function customPageHeader() {
$action = Params::getParam("action"); ?>
<div class="header-title-market">
<h1><?php _e('Discover how to improve your Osclass!'); ?></h1>
<h2>Osclass offers many templates and plugins.<br/>Turn your Osclass installation into a classifieds site in a minute!</h2>
</div>
<div class="banner-market">
</div>
<ul class="tabs">
<li <?php if($action == ''){ echo 'class="active"';} ?>><a href="<?php echo osc_admin_base_url(true).'?page=market'; ?>"><?php _e('Market'); ?></a></li>
<li <?php if($action == 'plugins'){ echo 'class="active"';} ?>><a href="<?php echo osc_admin_base_url(true).'?page=market&action=plugins'; ?>"><?php _e('Plugins'); ?></a></li>
<li <?php if($action == 'themes'){ echo 'class="active"';} ?>><a href="<?php echo osc_admin_base_url(true).'?page=market&action=themes'; ?>"><?php _e('Themes'); ?></a></li>
<li <?php if($action == 'languages'){ echo 'class="active"';} ?>><a href="<?php echo osc_admin_base_url(true).'?page=market&action=languages'; ?>"><?php _e('Languages'); ?></a></li>
</ul>
<script type="text/javascript">
$(document).ready(function() {
$.getJSON(
'<?php echo osc_admin_base_url(true); ?>?page=ajax&action=market_header',
function(data){
if(data.error==1) {
} else {
$('#content-head div.banner-market').html(data.html);
}
});
});
</script>
<?php
}
function doModel()
{
switch ($this->action) {
case 'advanced':
//calling the advanced settings view
$this->doView('settings/advanced.php');
break;
case 'advanced_post':
// updating advanced settings
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=advanced');
}
osc_csrf_check();
$subdomain_type = Params::getParam('e_type');
if (!in_array($subdomain_type, array('category', 'country', 'region', 'city', 'user'))) {
$subdomain_type = '';
}
$iUpdated = osc_set_preference('subdomain_type', $subdomain_type);
$iUpdated += osc_set_preference('subdomain_host', Params::getParam('s_host'));
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m("Advanced settings have been updated"), 'admin');
}
osc_calculate_location_slug(osc_subdomain_type());
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=advanced');
break;
case 'advanced_cache_flush':
osc_cache_flush();
osc_add_flash_ok_message(_m("Cache flushed correctly"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=advanced');
break;
}
}
function doModel()
{
switch ($this->action) {
case 'latestsearches':
//calling the comments settings view
$this->doView('settings/searches.php');
break;
case 'latestsearches_post':
// updating comment
osc_csrf_check();
if (Params::getParam('save_latest_searches') == 'on') {
osc_set_preference('save_latest_searches', 1);
} else {
osc_set_preference('save_latest_searches', 0);
}
if (Params::getParam('customPurge') == '') {
osc_add_flash_error_message(_m('Custom number could not be left empty'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=latestsearches');
} else {
osc_set_preference('purge_latest_searches', Params::getParam('customPurge'));
osc_add_flash_ok_message(_m('Last search settings have been updated'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=latestsearches');
}
break;
}
}
function customHead()
{
?>
<script type="text/javascript">
$(document).ready(function(){
if (typeof $.uniform != 'undefined') {
$('textarea, button,select, input:file').uniform();
}
<?php
if (Params::getParam('confirm') == 'true') {
?>
$('#output').show();
$('#tohide').hide();
$.get('<?php
echo osc_admin_base_url(true);
?>
?page=upgrade&action=upgrade-funcs' , function(data) {
$('#loading_immage').hide();
$('#result').append(data+"<br/>");
});
<?php
}
?>
});
</script>
<?php
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'add_post':
if (Params::getParam('field_name') != '') {
$field = $this->fieldManager->findByName(Params::getParam('field_name'));
if (!isset($field['pk_i_id'])) {
$slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower(Params::getParam("field_slug"))));
$this->fieldManager->insertField(Params::getParam("field_name"), Params::getParam("field_type_new"), $slug, Params::getParam("field_required") == "1" ? 1 : 0, Params::getParam('field_options'), Params::getParam('categories'));
osc_add_flash_ok_message(_m("New custom field added"), "admin");
} else {
osc_add_flash_error_message(_m("Sorry, you already have one field with that name"), "admin");
}
} else {
osc_add_flash_error_message(_m("Name can not be empty"), "admin");
}
$this->redirectTo(osc_admin_base_url(true) . "?page=cfields");
break;
default:
$categories = Category::newInstance()->toTreeAll();
$selected = array();
foreach ($categories as $c) {
$selected[] = $c['pk_i_id'];
foreach ($c['categories'] as $cc) {
$selected[] = $cc['pk_i_id'];
}
}
$this->_exportVariableToView("categories", $categories);
$this->_exportVariableToView("default_selected", $selected);
$this->_exportVariableToView("fields", $this->fieldManager->listAll());
$this->doView("fields/index.php");
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'delete':
$ids = Params::getParam("id");
if ($ids != '') {
foreach ($ids as $id) {
osc_deleteResource($id);
}
$this->resourcesManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $ids) . ')'));
}
osc_add_flash_message(_m('Resource deleted'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=media");
break;
default:
$resourceId = Params::getParam("id");
if ($resourceId != '') {
$resources = $this->resourcesManager->getAllResources($resourceId);
} else {
$resources = $this->resourcesManager->getAllResources(NULL);
}
//calling the view...
$this->_exportVariableToView("resources", $resources);
$this->_exportVariableToView("resourceId", $resourceId);
$this->doView('media/index.php');
}
}
function payment_pro_stripe_load_lib()
{
if (Params::getParam('page') == 'custom' && Params::getParam('route') == 'payment-pro-checkout') {
osc_register_script('payment-pro-stripe', 'https://checkout.stripe.com/v2/checkout.js', array('jquery'));
osc_enqueue_script('payment-pro-stripe');
}
}
function youtube_item_edit_post($catID = null, $itemID = null)
{
$youtube_video = addslashes(Params::getParam('s_youtube'));
$youtube_video = convert_youtube_url($youtube_video);
$conn = getConnection();
$conn->osc_dbExec("REPLACE INTO %st_item_youtube (fk_i_item_id, s_youtube) VALUES (%d, '%s')", DB_TABLE_PREFIX, $itemID, $youtube_video);
}
function payment_pro_blockchain_load_lib()
{
if (Params::getParam('page') == 'custom' && Params::getParam('route') == 'payment-pro-checkout') {
osc_register_script('blockchain', 'https://blockchain.info/Resources/wallet/pay-now-button.js', array('jquery'));
osc_enqueue_script('blockchain');
}
}
/**
* UPLOAD and REMOVE Site's LOGO
*/
function theme_classified_actions_admin()
{
switch (Params::getParam('action_specific')) {
case 'upload_logo':
$package = Params::getFiles('logo');
if ($package['error'] == UPLOAD_ERR_OK) {
if (move_uploaded_file($package['tmp_name'], WebThemes::newInstance()->getCurrentThemePath() . "images/logo.jpg")) {
osc_add_flash_ok_message(__('The logo image has been uploaded correctly', 'classified'), 'admin');
} else {
osc_add_flash_error_message(__("An error has occurred, please try again", 'classified'), 'admin');
}
} else {
osc_add_flash_error_message(__("An error has occurred, please try again", 'classified'), 'admin');
}
header('Location: ' . osc_admin_render_theme_url('oc-content/themes/classified/admin/header.php'));
exit;
break;
case 'remove':
if (file_exists(WebThemes::newInstance()->getCurrentThemePath() . "images/logo.jpg")) {
@unlink(WebThemes::newInstance()->getCurrentThemePath() . "images/logo.jpg");
osc_add_flash_ok_message(__('The logo image has been removed', 'classified'), 'admin');
} else {
osc_add_flash_error_message(__("Image not found", 'classified'), 'admin');
}
header('Location: ' . osc_admin_render_theme_url('oc-content/themes/classified/admin/header.php'));
exit;
break;
}
}
function doModel()
{
$id = Params::getParam('id');
$page = $this->pageManager->findByPrimaryKey($id);
if ($page == false) {
$this->do404();
return;
}
if ($page['b_indelible'] == 1) {
$this->do404();
return;
}
if (file_exists(osc_themes_path() . osc_theme() . '/' . $page['s_internal_name'] . ".php")) {
$this->doView($page['s_internal_name'] . ".php");
} else {
if (file_exists(osc_themes_path() . osc_theme() . '/pages/' . $page['s_internal_name'] . ".php")) {
$this->doView("pages/" . $page['s_internal_name'] . ".php");
} else {
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$this->_exportVariableToView('page', $page);
$this->doView('page.php');
}
}
}
private function getDBParams()
{
$p_iPage = 1;
if (!is_numeric(Params::getParam('iPage')) || Params::getParam('iPage') < 1) {
Params::setParam('iPage', $p_iPage);
$this->iPage = $p_iPage;
} else {
$this->iPage = Params::getParam('iPage');
}
$this->showAll = Params::getParam('showAll');
foreach ($this->_get as $k => $v) {
if ($k == 'resourceId' && !empty($v)) {
$this->resourceID = intval($v);
}
if ($k == 'iDisplayStart') {
$this->start = intval($v);
}
if ($k == 'iDisplayLength') {
$this->limit = intval($v);
}
}
// set start and limit using iPage param
$start = ((int) $this->iPage - 1) * $this->_get['iDisplayLength'];
$this->start = intval($start);
$this->limit = intval($this->_get['iDisplayLength']);
}
function doModel()
{
$id = Params::getParam('id');
$page = false;
if (is_numeric($id)) {
$page = $this->pageManager->findByPrimaryKey($id);
} else {
$page = $this->pageManager->findByInternalName(Params::getParam('slug'));
}
// page not found
if ($page == false) {
$this->do404();
return;
}
// this page shouldn't be shown (i.e.: e-mail templates)
if ($page['b_indelible'] == 1) {
$this->do404();
return;
}
// export $page content to View
$this->_exportVariableToView('page', $page);
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
// load the right template file
if (file_exists(osc_themes_path() . osc_theme() . '/page-' . $page['s_internal_name'] . '.php')) {
$this->doView('page-' . $page['s_internal_name'] . '.php');
} else {
$this->doView('page.php');
}
}
public function __construct()
{
parent::__construct();
$this->path = osc_themes_path();
if( Params::getParam('theme') != '' && Session::newInstance()->_get('adminId') != '' ) {
$this->setCurrentTheme( Params::getParam('theme') );
} else {
$this->setCurrentTheme( osc_theme() );
}
$functions_path = $this->getCurrentThemePath() . 'functions.php';
if( file_exists($functions_path) ) {
require_once $functions_path;
}
$info = $this->loadThemeInfo($this->theme);
if($info['template'] != '' ) {
//$this->setCurrentTheme($info['template']);
$parent_functions_path = osc_base_path() . 'oc-content/themes/' . $info['template'] . '/functions.php';
if( file_exists($parent_functions_path) ) {
require_once $parent_functions_path;
}
}
}
function __construct()
{
$this->action = Params::getParam('action');
$this->ajax = false;
$this->time = list($sm, $ss) = explode(' ', microtime());
WebThemes::newInstance();
osc_run_hook('init');
}
function doModel()
{
switch ($this->action) {
case 'change_email_confirm':
//change email confirm
if (Params::getParam('userId') && Params::getParam('code')) {
$userManager = new User();
$user = $userManager->findByPrimaryKey(Params::getParam('userId'));
if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) {
$userEmailTmp = UserEmailTmp::newInstance()->findByPk(Params::getParam('userId'));
$code = osc_genRandomPassword(50);
$userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id']));
Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']);
UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email']));
osc_add_flash_ok_message(_m('Your email has been changed successfully'));
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator'));
}
$this->redirectTo(osc_base_url(true));
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
if ($email != '' && $secret != '') {
Alerts::newInstance()->delete(array('s_email' => $email, 'S_secret' => $secret));
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator'));
}
$this->redirectTo(osc_base_url());
break;
default:
$this->redirectTo(osc_user_login_url());
break;
}
}
function __construct()
{
parent::__construct();
// check if is moderator and can enter to this page
if ($this->isModerator()) {
if (!in_array($this->page, array('items', 'comments', 'media', 'login', 'admins', 'ajax', 'stats', ''))) {
osc_add_flash_error_message(_m("You don't have enough permissions"), 'admin');
$this->redirectTo(osc_admin_base_url());
}
}
osc_run_hook('init_admin');
// check if exist a new version each day
if (time() - osc_last_version_check() > 24 * 3600) {
$data = osc_file_get_contents('http://osclass.org/latest_version.php?callback=?');
$data = preg_replace('|^\\?\\((.*?)\\);$|', '$01', $data);
$json = json_decode($data);
if ($json->version > osc_version()) {
osc_set_preference('update_core_json', $data);
} else {
osc_set_preference('update_core_json', '');
}
osc_set_preference('last_version_check', time());
osc_reset_preferences();
}
$config_version = str_replace('.', '', OSCLASS_VERSION);
$config_version = preg_replace('|-.*|', '', $config_version);
if ($config_version > Preference::newInstance()->get('version')) {
if (get_class($this) == 'CAdminTools') {
} else {
if (get_class($this) != 'CAdminUpgrade') {
$this->redirectTo(osc_admin_base_url(true) . '?page=upgrade');
}
}
}
// show messages subscribed
$status_subscribe = Params::getParam('subscribe_osclass');
if ($status_subscribe != '') {
switch ($status_subscribe) {
case -1:
osc_add_flash_error_message(_m('Entered an invalid email'), 'admin');
break;
case 0:
osc_add_flash_warning_message(_m("You're already subscribed"), 'admin');
break;
case 1:
osc_add_flash_ok_message(_m('Subscribed correctly'), 'admin');
break;
default:
osc_add_flash_warning_message(_m("Error subscribing"), 'admin');
break;
}
}
// show donation successful
if (Params::getParam('donation') == 'successful') {
osc_add_flash_ok_message(_m('Thank you very much for your donation'), 'admin');
}
}
function doModel()
{
switch ($this->action) {
case 'contact_post':
//contact_post
$yourName = Params::getParam('yourName');
$yourEmail = Params::getParam('yourEmail');
$subject = Params::getParam('subject');
$message = Params::getParam('message');
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourName", $yourName);
Session::newInstance()->_setForm("yourEmail", $yourEmail);
Session::newInstance()->_setForm("subject", $subject);
Session::newInstance()->_setForm("message_body", $message);
$this->redirectTo(osc_contact_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (!preg_match('|.*?@.{2,}\\..{2,}|', $yourEmail)) {
osc_add_flash_error_message(_m('Please enter a correct email'));
Session::newInstance()->_setForm("yourName", $yourName);
Session::newInstance()->_setForm("subject", $subject);
Session::newInstance()->_setForm("message_body", $message);
$this->redirectTo(osc_contact_url());
}
$message = sprintf(__("%s (%s) left this message : %s"), $yourName, $yourEmail, $message);
$params = array('reply_to' => $yourEmail, 'subject' => '[' . osc_page_title() . '] ' . __('Contact form') . ': ' . $subject, 'to' => osc_contact_email(), 'to_name' => __('Administrator'), 'body' => $message, 'alt_body' => $message);
if (osc_contact_attachment()) {
$attachment = Params::getFiles('attachment');
$resourceName = $attachment['name'];
$tmpName = $attachment['tmp_name'];
$resourceType = $attachment['type'];
$path = osc_content_path() . 'uploads/' . time() . '_' . $resourceName;
if (!is_writable(osc_content_path() . 'uploads/')) {
osc_add_flash_error_message(_m('There have been some errors sending the message'));
$this->redirectTo(osc_contact_url());
}
if (!move_uploaded_file($tmpName, $path)) {
unset($path);
}
}
if (isset($path)) {
$params['attachment'] = $path;
}
osc_sendMail($params);
osc_add_flash_ok_message(_m('Your email has been sent properly. Thank you for contacting us!'));
$this->redirectTo(osc_contact_url());
break;
default:
//contact
$this->doView('contact.php');
}
}
function __construct($params)
{
$this->_get = $params;
$this->getDBParams();
$this->result = ItemResource::newInstance()->getResources(Params::getParam('resourceId'), $this->_get['iDisplayStart'], $this->_get['iDisplayLength'], isset($this->order_by['column_name']) ? $this->order_by['column_name'] : 'pk_i_id', isset($this->order_by['type']) ? $this->order_by['type'] : 'desc');
$this->filtered_total = ItemResource::newInstance()->countResources(Params::getParam('resourceId'));
$this->total = ItemResource::newInstance()->countResources('');
$this->toDatatablesFormat();
$this->dumpToDatatables();
}
function showAuthFailPage()
{
if (Params::getParam('page') == 'ajax') {
echo json_encode(array('error' => 1, 'msg' => __('Session timed out')));
exit;
} else {
$this->redirectTo(osc_user_login_url());
exit;
}
}
function showAuthFailPage()
{
if (Params::getParam('page') == 'ajax') {
echo json_encode(array('error' => 1, 'msg' => __('Session timed out')));
exit;
} else {
//Session::newInstance()->session_start();
Session::newInstance()->_setReferer(osc_base_url() . preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false)));
header("Location: " . osc_admin_base_url(true) . "?page=login");
exit;
}
}
public function table($params)
{
$this->addTableHeader();
$start = ((int) $params['iPage'] - 1) * $params['iDisplayLength'];
$this->start = intval($start);
$this->limit = intval($params['iDisplayLength']);
$invoices = ModelPaymentPro::newInstance()->invoices(array('start' => $this->start, 'limit' => $this->limit, 'status' => Params::getParam('status'), 'source' => Params::getParam('source')));
$this->processData($invoices);
$this->total = ModelPaymentPro::newInstance()->invoicesTotal();
$this->total_filtered = $this->total;
return $this->getData();
}
function payment_pro_ccavenue_conf_save()
{
osc_set_preference('ccavenue_merchant_id', payment_pro_crypt(Params::getParam("ccavenue_merchant_id")), 'payment_pro', 'STRING');
osc_set_preference('ccavenue_working_key', payment_pro_crypt(Params::getParam("ccavenue_working_key")), 'payment_pro', 'STRING');
osc_set_preference('ccavenue_sandbox', Params::getParam("ccavenue_sandbox") ? Params::getParam("ccavenue_sandbox") : '0', 'payment_pro', 'BOOLEAN');
osc_set_preference('ccavenue_enabled', Params::getParam("ccavenue_enabled") ? Params::getParam("ccavenue_enabled") : '0', 'payment_pro', 'BOOLEAN');
if (Params::getParam("ccavenue_enabled") == 1) {
payment_pro_register_service('Ccavenue', __FILE__);
} else {
payment_pro_unregister_service('Ccavenue');
}
}
function tooltip_form_post()
{
// Insert the data in our plugin's table
$connection = DBConnectionClass::newInstance();
$var = $connection->getOsclassDb();
$conn = new DBCommandClass($var);
$sql = sprintf("INSERT INTO %st_tooltip (e_color) VALUES (%d, '%s', '%s', '%s')", DB_TABLE_PREFIX, Params::getParam('color'));
$conn->query($sql);
$error_num = $conn->getErrorLevel();
if ($error_num > 0) {
throw new Exception($conn->getErrorLevel() . ' - ' . $conn->getErrorDesc());
}
}
function nm_copypaste_plugin_actions()
{
$dao_preference = new Preference();
$option = Params::getParam('nomoreoption');
if (Params::getParam('file') != 'nm_copypaste_plugin/admin/settings.php') {
return '';
}
if ($option == 'nomoresettings') {
osc_set_preference('nm_id', Params::getParam("nm_id") ? Params::getParam("nm_id") : '0', 'nm_copypaste_plugin', 'STRING');
osc_add_flash_ok_message(__('Nomore copy/paste settings has been updated', 'nm_copypaste_plugin'), 'admin');
osc_redirect_to(osc_admin_render_plugin_url('nm_copypaste_plugin/admin/settings.php'));
}
}
public function __construct()
{
$this->path = osc_themes_path();
if (Params::getParam('theme') != '' && Session::newInstance()->_get('adminId') != '') {
$this->setCurrentTheme(Params::getParam('theme'));
} else {
$this->setCurrentTheme(osc_theme());
}
$functions_path = $this->getCurrentThemePath() . 'functions.php';
if (file_exists($functions_path)) {
require_once $functions_path;
}
}
/**
* Set up groups of files as sources
*
* @param array $options controller and Minify options
* @return array Minify options
*
*/
public function setupSources($options)
{
// PHP insecure by default: realpath() and other FS functions can't handle null bytes.
if (Params::existParam('files')) {
Params::setParam('files', str_replace("", '', (string) Params::getParam('files')));
}
self::_setupDefines();
if (MINIFY_USE_CACHE) {
$cacheDir = defined('MINIFY_CACHE_DIR') ? MINIFY_CACHE_DIR : '';
Minify::setCache($cacheDir);
}
$options['badRequestHeader'] = 'HTTP/1.0 404 Not Found';
$options['contentTypeCharset'] = MINIFY_ENCODING;
// The following restrictions are to limit the URLs that minify will
// respond to. Ideally there should be only one way to reference a file.
if (!Params::existParam('files') || !preg_match('/^[^,]+\\.(css|js)(,[^,]+\\.\\1)*$/', Params::getParam('files'), $m) || strpos(Params::getParam('files'), '//') !== false || strpos(Params::getParam('files'), '\\') !== false || preg_match('/(?:^|[^\\.])\\.\\//', Params::getParam('files'))) {
return $options;
}
$files = explode(',', Params::getParam('files'));
if (count($files) > MINIFY_MAX_FILES) {
return $options;
}
// strings for prepending to relative/absolute paths
$prependRelPaths = dirname($_SERVER['SCRIPT_FILENAME']) . DIRECTORY_SEPARATOR;
$prependAbsPaths = $_SERVER['DOCUMENT_ROOT'];
$goodFiles = array();
$hasBadSource = false;
$allowDirs = isset($options['allowDirs']) ? $options['allowDirs'] : MINIFY_BASE_DIR;
foreach ($files as $file) {
// prepend appropriate string for abs/rel paths
$file = ($file[0] === '/' ? $prependAbsPaths : $prependRelPaths) . $file;
// make sure a real file!
$file = realpath($file);
// don't allow unsafe or duplicate files
if (parent::_fileIsSafe($file, $allowDirs) && !in_array($file, $goodFiles)) {
$goodFiles[] = $file;
$srcOptions = array('filepath' => $file);
$this->sources[] = new Minify_Source($srcOptions);
} else {
$hasBadSource = true;
break;
}
}
if ($hasBadSource) {
$this->sources = array();
}
if (!MINIFY_REWRITE_CSS_URLS) {
$options['rewriteCssUris'] = false;
}
return $options;
}
function doModel()
{
switch ($this->action) {
case 'comments':
//calling the comments settings view
$this->doView('settings/comments.php');
break;
case 'comments_post':
// updating comment
osc_csrf_check();
$iUpdated = 0;
$enabledComments = Params::getParam('enabled_comments');
$enabledComments = $enabledComments != '' ? true : false;
$moderateComments = Params::getParam('moderate_comments');
$moderateComments = $moderateComments != '' ? true : false;
$numModerateComments = Params::getParam('num_moderate_comments');
$commentsPerPage = Params::getParam('comments_per_page');
$notifyNewComment = Params::getParam('notify_new_comment');
$notifyNewComment = $notifyNewComment != '' ? true : false;
$notifyNewCommentUser = Params::getParam('notify_new_comment_user');
$notifyNewCommentUser = $notifyNewCommentUser != '' ? true : false;
$regUserPostComments = Params::getParam('reg_user_post_comments');
$regUserPostComments = $regUserPostComments != '' ? true : false;
$msg = '';
if (!osc_validate_int(Params::getParam("num_moderate_comments"))) {
$msg .= _m("Number of moderate comments must only contain numeric characters") . "<br/>";
}
if (!osc_validate_int(Params::getParam("comments_per_page"))) {
$msg .= _m("Comments per page must only contain numeric characters") . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=comments');
}
$iUpdated += osc_set_preference('enabled_comments', $enabledComments);
if ($moderateComments) {
$iUpdated += osc_set_preference('moderate_comments', $numModerateComments);
} else {
$iUpdated += osc_set_preference('moderate_comments', '-1');
}
$iUpdated += osc_set_preference('notify_new_comment', $notifyNewComment);
$iUpdated += osc_set_preference('notify_new_comment_user', $notifyNewCommentUser);
$iUpdated += osc_set_preference('comments_per_page', $commentsPerPage);
$iUpdated += osc_set_preference('reg_user_post_comments', $regUserPostComments);
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m("Comment settings have been updated"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=comments');
break;
}
}
function doModel()
{
switch ($this->action) {
case 'spamNbots':
// calling the spam and bots view
$akismet_key = osc_akismet_key();
$akismet_status = 3;
if ($akismet_key != '') {
require_once osc_lib_path() . 'Akismet.class.php';
$akismet_obj = new Akismet(osc_base_url(), $akismet_key);
$akismet_status = 2;
if ($akismet_obj->isKeyValid()) {
$akismet_status = 1;
}
}
View::newInstance()->_exportVariableToView('akismet_status', $akismet_status);
$this->doView('settings/spamNbots.php');
break;
case 'akismet_post':
// updating spam and bots option
osc_csrf_check();
$updated = 0;
$akismetKey = Params::getParam('akismetKey');
$akismetKey = trim($akismetKey);
$updated = osc_set_preference('akismetKey', $akismetKey);
if ($akismetKey == '') {
osc_add_flash_info_message(_m('Your Akismet key has been cleared'), 'admin');
} else {
osc_add_flash_ok_message(_m('Your Akismet key has been updated'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=spamNbots');
break;
case 'recaptcha_post':
// updating spam and bots option
osc_csrf_check();
$iUpdated = 0;
$recaptchaPrivKey = Params::getParam('recaptchaPrivKey');
$recaptchaPrivKey = trim($recaptchaPrivKey);
$recaptchaPubKey = Params::getParam('recaptchaPubKey');
$recaptchaPubKey = trim($recaptchaPubKey);
$iUpdated += osc_set_preference('recaptchaPrivKey', $recaptchaPrivKey);
$iUpdated += osc_set_preference('recaptchaPubKey', $recaptchaPubKey);
if ($recaptchaPubKey == '') {
osc_add_flash_info_message(_m('Your reCAPTCHA key has been cleared'), 'admin');
} else {
osc_add_flash_ok_message(_m('Your reCAPTCHA key has been updated'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=spamNbots');
break;
}
}
function doModel()
{
$locale = Params::getParam('locale');
if (preg_match('/.{2}_.{2}/', $locale)) {
Session::newinstance()->_set('userLocale', $locale);
}
$redirect_url = '';
if ($_SERVER['HTTP_REFERER'] != '') {
$redirect_url = $_SERVER['HTTP_REFERER'];
} else {
$redirect_url = osc_base_url(true);
}
$this->redirectTo($redirect_url);
}
