public function make()
{
if (user::getInstance()->get('id') > 0) {
$userid = user::getInstance()->get('id');
$title = system::getInstance()->nohtml(system::getInstance()->post('title'));
$url = system::getInstance()->nohtml(system::getInstance()->post('url'));
// only self domain
if (system::getInstance()->prefixEquals($url, property::getInstance()->get('script_url')) && filter_var($url, FILTER_VALIDATE_URL) && system::getInstance()->length($title) > 0) {
$stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_user_bookmarks WHERE target = ? AND href = ?");
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
$stmt->bindParam(2, $url, PDO::PARAM_STR);
$stmt->execute();
$res = $stmt->fetch();
$stmt = null;
if ($res[0] < 1) {
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_bookmarks (`target`, `title`, `href`) VALUES (?, ?, ?)");
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
$stmt->bindParam(2, $title, PDO::PARAM_STR);
$stmt->bindParam(3, $url, PDO::PARAM_STR);
$stmt->execute();
$stmt = null;
}
}
}
}
private function viewStreamList()
{
csrf::getInstance()->buildToken();
$params = array();
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$page_index = (int) system::getInstance()->get('index');
$db_index = $page_index * self::ITEM_PER_PAGE;
if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/stream/delete')) {
$toDelete = system::getInstance()->post('check_array');
if (is_array($toDelete) && sizeof($toDelete) > 0) {
$listDelete = system::getInstance()->altimplode(',', $toDelete);
if (system::getInstance()->isIntList($listDelete)) {
database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_stream WHERE id IN (" . $listDelete . ")");
}
}
}
}
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_stream ORDER BY `date` DESC LIMIT ?," . self::ITEM_PER_PAGE);
$stmt->bindParam(1, $db_index, \PDO::PARAM_INT);
$stmt->execute();
$resultAll = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$stmt = null;
$ids = system::getInstance()->extractFromMultyArray('caster_id', $resultAll);
user::getInstance()->listload($ids);
foreach ($resultAll as $row) {
$params['stream'][] = array('id' => $row['id'], 'type' => $row['type'], 'user_id' => $row['caster_id'], 'user_name' => user::getInstance()->get('nick', $row['caster_id']), 'url' => $row['target_object'], 'text' => system::getInstance()->nohtml($row['text_preview']), 'date' => system::getInstance()->todate($row['date'], 'h'));
}
$count_all = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream', false)->streamCount();
$params['pagination'] = template::getInstance()->showFastPagination($page_index, self::ITEM_PER_PAGE, $count_all, '?object=components&action=stream&index=');
return template::getInstance()->twigRender('components/stream/list.tpl', $params);
}
public function make()
{
$post_id = (int) system::getInstance()->get('id');
$user_id = (int) user::getInstance()->get('id');
$message = system::getInstance()->nohtml(system::getInstance()->post('message'));
// thank unknown tester for detect XSS vuln
$time_between_posts = extension::getInstance()->getConfig('wall_post_delay', 'user', 'components', 'int');
if ($post_id > 0 && $user_id > 0 && system::getInstance()->length($message) > 0 && permission::getInstance()->have('global/write')) {
$stmt = database::getInstance()->con()->prepare("SELECT time FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE poster = ? ORDER BY id DESC LIMIT 1");
$stmt->bindParam(1, $user_id, PDO::PARAM_INT);
$stmt->execute();
$res = $stmt->fetch();
$last_post_time = $res['time'];
$stmt = null;
$current_time = time();
if ($current_time - $last_post_time >= $time_between_posts) {
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_wall_answer (wall_post_id, poster, message, time) VALUES(?, ?, ?, ?)");
$stmt->bindParam(1, $post_id, PDO::PARAM_INT);
$stmt->bindParam(2, $user_id, PDO::PARAM_INT);
$stmt->bindParam(3, $message, PDO::PARAM_STR);
$stmt->bindParam(4, $current_time, PDO::PARAM_INT);
$stmt->execute();
$stmt = null;
}
}
api::getInstance()->call('front', 'wallview')->make();
// refresh list
}
public function make()
{
$dir = system::getInstance()->get('dir');
if (system::getInstance()->isLatinOrNumeric($dir) && system::getInstance()->length($dir) > 0 && user::getInstance()->get('id') > 0 && $_FILES['img'] != null) {
$isIframe = $_POST["iframe"] ? true : false;
$idarea = $_POST["idarea"];
$obj = extension::getInstance()->call(extension::TYPE_HOOK, 'file');
if (!is_object($obj)) {
exit;
}
$result = $obj->uploadImage('/' . $dir . '/', $_FILES['img']);
$fulllink = property::getInstance()->get('script_url') . "/upload/{$dir}/" . $result;
if ($isIframe) {
if ($result != null) {
echo '<html><body>OK<script>window.parent.$("#' . $idarea . '").insertImage("' . $fulllink . '","' . $fulllink . '").closeModal().updateUI();</script></body></html>';
} else {
echo '<html><body>ERROR<script>window.parent.alert("Image upload error.");</script></body></html>';
}
} else {
header("Content-type: text/javascript");
if ($result != null) {
$json_response = array('status' => '1', 'msg' => 'ok', 'image_link' => $fulllink, 'thumb_link' => $fulllink);
} else {
$json_response = array('status' => '0', 'msg' => 'error');
}
echo stripslashes(json_encode($json_response));
}
}
}
public function make()
{
$comment_count = extension::getInstance()->getConfig('last_count', 'lastcomments', 'modules', 'int');
if ($comment_count < 1) {
$comment_count = 1;
}
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE `pathway` != '' AND moderate = '0' ORDER BY `time` DESC LIMIT 0,?");
$stmt->bindParam(1, $comment_count, PDO::PARAM_INT);
$stmt->execute();
$res = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt = null;
if (sizeof($res) > 0) {
// have comments in db
$max_comment_char_size = extension::getInstance()->getConfig('text_length', 'lastcomments', 'modules', 'int');
$prepared_userlist = system::getInstance()->extractFromMultyArray('author', $res);
user::getInstance()->listload($prepared_userlist);
$params = array();
foreach ($res as $result) {
$comment_text = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->nobbcode($result['comment']);
$params['comment'][] = array('user_id' => $result['author'], 'user_name' => user::getInstance()->get('nick', $result['author']), 'user_avatar' => user::getInstance()->buildAvatar('small', $result['author']), 'uri' => $result['pathway'], 'preview' => system::getInstance()->altsubstr($comment_text, 0, $max_comment_char_size), 'date' => system::getInstance()->toDate($result['time'], 'd'), 'guest_name' => system::getInstance()->nohtml($result['guest_name']));
}
$render = template::getInstance()->twigRender('modules/lastcomments/lastcomments.tpl', array('local' => $params));
template::getInstance()->set(template::TYPE_MODULE, 'lastcomments', $render);
}
}
private function showNewFriendRequestCount()
{
$friendRequestList = user::getInstance()->get('friend_request');
$friend_array = system::getInstance()->altexplode(',', $friendRequestList);
$request_count = sizeof($friend_array);
template::getInstance()->set(template::TYPE_MODULE, 'friendrequest_new_count', $request_count);
}
public function make()
{
$comment_id = (int) system::getInstance()->get('id');
if (user::getInstance()->get('id') > 0 && permission::getInstance()->have('comment/delete') && $comment_id > 0) {
$stmt = database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
$stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
$stmt->execute();
}
}
public function uploadAvatar($file)
{
$userid = user::getInstance()->get('id');
if (!$this->validImageMime($file) || $userid < 1) {
return false;
}
$dir_original = root . self::UPLOAD_FOLDER . "/user/avatar/original/";
$tmp_arr = explode(".", $file['name']);
$image_extension = array_pop($tmp_arr);
$file_save_original = "avatar_{$userid}.{$image_extension}";
$file_save_min_jpg = "avatar_{$userid}.jpg";
$file_original_fullpath = $dir_original . $file_save_original;
system::getInstance()->createDirectory($dir_original);
move_uploaded_file($file['tmp_name'], $file_original_fullpath);
$file_infofunction = getimagesize($file_original_fullpath);
$image_buffer = null;
if ($file_infofunction['mime'] == "image/jpg" || $file_infofunction['mime'] == "image/jpeg") {
$image_buffer = imagecreatefromjpeg($file_original_fullpath);
} elseif ($file_infofunction['mime'] == "image/gif") {
$image_buffer = imagecreatefromgif($file_original_fullpath);
} elseif ($file_infofunction['mime'] == "image/png") {
$image_buffer = imagecreatefrompng($file_original_fullpath);
} else {
return false;
}
$image_ox = imagesx($image_buffer);
$image_oy = imagesy($image_buffer);
$image_big_dx = 400;
$image_medium_dx = 200;
$image_small_dx = 100;
$image_big_dy = floor($image_oy * ($image_big_dx / $image_ox));
$image_medium_dy = floor($image_oy * ($image_medium_dx / $image_ox));
$image_small_dy = floor($image_oy * ($image_small_dx / $image_ox));
$image_big_truecolor = imagecreatetruecolor($image_big_dx, $image_big_dy);
$image_medium_truecolor = imagecreatetruecolor($image_medium_dx, $image_medium_dy);
$image_small_truecolor = imagecreatetruecolor($image_small_dx, $image_small_dy);
imagecopyresized($image_big_truecolor, $image_buffer, 0, 0, 0, 0, $image_big_dx, $image_big_dy, $image_ox, $image_oy);
imagecopyresized($image_medium_truecolor, $image_buffer, 0, 0, 0, 0, $image_medium_dx, $image_medium_dy, $image_ox, $image_oy);
imagecopyresized($image_small_truecolor, $image_buffer, 0, 0, 0, 0, $image_small_dx, $image_small_dy, $image_ox, $image_oy);
if (!file_exists(root . self::UPLOAD_FOLDER . '/user/avatar/big/')) {
system::getInstance()->createDirectory(root . self::UPLOAD_FOLDER . '/user/avatar/big/');
}
if (!file_exists(root . self::UPLOAD_FOLDER . '/user/avatar/medium/')) {
system::getInstance()->createDirectory(root . self::UPLOAD_FOLDER . '/user/avatar/medium/');
}
if (!file_exists(root . self::UPLOAD_FOLDER . '/user/avatar/small/')) {
system::getInstance()->createDirectory(root . self::UPLOAD_FOLDER . '/user/avatar/small/');
}
imagejpeg($image_big_truecolor, root . self::UPLOAD_FOLDER . "/user/avatar/big/{$file_save_min_jpg}");
imagejpeg($image_medium_truecolor, root . self::UPLOAD_FOLDER . "/user/avatar/medium/{$file_save_min_jpg}");
imagejpeg($image_small_truecolor, root . self::UPLOAD_FOLDER . "/user/avatar/small/{$file_save_min_jpg}");
imagedestroy($image_big_truecolor);
imagedestroy($image_medium_truecolor);
imagedestroy($image_small_truecolor);
imagedestroy($image_buffer);
return true;
}
public function make()
{
$id = (int) system::getInstance()->get('id');
$user_id = user::getInstance()->get('id');
if ($user_id < 1 || $id < 1 || !extension::getInstance()->getConfig('enable_useradd', 'news', extension::TYPE_COMPONENT, 'bol') || !extension::getInstance()->call(extension::TYPE_COMPONENT, 'news')->checkNewsOwnerExist($user_id, $id)) {
return;
}
$fpath = root . '/upload/news/poster_' . $id . '.jpg';
if (file_exists($fpath)) {
@unlink($fpath);
}
}
public function make()
{
$post_id = (int) system::getInstance()->get('id');
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE wall_post_id = ? ORDER BY id DESC");
$stmt->bindParam(1, $post_id, PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
user::getInstance()->listload(system::getInstance()->extractFromMultyArray('poster', $result));
$params = array();
foreach ($result as $item) {
$params['answer'][] = array('poster_id' => $item['poster'], 'poster_name' => user::getInstance()->get('nick', $item['poster']), 'poster_avatar' => user::getInstance()->buildAvatar('small', $item['poster']), 'message' => $item['message'], 'time' => system::getInstance()->toDate($item['time'], 'h'));
}
echo template::getInstance()->twigRender('components/user/profile/profile_answer.tpl', array('local' => $params));
}
/**
* Get comment list
* @param null $way
* @param int $end
* @param bool $show_all
* @return array
*/
public function getCommentsParams($way = null, $end = 0, $show_all = false)
{
$userid = user::getInstance()->get('id');
$stmt = null;
if (is_null($way)) {
$way = router::getInstance()->getUriString();
}
if ($show_all) {
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC");
$stmt->bindParam(1, $way, PDO::PARAM_STR);
$stmt->execute();
} else {
$comment_count = extension::getInstance()->getConfig('comments_count', 'comments', 'modules', 'int');
if ($end < 1) {
$end = 1;
}
$end *= $comment_count;
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC LIMIT 0,?");
$stmt->bindParam(1, $way, PDO::PARAM_STR);
$stmt->bindParam(2, $end, PDO::PARAM_INT);
$stmt->execute();
}
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
user::getInstance()->listload(system::getInstance()->extractFromMultyArray('author', $result));
$params = array();
foreach ($result as $item) {
$poster_id = $item['author'];
$can_edit = false;
$can_delete = false;
$editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
if ($userid > 0) {
if ($poster_id == $userid && time() - $item['time'] <= $editconfig || permission::getInstance()->have('comment/edit')) {
$can_edit = true;
}
if (permission::getInstance()->have('comment/delete')) {
$can_delete = true;
}
}
$params[] = array('author_id' => $poster_id, 'author_nick' => user::getInstance()->get('nick', $poster_id), 'author_avatar' => user::getInstance()->buildAvatar('small', $poster_id), 'comment_text' => extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->bbcode2html($item['comment']), 'comment_date' => system::getInstance()->toDate($item['time'], 'h'), 'unixtime' => $item['time'], 'comment_id' => $item['id'], 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'guest_name' => system::getInstance()->nohtml($item['guest_name']));
}
$stmt = null;
return $params;
}
public function make()
{
$params = array();
$params['captcha_full'] = extension::getInstance()->getConfig('captcha_type', 'captcha', 'hooks') == "recaptcha" ? true : false;
$params['captcha'] = extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->show();
if (system::getInstance()->post('dofeedback')) {
$poster_name = system::getInstance()->nohtml(system::getInstance()->post('topic_name'));
$topic_title = system::getInstance()->nohtml(system::getInstance()->post('topic_title'));
$topic_text = system::getInstance()->nohtml(system::getInstance()->post('topic_body'));
$poster_email = user::getInstance()->get('id') > 0 ? user::getInstance()->get('email') : system::getInstance()->post('topic_email');
$captcha = system::getInstance()->post('captcha');
$date = time();
if (!filter_var($poster_email, FILTER_VALIDATE_EMAIL)) {
$params['notify']['wrong_email'] = true;
}
if (system::getInstance()->length($topic_title) < 3 || system::getInstance()->length($topic_title) > 70) {
$params['notify']['wrong_title'] = true;
}
if (system::getInstance()->length($poster_name) < 3 || system::getInstance()->length($poster_name) > 50) {
$params['notify']['wrong_name'] = true;
}
if (system::getInstance()->length($topic_text) < 10) {
$params['notify']['wrong_text'] = true;
}
if (!extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->validate($captcha)) {
$params['notify']['wrong_captcha'] = true;
}
if (sizeof($params['notify']) == 0) {
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_com_feedback (`from_name`, `from_email`, `title`, `text`, `time`) VALUES (?, ?, ?, ?, ?)");
$stmt->bindParam(1, $poster_name, PDO::PARAM_STR);
$stmt->bindParam(2, $poster_email, PDO::PARAM_STR);
$stmt->bindParam(3, $topic_title, PDO::PARAM_STR);
$stmt->bindParam(4, $topic_text, PDO::PARAM_STR);
$stmt->bindParam(5, $date, PDO::PARAM_INT);
$stmt->execute();
$params['notify']['success'] = true;
}
}
meta::getInstance()->add('title', language::getInstance()->get('feedback_form_title'));
$render = template::getInstance()->twigRender('components/feedback/form.tpl', array('local' => $params));
template::getInstance()->set(template::TYPE_CONTENT, 'body', $render);
}
/**
* Add line to stream logs user activity
* @param string $type
* @param int|string $caster_id
* @param string $target_url
* @param null|string $preview_text
* @param bool $save_syntax
* @return bool
*/
public function add($type, $caster_id, $target_url, $preview_text = null, $save_syntax = true)
{
if (strlen($type) < 1) {
return false;
}
if (system::getInstance()->isInt($caster_id)) {
if (!user::getInstance()->exists($caster_id)) {
return false;
}
} else {
if (system::getInstance()->length($caster_id) < 1) {
return false;
}
}
if (!system::getInstance()->prefixEquals($target_url, property::getInstance()->get('url'))) {
return false;
}
if (!$save_syntax) {
$preview_text = system::getInstance()->nohtml($preview_text);
$bbobject = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml');
if (is_object($bbobject)) {
$preview_text = $bbobject->nobbcode($preview_text);
}
}
if (system::getInstance()->length($preview_text) > 25) {
$preview_text = system::getInstance()->sentenceSub($preview_text, 25) . '...';
}
$date = time();
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_com_stream (`type`, `caster_id`, `target_object`, `text_preview`, `date`) VALUES (?, ?, ?, ?, ?)");
$stmt->bindParam(1, $type, \PDO::PARAM_STR);
$stmt->bindParam(2, $caster_id, \PDO::PARAM_STR);
$stmt->bindParam(3, $target_url, \PDO::PARAM_STR);
$stmt->bindParam(4, $preview_text, \PDO::PARAM_STR | \PDO::PARAM_NULL);
$stmt->bindParam(5, $date, \PDO::PARAM_INT);
$stmt->execute();
return true;
}
public function canEdit($comment_id)
{
if (permission::getInstance()->have('global/owner')) {
// no limits for full admin
return true;
}
if (user::getInstance()->get('id') < 1) {
return false;
}
if (!permission::getInstance()->have('global/write')) {
return false;
}
$userid = user::getInstance()->get('id');
$stmt = database::getInstance()->con()->prepare("SELECT author,time FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
$stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
$stmt->execute();
if ($result = $stmt->fetch()) {
$editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
if ($result['author'] != $userid || time() - $result['time'] > $editconfig && !permission::getInstance()->have('comment/edit')) {
return false;
}
}
return true;
}
private function viewWebmoney()
{
if (!extension::getInstance()->getConfig('balance_use_webmoney', 'user', extension::TYPE_COMPONENT, 'boolean')) {
exit("Webmoney API disabled");
}
$wm_cfg_purse = extension::getInstance()->getConfig('balance_wm_purse', 'user', extension::TYPE_COMPONENT, 'str');
$wm_cfg_mul = extension::getInstance()->getConfig('balance_wm_mul', 'user', extension::TYPE_COMPONENT, 'float');
$wm_cfg_secret = extension::getInstance()->getConfig('balance_wm_secretkey', 'user', extension::TYPE_COMPONENT, 'str');
$real_ip = system::getInstance()->getRealIp();
$ip_array_routes = system::getInstance()->altexplode('.', $real_ip);
array_pop($ip_array_routes);
$ip_masc = system::getInstance()->altimplode('.', $ip_array_routes);
$wm_ips = array('212.118.48', '212.158.173', '91.200.28', '91.227.52');
if (!in_array($ip_masc, $wm_ips)) {
logger::getInstance()->log(logger::LEVEL_WARN, 'Call to Webmoney REST_API from wrong ip: ' . $real_ip . ' masc: ' . $ip_masc);
return null;
}
$pre_request = system::getInstance()->post('LMI_PREREQUEST');
$wm_seller_purse = system::getInstance()->post('LMI_PAYEE_PURSE');
// seller purse (must be our)
$wm_payment_amount = system::getInstance()->post('LMI_PAYMENT_AMOUNT');
// payment price amount
$wm_item_id = (int) system::getInstance()->post('LMI_PAYMENT_NO');
// user id
$wm_test_mode = system::getInstance()->post('LMI_MODE');
// is test?
$wm_paym_id = system::getInstance()->post('LMI_SYS_INVS_NO');
// webmoney payment id
$wm_trans_id = system::getInstance()->post('LMI_SYS_TRANS_NO');
// webmoney transaction id
$wm_trans_date = system::getInstance()->post('LMI_SYS_TRANS_DATE');
// date in strange format
$wm_hash_trans = system::getInstance()->post('LMI_HASH');
// hash sum, can be null before 200OK response is checked
$wm_buyer_wmpurse = system::getInstance()->post('LMI_PAYER_PURSE');
// client wm purse
$wm_buyer_wmid = system::getInstance()->post('LMI_PAYER_WM');
// client WMID
if ($pre_request == 1) {
// its a pre-request, validation before pay
if ($wm_seller_purse != $wm_cfg_purse) {
exit("Seller purse is invalid");
}
if (!user::getInstance()->exists($wm_item_id)) {
exit("User id: " . $wm_item_id . " not exist");
}
echo "YES";
} else {
// its a result request after payment
if ($wm_hash_trans == null) {
// didnt know why, but webmoney make 2 requests if PREREQUEST is disabled.
exit("Hash sum is null");
}
$totaldata = $wm_seller_purse . $wm_payment_amount . $wm_item_id . $wm_test_mode . $wm_paym_id . $wm_trans_id . $wm_trans_date . $wm_cfg_secret . $wm_buyer_wmpurse . $wm_buyer_wmid;
$calchash = strtoupper(hash('sha256', $totaldata));
if ($calchash != $wm_hash_trans || $wm_seller_purse != $wm_cfg_purse) {
logger::getInstance()->log(logger::LEVEL_NOTIFY, 'Wrong balance recharge webmoney from ip: ' . $real_ip . '. Hash gen: ' . $calchash . ' get: ' . $wm_hash_trans . '. All data json: ' . json_encode(system::getInstance()->post()));
return null;
}
$money_to_balance = $wm_payment_amount * $wm_cfg_mul;
if ($money_to_balance <= 0) {
return null;
}
user::getInstance()->addBalance($wm_item_id, $money_to_balance);
$payparam = array('from_wm_purse' => $wm_buyer_wmpurse, 'from_wm_id' => $wm_buyer_wmid, 'date' => $wm_trans_date, 'sys_invs_id' => $wm_paym_id, 'sys_trans_id' => $wm_trans_id, 'amount' => $money_to_balance);
user::getInstance()->putLog($wm_item_id, 'balance.wmadd', $payparam, 'Recharge balance via webmoney');
}
}
public function getUfieldData($target_id)
{
$stmt = database::getInstance()->con()->query("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_user_fields");
$allFields = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$stmt = null;
$ufield_user = unserialize(user::getInstance()->get('ufields', $target_id));
$output = array();
foreach ($allFields as $ufield) {
$title_serial = unserialize($ufield['name']);
$params_serial = unserialize($ufield['params']);
if ($ufield['type'] == 'text') {
$output[] = array('id' => $ufield['id'], 'type' => $ufield['type'], 'title' => $title_serial[language::getInstance()->getUseLanguage()], 'reg_exp' => $params_serial['regexp'], 'reg_cond' => $params_serial['regcond'], 'default' => $ufield_user[$ufield['id']]['data']);
} elseif ($ufield['type'] == 'img') {
$output[] = array('id' => $ufield['id'], 'type' => $ufield['type'], 'title' => $title_serial[language::getInstance()->getUseLanguage()], 'img_dx' => $params_serial['dx'], 'img_dy' => $params_serial['dy'], 'default' => $ufield_user[$ufield['id']]['data']);
} elseif ($ufield['type'] == 'link') {
$output[] = array('id' => $ufield['id'], 'type' => $ufield['type'], 'title' => $title_serial[language::getInstance()->getUseLanguage()], 'domain' => $params_serial['domain'], 'redirect' => $params_serial['redirect'], 'default' => $ufield_user[$ufield['id']]['data']);
}
}
return $output;
}
private function viewUserEdit()
{
$params = array();
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$userid = system::getInstance()->get('id');
if (!user::getInstance()->exists($userid)) {
system::getInstance()->redirect("?object=components&action=user");
}
if (system::getInstance()->post('submit')) {
$new_nick = system::getInstance()->post('nick');
$new_sex = system::getInstance()->post('sex');
$new_phone = system::getInstance()->post('phone');
$new_webpage = system::getInstance()->post('webpage');
$new_birthday = system::getInstance()->post('birthday');
$new_status = system::getInstance()->post('status');
$new_groupid = system::getInstance()->post('groupid');
$new_pass = strlen(system::getInstance()->post('newpass')) > 3 ? system::getInstance()->doublemd5(system::getInstance()->post('newpass')) : user::getInstance()->get('pass', $userid);
$stmt = database::getInstance()->con()->prepare("UPDATE " . property::getInstance()->get('db_prefix') . "_user a\n INNER JOIN " . property::getInstance()->get('db_prefix') . "_user_custom b USING(id) SET a.nick = ?, a.pass = ?, b.birthday = ?, b.sex = ?, b.phone = ?, b.webpage = ?, b.status = ?, a.access_level = ? WHERE a.id = ?");
$stmt->bindParam(1, $new_nick, PDO::PARAM_STR);
$stmt->bindParam(2, $new_pass, PDO::PARAM_STR, 32);
$stmt->bindParam(3, $new_birthday, PDO::PARAM_STR);
$stmt->bindParam(4, $new_sex, PDO::PARAM_INT);
$stmt->bindParam(5, $new_phone, PDO::PARAM_STR);
$stmt->bindParam(6, $new_webpage, PDO::PARAM_STR);
$stmt->bindParam(7, $new_status, PDO::PARAM_STR);
$stmt->bindParam(8, $new_groupid, PDO::PARAM_INT);
$stmt->bindParam(9, $userid, PDO::PARAM_INT);
$stmt->execute();
$stmt = null;
user::getInstance()->overload($userid);
$params['notify']['saved'] = true;
}
$params['udata']['id'] = $userid;
$params['udata']['login'] = user::getInstance()->get('login', $userid);
$params['udata']['nick'] = user::getInstance()->get('nick', $userid);
$params['udata']['email'] = user::getInstance()->get('email', $userid);
$params['udata']['sex'] = user::getInstance()->get('sex', $userid);
$params['udata']['webpage'] = user::getInstance()->get('webpage', $userid);
$params['udata']['birthday'] = user::getInstance()->get('birthday', $userid);
$params['udata']['status'] = user::getInstance()->get('status', $userid);
$params['udata']['group_data'] = $this->getGroupArray();
$params['udata']['current_group'] = user::getInstance()->get('access_level', $userid);
return template::getInstance()->twigRender('components/user/edit.tpl', $params);
}
<?php
/**
|==========================================================|
|========= @copyright Pyatinskii Mihail, 2013-2014 ========|
|================= @website: www.ffcms.ru =================|
|========= @license: GNU GPL V3, file: license.txt ========|
|==========================================================|
*/
// system are not installed or file is missed
if (!file_exists(root . "/config.php")) {
exit("System are not installed or file config.php is missed. Run <a href='/install/'>Installer</a>.");
} else {
require_once root . '/config.php';
}
\engine\property::getInstance()->init();
// processing of URI for multi-language and friendly url's
\engine\timezone::getInstance()->init();
// prepare tz_data worker
date_default_timezone_set(\engine\property::getInstance()->get('time_zone'));
// default timezone from configs
\engine\language::getInstance()->init();
\engine\database::getInstance()->init();
// init database PDO connect
\engine\user::getInstance()->init();
\engine\router::getInstance()->init();
\engine\extension::getInstance()->init();
// init extension controller
\engine\template::getInstance()->init();
echo \engine\admin::getInstance()->make();
public function make()
{
$text = system::getInstance()->nohtml(system::getInstance()->post('comment_message'), true);
$authorid = user::getInstance()->get('id');
$position = (int) system::getInstance()->post('comment_position');
$pathway = system::getInstance()->nohtml(system::getInstance()->post('pathway'));
$guest_name = system::getInstance()->nohtml(system::getInstance()->post('guest_name'));
$timestamp = time();
$guest_type = false;
$ip = system::getInstance()->getRealIp();
$params = array();
$moderate = 0;
if ($authorid < 1) {
if (system::getInstance()->length($guest_name) > 0 && extension::getInstance()->getConfig('guest_comment', 'comments', extension::TYPE_MODULE, 'bool')) {
$guest_name = system::getInstance()->altsubstr($guest_name, 0, 16);
if (!extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->validate(system::getInstance()->post('captcha'))) {
$params['notify']['captcha_error'] = true;
}
} elseif (!permission::getInstance()->have('global/write') || !permission::getInstance()->have('comment/add')) {
// only for auth usr with post rule right
return null;
}
$authorid = 0;
$moderate = 1;
} else {
$guest_name = '';
}
if (system::getInstance()->length($text) < extension::getInstance()->getConfig('min_length', 'comments', 'modules', 'int') || system::getInstance()->length($text) > extension::getInstance()->getConfig('max_length', 'comments', 'modules', 'int')) {
$params['notify']['wrong_text'] = true;
}
// get last comment from this user and check time deps
$stmt = null;
if ($guest_type) {
$stmt = database::getInstance()->con()->prepare("SELECT `time` FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE ip = ? ORDER BY `time` DESC LIMIT 1");
$stmt->bindParam(1, $ip, PDO::PARAM_STR);
$stmt->execute();
} else {
$stmt = database::getInstance()->con()->prepare("SELECT `time` FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE author = ? ORDER BY `time` DESC LIMIT 1");
$stmt->bindParam(1, $authorid, PDO::PARAM_INT);
$stmt->execute();
}
if ($stmt != null && ($result = $stmt->fetch())) {
$lastposttime = $result['time'];
if ($timestamp - $lastposttime < extension::getInstance()->getConfig('time_delay', 'comments', 'modules', 'int')) {
$params['notify']['time_delay'] = true;
}
}
$stmt = null;
if (sizeof($params['notify']) == 0) {
// no shit happends ;D
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_mod_comments (comment, author, time, pathway, ip, guest_name, moderate)\n VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->bindParam(1, $text, PDO::PARAM_STR);
$stmt->bindParam(2, $authorid, PDO::PARAM_INT);
$stmt->bindParam(3, $timestamp, PDO::PARAM_INT);
$stmt->bindParam(4, $pathway, PDO::PARAM_STR);
$stmt->bindParam(5, $ip, PDO::PARAM_STR);
$stmt->bindParam(6, $guest_name, PDO::PARAM_STR);
$stmt->bindParam(7, $moderate, PDO::PARAM_INT, 1);
$stmt->execute();
$stmt = null;
$stream = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream');
$poster = $authorid > 0 ? $authorid : $guest_name;
if (is_object($stream)) {
$stream->add('comment.add', $poster, property::getInstance()->get('url') . $pathway, $text);
}
if ($moderate) {
$params['notify']['is_moderate'] = true;
}
}
echo extension::getInstance()->call(extension::TYPE_MODULE, 'comments')->buildCommentTemplate($pathway, $position, false, $params);
}
private function viewStaticAdd()
{
$params = array();
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$params['langs']['all'] = language::getInstance()->getAvailable();
$params['langs']['current'] = property::getInstance()->get('lang');
if (system::getInstance()->post('save')) {
$params['static']['title'] = system::getInstance()->nohtml(system::getInstance()->post('title'));
$params['static']['text'] = system::getInstance()->post('text');
$params['static']['pathway'] = system::getInstance()->nohtml(system::getInstance()->post('pathway'));
$params['static']['keywords'] = system::getInstance()->nohtml(system::getInstance()->post('keywords'));
$params['static']['description'] = system::getInstance()->nohtml(system::getInstance()->post('description'));
$page_date = system::getInstance()->post('current_date') == "on" ? time() : system::getInstance()->toUnixTime(system::getInstance()->post('date'));
$params['static']['date'] = system::getInstance()->toDate($page_date, 'd');
$page_owner = user::getInstance()->get('id');
if (strlen($params['static']['title'][property::getInstance()->get('lang')]) < 1) {
$params['notify']['notitle'] = true;
} elseif (!$this->checkPageWay($params['static']['pathway'])) {
$params['notify']['pathmatch'] = true;
} else {
$serial_title = serialize($params['static']['title']);
$serial_text = serialize($params['static']['text']);
$serial_description = serialize($params['static']['description']);
$serial_keywords = serialize($params['static']['keywords']);
$save_pathway = $params['static']['pathway'] . ".html";
if ($page_date == null) {
$page_date = time();
}
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_com_static (title, text, owner, pathway, date, description, keywords) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->bindParam(1, $serial_title, PDO::PARAM_STR);
$stmt->bindParam(2, $serial_text, PDO::PARAM_STR);
$stmt->bindParam(3, $page_owner, PDO::PARAM_INT);
$stmt->bindParam(4, $save_pathway, PDO::PARAM_STR);
$stmt->bindParam(5, $page_date, PDO::PARAM_INT);
$stmt->bindParam(6, $serial_description, PDO::PARAM_STR);
$stmt->bindParam(7, $serial_keywords, PDO::PARAM_STR);
$stmt->execute();
$stmt = null;
$stream = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream');
if (is_object($stream)) {
$stream->add('static.add', $page_owner, property::getInstance()->get('url') . '/static/' . $save_pathway, $params['static']['title'][language::getInstance()->getUseLanguage()]);
}
system::getInstance()->redirect("?object=components&action=static");
}
}
return template::getInstance()->twigRender('components/static/edit.tpl', $params);
}
private function viewCommentList()
{
csrf::getInstance()->buildToken();
$params = array();
if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
$toDelete = system::getInstance()->post('check_array');
if (is_array($toDelete) && sizeof($toDelete) > 0) {
$listDelete = system::getInstance()->altimplode(',', $toDelete);
if (system::getInstance()->isIntList($listDelete)) {
database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id IN (" . $listDelete . ")");
}
}
}
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$filter = (int) system::getInstance()->get('filter');
$index = (int) system::getInstance()->get('index');
$db_index = $index * self::ITEM_PER_PAGE;
$stmt = null;
if ($filter == self::FILTER_MODERATE) {
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE moderate = 1 ORDER BY id DESC LIMIT ?," . self::ITEM_PER_PAGE);
$stmt->bindParam(1, $db_index, PDO::PARAM_INT);
$stmt->execute();
} else {
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments ORDER BY id DESC LIMIT ?," . self::ITEM_PER_PAGE);
$stmt->bindParam(1, $db_index, PDO::PARAM_INT);
$stmt->execute();
}
$resultFetch = $stmt->fetchAll(PDO::FETCH_ASSOC);
$authors_ids = system::getInstance()->extractFromMultyArray('author', $resultFetch);
if (sizeof($authors_ids) > 1) {
// 2 or more
user::getInstance()->listload(system::getInstance()->extractFromMultyArray('author', $resultFetch));
}
foreach ($resultFetch as $row) {
$params['comments']['list'][] = array('id' => $row['id'], 'user_id' => $row['author'], 'user_name' => user::getInstance()->get('nick', $row['author']), 'comment' => extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->nobbcode($row['comment']), 'guest_name' => system::getInstance()->nohtml($row['guest_name']), 'moderate' => $row['moderate'], 'date' => system::getInstance()->toDate($row['time'], 'h'), 'uri' => $row['pathway']);
}
$params['pagination'] = template::getInstance()->showFastPagination($index, self::ITEM_PER_PAGE, $this->getTotalCommentCount($filter), '?object=modules&action=comments&filter=' . $filter . '&index=');
return template::getInstance()->twigRender('modules/comments/list.tpl', $params);
}
private function viewVideoEdit()
{
$params = array();
$video_id = (int) system::getInstance()->get('id');
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$params['langs']['all'] = language::getInstance()->getAvailable();
$params['langs']['current'] = property::getInstance()->get('lang');
$params['video']['categorys'] = extension::getInstance()->call(extension::TYPE_COMPONENT, 'video')->getCategoryArray();
if (system::getInstance()->post('save')) {
$editor_id = user::getInstance()->get('id');
$title = system::getInstance()->nohtml(system::getInstance()->post('title'));
$category_id = system::getInstance()->post('category');
$pathway = system::getInstance()->nohtml(system::getInstance()->post('pathway')) . ".html";
$display = system::getInstance()->post('display_content') == "on" ? 1 : 0;
$important = system::getInstance()->post('important_content') == "on" ? 1 : 0;
$text = system::getInstance()->post('text');
$description = system::getInstance()->nohtml(system::getInstance()->post('description'));
$keywords = system::getInstance()->nohtml(system::getInstance()->post('keywords'));
$video_code = system::getInstance()->post('videocode');
$date = system::getInstance()->post('current_date') == "on" ? time() : system::getInstance()->toUnixTime(system::getInstance()->post('date'));
if (strlen($video_code) < 1) {
$params['notify']['nocode'] = true;
}
if (strlen($title[property::getInstance()->get('lang')]) < 1) {
$params['notify']['notitle'] = true;
}
if (!system::getInstance()->isInt($category_id)) {
$params['notify']['nocat'] = true;
}
if (strlen($pathway) < 1 || !extension::getInstance()->call(extension::TYPE_COMPONENT, 'video')->checkVideoWay($pathway, $video_id, $category_id)) {
$params['notify']['wrongway'] = true;
}
if (strlen($text[property::getInstance()->get('lang')]) < 1) {
$params['notify']['notext'] = true;
}
if (sizeof($params['notify']) == 0) {
$serial_title = serialize(system::getInstance()->altaddslashes($title));
$serial_text = serialize(system::getInstance()->altaddslashes($text));
$serial_description = serialize(system::getInstance()->altaddslashes($description));
$serial_keywords = serialize(system::getInstance()->altaddslashes($keywords));
$stmt = database::getInstance()->con()->prepare("UPDATE " . property::getInstance()->get('db_prefix') . "_com_video_entery SET code = ?, title = ?, text = ?, link = ?,\n\t\t\t\t\t\tcategory = ?, date = ?, description = ?, keywords = ?, display = ?, important = ? WHERE id = ?");
$stmt->bindParam(1, $video_code, PDO::PARAM_STR);
$stmt->bindParam(2, $serial_title, PDO::PARAM_STR);
$stmt->bindParam(3, $serial_text, PDO::PARAM_STR);
$stmt->bindParam(4, $pathway, PDO::PARAM_STR);
$stmt->bindParam(5, $category_id, PDO::PARAM_INT);
$stmt->bindParam(6, $date, PDO::PARAM_INT);
$stmt->bindParam(7, $serial_description, PDO::PARAM_STR);
$stmt->bindParam(8, $serial_keywords, PDO::PARAM_STR);
$stmt->bindParam(9, $display, PDO::PARAM_INT);
$stmt->bindParam(10, $important, PDO::PARAM_INT);
$stmt->bindParam(11, $video_id, PDO::PARAM_INT);
$stmt->execute();
$stmt = null;
$stmt = database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_tags WHERE `object_type` = 'video' AND `object_id` = ?");
$stmt->bindParam(1, $video_id, PDO::PARAM_INT);
$stmt->execute();
$stmt = null;
foreach ($keywords as $keyrow) {
$keyrow_array = system::getInstance()->altexplode(',', $keyrow);
foreach ($keyrow_array as $objectkey) {
$objectkey = system::getInstance()->altlower(trim($objectkey));
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_mod_tags(`object_id`, `object_type`, `tag`) VALUES (?, 'video', ?)");
$stmt->bindParam(1, $video_id, PDO::PARAM_INT);
$stmt->bindParam(2, $objectkey, PDO::PARAM_STR);
$stmt->execute();
$stmt = null;
}
}
$params['notify']['success'] = true;
if ($_FILES['videoimage']['size'] > 0) {
$dx = extension::getInstance()->getConfig('poster_dx', 'video', extension::TYPE_COMPONENT, 'int');
$dy = extension::getInstance()->getConfig('poster_dy', 'video', extension::TYPE_COMPONENT, 'int');
$save_name = 'poster_' . $video_id . '.jpg';
extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadResizedImage('/video/', $_FILES['videoimage'], $dx, $dy, $save_name);
}
}
}
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery WHERE id = ?");
$stmt->bindParam(1, $video_id, PDO::PARAM_INT);
$stmt->execute();
if ($result = $stmt->fetch()) {
$params['video']['id'] = $video_id;
$params['video']['title'] = system::getInstance()->altstripslashes(unserialize($result['title']));
$params['video']['text'] = system::getInstance()->altstripslashes(unserialize($result['text']));
$params['video']['pathway'] = system::getInstance()->noextention($result['link']);
$params['video']['cat_id'] = $result['category'];
$params['video']['date'] = system::getInstance()->toDate($result['date'], 'h');
$params['video']['description'] = system::getInstance()->altstripslashes(unserialize($result['description']));
$params['video']['keywords'] = system::getInstance()->altstripslashes(unserialize($result['keywords']));
$params['video']['display'] = $result['display'];
$params['video']['important'] = $result['important'];
$params['video']['code'] = $result['code'];
if (file_exists(root . '/upload/video/poster_' . $video_id . '.jpg')) {
$params['video']['poster_path'] = '/upload/video/poster_' . $video_id . '.jpg';
$params['video']['poster_name'] = 'poster_' . $video_id . '.jpg';
}
} else {
system::getInstance()->redirect($_SERVER['PHP_SELF'] . '?object=components&action=static');
}
return template::getInstance()->twigRender('components/video/edit.tpl', $params);
}
public function make()
{
echo (int) user::getInstance()->get('id');
return null;
}
public function viewCategory()
{
$way = router::getInstance()->shiftUriArray();
$item_type = 'all';
if (in_array($way[0], array('all', 'top'))) {
$item_type = array_shift($way);
}
$pop_array = $way;
$last_item = array_pop($pop_array);
$page_index = 0;
$page_video_count = extension::getInstance()->getConfig('count_video_page', 'video', 'components', 'int');
$total_video_count = 0;
$cat_link = null;
if (system::getInstance()->isInt($last_item)) {
$page_index = $last_item;
$cat_link = system::getInstance()->altimplode("/", $pop_array);
} else {
$cat_link = system::getInstance()->altimplode("/", $way);
}
$select_coursor_start = $page_index * $page_video_count;
$category_select_array = array();
$category_list = null;
$fstmt = null;
$page_title = null;
$page_desc = null;
if (extension::getInstance()->getConfig('multi_category', 'video', 'components', 'boolean')) {
$fstmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_video_category WHERE path like ?");
$path_swarm = "{$cat_link}%";
$fstmt->bindParam(1, $path_swarm, PDO::PARAM_STR);
$fstmt->execute();
} else {
$fstmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_video_category WHERE path = ?");
$fstmt->bindParam(1, $cat_link, PDO::PARAM_STR);
$fstmt->execute();
}
while ($fresult = $fstmt->fetch()) {
$category_select_array[] = $fresult['category_id'];
if ($cat_link == $fresult['path']) {
$serial_name = system::getInstance()->nohtml(unserialize($fresult['name']));
$serial_desc = unserialize($fresult['desc']);
$page_title = language::getInstance()->get('video_view_category') . ': ';
if ($item_type == 'top') {
$page_title .= language::getInstance()->get('vide_view_top');
} else {
$page_title .= $serial_name[language::getInstance()->getUseLanguage()];
}
$seo_title = $page_title;
$seo_desc = $page_desc = $serial_desc[language::getInstance()->getUseLanguage()];
if ($page_index > 0) {
$seo_title .= " - " . language::getInstance()->get('video_page_title') . ' ' . ($page_index + 1);
$seo_desc .= " - " . language::getInstance()->get('video_page_title') . ' ' . ($page_index + 1);
}
meta::getInstance()->add('title', $seo_title);
meta::getInstance()->add('description', $seo_desc);
}
}
$category_list = system::getInstance()->altimplode(',', $category_select_array);
$theme_array = array();
$fstmt = null;
if (system::getInstance()->isIntList($category_list)) {
$max_preview_length = 150;
$time = time();
$stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery WHERE category in ({$category_list}) AND date <= ? AND display = 1");
$stmt->bindParam(1, $time, PDO::PARAM_INT);
$stmt->execute();
if ($countRows = $stmt->fetch()) {
$total_video_count = $countRows[0];
}
$stmt = null;
$order_column = 'a.date';
if ($item_type == 'top') {
$order_column = 'a.views';
}
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery a,\n\t\t\t\t\t\t\t\t\t\t\t\t " . property::getInstance()->get('db_prefix') . "_com_video_category b\n\t\t\t\t\t\t\t\t\t\t\t\t WHERE a.category in ({$category_list}) AND a.date <= ?\n\t\t\t\t\t\t\t\t\t\t\t\t AND a.category = b.category_id\n\t\t\t\t\t\t\t\t\t\t\t\t AND a.display = 1\n\t\t\t\t\t\t\t\t\t\t\t\t ORDER BY a.important DESC, {$order_column} DESC LIMIT ?,?");
$stmt->bindParam(1, $time, PDO::PARAM_INT);
$stmt->bindParam(2, $select_coursor_start, PDO::PARAM_INT);
$stmt->bindParam(3, $page_video_count, PDO::PARAM_INT);
$stmt->execute();
if (sizeof($category_select_array) > 0) {
while ($result = $stmt->fetch()) {
$lang_text = system::getInstance()->altstripslashes(unserialize($result['text']));
$lang_title = system::getInstance()->altstripslashes(unserialize($result['title']));
$lang_keywords = system::getInstance()->altstripslashes(unserialize($result['keywords']));
$video_short_text = $lang_text[language::getInstance()->getUseLanguage()];
if (system::getInstance()->length($lang_title[language::getInstance()->getUseLanguage()]) < 1) {
// do not add the empty title video
continue;
}
if (system::getInstance()->contains('<hr />', $video_short_text)) {
$video_short_text = strstr($video_short_text, '<hr />', true);
} elseif (system::getInstance()->length($video_short_text) > $max_preview_length) {
$video_short_text = system::getInstance()->sentenceSub(system::getInstance()->nohtml($video_short_text), $max_preview_length) . "...";
}
if ($result['path'] == null) {
$video_full_link = $result['link'];
} else {
$video_full_link = $result['path'] . "/" . $result['link'];
}
$tagPrepareArray = system::getInstance()->altexplode(',', $lang_keywords[language::getInstance()->getUseLanguage()]);
$tag_array = array();
foreach ($tagPrepareArray as $tagItem) {
$tag_array[] = trim($tagItem);
}
$comment_count = 0;
if (is_object(extension::getInstance()->call(extension::TYPE_HOOK, 'comment'))) {
$comment_count = extension::getInstance()->call(extension::TYPE_HOOK, 'comment')->getCount('/' . language::getInstance()->getUseLanguage() . '/video/' . $video_full_link);
}
$cat_serial_text = system::getInstance()->altstripslashes(unserialize($result['name']));
$video_view_id = $result['id'];
$image_poster_root = root . '/upload/video/poster_' . $video_view_id . '.jpg';
$image_poster_url = false;
if (file_exists($image_poster_root)) {
$image_poster_url = property::getInstance()->get('script_url') . '/upload/video/poster_' . $video_view_id . '.jpg';
}
$theme_array[] = array('tags' => $tag_array, 'title' => $lang_title[language::getInstance()->getUseLanguage()], 'text' => $video_short_text, 'date' => system::getInstance()->toDate($result['date'], 'h'), 'unixtime' => $result['date'], 'category_url' => $result['path'], 'category_name' => $cat_serial_text[language::getInstance()->getUseLanguage()], 'author_id' => $result['author'], 'author_nick' => user::getInstance()->get('nick', $result['author']), 'full_video_uri' => $video_full_link, 'comment_count' => $comment_count, 'view_count' => $result['views'], 'poster' => $image_poster_url, 'important' => $result['important']);
}
}
$stmt = null;
}
if ($item_type == 'top') {
$page_link = $cat_link == null ? "video/top" : "video/top/" . $cat_link;
} else {
$page_link = $cat_link == null ? "video" : "video/" . $cat_link;
}
$pagination = template::getInstance()->showFastPagination($page_index, $page_video_count, $total_video_count, $page_link);
$full_params = array('local' => $theme_array, 'pagination' => $pagination, 'page_title' => $page_title, 'page_desc' => $page_desc, 'page_link' => $cat_link, 'video_sort_type' => $item_type);
return template::getInstance()->twigRender('/components/video/short_view.tpl', $full_params);
}
