::getConfig('lang'), 'forum_forums', $forum);
$moderators = $model->getForumModerators($forum['moder_list']);
// опции просмотра
$order_by = cmsCore::getSearchVar('order_by', 'pubdate');
$order_to = cmsCore::getSearchVar('order_to', 'desc');
if (!in_array($order_by, array('pubdate', 'title', 'post_count', 'hits'))) {
$order_by = 'pubdate';
}
if (!in_array($order_to, array('asc', 'desc'))) {
$order_to = 'desc';
}
$daysprune = (int) cmsCore::getSearchVar('daysprune');
if (!cmsCore::checkContentAccess($forum['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars($forum['title']) . '" href="' . HOST . '/rss/forum/' . $forum['id'] . '/feed.rss">');
$inPage->setTitle($forum['pagetitle'] ? $forum['pagetitle'] : $forum['title']);
$inPage->setDescription($forum['meta_desc'] ? $forum['meta_desc'] : crop($forum['description'] ? $forum['description'] : $forum['title']));
$inPage->setKeywords($forum['meta_keys'] ? $forum['meta_keys'] : $forum['title']);
// Получаем дерево форумов
$path_list = $inDB->getNsCategoryPath('cms_forums', $forum['NSLeft'], $forum['NSRight'], 'id, title, access_list, moder_list');
// Строим глубиномер
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'forum_forums', $path_list);
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
}
// Получим подфорумы
$model->whereNestedForum($forum['NSLeft'], $forum['NSRight']);
$sub_forums = $model->getForums();
cmsPage::initTemplate('components', 'com_forum_list')->assign('pagetitle', $forum['title'])->assign('forums', $sub_forums)->assign('forum', $forum)->assign('cfg', $model->config)->assign('user_id', $inUser->id)->display('com_forum_list.tpl');
// Получим темы
if ($daysprune) {
$model->whereDayIntervalIs($daysprune);
}
$model->whereForumIs($forum['id']);
$inDB->orderBy('t.pinned', 'DESC, t.' . $order_by . ' ' . $order_to);
$inDB->limitPage($page, $model->config['pp_forum']);
$threads = $model->getThreads();
if (!$threads && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_forum_view')->assign('threads', $threads)->assign('show_panel', true)->assign('order_by', $order_by)->assign('order_to', $order_to)->assign('daysprune', $daysprune)->assign('moderators', $moderators)->assign('pagination', cmsPage::getPagebar($forum['thread_count'], $page, $model->config['pp_forum'], '/forum/' . $forum['id'] . '-%page%'))->display('com_forum_view.tpl');
}
//============================================================================//
//======================== Просмотр темы форума =============================//
//============================================================================//
if ($do == 'thread') {
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::error404();
}
// Строим глубиномер
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'forum_forums', $path_list);
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
// Для последнего форума проверяем
// не модератор ли текущий пользователь
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$inPage->addPathway($thread['title'], '/forum/thread' . $thread['id'] . '.html');
if (!$thread['is_mythread']) {
$inDB->setFlag('cms_forum_threads', $thread['id'], 'hits', $thread['hits'] + 1);
}
// получаем посты
$model->whereThreadIs($thread['id']);
$inDB->orderBy('p.pinned', 'DESC, p.pubdate ASC');
$inDB->limitPage($page, $model->config['pp_thread']);
$posts = $model->getPosts();
if (!$posts) {
cmsCore::error404();
}
// SEO
$inPage->setTitle($thread['title']);
// meta description
if (!$thread['description']) {
$first_post = current($posts);
$first_post_content = strip_tags($first_post['content_html']);
if (mb_strlen($first_post_content) >= 100) {
$inPage->setDescription(crop($first_post_content));
} else {
$inPage->setDescription($thread['title']);
}
} else {
$inPage->setDescription(crop($thread['description']));
}
// meta keywords
$all_post_content = '';
foreach ($posts as $p) {
$all_post_content .= ' ' . strip_tags($p['content_html']);
}
$meta_keys = cmsCore::getKeywords($all_post_content);
$inPage->setKeywords($meta_keys ? $meta_keys : $thread['title']);
cmsCore::initAutoGrowText('#message');
cmsPage::initTemplate('components', 'com_forum_view_thread')->assign('forum', $pcat)->assign('forums', $model->getForums())->assign('is_subscribed', cmsUser::isSubscribed($inUser->id, 'forum', $thread['id']))->assign('thread', $thread)->assign('prev_thread', $inDB->get_fields('cms_forum_threads', "id < '{$thread['id']}' AND forum_id = '{$thread['forum_id']}'", 'id, title', 'id DESC'))->assign('next_thread', $inDB->get_fields('cms_forum_threads', "id > '{$thread['id']}' AND forum_id = '{$thread['forum_id']}'", 'id, title', 'id ASC'))->assign('posts', $posts)->assign('thread_poll', $model->getThreadPoll($thread['id']))->assign('page', $page)->assign('num', ($page - 1) * $model->config['pp_thread'] + 1)->assign('lastpage', ceil($thread['post_count'] / $model->config['pp_thread']))->assign('pagebar', cmsPage::getPagebar($thread['post_count'], $page, $model->config['pp_thread'], '/forum/thread' . $thread['id'] . '-%page%.html'))->assign('user_id', $inUser->id)->assign('do', $do)->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->assign('is_can_add_post', cmsUser::isUserCan('forum/add_post'))->assign('cfg', $model->config)->assign('bb_toolbar', $inUser->id && $model->config['fast_on'] && $model->config['fast_bb'] ? cmsPage::getBBCodeToolbar('message', $model->config['img_on']) : '')->assign('smilies', $inUser->id && $model->config['fast_on'] && $model->config['fast_bb'] ? cmsPage::getSmilesPanel('message') : '')->display('com_forum_view_thread.tpl');
}
//============================================================================//
//================ Новая тема, написать/редактировать пост ===================//
//============================================================================//
if (in_array($do, array('newthread', 'newpost', 'editpost'))) {
if (!$inUser->id) {
cmsUser::goToLogin();
}
// id первого поста в теме
$first_post_id = false;
// опросов по умолчанию нет
$thread_poll = array();
// применяется при редактировании поста
$is_allow_attach = true;
// ограничение по карме
if (in_array($do, array('newthread', 'newpost'))) {
if ($inUser->karma < $model->config['min_karma_add'] && !$inUser->is_admin) {
cmsCore::addSessionMessage(sprintf($_LANG['ADD_KARMA_LIMIT'], cmsCore::spellCount($model->config['min_karma_add'], $_LANG['KPOINT1'], $_LANG['KPOINT2'], $_LANG['KPOINT10']), $inUser->karma), 'error');
cmsCore::redirectBack();
}
}
// новая тема
if ($do == 'newthread') {
// права доступа
if (!cmsUser::isUserCan('forum/add_thread') && !$inUser->is_admin) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$forum = $model->getForum($id);
if (!$forum) {
cmsCore::error404();
}
if (!cmsCore::checkContentAccess($forum['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $forum['NSLeft'], $forum['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
if (IS_BILLING && $forum['topic_cost']) {
cmsBilling::checkBalance('forum', 'add_thread', false, $forum['topic_cost']);
}
$pagetitle = $_LANG['NEW_THREAD'];
$thread = cmsUser::sessionGet('thread');
if ($thread) {
cmsUser::sessionDel('thread');
}
$last_post['content'] = cmsUser::sessionGet('post_content');
if ($last_post['content']) {
cmsUser::sessionDel('post_content');
}
}
// новый пост
if ($do == 'newpost') {
// права доступа
if (!cmsUser::isUserCan('forum/add_post') && !$inUser->is_admin) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$thread = $model->getThread($id);
if (!$thread || $thread['closed']) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$inPage->addPathway($thread['title'], '/forum/thread' . $thread['id'] . '.html');
$pagetitle = $_LANG['NEW_POST'];
$last_post = $model->getPost(cmsCore::request('replyid', 'int', 0));
if ($last_post) {
$last_post['content'] = preg_replace('/\\[hide(.*?)\\](.*?)\\[\\/hide\\]/sui', '', $last_post['content']);
$last_post['content'] = preg_replace('/\\[hide(.*?)\\](.*?)$/sui', '', $last_post['content']);
$quote_nickname = $inDB->get_field('cms_users', "id = '{$last_post['user_id']}'", 'nickname');
$last_post['content'] = '[quote=' . $quote_nickname . ']' . "\r\n" . $last_post['content'] . "\r\n" . '[/quote]' . "\r\n\r\n";
$pagetitle = $_LANG['REPLY_FULL_QUOTE'];
}
}
// редактирование поста
if ($do == 'editpost') {
$last_post = $model->getPost($id);
if (!$last_post) {
cmsCore::error404();
}
$is_allow_attach = $last_post['attach_count'] < $model->config['fa_max'];
// уменьшаем значение настроек согласно загруженных файлов
$model->config['fa_max'] = $model->config['fa_max'] - $last_post['attach_count'];
$thread = $model->getThread($last_post['thread_id']);
if (!$thread || $thread['closed']) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$inPage->addPathway($thread['title'], '/forum/thread' . $thread['id'] . '.html');
$end_min = $model->checkEditTime($last_post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $last_post['user_id'] == $inUser->id;
// редактировать могут только администраторы, модераторы или авторы, если время есть
if (!$inUser->is_admin && !$is_forum_moder && !$is_author_can_edit) {
cmsCore::error404();
}
if (!$inUser->is_admin && !$is_forum_moder && $model->config['edit_minutes']) {
$msg_minute = str_replace('{min}', cmsCore::spellCount($end_min, $_LANG['MINUTE1'], $_LANG['MINUTE2'], $_LANG['MINUTE10']), $_LANG['EDIT_INFO']);
cmsCore::addSessionMessage($msg_minute, 'info');
}
$first_post_id = $inDB->get_field('cms_forum_posts', "thread_id = '{$thread['id']}' ORDER BY pubdate ASC", 'id');
$thread_poll = $model->getThreadPoll($thread['id']);
$pagetitle = $_LANG['EDIT_POST'];
}
/////////////////////////
/// Показываем форму ///
/////////////////////////
if (!cmsCore::inRequest('gosend')) {
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$inPage->addHeadJsLang(array('FILE_SELECTED', 'FILE_DENIED', 'FILE_DUPLICATE'));
cmsCore::initAutoGrowText('#message');
cmsPage::initTemplate('components', 'com_forum_add')->assign('pagetitle', $pagetitle)->assign('is_first_post', isset($last_post['id']) ? $first_post_id == $last_post['id'] : true)->assign('thread_poll', $thread_poll)->assign('cfg', $model->config)->assign('do', $do)->assign('forum', isset($forum) ? $forum : $pcat)->assign('is_subscribed', cmsUser::isSubscribed($inUser->id, 'forum', @$thread['id']))->assign('thread', $thread)->assign('post_content', htmlspecialchars($last_post['content']))->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->assign('is_allow_attach', cmsCore::checkContentAccess($model->config['group_access']) && $is_allow_attach)->assign('bb_toolbar', cmsPage::getBBCodeToolbar('message', $model->config['img_on'], 'forum', 'post', @$last_post['id']))->assign('smilies', cmsPage::getSmilesPanel('message'))->display('com_forum_add.tpl');
} else {
/////////////////////////
// Выполняем действия ///
/////////////////////////
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$message_bb = $inDB->escape_string(cmsCore::request('message', 'html', ''));
$message_html = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true));
if (!$message_html) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_POST'], 'error');
cmsCore::redirectBack();
}
$message_post = strip_tags($message_html);
$message_post = mb_strlen($message_post) > 200 ? mb_substr($message_post, 0, 200) : $message_post;
$post_pinned = 0;
if (in_array($do, array('newthread', 'newpost'))) {
if ($do == 'newthread') {
$thread['title'] = cmsCore::request('title', 'str', '');
$thread['description'] = cmsCore::request('description', 'str', '');
$post_pinned = 1;
if (!$thread['title']) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE_THREAD_YOUR_POST'], 'error');
cmsUser::sessionPut('thread', $thread);
cmsUser::sessionPut('post_content', stripcslashes($message_bb));
cmsCore::redirectBack();
}
$thread['is_hidden'] = cmsCore::yamlToArray($forum['access_list']) ? 1 : 0;
$thread['forum_id'] = $forum['id'];
$thread['user_id'] = $inUser->id;
$thread['pubdate'] = date("Y-m-d H:i:s");
$thread['hits'] = 0;
$thread['id'] = $model->addThread($thread);
$thread['NSLeft'] = $forum['NSLeft'];
$thread['NSRight'] = $forum['NSRight'];
$thread['post_count'] = 0;
if (IS_BILLING && $forum['topic_cost']) {
cmsBilling::process('forum', 'add_thread', $forum['topic_cost']);
}
}
$post_id = $model->addPost(array('thread_id' => $thread['id'], 'user_id' => $inUser->id, 'pinned' => $post_pinned, 'content' => $message_bb, 'content_html' => $message_html, 'pubdate' => date("Y-m-d H:i:s"), 'editdate' => date("Y-m-d H:i:s")));
// Обновляем количество постов в теме
$thread_post_count = $model->updateThreadPostCount($thread['id']);
// Закрываем тему если нужно
$is_fixed = cmsCore::request('fixed', 'int', 0);
if ($is_fixed && ($is_forum_moder || $inUser->is_admin || $thread['is_mythread'])) {
$model->closeThread($thread['id']);
}
// Загружаем аттачи
if ($model->config['fa_on'] && cmsCore::checkContentAccess($model->config['group_access'])) {
$file_error = $model->addUpdatePostAttachments($post_id);
if ($file_error === false) {
cmsCore::addSessionMessage($_LANG['CHECK_SIZE_TYPE_FILE'] . $model->config['fa_max'], 'error');
}
}
// Обновляем кеши
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
$total_pages = ceil($thread_post_count / $model->config['pp_thread']);
// Проверяем награды
cmsUser::checkAwards($inUser->id);
// Рассылаем уведомления тем, кто подписан
if ($do == 'newpost') {
cmsUser::sendUpdateNotify('forum', $thread['id'], array('link' => '/forum/thread' . $thread['id'] . '-' . $total_pages . '.html#' . $post_id, 'title' => stripslashes($thread['title']), 'letter_file' => 'newforumpost', 'author' => $inUser->nickname));
}
// Подписываемся сами если нужно
if (cmsCore::inRequest('subscribe')) {
cmsUser::subscribe($inUser->id, 'forum', $thread['id']);
}
// Если пост не в скрытый форум и не в объедненный с предыдущим, добавляем в ленту
if (!$thread['is_hidden'] && $thread_post_count > $thread['post_count']) {
if ($do == 'newthread') {
cmsActions::log('add_thread', array('object' => $thread['title'], 'object_url' => '/forum/thread' . $thread['id'] . '-1.html', 'object_id' => $thread['id'], 'target' => $forum['title'], 'target_url' => '/forum/' . $forum['id'], 'target_id' => $forum['id'], 'description' => $message_post));
} else {
cmsActions::log('add_fpost', array('object' => $_LANG['MESSAGE'], 'object_url' => '/forum/thread' . $thread['id'] . '-' . $total_pages . '.html#' . $post_id, 'object_id' => $post_id, 'target' => $thread['title'], 'target_url' => '/forum/thread' . $thread['id'] . '.html', 'target_id' => $thread['id'], 'description' => $message_post));
}
}
// Для новой темы прикрепляем опрос если нужно
if ($do == 'newthread') {
$model->addPoll(cmsCore::request('poll', 'array', array()), $thread['id']);
$last_poll_error = $model->getLastAddPollError();
if ($last_poll_error) {
cmsCore::addSessionMessage($last_poll_error, 'error');
cmsCore::redirect('/forum/editpost' . $post_id . '-1.html');
}
}
cmsCore::redirect('/forum/thread' . $thread['id'] . '-' . $total_pages . '.html#' . $post_id);
} elseif ($do == 'editpost') {
$model->updatePost(array('content' => $message_bb, 'content_html' => $message_html, 'edittimes' => $last_post['edittimes'] + 1, 'editdate' => date("Y-m-d H:i:s")), $last_post['id']);
if ($model->config['fa_on'] && cmsCore::checkContentAccess($model->config['group_access'])) {
$file_error = $model->addUpdatePostAttachments($last_post['id']);
if ($file_error === false) {
cmsCore::addSessionMessage($_LANG['CHECK_SIZE_TYPE_FILE'] . $model->config['fa_max'], 'error');
}
}
if ($first_post_id == $last_post['id']) {
cmsActions::updateLog('add_thread', array('description' => $message_post), $thread['id']);
if ($thread_poll) {
$model->updatePoll(cmsCore::request('poll', 'array', array()), $thread_poll);
} else {
$model->addPoll(cmsCore::request('poll', 'array', array()), $thread['id']);
}
$last_poll_error = $model->getLastAddPollError();
if ($last_poll_error) {
cmsUser::sessionPut('thread', $thread);
cmsUser::sessionPut('post_content', stripcslashes($message_bb));
cmsCore::addSessionMessage($last_poll_error, 'error');
cmsCore::redirectBack();
}
} else {
cmsActions::updateLog('add_fpost', array('description' => $message_post), $last_post['id']);
}
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
cmsCore::redirect('/forum/thread' . $thread['id'] . '-' . $page . '.html#' . $last_post['id']);
}
}
}
///////////////////////////// DELETE POST /////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'deletepost') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if (!$inUser->id) {
cmsCore::error404();
}
$post = $model->getPost($id);
if (!$post) {
cmsCore::error404();
}
$thread = $model->getThread($post['thread_id']);
if (!$thread) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list, NSLeft, NSRight');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::error404();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$end_min = $model->checkEditTime($post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $post['user_id'] == $inUser->id;
if (!$inUser->is_admin && !($is_forum_moder && !cmsUser::userIsAdmin($post['user_id'])) && !$is_author_can_edit) {
cmsCore::error404();
}
$model->deletePost($post['id']);
$model->updateThreadPostCount($post['thread_id']);
$model->cacheThreadLastPost($post['thread_id']);
if ($path_list) {
$path_list = array_reverse($path_list);
foreach ($path_list as $pcat) {
$model->updateForumCache($pcat['NSLeft'], $pcat['NSRight']);
}
}
cmsCore::addSessionMessage($_LANG['MSG_IS_DELETED'], 'info');
$total_pages = ceil(($thread['post_count'] - 1) / $model->config['pp_thread']);
if ($page > $total_pages) {
$page = $total_pages;
}
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/forum/thread' . $thread['id'] . '-' . $page . '.html'));
}
//============================================================================//
//========================== Операции с темами ===============================//
//============================================================================//
if (in_array($do, array('movethread', 'renamethread', 'deletethread', 'close', 'pin', 'pin_post', 'move_post'))) {
if (!$inUser->id) {
cmsCore::error404();
}
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::halt();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list, NSLeft, NSRight');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
//======================= Перемещение темы ===============================//
if ($do == 'movethread') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gomove')) {
cmsPage::initTemplate('components', 'com_forum_move_thread')->assign('thread', $thread)->assign('forums', $model->getForums())->display('com_forum_move_thread.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$new_forum = $model->getForum(cmsCore::request('forum_id', 'int', 0));
if (!$new_forum) {
cmsCore::error404();
}
$is_hidden = 0;
$path_list = $inDB->getNsCategoryPath('cms_forums', $new_forum['NSLeft'], $new_forum['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
if (cmsCore::yamlToArray($pcat['access_list'])) {
$is_hidden = 1;
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
if (!$is_forum_moder && !$inUser->is_admin) {
cmsCore::addSessionMessage($_LANG['YOU_NO_THIS_FORUM_MODER'], 'error');
cmsCore::redirect('/forum/thread' . $thread['id'] . '.html');
}
$inDB->query("UPDATE cms_forum_threads SET forum_id = '{$new_forum['id']}', is_hidden = '{$is_hidden}' WHERE id = '{$thread['id']}'");
cmsActions::updateLog('add_thread', array('target' => $new_forum['title'], 'target_url' => '/forum/' . $new_forum['id'], 'target_id' => $new_forum['id']), $thread['id']);
// Обновляем кешированные значения
// для старого форума
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
// для нового форума
$model->updateForumCache($new_forum['NSLeft'], $new_forum['NSRight'], true);
cmsCore::addSessionMessage($_LANG['THREAD_IS_MOVE'] . '"' . $new_forum['title'] . '"', 'success');
cmsCore::redirect('/forum/thread' . $thread['id'] . '.html');
}
}
//===================== Переименование темы ==============================//
if ($do == 'renamethread') {
if (!$inUser->is_admin && !$is_forum_moder && !$thread['is_mythread']) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gorename')) {
cmsPage::initTemplate('components', 'com_forum_rename_thread')->assign('thread', $thread)->display('com_forum_rename_thread.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$new_thread['title'] = cmsCore::request('title', 'str', $thread['title']);
$new_thread['description'] = cmsCore::request('description', 'str', '');
$model->updateThread($new_thread, $thread['id']);
cmsActions::updateLog('add_fpost', array('target' => $new_thread['title']), 0, $thread['id']);
cmsActions::updateLog('add_thread', array('object' => $new_thread['title']), $thread['id']);
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
cmsCore::jsonOutput(array('error' => false, 'title' => stripslashes($new_thread['title']), 'description' => stripslashes($new_thread['description'])));
}
}
//======================= Удаление темы ==================================//
if ($do == 'deletethread') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if (!$inUser->is_admin && !($is_forum_moder && !cmsUser::userIsAdmin($thread['user_id'])) && !$thread['is_mythread']) {
cmsCore::halt();
}
$model->deleteThread($thread['id']);
// Обновляем кешированные значения
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/forum/' . $thread['forum_id']));
}
//=============== Прикрепление/открепление темы ==========================//
if ($do == 'pin') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
$pinned = cmsCore::request('pinned', 'int', 0);
$inDB->query("UPDATE cms_forum_threads SET pinned = '{$pinned}' WHERE id = '{$thread['id']}'");
cmsCore::halt($pinned);
}
//========== Прикрепление/открепление сообщения темы =====================//
if ($do == 'pin_post') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
$pinned = cmsCore::request('pinned', 'int', 0);
$post_id = cmsCore::request('post_id', 'int', 0);
// Проверяем, принадлежит ли сообщение теме
if (!$model->isBelongsToPostTopic($post_id, $thread['id'])) {
cmsCore::halt();
}
$inDB->query("UPDATE cms_forum_posts SET pinned = '{$pinned}' WHERE id = '{$post_id}' AND thread_id = '{$thread['id']}'");
// Ниже строки для тех, кто обновлялся с 1.9, если чистая установка, их можно удалить
// Ставим принудительно для первого поста темы флаг pinned
if ($pinned) {
$first_post_id = $inDB->get_field('cms_forum_posts', "thread_id = '{$thread['id']}' ORDER BY pubdate ASC", 'id');
$inDB->query("UPDATE cms_forum_posts SET pinned = 1 WHERE id = '{$first_post_id}' AND thread_id = '{$thread['id']}'");
}
cmsCore::redirect('/forum/thread' . $thread['id'] . '-1.html#' . $post_id);
}
//=========================== Перенос сообщения темы =====================//
if ($do == 'move_post') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
$post_id = cmsCore::request('post_id', 'int', 0);
// Проверяем, принадлежит ли сообщение теме
if (!$model->isBelongsToPostTopic($post_id, $thread['id'])) {
cmsCore::halt();
}
cmsCore::callEvent('MOVE_FORUM_POST', array('thread' => $thread, 'post_id' => $post_id));
if (!cmsCore::inRequest('gomove')) {
cmsPage::initTemplate('components', 'com_forum_move_post')->assign('thread', $thread)->assign('post_id', $post_id)->assign('threads', cmsCore::getListItems('cms_forum_threads', $thread['id'], 'title', 'ASC', "forum_id = '{$thread['forum_id']}'"))->display('com_forum_move_post.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$new_thread = $model->getThread(cmsCore::request('new_thread_id', 'int', 0));
if (!$new_thread) {
cmsCore::error404();
}
$n_path_list = $inDB->getNsCategoryPath('cms_forums', $new_thread['NSLeft'], $new_thread['NSRight'], 'id, title, access_list, moder_list, NSLeft, NSRight');
if ($n_path_list) {
foreach ($n_path_list as $n_pcat) {
if (!cmsCore::checkContentAccess($n_pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($n_pcat['moder_list']);
}
if (!$is_forum_moder && !$inUser->is_admin) {
cmsCore::error404();
}
$model->updatePost(array('thread_id' => $new_thread['id'], 'pubdate' => date("Y-m-d H:i:s")), $post_id);
$model->updateThreadPostCount($thread['id']);
$thread_post_count = $model->updateThreadPostCount($new_thread['id']);
$total_pages = ceil($thread_post_count / $model->config['pp_thread']);
cmsActions::updateLog('add_fpost', array('target' => $new_thread['title'], 'target_url' => '/forum/thread' . $new_thread['id'] . '.html', 'target_id' => $new_thread['id'], 'object_url' => '/forum/thread' . $new_thread['id'] . '-' . $total_pages . '.html#' . $post_id, 'pubdate' => date("Y-m-d H:i:s")), $post_id);
$model->cacheThreadLastPost($thread['id']);
if ($path_list) {
$path_list = array_reverse($path_list);
foreach ($path_list as $pcat) {
$model->cacheLastPost($pcat['NSLeft'], $pcat['NSRight']);
}
}
if ($n_path_list) {
$n_path_list = array_reverse($n_path_list);
foreach ($n_path_list as $pcat) {
$model->cacheLastPost($pcat['NSLeft'], $pcat['NSRight']);
}
}
cmsCore::addSessionMessage($_LANG['POST_IS_MOVE'] . '"' . $new_thread['title'] . '"', 'success');
cmsCore::redirect('/forum/thread' . $new_thread['id'] . '-' . $total_pages . '.html#' . $post_id);
}
}
//==================== Открытие/закрытие темы ============================//
if ($do == 'close') {
if (!$inUser->is_admin && !$is_forum_moder && !$thread['is_mythread']) {
cmsCore::halt();
}
$closed = cmsCore::request('closed', 'int', 0);
if ($closed) {
$model->closeThread($thread['id']);
} else {
$model->openThread($thread['id']);
}
cmsCore::halt($closed);
}
cmsCore::halt();
}
//============================================================================//
//========================== Операции с файлами ==============================//
//============================================================================//
if (in_array($do, array('download', 'delfile', 'reloadfile'))) {
if (!$model->config['fa_on']) {
cmsCore::error404();
}
$file = $model->getPostAttachment($id);
if (!$file) {
cmsCore::error404();
}
$post = $model->getPost($file['post_id']);
if (!$post) {
cmsCore::error404();
}
$thread = $model->getThread($post['thread_id']);
if (!$thread) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::error404();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
//================= Скачивание прикрепленного файла ======================//
if ($do == 'download') {
$location = PATH . '/upload/forum/post' . $file['post_id'] . '/' . $file['filename'];
if (!file_exists($location)) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_forum_files SET hits = hits + 1 WHERE id = '{$file['id']}'");
ob_clean();
header('Content-Disposition: attachment; filename=' . htmlspecialchars($file['filename']));
header('Content-Type: application/x-force-download; name="' . htmlspecialchars($file['filename']) . '"');
header('Content-Length: ' . $file['filesize']);
header('Accept-Ranges: bytes');
cmsCore::halt(file_get_contents($location));
}
//=================== Удаление прикрепленного файла ======================//
if ($do == 'delfile') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$end_min = $model->checkEditTime($post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $post['user_id'] == $inUser->id && cmsCore::checkContentAccess($model->config['group_access']);
if (!$inUser->is_admin && !$is_forum_moder && !$is_author_can_edit) {
cmsCore::halt();
}
$model->deletePostAttachment($file);
cmsCore::halt(1);
}
//================== Перезакачка прикрепленного файла ====================//
if ($do == 'reloadfile') {
$end_min = $model->checkEditTime($post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $post['user_id'] == $inUser->id && cmsCore::checkContentAccess($model->config['group_access']);
if (!$inUser->is_admin && !$is_forum_moder && !$is_author_can_edit) {
cmsCore::error404();
}
if (!cmsCore::inRequest('goreload')) {
cmsPage::initTemplate('components', 'com_forum_file_reload')->assign('file', $file)->assign('cfg', $model->config)->display('com_forum_file_reload.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$success = $model->addUpdatePostAttachments($post['id'], $file);
if ($success) {
$post['attached_files'] = $model->getPostAttachments($post['id']);
$post['is_author_can_edit'] = $is_author_can_edit;
cmsPage::initTemplate('components', 'com_forum_attached_files')->assign('post', $post)->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->assign('cfg', $model->config)->display('com_forum_attached_files.tpl');
cmsCore::jsonOutput(array('error' => false, 'post_id' => $post['id'], 'html' => ob_get_clean()));
} else {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CHECK_SIZE_TYPE_FILE'] . $model->config['fa_max']));
}
}
}
cmsCore::halt();
}
//============================================================================//
//========================= Операции с опросами ==============================//
//============================================================================//
if ($do == 'view_poll') {
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::halt();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$thread_poll = $model->getThreadPoll($thread['id']);
if (!$thread_poll) {
cmsCore::halt();
}
if ($inUser->id && $thread_poll['is_user_vote'] && $thread_poll['options']['change'] && cmsCore::request('revote', 'int')) {
$model->deleteVote($thread_poll);
$thread_poll['is_user_vote'] = 0;
$thread_poll['vote_count'] -= 1;
}
if (!$thread_poll['is_user_vote'] && !$thread_poll['options']['result']) {
$thread_poll['show_result'] = cmsCore::request('show_result', 'int');
}
cmsPage::initTemplate('components', 'com_forum_thread_poll')->assign('thread', $thread)->assign('thread_poll', $thread_poll)->assign('user_id', $inUser->id)->assign('do', $thread_poll['show_result'] ? $do : 'thread')->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->display('com_forum_thread_poll.tpl');
cmsCore::halt(ob_get_clean());
}
if ($do == 'delete_poll') {
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::halt();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$thread_poll = $model->getThreadPoll($thread['id']);
if (!$thread_poll) {
cmsCore::halt();
}
if (!$is_forum_moder && !$inUser->is_admin) {
cmsCore::halt();
}
$model->deletePoll($thread_poll['id']);
cmsCore::halt(1);
}
if ($do == 'vote_poll') {
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$answer = cmsCore::request('answer', 'str', '');
$poll = $model->getPollById(cmsCore::request('poll_id', 'int'));
if (!$answer || !$poll) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['SELECT_THE_OPTION']));
}
if ($model->isUserVoted($poll['id'])) {
cmsCore::jsonOutput(array('error' => true, 'text' => ''));
}
$model->votePoll($poll, $answer);
cmsCore::jsonOutput(array('error' => false, 'text' => ''));
}
//============================================================================//
//========================= Последние сообщения ==============================//
//============================================================================//
if ($do == 'latest_posts') {
$inActions = cmsActions::getInstance();
$inPage->setTitle($_LANG['LATEST_POSTS_ON_FORUM']);
$inPage->addPathway($_LANG['FORUMS'], '/forum');
$inPage->addPathway($_LANG['LATEST_POSTS_ON_FORUM']);
$inActions->showTargets(true);
$action = $inActions->getAction('add_fpost');
$inActions->onlySelectedTypes(array($action['id']));
$total = $inActions->getCountActions();
$inDB->limitPage($page, 15);
$actions = $inActions->getActionsLog();
if (!$actions && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_forum_actions')->assign('actions', $actions)->assign('total', $total)->assign('do', $do)->assign('user_id', $inUser->id)->assign('pagetitle', $_LANG['LATEST_POSTS_ON_FORUM'])->assign('pagebar', cmsPage::getPagebar($total, $page, 15, '/forum/latest_posts/page-%page%'))->display('com_forum_actions.tpl');
}
//============================================================================//
//============================= Последние темы ===============================//
//============================================================================//
if ($do == 'latest_thread') {
$inActions = cmsActions::getInstance();
$inPage->setTitle($_LANG['NEW_THREADS_ON_FORUM']);
$inPage->addPathway($_LANG['FORUMS'], '/forum');
$inPage->addPathway($_LANG['NEW_THREADS_ON_FORUM']);
$inActions->showTargets(true);
$action = $inActions->getAction('add_thread');
$inActions->onlySelectedTypes(array($action['id']));
$total = $inActions->getCountActions();
$inDB->limitPage($page, 15);
$actions = $inActions->getActionsLog();
if (!$actions && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_forum_actions')->assign('actions', $actions)->assign('total', $total)->assign('do', $do)->assign('user_id', $inUser->id)->assign('pagetitle', $_LANG['NEW_THREADS_ON_FORUM'])->assign('pagebar', cmsPage::getPagebar($total, $page, 15, '/forum/latest_thread/page-%page%'))->display('com_forum_actions.tpl');
}
//============================================================================//
//========================== Просмотр категории ==============================//
//============================================================================//
if ($do == 'view_cat') {
$cat = $model->getForumCat(cmsCore::request('seolink', 'str', ''));
if (!$cat) {
cmsCore::error404();
}
$cat = translations::process(cmsConfig::getConfig('lang'), 'forum_forum_cats', $cat);
$inPage->setTitle($cat['pagetitle'] ? $cat['pagetitle'] : $cat['title']);
$inPage->setDescription($cat['meta_desc'] ? $cat['meta_desc'] : $cat['title']);
$inPage->setKeywords($cat['meta_keys'] ? $cat['meta_keys'] : $cat['title']);
$inPage->addPathway($cat['title']);
$model->whereForumCatIs($cat['id']);
$sub_forums = $model->getForums();
cmsPage::initTemplate('components', 'com_forum_list')->assign('pagetitle', $cat['title'])->assign('forums', $sub_forums)->assign('forum', array())->assign('cfg', $model->config)->assign('user_id', false)->display('com_forum_list.tpl');
$inDB->addJoin('INNER JOIN cms_forums f ON f.id = t.forum_id');
$inDB->where("t.is_hidden = 0");
$model->whereForumCatIs($cat['id']);
$inDB->orderBy('t.pubdate', 'DESC, t.hits DESC');
$inDB->limit(15);
$threads = $model->getThreads();
cmsPage::initTemplate('components', 'com_forum_view')->assign('threads', $threads)->display('com_forum_view.tpl');
}
//============================================================================//
//===================== Активность пользователя ==============================//
//============================================================================//
if ($do == 'user_activity') {
$login = cmsCore::request('login', 'str', $inUser->login);
$sub_do = cmsCore::request('sub_do', 'str', 'threads');
$user = cmsUser::getShortUserData($login);
if (!$user) {
cmsCore::error404();
}
$my_profile = $inUser->login == $login;
$pagetitle = $my_profile ? $_LANG['MY_ACTIVITY'] : $user['nickname'] . ' - ' . $_LANG['ACTIVITY_ON_FORUM'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$threads = array();
$posts = array();
if (!$my_profile && !$inUser->is_admin) {
$model->wherePublicThreads();
}
$model->whereThreadUserIs($user['id']);
$thread_count = $model->getThreadsCount();
if ($sub_do == 'threads' && $thread_count) {
$inDB->orderBy('t.pubdate', 'DESC, t.hits DESC');
$inDB->limitPage($page, 15);
$threads = $model->getThreads();
$pagination = cmsPage::getPagebar($thread_count, $page, 15, "javascript:forum.getUserActivity('threads','/forum/{$user['login']}_activity.html','%page%');");
}
$inDB->resetConditions();
// Если тем у пользователя нет, показываем вкладку сообщений
if (!$thread_count) {
$sub_do = 'posts';
}
$inDB->addSelect('t.title as thread_title');
$inDB->addJoin('INNER JOIN cms_forum_threads t ON t.id = p.thread_id');
$model->wherePostUserIs($user['id']);
if (!$my_profile && !$inUser->is_admin) {
$model->wherePublicThreads();
}
$post_count = $model->getPostsCount();
// Если сообщений нет, 404
if (!$post_count && !$my_profile) {
cmsCore::error404();
}
if ($sub_do == 'posts' && $post_count) {
$inDB->orderBy('p.thread_id', 'DESC, p.pubdate DESC');
$inDB->limitPage($page, 10);
$posts = $model->getPosts();
$pagination = cmsPage::getPagebar($post_count, $page, 10, "javascript:forum.getUserActivity('posts','/forum/{$user['login']}_activity.html','%page%');");
}
$inDB->resetConditions();
cmsPage::initTemplate('components', 'com_forum_user_activity')->assign('threads', $threads)->assign('posts', $posts)->assign('post_count', $post_count)->assign('thread_count', $thread_count)->assign('pagetitle', $pagetitle)->assign('sub_do', $sub_do)->assign('page', $page)->assign('user_id', $user['id'])->assign('my_profile', $my_profile)->assign('is_admin', $inUser->is_admin)->assign('is_moderator', cmsUser::isUserCan('forum/moderate'))->assign('pagination', $pagination)->assign('link', '/forum/' . $user['login'] . '_activity.html')->display('com_forum_user_activity.tpl');
}
////////////////////////////////////////////////////////////////////////////////
if ($do == 'delete_all_user_posts') {
if (!$inUser->id) {
cmsCore::error404();
}
if (!$inUser->is_admin && !cmsUser::isUserCan('forum/moderate')) {
cmsCore::error404();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$user = cmsUser::getShortUserData(cmsCore::request('user_id', 'int', 0));
if (!$user || $user['id'] == $inUser->id) {
cmsCore::error404();
}
$model->deleteAllUserPosts($user['id']);
cmsCore::addSessionMessage($_LANG['ALL_USERPOSTS_ISDELETED'], 'success');
cmsCore::halt();
}
}
function cpListTable($table, $_fields, $_actions, $where='', $orderby='title', $perpage=60) {
global $_LANG;
$page = cmsCore::request('page', 'int', 1);
$sql = 'SELECT *';
$is_actions = sizeof($_actions);
foreach($_fields as $key => $value) {
if (isset($_fields[$key]['fdate'])) {
$sql .= ", DATE_FORMAT(".$_fields[$key]['field'].", '".$_fields[$key]['fdate']."') as `".$_fields[$key]['field']."`" ;
}
}
$sql .= ' FROM '. $table;
if (isset($_SESSION['filter_table']) && $_SESSION['filter_table']!=$table) {
unset($_SESSION['filter']);
}
if (cmsCore::inRequest('nofilter')) {
unset($_SESSION['filter']);
cmsCore::redirect('/admin/index.php?'. cpAddParam($_SERVER['QUERY_STRING'], 'page', 1));
}
$filter = false;
if (cmsCore::inRequest('filter')) {
$filter = cmsCore::request('filter', 'array_str', '');
if (isset($_SESSION['filter']) && $_SESSION['filter'] != $filter) {
$page = 1;
}
$_SESSION['filter'] = $filter;
} else if (isset($_SESSION['filter'])) {
$filter = $_SESSION['filter'];
}
if ($filter) {
$f = 0;
foreach ($filter as $key => $value) {
if (!empty($filter[$key]) && $filter[$key] != -100) {
if (!is_numeric($filter[$key])) {
cmsCore::c('db')->where($key ." LIKE '%" . $filter[$key] ."%'");
} else {
cmsCore::c('db')->where($key ." = '". $filter[$key] ."'");
}
$f++;
}
}
if (!isset($_SESSION['filter'])) { $_SESSION['filter'] = $filter; }
}
if (mb_strlen($where) <= 3) {
$where = '1=1';
}
//Выставляем сортировку выборки данных в БД
$sort = cmsCore::request('sort', 'str', '');
$so = 'asc';
if (empty($sort)) {
if (!empty($orderby)) {
$orderby = trim($orderby);
if (mb_strstr($orderby, ' ')) {
$sorta = explode(' ', $orderby);
$sort = $sorta[0];
foreach ($sorta as $s) {
$s = mb_strtolower(trim($s,' ,'));
if ($s == 'asc' || $s == 'desc') {
$so = $s;
break;
}
}
} else {
$sort = $orderby;
}
cmsCore::c('db')->order_by = 'ORDER BY '. $orderby;
} else {
foreach($_fields as $key => $value) {
if ($_fields[$key]['field'] == 'ordering' && $sort != 'NSLeft') {
$sort = 'ordering';
cmsCore::c('db')->orderBy($sort, $so);
}
}
}
} else {
$so = cmsCore::request('so', array('asc', 'desc'), $so);
cmsCore::c('db')->orderBy($sort, $so);
}
$total = cmsCore::c('db')->rows_count($table, $where .' '. cmsCore::c('db')->where);
cmsCore::c('db')->limitPage($page, $perpage);
$result = cmsCore::c('db')->query(
$sql . "\n" .'WHERE '. $where .' '. cmsCore::c('db')->where . "\n" . (empty(cmsCore::c('db')->order_by) ? '' : cmsCore::c('db')->order_by) .' LIMIT '. cmsCore::c('db')->limit
);
$_SESSION['filter_table'] = $table;
if (cmsCore::c('db')->error()) {
unset($_SESSION['filter']);
cmsCore::redirect('/admin/index.php?'. $_SERVER['QUERY_STRING']);
}
$filters = 0; $f_html = '';
//Find and render filters
foreach($_fields as $key => $value) {
if (isset($_fields[$key]['filter'])) {
$f_html .= '<div class="form-group"><label>'. $_fields[$key]['title'] .': </label>';
$initval = false;
if (isset($filter[$_fields[$key]['field']])) {
$initval = $filter[$_fields[$key]['field']];
}
$inputname = 'filter['.$_fields[$key]['field'].']';
if (!isset($_fields[$key]['filterlist'])) {
$f_html .= '<input type="text" class="form-control" style="margin-right:10px;margin-left:5px;" name="'. $inputname .'" size="'. $_fields[$key]['filter'] .'" value="'. ($initval === false ? '' : $initval) .'" />';
} else {
$f_html .= cpBuildList($inputname, $_fields[$key]['filterlist'], $initval);
}
$f_html .= '</div>';
$filters += 1;
$_SERVER['QUERY_STRING'] = str_replace('filter['.$_fields[$key]['field'].']=', '', $_SERVER['QUERY_STRING']);
}
}
//draw filters
if ($filters > 0) {
echo '<div class="panel panel-default"><div class="panel-body" style="padding:0;">';
echo '<form class="form-inline navbar-form navbar-left" name="filterform" action="index.php?'. $_SERVER['QUERY_STRING'] .'" method="POST" role="search">';
echo '';
echo $f_html;
echo '<button type="submit" class="btn btn-default">'. $_LANG['AD_FILTER'] .'</button>';
if (!empty($f)) {
echo '<button onclick="window.location.href=\'index.php?'. $_SERVER['QUERY_STRING'] .'&nofilter\'; return false;" class="btn btn-default" style="margin-left:10px;">'. $_LANG['AD_ALL'] .'</button>';
}
echo '</form>';
echo '</div></div>';
}
if (cmsCore::c('db')->num_rows($result)) {
//DRAW LIST TABLE
echo '<form name="selform" action="index.php?view='.cmsAdmin::getApplet().'&do=saveorder" method="post">';
echo '<table class="table table-striped tablesorter">';
//TABLE HEADING
echo '<thead>'."\n";
echo '<tr>'."\n";
echo '<th width="20" class="lt_header" style="vertical-align:middle;"><a class="lt_header_link" href="javascript:invert();" title="'.$_LANG['AD_INVERT_SELECTION'].'">#</a></th>'. "\n";
foreach($_fields as $key => $value) {
echo '<th width="'.$_fields[$key]['width'].'" class="lt_header'. (is_array($_fields[$key]['field']) ? '' : ' header') .' '. ($_fields[$key]['field'] == $sort ? ( $so == 'asc' ? 'headerSortDown' : 'headerSortUp' ) : '') .'" style="vertical-align:middle;">';
if (!is_array($_fields[$key]['field'])) {
echo '<a href="index.php?'. cpAddParam($_SERVER['QUERY_STRING'], array( 0 => 'sort', 1 => 'so'), array( 0 => $_fields[$key]['field'], 1 => ($so == 'asc' ? 'desc' : 'asc'))) .'">'. $_fields[$key]['title'] .'</a>';
} else {
echo $_fields[$key]['title'];
}
echo '</th>'. "\n";
}
if ($is_actions) {
echo '<th width="80" class="lt_header" style="vertical-align:middle;">'.$_LANG['AD_ACTIONS'].'</th>'. "\n";
}
echo '</tr>'."\n";
echo '</thead><tbody>'."\n";
//TABLE BODY
$r = 0;
while ($item = cmsCore::c('db')->fetch_assoc($result)) {
$r++;
if ($r % 2) { $row_class = 'lt_row1'; } else { $row_class = 'lt_row2'; }
echo '<tr id="'. $row_class .'">'."\n";
echo '<td class="'.$row_class.'" align="center" valign="middle"><input type="checkbox" name="item[]" value="'.$item['id'].'" /></td>'. "\n";
foreach($_fields as $key => $value) {
if (isset($_fields[$key]['link'])) {
$link = str_replace('%id%', $item['id'], $_fields[$key]['link']);
if (isset($_fields[$key]['prc'])) {
// функция обработки под названием $_fields[$key]['prc']
// какие параметры передать функции - один ключ или произвольный массив ключей
if (is_array($_fields[$key]['field'])) {
foreach ($_fields[$key]['field'] as $func_field) {
$in_func_array[$func_field] = $item[$func_field];
}
$data = call_user_func($_fields[$key]['prc'], $in_func_array);
} else {
$data = call_user_func($_fields[$key]['prc'], $item[$_fields[$key]['field']]);
}
} else {
$data = $item[$_fields[$key]['field']];
if (isset($_fields[$key]['maxlen'])) {
if (mb_strlen($data) > $_fields[$key]['maxlen']) {
$data = mb_substr($data, 0, $_fields[$key]['maxlen']).'...';
}
}
}
//nested sets otstup
if (isset($item['NSLevel']) && ($_fields[$key]['field']=='title' || (is_array($_fields[$key]['field']) && in_array('title', $_fields[$key]['field'])))) {
$otstup = str_repeat(' ', ($item['NSLevel']-1));
if ($item['NSLevel']-1 > 0) { $otstup .= ' » '; }
} else { $otstup = ''; }
if ($table != 'cms_components') {
echo '<td class="'.$row_class.'" valign="middle">'.$otstup.'<a class="lt_link" href="'.$link.'">'.$data.'</a></td>'. "\n";
} else {
$data = function_exists('cpComponentHasConfig') && cpComponentHasConfig($item['link']) ?
'<a class="lt_link" href="'.$link.'">'.$data.'</a>' :
$data;
echo '<td class="'.$row_class.'" valign="middle">
<span class="lt_link" style="padding:1px; padding-left:24px; background:url(/admin/images/components/'.$item['link'].'.png) no-repeat">'.$data.'</span>
</td>'. "\n";
}
} else {
if ($_fields[$key]['field'] != 'ordering') {
if ($_fields[$key]['field'] == 'published') {
if (isset($_fields[$key]['do'])) { $do = $_fields[$key]['do']; } else { $do = 'do'; }
if (isset($_fields[$key]['do_suffix'])) { $dos = $_fields[$key]['do_suffix']; $ids = 'item_id'; } else { $dos = ''; $ids = 'id'; }
if ($item['published']) {
$qs = cpAddParam($_SERVER['QUERY_STRING'], $do, 'hide'.$dos);
$qs = cpAddParam($qs, $ids, $item['id']);
$qs2 = cpAddParam($_SERVER['QUERY_STRING'], $do, 'show'.$dos);
$qs2 = cpAddParam($qs2, $ids, $item['id']);
$qs = "pub(".$item['id'].", '".$qs."', '".$qs2."', 'off', 'on');";
echo '<td class="'.$row_class.'" valign="middle">
<a title="'.$_LANG['HIDE'].'" class="uittip" id="publink'.$item['id'].'" href="javascript:'.$qs.'"><img id="pub'.$item['id'].'" src="images/actions/on.gif" border="0"/></a>
</td>'. "\n";
} else {
$qs = cpAddParam($_SERVER['QUERY_STRING'], $do, 'show'.$dos);
$qs = cpAddParam($qs, $ids, $item['id']);
$qs2 = cpAddParam($_SERVER['QUERY_STRING'], $do, 'hide'.$dos);
$qs2 = cpAddParam($qs2, $ids, $item['id']);
$qs = "pub(".$item['id'].", '".$qs."', '".$qs2."', 'on', 'off');";
echo '<td class="'.$row_class.'" valign="middle">
<a title="'.$_LANG['SHOW'].'" class="uittip" id="publink'.$item['id'].'" href="javascript:'.$qs.'"><img id="pub'.$item['id'].'" src="images/actions/off.gif" border="0"/></a>
</td>'. "\n";
}
} else {
if (isset($_fields[$key]['prc'])) {
// функция обработки под названием $_fields[$key]['prc']
// какие параметры передать функции - один ключ или произвольный массив ключей
if (is_array($_fields[$key]['field'])) {
foreach ($_fields[$key]['field'] as $func_field) {
$in_func_array[$func_field] = $item[$func_field];
}
$data = call_user_func($_fields[$key]['prc'], $in_func_array);
} else {
$data = call_user_func($_fields[$key]['prc'], $item[$_fields[$key]['field']]);
}
if (is_array($data) && isset($data['link'])) {
$data = str_replace('%id%', $item['id'], $data['link']);
}
} else {
$data = $item[$_fields[$key]['field']];
if (isset($_fields[$key]['maxlen'])) {
if (mb_strlen($data)>$_fields[$key]['maxlen']) {
$data = mb_substr($data, 0, $_fields[$key]['maxlen']).'...';
}
}
}
//nested sets otstup
if (isset($item['NSLevel']) && ($_fields[$key]['field'] == 'title' || (is_array($_fields[$key]['field']) && in_array('title', $_fields[$key]['field'])))) {
$otstup = str_repeat(' ', ($item['NSLevel']-1));
if ($item['NSLevel']-1 > 0) { $otstup .= ' » '; }
} else { $otstup = ''; }
echo '<td class="'.$row_class.'" valign="middle">'.$otstup.$data.'</td>'. "\n";
}
} else {
if (isset($_fields[$key]['do'])) { $do = 'do=config&id='.(int)$_REQUEST['id'].'&'.$_fields[$key]['do']; } else { $do = 'do'; }
if (isset($_fields[$key]['do_suffix'])) { $dos = $_fields[$key]['do_suffix']; $ids = 'item_id'; } else { $dos = ''; $ids = 'id'; }
echo '<td class="'.$row_class.'" valign="middle">
<a title="'.$_LANG['AD_DOWN'].'" href="?view='.cmsAdmin::getApplet().'&'.$do.'=move_down&co='.$item[$_fields[$key]['field']].'&'.$ids.'='.$item['id'].'"><img src="images/actions/down.gif" border="0"/></a>';
if ($table != 'cms_menu' && $table != 'cms_category'){
echo '<input class="lt_input" type="text" size="4" name="ordering[]" value="'.$item['ordering'].'" />';
echo '<input name="ids[]" type="hidden" value="'.$item['id'].'" />';
} else {
echo '<input class="lt_input" type="text" size="4" name="ordering[]" value="'.$item['ordering'].'" disabled/>';
}
echo '<a title="'.$_LANG['AD_UP'].'" href="?view='.cmsAdmin::getApplet().'&'.$do.'=move_up&co='.$item[$_fields[$key]['field']].'&'.$ids.'='.$item['id'].'"><img src="images/actions/top.gif" border="0"/></a>'.
'</td>'. "\n";
}
}
}
if ($is_actions) {
echo '<td width="110" class="'.$row_class.'" align="right" valign="middle"><div style="padding-right:8px">';
foreach($_actions as $action) {
if (isset($action['condition'])) {
$print = $action['condition']($item);
} else {
$print = true;
}
if ($print) {
$icon = $action['icon'];
$title = $action['title'];
$link = $action['link'];
foreach($item as $f=>$v) {
$link = str_replace('%'.$f.'%', $v, $link);
}
if (!isset($action['confirm'])) {
echo '<a href="'. $link .'" class="uittip" title="'. $title .'"'. (isset($action['target']) ? ' target="'. $action['target'] .'"' : '') .'><img hspace="2" src="images/actions/'. $icon .'" border="0" alt="'. $title .'"/></a>';
} else {
echo '<a href="#" class="uittip" onclick="jsmsg(\''. $action['confirm'] .'\', \''. $link .'\')" title="'. $title .'"><img hspace="2" src="images/actions/'. $icon .'" border="0" alt="'. $title .'"/></a>';
}
}
}
echo '</div></td>'. "\n";
}
echo '</tr>'."\n";
}
echo '</tbody></table></form>';
echo '<style>tr#lt_row2{ background:#eeeeee !important; } tr#lt_row1:hover td,tr#lt_row2:hover{ background:#cccccc !important; }</style>';
echo '<script type="text/javascript">trClickChecked();</script>';
$link = '?view='. cmsAdmin::getApplet();
if ($sort) {
$link .= '&sort='.$sort;
if (cmsCore::inRequest('so')) { $link .= '&so='.cmsCore::request('so'); }
}
echo cmsPage::getPagebar($total, $page, $perpage, $_SERVER['PHP_SELF'] .'?'. cpAddParam($_SERVER['QUERY_STRING'], 'page', '%page%'));
} else {
echo '<p class="cp_message">'.$_LANG['OBJECTS_NOT_FOUND'].'</p>';
}
}
function cpListTable($table, $_fields, $_actions, $where = '', $orderby = 'title', $perpage = 60)
{
global $_LANG;
$page = cmsCore::request('page', 'int', 1);
$sql = 'SELECT *';
$is_actions = sizeof($_actions);
foreach ($_fields as $key => $value) {
if (isset($_fields[$key]['fdate'])) {
$sql .= ", DATE_FORMAT(" . $_fields[$key]['field'] . ", '" . $_fields[$key]['fdate'] . "') as `" . $_fields[$key]['field'] . "`";
}
}
$sql .= ' FROM ' . $table;
if (isset($_SESSION['filter_table']) && $_SESSION['filter_table'] != $table) {
unset($_SESSION['filter']);
}
if (cmsCore::inRequest('nofilter')) {
unset($_SESSION['filter']);
cmsCore::redirect('/admin/index.php?' . cpAddParam($_SERVER['QUERY_STRING'], 'page', 1));
}
$filter = false;
if (cmsCore::inRequest('filter')) {
$filter = cmsCore::request('filter', 'array_str', '');
if (isset($_SESSION['filter']) && $_SESSION['filter'] != $filter) {
$page = 1;
}
$_SESSION['filter'] = $filter;
} else {
if (isset($_SESSION['filter'])) {
$filter = $_SESSION['filter'];
}
}
if ($filter) {
$f = 0;
foreach ($filter as $key => $value) {
if (!empty($filter[$key]) && $filter[$key] != -100) {
if (!is_numeric($filter[$key])) {
cmsCore::c('db')->where($key . " LIKE '%" . $filter[$key] . "%'");
} else {
cmsCore::c('db')->where($key . " = '" . $filter[$key] . "'");
}
$f++;
}
}
if (!isset($_SESSION['filter'])) {
$_SESSION['filter'] = $filter;
}
}
if (mb_strlen($where) <= 3) {
$where = '1=1';
}
//Выставляем сортировку выборки данных в БД
$sort = cmsCore::request('sort', 'str', '');
$so = 'asc';
if (empty($sort)) {
if (!empty($orderby)) {
$orderby = trim($orderby);
if (mb_strstr($orderby, ' ')) {
$sorta = explode(' ', $orderby);
$sort = $sorta[0];
foreach ($sorta as $s) {
$s = mb_strtolower(trim($s, ' ,'));
if ($s == 'asc' || $s == 'desc') {
$so = $s;
break;
}
}
} else {
$sort = $orderby;
}
cmsCore::c('db')->order_by = 'ORDER BY ' . $orderby;
} else {
foreach ($_fields as $key => $value) {
if ($_fields[$key]['field'] == 'ordering' && $sort != 'NSLeft') {
$sort = 'ordering';
cmsCore::c('db')->orderBy($sort, $so);
}
}
}
} else {
$so = cmsCore::request('so', array('asc', 'desc'), $so);
cmsCore::c('db')->orderBy($sort, $so);
}
$total = cmsCore::c('db')->rows_count($table, $where . ' ' . cmsCore::c('db')->where);
cmsCore::c('db')->limitPage($page, $perpage);
$result = cmsCore::c('db')->query($sql . "\n" . 'WHERE ' . $where . ' ' . cmsCore::c('db')->where . "\n" . (empty(cmsCore::c('db')->order_by) ? '' : cmsCore::c('db')->order_by) . ' LIMIT ' . cmsCore::c('db')->limit);
$_SESSION['filter_table'] = $table;
if (cmsCore::c('db')->error()) {
unset($_SESSION['filter']);
cmsCore::redirect('/admin/index.php?' . $_SERVER['QUERY_STRING']);
}
$lt_form_field = cmsCore::c('page')->initTemplate('special', 'list_table_filter')->fetch();
$filters = 0;
$f_html = '';
//Find and render filters
foreach ($_fields as $key => $value) {
if (isset($_fields[$key]['filter'])) {
$f_html .= str_replace('%title%', $_fields[$key]['title'], $lt_form_field);
$initval = false;
if (isset($filter[$_fields[$key]['field']])) {
$initval = $filter[$_fields[$key]['field']];
}
$inputname = 'filter[' . $_fields[$key]['field'] . ']';
if (!isset($_fields[$key]['filterlist'])) {
$f_html .= str_replace('%field%', '<input type="text" class="form-control" name="' . $inputname . '" size="' . $_fields[$key]['filter'] . '" value="' . ($initval === false ? '' : $initval) . '" />', $f_html);
} else {
$f_html .= str_replace('%field%', cpBuildList($inputname, $_fields[$key]['filterlist'], $initval), $f_html);
}
$filters += 1;
$_SERVER['QUERY_STRING'] = str_replace('filter[' . $_fields[$key]['field'] . ']=', '', $_SERVER['QUERY_STRING']);
}
}
foreach ($_fields as $key => $value) {
if (!is_array($_fields[$key]['field'])) {
$_fields[$key]['sort_link'] = 'index.php?' . cpAddParam($_SERVER['QUERY_STRING'], array(0 => 'sort', 1 => 'so'), array(0 => $_fields[$key]['field'], 1 => $so == 'asc' ? 'desc' : 'asc'));
}
}
$items = $actions = array();
if (cmsCore::c('db')->num_rows($result)) {
while ($item = cmsCore::c('db')->fetch_assoc($result)) {
$itms = array();
foreach ($_fields as $key => $value) {
$it = array();
if (isset($_fields[$key]['link'])) {
$it['type'] = 'link';
$it['link'] = str_replace('%id%', $item['id'], $_fields[$key]['link']);
if (isset($_fields[$key]['prc'])) {
// функция обработки под названием $_fields[$key]['prc']
// какие параметры передать функции - один ключ или произвольный массив ключей
if (is_array($_fields[$key]['field'])) {
foreach ($_fields[$key]['field'] as $func_field) {
$in_func_array[$func_field] = $item[$func_field];
}
$it['title'] = call_user_func($_fields[$key]['prc'], $in_func_array);
} else {
$it['title'] = call_user_func($_fields[$key]['prc'], $item[$_fields[$key]['field']]);
}
} else {
$it['title'] = $item[$_fields[$key]['field']];
if (isset($_fields[$key]['maxlen'])) {
if (mb_strlen($it['title']) > $_fields[$key]['maxlen']) {
$it['title'] = mb_substr($it['title'], 0, $_fields[$key]['maxlen']) . '...';
}
}
}
//nested sets otstup
if (isset($item['NSLevel']) && ($_fields[$key]['field'] == 'title' || is_array($_fields[$key]['field']) && in_array('title', $_fields[$key]['field']))) {
$otstup = str_repeat(' ', $item['NSLevel'] - 1);
if ($item['NSLevel'] - 1 > 0) {
$otstup .= ' » ';
}
} else {
$otstup = '';
}
$it['otstup'] = $otstup;
if ($table == 'cms_components') {
if (!function_exists('cpComponentHasConfig') || !cpComponentHasConfig($item['link'])) {
unset($it['link']);
}
$it['icon'] = '/admin/images/components/' . $item['link'] . '.png';
}
} else {
if ($_fields[$key]['field'] != 'ordering') {
if ($_fields[$key]['field'] == 'published' || isset($_fields[$key]['published'])) {
$it['type'] = 'published';
if (isset($_fields[$key]['do'])) {
$do = $_fields[$key]['do'];
} else {
$do = 'do';
}
if (isset($_fields[$key]['do_suffix'])) {
$dos = $_fields[$key]['do_suffix'];
$ids = 'item_id';
} else {
$dos = '';
$ids = 'id';
}
if ($item[$_fields[$key]['field']]) {
$qs = cpAddParam($_SERVER['QUERY_STRING'], $do, 'hide' . $dos);
$qs = cpAddParam($qs, $ids, $item['id']);
$qs2 = cpAddParam($_SERVER['QUERY_STRING'], $do, 'show' . $dos);
$qs2 = cpAddParam($qs2, $ids, $item['id']);
$it['link'] = "javascript:pub(" . $item['id'] . ", '" . $qs . "', '" . $qs2 . "', 'off', 'on');";
$it['icon'] = 'images/actions/on.gif';
$it['title'] = $_LANG['HIDE'];
} else {
$qs = cpAddParam($_SERVER['QUERY_STRING'], $do, 'show' . $dos);
$qs = cpAddParam($qs, $ids, $item['id']);
$qs2 = cpAddParam($_SERVER['QUERY_STRING'], $do, 'hide' . $dos);
$qs2 = cpAddParam($qs2, $ids, $item['id']);
$it['link'] = "javascript:pub(" . $item['id'] . ", '" . $qs . "', '" . $qs2 . "', 'on', 'off');";
$it['icon'] = 'images/actions/off.gif';
$it['title'] = $_LANG['SHOW'];
}
} else {
$it['type'] = 'default';
if (isset($_fields[$key]['prc'])) {
// функция обработки под названием $_fields[$key]['prc']
// какие параметры передать функции - один ключ или произвольный массив ключей
if (is_array($_fields[$key]['field'])) {
foreach ($_fields[$key]['field'] as $func_field) {
$in_func_array[$func_field] = $item[$func_field];
}
$it['title'] = call_user_func($_fields[$key]['prc'], $in_func_array);
} else {
$it['title'] = call_user_func($_fields[$key]['prc'], $item[$_fields[$key]['field']]);
}
if (is_array($it['title']) && isset($it['title']['link'])) {
$it['title'] = str_replace('%id%', $item['id'], $it['title']['link']);
}
} else {
$it['title'] = $item[$_fields[$key]['field']];
if (isset($_fields[$key]['maxlen'])) {
if (mb_strlen($it['title']) > $_fields[$key]['maxlen']) {
$it['title'] = mb_substr($it['title'], 0, $_fields[$key]['maxlen']) . '...';
}
}
}
//nested sets otstup
if (isset($item['NSLevel']) && ($_fields[$key]['field'] == 'title' || is_array($_fields[$key]['field']) && in_array('title', $_fields[$key]['field']))) {
$otstup = str_repeat(' ', $item['NSLevel'] - 1);
if ($item['NSLevel'] - 1 > 0) {
$otstup .= ' » ';
}
} else {
$otstup = '';
}
$it['otstup'] = $otstup;
}
} else {
$it['type'] = 'ordering';
if (isset($_fields[$key]['do'])) {
$do = 'do=config&id=' . (int) $_REQUEST['id'] . '&' . $_fields[$key]['do'];
} else {
$do = 'do';
}
if (isset($_fields[$key]['do_suffix'])) {
$dos = $_fields[$key]['do_suffix'];
$ids = 'item_id';
} else {
$dos = '';
$ids = 'id';
}
$it['link_down'] = '?view=' . cmsAdmin::getApplet() . '&' . $do . '=move_down&co=' . $item[$_fields[$key]['field']] . '&' . $ids . '=' . $item['id'];
$it['link_up'] = '?view=' . cmsAdmin::getApplet() . '&' . $do . '=move_up&co=' . $item[$_fields[$key]['field']] . '&' . $ids . '=' . $item['id'];
$it['value'] = $item['ordering'];
}
}
$itms[] = $it;
}
if ($is_actions) {
$actions[$item['id']] = array();
foreach ($_actions as $action) {
if (isset($action['condition'])) {
$print = $action['condition']($item);
} else {
$print = true;
}
if ($print) {
$icon = $action['icon'];
$title = $action['title'];
$link = $action['link'];
foreach ($item as $f => $v) {
$link = str_replace('%' . $f . '%', $v, $link);
if (isset($action['confirm'])) {
$action['confirm'] = str_replace('%' . $f . '%', $v, $action['confirm']);
}
}
$acts = array('link' => $link, 'title' => $title, 'icon' => 'images/actions/' . $icon, 'target' => isset($action['target']) ? $action['target'] : false);
if (isset($action['confirm'])) {
$acts['link'] = "javascript:jsmsg('" . $action['confirm'] . "', '" . $link . "');";
}
$actions[$item['id']][] = $acts;
}
}
}
$items[$item['id']] = $itms;
}
$link = '?view=' . cmsAdmin::getApplet();
if ($sort) {
$link .= '&sort=' . $sort;
if (cmsCore::inRequest('so')) {
$link .= '&so=' . cmsCore::request('so');
}
}
}
cmsCore::c('page')->initTemplate('special', 'list_table')->assign('applet', cmsAdmin::getApplet())->assign('filters', $filters)->assign('f_html', $f_html)->assign('f', $f)->assign('query_str', $_SERVER['QUERY_STRING'])->assign('sort', $sort)->assign('so', $so)->assign('actions', $actions)->assign('table', $table)->assign('fields', $_fields)->assign('items', $items)->display();
echo cmsPage::getPagebar($total, $page, $perpage, $_SERVER['PHP_SELF'] . '?' . cpAddParam($_SERVER['QUERY_STRING'], 'page', '%page%'));
}
$page_title = $_LANG['NOTICES'];
$show_notice = true;
$inDB->where("m.to_id = '{$id}'");
$msg_count = $model->getMessagesCount($show_notice);
$pagebar = cmsPage::getPagebar($msg_count, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/messages-notices%page%.html\')');
break;
case 'history':
if ($whith_id) {
$with_usr = cmsUser::getShortUserData($whith_id);
if (!$with_usr) {
cmsCore::error404();
}
$page_title = $_LANG['MESSEN_WITH'] . ' ' . $with_usr['nickname'];
$inDB->addJoin("INNER JOIN cms_user_msg m ON m.from_id = u.id AND\n m.from_id IN ({$id}, {$with_usr['id']}) AND\n m.to_id IN ({$id}, {$with_usr['id']}) AND\n m.from_del = 0 AND m.to_del = 0");
$msg_count = $model->getMessagesCount();
$pagebar = cmsPage::getPagebar($msg_count, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/messages-history' . $with_usr['id'] . '-%page%.html\')');
} else {
$page_title = $_LANG['DIALOGS'];
$msg_count = 0;
}
break;
default:
return;
}
$inDB->orderBy('m.id', 'DESC');
$inDB->limitPage($page, $perpage);
$records = $msg_count ? $model->getMessages($show_notice) : array();
$inDB->resetConditions();
if ($new_msg['messages'] && $opt == 'in') {
$model->markAsReadMessage($id, $perpage);
}
<?php
define('PATH', $_SERVER['DOCUMENT_ROOT']);
include(PATH.'/core/ajax/ajax_core.php');
if (!$inUser->is_admin) { cmsCore::halt(); }
cmsCore::c('actions')->showTargets(true);
$total = cmsCore::c('actions')->getCountActions();
$page = cmsCore::request('page', 'int', 1);
cmsCore::c('db')->limitPage($page, 10);
$actions = cmsCore::c('actions')->getActionsLog();
$pagebar = cmsPage::getPagebar($total, $page, 10, '#" onclick="$.post(\'/admin/ajax/getActions.php\', \'page=%page%\', function(m){ $(\'#actions\').html(m); }); return false');
$tpl_file = 'admin/actions.php';
$tpl_dir = file_exists(TEMPLATE_DIR . $tpl_file) ? TEMPLATE_DIR : DEFAULT_TEMPLATE_DIR;
include($tpl_dir . $tpl_file);
/**
* Возвращает html стены пользователя
* @param int $selected
* @param array $exclude
* @return html
*/
public static function getUserWall($target_id, $component = 'users', $my_profile = 0, $is_admin = 0)
{
$inDB = cmsDatabase::getInstance();
$inUser = self::getInstance();
cmsCore::loadLanguage('components/' . $component);
if (!$my_profile && !$is_admin) {
$my_profile = $inUser->is_admin;
}
$records = array();
//получаем общее число записей на стене этого пользователя
$total = $inDB->rows_count('cms_user_wall', "user_id = '{$target_id}' AND usertype = '{$component}'");
if ($total) {
$sql = "SELECT w.*, g.gender, g.imageurl, u.nickname as author, u.login as author_login, u.is_deleted, w.pubdate\n FROM cms_user_wall w\n\t\t\t\t\tINNER JOIN cms_users u ON u.id = w.author_id\n\t\t\t\t\tINNER JOIN cms_user_profiles g ON g.user_id = u.id\n WHERE w.user_id = '{$target_id}' AND w.usertype = '{$component}'\n ORDER BY w.pubdate DESC\n";
if ($inDB->limit) {
$sql .= "LIMIT {$inDB->limit}";
}
$result = $inDB->query($sql);
$inDB->resetConditions();
while ($record = $inDB->fetch_assoc($result)) {
$record['is_today'] = time() - strtotime($record['pubdate']) < 86400;
$record['fpubdate'] = $record['is_today'] ? cmsCore::dateDiffNow($record['pubdate']) : cmsCore::dateFormat($record['pubdate']);
$record['avatar'] = cmsUser::getUserAvatarUrl($record['author_id'], 'small', $record['imageurl'], $record['is_deleted']);
$records[] = $record;
}
$records = cmsCore::callEvent('GET_WALL_POSTS', $records);
}
ob_start();
cmsPage::initTemplate('components', 'com_users_wall')->assign('records', $records)->assign('user_id', $inUser->id)->assign('target_id', $target_id)->assign('my_profile', $my_profile)->assign('is_admin', $is_admin)->assign('component', $component)->assign('total', $total)->assign('pagebar', cmsPage::getPagebar($total, $inDB->page, $inDB->perpage, 'javascript:wallPage(%page%)'))->display('com_users_wall.tpl');
return ob_get_clean();
}
function board() {
$inCore = cmsCore::getInstance();
global $_LANG;
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
$do = $inCore->do;
$pagetitle = $inCore->getComponentTitle();
$pagekeys = $pagedesc = '';
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->addPathway($pagetitle, '/board');
/////////////////////////////// VIEW CATEGORY //////////////////////////////////
if ($do == 'view') {
//Получаем текущую категорию
$category = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id);
if (!$category || (!$category['published'] && !cmsCore::c('user')->is_admin)) {
cmsCore::error404();
}
if ($category['id'] != cmsCore::m('board')->root_cat['id']) {
$pagetitle = $category['pagetitle'] ? $category['pagetitle'] : $category['title'];
$pagekeys = $category['meta_keys'];
$pagedesc = $category['meta_desc'];
$category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $category['NSLeft'], $category['NSRight']);
if ($category_path) {
foreach($category_path as $pcat) {
cmsCore::c('page')->addPathway($pcat['title'], '/board/'. $pcat['id']);
}
}
} else {
$category['title'] = $pagetitle = $inCore->menuTitle();
$category['description'] = cmsCore::m('board')->config['root_description'];
$pagekeys = cmsCore::m('board')->config['meta_keys'];
$pagedesc = cmsCore::m('board')->config['meta_desc'];
}
// rss в адресной строке
$rss_cat_id = $category['id'] == cmsCore::m('board')->root_cat['id'] ? 'all' : $category['id'];
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'. $_LANG['BOARD'] .'" href="'. HOST .'/rss/board/'. $rss_cat_id .'/feed.rss">');
//Формируем категории
$cats = cmsCore::m('board')->getSubCats($category['id']);
// Формируем список объявлений
// Устанавливаем категорию
if ($category['id'] != cmsCore::m('board')->root_cat['id']) {
cmsCore::m('board')->whereThisAndNestedCats($category['NSLeft'], $category['NSRight']);
}
//Город
if (cmsCore::m('board')->city) {
cmsCore::m('board')->whereCityIs(cmsCore::m('board')->city);
$pagetitle .= ' :: '. cmsCore::m('board')->city;
}
// Типы объявлений
if (cmsCore::m('board')->obtype && mb_stristr(icms_ucfirst($category['obtypes']), cmsCore::m('board')->obtype)) {
cmsCore::m('board')->whereTypeIs(cmsCore::m('board')->obtype);
$pagetitle .= ' :: '. cmsCore::m('board')->obtype;
}
// модератор или админ
$is_moder = cmsCore::c('user')->is_admin || cmsCore::m('board')->is_moderator_by_group;
// Общее количество объявлений по заданным выше условиям
$total = cmsCore::m('board')->getAdvertsCount($is_moder, true);
//устанавливаем сортировку
$orderby = cmsCore::m('board')->getOrder('orderby', $category['orderby']);
$orderto = cmsCore::m('board')->getOrder('orderto', $category['orderto']);
cmsCore::c('db')->orderBy('is_vip DESC, '. $orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во объявлений на странице
cmsCore::c('db')->limitPage(cmsCore::m('board')->page, $category['perpage']);
// Получаем объявления
$items = cmsCore::m('board')->getAdverts($is_moder, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if (!$items && cmsCore::m('board')->page > 1) { cmsCore::error404(); }
// если не указаны ключевые слова, формируем их из названий рубрик и типов
if (!$pagekeys && $cats) {
foreach($cats as $c) {
$keys[] = $c['title'];
foreach (explode("\n", $c['obtypes']) as $obtype) {
$keys[] = trim($obtype);
}
}
$pagekeys = implode(',', $keys);
} else if(!$cats) {
$pagekeys = $category['title'];
}
// если не указано описание, формируем из текущих объявлений
if (!$pagedesc && $items) {
foreach ($items as $i) {
$desc[] = $i['title'];
}
$pagedesc = implode('. ', $desc);
} else if(!$items && $category['description']) {
$pagedesc = crop($category['description']);
}
// Проставляем заголовки страницы и описание согласно выборки
cmsCore::c('page')->setDescription(crop($pagedesc));
cmsCore::c('page')->setKeywords($pagekeys);
cmsCore::c('page')->setTitle($pagetitle);
// Отдаем в шаблон категории
cmsPage::initTemplate('components', 'com_board_cats')->
assign('cats', $cats)->
assign('category', $category)->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('is_user', cmsCore::c('user')->id)->
assign('maxcols', cmsCore::m('board')->config['maxcols'])->
display();
$pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, $category['perpage'], '/board/%catid%-%page%', array('catid'=>$category['id']));
$order_form = $category['orderform'] ? cmsCore::m('board')->orderForm($orderby, $orderto, $category) : '';
// Отдаем в шаблон объявления
cmsPage::initTemplate('components', 'com_board_items')->
assign('order_form', $order_form)->
assign('cfg', cmsCore::m('board')->config)->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('items', $items)->
assign('cat', $category)->
assign('maxcols', $category['maxcols'])->
assign('colwidth', round(100/$category['maxcols']))->
assign('pagebar', $pagebar)->
display();
}
/////////////////////////////// VIEW USER ADV //////////////////////////////////
if ($do == 'by_user') {
// логин пользователя
$login = cmsCore::request('login', 'str', cmsCore::c('user')->login);
// получаем данные пользователя
$user = cmsUser::getShortUserData($login);
if (!$user) { cmsCore::error404(); }
$myprofile = cmsCore::m('board')->checkAccess($user['id']);
cmsCore::c('page')->addPathway($user['nickname']);
cmsCore::c('page')->setTitle($_LANG['BOARD'] .' - '. $user['nickname']);
cmsCore::c('page')->setDescription($_LANG['BOARD'] .' - '. $user['nickname']);
// Формируем список объявлений
cmsCore::m('board')->whereUserIs($user['id']);
// Общее количество объявлений по заданным выше условиям
$total = cmsCore::m('board')->getAdvertsCount($myprofile);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('pubdate', 'DESC');
//устанавливаем номер текущей страницы и кол-во объявлений на странице
cmsCore::c('db')->limitPage(cmsCore::m('board')->page, 15);
// Получаем объявления
$items = cmsCore::m('board')->getAdverts($myprofile, true, false, true);
// Если объявлений на странице большей чем 1 нет, 404
if(!$items && cmsCore::m('board')->page > 1){ cmsCore::error404(); }
// Пагинация
$pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, 15, '/board/by_user_'.$login.'/page-%page%');
// Показываем даты
$category['showdate'] = 1;
cmsPage::initTemplate('components', 'com_board_items')->
assign('cfg', cmsCore::m('board')->config)->
assign('page_title', $_LANG['BOARD'].' - '.$user['nickname'])->
assign('root_id', cmsCore::m('board')->root_cat['id'])->
assign('items', $items)->
assign('cat', $category)->
assign('maxcols', 1)->
assign('colwidth', 100)->
assign('pagebar', $pagebar)->
display();
}
/////////////////////////////// VIEW ITEM //////////////////////////////////////
if ($do == 'read') {
// получаем объявление
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
// неопубликованные показываем админам, модераторам и автору
if (!$item['published'] && !$item['moderator']) { cmsCore::error404(); }
// для неопубликованного показываем инфо: просрочено/на модерации
if (!$item['published']) {
$info_text = $item['is_overdue'] ? $_LANG['ADV_IS_EXTEND'] : $_LANG['ADV_IS_MODER'];
cmsCore::addSessionMessage($info_text, 'info');
} else {
// увеличиваем кол-во просмотров
cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'hits', $item['hits']+1);
}
// формируем заголовок и тело сообщения
$item['title'] = $item['obtype'].' '.$item['title'];
$item['content'] = nl2br($item['content']);
$item['content'] = cmsCore::m('board')->config['auto_link'] ? $inCore->parseSmiles($item['content']) : $item['content'];
$category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $item['NSLeft'], $item['NSRight']);
if ($category_path) {
foreach ($category_path as $pcat) {
cmsCore::c('page')->addPathway($pcat['title'], '/board/'.$pcat['id']);
}
}
cmsCore::c('page')->addPathway($item['title']);
$pagetitle = $item['pagetitle'] ? $item['pagetitle'] : $item['title'];
$pagekeys = $item['meta_keys'] ? $item['meta_keys'] : $item['title'];
$pagedesc = $item['meta_desc'] ? $item['meta_desc'] : $item['content'];
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->setDescription(crop($pagedesc));
cmsCore::c('page')->setKeywords($pagekeys);
cmsPage::initTemplate('components', 'com_board_item')->
assign('item', $item)->
assign('cfg', cmsCore::m('board')->config)->
assign('user_id', cmsCore::c('user')->id)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('formsdata', cmsForm::getFieldsValues($item['form_id'], $item['form_array']))->
assign('is_moder', cmsCore::m('board')->is_moderator_by_group)->
display();
}
/////////////////////////////// NEW BOARD ITEM /////////////////////////////////
if ($do == 'additem') {
// Получаем категории, в которые может загружать пользователь
$catslist = cmsCore::m('board')->getPublicCats(cmsCore::m('board')->category_id);
if (!$catslist) {
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV_ANY'], 'error');
$inCore->redirect('/board');
}
$cat['is_photos'] = 1;
$formsdata = array();
if (cmsCore::m('board')->category_id && cmsCore::m('board')->category_id != cmsCore::m('board')->root_cat['id']) {
$cat = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id);
$formsdata = cmsForm::getFieldsHtml($cat['form_id']);
}
cmsCore::c('page')->addPathway($_LANG['ADD_ADV']);
if ( !cmsCore::inRequest('submit') ) {
if (IS_BILLING) { cmsBilling::checkBalance('board', 'add_item'); }
cmsCore::c('page')->setTitle($_LANG['ADD_ADV']);
$item = cmsUser::sessionGet('item');
if ($item) { cmsUser::sessionDel('item'); }
$item['city'] = !empty($item['city']) ? $item['city'] : cmsCore::c('user')->city;
cmsPage::initTemplate('components', 'com_board_edit')->
assign('action', "/board/add.html")->
assign('form_do', 'add')->
assign('cfg', cmsCore::m('board')->config)->
assign('cat', $cat)->
assign('item', $item)->
assign('pagetitle', $_LANG['ADD_ADV'])->
assign('formsdata', $formsdata)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('is_user', cmsCore::c('user')->id)->
assign('catslist', $catslist)->
assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)->
display();
cmsUser::sessionClearAll();
return;
}
if ( cmsCore::inRequest('submit') ) {
// проверяем на заполненость скрытое поле
$title_fake = cmsCore::request('title_fake', 'str', '');
// если оно заполнено, считаем что это бот, 404
if ($title_fake) { cmsCore::error404(); }
$errors = false;
// проверяем наличие категории
if (!$cat['id']) {
cmsCore::addSessionMessage($_LANG['NEED_CAT_ADV'], 'error');
$errors = true;
}
// Проверяем количество добавленных за сутки
if (!cmsCore::m('board')->checkLoadedByUser24h($cat)){
cmsCore::addSessionMessage($_LANG['MAX_VALUE_OF_ADD_ADV'], 'error');
$errors = true;
}
// Можем ли добавлять в эту рубрику
if (!cmsCore::m('board')->checkAdd($cat)){
cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV'], 'error');
$errors = true;
}
// входные данные
$obtype = icms_ucfirst(cmsCore::request('obtype', 'str', ''));
$title = trim(str_ireplace($obtype, '', cmsCore::request('title', 'str', '')));
$content = cmsCore::request('content', 'str', '');
$city = cmsCore::request('city', 'str', '');
if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) {
$pagetitle = cmsCore::request('pagetitle', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$meta_desc = cmsCore::request('meta_desc', 'str', '');
} else {
$pagetitle = $meta_keys = $meta_desc = '';
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
$vipdays = cmsCore::request('vipdays', 'int', 0);
$published = cmsCore::m('board')->checkPublished($cat);
if (cmsCore::m('board')->config['srok']){ $pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50; }
if (!cmsCore::m('board')->config['srok']){ $pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14; }
// Проверяем значения
if (!$title) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$content) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$city) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
if (!cmsCore::c('user')->id && !cmsCore::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$item['content'] = htmlspecialchars(stripslashes($_REQUEST['content']));
$item['city'] = stripslashes($city);
$item['title'] = stripslashes($title);
$item['obtype'] = $obtype;
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/board/'. cmsCore::m('board')->category_id .'/add.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = cmsCore::m('board')->uploadPhoto('', $cat);
} else {
$file['filename'] = '';
cmsCore::addSessionMessage($_LANG['INFO_CAT_NO_PHOTO'], 'info');
}
$add = array(
'category_id' => cmsCore::m('board')->category_id,
'user_id' => cmsCore::c('user')->id,
'obtype' => $obtype,
'title' => $title,
'content' => $content,
'formsdata' => $formsdata,
'city' => $city,
'pubdays' => $pubdays,
'published' => $published,
'pagetitle' => $pagetitle,
'meta_keys' => $meta_keys,
'meta_desc' => $meta_desc,
'file' => $file['filename']
);
$add['id'] = cmsCore::m('board')->addRecord($add);
if (cmsCore::c('user')->is_admin && $vipdays) {
cmsCore::m('board')->setVip($add['id'], $vipdays);
}
if (IS_BILLING) {
cmsBilling::process('board', 'add_item');
if (cmsCore::m('board')->config['vip_enabled'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) {
if ($vipdays > cmsCore::m('board')->config['vip_max_days']) {
$vipdays = cmsCore::m('board')->config['vip_max_days'];
}
$summ = $vipdays * cmsCore::m('board')->config['vip_day_cost'];
if (cmsCore::c('user')->balance >= $summ) {
cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']);
cmsCore::m('board')->setVip($add['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if ($published) {
//регистрируем событие
cmsActions::log('add_board', array(
'object' => $obtype .' '. $title,
'object_url' => '/board/read'. $add['id'] .'.html',
'object_id' => $add['id'],
'target' => $cat['title'],
'target_url' => '/board/'. $cat['id'],
'target_id' => $cat['id'],
'description' => ''
));
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'], 'success');
cmsCore::callEvent('ADD_BOARD_DONE', $add);
cmsCore::redirect('/board/read'. $add['id'] .'.html');
}
if (!$published) {
$link = '<a href="/board/read'. $add['id'] .'.html">'. $obtype .' '. $title .'</a>';
if (cmsCore::c('user')->id) {
$user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>';
} else {
$user = $_LANG['BOARD_GUEST'] .', ip: '. cmsCore::c('user')->ip;
}
$message = str_replace('%user%', $user, $_LANG['MSG_ADV_SUBMIT']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'] .'<br>'. $_LANG['ADV_PREMODER_TEXT'], 'success');
cmsCore::redirect('/board/'.cmsCore::m('board')->category_id);
}
}
}
/////////////////////////////// EDIT BOARD ITEM ////////////////////////////////
if ($do == 'edititem') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
$cat = cmsCore::m('board')->getCategory($item['category_id']);
if (!$cat || !$item) { cmsCore::error404(); }
cmsCore::c('page')->setTitle($_LANG['EDIT_ADV']);
cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']);
cmsCore::c('page')->addPathway($_LANG['EDIT_ADV']);
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
$errors = false;
if (!cmsCore::inRequest('submit')) {
cmsPage::initTemplate('components', 'com_board_edit')->
assign('action', "/board/edit{$item['id']}.html")->
assign('form_do', 'edit')->
assign('cfg', cmsCore::m('board')->config)->
assign('cat', $cat)->
assign('item', $item)->
assign('pagetitle', $_LANG['EDIT_ADV'])->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('catslist', cmsCore::m('board')->getPublicCats($item['category_id'], true))->
assign('formsdata', cmsForm::getFieldsHtml($cat['form_id'], $item['form_array']))->
assign('is_user', cmsCore::c('user')->id)->
assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)->
display();
cmsUser::sessionClearAll();
}
if (cmsCore::inRequest('submit')) {
$new_cat_id = cmsCore::request('category_id', 'int', 0);
if ($new_cat_id) {
$item['category_id'] = $new_cat_id;
}
$form_input = cmsForm::getFieldsInputValues($cat['form_id']);
$formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values']));
if ($item['is_overdue'] && !$item['published']) {
if (cmsCore::m('board')->config['srok']) {
$pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50;
}
if (!cmsCore::m('board')->config['srok']) {
$pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14;
}
$pubdate = date('Y-m-d H:i:s');
} else {
$pubdays = $item['pubdays'];
$pubdate = $item['fpubdate'];
}
$update['obtype'] = icms_ucfirst(cmsCore::request('obtype', 'str'));
$update['title'] = trim(str_ireplace($update['obtype'], '', cmsCore::request('title', 'str', '')));
$update['category_id'] = $item['category_id'];
$update['content'] = cmsCore::request('content', 'str', '');
$update['formsdata'] = $formsdata;
$update['city'] = cmsCore::request('city', 'str', '');
$update['pubdate'] = $pubdate;
$update['pubdays'] = $pubdays;
$update['published'] = cmsCore::m('board')->checkPublished($cat, true);
if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) {
$update['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$update['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$update['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
if (!$update['title']) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error');
$errors = true;
}
if (!$update['content']) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error');
$errors = true;
}
if (!$update['city']) {
cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error');
$errors = true;
}
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
if ($errors) {
$inCore->redirect('/board/edit'. $item['id'] .'.html');
}
if ($cat['is_photos']) {
// Загружаем фото
$file = cmsCore::m('board')->uploadPhoto($item['file'], $cat);
}
$update['file'] = $file['filename'] ? $file['filename'] : $item['file'];
// обновляем объявление
cmsCore::m('board')->updateRecord($item['id'], $update);
// обновляем запись в ленте активности
cmsActions::updateLog('add_board', array('object' => $update['obtype'] .' '. $update['title']), $item['id']);
$vipdays = cmsCore::request('vipdays', 'int', 0);
if (cmsCore::c('user')->is_admin) {
if ($vipdays > 0) {
cmsCore::m('board')->setVip($item['id'], $vipdays);
}
if ($vipdays == -1) {
cmsCore::m('board')->deleteVip($item['id']);
}
}
if (IS_BILLING) {
if (cmsCore::m('board')->config['vip_enabled'] && cmsCore::m('board')->config['vip_prolong'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) {
if ($vipdays > cmsCore::m('board')->config['vip_max_days']) {
$vipdays = cmsCore::m('board')->config['vip_max_days'];
}
$summ = $vipdays * cmsCore::m('board')->config['vip_day_cost'];
if (cmsCore::c('user')->balance >= $summ) {
cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']);
cmsCore::m('board')->setVip($item['id'], $vipdays);
}
}
}
cmsUser::sessionClearAll();
if (!$update['published']) {
$link = '<a href="/board/read'. $item['id'] .'.html">'. $update['obtype'] .' '. $update['title'] .'</a>';
$user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>';
$message = str_replace(array('%link%','%user%'), array($link,$user), $_LANG['MSG_ADV_EDITED']);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ADV_EDIT_PREMODER_TEXT'], 'info');
}
cmsCore::addSessionMessage($_LANG['ADV_MODIFIED'], 'success');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
}
///////////////////////// PUBLISH BOARD ITEM ///////////////////////////////////
if ($do == 'publish') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
// если уже опубликовано, 404
if ($item['published']) { cmsCore::error404(); }
// публиковать могут админы и модераторы доски
if (!cmsCore::c('user')->is_admin && !cmsCore::m('board')->is_moderator_by_group) {
cmsCore::error404();
}
// публикуем
cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'published', 1);
cmsCore::callEvent('ADD_BOARD_DONE', $item);
if ($item['user_id']) {
//регистрируем событие
cmsActions::log('add_board', array(
'object' => $item['obtype'] .' '. $item['title'],
'user_id' => $item['user_id'],
'object_url' => '/board/read'. $item['id'] .'.html',
'object_id' => $item['id'],
'target' => $item['category'],
'target_url' => '/board/'. $item['cat_id'],
'target_id' => $item['cat_id'],
'description' => ''
));
$link = '<a href="/board/read'. $item['id'] .'.html">'. $item['obtype'] .' '. $item['title'] .'</a>';
$message = str_replace('%link%', $link, $_LANG['MSG_ADV_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message);
}
cmsCore::addSessionMessage($_LANG['ADV_IS_ACCEPTED'], 'success');
cmsCore::redirect('/board/read'. $item['id'] .'.html');
}
/////////////////////////////// DELETE BOARD ITEM //////////////////////////////
if ($do == 'delete') {
$item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id);
if (!$item) { cmsCore::error404(); }
if (!$item['moderator']) {
cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error');
cmsCore::redirect('/board/'. $item['cat_id']);
}
if (!cmsCore::inRequest('godelete')) {
cmsCore::c('page')->setTitle($_LANG['DELETE_ADV']);
cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']);
cmsCore::c('page')->addPathway($_LANG['DELETE_ADV']);
$confirm['title'] = $_LANG['DELETING_ADV'];
$confirm['text'] = $_LANG['YOU_SURE_DELETE_ADV'] .' "'. $item['title'] .'"?';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button']['name'] = 'godelete';
cmsPage::initTemplate('components', 'action_confirm')->
assign('confirm', $confirm)->
display();
}
if (cmsCore::inRequest('godelete')) {
cmsCore::m('board')->deleteRecord(cmsCore::m('board')->item_id);
cmsCore::addSessionMessage($_LANG['ADV_IS_DELETED'], 'success');
cmsCore::redirect('/board/'. $item['cat_id']);
}
}
}
function content()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_content();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
cmsCore::loadClass('billing');
}
global $_LANG;
$id = cmsCore::request('id', 'int', 0);
$do = $inCore->do;
$seolink = cmsCore::strClear(urldecode(cmsCore::request('seolink', 'html', '')));
if (is_numeric($seolink)) {
cmsCore::error404();
}
$page = cmsCore::request('page', 'int', 1);
///////////////////////////////////// VIEW CATEGORY ////////////////////////////////////////////////////////////////////////////////
if ($do == 'view') {
$cat = $inDB->getNsCategory('cms_category', $seolink);
// если не найдена категория и мы не на главной, 404
if (!$cat && $inCore->menuId() !== 1) {
cmsCore::error404();
}
// языки
$cat = translations::process(cmsConfig::getConfig('lang'), 'content_category', $cat);
// Плагины
$cat = cmsCore::callEvent('GET_CONTENT_CAT', $cat);
// Неопубликованные показываем только админам
if (!$cat['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Проверяем доступ к категории
if (!$inCore->checkUserAccess('category', $cat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
// если не корень категорий
if ($cat['NSLevel'] > 0) {
$inPage->setTitle($cat['pagetitle'] ? $cat['pagetitle'] : $cat['title']);
$pagetitle = $cat['title'];
$showdate = $cat['showdate'];
$showcomm = $cat['showcomm'];
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars($cat['title']) . '" href="' . HOST . '/rss/content/' . $cat['id'] . '/feed.rss">');
}
// Если корневая категория
if ($cat['NSLevel'] == 0) {
if ($model->config['hide_root']) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['CATALOG_ARTICLES']);
$pagetitle = $_LANG['CATALOG_ARTICLES'];
$showdate = 1;
$showcomm = 1;
}
// Получаем дерево категорий
$path_list = $inDB->getNsCategoryPath('cms_category', $cat['NSLeft'], $cat['NSRight'], 'id, title, NSLevel, seolink, url');
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'content_category', $path_list);
foreach ($path_list as $pcat) {
if (!$inCore->checkUserAccess('category', $pcat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
$inPage->addPathway($pcat['title'], $model->getCategoryURL(null, $pcat['seolink']));
}
}
// Получаем подкатегории
$subcats_list = $model->getSubCats($cat['id']);
// Привязанный фотоальбом
$cat_photos = $model->getCatPhotoAlbum($cat['photoalbum']);
// Получаем статьи
// Редактор/администратор
$is_editor = $cat['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd') || $inUser->is_admin;
// Условия
$model->whereCatIs($cat['id']);
// Общее количество статей
$total = $model->getArticlesCount($is_editor);
// Сортировка и разбивка на страницы
$inDB->orderBy($cat['orderby'], $cat['orderto']);
$inDB->limitPage($page, $model->config['perpage']);
// Получаем статьи
$content_list = $total ? $model->getArticlesList(!$is_editor) : array();
$inDB->resetConditions();
if (!$content_list && $page > 1) {
cmsCore::error404();
}
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], $model->getCategoryURL(null, $cat['seolink'], 0, true));
$template = $cat['tpl'] ? $cat['tpl'] : 'com_content_view.tpl';
if ($cat['NSLevel'] > 0) {
// meta description
if ($cat['meta_desc']) {
$meta_desc = $cat['meta_desc'];
} elseif (mb_strlen(strip_tags($cat['description'])) >= 250) {
$meta_desc = crop($cat['description']);
} else {
$meta_desc = $cat['title'];
}
$inPage->setDescription($meta_desc);
// meta keywords
if ($cat['meta_keys']) {
$meta_keys = $cat['meta_keys'];
} elseif ($content_list) {
foreach ($content_list as $c) {
$k[] = $c['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $cat['title'];
}
$inPage->setKeywords($meta_keys);
}
cmsPage::initTemplate('components', $template)->assign('cat', $cat)->assign('is_homepage', (bool) ($inCore->menuId() == 1))->assign('showdate', $showdate)->assign('showcomm', $showcomm)->assign('pagetitle', $pagetitle)->assign('subcats', $subcats_list)->assign('cat_photos', $cat_photos)->assign('articles', $content_list)->assign('pagebar', $pagebar)->display($template);
}
///////////////////////////////////// READ ARTICLE ////////////////////////////////////////////////////////////////////////////////
if ($do == 'read') {
// Получаем статью
$article = $model->getArticle($seolink);
if (!$article) {
cmsCore::error404();
}
$article = translations::process(cmsConfig::getConfig('lang'), 'content_content', $article);
$article = cmsCore::callEvent('GET_ARTICLE', $article);
$is_admin = $inUser->is_admin;
$is_author = $inUser->id == $article['user_id'];
$is_author_del = cmsUser::isUserCan('content/delete');
$is_editor = $article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd');
// если статья не опубликована или дата публикации позже, 404
if ((!$article['published'] || strtotime($article['pubdate']) > time()) && !$is_admin && !$is_editor && !$is_author) {
cmsCore::error404();
}
if (!$inCore->checkUserAccess('material', $article['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect($model->getCategoryURL(null, $article['catseolink']));
}
// увеличиваем кол-во просмотров
if (@(!$is_author)) {
$inDB->setFlag('cms_content', $article['id'], 'hits', $article['hits'] + 1);
}
// Картинка статьи
$article['image'] = file_exists(PATH . '/images/photos/medium/article' . $article['id'] . '.jpg') ? 'article' . $article['id'] . '.jpg' : '';
// Заголовок страницы
$article['pagetitle'] = $article['pagetitle'] ? $article['pagetitle'] : $article['title'];
// Тело статьи в зависимости от настроек
$article['content'] = $model->config['readdesc'] ? $article['description'] . $article['content'] : $article['content'];
// Дата публикации
$article['pubdate'] = cmsCore::dateFormat($article['pubdate']);
// Шаблон статьи
$article['tpl'] = $article['tpl'] ? $article['tpl'] : 'com_content_read.tpl';
$inPage->setTitle($article['pagetitle']);
// Получаем дерево категорий
$path_list = $article['showpath'] ? $inDB->getNsCategoryPath('cms_category', $article['leftkey'], $article['rightkey'], 'id, title, NSLevel, seolink, url') : array();
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'content_category', $path_list);
foreach ($path_list as $pcat) {
if (!$inCore->checkUserAccess('category', $pcat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
$inPage->addPathway($pcat['title'], $model->getCategoryURL(null, $pcat['seolink']));
}
}
$inPage->addPathway($article['title']);
// Мета теги KEYWORDS и DESCRIPTION
if ($article['meta_keys']) {
$inPage->setKeywords($article['meta_keys']);
} else {
if (mb_strlen($article['content']) > 30) {
$inPage->setKeywords(cmsCore::getKeywords(cmsCore::strClear($article['content'])));
}
}
if (mb_strlen($article['meta_desc'])) {
$inPage->setDescription($article['meta_desc']);
}
// Выполняем фильтры
$article['content'] = cmsCore::processFilters($article['content']);
// Разбивка статей на страницы
$pt_pages = array();
if (!empty($GLOBALS['pt'])) {
foreach ($GLOBALS['pt'] as $num => $page_title) {
$pt_pages[$num]['title'] = $page_title;
$pt_pages[$num]['url'] = $model->getArticleURL(null, $article['seolink'], $num + 1);
}
}
// Рейтинг статьи
if ($model->config['rating'] && $article['canrate']) {
$karma = cmsKarma('content', $article['id']);
$karma_points = cmsKarmaFormatSmall($karma['points']);
$btns = cmsKarmaButtonsText('content', $article['id'], $karma['points'], $is_author);
}
cmsPage::initTemplate('components', $article['tpl'])->assign('article', $article)->assign('cfg', $model->config)->assign('page', $page)->assign('is_pages', !empty($GLOBALS['pt']))->assign('pt_pages', $pt_pages)->assign('is_admin', $is_admin)->assign('is_editor', $is_editor)->assign('is_author', $is_author)->assign('is_author_del', $is_author_del)->assign('tagbar', cmsTagBar('content', $article['id']))->assign('karma_points', @$karma_points)->assign('karma_votes', @$karma['votes'])->assign('karma_buttons', @$btns)->display($article['tpl']);
// Комментарии статьи
if ($article['published'] && $article['comments'] && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('article', $article['id'], array(), $is_author);
}
}
///////////////////////////////////// ADD ARTICLE //////////////////////////////////////////////////////////////////////////////////
if ($do == 'addarticle' || $do == 'editarticle') {
$is_add = cmsUser::isUserCan('content/add');
// может добавлять статьи
$is_auto_add = cmsUser::isUserCan('content/autoadd');
// добавлять статьи без модерации
if (!$is_add && !$is_auto_add) {
cmsCore::error404();
}
// Для редактирования получаем статью и проверяем доступ
if ($do == 'editarticle') {
// Получаем статью
$item = $model->getArticle($id);
if (!$item) {
cmsCore::error404();
}
$pubcats = array();
// доступ к редактированию админам, авторам и редакторам
if (!$inUser->is_admin && $item['user_id'] != $inUser->id && !($item['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd'))) {
cmsCore::error404();
}
}
// Для добавления проверяем не вводили ли мы данные ранее
if ($do == 'addarticle') {
$item = cmsUser::sessionGet('article');
if ($item) {
cmsUser::sessionDel('article');
}
// Категории, в которые разрешено публиковать
$pubcats = $model->getPublicCats();
if (!$pubcats) {
cmsCore::addSessionMessage($_LANG['ADD_ARTICLE_ERR_CAT'], 'error');
cmsCore::redirectBack();
}
}
// не было запроса на сохранение, показываем форму
if (!cmsCore::inRequest('add_mod')) {
$dynamic_cost = false;
// Если добавляем статью
if ($do == 'addarticle') {
$pagetitle = $_LANG['ADD_ARTICLE'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_ARTICLES'], '/content/my.html');
$inPage->addPathway($pagetitle);
// поддержка биллинга
if (IS_BILLING) {
$action = cmsBilling::getAction('content', 'add_content');
foreach ($pubcats as $p => $pubcat) {
if ($pubcat['cost']) {
$dynamic_cost = true;
} else {
$pubcats[$p]['cost'] = $action['point_cost'][$inUser->group_id];
}
}
cmsBilling::checkBalance('content', 'add_content', $dynamic_cost);
}
}
// Если редактируем статью
if ($do == 'editarticle') {
$pagetitle = $_LANG['EDIT_ARTICLE'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
if ($item['user_id'] != $inUser->id) {
$user = $inDB->get_fields('cms_users', "id='{$item['user_id']}'", 'login, nickname');
$inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login']));
} else {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
}
$inPage->addPathway($_LANG['MY_ARTICLES'], '/content/my.html');
$inPage->addPathway($pagetitle);
$item['tags'] = cmsTagLine('content', $item['id'], false);
$item['image'] = file_exists(PATH . '/images/photos/small/article' . $item['id'] . '.jpg') ? 'article' . $item['id'] . '.jpg' : '';
if (!$is_auto_add) {
cmsCore::addSessionMessage($_LANG['ATTENTION'] . ': ' . $_LANG['EDIT_ARTICLE_PREMODER'], 'info');
}
}
$inPage->initAutocomplete();
$autocomplete_js = $inPage->getAutocompleteJS('tagsearch', 'tags');
$item = cmsCore::callEvent('PRE_EDIT_ARTICLE', @$item ? $item : array());
cmsPage::initTemplate('components', 'com_content_edit')->assign('mod', $item)->assign('do', $do)->assign('cfg', $model->config)->assign('pubcats', $pubcats)->assign('pagetitle', $pagetitle)->assign('is_admin', $inUser->is_admin)->assign('is_billing', IS_BILLING)->assign('dynamic_cost', $dynamic_cost)->assign('autocomplete_js', $autocomplete_js)->display('com_content_edit.tpl');
}
// Пришел запрос на сохранение статьи
if (cmsCore::inRequest('add_mod')) {
$errors = false;
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['user_id'] = $item['user_id'] ? $item['user_id'] : $inUser->id;
$article['title'] = cmsCore::request('title', 'str', '');
$article['tags'] = cmsCore::request('tags', 'str', '');
$article['description'] = cmsCore::request('description', 'html', '');
$article['content'] = cmsCore::request('content', 'html', '');
$article['description'] = cmsCore::badTagClear($article['description']);
$article['content'] = cmsCore::badTagClear($article['content']);
$article['published'] = $is_auto_add ? 1 : 0;
if ($do == 'editarticle') {
$article['published'] = $item['published'] == 0 ? $item['published'] : $article['published'];
}
$article['pubdate'] = $do == 'editarticle' ? $item['pubdate'] : date('Y-m-d H:i');
$article['enddate'] = $do == 'editarticle' ? $item['enddate'] : $article['pubdate'];
$article['is_end'] = $do == 'editarticle' ? $item['is_end'] : 0;
$article['showtitle'] = $do == 'editarticle' ? $item['showtitle'] : 1;
$article['meta_desc'] = $do == 'addarticle' ? mb_strtolower($article['title']) : $inDB->escape_string($item['meta_desc']);
$article['meta_keys'] = $do == 'addarticle' ? $inCore->getKeywords($article['content']) : $inDB->escape_string($item['meta_keys']);
$article['showdate'] = $do == 'editarticle' ? $item['showdate'] : 1;
$article['showlatest'] = $do == 'editarticle' ? $item['showlatest'] : 1;
$article['showpath'] = $do == 'editarticle' ? $item['showpath'] : 1;
$article['comments'] = $do == 'editarticle' ? $item['comments'] : 1;
$article['canrate'] = $do == 'editarticle' ? $item['canrate'] : 1;
$article['pagetitle'] = '';
if ($do == 'editarticle') {
$article['tpl'] = $item['tpl'];
}
if (mb_strlen($article['title']) < 2) {
cmsCore::addSessionMessage($_LANG['REQ_TITLE'], 'error');
$errors = true;
}
if (mb_strlen($article['content']) < 10) {
cmsCore::addSessionMessage($_LANG['REQ_CONTENT'], 'error');
$errors = true;
}
if ($errors) {
// При добавлении статьи при ошибках сохраняем введенные поля
if ($do == 'addarticle') {
cmsUser::sessionPut('article', $article);
}
cmsCore::redirectBack();
}
$article['description'] = $inDB->escape_string($article['description']);
$article['content'] = $inDB->escape_string($article['content']);
$article = cmsCore::callEvent('AFTER_EDIT_ARTICLE', $article);
// добавление статьи
if ($do == 'addarticle') {
$article_id = $model->addArticle($article);
}
// загрузка фото
$file = 'article' . (@$article_id ? $article_id : $item['id']) . '.jpg';
if (cmsCore::request('delete_image', 'int', 0)) {
@unlink(PATH . "/images/photos/small/{$file}");
@unlink(PATH . "/images/photos/medium/{$file}");
}
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $model->config['img_small_w'];
$inUploadPhoto->medium_size_w = $model->config['img_big_w'];
$inUploadPhoto->thumbsqr = $model->config['img_sqr'];
$inUploadPhoto->is_watermark = $model->config['watermark'];
$inUploadPhoto->input_name = 'picture';
$inUploadPhoto->filename = $file;
// Процесс загрузки фото
$inUploadPhoto->uploadPhoto();
// операции после добавления/редактирования статьи
// добавление статьи
if ($do == 'addarticle') {
// Получаем добавленную статью
$article = $model->getArticle($article_id);
if (!$article['published']) {
cmsCore::addSessionMessage($_LANG['ARTICLE_PREMODER_TEXT'], 'info');
// отсылаем уведомление администраторам
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_ARTICLE_SUBMIT']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessageToGroup(USER_UPDATER, cmsUser::getAdminGroups(), $message);
} else {
//регистрируем событие
cmsActions::log('add_article', array('object' => $article['title'], 'object_url' => $model->getArticleURL(null, $article['seolink']), 'object_id' => $article['id'], 'target' => $article['cat_title'], 'target_url' => $model->getCategoryURL(null, $article['catseolink']), 'target_id' => $article['category_id'], 'description' => ''));
if (IS_BILLING) {
$category_cost = $article['cost'] === '' ? false : (int) $article['cost'];
cmsBilling::process('content', 'add_content', $category_cost);
}
cmsUser::checkAwards($inUser->id);
}
cmsCore::addSessionMessage($_LANG['ARTICLE_SAVE'], 'info');
cmsCore::redirect('/my.html');
}
// Редактирование статьи
if ($do == 'editarticle') {
$model->updateArticle($item['id'], $article, true);
cmsActions::updateLog('add_article', array('object' => $article['title']), $item['id']);
if (!$article['published']) {
$link = '<a href="' . $model->getArticleURL(null, $item['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_ARTICLE_EDITED']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessageToGroup(USER_UPDATER, cmsUser::getAdminGroups(), $message);
}
$mess = $article['published'] ? $_LANG['ARTICLE_SAVE'] : $_LANG['ARTICLE_SAVE'] . ' ' . $_LANG['ARTICLE_PREMODER_TEXT'];
cmsCore::addSessionMessage($mess, 'info');
cmsCore::redirect($model->getArticleURL(null, $item['seolink']));
}
}
}
///////////////////////// PUBLISH ARTICLE /////////////////////////////////////////////////////////////////////////////
if ($do == 'publisharticle') {
if (!$inUser->id) {
cmsCore::error404();
}
$article = $model->getArticle($id);
if (!$article) {
cmsCore::error404();
}
// Редактор с правами на добавление без модерации или администраторы могут публиковать
if (!($article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd')) && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->setFlag('cms_content', $article['id'], 'published', 1);
cmsCore::callEvent('ADD_ARTICLE_DONE', $article);
if (IS_BILLING) {
$author = $inDB->get_fields('cms_users', "id='{$article['user_id']}'", '*');
$category_cost = $article['cost'] === '' ? false : (int) $article['cost'];
cmsBilling::process('content', 'add_content', $category_cost, $author);
}
//регистрируем событие
cmsActions::log('add_article', array('object' => $article['title'], 'user_id' => $article['user_id'], 'object_url' => $model->getArticleURL(null, $article['seolink']), 'object_id' => $article['id'], 'target' => $article['cat_title'], 'target_url' => $model->getCategoryURL(null, $article['catseolink']), 'target_id' => $article['cat_id'], 'description' => ''));
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%link%', $link, $_LANG['MSG_ARTICLE_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $article['user_id'], $message);
cmsUser::checkAwards($article['user_id']);
cmsCore::redirectBack();
}
///////////////////////////////////// DELETE ARTICLE ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'deletearticle') {
if (!$inUser->id) {
cmsCore::error404();
}
$article = $model->getArticle($id);
if (!$article) {
cmsCore::error404();
}
// права доступа
$is_author = cmsUser::isUserCan('content/delete') && $article['user_id'] == $inUser->id;
$is_editor = $article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd');
if (!$is_author && !$is_editor && !$inUser->is_admin) {
cmsCore::error404();
}
if (!cmsCore::inRequest('goadd')) {
$inPage->setTitle($_LANG['ARTICLE_REMOVAL']);
$inPage->addPathway($_LANG['ARTICLE_REMOVAL']);
$confirm['title'] = $_LANG['ARTICLE_REMOVAL'];
$confirm['text'] = $_LANG['ARTICLE_REMOVAL_TEXT'] . ' <a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>?';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
$confirm['yes_button']['name'] = 'goadd';
cmsPage::initTemplate('components', 'action_confirm')->assign('confirm', $confirm)->display('action_confirm.tpl');
} else {
$model->deleteArticle($article['id']);
if ($_SERVER['HTTP_REFERER'] == '/my.html') {
cmsCore::addSessionMessage($_LANG['ARTICLE_DELETED'], 'info');
cmsCore::redirectBack();
} else {
// если удалили как администратор или редактор и мы не авторы статьи, отсылаем сообщение автору
if (($is_editor || $inUser->is_admin) && $article['user_id'] != $inUser->id) {
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%link%', $link, $article['published'] ? $_LANG['MSG_ARTICLE_DELETED'] : $_LANG['MSG_ARTICLE_REJECTED']);
cmsUser::sendMessage(USER_UPDATER, $article['user_id'], $message);
} else {
cmsCore::addSessionMessage($_LANG['ARTICLE_DELETED'], 'info');
}
cmsCore::redirect($model->getCategoryURL(null, $article['catseolink']));
}
}
}
///////////////////////////////////// MY ARTICLES ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'my') {
if (!cmsUser::isUserCan('content/add')) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_ARTICLES']);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_ARTICLES']);
$perpage = 15;
// Условия
$model->whereUserIs($inUser->id);
// Общее количество статей
$total = $model->getArticlesCount(false);
// Сортировка и разбивка на страницы
$inDB->orderBy('con.pubdate', 'DESC');
$inDB->limitPage($page, $perpage);
// Получаем статьи
$content_list = $total ? $model->getArticlesList(false) : array();
$inDB->resetConditions();
cmsPage::initTemplate('components', 'com_content_my')->assign('articles', $content_list)->assign('total', $total)->assign('user_can_delete', cmsUser::isUserCan('content/delete'))->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/content/my%page%.html'))->display('com_content_my.tpl');
}
///////////////////////////////////// BEST ARTICLES ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'best') {
$inPage->setTitle($_LANG['ARTICLES_RATING']);
$inPage->addPathway($_LANG['ARTICLES_RATING']);
// Только статьи, за которые можно голосовать
$inDB->where("con.canrate = 1");
// Сортировка и разбивка на страницы
$inDB->orderBy('con.rating', 'DESC');
$inDB->limitPage(1, 30);
// Получаем статьи
$content_list = $model->getArticlesList();
cmsPage::initTemplate('components', 'com_content_rating')->assign('articles', $content_list)->display('com_content_rating.tpl');
}
}
<input type="button" class="btn btn-default" name="" value="<?php
echo $_LANG['HIDE'];
?>
" onclick="sendContentForm('hide');" style="margin-left:5px;" />
</td>
<td class="sel_pub">
<input type="button" class="btn btn-danger" name="" value="<?php
echo $_LANG['DELETE'];
?>
" onclick="sendContentForm('delete');" style="margin-left:5px;" />
</td>
</tr>
</table>
</div>
<?php
}
?>
</form>
<?php
if ($pages > 1) {
echo '<div class="panel panel-default"><div class="panel-body">';
echo cmsPage::getPagebar($total, $page, $perpage, $base_uri . '&hide_cats=' . $hide_cats . '&title=' . $title_part . '&orderby=' . $orderby . '&orderto=' . $orderto . '&cat_id=' . $category_id . '&page=%page%');
echo '</div></div>';
}
?>
</td>
</tr>
</table>
<script type="text/javascript"> trClickChecked(); </script>
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['PHOTOALBUMS'], '/users/' . $usr['id'] . '/photoalbum.html');
$inPage->addPathway($album['title']);
$photos = array();
//Мой профиль или нет
$my_profile = $inUser->id == $usr['id'] ? true : false;
//Определяем, друзья мы или нет
$we_friends = $inUser->id && !$my_profile ? cmsUser::isFriend($usr['id']) : 0;
if ($album['allow_who'] == 'all' || $my_profile || $album['allow_who'] == 'friends' && $we_friends || $album['allow_who'] == 'registered' && $inUser->id) {
$photos = $model->getAlbumPhotos($usr['id'], $album_type, $album_id, $we_friends);
}
//Делим на страницы
$total = sizeof($photos);
if ($total) {
$perpage = 21;
$pagination = cmsPage::getPagebar($total, $page, $perpage, '/users/%user%/photos/%album%%id%-%page%.html', array('user' => $usr['login'], 'album' => $album_type, 'id' => $album_id));
$page_photos = array();
$start = $perpage * ($page - 1);
for ($p = $start; $p < $start + $perpage; $p++) {
if ($photos[$p]) {
$page_photos[] = $photos[$p];
}
}
$photos = $page_photos;
unset($page_photos);
}
//Отдаем в шаблон
cmsPage::initTemplate('components', 'com_users_photos')->assign('page_title', $album['title'])->assign('album_type', $album_type)->assign('album', $album)->assign('photos', $photos)->assign('user_id', $usr['id'])->assign('usr', $usr)->assign('my_profile', $my_profile)->assign('is_admin', $inUser->is_admin)->assign('pagebar', $pagination)->display('com_users_photos.tpl');
}
//============================================================================//
//============================ Удалить фотоальбом ============================//
function faq(){
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_faq();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { $inCore->loadClass('billing'); }
global $_LANG;
$pagetitle = $inCore->getComponentTitle();
$inPage->addPathway($pagetitle, '/faq');
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
$inPage->addHeadJsLang(array('ERR_QUESTION'));
$cfg = $inCore->loadComponentConfig('faq');
if(!isset($cfg['guest_enabled'])) { $cfg['guest_enabled'] = 1; }
if(!isset($cfg['user_link'])) { $cfg['user_link'] = 1; }
if(!isset($cfg['publish'])) { $cfg['publish'] = 0; }
if(!isset($cfg['is_comment'])) { $cfg['is_comment'] = 1; }
$id = $inCore->request('id', 'int', 0);
$do = $inCore->do;
///////////////////////////////////// VIEW CATEGORY ////////////////////////////////////////////////////////////////////////////////
if ($do=='view'){
if($id>0){
//CURRENT CATEGORY
$sql = "SELECT *
FROM cms_faq_cats
WHERE id = '$id'
ORDER BY title ASC LIMIT 1
";
$result = $inDB->query($sql) ;
if (!$inDB->num_rows($result)) { cmsCore::error404(); }
$cat = $inDB->fetch_assoc($result);
//PAGE HEADING
$pagetitle = $cat['title'];
$inPage->setTitle($cat['title']);
$inPage->addPathway($cat['title']);
$inPage->setDescription($cat['title']);
}
//LIST OF SUBCATEGORIES
$sql = "SELECT *
FROM cms_faq_cats
WHERE parent_id = $id AND id > 0 AND published = 1
ORDER BY title ASC
";
$result = $inDB->query($sql) ;
if ($inDB->num_rows($result)){
$subcats = array();
while($subcat = $inDB->fetch_assoc($result)){
$subcats[] = $subcat;
}
$is_subcats = true;
} else {
$is_subcats = false;
}
//CURRENT CATEGORY CONTENT
$perpage = 15;
$page = $inCore->request('page', 'int', 1);
$records = 0;
if ($id > 0){
$sql = "SELECT q.*, u.login, u.nickname
FROM cms_faq_quests q
LEFT JOIN cms_users u ON u.id = q.user_id
WHERE q.category_id = $id AND q.published = 1
ORDER BY q.pubdate DESC
LIMIT ".(($page-1)*$perpage).", $perpage";
$result_total = $inDB->query("SELECT id FROM cms_faq_quests WHERE category_id = $id AND published = 1") ;
$records = $inDB->num_rows($result_total);
} else {
$sql = "SELECT q.*, c.title cat_title, c.id cid, u.login, u.nickname
FROM cms_faq_quests q
LEFT JOIN cms_faq_cats c ON c.id = q.category_id
LEFT JOIN cms_users u ON u.id = q.user_id
WHERE q.published = 1
ORDER BY q.pubdate DESC
LIMIT 15";
}
$result = $inDB->query($sql) ;
if ($inDB->num_rows($result)){
$quests = array();
while($con = $inDB->fetch_assoc($result)){
$con['pubdate'] = $inCore->dateFormat($con['pubdate'], true, false, false);
$con['quest'] = nl2br($con['quest']);
$quests[] = $con;
}
$is_quests = true;
} else {
$is_quests = false;
}
cmsPage::initTemplate('components', 'com_faq_view')->
assign('pagetitle', $pagetitle)->
assign('id', $id)->
assign('subcats', $subcats)->
assign('is_subcats', $is_subcats)->
assign('quests', $quests)->
assign('cfg', $cfg)->
assign('is_quests', $is_quests)->
assign('is_user', $inUser->id)->
assign('pagebar', cmsPage::getPagebar($records, $page, $perpage, '/faq/%id%-%page%', array('id'=>$id)))->
display();
}
///////////////////////////////////// READ QUESTION ////////////////////////////////////////////////////////////////////////////////
if ($do=='read'){
$sql = "SELECT con.*,
cat.title cat_title, cat.id cat_id, u.login, u.nickname
FROM cms_faq_quests con
LEFT JOIN cms_faq_cats cat ON cat.id = con.category_id
LEFT JOIN cms_users u ON u.id = con.user_id
WHERE con.id = $id LIMIT 1";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)){
$inDB->query("UPDATE cms_faq_quests SET hits = hits + 1 WHERE id = $id") ;
$quest = $inDB->fetch_assoc($result);
$quest['pubdate'] = $inCore->dateFormat($quest['pubdate'], true, false, false);
$quest['answerdate'] = $inCore->dateFormat($quest['answerdate'], true, false, false);
if (mb_strlen($quest['quest'])>40) { $shortquest = mb_substr($quest['quest'], 0, 40).'...'; }
else { $shortquest = $quest['quest']; }
$quest['quest'] = nl2br($quest['quest']);
$inPage->setTitle($shortquest);
$inPage->setDescription($shortquest);
$inPage->addPathway($quest['cat_title'], '/faq/'.$quest['cat_id']);
$inPage->addPathway($shortquest);
cmsPage::initTemplate('components', 'com_faq_read')->
assign('quest', $quest)->
assign('cfg', $cfg)->
assign('labels', array('comments' => $_LANG['ANSWERS'], 'add' => $_LANG['REPLY'], 'rss' => $_LANG['RSS_FEED'], 'not_comments' => $_LANG['NOT_ANSWERS']))->
assign('is_admin', $inUser->is_admin)->
display();
} else { cmsCore::error404(); }
}
///////////////////////////////////// SEND QUEST ////////////////////////////////////////////////////////////////////////////////
if ($do=='sendquest'){
if (!$inUser->id && !$cfg['guest_enabled']){ cmsCore::error404(); }
$inPage->setTitle($_LANG['SET_QUESTION']);
$inPage->addPathway($_LANG['SET_QUESTION']);
$inPage->addHeadJS('components/faq/js/common.js');
$error = '';
$captha_code = $inCore->request('code', 'str', '');
$message = $inCore->request('message', 'str', '');
$category_id = $inCore->request('category_id', 'int', '');
$published = ($inUser->is_admin || $cfg['publish']) ? 1 : 0;
$is_submit = $inCore->inRequest('message');
if ($is_submit && !$inUser->id && !cmsCore::checkCaptchaCode()) { $error = $_LANG['ERR_CAPTCHA']; }
if (!$is_submit || $error){
if (IS_BILLING && $inUser->id){ cmsBilling::checkBalance('faq', 'add_quest'); }
cmsPage::initTemplate('components', 'com_faq_add')->
assign('catslist', $inCore->getListItems('cms_faq_cats', $category_id))->
assign('user_id', $inUser->id)->
assign('message', htmlspecialchars($inCore->request('message', 'html', '')))->
assign('error', $error)->
display();
} else {
//SAVE QUESTION
$sql = "INSERT INTO cms_faq_quests (category_id, pubdate, published, quest, answer, user_id, answeruser_id, answerdate, hits)
VALUES ('$category_id', NOW(), '$published', '$message', '', '{$inUser->id}', 0, NOW(), 0)";
$inDB->query($sql);
$quest_id = $inDB->get_last_id('cms_faq_quests');
if (IS_BILLING && $inUser->id){ cmsBilling::process('faq', 'add_quest'); }
$inPage->setTitle($_LANG['QUESTION_SEND']);
$inPage->addPathway($_LANG['QUESTION_SEND']);
if (!$published){
echo '<div class="con_heading">'.$_LANG['QUESTION_SEND'].'</div>';
echo '<div style="margin-top:10px">'.$_LANG['QUESTION_PREMODER'].'</div>';
echo '<div style="margin-top:10px"><a href="/faq">'.$_LANG['CONTINUE'].'</a></div>';
} elseif ($published) {
$category = $inDB->get_field('cms_faq_cats', "id={$category_id}", 'title');
//регистрируем событие
cmsActions::log('add_quest', array(
'object' => $_LANG['QUESTION'],
'object_url' => '/faq/quest'.$quest_id.'.html',
'object_id' => $quest_id,
'target' => $category,
'target_url' => '/faq/'.$category_id,
'target_id' => $category_id,
'description' => strip_tags( mb_strlen(strip_tags($message))>100 ? mb_substr($message, 0, 100) : $message )
));
$inCore->redirect('/faq/quest'.$quest_id.'.html');
} else { $inCore->redirect('/faq/quest'.$quest_id.'.html'); }
}
}
///////////////////////////////////// DELETE QUEST ////////////////////////////////////////////////////////////////////////////////
if ($do=='delquest'){
$quest_id = $inCore->request('quest_id', 'int', 0);
$user_id = $inUser->id;
$sql = "SELECT con.id, con.quest, con.category_id
FROM cms_faq_quests con
WHERE con.id = '$quest_id' LIMIT 1";
$result = $inDB->query($sql);
$quest = $inDB->fetch_assoc($result);
if (!$user_id || !$quest_id || !$quest) { $inCore->redirectBack(); }
if ( !$inCore->inRequest('confirm') ) {
if (cmsUser::userIsAdmin($user_id)){
$inPage->setTitle($_LANG['DEL_QUES']);
$inPage->addPathway($_LANG['DEL_QUES']);
$confirm['title'] = $_LANG['DELETE_QUES'];
$confirm['text'] = $_LANG['YOU_REALY_DELETE_QUES'].':<br> "<a href="/faq/quest'.$quest['id'].'.html">'.$quest['quest'].'</a>"<br><br>';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
$confirm['yes_button']['name'] = 'confirm';
cmsPage::initTemplate('components', 'action_confirm')->
assign('confirm', $confirm)->
display();
} else {
$inCore->redirectBack();
}
}
if ( $inCore->inRequest('confirm') ){
if (cmsUser::userIsAdmin($user_id)){
$model->deleteQuest($quest_id);
}
$inCore->redirect('/faq/'.$quest['category_id']);
}
}
} //function
function wishes()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$user_id = $inUser->id;
//$inPage->addHeadJS('');
//$inPage->addHeadJS('');
global $_LANG;
$inCore->loadModel('wishes');
$model = new cms_model_wishes();
//Загрузка настроек встреч
$cfg = $inCore->loadComponentConfig('wishes');
// Проверяем включени ли компонент
if (!$cfg['component_enabled']) {
cmsCore::error404();
}
if (!isset($cfg['perpage'])) {
$cfg['perpage'] = 10;
}
if (!isset($cfg['on_main'])) {
$cfg['on_main'] = 5;
}
//Получаем параметры
$id = $inCore->request('id', 'int', 0);
$do = $inCore->request('do', 'str', 'view');
$page = $inCore->request('page', 'int', 1);
$pagetitle = "Потрібно - Допоможу";
$inPage->addPathway($pagetitle, '/wishes/all.html');
$types = array();
$sql = "select * from `cms_wishes_cat`";
$result = $inDB->query($sql);
$j = 1;
while ($tinfo = $inDB->fetch_assoc($result)) {
$types[$j]["1"] = $tinfo['class'];
$types[$j]["2"] = $tinfo['title'];
$j++;
}
$inPage->addHead('<link rel="stylesheet" href="/components/wishes/css/style.css">');
/***********************************************************/
if ($do == 'load') {
$n = $inCore->request('n', 'int', 1);
$page = $inCore->request('page', 'int', 1);
//echo $page." ".$n." дозагрузка данных<br/>";
$t = $types[$n];
$inf = $model->wish_type($n, $t, $user_id, $page, $active = 0, $types = array(), $cfg['on_main']);
echo $inf;
exit;
}
if ($do == 'delete') {
if ($model->is_author($user_id, $id) or $inUser->is_admin) {
$sql = "DELETE FROM `cms_wishes` WHERE `id` = " . $id . ";";
$result = $inDB->query($sql);
cmsCore::addSessionMessage("Успішно видалено!", 'success');
}
cmsCore::redirect('/wishes/');
}
if ($do == 'wish_item') {
$sql = "select * from `cms_wishes` where `published`='1' and `id`='" . $id . "' ";
//echo $sql;
$result = $inDB->query($sql);
$sinfo = $inDB->fetch_assoc($result);
$us = $inUser->loadUser($sinfo['user_id']);
$t = $types[$sinfo['type']];
$inPage->addPathway($t[2], '/wishes/type' . $sinfo['type'] . '.html');
$inPage->addPathway($sinfo['title'], '');
$inPage->setTitle($sinfo['title']);
echo "<h2><a href='/wishes/type" . $sinfo['type'] . ".html'>" . $t[2] . "</a> » " . $sinfo['title'] . "</h2>";
echo "<div style='font-size:11px;'><a href='/users/" . $us['login'] . "'>" . $us['nickname'] . "</a> | " . $inCore->dateformat($sinfo['datetime']) . "</div>";
if ($model->is_author($user_id, $id) or $inUser->is_admin) {
echo "<div style='float:right;'><a href='/wishes/delete" . $id . ".html'>Видалити</a></div>";
}
echo "\n\t\t\t<table width='100%'><tr><td valign='top' width='10%'>\n\t\t\t<a href='/users/" . $us['login'] . "'><img src='" . $us['imageurl'] . "' style='float:left;border-radius:10px;margin:0px 10px 10px 0px;' border='0' /></a>\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t<div style='padding:10px;margin-bottom:50px; background-color:#f2f0f0; border-bottom: 1px solid #DDDDDD;border-top: 1px solid #DDDDDD;'>\n\t\t\t" . $sinfo['info'] . "</div>\n\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t";
if ($inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('wishes', $sinfo['id']);
}
}
/***********************************************************/
if ($do == 'add_item') {
$title = $inCore->request('title', 'str', '');
$info = $inCore->request('info', 'str', '');
$send = $inCore->request('send', 'str', '');
$type = $id;
$guest_info = $inUser->getGuestInfo();
$user_access = $inUser->id;
if ($user_access > 0) {
/**/
/**/
/**/
/**/
$inf = "0";
$success = "0";
$tr = strlen($title);
if ($send == "ok") {
if ($tr > 0) {
$ip = $_SERVER['REMOTE_ADDR'];
$browser = $_SERVER['HTTP_USER_AGENT'];
$sql = "INSERT INTO `cms_wishes` (`id` ,\n`title` ,\n`info` ,\n`published` ,\n`datetime` ,\n`user_id` ,\n`rate` ,\n`type` ,\n`ip` ,\n`browser` \n)\nVALUES (NULL , '" . $title . "', '" . $info . "', '1', NOW(), '" . $user_id . "', '0', '" . $type . "', '" . $ip . "', '" . $browser . "'\n);";
$inDB->query($sql);
$msg = "<span style='font-size:10px;'>Інформація успішно додана</span>";
cmsCore::addSessionMessage($msg, 'success');
$inf = "1";
$success = "1";
cmsCore::redirect('/wishes/');
} else {
$msg = "<span style='font-size:10px;'>Ви не ввели заголовок!</span>";
cmsCore::addSessionMessage($msg, 'error');
$inf = "1";
}
}
if ($inf != "1") {
$msg = "<span style='font-size:10px;'>Заповніть поля Заголовок та Інформація.</span>";
cmsCore::addSessionMessage($msg, 'info');
}
$pagetitle = "Додання в розділ «" . $types[$id][2] . "»";
$inPage->addPathway($pagetitle, '');
if ($success == "0") {
echo "<h2>Додання в розділ «" . $types[$id][2] . "»</h2>";
echo "<form action='' method='post'>\n\t\tЗаголовок:<br/>\n\t\t<input type='text' name='title' style='width:400px;' /><br/>\n\t\tІнформація «" . $types[$id][2] . "»<br/>\n\t\t\t<textarea name='info' style='width:400px;height:150px;'></textarea><br/>\n\t\t\t\t<input type='hidden' name='type' value='" . $id . "' />\n\t\t\t\t<input type='hidden' name='send' value='ok' />\n\t\t\t\t<input type='submit' value='Відправити'> <input type='button' value='Відміна' onclick='window.history.back()' />\n\t\t\t\t\t\n\t\t\n\t</form>\n\t";
} else {
echo "<a href='/wishes/all.html'>Перейти на початок</a>";
}
/**/
/**/
/**/
/**/
} else {
$msg = "<span style='font-size:10px;'>Доступно тільки зареєстрованим користувачам</span> <input type='button' value='Вернуться' onclick='window.history.back()' />";
cmsCore::addSessionMessage($msg, 'error');
}
}
/***********************************************************/
if ($do == 'type') {
$n = $id;
$t = $types[$n];
$active = '1';
$inf = $model->wish_type($n, $t, $user_id, $page, $active, $types, $cfg['perpage']);
if ($n == 0) {
$total = $inDB->rows_count("cms_wishes", "`published`=1");
} else {
$total = $inDB->rows_count("cms_wishes", "`type`='" . $n . "' and `published`=1");
}
if ($user_id <= 0) {
$model->modal();
}
$name = $t[2];
if ($n == 0) {
$name = "Все";
}
$inPage->addPathway($name, '');
echo "<h3><a href='/wishes/all.html'>На початок</a> » " . $name . "</h3>";
echo "<a href='/wishes/add" . $n . ".html' class='usr_wall_addlink " . $t["1"] . "'>Допомогти</a>";
echo $inf;
if ($n == 0) {
$pagination = cmsPage::getPagebar($total, $page, $cfg['perpage'], '/wishes/all-page%page%.html');
} else {
$pagination = cmsPage::getPagebar($total, $page, $cfg['perpage'], '/wishes/type' . $n . '-page%page%.html');
}
echo $pagination;
}
/***********************************************************/
if ($do == 'view') {
$st = "";
$cntt = count($types);
foreach ($types as $n => $t) {
$links .= " <span style='border-radius:3px;border:1px dotted #999;color:#333;'><a href='/wishes/type" . intval($n) . ".html'>" . $t[2] . "</a></span> ";
$inf = $model->wish_type($n, $t, $user_id, $page = 1, $active = 0, $types = array(), $cfg['on_main']);
//print_r($t);
$st .= "<tr valign='top' ><div class='wish-type'><span style='font-size:20px;font-weight:bold;color:#333;'>\n\t\t<a href='/wishes/type" . $n . ".html'>" . $t["2"] . "</span> \n\t\t<br/>\n\t\t<div >\n\t\t<a href='/wishes/add" . $n . ".html' class='usr_wall_addlink " . $t["1"] . "'>Допомогти</a>\n\t\t</div></div>\n\t\t<br/>\n\t\t" . $inf . "<br/>\n\t\t" . $inf1 . "\n\t\t<div id='rrr" . $n . "'></div>\n\t\t<div id='temp" . $n . "' style='display:none;'></div>\t\n\t\t<div style='text-align:center;'>\n\t\t<div id='imgload" . $n . "'></div>\n\t\t<input type='hidden' id='page" . $n . "' name='page" . $n . "' value='2'>\n\t\t</div>\n\t\t<input type='button' style='width:100%;' onclick='upload_wish(rrr" . $n . ",page" . $n . ", temp" . $n . "," . $n . ")' value='Завантажити ще'>\n\t\t</tr>";
}
}
}
//Если нужно, получаем список рубрик (категорий) этого блога
$blogcats = $blog['showcats'] ? $inBlog->getBlogCats($blog['id']) : false;
//Считаем количество постов, ожидающих модерации
$on_moderate = ($is_admin || $is_moder) && !$on_moderate ? $inBlog->getModerationCount($blog['id']) : false;
// админлинки
$blog['moderate_link'] = $model->getBlogURL($club['id']).'/moderate.html';
$blog['blog_link'] = $model->getBlogURL($club['id']);
$blog['add_post_link'] = '/clubs/'.$club['id'].'/newpost'.($cat_id ? $cat_id : '').'.html';
//Генерируем панель со страницами
if ($cat_id){
$pagination = cmsPage::getPagebar($total, $page, $model->config['posts_perpage'], $blog['blog_link'].'/page-%page%/cat-'.$cat_id);
} else {
$pagination = cmsPage::getPagebar($total, $page, $model->config['posts_perpage'], $blog['blog_link'].'/page-%page%');
}
// SEO
$inPage->setTitle($blog['title']);
$inPage->setDescription($blog['title']);
// keywords
if ($posts) {
foreach ($posts as $p) {
$k[] = $p['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $blog['title'];
}
$inPage->setKeywords($meta_keys);
function cpListTable($table, $_fields, $_actions, $where = '', $orderby = 'title')
{
$event = 'ADMIN_CPLISTTABLE_' . strtoupper($table) . '_' . strtoupper($GLOBALS['applet']) . (!empty($GLOBALS['component']) ? '_' . strtoupper($GLOBALS['component']) : '');
list($table, $_fields, $_actions, $where, $orderby) = cmsCore::callEvent($event, array($table, $_fields, $_actions, $where, $orderby));
global $_LANG;
$inDB = cmsDatabase::getInstance();
$perpage = 60;
$sql = 'SELECT *';
$is_actions = sizeof($_actions);
foreach ($_fields as $key => $value) {
if (isset($_fields[$key]['fdate'])) {
$sql .= ", DATE_FORMAT(" . $_fields[$key]['field'] . ", '" . $_fields[$key]['fdate'] . "') as `" . $_fields[$key]['field'] . "`";
}
}
$sql .= ' FROM ' . $table;
if (isset($_SESSION['filter_table']) && $_SESSION['filter_table'] != $table) {
unset($_SESSION['filter']);
}
if (cmsCore::inRequest('nofilter')) {
unset($_SESSION['filter']);
cmsCore::redirect('/admin/index.php?' . str_replace('&nofilter', '', $_SERVER['QUERY_STRING']));
}
$filter = false;
if (cmsCore::inRequest('filter')) {
$filter = cmsCore::request('filter', 'array_str', '');
$_SESSION['filter'] = $filter;
} elseif (isset($_SESSION['filter'])) {
$filter = $_SESSION['filter'];
}
if ($filter) {
$f = 0;
$sql .= ' WHERE 1=1';
foreach ($filter as $key => $value) {
if ($filter[$key] && $filter[$key] != -100) {
$sql .= ' AND ';
if (!is_numeric($filter[$key])) {
$sql .= $key . " LIKE '%" . $filter[$key] . "%'";
} else {
$sql .= $key . " = '" . $filter[$key] . "'";
}
$f++;
}
}
if (!isset($_SESSION['filter'])) {
$_SESSION['filter'] = $filter;
}
}
if (mb_strlen($where) > 3) {
if (mb_strstr($sql, 'WHERE')) {
$sql .= ' AND ' . $where;
} else {
$sql .= ' WHERE ' . $where;
}
}
$sort = cmsCore::request('sort', 'str', '');
if ($sort == false) {
if ($orderby) {
$sort = $orderby;
} else {
foreach ($_fields as $key => $value) {
if ($_fields[$key]['field'] == 'ordering' && $sort != 'NSLeft') {
$sort = 'ordering';
$so = 'asc';
}
}
}
}
if ($sort) {
$sql .= ' ORDER BY ' . $sort;
if (cmsCore::inRequest('so')) {
$sql .= ' ' . cmsCore::request('so', 'str', '');
}
}
$page = cmsCore::request('page', 'int', 1);
$total_rs = $inDB->query($sql);
$total = $inDB->num_rows($total_rs);
$sql .= " LIMIT " . ($page - 1) * $perpage . ", {$perpage}";
$result = $inDB->query($sql);
$_SESSION['filter_table'] = $table;
if ($inDB->error()) {
unset($_SESSION['filter']);
cmsCore::redirect('/admin/index.php?' . $_SERVER['QUERY_STRING']);
}
$filters = 0;
$f_html = '';
//Find and render filters
foreach ($_fields as $key => $value) {
if (isset($_fields[$key]['filter'])) {
$f_html .= '<td width="">' . $_fields[$key]['title'] . ': </td>';
if (!isset($filter[$_fields[$key]['field']])) {
$initval = '';
} else {
$initval = $filter[$_fields[$key]['field']];
}
$f_html .= '<td width="">';
$inputname = 'filter[' . $_fields[$key]['field'] . ']';
if (!isset($_fields[$key]['filterlist'])) {
$f_html .= '<input name="' . $inputname . '" type="text" size="' . $_fields[$key]['filter'] . '" class="filter_input" value="' . $initval . '"/></td>';
} else {
$f_html .= cpBuildList($inputname, $_fields[$key]['filterlist'], $initval);
}
$f_html .= '</td>';
$filters += 1;
$_SERVER['QUERY_STRING'] = str_replace('filter[' . $_fields[$key]['field'] . ']=', '', $_SERVER['QUERY_STRING']);
}
}
//draw filters
if ($filters > 0) {
echo '<div class="filter">';
echo '<form name="filterform" action="index.php?' . $_SERVER['QUERY_STRING'] . '" method="POST">';
echo '<table width="250"><tr>';
echo $f_html;
echo '<td width="80"><input type="submit" class="filter_submit" value="' . $_LANG['AD_FILTER'] . '" /></td>';
if (@$f > 0) {
echo '<td width="80"><input type="button" onclick="window.location.href=\'index.php?' . $_SERVER['QUERY_STRING'] . '&nofilter\'" class="filter_submit" value="' . $_LANG['AD_ALL'] . '" /></td>';
}
echo '</tr></table>';
echo '</form>';
echo '</div>';
}
if ($inDB->num_rows($result)) {
//DRAW LIST TABLE
echo '<form name="selform" action="index.php?view=' . $GLOBALS['applet'] . '&do=saveorder" method="post">';
echo '<table id="listTable" border="0" class="tablesorter" width="100%" cellpadding="0" cellspacing="0">';
//TABLE HEADING
echo '<thead>' . "\n";
echo '<tr>' . "\n";
echo '<th width="20" class="lt_header" align="center"><a class="lt_header_link" href="javascript:invert();" title="' . $_LANG['AD_INVERT_SELECTION'] . '">#</a></th>' . "\n";
foreach ($_fields as $key => $value) {
echo '<th width="' . $_fields[$key]['width'] . '" class="lt_header">';
echo $_fields[$key]['title'];
echo '</th>' . "\n";
}
if ($is_actions) {
echo '<th width="80" class="lt_header" align="center">' . $_LANG['AD_ACTIONS'] . '</th>' . "\n";
}
echo '</tr>' . "\n";
echo '</thead><tbody>' . "\n";
//TABLE BODY
$r = 0;
while ($item = $inDB->fetch_assoc($result)) {
$r++;
if ($r % 2) {
$row_class = 'lt_row1';
} else {
$row_class = 'lt_row2';
}
echo '<tr id="lt_row2">' . "\n";
echo '<td class="' . $row_class . '" align="center" valign="middle"><input type="checkbox" name="item[]" value="' . $item['id'] . '" /></td>' . "\n";
foreach ($_fields as $key => $value) {
if (isset($_fields[$key]['link'])) {
$link = str_replace('%id%', $item['id'], $_fields[$key]['link']);
if (isset($_fields[$key]['prc'])) {
// функция обработки под названием $_fields[$key]['prc']
// какие параметры передать функции - один ключ или произвольный массив ключей
if (is_array($_fields[$key]['field'])) {
foreach ($_fields[$key]['field'] as $func_field) {
$in_func_array[$func_field] = $item[$func_field];
}
$data = call_user_func($_fields[$key]['prc'], $in_func_array);
} else {
$data = call_user_func($_fields[$key]['prc'], $item[$_fields[$key]['field']]);
}
} else {
$data = $item[$_fields[$key]['field']];
if (isset($_fields[$key]['maxlen'])) {
if (mb_strlen($data) > $_fields[$key]['maxlen']) {
$data = mb_substr($data, 0, $_fields[$key]['maxlen']) . '...';
}
}
}
//nested sets otstup
if (isset($item['NSLevel']) && ($_fields[$key]['field'] == 'title' || is_array($_fields[$key]['field']) && in_array('title', $_fields[$key]['field']))) {
$otstup = str_repeat(' ', $item['NSLevel'] - 1);
if ($item['NSLevel'] - 1 > 0) {
$otstup .= ' » ';
}
} else {
$otstup = '';
}
if ($table != 'cms_components') {
echo '<td class="' . $row_class . '" valign="middle">' . $otstup . '<a class="lt_link" href="' . $link . '">' . $data . '</a></td>' . "\n";
} else {
$data = function_exists('cpComponentHasConfig') && cpComponentHasConfig($item['link']) ? '<a class="lt_link" href="' . $link . '">' . $data . '</a>' : $data;
echo '<td class="' . $row_class . '" valign="middle">
<span class="lt_link" style="padding:1px; padding-left:24px; background:url(/admin/images/components/' . $item['link'] . '.png) no-repeat">' . $data . '</span>
</td>' . "\n";
}
} else {
if ($_fields[$key]['field'] != 'ordering') {
if ($_fields[$key]['field'] == 'published') {
if (isset($_fields[$key]['do'])) {
$do = $_fields[$key]['do'];
} else {
$do = 'do';
}
if (isset($_fields[$key]['do_suffix'])) {
$dos = $_fields[$key]['do_suffix'];
$ids = 'item_id';
} else {
$dos = '';
$ids = 'id';
}
if ($item['published']) {
$qs = cpAddParam($_SERVER['QUERY_STRING'], $do, 'hide' . $dos);
$qs = cpAddParam($qs, $ids, $item['id']);
$qs2 = cpAddParam($_SERVER['QUERY_STRING'], $do, 'show' . $dos);
$qs2 = cpAddParam($qs2, $ids, $item['id']);
$qs = "pub(" . $item['id'] . ", '" . $qs . "', '" . $qs2 . "', 'off', 'on');";
echo '<td class="' . $row_class . '" valign="middle">
<a title="' . $_LANG['HIDE'] . '" class="uittip" id="publink' . $item['id'] . '" href="javascript:' . $qs . '"><img id="pub' . $item['id'] . '" src="images/actions/on.gif" border="0"/></a>
</td>' . "\n";
} else {
$qs = cpAddParam($_SERVER['QUERY_STRING'], $do, 'show' . $dos);
$qs = cpAddParam($qs, $ids, $item['id']);
$qs2 = cpAddParam($_SERVER['QUERY_STRING'], $do, 'hide' . $dos);
$qs2 = cpAddParam($qs2, $ids, $item['id']);
$qs = "pub(" . $item['id'] . ", '" . $qs . "', '" . $qs2 . "', 'on', 'off');";
echo '<td class="' . $row_class . '" valign="middle">
<a title="' . $_LANG['SHOW'] . '" class="uittip" id="publink' . $item['id'] . '" href="javascript:' . $qs . '"><img id="pub' . $item['id'] . '" src="images/actions/off.gif" border="0"/></a>
</td>' . "\n";
}
} else {
if (isset($_fields[$key]['prc'])) {
// функция обработки под названием $_fields[$key]['prc']
// какие параметры передать функции - один ключ или произвольный массив ключей
if (is_array($_fields[$key]['field'])) {
foreach ($_fields[$key]['field'] as $func_field) {
$in_func_array[$func_field] = $item[$func_field];
}
$data = call_user_func($_fields[$key]['prc'], $in_func_array);
} else {
$data = call_user_func($_fields[$key]['prc'], $item[$_fields[$key]['field']]);
}
} else {
$data = $item[$_fields[$key]['field']];
if (isset($_fields[$key]['maxlen'])) {
if (mb_strlen($data) > $_fields[$key]['maxlen']) {
$data = mb_substr($data, 0, $_fields[$key]['maxlen']) . '...';
}
}
}
//nested sets otstup
if (isset($item['NSLevel']) && ($_fields[$key]['field'] == 'title' || is_array($_fields[$key]['field']) && in_array('title', $_fields[$key]['field']))) {
$otstup = str_repeat(' ', $item['NSLevel'] - 1);
if ($item['NSLevel'] - 1 > 0) {
$otstup .= ' » ';
}
} else {
$otstup = '';
}
echo '<td class="' . $row_class . '" valign="middle">' . $otstup . $data . '</td>' . "\n";
}
} else {
if (isset($_fields[$key]['do'])) {
$do = 'do=config&id=' . (int) $_REQUEST['id'] . '&' . $_fields[$key]['do'];
} else {
$do = 'do';
}
if (isset($_fields[$key]['do_suffix'])) {
$dos = $_fields[$key]['do_suffix'];
$ids = 'item_id';
} else {
$dos = '';
$ids = 'id';
}
echo '<td class="' . $row_class . '" valign="middle">
<a title="' . $_LANG['AD_DOWN'] . '" href="?view=' . $GLOBALS['applet'] . '&' . $do . '=move_down&co=' . $item[$_fields[$key]['field']] . '&' . $ids . '=' . $item['id'] . '"><img src="images/actions/down.gif" border="0"/></a>';
if ($table != 'cms_menu' && $table != 'cms_category') {
echo '<input class="lt_input" type="text" size="4" name="ordering[]" value="' . $item['ordering'] . '" />';
echo '<input name="ids[]" type="hidden" value="' . $item['id'] . '" />';
} else {
echo '<input class="lt_input" type="text" size="4" name="ordering[]" value="' . $item['ordering'] . '" disabled/>';
}
echo '<a title="' . $_LANG['AD_UP'] . '" href="?view=' . $GLOBALS['applet'] . '&' . $do . '=move_up&co=' . $item[$_fields[$key]['field']] . '&' . $ids . '=' . $item['id'] . '"><img src="images/actions/top.gif" border="0"/></a>' . '</td>' . "\n";
}
}
}
if ($is_actions) {
echo '<td width="110" class="' . $row_class . '" align="right" valign="middle"><div style="padding-right:8px">';
foreach ($_actions as $key => $value) {
if (isset($_actions[$key]['condition'])) {
$print = $_actions[$key]['condition']($item);
} else {
$print = true;
}
if ($print) {
$icon = $_actions[$key]['icon'];
$title = $_actions[$key]['title'];
$link = $_actions[$key]['link'];
foreach ($item as $f => $v) {
$link = str_replace('%' . $f . '%', $v, $link);
}
if (!isset($_actions[$key]['confirm'])) {
echo '<a href="' . $link . '" class="uittip" title="' . $title . '"><img hspace="2" src="images/actions/' . $icon . '" border="0" alt="' . $title . '"/></a>';
} else {
echo '<a href="#" class="uittip" onclick="jsmsg(\'' . $_actions[$key]['confirm'] . '\', \'' . $link . '\')" title="' . $title . '"><img hspace="2" src="images/actions/' . $icon . '" border="0" alt="' . $title . '"/></a>';
}
}
}
echo '</div></td>' . "\n";
}
echo '</tr>' . "\n";
}
echo '</tbody></table></form>';
echo '<script type="text/javascript">highlightTableRows("listTable","hoverRow","clickedRow");</script>';
echo '<script type="text/javascript">activateListTable("listTable");</script>';
$link = '?view=' . $GLOBALS['applet'];
if ($sort) {
$link .= '&sort=' . $sort;
if (cmsCore::inRequest('so')) {
$link .= '&so=' . cmsCore::request('so');
}
}
echo cmsPage::getPagebar($total, $page, $perpage, $_SERVER['PHP_SELF'] . '?' . cpAddParam($_SERVER['QUERY_STRING'], 'page', '%page%'));
} else {
echo '<p class="cp_message">' . $_LANG['OBJECTS_NOT_FOUND'] . '</p>';
}
}
$toolmenu[17]['link'] = '?view=components&do=config&id=' . $id;
cpToolMenu($toolmenu);
}
//=================================================================================================//
//=================================================================================================//
if ($opt == 'list') {
$page = $inCore->request('page', 'int', 1);
$perpage = 15;
$inActions->showTargets(true);
if ($act_component) {
$inActions->where("a.component = '{$act_component}'");
}
$total = $inActions->getCountActions();
$inActions->limitPage($page, $perpage);
$actions = $inActions->getActionsLog();
$pagebar = cmsPage::getPagebar($total, $page, $perpage, '?view=components&do=config&id=' . $id . '&opt=list&page=%page%');
$tpl_file = 'admin/actions.php';
$tpl_dir = file_exists(TEMPLATE_DIR . $tpl_file) ? TEMPLATE_DIR : DEFAULT_TEMPLATE_DIR;
include $tpl_dir . $tpl_file;
}
//=================================================================================================//
//=================================================================================================//
if ($opt == 'saveconfig') {
$cfg = array();
$cfg['show_target'] = $inCore->request('show_target', 'int', 1);
$cfg['perpage'] = $inCore->request('perpage', 'int', 10);
$cfg['perpage_tab'] = $inCore->request('perpage_tab', 'int', 15);
$cfg['is_all'] = $inCore->request('is_all', 'int', 0);
$cfg['act_type'] = $inCore->request('act_type', 'array_str', '');
$inCore->saveComponentConfig('actions', $cfg);
cmsCore::addSessionMessage('Настройки успешно сохранены', 'success');
function blogs() {
$inCore = cmsCore::getInstance();
cmsCore::c('blog')->owner = 'user';
global $_LANG;
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
//Получаем параметры
$id = cmsCore::request('id', 'int', 0);
$post_id = cmsCore::request('post_id', 'int', 0);
$bloglink = cmsCore::request('bloglink', 'str', '');
$seolink = cmsCore::request('seolink', 'str', '');
$page = cmsCore::request('page', 'int', 1);
$cat_id = cmsCore::request('cat_id', 'int', 0);
$ownertype = cmsCore::request('ownertype', 'str', '');
$on_moderate = cmsCore::request('on_moderate', 'int', 0);
$pagetitle = $inCore->getComponentTitle();
cmsCore::c('page')->addPathway($pagetitle, '/blogs');
cmsCore::c('page')->setTitle($pagetitle);
cmsCore::c('page')->setDescription(cmsCore::m('blogs')->config['meta_desc'] ? cmsCore::m('blogs')->config['meta_desc'] : $pagetitle);
cmsCore::c('page')->setKeywords(cmsCore::m('blogs')->config['meta_keys'] ? cmsCore::m('blogs')->config['meta_keys'] : $pagetitle);
cmsCore::c('page')->addHeadJsLang(array('CONFIG_BLOG','DEL_BLOG','YOU_REALY_DELETE_BLOG','NEW_CAT','RENAME_CAT','YOU_REALY_DELETE_CAT','YOU_REALY_DELETE_POST','NO_PUBLISHED'));
///////////////////////// МОЙ БЛОГ /////////////////////////////////////////
if ($inCore->do == 'my_blog'){
if(!cmsCore::c('user')->id){ cmsCore::error404(); }
$my_blog = cmsCore::c('blog')->getBlogByUserId(cmsCore::c('user')->id);
if (!$my_blog) {
cmsCore::redirect('/blogs/createblog.html');
} else {
cmsCore::redirect(cmsCore::m('blogs')->getBlogURL($my_blog['seolink']));
}
}
///////////////////////// ПОСЛЕДНИЕ ПОСТЫ //////////////////////////////////
if ($inCore->do=='view'){
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'.$_LANG['RSS_BLOGS'].'" href="'.HOST.'/rss/blogs/all/feed.rss">');
// кроме админов в списке только с доступом для всех
if(!cmsCore::c('user')->is_admin){
cmsCore::c('blog')->whereOnlyPublic();
}
// ограничиваем по рейтингу если надо
if(cmsCore::m('blogs')->config['list_min_rating']){
cmsCore::c('blog')->ratingGreaterThan(cmsCore::m('blogs')->config['list_min_rating']);
}
// всего постов
$total = cmsCore::c('blog')->getPostsCount(cmsCore::c('user')->is_admin);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('p.pubdate', 'DESC');
cmsCore::c('db')->limitPage($page, cmsCore::m('blogs')->config['perpage']);
// сами посты
$posts = cmsCore::c('blog')->getPosts(cmsCore::c('user')->is_admin, cmsCore::m('blogs'));
if(!$posts && $page > 1){ cmsCore::error404(); }
cmsPage::initTemplate('components', 'com_blog_view_posts')->
assign('pagetitle', $pagetitle)->
assign('ownertype', $ownertype)->
assign('total', $total)->
assign('posts', $posts)->
assign('pagination', cmsPage::getPagebar($total, $page, cmsCore::m('blogs')->config['perpage'], '/blogs/latest-%page%.html'))->
assign('cfg', cmsCore::m('blogs')->config)->
display();
}
////////// СОЗДАНИЕ БЛОГА //////////////////////////////////////////////////
if ($inCore->do=='create'){
//Проверяем авторизацию
if (!cmsCore::c('user')->id){ cmsUser::goToLogin(); }
//Если у пользователя уже есть блог, то выходим
if (cmsCore::c('blog')->getUserBlogId(cmsCore::c('user')->id)) { cmsCore::redirectBack(); }
cmsCore::c('page')->addPathway($_LANG['PATH_CREATING_BLOG']);
cmsCore::c('page')->setTitle($_LANG['CREATE_BLOG']);
if (IS_BILLING){ cmsBilling::checkBalance('blogs', 'add_blog'); }
//Показ формы создания блога
if (!cmsCore::inRequest('goadd')){
cmsPage::initTemplate('components', 'com_blog_create')->
assign('is_restrictions', (!cmsCore::c('user')->is_admin && cmsCore::m('blogs')->config['min_karma']))->
assign('cfg', cmsCore::m('blogs')->config)->
display();
}
//Сам процесс создания блога
if (cmsCore::inRequest('goadd')){
$title = cmsCore::request('title', 'str');
$allow_who = cmsCore::request('allow_who', 'str', 'all');
$ownertype = cmsCore::request('ownertype', 'str', 'single');
//Проверяем название
if (mb_strlen($title)<5){
cmsCore::addSessionMessage($_LANG['BLOG_ERR_TITLE'], 'error');
cmsCore::redirect('/blogs/createblog.html');
}
//Проверяем хватает ли кармы, но только если это не админ
if (cmsCore::m('blogs')->config['min_karma'] && !cmsCore::c('user')->is_admin){
// если персональный блог
if ($ownertype=='single' && (cmsCore::c('user')->karma < cmsCore::m('blogs')->config['min_karma_private'])){
cmsCore::addSessionMessage($_LANG['BLOG_YOU_NEED'].' <a href="/users/'.cmsCore::c('user')->id.'/karma.html">'.$_LANG['BLOG_KARMS'].'</a> '.$_LANG['FOR_CREATE_PERSON_BLOG'].' — '.cmsCore::m('blogs')->config['min_karma_private'].', '.$_LANG['BLOG_HEAVING'].' — '.cmsCore::c('user')->karma, 'error');
cmsCore::redirect('/blogs/createblog.html');
}
// если коллективный блог
if ($ownertype=='multi' && (cmsCore::c('user')->karma < cmsCore::m('blogs')->config['min_karma_public'])){
cmsCore::addSessionMessage($_LANG['BLOG_YOU_NEED'].' <a href="/users/'.cmsCore::c('user')->id.'/karma.html">'.$_LANG['BLOG_KARMS'].'</a> '.$_LANG['FOR_CREATE_TEAM_BLOG'].' — '.cmsCore::m('blogs')->config['min_karma_public'].', '.$_LANG['BLOG_HEAVING'].' — '.cmsCore::c('user')->karma, 'error');
cmsCore::redirect('/blogs/createblog.html');
}
}
//Добавляем блог в базу
$blog_id = cmsCore::c('blog')->addBlog(array('user_id'=>cmsCore::c('user')->id, 'title'=>$title, 'allow_who'=>$allow_who, 'ownertype'=>$ownertype, 'forall'=>1));
$blog_link = cmsCore::c('db')->get_field('cms_blogs', "id='{$blog_id}'", 'seolink');
//регистрируем событие
cmsActions::log('add_blog', array(
'object' => $title,
'object_url' => cmsCore::m('blogs')->getBlogURL($blog_link),
'object_id' => $blog_id,
'target' => '',
'target_url' => '',
'target_id' => 0,
'description' => ''
));
if (IS_BILLING){ cmsBilling::process('blogs', 'add_blog'); }
cmsCore::addSessionMessage($_LANG['BLOG_CREATED_TEXT'], 'info');
cmsCore::redirect(cmsCore::m('blogs')->getBlogURL($blog_link));
}
}
////////// НАСТРОЙКИ БЛОГА /////////////////////////////////////////////////
if ($inCore->do=='config'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
// получаем блог
$blog = cmsCore::c('blog')->getBlog($id);
if (!$blog) { cmsCore::error404(); }
//Проверяем является пользователь хозяином блога или админом
if ($blog['user_id'] != cmsCore::c('user')->id && !cmsCore::c('user')->is_admin ) { cmsCore::halt(); }
//Если нет запроса на сохранение, показываем форму настроек блога
if (!cmsCore::inRequest('goadd')){
//Получаем список авторов блога
$authors = cmsCore::c('blog')->getBlogAuthors($blog['id']);
cmsPage::initTemplate('components', 'com_blog_config')->
assign('blog', $blog)->
assign('form_action', '/blogs/'.$blog['id'].'/editblog.html')->
assign('authors_list', cmsUser::getAuthorsList($authors))->
assign('users_list', cmsUser::getUsersList(false, $authors))->
assign('is_restrictions', (!cmsCore::c('user')->is_admin && cmsCore::m('blogs')->config['min_karma']))->
assign('cfg', cmsCore::m('blogs')->config)->
assign('is_admin', cmsCore::c('user')->is_admin)->
display();
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
//Если пришел запрос на сохранение
if (cmsCore::inRequest('goadd')){
//Получаем настройки
$title = cmsCore::request('title', 'str');
$allow_who = cmsCore::request('allow_who', 'str', 'all');
$ownertype = cmsCore::request('ownertype', 'str', 'single');
$premod = cmsCore::request('premod', 'int', 0);
$forall = cmsCore::request('forall', 'int', 1);
$showcats = cmsCore::request('showcats', 'int', 1);
$authors = cmsCore::request('authorslist', 'array_int', array());
if (cmsCore::m('blogs')->config['seo_user_access'] || cmsCore::c('user')->is_admin) {
$page_title = cmsCore::request('pagetitle', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$meta_desc = cmsCore::request('meta_desc', 'str', '');
} else {
$page_title = $meta_keys = $meta_desc = '';
}
//Проверяем настройки
if (mb_strlen($title)<5) { $title = $blog['title']; }
//Проверяем ограничения по карме (для смены типа блога)
if (cmsCore::m('blogs')->config['min_karma'] && !cmsCore::c('user')->is_admin){
// если персональный блог
if ($ownertype=='single' && (cmsCore::c('user')->karma < cmsCore::m('blogs')->config['min_karma_private'])){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['BLOG_YOU_NEED'].' <a href="/users/'.cmsCore::c('user')->id.'/karma.html">'.$_LANG['BLOG_KARMS'].'</a> '.$_LANG['FOR_CREATE_PERSON_BLOG'].' — '.cmsCore::m('blogs')->config['min_karma_private'].', '.$_LANG['BLOG_HEAVING'].' — '.cmsCore::c('user')->karma));
}
// если коллективный блог
if ($ownertype=='multi' && (cmsCore::c('user')->karma < cmsCore::m('blogs')->config['min_karma_public'])){
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['BLOG_YOU_NEED'].' <a href="/users/'.cmsCore::c('user')->id.'/karma.html">'.$_LANG['BLOG_KARMS'].'</a> '.$_LANG['FOR_CREATE_TEAM_BLOG'].' — '.cmsCore::m('blogs')->config['min_karma_public'].', '.$_LANG['BLOG_HEAVING'].' — '.cmsCore::c('user')->karma));
}
}
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
//сохраняем авторов
cmsCore::c('blog')->updateBlogAuthors($blog['id'], $authors);
//сохраняем настройки блога
$blog['seolink_new'] = cmsCore::c('blog')->updateBlog($blog['id'], array(
'title' => $title,
'pagetitle' => $page_title,
'meta_keys' => $meta_keys,
'meta_desc' => $meta_desc,
'allow_who' => $allow_who,
'showcats' => $showcats,
'ownertype' => $ownertype,
'premod' => $premod,
'forall' => $forall
), cmsCore::m('blogs')->config['update_seo_link_blog']);
$blog['seolink'] = $blog['seolink_new'] ? $blog['seolink_new'] : $blog['seolink'];
if(stripslashes($title) != $blog['title']){
// обновляем записи постов
cmsActions::updateLog('add_post', array('target' => $title, 'target_url' => cmsCore::m('blogs')->getBlogURL($blog['seolink'])), 0, $blog['id']);
// обновляем запись добавления блога
cmsActions::updateLog('add_blog', array('object' => $title, 'object_url' => cmsCore::m('blogs')->getBlogURL($blog['seolink'])), $blog['id']);
}
cmsCore::jsonOutput(array('error' => false, 'redirect' => cmsCore::m('blogs')->getBlogURL($blog['seolink'])));
}
}
////////// СПИСОК БЛОГОВ ///////////////////////////////////////////////////
if ($inCore->do=='view_blogs'){
// rss в адресной строке
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'.$_LANG['BLOGS'].'" href="'.HOST.'/rss/blogs/all/feed.rss">');
// тип блога
if($ownertype && $ownertype != 'all'){
cmsCore::c('blog')->whereOwnerTypeIs($ownertype);
}
// всего блогов
$total = cmsCore::c('blog')->getBlogsCount();
//устанавливаем сортировку
cmsCore::c('db')->orderBy('b.rating', 'DESC');
cmsCore::c('db')->limitPage($page, cmsCore::m('blogs')->config['perpage_blog']);
//Получаем список блогов
$blogs = cmsCore::c('blog')->getBlogs(cmsCore::m('blogs'));
if(!$blogs && $page > 1){ cmsCore::error404(); }
//Генерируем панель со страницами и устанавливаем заголовки страниц и глубиномера
switch ($ownertype){
case 'all':
cmsCore::c('page')->setTitle($_LANG['ALL_BLOGS']);
cmsCore::c('page')->setDescription($_LANG['BLOGS'] .' - '. $_LANG['ALL_BLOGS']);
cmsCore::c('page')->addPathway($_LANG['ALL_BLOGS']);
$link = '/blogs/all-%page%.html';
break;
case 'single':
cmsCore::c('page')->setTitle($_LANG['PERSONALS']);
cmsCore::c('page')->setDescription($_LANG['PERSONALS'] .' '. $_LANG['BLOGS']);
cmsCore::c('page')->addPathway($_LANG['PERSONALS']);
$link = '/blogs/single-%page%.html';
break;
case 'multi':
cmsCore::c('page')->setTitle($_LANG['COLLECTIVES']);
cmsCore::c('page')->setDescription($_LANG['COLLECTIVES'] .' '. $_LANG['BLOGS']);
cmsCore::c('page')->addPathway($_LANG['COLLECTIVES']);
$link = '/blogs/multi-%page%.html';
break;
}
if ($blogs) {
foreach ($blogs as $b) {
$k[] = $b['title'];
}
cmsCore::c('page')->setKeywords(implode(', ', $k));
}
cmsPage::initTemplate('components', 'com_blog_view_all')->
assign('cfg', cmsCore::m('blogs')->config)->
assign('total', $total)->
assign('ownertype', $ownertype)->
assign('blogs', $blogs)->
assign('pagination', cmsPage::getPagebar($total, $page, cmsCore::m('blogs')->config['perpage_blog'], $link))->
display();
}
////////// ПРОСМОТР БЛОГА //////////////////////////////////////////////////
if ($inCore->do == 'blog'){
// получаем блог
$blog = cmsCore::c('blog')->getBlog($bloglink);
// Совместимость со старыми ссылками на клубные блоги
// Пробуем клубный блог получить по ссылке
if (!$blog) {
$blog_user_id = cmsCore::c('db')->get_field('cms_blogs', "seolink = '$bloglink' AND owner = 'club'", 'user_id');
if($blog_user_id){
cmsCore::redirect('/clubs/'.$blog_user_id.'_blog', '301');
}
}
if (!$blog) { cmsCore::error404(); }
// Права доступа
$myblog = (cmsCore::c('user')->id && cmsCore::c('user')->id == $blog['user_id']); // автор блога
$is_writer = cmsCore::c('blog')->isUserBlogWriter($blog, cmsCore::c('user')->id); // может ли пользователь писать в блог
cmsCore::c('page')->addPathway($blog['title'], cmsCore::m('blogs')->getBlogURL($blog['seolink']));
// rss в адресной строке
cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'.htmlspecialchars(strip_tags($blog['title'])).'" href="'.HOST.'/rss/blogs/'.$blog['id'].'/feed.rss">');
if($myblog || cmsCore::c('user')->is_admin){
cmsCore::c('page')->addHeadJS('components/blogs/js/blog.js');
}
//Если доступа нет, возвращаемся и выводим сообщение об ошибке
if (!cmsUser::checkUserContentAccess($blog['allow_who'], $blog['user_id'])){
cmsCore::addSessionMessage($_LANG['CLOSED_BLOG'].'<br>'.$_LANG['CLOSED_BLOG_TEXT'], 'error');
cmsCore::redirect('/blogs');
}
// Если показываем посты на модерации, если запрашиваем их
if($on_moderate){
if(!cmsCore::c('user')->is_admin && !($myblog && $blog['ownertype'] == 'multi' && $blog['premod'])){
cmsCore::error404();
}
cmsCore::c('blog')->whereNotPublished();
cmsCore::c('page')->setTitle($_LANG['POSTS_ON_MODERATE']);
cmsCore::c('page')->addPathway($_LANG['POSTS_ON_MODERATE']);
$blog['title'] .= ' - '.$_LANG['POSTS_ON_MODERATE'];
}
//Получаем html-код ссылки на автора с иконкой его пола
$blog['author'] = cmsUser::getGenderLink($blog['user_id']);
// посты данного блога
cmsCore::c('blog')->whereBlogIs($blog['id']);
// кроме админов автора в списке только с доступом для всех
if(!cmsCore::c('user')->is_admin && !$myblog && !cmsCore::c('user')->isFriend($blog['user_id'])){
cmsCore::c('blog')->whereOnlyPublic();
}
// если пришла категория
if($cat_id){
$all_total = cmsCore::c('blog')->getPostsCount(cmsCore::c('user')->is_admin || $myblog);
cmsCore::c('blog')->whereCatIs($cat_id);
}
// всего постов
$total = cmsCore::c('blog')->getPostsCount(cmsCore::c('user')->is_admin || $myblog);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('p.pubdate', 'DESC');
cmsCore::c('db')->limitPage($page, cmsCore::m('blogs')->config['perpage']);
// сами посты
$posts = cmsCore::c('blog')->getPosts((cmsCore::c('user')->is_admin || $myblog), cmsCore::m('blogs'));
if(!$posts && $page > 1){ cmsCore::error404(); }
//Если нужно, получаем список рубрик (категорий) этого блога
$blogcats = $blog['showcats'] ? cmsCore::c('blog')->getBlogCats($blog['id']) : false;
//Считаем количество постов, ожидающих модерации
$on_moderate = (cmsCore::c('user')->is_admin || $myblog) && !$on_moderate ? cmsCore::c('blog')->getModerationCount($blog['id']) : false;
// админлинки
$blog['moderate_link'] = cmsCore::m('blogs')->getBlogURL($blog['seolink']).'/moderate.html';
$blog['blog_link'] = cmsCore::m('blogs')->getBlogURL($blog['seolink']);
$blog['add_post_link'] = '/blogs/'.$blog['id'].'/newpost'.($cat_id ? $cat_id : '').'.html';
//Генерируем панель со страницами
if ($cat_id){
$pagination = cmsPage::getPagebar($total, $page, cmsCore::m('blogs')->config['perpage'], $blog['blog_link'].'/page-%page%/cat-'.$cat_id);
} else {
$pagination = cmsPage::getPagebar($total, $page, cmsCore::m('blogs')->config['perpage'], $blog['blog_link'].'/page-%page%');
}
// SEO
cmsCore::c('page')->setTitle($blog['pagetitle'] ? $blog['pagetitle'] : $blog['title']);
cmsCore::c('page')->setDescription($blog['meta_desc'] ? $blog['meta_desc'] : $blog['title']);
// keywords
if ($blog['meta_keys']) {
$meta_keys = $blog['meta_keys'];
} else if ($posts) {
foreach ($posts as $p) {
$k[] = $p['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $blog['title'];
}
cmsCore::c('page')->setKeywords($meta_keys);
cmsPage::initTemplate('components', 'com_blog_view')->
assign('myblog', $myblog)->
assign('is_config', true)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('is_writer', $is_writer)->
assign('on_moderate', $on_moderate)->
assign('cat_id', $cat_id)->
assign('blogcats', $blogcats)->
assign('total', $total)->
assign('all_total', (isset($all_total) ? $all_total : 0))->
assign('blog', $blog)->assign('posts', $posts)->
assign('pagination', $pagination)->
display();
}
////////// НОВЫЙ ПОСТ / РЕДАКТИРОВАНИЕ ПОСТА ///////////////////////////////
if ($inCore->do == 'newpost' || $inCore->do == 'editpost'){
if (!cmsCore::c('user')->id){ cmsUser::goToLogin(); }
// для редактирования сначала получаем пост
if($inCore->do == 'editpost'){
$post = cmsCore::c('blog')->getPost($post_id);
if (!$post){ cmsCore::error404(); }
$id = $post['blog_id'];
$post['tags'] = cmsTagLine('blogpost', $post['id'], false);
}
// получаем блог
$blog = cmsCore::c('blog')->getBlog($id);
if (!$blog) { cmsCore::error404(); }
//Если доступа нет, возвращаемся и выводим сообщение об ошибке
if (!cmsUser::checkUserContentAccess($blog['allow_who'], $blog['user_id'])){
cmsCore::addSessionMessage($_LANG['CLOSED_BLOG'].'<br>'.$_LANG['CLOSED_BLOG_TEXT'], 'error');
cmsCore::redirect('/blogs');
}
// Права доступа
$myblog = (cmsCore::c('user')->id && cmsCore::c('user')->id == $blog['user_id']); // автор блога
$is_writer = cmsCore::c('blog')->isUserBlogWriter($blog, cmsCore::c('user')->id); // может ли пользователь писать в блог
// если не его блог, пользователь не писатель и не админ, вне зависимости от авторства показываем 404
if (!$myblog && !$is_writer && !cmsCore::c('user')->is_admin ) { cmsCore::error404(); }
// проверяем является ли пользователь автором, если редактируем пост
if (($inCore->do == 'editpost') && !cmsCore::c('user')->is_admin && $post['user_id'] != cmsCore::c('user')->id) { cmsCore::error404(); }
//Если еще не было запроса на сохранение
if (!cmsCore::inRequest('goadd')){
cmsCore::c('page')->addPathway($blog['title'], cmsCore::m('blogs')->getBlogURL($blog['seolink']));
//для нового поста
if ($inCore->do == 'newpost'){
if (IS_BILLING){ cmsBilling::checkBalance('blogs', 'add_post'); }
cmsCore::c('page')->addPathway($_LANG['NEW_POST']);
cmsCore::c('page')->setTitle($_LANG['NEW_POST']);
$post = cmsUser::sessionGet('mod');
if ($post){
cmsUser::sessionDel('mod');
} else {
$post['cat_id'] = $cat_id;
$post['comments'] = 1;
}
}
//для редактирования поста
if ($inCore->do=='editpost'){
cmsCore::c('page')->addPathway($post['title'], cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink']));
cmsCore::c('page')->addPathway($_LANG['EDIT_POST']);
cmsCore::c('page')->setTitle($_LANG['EDIT_POST']);
}
cmsCore::c('page')->initAutocomplete();
$autocomplete_js = cmsCore::c('page')->getAutocompleteJS('tagsearch', 'tags');
//получаем рубрики блога
$cat_list = cmsCore::getListItems('cms_blog_cats', $post['cat_id'], 'id', 'ASC', "blog_id = '{$blog['id']}'");
//получаем код панелей bbcode и смайлов
$bb_toolbar = cmsPage::getBBCodeToolbar('message',cmsCore::m('blogs')->config['img_on'], 'blogs', 'blog_post', $post_id);
$smilies = cmsPage::getSmilesPanel('message');
$inCore->initAutoGrowText('#message');
//показываем форму
cmsPage::initTemplate('components', 'com_blog_edit_post')->
assign('blog', $blog)->
assign('pagetitle', ($inCore->do=='editpost' ? $_LANG['EDIT_POST'] : $_LANG['NEW_POST']))->
assign('mod', $post)->
assign('cat_list', $cat_list)->
assign('bb_toolbar', $bb_toolbar)->
assign('smilies', $smilies)->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('cfg', cmsCore::m('blogs')->config)->
assign('myblog', $myblog)->
assign('user_can_iscomments', cmsUser::isUserCan('comments/iscomments'))->
assign('autocomplete_js', $autocomplete_js)->
display();
}
//Если есть запрос на сохранение
if (cmsCore::inRequest('goadd')) {
$errors = false;
//Получаем параметры
$mod['title'] = cmsCore::request('title', 'str');
$mod['content'] = cmsCore::request('content', 'html');
$mod['feel'] = cmsCore::request('feel', 'str', '');
$mod['music'] = cmsCore::request('music', 'str', '');
$mod['cat_id'] = cmsCore::request('cat_id', 'int');
$mod['allow_who']= cmsCore::request('allow_who', 'str', $blog['allow_who']);
$mod['tags'] = cmsCore::request('tags', 'str', '');
$mod['comments'] = cmsCore::request('comments', 'int', 1);
if (cmsCore::m('blogs')->config['seo_user_access'] || cmsCore::c('user')->is_admin) {
$mod['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$mod['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$mod['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
$mod['published']= ($myblog || !$blog['premod']) ? 1 : 0;
$mod['blog_id'] = $blog['id'];
//Проверяем их
if (mb_strlen($mod['title'])<2) { cmsCore::addSessionMessage($_LANG['POST_ERR_TITLE'], 'error'); $errors = true; }
if (mb_strlen($mod['content'])<5) { cmsCore::addSessionMessage($_LANG['POST_ERR_TEXT'], 'error'); $errors = true; }
// Если есть ошибки, возвращаемся назад
if($errors){
cmsUser::sessionPut('mod', $mod);
cmsCore::redirectBack();
}
//Если нет ошибок
//добавляем новый пост...
if ($inCore->do=='newpost'){
if (IS_BILLING){ cmsBilling::process('blogs', 'add_post'); }
$mod['pubdate'] = date( 'Y-m-d H:i:s');
$mod['user_id'] = cmsCore::c('user')->id;
// добавляем пост, получая его id и seolink
$added = cmsCore::c('blog')->addPost($mod);
$mod = array_merge($mod, $added);
if ($mod['published']) {
$mod['seolink'] = cmsCore::m('blogs')->getPostURL($blog['seolink'], $mod['seolink']);
if ($blog['allow_who'] != 'nobody' && $mod['allow_who'] != 'nobody') {
cmsCore::callEvent('ADD_POST_DONE', $mod);
cmsActions::log('add_post', array(
'object' => $mod['title'],
'object_url' => $mod['seolink'],
'object_id' => $mod['id'],
'target' => $blog['title'],
'target_url' => cmsCore::m('blogs')->getBlogURL($blog['seolink']),
'target_id' => $blog['id'],
'description' => '',
'is_friends_only' => (int)($blog['allow_who'] == 'friends' || $mod['allow_who'] == 'friends')
));
}
cmsCore::addSessionMessage($_LANG['POST_CREATED'], 'success');
cmsCore::redirect($mod['seolink']);
}
if (!$mod['published']) {
$message = str_replace('%user%', cmsUser::getProfileLink(cmsCore::c('user')->login, cmsCore::c('user')->nickname), $_LANG['MSG_POST_SUBMIT']);
$message = str_replace('%post%', '<a href="'.cmsCore::m('blogs')->getPostURL($blog['seolink'], $added['seolink']).'">'.$mod['title'].'</a>', $message);
$message = str_replace('%blog%', '<a href="'.cmsCore::m('blogs')->getBlogURL($blog['seolink']).'">'.$blog['title'].'</a>', $message);
cmsUser::sendMessage(USER_UPDATER, $blog['user_id'], $message);
cmsCore::addSessionMessage($_LANG['POST_PREMODER_TEXT'], 'info');
cmsCore::redirect(cmsCore::m('blogs')->getBlogURL($blog['seolink']));
}
}
//...или сохраняем пост после редактирования
if ($inCore->do=='editpost') {
if (cmsCore::m('blogs')->config['update_date']){
$mod['pubdate'] = date( 'Y-m-d H:i:s');
}
$mod['edit_times'] = (int)$post['edit_times']+1;
$new_post_seolink = cmsCore::c('blog')->updatePost($post['id'], $mod, cmsCore::m('blogs')->config['update_seo_link']);
$post['seolink'] = is_string($new_post_seolink) ? $new_post_seolink : $post['seolink'];
cmsActions::updateLog(
'add_post',
array(
'object' => $mod['title'],
'pubdate' => cmsCore::m('blogs')->config['update_date'] ? $mod['pubdate'] : $post['pubdate'],
'object_url' => cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink'])
),
$post['id']
);
if (!$mod['published']) {
$message = str_replace('%user%', cmsUser::getProfileLink(cmsCore::c('user')->login, cmsCore::c('user')->nickname), $_LANG['MSG_POST_UPDATE']);
$message = str_replace('%post%', '<a href="'.cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink']).'">'.$mod['title'].'</a>', $message);
$message = str_replace('%blog%', '<a href="'.cmsCore::m('blogs')->getBlogURL($blog['seolink']).'">'.$blog['title'].'</a>', $message);
cmsUser::sendMessage(USER_UPDATER, $blog['user_id'], $message);
cmsCore::addSessionMessage($_LANG['POST_PREMODER_TEXT'], 'info');
} else {
cmsCore::addSessionMessage($_LANG['POST_UPDATED'], 'success');
}
cmsCore::redirect(cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink']));
}
}
}
////////// НОВАЯ РУБРИКА / РЕДАКТИРОВАНИЕ РУБРИКИ //////////////////////////
if ($inCore->do == 'newcat' || $inCore->do == 'editcat'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
$cat = array();
// Для редактирования сначала получаем рубрику
if ($inCore->do == 'editcat'){
$cat = cmsCore::c('blog')->getBlogCategory($cat_id);
if (!$cat) { cmsCore::halt(); }
$id = $cat['blog_id'];
}
// получаем блог
$blog = cmsCore::c('blog')->getBlog($id);
if (!$blog) { cmsCore::halt(); }
//Проверяем является пользователь хозяином блога или админом
if ($blog['user_id'] != cmsCore::c('user')->id && !cmsCore::c('user')->is_admin ) { cmsCore::halt(); }
//Если нет запроса на сохранение
if (!cmsCore::inRequest('goadd')){
cmsPage::initTemplate('components', 'com_blog_edit_cat')->
assign('mod', $cat)->
assign('form_action', ($inCore->do=='newcat' ? '/blogs/'.$blog['id'].'/newcat.html' : '/blogs/editcat'.$cat['id'].'.html'))->
display();
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
//Если есть запрос на сохранение
if (cmsCore::inRequest('goadd')){
$new_cat['title'] = cmsCore::request('title', 'str', '');
$new_cat['description'] = cmsCore::request('description', 'str', '');
$new_cat['blog_id'] = $blog['id'];
if (mb_strlen($new_cat['title'])<3) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CAT_ERR_TITLE'])); }
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
//новая рубрика
if ($inCore->do=='newcat'){
$cat['id'] = cmsCore::c('blog')->addBlogCategory($new_cat);
cmsCore::addSessionMessage($_LANG['CAT_IS_ADDED'], 'success');
}
//редактирование рубрики
if ($inCore->do=='editcat'){
cmsCore::c('blog')->updateBlogCategory($cat['id'], $new_cat);
cmsCore::addSessionMessage($_LANG['CAT_IS_UPDATED'], 'success');
}
cmsCore::jsonOutput(array('error' => false, 'redirect' => cmsCore::m('blogs')->getBlogURL($blog['seolink'], 1, $cat['id'])));
}
}
///////////////////////// УДАЛЕНИЕ РУБРИКИ /////////////////////////////////
if ($inCore->do == 'delcat'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
$cat = cmsCore::c('blog')->getBlogCategory($cat_id);
if (!$cat) { cmsCore::halt(); }
$blog = cmsCore::c('blog')->getBlog($cat['blog_id']);
if (!$blog) { cmsCore::halt(); }
if ($blog['user_id'] != cmsCore::c('user')->id && !cmsCore::c('user')->is_admin) { cmsCore::halt(); }
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
cmsCore::c('blog')->deleteBlogCategory($cat['id']);
cmsCore::addSessionMessage($_LANG['CAT_IS_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => cmsCore::m('blogs')->getBlogURL($blog['seolink'])));
}
////////////////////////// ПРОСМОТР ПОСТА //////////////////////////////////
if($inCore->do == 'post'){
$post = cmsCore::c('blog')->getPost($seolink);
if (!$post){ cmsCore::error404(); }
$blog = cmsCore::c('blog')->getBlog($post['blog_id']);
// Совместимость со старыми ссылками на клубные посты блога
if (!$blog) {
$blog_user_id = cmsCore::c('db')->get_field('cms_blogs', "id = '{$post['blog_id']}' AND owner = 'club'", 'user_id');
if($blog_user_id){
cmsCore::redirect('/clubs/'.$blog_user_id.'_'.$post['seolink'].'.html', '301');
}
}
if (!$blog) { cmsCore::error404(); }
// Проверяем сеолинк блога и делаем редирект если он изменился
if($bloglink != $blog['seolink']) {
cmsCore::redirect(cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink']), '301');
}
// право просмотра блога
if (!cmsUser::checkUserContentAccess($blog['allow_who'], $blog['user_id'])){
cmsCore::addSessionMessage($_LANG['CLOSED_BLOG'].'<br>'.$_LANG['CLOSED_BLOG_TEXT'], 'error');
cmsCore::redirect('/blogs');
}
// право просмотра самого поста
if (!cmsUser::checkUserContentAccess($post['allow_who'], $post['user_id'])){
cmsCore::addSessionMessage($_LANG['CLOSED_POST'].'<br>'.$_LANG['CLOSED_POST_TEXT'], 'error');
cmsCore::redirect(cmsCore::m('blogs')->getBlogURL($blog['seolink']));
}
if (cmsCore::c('user')->id) {
cmsCore::c('page')->addHeadJS('components/blogs/js/blog.js');
}
cmsCore::c('page')->addPathway($blog['title'], cmsCore::m('blogs')->getBlogURL($blog['seolink']));
cmsCore::c('page')->addPathway($post['title']);
cmsCore::c('page')->setTitle($post['pagetitle'] ? $post['pagetitle'] : $post['title']);
cmsCore::c('page')->setDescription($post['meta_desc'] ? $post['meta_desc'] : crop($post['content_html']));
cmsCore::c('page')->setKeywords($post['meta_keys'] ? $post['meta_keys'] : $post['title']);
if ($post['cat_id']){
$cat = cmsCore::c('blog')->getBlogCategory($post['cat_id']);
}
$post['tags'] = cmsTagBar('blogpost', $post['id']);
$is_author = (cmsCore::c('user')->id && cmsCore::c('user')->id == $post['user_id']);
// увеличиваем кол-во просмотров
if (!$is_author) {
cmsCore::c('db')->setFlag('cms_blog_posts', $post['id'], 'hits', $post['hits']+1);
}
cmsPage::initTemplate('components', 'com_blog_view_post')->
assign('post', $post)->
assign('blog', $blog)->assign('cat', $cat)->
assign('is_author', $is_author)->
assign('is_writer', cmsCore::c('blog')->isUserBlogWriter($blog, cmsCore::c('user')->id))->
assign('myblog', (cmsCore::c('user')->id && cmsCore::c('user')->id == $blog['user_id']))->
assign('is_admin', cmsCore::c('user')->is_admin)->
assign('karma_form', cmsKarmaForm('blogpost', $post['id'], $post['rating'], $is_author))->
assign('navigation', cmsCore::c('blog')->getPostNavigation($post['id'], $blog['id'], cmsCore::m('blogs'), $blog['seolink']))->
display();
if ($inCore->isComponentEnable('comments') && $post['comments']) {
cmsCore::includeComments();
comments('blog', $post['id'], array(), $is_author);
}
}
///////////////////////// УДАЛЕНИЕ ПОСТА ///////////////////////////////////
if ($inCore->do == 'delpost'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
$post = cmsCore::c('blog')->getPost($post_id);
if (!$post){ cmsCore::halt(); }
$blog = cmsCore::c('blog')->getBlog($post['blog_id']);
if (!$blog) { cmsCore::halt(); }
$myblog = (cmsCore::c('user')->id == $blog['user_id']); // автор блога
$is_writer = cmsCore::c('blog')->isUserBlogWriter($blog, cmsCore::c('user')->id);
// если не его блог, пользователь не писатель и не админ
if (!$myblog && !$is_writer && !cmsCore::c('user')->is_admin ) { cmsCore::halt(); }
// проверяем является ли пользователь автором
if (!cmsCore::c('user')->is_admin && !$myblog && $post['user_id'] != cmsCore::c('user')->id) { cmsCore::halt(); }
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
cmsCore::c('blog')->deletePost($post['id']);
if (cmsCore::c('user')->id != $post['user_id']){
cmsUser::sendMessage(USER_UPDATER, $post['user_id'], $_LANG['YOUR_POST'].' <b>«'.$post['title'].'»</b> '.$_LANG['WAS_DELETED_FROM_BLOG'].' <b>«<a href="'.cmsCore::m('blogs')->getBlogURL($blog['seolink']).'">'.$blog['title'].'</a>»</b>');
}
cmsCore::addSessionMessage($_LANG['POST_IS_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => cmsCore::m('blogs')->getBlogURL($blog['seolink'])));
}
///////////////////////// ПУБЛИКАЦИЯ ПОСТА /////////////////////////////////
if ($inCore->do == 'publishpost'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
$post = cmsCore::c('blog')->getPost($post_id);
if (!$post){ cmsCore::halt(); }
$blog = cmsCore::c('blog')->getBlog($post['blog_id']);
if (!$blog) { cmsCore::halt(); }
// публикуют авторы блога и админы
if ($blog['user_id'] != cmsCore::c('user')->id && !cmsCore::c('user')->is_admin) { cmsCore::halt(); }
cmsCore::c('blog')->publishPost($post_id);
$post['seolink'] = cmsCore::m('blogs')->getPostURL($blog['seolink'], $post['seolink']);
if ($blog['allow_who'] == 'all' && $post['allow_who'] == 'all') { cmsCore::callEvent('ADD_POST_DONE', $post); }
if ($blog['allow_who'] != 'nobody' && $post['allow_who'] != 'nobody'){
cmsActions::log('add_post', array(
'object' => $post['title'],
'user_id' => $post['user_id'],
'object_url' => $post['seolink'],
'object_id' => $post['id'],
'target' => $blog['title'],
'target_url' => cmsCore::m('blogs')->getBlogURL($blog['seolink']),
'target_id' => $blog['id'],
'description' => '',
'is_friends_only' => (int)($blog['allow_who'] == 'friends' || $post['allow_who'] == 'friends')
));
}
cmsUser::sendMessage(USER_UPDATER, $post['user_id'], $_LANG['YOUR_POST'].' <b>«<a href="'.$post['seolink'].'">'.$post['title'].'</a>»</b> '.$_LANG['PUBLISHED_IN_BLOG'].' <b>«<a href="'.cmsCore::m('blogs')->getBlogURL($blog['seolink']).'">'.$blog['title'].'</a>»</b>');
cmsCore::halt('ok');
}
///////////////////////// УДАЛЕНИЕ БЛОГА ///////////////////////////////////
if ($inCore->do == 'delblog'){
if(!cmsCore::c('user')->id) { cmsCore::error404(); }
if(!cmsCore::isAjax()) { cmsCore::error404(); }
// получаем блог
$blog = cmsCore::c('blog')->getBlog($id);
if (!$blog) { cmsCore::error404(); }
//Проверяем является пользователь хозяином блога или админом
if ($blog['user_id'] != cmsCore::c('user')->id && !cmsCore::c('user')->is_admin ) { cmsCore::halt(); }
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
cmsCore::c('blog')->deleteBlog($blog['id']);
cmsCore::addSessionMessage($_LANG['BLOG_IS_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/blogs'));
}
////////// VIEW POPULAR POSTS //////////////////////////////////////////////
if ($inCore->do=='best'){
cmsCore::c('page')->setTitle($_LANG['POPULAR_IN_BLOGS']);
cmsCore::c('page')->addPathway($_LANG['POPULAR_IN_BLOGS']);
cmsCore::c('page')->setDescription($_LANG['POPULAR_IN_BLOGS']);
// кроме админов в списке только с доступом для всех
if(!cmsCore::c('user')->is_admin){
cmsCore::c('blog')->whereOnlyPublic();
}
// ограничиваем по рейтингу если надо
if(cmsCore::m('blogs')->config['list_min_rating']){
cmsCore::c('blog')->ratingGreaterThan(cmsCore::m('blogs')->config['list_min_rating']);
}
// всего постов
$total = cmsCore::c('blog')->getPostsCount(cmsCore::c('user')->is_admin);
//устанавливаем сортировку
cmsCore::c('db')->orderBy('p.rating', 'DESC');
cmsCore::c('db')->limitPage($page, cmsCore::m('blogs')->config['perpage']);
// сами посты
$posts = cmsCore::c('blog')->getPosts(cmsCore::c('user')->is_admin, cmsCore::m('blogs'));
if(!$posts && $page > 1){ cmsCore::error404(); }
cmsPage::initTemplate('components', 'com_blog_view_posts')->
assign('pagetitle', $_LANG['POPULAR_IN_BLOGS'])->
assign('total', $total)->
assign('ownertype', $ownertype)->
assign('posts', $posts)->
assign('pagination', cmsPage::getPagebar($total, $page, cmsCore::m('blogs')->config['perpage'], '/blogs/popular-%page%.html'))->
assign('cfg', cmsCore::m('blogs')->config)->
display();
}
}
function search() {
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
global $_LANG;
$model = cms_model_search::initModel();
$do = $inCore->do;
$pagetitle = $inCore->getComponentTitle();
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle, '/search');
/* ==================================================================================================== */
/* ==================================================================================================== */
if ($do == 'view') {
if (mb_strlen($model->query) <= 3 && mb_strlen($model->query) >= 1) {
cmsCore::addSessionMessage($_LANG['ERROR'] .': '. $_LANG['SHORT_QUERY'], 'error');
$inCore->redirect('/search');
}
if ($model->query) {
$inPage->addPathway($model->query);
// если параметры запроса изменились
// делаем полный поиск, заполняя кеш
// иначе берем из кеша результаты
if (!$model->isChangedParams()) {
// Удаляем записи поиска от текущей сессии
$model->deleteResultsFromThisSession();
// Готовим поиск
// выполняется поиск по индексу фултекст
if (!$model->prepareSearch()) { cmsCore::error404(); }
// Кладем в сессию текущие параметры запроса
cmsUser::sessionPut('query_params', $model->parametrs_array);
// кладем в сессию слова запроса
cmsUser::sessionPut('searchquery', $model->words);
}
// формируем условия выборки
$model->whereSessionIs(session_id());
$model->wherePeriodIs();
if ($model->order_by_date) {
cmsCore::c('db')->orderBy('pubdate', 'DESC');
} else {
cmsCore::c('db')->orderBy('id', 'ASC');
}
// Получаем общее количество результатов
$total = $model->getCountResults();
// Получаем сами результаты поиска
if ($total) {
$results = $model->getResults();
} else {
cmsCore::c('db')->resetConditions();
}
}
cmsPage::initTemplate('components', 'com_search_text')->
assign('query', $model->query)->
assign('look', $model->look)->
assign('order_by_date', $model->order_by_date)->
assign('from_pubdate', $model->from_pubdate)->
assign('results', $results)->
assign('total', $total)->
assign('enable_components', $model->getEnableComponentsWithSupportSearch())->
assign('from_component', $model->from_component)->
assign('external_link', str_replace('%q%', urlencode($model->query), $_LANG['FIND_EXTERNAL_URL']))->
assign('host', HOST)->
assign('pagebar', cmsPage::getPagebar($total, $model->page, $model->config['perpage'], 'javascript:paginator(%page%)'))->
display();
}
/* ==================================================================================================== */
/* ==================================================================================================== */
if ($do == 'tag') {
if (mb_strlen($model->query) <= 3 && mb_strlen($model->query) >= 1) {
cmsCore::addSessionMessage($_LANG['EMPTY_QUERY'], 'error');
$inCore->redirect('/search');
}
$inPage->setTitle($_LANG['SEARCH_BY_TAG'] .' "'. $model->query .'"');
if ($model->query) {
$inPage->addPathway($_LANG['SEARCH_BY_TAG'] .' "'. $model->query .'"');
}
$inPage->initAutocomplete();
$total = $model->getCountTags();
$results = $model->searchByTag();
cmsPage::initTemplate('components', 'com_search_tag')->
assign('query', $model->query)->
assign('results', $results)->
assign('total', $total)->
assign('autocomplete_js', $inPage->getAutocompleteJS('tagsearch', 'query', false))->
assign('external_link', '/index.php?view=search&query='. urlencode($model->query) .'&look=allwords')->
assign('pagebar', cmsPage::getPagebar($total, $model->page, $model->config['perpage'], '/search/tag/'. urlencode($model->query) .'/page%page%.html'))->
display();
}
return true;
}
$orderto = cmsCore::getSearchVar('orderto', 'desc');
if (!in_array($orderby, array('pubdate', 'filename', 'filesize', 'hits'))) {
$orderby = 'pubdate';
}
if (!in_array($orderto, array('asc', 'desc'))) {
$orderto = 'desc';
}
$perpage = 20;
$myprofile = $inUser->id == $usr['id'];
$inDB->where("user_id = '{$usr['id']}'");
$total_files = $model->getUserFilesCount($myprofile || $inUser->is_admin);
$inDB->orderBy($orderby, $orderto);
$inDB->limitPage($page, $perpage);
$files = $model->getUserFiles($myprofile || $inUser->is_admin);
$free_mb = $model->config['filessize'] ? round($model->config['filessize'] - round($model->getUserFilesSize($usr['id']) / 1024 / 1024, 2), 2) : '';
cmsPage::initTemplate('components', 'com_users_file_view')->assign('usr', $usr)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('cfg', $model->config)->assign('total_files', $total_files)->assign('free_mb', $free_mb)->assign('pagination', cmsPage::getPagebar($total_files, $page, $perpage, '/users/' . $id . '/files%page%.html'))->assign('myprofile', $myprofile)->assign('is_admin', $inUser->is_admin)->assign('files', $files)->display('com_users_file_view.tpl');
}
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($fdo == 'download') {
$file_id = cmsCore::request('fileid', 'int', 0);
$allowsql = $inUser->id ? '' : "AND allow_who='all'";
$file = $inDB->get_fields('cms_user_files', "id = '{$file_id}' {$allowsql}", 'user_id, filename, allow_who');
if (!$file) {
cmsCore::error404();
}
$name = preg_replace('/\\.+\\//', '', $file['filename']);
$fileurl = '/upload/userfiles/' . $file['user_id'] . '/' . $name;
if (!file_exists(PATH . $fileurl)) {
cmsCore::error404();
}
if ($file['user_id'] != $inUser->id && $file['allow_who'] != 'all' && !$inUser->is_admin) {
function catalog(){
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_catalog();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { cmsCore::loadClass('billing'); }
$pagetitle = $inCore->getComponentTitle();
$inPage->addPathway($pagetitle, '/catalog');
$inPage->setTitle($pagetitle);
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
$cfg = $inCore->loadComponentConfig('catalog');
if (cmsCore::inRequest('cat_id')){
$id = cmsCore::request('cat_id', 'int', 0);
} else {
$id = cmsCore::request('id', 'int', 0);
}
$do = $inCore->do;
cmsCore::includeFile('components/catalog/includes/shopcore.php');
//////////////////////////// RATING SUBMISSION ///////////////////////////////////////////////////////////////////
if (cmsCore::inRequest('rating')){
$points = cmsCore::request('points', 'int', 0);
$item_id = cmsCore::request('item_id', 'int', 0);
$ip = $inUser->ip;
if (!alreadyVoted($item_id)){
$inDB->query("INSERT INTO cms_uc_ratings (item_id, points, ip) VALUES ($item_id, $points, '$ip')") ;
$inDB->query("DELETE FROM cms_uc_ratings WHERE item_id = $item_id AND ip = '0.0.0.0'") ;
}
}
//////////////////////////// SEARCH BY TAG ///////////////////////////////////////////////////////////////////////
if ($do == 'tag') {
$tag = $inCore->strClear(urldecode($inCore->request('tag', 'html', '')));
$sql = "SELECT tag FROM cms_tags WHERE tag = '$tag' AND target='catalog' LIMIT 1";
$result = $inDB->query($sql) ;
if ($inDB->num_rows($result)==1){
$item = $inDB->fetch_assoc($result);
$query = $inCore->strClear($item['tag']);
$findsql = "SELECT *
FROM cms_uc_items
WHERE category_id = '$id' AND published = 1 AND tags LIKE '%$query%'";
$do = 'cat';
} else { echo $_LANG['NO_MATCHING_FOUND']; }
}
//////////////////////////// ADVANCED SEARCH ////////////////////////////////////////////////////////////////////
if ($do == 'search') {
if (cmsCore::inRequest('gosearch')){
$fdata = cmsCore::request('fdata', 'array', array());
$query = cmsCore::strClear(implode('%', $fdata));
$title = cmsCore::request('title', 'str', '');
$tags = cmsCore::request('tags', 'str', '');
if ($query || $title || $tags){
$findsql = "SELECT i.* , IFNULL(AVG(r.points),0) AS rating
FROM cms_uc_items i
LEFT JOIN cms_uc_ratings r ON r.item_id = i.id
WHERE i.published = 1 AND i.category_id = '$id' ";
if($query){
$findsql .= " AND i.fieldsdata LIKE '%{$query}%' ";
}
if($title){
$findsql .= " AND i.title LIKE '%$title%' ";
}
if($tags){
$findsql .= "AND (i.tags LIKE '%".$tags."%')";
}
$findsql .= " GROUP BY i.id";
$advsearch = 1;
}
$do = 'cat';
} else {
//show search form
$sql = "SELECT * FROM cms_uc_cats WHERE id = '$id'";
$result = $inDB->query($sql) ;
if ($inDB->num_rows($result)==1){
$cat = $inDB->fetch_assoc($result);
$fstruct = cmsCore::yamlToArray($cat['fieldsstruct']);
//heading
$inPage->addPathway($cat['title'], '/catalog/'.$cat['id']);
$inPage->addPathway($_LANG['SEARCH'], '/catalog/'.$cat['id'].'/search.html');
$inPage->setTitle($_LANG['SEARCH_IN_CAT']);
$inPage->addHeadJS('components/catalog/js/search.js');
$fstruct_ready = array();
foreach($fstruct as $key=>$value) {
if (mb_strstr($value, '/~h~/')) { $ftype = 'html'; $value=str_replace('/~h~/', '', $value); }
elseif (mb_strstr($value, '/~l~/')) { $ftype = 'link'; $value=str_replace('/~l~/', '', $value); } else { $ftype='text'; }
if (mb_strstr($value, '/~m~/')) {
$value = str_replace('/~m~/', '', $value);
}
$fstruct_ready[stripslashes($key)] = stripslashes($value);
}
//searchform
cmsPage::initTemplate('components', 'com_catalog_search')->
assign('id', $id)->
assign('cat', $cat)->
assign('fstruct', $fstruct_ready)->
display('com_catalog_search.tpl');
} else { cmsCore::error404(); }
}//search form
}
//////////////////////////// SEARCH BY FIRST LETTER OF TITLE ///////////////////////////////////////////////////////
if ($do == 'findfirst') {
$id = cmsCore::request('cat_id', 'int');
$query = mb_substr(cmsCore::strClear(urldecode(cmsCore::request('text', 'html', ''))), 0, 1);
$findsql = "SELECT i.* , IFNULL(AVG( r.points ),0) AS rating
FROM cms_uc_items i
LEFT JOIN cms_uc_ratings r ON r.item_id = i.id
WHERE i.published = 1 AND i.category_id = $id AND UPPER(LTRIM(i.title)) LIKE UPPER('$query%')
GROUP BY i.id";
$do = 'cat';
$advsearch = 0;
$pagemode = 'findfirst';
}
//////////////////////////// SEARCH BY FIELD ////////////////////////////////////////////////////////////////////
if ($do == 'find') {
$id = cmsCore::request('cat_id', 'int');
$query = cmsCore::strClear(urldecode(cmsCore::request('text', 'html', '')));
$findsql = "SELECT i.* , IFNULL(AVG(r.points),0) AS rating
FROM cms_uc_items i
LEFT JOIN cms_uc_ratings r ON r.item_id = i.id
WHERE i.published = 1 AND i.category_id = $id AND i.fieldsdata LIKE '%$query%'
GROUP BY i.id";
$do = 'cat';
$advsearch = 0;
$query = stripslashes($query);
$pagemode = 'find';
}
//////////////////////////// LIST OF CATEGORIES ////////////////////////////////////////////////////////////////////
if ($do == 'view'){ //List of all categories
$cats_html = subCatsList();
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="'.$_LANG['CATALOG'].'" href="'.HOST.'/rss/catalog/all/feed.rss">');
cmsPage::initTemplate('components', 'com_catalog_index')->
assign('cfg', $cfg)->
assign('title', $pagetitle)->
assign('cats_html', $cats_html)->
display('com_catalog_index.tpl');
}
//////////////////////////// VIEW CATEGORY ///////////////////////////////////////////////////////////////////////
if ($do == 'cat'){
//get category data
$sql = "SELECT * FROM cms_uc_cats WHERE id = $id";
$catres = $inDB->query($sql);
if (!$inDB->num_rows($catres)){ cmsCore::error404(); }
$cat = $inDB->fetch_assoc($catres);
$fstruct = cmsCore::yamlToArray($cat['fieldsstruct']);
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="'.$_LANG['CATALOG'].'" href="'.HOST.'/rss/catalog/'.$cat['id'].'/feed.rss">');
//heading
//PATHWAY ENTRY
$path_list = $model->getCategoryPath($cat['NSLeft'], $cat['NSRight']);
if ($path_list){
foreach($path_list as $pcat){
$inPage->addPathway($pcat['title'], '/catalog/'.$pcat['id']);
}
}
$inPage->setTitle($cat['pagetitle'] ? $cat['pagetitle'] : $cat['title']);
//subcategories
$subcats = subCatsList($cat['id'], $cat['NSLeft'], $cat['NSRight']);
//alphabetic list
if ($cat['showabc']){ $alphabet = getAlphaList($cat['id']); } else { $alphabet = ''; }
//Tool links
$shopcartlink = shopCartLink();
//get items SQL
if (!isset($findsql)){
$sql = "SELECT i.* , IFNULL(AVG( r.points ), 0) AS rating, i.price as price
FROM cms_uc_items i
LEFT JOIN cms_uc_ratings r ON r.item_id = i.id
WHERE i.published = 1 AND i.category_id = $id
GROUP BY i.id";
} else {
$sql = $findsql;
if (!$advsearch){ $inPage->addPathway(icms_ucfirst($query)); } else
{ $inPage->addPathway($_LANG['SEARCH_RESULT']); }
}
// сортировка
if(cmsCore::inRequest('orderby')){
$orderby = cmsCore::request('orderby', array('hits','rating','pubdate','title','price'), $cat['orderby']);
cmsUser::sessionPut('uc_orderby', $orderby);
} elseif(cmsUser::sessionGet('uc_orderby')){
$orderby = cmsUser::sessionGet('uc_orderby');
} else {
$orderby = $cat['orderby'];
}
if(cmsCore::inRequest('orderto')){
$orderto = cmsCore::request('orderto', array('asc','desc'), $cat['orderto']);
cmsUser::sessionPut('uc_orderto', $orderto);
} elseif(cmsUser::sessionGet('uc_orderto')){
$orderto = cmsUser::sessionGet('uc_orderto');
} else {
$orderto = $cat['orderto'];
}
$sql .= " ORDER BY ".$orderby." ".$orderto;
//get total items count
$result = $inDB->query($sql);
$itemscount = $inDB->num_rows($result);
//can user add items here?
$is_cat_access = $model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id);
$is_can_add = $is_cat_access || $inUser->is_admin;
$tpl = cmsPage::initTemplate('components', 'com_catalog_view')->
assign('id', $id)->
assign('cat', $cat)->
assign('subcats', $subcats)->
assign('alphabet', $alphabet)->
assign('shopcartlink', $shopcartlink)->
assign('itemscount', $itemscount)->
assign('is_can_add', $is_can_add)->
assign('orderform', orderForm($orderby, $orderto, ($cat['view_type']=='shop')));
//pagination
if (!@$advsearch) { $perpage = $cat['perpage']; } else { $perpage='100'; }
$page = $inCore->request('page', 'int', 1);
//request items using pagination
$sql .= " LIMIT ".(($page-1)*$perpage).", $perpage";
$result = $inDB->query($sql) ;
//search details, if needed
$search_details = '';
if (isset($findsql)){
if ($advsearch){
$search_details = '<div class="uc_queryform"><strong>'.$_LANG['SEARCH_RESULT'].' - </strong> '.$_LANG['FOUNDED'].': '.$itemscount.' | <a href="/catalog/'.$cat['id'].'">'.$_LANG['CANCEL_SEARCH'].'</a></div>';
} else {
$search_details = '<div class="uc_queryform"><strong>'.$_LANG['SEARCH_BY_TAG'].'</strong> "'.htmlspecialchars(icms_ucfirst(stripslashes($query))).'" ('.$_LANG['MATCHES'].': '.$itemscount.') <a href="/catalog/'.$cat['id'].'">'.$_LANG['CANCEL_SEARCH'].'</a></div>';
}
}
$items = array();
while($item = $inDB->fetch_assoc($result)){
$item['ratingdata'] = ratingData($item['id']);
$item['fdata'] = cmsCore::yamlToArray($item['fieldsdata']);
$item['price'] = number_format(shopDiscountPrice($item['id'], $item['category_id'], $item['price']), 2, '.', ' ');
$item['rating'] = cms_model_catalog::buildRating($item['ratingdata']['rating']);
$item['is_new'] = isNew($item['id'], $cat['shownew'], $cat['newint']);
$item['tagline'] = tagLine($item['tags'], $cat['id']);
$item['can_edit'] = ($cat['can_edit'] && $is_cat_access && ($inUser->id == $item['user_id'])) || $inUser->is_admin;
$item['fields'] = array();
if (sizeof($fstruct)>0){
$fields_show = 0;
foreach($fstruct as $key=>$value){
if ($fields_show < $cat['fields_show']){
if ($item['fdata'][$key]){
if (mb_strstr($value, '/~h~/')){ $value = str_replace('/~h~/', '', $value); $is_html = true; } else { $is_html = false; }
if (mb_strstr($value, '/~m~/')){
$value = str_replace('/~m~/', '', $value);
$makelink = true;
} else {$makelink = false; }
if (!$is_html){
if (mb_strstr($value, '/~l~/')){
if (@$item['fdata'][$key]!=''){
$field = '<a class="uc_fieldlink" href="/load/url=-'.base64_encode($item['fdata'][$key]).'" target="_blank">'.str_replace('/~l~/', '', $value).'</a> ('.$inCore->fileDownloadCount($item['fdata'][$key]).')';
}
} else {
if ($makelink){
$field = $model->getUCSearchLink($cat['id'], $item['fdata'][$key]);
} else {
$field = $item['fdata'][$key];
}
}
} else {
$field = $item['fdata'][$key];
}
if (isset($query)) { if (mb_stristr($field, $query)) { $field .= '<span class="uc_findsame"> ← <i>'.$_LANG['MATCHE'].'</i></span>';} }
$fields_show++;
$item['fields'][stripslashes($value)] = stripslashes($field);
}
} else { break; }
}
}
$items[] = $item;
}
if (!@$pagemode){
$pagebar = cmsPage::getPagebar($itemscount, $page, $perpage, '/catalog/'.$id.'-%page%');
} else {
if ($pagemode=='findfirst'){
$pagebar = cmsPage::getPagebar($itemscount, $page, $perpage, '/catalog/'.$id.'-%page%/find-first/'.urlencode(urlencode($query)));
}
if ($pagemode=='find'){
$pagebar = cmsPage::getPagebar($itemscount, $page, $perpage, '/catalog/'.$id.'-%page%/find/'.urlencode(urlencode($query)));
}
}
// SEO
if($cat['NSLevel'] > 0){
// meta description
if($cat['meta_desc']){
$meta_desc = $cat['meta_desc'];
} elseif(mb_strlen(strip_tags($cat['description']))>=250){
$meta_desc = crop($cat['description']);
} else {
$meta_desc = $cat['title'];
}
$inPage->setDescription($meta_desc);
// meta keywords
if($cat['meta_keys']){
$meta_keys = $cat['meta_keys'];
} elseif($items){
foreach($items as $c){
$k[] = $c['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $cat['title'];
}
$inPage->setKeywords($meta_keys);
}
$tpl->assign('cfg', $cfg)->
assign('page', $page)->
assign('search_details', $search_details)->
assign('fstruct', $fstruct)->
assign('items', $items)->
assign('pagebar', $pagebar)->
display('com_catalog_view.tpl');
return true;
}
//////////////////////////// VIEW ITEM DETAILS ///////////////////////////////////////////////////////////////////////
if ($do == 'item'){
$id = $inCore->request('id', 'int');
$sql = "SELECT * FROM cms_uc_items WHERE id = '$id'";
$itemres = $inDB->query($sql) ;
if (!$inDB->num_rows($itemres)){ cmsCore::error404(); }
$item = $inDB->fetch_assoc($itemres);
if ((!$item['published'] || $item['on_moderate']) && !$inUser->is_admin){
cmsCore::error404();
}
$fdata = cmsCore::yamlToArray($item['fieldsdata']);
if ($item['meta_keys']) { $inPage->setKeywords($item['meta_keys']); }
if ($item['meta_desc']) { $inPage->setDescription($item['meta_desc']); }
$ratingdata = ratingData($id);
$sql = "SELECT * FROM cms_uc_cats WHERE id = '{$item['category_id']}'";
$catres = $inDB->query($sql) ;
$cat = $inDB->fetch_assoc($catres);
$fstruct = cmsCore::yamlToArray($cat['fieldsstruct']);
$is_cat_access = $inUser->id ?
$model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id) : false;
$item['can_edit'] = ($cat['can_edit'] && $is_cat_access && ($inUser->id == $item['user_id'])) || $inUser->is_admin;
//PATHWAY ENTRY
$path_list = $model->getCategoryPath($cat['NSLeft'], $cat['NSRight']);
if ($path_list){
foreach($path_list as $pcat){
$inPage->addPathway($pcat['title'], '/catalog/'.$pcat['id']);
}
}
$inPage->addPathway($item['title'], '/catalog/item'.$item['id'].'.html');
$inPage->setTitle($item['title']);
if ($cat['view_type']=='shop'){
$shopCartLink=shopCartLink();
}
//update hits
$inDB->query("UPDATE cms_uc_items SET hits = hits + 1 WHERE id = '$id'") ;
//print item details
$fields = array();
if (sizeof($fstruct)>0){
foreach($fstruct as $key=>$value){
if (@$fdata[$key]){
if (mb_strstr($value, '/~h~/')){
$value = str_replace('/~h~/', '', $value);
$htmlfield = true;
}
if (mb_strstr($value, '/~m~/')){
$value = str_replace('/~m~/', '', $value);
$makelink = true;
} else {$makelink = false; }
$field = (string)str_replace('<p>', '<p style="margin-top:0px; margin-bottom:5px">', $fdata[$key]);
if (mb_strstr($value, '/~l~/')){
$field = '<a class="uc_detaillink" href="/load/url=-'.base64_encode($field).'" target="_blank">'.str_replace('/~l~/', '', $value).'</a> ('.$inCore->fileDownloadCount($field).')';
} else {
if (isset($htmlfield)) {
if ($makelink) {
$field = $model->getUCSearchLink($cat['id'], $field);
} else {
//PROCESS FILTERS, if neccessary
if ($cat['filters']){
$filters = $inCore->getFilters();
if ($filters){
foreach($filters as $id=>$_data){
require_once PATH.'/filters/'.$_data['link'].'/filter.php';
$_data['link']($field);
}
}
}
$field = stripslashes($field);
}
} else {
if ($makelink) {
$field = $model->getUCSearchLink($cat['id'], $field);
}
}
}
$fields[stripslashes($value)] = stripslashes($field);
}
}
}
if ($cat['view_type']=='shop'){
$item['price'] = number_format(shopDiscountPrice($item['id'], $item['category_id'], $item['price']), 2, '.', ' ');
}
$user = $inDB->get_fields('cms_users', "id='{$item['user_id']}'", 'login, nickname');
$getProfileLink = cmsUser::getProfileLink($user['login'], $user['nickname']);
if ($cat['is_ratings']){
$ratingForm = ratingForm($ratingdata, $item['id']);
}
cmsPage::initTemplate('components', 'com_catalog_item')->
assign('shopCartLink', (isset($shopCartLink) ? $shopCartLink : ''))->
assign('getProfileLink', $getProfileLink)->
assign('tagline', tagLine($item['tags'], $cat['id']))->
assign('item', $item)->
assign('cat', $cat)->
assign('fields', $fields)->
assign('ratingForm', (isset($ratingForm) ? $ratingForm : ''))->
display('com_catalog_item.tpl');
if ($item['is_comments'] && $inCore->isComponentEnable('comments')) {
cmsCore::includeComments();
comments('catalog', $item['id'], array(), ($inUser->id == $item['user_id']));
}
return true;
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////// S H O P /////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////// ADD TO CART /////////////////////////////////////////////////////////////////////////////
if ($do == 'addcart'){
shopAddToCart($id, 1);
$inCore->redirect('/catalog/viewcart.html');
}
///////////////////////// VIEW CART /////////////////////////////////////////////////////////////////////////////
if ($do == 'viewcart'){
shopCart();
}
///////////////////////// DELETE FROM CART /////////////////////////////////////////////////////////////////////////////
if ($do == 'cartremove'){
shopRemoveFromCart($id);
$inCore->redirectBack();
}
///////////////////////// CLEAR CART /////////////////////////////////////////////////////////////////////////////
if ($do == 'clearcart'){
shopClearCart();
$inCore->redirectBack();
}
///////////////////////// CLEAR CART /////////////////////////////////////////////////////////////////////////////
if ($do == 'savecart'){
$itemcounts = $inCore->request('kolvo', 'array_int');
if (is_array($itemcounts)){
shopUpdateCart($itemcounts);
}
$inCore->redirectBack();
}
///////////////////////// ORDER //////////////////////////////////////////////////////////////////////////////////
if ($do == 'order'){
shopOrder($cfg);
}
///////////////////////// ORDER //////////////////////////////////////////////////////////////////////////////////
if ($do == 'finish'){
shopFinishOrder($cfg);
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'add_item' || $do == 'edit_item'){
$cat_id = cmsCore::request('cat_id', 'int');
$item_id = cmsCore::request('item_id', 'int', 0);
if ($do == 'add_item'){
$cat = $inDB->get_fields('cms_uc_cats', "id='$cat_id'", '*');
if (!$cat){ cmsCore::error404(); }
$inPage->setTitle($_LANG['ADD_ITEM']);
if (!($model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id) || $inUser->is_admin)){
cmsCore::error404();
}
$item = array();
$fdata = array();
if ($cat['cost']=='') { $cat['cost'] = false; }
if (IS_BILLING){
cmsBilling::checkBalance('catalog', 'add_catalog_item', false, $cat['cost']);
}
$item['is_comments'] = 1;
}
if ($do == 'edit_item'){
$inPage->setTitle($_LANG['EDIT_ITEM']);
$item = $inDB->get_fields('cms_uc_items', "id='$item_id'", '*');
if (!$item) { cmsCore::error404(); }
$cat = $inDB->get_fields('cms_uc_cats', "id='{$item['category_id']}'", '*');
if (!$cat){ cmsCore::error404(); }
$is_cat_access = $model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id);
$is_can_edit = ($cat['can_edit'] && $is_cat_access && ($inUser->id == $item['user_id'])) || $inUser->is_admin;
if (!$is_can_edit) { cmsCore::error404(); }
$fdata = cmsCore::yamlToArray($item['fieldsdata']);
}
$path_list = $model->getCategoryPath($cat['NSLeft'], $cat['NSRight']);
if ($path_list){
foreach($path_list as $pcat){
$inPage->addPathway($pcat['title'], '/catalog/'.$pcat['id']);
}
}
if($do == 'add_item'){
$inPage->addPathway($_LANG['ADD_ITEM']);
} else {
$inPage->addPathway($_LANG['EDIT_ITEM']);
}
$cats = $inCore->getListItems('cms_uc_cats', $cat['id'], 'id', 'ASC', 'parent_id > 0 AND published = 1');
$fields = array();
$fstruct = cmsCore::yamlToArray($cat['fieldsstruct']);
foreach($fstruct as $f_id=>$value){
if (mb_strstr($value, '/~h~/')) { $ftype = 'html'; $value=str_replace('/~h~/', '', $value); }
elseif (mb_strstr($value, '/~l~/')) { $ftype = 'link'; $value=str_replace('/~l~/', '', $value); } else { $ftype='text'; }
if (mb_strstr($value, '/~m~/')) { $makelink = true; $value=str_replace('/~m~/', '', $value); }
else { $makelink = false; }
$next['ftype'] = stripslashes($ftype);
$next['title'] = stripslashes($value);
$next['makelink'] = stripslashes($makelink);
if (!empty($fdata[$f_id])){
$next['value'] = stripslashes($fdata[$f_id]);
} else {
$next['value'] = '';
}
$fields[$f_id] = $next;
}
cmsPage::initTemplate('components', 'com_catalog_add')->
assign('do', $do)->
assign('item', $item)->
assign('fields', $fields)->
assign('cat', $cat)->
assign('cats', $cats)->
assign('cfg', $cfg)->
assign('is_admin', $inUser->is_admin)->
assign('cat_id', $cat['id'])->
display('com_catalog_add.tpl');
return;
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'submit_item'){
$opt = cmsCore::request('opt', 'str', 'add');
$new_cat_id = cmsCore::request('new_cat_id', 'int', 0);
$cat_id = $new_cat_id ? $new_cat_id : cmsCore::request('cat_id', 'int', 0);
$item_id = cmsCore::request('item_id', 'int', 0);
$cat = $inDB->get_fields('cms_uc_cats', "id='$cat_id'", '*');
if(!$cat){ cmsCore::error404(); }
if ($opt == 'add'){
if(!$inUser->is_admin &&
!$model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id)){
cmsCore::error404();
}
} else {
$item = $inDB->get_fields('cms_uc_items', "id='{$item_id}'", '*');
if(!$item){ cmsCore::error404(); }
if(!$inUser->is_admin &&
!($cat['can_edit'] && ($inUser->id == $item['user_id']) &&
$model->checkCategoryAccess($cat['id'], $cat['is_public'], $inUser->group_id))){
cmsCore::error404();
}
}
$item['title'] = cmsCore::request('title', 'str');
if (!$item['title']) { cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error'); cmsCore::redirectBack(); }
$item['category_id'] = $cat_id;
$item['published'] = ($cfg['premod'] && !$inUser->is_admin ? 0 : 1);
$item['on_moderate'] = ($cfg['premod'] && !$inUser->is_admin ? 1 : 0);
$item['fdata'] = cmsCore::request('fdata', 'array', array());;
foreach($item['fdata'] as $key=>$value) {
$item['fdata'][$key] = cmsCore::badTagClear($value);
}
$item['fieldsdata'] = $inDB->escape_string(cmsCore::arrayToYaml($item['fdata']));
$item['is_comments'] = $inUser->is_admin ? cmsCore::request('is_comments', 'int', 0) : $cfg['is_comments'];
$item['tags'] = cmsCore::request('tags', 'str', '');
$item['canmany'] = 1;
$item['imageurl'] = ($opt == 'add' ? '' : $item['imageurl']);
$item['price'] = 0;
$item['canmany'] = 1;
if($inUser->is_admin){
$meta_desc = cmsCore::request('meta_desc', 'str', '');
$meta_keys = cmsCore::request('meta_keys', 'str', '');
$item['meta_desc'] = $meta_desc ? $meta_desc : $item['title'];
$item['meta_keys'] = $meta_keys ? $meta_keys : $item['tags'];
} else {
$item['meta_desc'] = @$item['meta_desc'] ? $item['meta_desc'] : $item['title'];
$item['meta_keys'] = @$item['meta_keys'] ? $item['meta_keys'] : $item['tags'];
}
if (cmsCore::inRequest('price')) {
$price = cmsCore::request('price', 'str', '');
$price = str_replace(',', '.', $price);
$item['price'] = round($price, 2);
$item['canmany']= cmsCore::request('canmany', 'int', 0);
}
if (cmsCore::request('delete_img', 'int', 0)){
@unlink(PATH."/images/catalog/".$item['imageurl']);
@unlink(PATH."/images/catalog/small/".$item['imageurl']);
@unlink(PATH."/images/catalog/medium/".$item['imageurl']);
$item['imageurl'] = '';
}
$file = $model->uploadPhoto($item['imageurl']);
if($file){
$item['imageurl'] = $file['filename'];
}
if ($opt=='add'){
$item['pubdate'] = date('Y-m-d H:i');
$item['user_id'] = $inUser->id;
$item['id'] = $model->addItem($item);
if (IS_BILLING){
if ($cat['cost']=='') { $cat['cost'] = false; }
cmsBilling::process('catalog', 'add_catalog_item', $cat['cost']);
}
if (!$cfg['premod'] || $inUser->is_admin) {
cmsCore::callEvent('ADD_CATALOG_DONE', $item);
//регистрируем событие
cmsActions::log('add_catalog', array(
'object' => $item['title'],
'object_url' => '/catalog/item'.$item['id'].'.html',
'object_id' => $item['id'],
'target' => $cat['title'],
'target_url' => '/catalog/'.$cat['id'],
'target_id' => $cat['id'],
'description' => ''
));
}
}
if ($opt=='edit'){
$model->updateItem($item['id'], $item);
cmsActions::updateLog('add_catalog', array('object' => $item['title']), $item['id']);
}
if ($inUser->id != 1 && $cfg['premod'] && $cfg['premod_msg']){
$link = '<a href="/catalog/item'.$item['id'].'.html">'.$item['title'].'</a>';
$user = '******'.cmsUser::getProfileURL($inUser->login).'">'.$inUser->nickname.'</a>';
if ($opt=='add') { $message = $_LANG['MSG_ITEM_SUBMIT']; }
if ($opt=='edit') { $message = $_LANG['MSG_ITEM_EDITED']; }
$message = str_replace('%user%', $user, $message);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessage(USER_UPDATER, 1, $message);
cmsCore::addSessionMessage($_LANG['ITEM_PREMOD_NOTICE'], 'info');
cmsCore::redirect('/catalog/'.$item['category_id']);
}
cmsCore::redirect('/catalog/item'.$item['id'].'.html');
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'accept_item'){
$item_id = cmsCore::request('item_id', 'int');
$item = $inDB->get_fields('cms_uc_items', "id='{$item_id}'", 'title, user_id, category_id');
if (!$item || !$inUser->is_admin){ cmsCore::error404(); }
$inDB->query("UPDATE cms_uc_items SET published=1, on_moderate=0 WHERE id='{$item_id}'");
$cat = $inDB->get_fields('cms_uc_cats', 'id='.$item['category_id'], 'id, title');
cmsCore::callEvent('ADD_CATALOG_DONE', $item);
//регистрируем событие
cmsActions::log('add_catalog', array(
'object' => $item['title'],
'user_id' => $item['user_id'],
'object_url' => '/catalog/item'.$item_id.'.html',
'object_id' => $item_id,
'target' => $cat['title'],
'target_url' => '/catalog/'.$cat['id'],
'target_id' => $cat['id'],
'description' => ''
));
$item_link = '<a href="/catalog/item'.$item_id.'.html">'.$item['title'].'</a>';
$message = str_replace('%link%', $item_link, $_LANG['MSG_ITEM_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message);
cmsCore::redirectBack();
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'delete_item'){
$item_id = cmsCore::request('item_id', 'int');
$item = $inDB->get_fields('cms_uc_items', "id='{$item_id}'", '*');
if(!$item){ cmsCore::error404(); }
if (!($item['user_id']==$inUser->id || $inUser->is_admin)){ cmsCore::error404(); }
$model->deleteItem($item_id);
$message = str_replace('%item%', $item['title'], $_LANG['MSG_ITEM_REJECTED']);
cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message);
cmsCore::redirect('/catalog/'.$item['category_id']);
}
}
