function show($nPageID = null)
{
$nRecordID = !isset($nPageID) ? func::POSTGET('page') : (int) $nPageID;
$aData = $this->db->one_array('SELECT title, mkeywords, mdescription, filename
FROM ' . TABLE_PAGES . '
WHERE filename = ' . $this->db->str2sql($nRecordID) . '
LIMIT 1');
if (empty($aData)) {
Errors::httpError(404);
}
//get page content
$aData['content'] = CDir::getFileContent(PAGES_PATH . $aData['filename'] . PAGES_EXTENSION);
config::set(array('title' => $aData['title'] . ' | ' . config::get('title', ''), 'mkeywords' => $aData['mkeywords'], 'mdescription' => $aData['mdescription']));
if ($aData['content'] === false) {
Errors::httpError(404);
}
$aData['menu'] = bff::i()->Sitemap_getmenu('info', 'all-sub');
// echo '<pre>', print_r($aData['menu'], true), '</pre>'; exit;
$this->tplAssign('aData', $aData);
return $this->tplFetch('page.tpl');
}
function sessionStart($key, $restart = false)
{
$name = $this->sessionNameByKey($key);
if ($restart) {
if ($sess_id = func::POSTGET('sessid')) {
session_id($sess_id);
session_start();
} else {
if (isset($_COOKIE[$name])) {
session_name($name);
session_start();
}
}
} else {
//стартуем сессию если еще не стартовали
$cur_session_id = session_id();
if (empty($cur_session_id)) {
if ($sess_id = func::POSTGET('sessid')) {
session_id($sess_id);
} else {
session_name($name);
}
session_start();
}
}
}
function ajax()
{
if (!$this->haveAccessTo('read')) {
$this->ajaxResponse(Errors::ACCESSDENIED);
}
if (bff::$isAjax) {
$nUserID = $this->security->getUserID();
switch (func::POSTGET('action')) {
case 'recipients':
$sQ = func::POST('q', true);
//получаем список подходящих по логину собеседников, исключая
//- текущего пользователя
//- администраторов, запретивших им писать (im_noreply=1)
//- заблокированных пользователей
//- добавивших текущего пользователя в ignore-папку
$aResult = $this->db->select('SELECT U.user_id, U.login FROM ' . TABLE_USERS . ' U
LEFT JOIN ' . TABLE_INTERNALMAIL_FOLDERS_USERS . ' IMFU ON
U.user_id=IMFU.user_id AND IMFU.interlocutor_id = ' . $nUserID . ' AND IMFU.folder_id = ' . INTERNALMAIL_FOLDER_IGNORE . '
WHERE U.login LIKE (' . $this->db->str2sql("{$sQ}%") . ') AND U.user_id!=' . $nUserID . '
AND U.im_noreply=0 AND U.blocked=0 AND IMFU.folder_id IS NULL
ORDER BY U.login');
$aUsers = array();
foreach ($aResult as $u) {
$aUsers[$u['user_id']] = $u['login'];
}
unset($aResult);
$this->ajaxResponse($aUsers);
break;
case 'history':
if (!($nInterlocutorID = func::POSTGET('iid', false, true))) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
$aData = array('uid' => $nUserID, 'ulogin' => $this->security->getUserLogin());
$aData['il'] = $this->db->one_array('SELECT user_id, login FROM ' . TABLE_USERS . ' WHERE id=' . $nInterlocutorID . ' LIMIT 1');
if (!$aData['il']) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
//получаем переписку с собеседником
$sQuery = 'SELECT id, author, message, status, created
FROM ' . TABLE_INTERNALMAIL . '
WHERE ((author=' . $nInterlocutorID . ' AND recipient=' . $nUserID . ' AND (status & ' . INTERNALMAIL_STATUS_DELRECIPIENT . ')=0 )
OR (author=' . $nUserID . ' AND recipient=' . $nInterlocutorID . ' AND (status & ' . INTERNALMAIL_STATUS_DELAUTHOR . ')=0 )
)
ORDER BY created DESC';
$aData['messages'] = $this->db->select($sQuery);
$this->tplAssignByRef('aData', $aData);
$this->ajaxResponse(array('history' => $this->tplFetch('admin.history.ajax.tpl')));
break;
case 'delete-conv':
if (($nInterlocutorID = func::POSTGET('iid', false, true)) <= 0) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
$nDeleted = $this->deleteConversation($nUserID, $nInterlocutorID) ? 1 : 0;
$this->ajaxResponse($nDeleted);
break;
case 'move2folder':
if (($nInterlocutorID = func::POSTGET('iid', false, true)) <= 0) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
if (($nFolderID = func::POSTGET('fid', false, true)) <= 0) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
$aResponse['added'] = $this->moveUser2Folder($nUserID, $nInterlocutorID, $nFolderID);
$this->ajaxResponse($aResponse);
break;
case 'delete-msg':
$nMessageID = func::POSTGET('rec', false, true);
if (!$nMessageID) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
$this->deleteMessage($nMessageID, $nUserID);
$this->ajaxResponse(Errors::SUCCESSFULL);
break;
case 'recover-msg':
$nMessageID = func::POSTGET('rec', false, true);
if (!$nMessageID) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
$this->recoverMessage($nMessageID, $nUserID);
$this->ajaxResponse(Errors::SUCCESSFULL);
break;
case 'send-msg':
if (($nInterlocutorID = func::POSTGET('iid', false, true)) <= 0) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
$aData['message'] = $this->cleanMessage(func::POST('message'));
if (!$aData['message']) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
$this->sendMessage($nUserID, $nInterlocutorID, nl2br($aData['message']), $this->uploadAttachment(), $this->db->getNOW());
$this->ajaxResponse(Errors::SUCCESSFULL);
break;
}
}
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
function subscriber_delete()
{
if (!$this->haveAccessTo('subscribers-edit')) {
return $this->showAccessDenied();
}
$nRecordID = func::POSTGET('rec', false, true);
if (!$nRecordID) {
$this->adminRedirect(Errors::IMPOSSIBLE, 'subscriber_listing');
}
$this->db->execute('DELETE FROM ' . DB_PREFIX . 'subscribers WHERE id=' . $nRecordID);
$this->adminRedirect(Errors::SUCCESSFULL, 'subscriber_listing');
}
function ajax()
{
if (!bff::$isAjax || !$this->security->haveAccessToAdminPanel()) {
$this->ajaxResponse(Errors::ACCESSDENIED);
}
switch (func::GET('act')) {
case 'city-list':
$sPos = func::GETPOST('pos');
$aExtra = array('expand' => true);
$sEmptyTitle = func::GETPOST('empty_title');
if (!empty($sEmptyTitle)) {
$aExtra['empty_title'] = $sEmptyTitle;
}
$this->ajaxResponse($this->geoCityOptions(0, $sPos, $aExtra));
break;
case 'city-regions':
$nCityID = $this->input->id('city', 'p');
if (!$nCityID) {
$this->ajaxResponse(Errors::UNKNOWNRECORD);
}
$bGetYData = func::GET('ydata') == 1;
$sEmptyTitle = func::GETPOST('empty_title');
$sEmptyTitle = !empty($sEmptyTitle) ? $sEmptyTitle : 'не указан';
$aResponse = $this->geoRegionOptions($nCityID, 0, true, $sEmptyTitle, $bGetYData);
if (!$bGetYData) {
unset($aResponse['regdata']);
}
$this->ajaxResponse($aResponse);
break;
case 'unsubscribe':
if (($nRecordID = func::POSTGET('rec', false, true)) <= 0) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
$this->db->execute('DELETE FROM ' . TABLE_SUBSCRIBES . ' WHERE id = ' . $nRecordID);
$this->ajaxResponse(Errors::SUCCESS);
break;
}
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
function settings()
{
if (!$this->haveAccessTo('settings')) {
return $this->showAccessDenied();
}
$configPrefix = $this->module_name . '_';
$sCurrentTab = func::POSTGET('tab');
if (empty($sCurrentTab)) {
$sCurrentTab = 'general';
}
if (bff::$isPost && func::POST('save') == 1) {
$confTmp = func::POST('config', false);
$this->input->clean_array($confTmp, array('items_perpage' => TYPE_UINT, 'items_freepubl_category_limit' => TYPE_UINT, 'items_freepubl_category_limit_reg' => TYPE_UINT, 'adtxt_limit' => TYPE_UINT, 'svc_up_price' => TYPE_NUM, 'svc_mark_price' => TYPE_NUM, 'svc_premium_price' => TYPE_NUM, 'svc_press_price' => TYPE_NUM, 'svc_up_desc' => TYPE_STR, 'svc_mark_desc' => TYPE_STR, 'svc_premium_desc' => TYPE_STR, 'svc_press_desc' => TYPE_STR, 'images_limit' => TYPE_UINT, 'images_limit_reg' => TYPE_UINT, 'add_instruct1' => TYPE_STR, 'add_instruct2' => TYPE_STR, 'add_instruct3' => TYPE_STR, 'add_instruct4' => TYPE_STR));
$conf = array();
foreach ($confTmp as $k => $v) {
$conf[$configPrefix . $k] = $v;
}
bff::i()->Sites_saveConfig($conf, false);
//в БД
$configAll = config::getAll();
bff::i()->Sites_saveConfig(array_merge($configAll, $conf), true);
//в файл
$this->adminRedirect(Errors::SUCCESS, 'settings&tab=' . $sCurrentTab);
}
$aConfig = config::getWithPrefix($this->module_name . '_');
$aConfig = array_map('stripslashes', $aConfig);
$aConfig['options'] = array();
$aConfig['options']['limit10'] = array(1 => 1, 2 => 2, 3 => 3, 4 => 4, 5 => 5, 6 => 6, 7 => 7, 8 => 8, 9 => 9, 10 => 10, 11 => 11, 12 => 12, 13 => 13, 14 => 14, 15 => 15);
$aData = $aConfig;
$aData['tabs'] = array('general' => array('t' => 'Общие настройки', 'a' => 0), 'files' => array('t' => 'Загрузка файлов', 'a' => 0), 'add_instruction' => array('t' => 'Инструкция при добавлении', 'a' => 0));
$aData['tabs'][$sCurrentTab]['a'] = 1;
$this->tplAssign('tab', $sCurrentTab);
$this->tplAssignByRef('aData', $aData);
$this->adminCustomCenterArea();
$this->includeJS('wysiwyg');
return $this->tplFetch('admin.settings.tpl');
}
function action()
{
if (!$this->haveAccessTo('edit')) {
return $this->showAccessDenied();
}
$nRecordID = func::POSTGET('rec', false, true);
if ($nRecordID <= 0) {
$this->adminRedirect(Errors::IMPOSSIBLE, 'listing');
}
$sAction = func::POSTGET('type');
switch ($sAction) {
case 'delete':
//delete page file
$aData = $this->db->one_array('SELECT filename, issystem FROM ' . TABLE_PAGES . ' WHERE id=' . $nRecordID . ' LIMIT 1');
if (!empty($aData) && !$aData['issystem']) {
@unlink(PAGES_PATH . $aData['filename'] . PAGES_EXTENSION);
$this->db->execute('DELETE FROM ' . TABLE_PAGES . ' WHERE id=' . $nRecordID);
} else {
$this->adminRedirect(Errors::ACCESSDENIED, 'listing');
}
break;
}
$this->adminRedirect(Errors::SUCCESSFULL, 'listing');
}