/** * Edit advertisement: Update * * All post fields are validated */ public function action_update() { //template header $this->template->title = __('Edit advertisement'); $this->template->meta_description = __('Edit advertisement'); Controller::$full_width = TRUE; //local files if (Theme::get('cdn_files') == FALSE) { $this->template->styles = array('css/jquery.sceditor.default.theme.min.css' => 'screen', '//cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.1/css/selectize.bootstrap3.min.css' => 'screen', '//cdn.jsdelivr.net/sweetalert/1.1.3/sweetalert.css' => 'screen'); $this->template->scripts['footer'] = array('js/jquery.sceditor.bbcode.min.js', '//maps.google.com/maps/api/js?sensor=false&libraries=geometry&v=3.7', '//cdn.jsdelivr.net/gmaps/0.4.15/gmaps.min.js', '//cdn.jsdelivr.net/sweetalert/1.1.3/sweetalert.min.js', '//cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.1/js/standalone/selectize.min.js', 'js/canvasResize.js', 'js/oc-panel/edit_ad.js'); } else { $this->template->styles = array('css/jquery.sceditor.default.theme.min.css' => 'screen', '//cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.1/css/selectize.bootstrap3.min.css' => 'screen', '//cdn.jsdelivr.net/sweetalert/1.1.3/sweetalert.css' => 'screen'); $this->template->scripts['footer'] = array('js/jquery.sceditor.bbcode.min.js', '//maps.google.com/maps/api/js?sensor=false&libraries=geometry&v=3.7', '//cdn.jsdelivr.net/gmaps/0.4.15/gmaps.min.js', '//cdn.jsdelivr.net/sweetalert/1.1.3/sweetalert.min.js', '//cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.1/js/standalone/selectize.min.js', 'js/canvasResize.js', 'js/oc-panel/edit_ad.js'); } Breadcrumbs::add(Breadcrumb::factory()->set_title(__('My ads'))->set_url(Route::url('oc-panel', array('controller' => 'myads', 'action' => 'index')))); $form = new Model_Ad($this->request->param('id')); if ($form->loaded() and (Auth::instance()->get_user()->id_user == $form->id_user or Auth::instance()->get_user()->id_role == Model_Role::ROLE_ADMIN or Auth::instance()->get_user()->id_role == Model_Role::ROLE_MODERATOR)) { // deleting single image by path if (is_numeric($deleted_image = core::request('img_delete'))) { $form->delete_image($deleted_image); $this->redirect(Route::url('oc-panel', array('controller' => 'myads', 'action' => 'update', 'id' => $form->id_ad))); } // end of img delete // set primary image if (is_numeric($primary_image = core::request('primary_image'))) { $form->set_primary_image($primary_image); $this->redirect(Route::url('oc-panel', array('controller' => 'myads', 'action' => 'update', 'id' => $form->id_ad))); } $original_category = $form->category; $extra_payment = core::config('payment'); if ($this->request->post()) { $data = $this->request->post(); //to make it backward compatible with older themes: UGLY!! if (isset($data['category']) and is_numeric($data['category'])) { $data['id_category'] = $data['category']; unset($data['category']); } if (isset($data['location']) and is_numeric($data['location'])) { $data['id_location'] = $data['location']; unset($data['location']); } $return = $form->save_ad($data); //there was an error on the validation if (isset($return['validation_errors']) and is_array($return['validation_errors'])) { foreach ($return['validation_errors'] as $f => $err) { Alert::set(Alert::ALERT, $err); } } elseif (isset($return['error'])) { Alert::set($return['error_type'], $return['error']); } elseif (isset($return['message'])) { // IMAGE UPLOAD // in case something wrong happens user is redirected to edit advert. $filename = NULL; for ($i = 0; $i < core::config("advertisement.num_images"); $i++) { if (Core::post('base64_image' . $i)) { $filename = $form->save_base64_image(Core::post('base64_image' . $i)); } elseif (isset($_FILES['image' . $i])) { $filename = $form->save_image($_FILES['image' . $i]); } } if ($filename !== NULL) { $form->last_modified = Date::unix2mysql(); try { $form->save(); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } Alert::set(Alert::SUCCESS, $return['message']); //redirect user to pay if (isset($return['checkout_url']) and !empty($return['checkout_url'])) { $this->redirect($return['checkout_url']); } } $this->redirect(Route::url('oc-panel', array('controller' => 'myads', 'action' => 'update', 'id' => $form->id_ad))); } //get all orders $orders = new Model_Order(); $orders = $orders->where('id_user', '=', $form->id_user)->where('status', '=', Model_Order::STATUS_CREATED)->where('id_ad', '=', $form->id_ad)->find_all(); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Update'))); $this->template->content = View::factory('oc-panel/profile/edit_ad', array('ad' => $form, 'extra_payment' => $extra_payment, 'orders' => $orders)); } else { Alert::set(Alert::ERROR, __('You dont have permission to access this link')); $this->redirect(Route::url('default')); } }
/** * Edit advertisement: Update * * All post fields are validated */ public function action_update() { //template header $this->template->title = __('Edit advertisement'); $this->template->meta_description = __('Edit advertisement'); //local files if (Theme::get('cdn_files') == FALSE) { $this->template->styles = array('css/datepicker.css' => 'screen'); $this->template->scripts['footer'] = array('js/bootstrap-datepicker.js', 'js/jquery.validate.min.js', 'js/oc-panel/edit_ad.js'); } else { $this->template->styles = array('http://cdn.jsdelivr.net/bootstrap.datepicker/0.1/css/datepicker.css' => 'screen'); $this->template->scripts['footer'] = array('http://cdn.jsdelivr.net/bootstrap.datepicker/0.1/js/bootstrap-datepicker.js', 'js/jquery.validate.min.js', 'js/oc-panel/edit_ad.js'); } Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Home'))->set_url(Route::url('default'))); $form = new Model_Ad($this->request->param('id')); //find all, for populating form select fields list($categories, $order_categories) = Model_Category::get_all(); list($locations, $order_locations) = Model_Location::get_all(); if (Auth::instance()->logged_in() && Auth::instance()->get_user()->id_user == $form->id_user || Auth::instance()->logged_in() && Auth::instance()->get_user()->id_role == 10) { $extra_payment = core::config('payment'); Breadcrumbs::add(Breadcrumb::factory()->set_title("Update")); $this->template->content = View::factory('oc-panel/profile/edit_ad', array('ad' => $form, 'locations' => $locations, 'order_locations' => $order_locations, 'categories' => $categories, 'order_categories' => $order_categories, 'extra_payment' => $extra_payment, 'fields' => Model_Field::get_all())); if ($this->request->post()) { $cat = new Model_Category(); $loc = new Model_Location(); // deleting single image by path $deleted_image = core::post('img_delete'); if ($deleted_image) { $img_path = $form->gen_img_path($form->id_ad, $form->created); if (!is_dir($img_path)) { return FALSE; } else { //delete formated image unlink($img_path . $deleted_image . '.jpg'); //delete original image $orig_img = str_replace('thumb_', '', $deleted_image); unlink($img_path . $orig_img . ".jpg"); $this->request->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'update', 'id' => $form->id_ad))); } } // end of img delete $data = array('_auth' => $auth = Auth::instance(), 'title' => $title = Model_Ad::banned_words(core::post('title')), 'seotitle' => $seotitle = core::post('title'), 'loc' => $loc = core::post('location'), 'description' => $description = Model_Ad::banned_words(core::post('description')), 'price' => $price = floatval(str_replace(',', '.', core::post('price'))), 'address' => $address = core::post('address'), 'website' => $website = core::post('website'), 'phone' => $phone = core::post('phone'), 'has_images' => 0, 'user' => $user = new Model_User()); // append to $data new custom values foreach ($_POST as $name => $field) { // get by prefix if (strpos($name, 'cf_') !== false) { $data[$name] = $field; //checkbox when selected return string 'on' as a value if ($field == 'on') { $data[$name] = 1; } } } //insert data if (core::post('title') != $form->title) { if ($form->has_images == 1) { $current_path = $form->gen_img_path($form->id_ad, $form->created); // rename current image path to match new seoname rename($current_path, $form->gen_img_path($form->id_ad, $form->created)); } $seotitle = $form->gen_seo_title($data['title']); $form->seotitle = $seotitle; } else { $form->seotitle = $form->seotitle; } $form->title = $data['title']; $form->id_location = $data['loc']; //$form->id_category = $data['cat']; $form->description = $data['description']; // $form->status = $data['status']; $form->price = $data['price']; $form->address = $data['address']; $form->website = $data['website']; $form->phone = $data['phone']; // set custom values foreach ($data as $key => $value) { // get only custom values with prefix if (strpos($key, 'cf_') !== false) { $form->{$key} = $value; } } // d($data['cf_radio']); $obj_ad = new Model_Ad(); // IMAGE UPLOAD // in case something wrong happens user is redirected to edit advert. $filename = NULL; $counter = 0; for ($i = 0; $i < core::config("advertisement.num_images"); $i++) { $counter++; if (isset($_FILES['image' . $i])) { $img_files = $_FILES['image' . $i]; $filename = $obj_ad->save_image($img_files, $form->id_ad, $form->created, $form->seotitle, $counter); } if ($filename) { $form->has_images = 1; try { $form->save(); } catch (Exception $e) { throw new HTTP_Exception_500($e->getMessage()); } } if ($filename = FALSE) { $this->request->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'update', 'id' => $form->id_ad))); } } try { // if user changes category, do payment first // moderation 2 -> payment on, moderation 5 -> payment with moderation // data['cat'] -> category selected , last_known_ad->id_category -> obj of current ad (before save) $moderation = core::config('general.moderation'); $last_known_ad = $obj_ad->where('id_ad', '=', $this->request->param('id'))->limit(1)->find(); if ($moderation == Model_Ad::PAYMENT_ON || $moderation == Model_Ad::PAYMENT_MODERATION) { // PAYMENT METHOD ACTIVE $payment_order = new Model_Order(); $advert_have_order = $payment_order->where('id_ad', '=', $this->request->param('id')); if ($data['cat'] == $last_known_ad->id_category) { // check if he payed when ad was created (is successful), // if not give him alert that he didn't payed, and ad will not be published until he do $cat_check = $cat->where('id_category', '=', $last_known_ad->id_category)->limit(1)->find(); // current category $advert_have_order->and_where('description', '=', $cat_check->seoname)->limit(1)->find(); if ($advert_have_order->loaded()) { if ($advert_have_order->status != Model_Order::STATUS_PAID) { // order is not payed, $form->status = 0; Alert::set(Alert::INFO, __('Advertisement is updated, but it won\'t be published until payment is done.')); } else { if ($moderation == Model_Ad::PAYMENT_ON) { $form->status = 1; Alert::set(Alert::SUCCESS, __('Advertisement is updated!')); } else { if ($moderation == 5) { Alert::set(Alert::SUCCESS, __('Advertisement is updated!')); } } } } $form->save(); $this->request->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'update', 'id' => $form->id_ad))); } else { // user have pending order with new category(possible that he previously tried to do the same action) $cat_check = $cat->where('id_category', '=', $data['cat'])->limit(1)->find(); // newly selected category $advert_have_order->and_where('description', '=', $cat_check->seoname)->limit(1)->find(); if ($advert_have_order->loaded()) { // sanity check -> we don't want to charge him twice for same category if ($advert_have_order->status != Model_Order::STATUS_PAID) { $this->request->redirect(Route::url('default', array('controller' => 'payment_paypal', 'action' => 'form', 'id' => $advert_have_order->id_order))); } else { if ($moderation == Model_Ad::PAYMENT_ON) { $form->status = 1; Alert::set(Alert::SUCCESS, __('Advertisement is updated!')); } else { if ($moderation == Model_Ad::PAYMENT_MODERATION) { Alert::set(Alert::SUCCESS, __('Advertisement is updated!')); } } } $form->save(); } else { $order_id = $payment_order->make_new_order($data, Auth::instance()->get_user()->id_user, $form->seotitle); if ($order_id == NULL) { if ($moderation == Model_Ad::PAYMENT_ON) { // publish $form->status = 1; } } else { // redirect to payment $this->request->redirect(Route::url('default', array('controller' => 'payment_paypal', 'action' => 'form', 'id' => $order_id))); // @TODO - check route } $form->save(); } } } // save ad $form->status = $last_known_ad->status; $form->save(); Alert::set(Alert::SUCCESS, __('Advertisement is updated')); $this->request->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'update', 'id' => $form->id_ad))); } catch (Exception $e) { //throw 500 throw new HTTP_Exception_500($e->getMessage()); } } } else { Alert::set(Alert::ERROR, __('You dont have permission to access this link')); $this->request->redirect(Route::url('default')); } // QR!!! $qr = new Qr($this->request->param('id')); $qr->reset(); $f = $qr->qr(); $qr->calendar(); // $qr->map(); $qr->website(); $qr->contact(); Alert::set(Alert::SUCCESS, "Wrote " . print_r($f, true)); }
public function action_image() { try { //get image $image = $_FILES['image']; //file post if (is_numeric($id_ad = $this->request->param('id'))) { $ad = new Model_Ad(); $ad->where('id_ad', '=', $id_ad)->where('id_user', '=', $this->user->id_user)->find(); if ($ad->loaded()) { if ($ret = $ad->save_image($image)) { $this->rest_output($ret); } else { $this->_error($ret); } } else { $this->_error(__('Advertisement not found'), 404); } } else { $this->_error(__('Advertisement not found'), 404); } } catch (Kohana_HTTP_Exception $khe) { $this->_error($khe); return; } }
/** * [save_new_ad Save new advertisement if validated, with a given parameters * * @param [array] $data [post values] * @param [int] $status [status of advert.] * @param [bool] $published [Confirms if advert is published. ref to model_ad] * @param [int] $moderation [moderation status/mode] * * @return [view] View dependant on usecase */ public function save_new_ad($data, $status, $published, $moderation) { $user = new Model_User(); $new_ad = new Model_Ad(); //$_POST is submitted for a new ad if ($this->request->post()) { if (captcha::check('publish_new')) { //FORM DATA $seotitle = $new_ad->gen_seo_title($data['title']); $new_ad->title = Model_Ad::banned_words($data['title']); $new_ad->id_location = $data['loc']; $new_ad->id_category = $data['cat']; $new_ad->description = Model_Ad::banned_words($data['description']); $new_ad->seotitle = $seotitle; $new_ad->status = $status; $new_ad->price = floatval(str_replace(',', '.', $data['price'])); $new_ad->address = $data['address']; $new_ad->phone = $data['phone']; $new_ad->website = $data['website']; // set custom values foreach ($data as $name => $field) { // get only custom values with prefix if (strpos($name, 'cf_') !== false) { $new_ad->{$name} = $field; } } // d($data); // User detection, if doesnt exists create $auth_user = Auth::instance(); if (!$auth_user->logged_in()) { $name = core::post('name'); $email = core::post('email'); $user_id = $user->create_new_user($name, $email); } else { $user_id = $auth_user->get_user()->id_user; $name = $auth_user->get_user()->name; $email = $auth_user->get_user()->email; } // SAVE AD $new_ad->id_user = $user_id; // after handling user try { //akismet spam filter if (!core::akismet(Model_Ad::banned_words($data['title']), $email, Model_Ad::banned_words($data['description']))) { if ($moderation == Model_Ad::EMAIL_MODERATION or $moderation == Model_Ad::EMAIL_CONFIRMATION) { $new_ad->status = Model_Ad::STATUS_UNCONFIRMED; } $new_ad->save(); } else { Alert::set(Alert::SUCCESS, __('This post has been considered as spam! We are sorry but we cant publish this advertisement.')); $this->request->redirect('default'); } //akismet // if moderation is off update db field with time of creation if ($published) { $_ad_published = new Model_Ad(); $_ad_published->where('seotitle', '=', $seotitle)->limit(1)->find(); $_ad_published->published = $_ad_published->created; $_ad_published->save(); $created = $_ad_published->created; } else { $created = new Model_Ad(); $created = $created->where('seotitle', '=', $seotitle)->limit(1)->find(); $created = $created->created; } $user = $user->where('email', '=', $email)->limit(1)->find(); // after successful posting send them email depending on moderation if ($moderation == Model_Ad::EMAIL_CONFIRMATION or $moderation == Model_Ad::EMAIL_MODERATION) { $edit_url = core::config('general.base_url') . 'oc-panel/profile/update/' . $new_ad->id_ad; $delete_url = core::config('general.base_url') . 'oc-panel/ad/delete/' . $new_ad->id_ad; //we get the QL, and force the regen of token for security $url_ql = $user->ql('default', array('controller' => 'ad', 'action' => 'confirm_post', 'id' => $new_ad->id_ad), TRUE); $ret = $user->email('ads.confirm', array('[URL.QL]' => $url_ql, '[AD.NAME]' => $new_ad->title, '[URL.EDITAD]' => $edit_url, '[URL.DELETEAD]' => $delete_url)); } elseif ($moderation == Model_Ad::MODERATION_ON) { $edit_url = core::config('general.base_url') . 'oc-panel/profile/update/' . $new_ad->id_ad; $delete_url = core::config('general.base_url') . 'oc-panel/ad/delete/' . $new_ad->id_ad; //we get the QL, and force the regen of token for security $url_ql = $user->ql('oc-panel', array('controller' => 'profile', 'action' => 'update', 'id' => $new_ad->id_ad), TRUE); $ret = $user->email('ads.notify', array('[URL.QL]' => $url_ql, '[AD.NAME]' => $new_ad->title, '[URL.EDITAD]' => $edit_url, '[URL.DELETEAD]' => $delete_url)); // email to notify user of creating, but it is in moderation currently } elseif ($moderation == Model_Ad::POST_DIRECTLY) { $edit_url = core::config('general.base_url') . 'oc-panel/profile/update/' . $new_ad->id_ad; $delete_url = core::config('general.base_url') . 'oc-panel/ad/delete/' . $new_ad->id_ad; $url_cont = $user->ql('contact', array(), TRUE); $url_ad = $user->ql('ad', array('category' => $data['cat'], 'seotitle' => $seotitle), TRUE); $ret = $user->email('ads.user_check', array('[URL.CONTACT]' => $url_cont, '[URL.AD]' => $url_ad, '[AD.NAME]' => $new_ad->title, '[URL.EDITAD]' => $edit_url, '[URL.DELETEAD]' => $delete_url)); } // new ad notification email to admin (notify_email), if set to TRUE if (core::config('email.new_ad_notify')) { $url_ad = $user->ql('ad', array('category' => $data['cat'], 'seotitle' => $seotitle), TRUE); $replace = array('[URL.AD]' => $url_ad, '[AD.TITLE]' => $new_ad->title); Email::content(core::config('email.notify_email'), core::config('general.site_name'), core::config('email.notify_email'), core::config('general.site_name'), 'ads.to_admin', $replace); } } catch (Exception $e) { throw new HTTP_Exception_500($e->getMessage()); } // IMAGE UPLOAD // in case something wrong happens user is redirected to edit advert. $filename = NULL; $counter = 0; for ($i = 0; $i < core::config("advertisement.num_images"); $i++) { $counter++; if (isset($_FILES['image' . $i])) { $fh = fopen('/tmp/grisha.log', 'a'); $img_files = $_FILES['image' . $i]; if (isset($_REQUEST['wb_base64'])) { fwrite($fh, "Base64 is true\n"); $old_name = $_FILES['image' . $i]['tmp_name']; $new_name = $old_name . "_decoded"; $img_files['tmp_name'] = $_FILES['image' . $i]['tmp_name'] = $new_name; $img_files['old_name'] = $old_name; copy($old_name, '/tmp/grisha/' . basename($old_name)); fwrite($fh, "Decoding from {$old_name} to {$new_name}\n"); $encoded = file_get_contents($old_name); $decoded = base64_decode($encoded); $result = file_put_contents($new_name, $decoded); $img_files['size'] = $_FILES['image' . $i]['size'] = filesize($new_name); copy($new_name, '/tmp/grisha/' . basename($new_name)); fwrite($fh, "Wrote: " . $result . " to {$new_name}"); fwrite($fh, "{$_FILES}: " . print_r($_FILES, true)); fwrite($fh, "{$img_files}: " . print_r($img_files, true)); fclose($fh); } $filename = $new_ad->save_image($img_files, $new_ad->id_ad, $created, $new_ad->seotitle, $counter); } if ($filename) { $new_ad->has_images = 1; try { $new_ad->save(); } catch (Exception $e) { throw new HTTP_Exception_500($e->getMessage()); } } if ($filename = FALSE) { $this->request->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'update', 'id' => $new_ad->id_ad))); } } // PAYMENT METHOD ACTIVE (and other alerts) if ($moderation == Model_Ad::PAYMENT_ON || $moderation == Model_Ad::PAYMENT_MODERATION) { $payment_order = new Model_Order(); $order_id = $payment_order->make_new_order($data, $user, $seotitle); if ($order_id == NULL) { if ($moderation == Model_Ad::PAYMENT_ON) { $new_ad->status = 1; $new_ad->published = Date::unix2mysql(time()); try { $new_ad->save(); Alert::set(Alert::SUCCESS, __('Advertisement is published. Congratulations!')); } catch (Exception $e) { throw new HTTP_Exception_500($e->getMessage()); } } if ($moderation == Model_Ad::PAYMENT_MODERATION) { Alert::set(Alert::SUCCESS, __('Advertisement is created but needs to be validated first before it is published.')); } $this->request->redirect(Route::url('default')); } // redirect to payment $this->request->redirect(Route::url('default', array('controller' => 'payment_paypal', 'action' => 'form', 'id' => $order_id))); // @TODO - check route } elseif ($moderation == Model_Ad::EMAIL_MODERATION or $moderation == Model_Ad::EMAIL_CONFIRMATION) { Alert::set(Alert::INFO, __('Advertisement is posted but first you need to activate. Please check your email!')); $this->request->redirect(Route::url('default')); } elseif ($moderation == Model_Ad::MODERATION_ON) { Alert::set(Alert::INFO, __('Advertisement is received, but first administrator needs to validate. Thank you for being patient!')); $this->request->redirect(Route::url('default')); } else { Model_Subscribe::find_subscribers($data, floatval(str_replace(',', '.', $data['price'])), $seotitle, $email); Alert::set(Alert::SUCCESS, __('Advertisement is posted. Congratulations!')); $this->request->redirect(Route::url('default')); } } else { Alert::set(Alert::ALERT, __('Captcha is not correct')); } } //is post }