public static function getInstance()
{
if (self::$instance === null) {
self::$instance = new self();
}
return self::$instance;
}
function uploadCategoryIcon($file='') {
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
$inUploadPhoto->upload_dir = PATH.'/upload/forum/';
$inUploadPhoto->dir_medium = 'cat_icons/';
$inUploadPhoto->medium_size_w = 32;
$inUploadPhoto->medium_size_h = 32;
$inUploadPhoto->only_medium = true;
$inUploadPhoto->is_watermark = false;
$files = $inUploadPhoto->uploadPhoto($file);
$icon = $files['filename'] ? $files['filename'] : $file;
return $icon;
}
/**
* Возвращает объект класса для загрузки изображений
* @return obj
*/
public function initUploadClass($album)
{
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $album['thumb1'];
$inUploadPhoto->medium_size_w = $album['thumb2'];
$inUploadPhoto->thumbsqr = $album['thumbsqr'];
$inUploadPhoto->is_watermark = $this->config['watermark'];
$inUploadPhoto->is_saveorig = $this->config['saveorig'];
return $inUploadPhoto;
}
function uploadCategoryIcon($file = '')
{
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/upload/board/';
$inUploadPhoto->dir_medium = 'cat_icons/';
$inUploadPhoto->medium_size_w = 32;
$inUploadPhoto->medium_size_h = 32;
$inUploadPhoto->only_medium = true;
$inUploadPhoto->is_watermark = false;
// Процесс загрузки фото
$files = $inUploadPhoto->uploadPhoto($file);
$icon = $files['filename'] ? $files['filename'] : $file;
return $icon;
}
function applet_content()
{
$inCore = cmsCore::getInstance();
$inUser = cmsUser::getInstance();
$inDB = cmsDatabase::getInstance();
global $_LANG;
//check access
global $adminAccess;
if (!cmsUser::isAdminCan('admin/content', $adminAccess)) {
cpAccessDenied();
}
$cfg = $inCore->loadComponentConfig('content');
cmsCore::loadModel('content');
$model = new cms_model_content();
$GLOBALS['cp_page_title'] = $_LANG['AD_ARTICLES'];
cpAddPathway($_LANG['AD_ARTICLES'], 'index.php?view=tree');
$do = cmsCore::request('do', 'str', 'add');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'arhive_on') {
$inDB->query("UPDATE cms_content SET is_arhive = 1 WHERE id = '{$id}'");
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_TO_ARHIVE'], 'success');
cmsCore::redirectBack();
}
if ($do == 'move') {
$item_id = cmsCore::request('id', 'int', 0);
$cat_id = cmsCore::request('cat_id', 'int', 0);
$dir = $_REQUEST['dir'];
$step = 1;
$model->moveItem($item_id, $cat_id, $dir, $step);
echo '1';
exit;
}
if ($do == 'move_to_cat') {
$items = cmsCore::request('item', 'array_int');
$to_cat_id = cmsCore::request('obj_id', 'int', 0);
if ($items && $to_cat_id) {
$last_ordering = (int) $inDB->get_field('cms_content', "category_id = '{$to_cat_id}' ORDER BY ordering DESC", 'ordering');
foreach ($items as $item_id) {
$article = $model->getArticle($item_id);
if (!$article) {
continue;
}
$last_ordering++;
$model->updateArticle($article['id'], array('category_id' => $to_cat_id, 'ordering' => $last_ordering, 'url' => $article['url'], 'title' => $inDB->escape_string($article['title']), 'id' => $article['id'], 'user_id' => $article['user_id']));
}
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_TO'], 'success');
}
cmsCore::redirect('?view=tree&cat_id=' . $to_cat_id);
}
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbShow('cms_content', $id);
}
echo '1';
exit;
} else {
dbShowList('cms_content', cmsCore::request('item', 'array_int'));
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbHide('cms_content', $id);
}
echo '1';
exit;
} else {
dbHideList('cms_content', cmsCore::request('item', 'array_int'));
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
$model->deleteArticle($id);
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_REMOVE'], 'success');
}
} else {
$model->deleteArticles(cmsCore::request('item', 'array_int'));
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_REMOVE'], 'success');
}
cmsCore::redirectBack();
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if (isset($_REQUEST['id'])) {
$id = cmsCore::request('id', 'int', 0);
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['title'] = cmsCore::request('title', 'str');
$article['url'] = cmsCore::request('url', 'str');
$article['showtitle'] = cmsCore::request('showtitle', 'int', 0);
$article['description'] = cmsCore::request('description', 'html', '');
$article['description'] = $inDB->escape_string($article['description']);
$article['content'] = cmsCore::request('content', 'html', '');
$article['content'] = $inDB->escape_string($article['content']);
$article['for_img'] = cmsCore::request('for_img', 'html', '');
$article['for_img'] = $inDB->escape_string($article['for_img']);
$article['published'] = cmsCore::request('published', 'int', 0);
$article['showdate'] = cmsCore::request('showdate', 'int', 0);
$article['showlatest'] = cmsCore::request('showlatest', 'int', 0);
$article['show_in_new'] = cmsCore::request('show_in_new', 'int', 0);
//new
$article['show_in_footer'] = cmsCore::request('show_in_footer', 'int', 0);
//new
$article['showpath'] = cmsCore::request('showpath', 'int', 0);
$article['comments'] = cmsCore::request('comments', 'int', 0);
$article['canrate'] = cmsCore::request('canrate', 'int', 0);
$article['add_text'] = cmsCore::request('add_text', 'str');
$enddate = explode('.', cmsCore::request('enddate', 'str'));
$article['enddate'] = $enddate[2] . '-' . $enddate[1] . '-' . $enddate[0];
$article['is_end'] = cmsCore::request('is_end', 'int', 0);
$article['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$article['tags'] = cmsCore::request('tags', 'str');
$olddate = cmsCore::request('olddate', 'str', '');
$pubdate = cmsCore::request('pubdate', 'str', '');
$article['user_id'] = cmsCore::request('user_id', 'int', $inUser->id);
$article['tpl'] = cmsCore::request('tpl', 'str', 'com_content_read.tpl');
$date = explode('.', $pubdate);
$article['pubdate'] = $date[2] . '-' . $date[1] . '-' . $date[0] . ' ' . date('H:i');
$autokeys = cmsCore::request('autokeys', 'int');
switch ($autokeys) {
case 1:
$article['meta_keys'] = $inCore->getKeywords($article['content']);
$article['meta_desc'] = $article['title'];
break;
case 2:
$article['meta_desc'] = strip_tags($article['description']);
$article['meta_keys'] = $article['tags'];
break;
case 3:
$article['meta_desc'] = cmsCore::request('meta_desc', 'str');
$article['meta_keys'] = cmsCore::request('meta_keys', 'str');
break;
}
$model->updateArticle($id, $article);
if (!cmsCore::request('is_public', 'int', 0)) {
$showfor = $_REQUEST['showfor'];
cmsCore::setAccess($id, $showfor, 'material');
} else {
cmsCore::clearAccess($id, 'material');
}
if (isset($_SESSION['lang']) && $_SESSION['lang'] != 'ru') {
$file = 'article' . $id . '_' . $_SESSION['lang'] . '.jpg';
} else {
$file = 'article' . $id . '.jpg';
}
//$file = 'article'.$id.'.jpg';
if (cmsCore::request('delete_image', 'int', 0)) {
@unlink(PATH . "/images/photos/small/{$file}");
@unlink(PATH . "/images/photos/medium/{$file}");
} else {
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $model->config['img_small_w'];
$inUploadPhoto->medium_size_w = $model->config['img_big_w'];
$inUploadPhoto->thumbsqr = $model->config['img_sqr'];
$inUploadPhoto->is_watermark = $model->config['watermark'];
$inUploadPhoto->input_name = 'picture';
$inUploadPhoto->filename = $file;
// Процесс загрузки фото
$inUploadPhoto->uploadPhoto();
}
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_SAVE'], 'success');
if (!isset($_SESSION['editlist']) || @sizeof($_SESSION['editlist']) == 0) {
cmsCore::redirect('?view=tree&cat_id=' . $article['category_id']);
} else {
cmsCore::redirect('?view=content&do=edit');
}
}
}
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['title'] = cmsCore::request('title', 'str');
$article['url'] = cmsCore::request('url', 'str');
$article['showtitle'] = cmsCore::request('showtitle', 'int', 0);
$article['description'] = cmsCore::request('description', 'html', '');
$article['description'] = $inDB->escape_string($article['description']);
$article['content'] = cmsCore::request('content', 'html', '');
$article['content'] = $inDB->escape_string($article['content']);
$article['for_img'] = cmsCore::request('for_img', 'html', '');
$article['for_img'] = $inDB->escape_string($article['for_img']);
$article['published'] = cmsCore::request('published', 'int', 0);
$article['showdate'] = cmsCore::request('showdate', 'int', 0);
$article['showlatest'] = cmsCore::request('showlatest', 'int', 0);
$article['show_in_new'] = cmsCore::request('show_in_new', 'int', 0);
//new
$article['show_in_footer'] = cmsCore::request('show_in_footer', 'int', 0);
//new
$article['showpath'] = cmsCore::request('showpath', 'int', 0);
$article['comments'] = cmsCore::request('comments', 'int', 0);
$article['canrate'] = cmsCore::request('canrate', 'int', 0);
$article['add_text'] = cmsCore::request('add_text', 'str');
$enddate = explode('.', cmsCore::request('enddate', 'str'));
$article['enddate'] = $enddate[2] . '-' . $enddate[1] . '-' . $enddate[0];
$article['is_end'] = cmsCore::request('is_end', 'int', 0);
$article['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$article['tags'] = cmsCore::request('tags', 'str');
$article['pubdate'] = $_REQUEST['pubdate'];
$date = explode('.', $article['pubdate']);
$article['pubdate'] = $date[2] . '-' . $date[1] . '-' . $date[0] . ' ' . date('H:i');
$article['user_id'] = cmsCore::request('user_id', 'int', $inUser->id);
$article['tpl'] = cmsCore::request('tpl', 'str', 'com_content_read.tpl');
$autokeys = cmsCore::request('autokeys', 'int');
switch ($autokeys) {
case 1:
$article['meta_keys'] = $inCore->getKeywords($article['content']);
$article['meta_desc'] = $article['title'];
break;
case 2:
$article['meta_desc'] = strip_tags($article['description']);
$article['meta_keys'] = $article['tags'];
break;
case 3:
$article['meta_desc'] = cmsCore::request('meta_desc', 'str');
$article['meta_keys'] = cmsCore::request('meta_keys', 'str');
break;
}
$article['id'] = $model->addArticle($article);
if (!cmsCore::request('is_public', 'int', 0)) {
$showfor = $_REQUEST['showfor'];
if (sizeof($showfor) > 0 && !cmsCore::request('is_public', 'int', 0)) {
cmsCore::setAccess($article['id'], $showfor, 'material');
}
}
$inmenu = cmsCore::request('createmenu', 'str', '');
if ($inmenu) {
createMenuItem($inmenu, $article['id'], $article['title']);
}
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $model->config['img_small_w'];
$inUploadPhoto->medium_size_w = $model->config['img_big_w'];
$inUploadPhoto->thumbsqr = $model->config['img_sqr'];
$inUploadPhoto->is_watermark = $model->config['watermark'];
$inUploadPhoto->input_name = 'picture';
$inUploadPhoto->filename = 'article' . $article['id'] . '.jpg';
// Процесс загрузки фото
$inUploadPhoto->uploadPhoto();
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_ADD'], 'success');
cmsCore::redirect('?view=tree&cat_id=' . $article['category_id']);
}
if ($do == 'add' || $do == 'edit') {
require '../includes/jwtabs.php';
$GLOBALS['cp_page_head'][] = jwHeader();
$toolmenu = array();
$toolmenu[0]['icon'] = 'save.gif';
$toolmenu[0]['title'] = $_LANG['SAVE'];
$toolmenu[0]['link'] = 'javascript:document.addform.submit();';
$toolmenu[1]['icon'] = 'cancel.gif';
$toolmenu[1]['title'] = $_LANG['CANCEL'];
$toolmenu[1]['link'] = 'javascript:history.go(-1);';
cpToolMenu($toolmenu);
$menu_list = cpGetList('menu');
if ($do == 'add') {
echo '<h3>' . $_LANG['AD_CREATE_ARTICLE'] . '</h3>';
cpAddPathway($_LANG['AD_CREATE_ARTICLE'], 'index.php?view=content&do=add');
$mod['category_id'] = (int) $_REQUEST['to'];
$mod['showpath'] = 1;
$mod['tpl'] = 'com_content_read.tpl';
} else {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = $_REQUEST['item'];
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$id = (int) $_REQUEST['id'];
}
$sql = "SELECT *, (TO_DAYS(enddate) - TO_DAYS(CURDATE())) as daysleft, DATE_FORMAT(pubdate, '%d.%m.%Y') as pubdate, DATE_FORMAT(enddate, '%d.%m.%Y') as enddate\n\t\t\t\t\t FROM cms_content\n\t\t\t\t\t WHERE id = {$id} LIMIT 1";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)) {
$mod = $inDB->fetch_assoc($result);
}
echo '<h3>' . $_LANG['AD_EDIT_ARTICLE'] . $ostatok . '</h3>';
cpAddPathway($mod['title'], 'index.php?view=content&do=edit&id=' . $mod['id']);
}
?>
<form id="addform" name="addform" method="post" action="index.php" enctype="multipart/form-data">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<input type="hidden" name="view" value="content" />
<table class="proptable" width="100%" cellpadding="5" cellspacing="2">
<tr>
<!-- главная ячейка -->
<td valign="top">
<table width="100%" cellpadding="0" cellspacing="4" border="0">
<tr>
<td valign="top">
<div><strong><?php
echo $_LANG['AD_ARTICLE_NAME'];
?>
</strong></div>
<div>
<table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr>
<td><input name="title" type="text" id="title" style="width:100%" value="<?php
echo htmlspecialchars($mod['title']);
?>
" /></td>
<td style="width:15px;padding-left:10px;padding-right:10px;">
<input type="checkbox" title="<?php
echo $_LANG['AD_VIEW_TITLE'];
?>
" name="showtitle" <?php
if ($mod['showtitle'] || $do == 'add') {
echo 'checked="checked"';
}
?>
value="1">
</td>
</tr>
</table>
</div>
</td>
<td width="130" valign="top">
<div><strong><?php
echo $_LANG['AD_PUBLIC_DATE'];
?>
</strong></div>
<div>
<input name="pubdate" type="text" id="pubdate" style="width:100px" <?php
if (@(!$mod['pubdate'])) {
echo 'value="' . date('d.m.Y') . '"';
} else {
echo 'value="' . $mod['pubdate'] . '"';
}
?>
/>
<input type="hidden" name="olddate" value="<?php
echo @$mod['pubdate'];
?>
" />
</div>
</td>
<td width="16" valign="bottom" style="padding-bottom:10px">
<input type="checkbox" name="showdate" id="showdate" title="<?php
echo $_LANG['AD_VIEW_DATE_AND_AUTHOR'];
?>
" value="1" <?php
if ($mod['showdate'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/>
</td>
<!-- <td width="160" valign="top">
<div><strong><?php
echo $_LANG['AD_ARTICLE_TEMPLATE'];
?>
</strong></div>
<div><input name="tpl" type="text" style="width:160px" value="<?php
echo @$mod['tpl'];
?>
"></div>
</td> -->
<td width="160" valign="top">
<div><strong>Шаблон статьи</strong></div>
<?php
$inConf = cmsConfig::getInstance();
//задаём имя директории
$directory = PATH . "/templates/" . $inConf->template . "/components";
$scan_dir = scandir($directory);
if (is_dir($directory)) {
//проверяем наличие директории
//директория существует
echo '<select name="tpl">';
$scan_dir = scandir($directory);
//сканируем (получаем массив файлов)
array_shift($scan_dir);
// удаляем из массива '.'
array_shift($scan_dir);
// удаляем из массива '..'
for ($i = 0; $i < sizeof($scan_dir); $i++) {
$tpl = explode("_", $scan_dir[$i]);
if ($_GET['view'] == $tpl['1']) {
if ($_GET['view']) {
//выводим все файлы
if (@$mod["tpl"] == $scan_dir[$i]) {
echo '<option selected>' . $scan_dir[$i] . '</option>';
} else {
echo '<option>' . $scan_dir[$i] . '</option>';
}
}
}
}
echo '</select>';
} else {
echo '<input name="tpl" type="text" style="width:160px" value="' . @$mod["tpl"] . '">';
}
?>
</td>
</tr>
</table>
<div><strong><?php
echo $_LANG['AD_ARTICLE_NOTICE'];
?>
</strong></div>
<div><?php
$inCore->insertEditor('description', $mod['description'], '200', '100%');
?>
</div>
<div><strong><?php
echo $_LANG['AD_ARTICLE_TEXT'];
?>
</strong></div>
<?php
insertPanel();
?>
<div><?php
$inCore->insertEditor('content', $mod['content'], '400', '100%');
?>
</div><!--Editor text in articles-->
<div><strong><?php
echo $_LANG['AD_ARTICLE_IMG'];
?>
</strong></div>
<div><?php
$inCore->insertEditor('for_img', $mod['for_img'], '200', '100%');
?>
</div>
<div><strong><?php
echo $_LANG['AD_ARTICLE_ADD_TEXT'];
?>
</strong></div>
<div><input name="add_text" type="text" id="add_text" style="width:99%" value="<?php
echo htmlspecialchars($mod['add_text']);
?>
" /></div>
<div><strong><?php
echo $_LANG['AD_ARTICLE_TAGS'];
?>
</strong></div>
<div><input name="tags" type="text" id="tags" style="width:99%" value="<?php
if (isset($mod['id'])) {
echo cmsTagLine('content', $mod['id'], false);
}
?>
" /></div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20">
<input type="radio" name="autokeys" id="autokeys1" <?php
if ($do == 'add' && $cfg['autokeys']) {
?>
checked="checked"<?php
}
?>
value="1"/>
</td>
<td>
<label for="autokeys1"><strong><?php
echo $_LANG['AD_AUTO_GEN_KEY'];
?>
</strong></label>
</td>
</tr>
<tr>
<td width="20">
<input type="radio" name="autokeys" id="autokeys2" value="2"/>
</td>
<td>
<label for="autokeys2"><strong><?php
echo $_LANG['AD_TAGS_AS_KEY'];
?>
</strong></label>
</td>
</tr>
<tr>
<td width="20">
<input type="radio" name="autokeys" id="autokeys3" value="3" <?php
if ($do == 'edit' || !$cfg['autokeys']) {
?>
checked="checked"<?php
}
?>
/>
</td>
<td>
<label for="autokeys3"><strong><?php
echo $_LANG['AD_MANUAL_KEY'];
?>
</strong></label>
</td>
</tr>
<?php
if ($cfg['af_on'] && $do == 'add') {
?>
<tr>
<td width="20"><input type="checkbox" name="noforum" id="noforum" value="1" /> </td>
<td><label for="noforum"><strong><?php
echo $_LANG['AD_NO_CREATE_THEME'];
?>
</strong></label></td>
</tr>
<?php
}
?>
</table>
</td>
<!-- боковая ячейка -->
<td width="300" valign="top" style="background:#ECECEC;">
<?php
ob_start();
?>
{tab=<?php
echo $_LANG['AD_TAB_PUBLISH'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20"><input type="checkbox" name="published" id="published" value="1" <?php
if ($mod['published'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="published"><strong><?php
echo $_LANG['AD_PUBLIC_ARTICLE'];
?>
</strong></label></td>
</tr>
</table>
<div style="margin-top:7px">
<select name="category_id" size="10" id="category_id" style="width:99%;height:200px">
<option value="1" <?php
if (@$mod['category_id'] == 1 || !isset($mod['category_id'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_ROOT_CATEGORY'];
?>
</option>
<?php
if (isset($mod['category_id'])) {
echo $inCore->getListItemsNS('cms_category', $mod['category_id']);
} else {
echo $inCore->getListItemsNS('cms_category');
}
?>
</select>
</div>
<div style="margin-bottom:10px">
<select name="showpath" id="showpath" style="width:99%">
<option value="0" <?php
if (@(!$mod['showpath'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_PATHWAY_NAME_ONLY'];
?>
</option>
<option value="1" <?php
if (@$mod['showpath']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_PATHWAY_FULL'];
?>
</option>
</select>
</div>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_ARTICLE_URL'];
?>
</strong><br/>
<div style="color:gray"><?php
echo $_LANG['AD_IF_UNKNOWN'];
?>
</div>
</div>
<div>
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td><input type="text" name="url" value="<?php
echo $mod['url'];
?>
" style="width:100%"/></td>
<td width="40" align="center">.html</td>
</tr>
</table>
</div>
<div style="margin-top:10px">
<strong><?php
echo $_LANG['AD_ARTICLE_AUTHOR'];
?>
</strong>
</div>
<div>
<select name="user_id" id="user_id" style="width:99%">
<?php
if (isset($mod['user_id'])) {
echo $inCore->getListItems('cms_users', $mod['user_id'], 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
} else {
echo $inCore->getListItems('cms_users', $inUser->id, 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
}
?>
</select>
</div>
<div style="margin-top:12px"><strong><?php
echo $_LANG['AD_PHOTO'];
?>
</strong></div>
<div style="margin-bottom:10px">
<?php
if ($do == 'edit') {
if (isset($_SESSION['lang']) && $_SESSION['lang'] != 'ru') {
$mod_id = $mod['id'] . '_' . $_SESSION['lang'];
$id_art = $mod['id'] . '_' . $_SESSION['lang'];
} else {
$mod_id = $mod['id'];
$id_art = $id;
}
//if (file_exists(PATH.'/images/photos/small/article'.$mod['id'].'.jpg')){
if (file_exists(PATH . '/images/photos/small/article' . $mod_id . '.jpg')) {
?>
<div style="margin-top:3px;margin-bottom:3px;padding:10px;border:solid 1px gray;text-align:center">
<?/*php<img src="/images/photos/small/article<?php
echo $id;
?>
.jpg" border="0" />*/?>
<img src="/images/photos/small/article<?php
echo $id_art;
?>
.jpg" border="0" />
</div>
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td width="16"><input type="checkbox" id="delete_image" name="delete_image" value="1" /></td>
<td><label for="delete_image"><?php
echo $_LANG['AD_PHOTO_REMOVE'];
?>
</label></td>
</tr>
</table>
<?php
}
}
?>
<input type="file" name="picture" style="width:100%" />
</div>
<div style="margin-top:25px"><strong><?php
echo $_LANG['AD_PUBLIC_PARAMETRS'];
?>
</strong></div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20"><input type="checkbox" name="show_in_new" id="show_in_new" value="1" <?php
if ($mod['show_in_new'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="show_in_new"><?php
echo $_LANG['AD_VIEW_NEW_CATS'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="show_in_footer" id="show_in_footer" value="1" <?php
if ($mod['show_in_footer'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="show_in_footer"><?php
echo $_LANG['AD_VIEW_FOOTER'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="showlatest" id="showlatest" value="1" <?php
if ($mod['showlatest'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="showlatest"><?php
echo $_LANG['AD_VIEW_NEW_ARTICLES'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="comments" id="comments" value="1" <?php
if ($mod['comments'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="comments"><?php
echo $_LANG['AD_ENABLE_COMMENTS'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="canrate" id="canrate" value="1" <?php
if ($mod['canrate']) {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="canrate"><?php
echo $_LANG['AD_ENABLE_RATING'];
?>
</label></td>
</tr>
</table>
<?php
if ($do == 'add') {
?>
<div style="margin-top:25px">
<strong><?php
echo $_LANG['AD_CREATE_LINK'];
?>
</strong>
</div>
<div>
<select name="createmenu" id="createmenu" style="width:99%">
<option value="0" selected="selected"><?php
echo $_LANG['AD_DONT_CREATE_LINK'];
?>
</option>
<?php
foreach ($menu_list as $menu) {
?>
<option value="<?php
echo $menu['id'];
?>
">
<?php
echo $menu['title'];
?>
</option>
<?php
}
?>
</select>
</div>
<?php
}
?>
{tab=<?php
echo $_LANG['AD_DATE'];
?>
}
<div style="margin-top:5px">
<strong><?php
echo $_LANG['AD_ARTICLE_TIME'];
?>
</strong>
</div>
<div>
<select name="is_end" id="is_end" style="width:99%" onchange="if($(this).val() == 1){ $('#final_time').show(); }else {$('#final_time').hide();}">
<option value="0" <?php
if (@(!$mod['is_end'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_UNLIMITED'];
?>
</option>
<option value="1" <?php
if (@$mod['is_end']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_TO_FINAL_TIME'];
?>
</option>
</select>
</div>
<div id="final_time" <?php
if (@(!$mod['is_end'])) {
echo 'style="display: none"';
}
?>
>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['AD_FINAL_TIME'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_CALENDAR_FORMAT'];
?>
</span>
</div>
<div><input name="enddate" type="text" style="width:80%" <?php
if (@(!$mod['is_end'])) {
echo 'value="' . date('d.m.Y') . '"';
} else {
echo 'value="' . $mod['enddate'] . '"';
}
?>
id="enddate" /></div></div>
{tab=SEO}
<div style="margin-top:5px">
<strong><?php
echo $_LANG['AD_PAGE_TITLE'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_IF_UNKNOWN_PAGETITLE'];
?>
</span>
</div>
<div>
<input name="pagetitle" type="text" id="pagetitle" style="width:99%" value="<?php
if (isset($mod['pagetitle'])) {
echo htmlspecialchars($mod['pagetitle']);
}
?>
" />
</div>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['KEYWORDS'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_FROM_COMMA'];
?>
</span>
</div>
<div>
<textarea name="meta_keys" style="width:97%" rows="4" id="meta_keys"><?php
echo htmlspecialchars($mod['meta_keys']);
?>
</textarea>
</div>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['DESCRIPTION'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_LESS_THAN'];
?>
</span>
</div>
<div>
<textarea name="meta_desc" style="width:97%" rows="6" id="meta_desc"><?php
echo htmlspecialchars($mod['meta_desc']);
?>
</textarea>
</div>
{tab=<?php
echo $_LANG['AD_TAB_ACCESS'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<?php
$sql = "SELECT * FROM cms_user_groups";
$result = $inDB->query($sql);
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
$sql2 = "SELECT * FROM cms_content_access WHERE content_id = " . $mod['id'] . " AND content_type = 'material'";
$result2 = $inDB->query($sql2);
$ord = array();
if ($inDB->num_rows($result2)) {
$public = '';
$style = '';
while ($r = $inDB->fetch_assoc($result2)) {
$ord[] = $r['group_id'];
}
}
}
?>
<input name="is_public" type="checkbox" id="is_public" onclick="checkGroupList()" value="1" <?php
echo $public;
?>
/>
</td>
<td><label for="is_public"><strong><?php
echo $_LANG['AD_SHARE'];
?>
</strong></label></td>
</tr>
</table>
<div style="padding:5px">
<span class="hinttext">
<?php
echo $_LANG['AD_IF_NOTED'];
?>
</span>
</div>
<div style="margin-top:10px;padding:5px;padding-right:0px;" id="grp">
<div>
<strong><?php
echo $_LANG['AD_GROUPS_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<?php
echo '<select style="width: 99%" name="showfor[]" id="showin" size="6" multiple="multiple" ' . $style . '>';
if ($inDB->num_rows($result)) {
while ($item = $inDB->fetch_assoc($result)) {
echo '<option value="' . $item['id'] . '"';
if ($do == 'edit') {
if (inArray($ord, $item['id'])) {
echo 'selected="selected"';
}
}
echo '>';
echo $item['title'] . '</option>';
}
}
echo '</select>';
?>
</div>
</div>
{/tabs}
<?php
echo jwTabs(ob_get_clean());
?>
</td>
</tr>
</table>
<p>
<input name="add_mod" type="submit" id="add_mod" <?php
if ($do == 'add') {
echo 'value="' . $_LANG['AD_CREATE_CONTENT'] . '"';
} else {
echo 'value="' . $_LANG['AD_SAVE_CONTENT'] . '"';
}
?>
/>
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.history.back();"/>
<input name="do" type="hidden" id="do" <?php
if ($do == 'add') {
echo 'value="submit"';
} else {
echo 'value="update"';
}
?>
/>
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="' . $mod['id'] . '" />';
}
?>
</p>
</form>
<?php
}
}
function users()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
$model = new cms_model_users();
// id пользователя
$id = cmsCore::request('id', 'int', 0);
// логин пользователя
$login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', '')));
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$pagetitle = $inCore->getComponentTitle();
if ($model->config['sw_search'] != 2) {
$inPage->addPathway($pagetitle, '/users');
}
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
// js только авторизованным
if ($inUser->id) {
$inPage->addHeadJS('components/users/js/profile.js');
$inPage->addHeadJsLang(array('CONFIRM_CLEAN_CAT', 'CHOOSE_RECIPIENT', 'SEND_TO_USER', 'FRIENDSHIP_OFFER', 'STOP_FRIENDLY', 'REALY_STOP_FRIENDLY', 'ENTER_STATUS', 'HAVE_JUST'));
}
//============================================================================//
//========================= Список пользователей ============================//
//============================================================================//
if ($do == 'view') {
// если запрещен просмотр всех пользователей, 404
if ($model->config['sw_search'] == 2) {
cmsCore::error404();
}
//очищаем поисковые запросы если пришли со другой страницы
if (!strstr(cmsCore::getBackURL(), '/users')) {
cmsUser::sessionClearAll();
}
$stext = array();
// Возможные входные переменные
$name = cmsCore::getSearchVar('name');
$city = cmsCore::getSearchVar('city');
$hobby = cmsCore::getSearchVar('hobby');
$gender = cmsCore::getSearchVar('gender');
$orderby = cmsCore::request('orderby', array('karma', 'rating', 'regdate'), 'regdate');
$orderto = cmsCore::request('orderto', array('asc', 'desc'), 'desc');
$age_to = (int) cmsCore::getSearchVar('ageto', 'all');
$age_fr = (int) cmsCore::getSearchVar('agefrom', 'all');
$group_id = cmsCore::request('group_id', 'int', 0);
// Флаг о показе только онлайн пользователей
if (cmsCore::inRequest('online')) {
cmsUser::sessionPut('usr_online', (bool) cmsCore::request('online', 'int'));
$page = 1;
}
$only_online = cmsUser::sessionGet('usr_online');
if ($only_online) {
$stext[] = $_LANG['SHOWING_ONLY_ONLINE'];
}
///////////////////////////////////////
//////////Условия выборки//////////////
///////////////////////////////////////
// группа
if ($group_id) {
$model->whereUserGroupIs($group_id);
$link['group'] = '/users/group/' . $group_id;
$_LANG['GROUP_SEARCH_NAME'] = cmsUser::getGroupTitle($group_id);
}
// Добавляем в выборку имя, если оно есть
if ($name) {
$model->whereNameIs($name);
$stext[] = $_LANG['NAME'] . " — " . htmlspecialchars(stripslashes($name));
}
// Добавляем в выборку город, если он есть
if ($city) {
$model->whereCityIs($city);
$stext[] = $_LANG['CITY'] . " — " . htmlspecialchars(stripslashes($city));
}
// Добавляем в выборку хобби, если есть
if ($hobby) {
$model->whereHobbyIs($hobby);
$stext[] = $_LANG['HOBBY'] . " — " . htmlspecialchars(stripslashes($hobby));
}
// Добавляем в выборку пол, если есть
if ($gender) {
$model->whereGenderIs($gender);
if ($gender == 'm') {
$stext[] = $_LANG['MALE'];
} else {
$stext[] = $_LANG['FEMALE'];
}
}
// Добавляем в выборку возраст, более
if ($age_fr) {
$model->whereAgeFrom($age_fr);
$stext[] = $_LANG['NOT_YOUNG'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Добавляем в выборку возраст, менее
if ($age_to) {
$model->whereAgeTo($age_to);
$stext[] = $_LANG['NOT_OLD'] . " {$age_fr} " . $_LANG['YEARS'];
}
// Считаем общее количество согласно выборки
$total = $model->getUsersCount($only_online);
if ($total) {
//устанавливаем сортировку
$inDB->orderBy($orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во пользователей на странице
$inDB->limitPage($page, $model->config['users_perpage']);
// Загружаем пользователей согласно выборки
$users = $model->getUsers($only_online);
} else {
$inDB->resetConditions();
}
$link['latest'] = '/users';
$link['positive'] = '/users/positive.html';
$link['rating'] = '/users/rating.html';
if ($orderby == 'regdate') {
$link['selected'] = 'latest';
}
if ($orderby == 'karma') {
$link['selected'] = 'positive';
}
if ($orderby == 'rating') {
$link['selected'] = 'rating';
}
$pagebar_link = '/users/' . $link['selected'] . '%page%.html';
if ($group_id) {
$link['selected'] = 'group';
$pagebar_link = '/users/' . $link['selected'] . '/' . $group_id . '-%page%';
}
cmsPage::initTemplate('components', 'com_users_view')->assign('stext', $stext)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('users', $users)->assign('total', $total)->assign('only_online', $only_online)->assign('gender', $gender)->assign('name', stripslashes($name))->assign('city', stripslashes($city))->assign('hobby', stripslashes($hobby))->assign('age_to', $age_to)->assign('age_fr', $age_fr)->assign('cfg', $model->config)->assign('link', $link)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['users_perpage'], $pagebar_link))->display('com_users_view.tpl');
}
//============================================================================//
//======================= Редактирование профиля ============================//
//============================================================================//
if ($do == 'editprofile') {
// неавторизованным, не владельцам и не админам тут делать нечего
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = $model->getUser($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'edit');
// главного админа может редактировать только он сам
if ($id == 1 && $inUser->id != $id) {
cmsCore::error404();
}
// показываем форму
if ($opt == 'edit') {
$inPage->setTitle($_LANG['CONFIG_PROFILE'] . ' - ' . $usr['nickname']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['CONFIG_PROFILE']);
$private_forms = array();
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, $usr['formsdata']));
}
}
}
cmsPage::initTemplate('components', 'com_users_edit_profile')->assign('opt', $opt)->assign('usr', $usr)->assign('private_forms', $private_forms)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('cfg', $model->config)->display('com_users_edit_profile.tpl');
return;
}
// Если сохраняем профиль
if ($opt == 'save') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$users['nickname'] = cmsCore::request('nickname', 'str');
if (mb_strlen($users['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
cmsCore::loadModel('registration');
$modreg = new cms_model_registration();
if (!$inUser->is_admin) {
if ($modreg->getBadNickname($users['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
}
$profiles['gender'] = cmsCore::request('gender', 'str');
$profiles['city'] = cmsCore::request('city', 'str');
if (mb_strlen($profiles['city']) > 50) {
cmsCore::addSessionMessage($_LANG['LONG_CITY_NAME'], 'error');
$errors = true;
}
$users['email'] = cmsCore::request('email', 'email');
if (!$users['email']) {
cmsCore::addSessionMessage($_LANG['REALY_ADRESS_EMAIL'], 'error');
$errors = true;
}
if ($usr['email'] != $users['email']) {
$is_set_email = $inDB->get_field('cms_users', "email='{$users['email']}'", 'id');
if ($is_set_email) {
cmsCore::addSessionMessage($_LANG['ADRESS_EMAIL_IS_BUSY'], 'error');
$errors = true;
} else {
// формируем токен
$token = md5($usr['email'] . uniqid() . microtime());
$inDB->insert('cms_users_activate', array('user_id' => $inUser->id, 'pubdate' => date("Y-m-d H:i:s"), 'code' => $token));
$codelink = HOST . '/users/change_email/' . $token . '/' . $users['email'];
// по старому адресу высылаем письмо с подтверждением
$letter = cmsCore::getLanguageTextFile('change_email');
$letter = str_replace(array('{nickname}', '{codelink}'), array($inUser->nickname, $codelink), $letter);
cmsCore::mailText($usr['email'], '', $letter);
cmsCore::addSessionMessage(sprintf($_LANG['YOU_CHANGE_EMAIL'], $usr['email']), 'info');
// email не меняем
$users['email'] = $usr['email'];
}
}
$profiles['showphone'] = cmsCore::request('showphone', 'int', 0);
$profiles['showmail'] = cmsCore::request('showmail', 'int');
$profiles['email_newmsg'] = cmsCore::request('email_newmsg', 'int');
$profiles['showbirth'] = cmsCore::request('showbirth', 'int');
$profiles['description'] = cmsCore::request('description', 'str', '');
$users['birthdate'] = (int) $_REQUEST['birthdate']['year'] . '-' . (int) $_REQUEST['birthdate']['month'] . '-' . (int) $_REQUEST['birthdate']['day'];
$profiles['signature'] = $inDB->escape_string(cmsCore::badTagClear(cmsCore::request('signature', 'html', '')));
$profiles['signature_html'] = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('signature', 'html', ''), true));
$profiles['allow_who'] = cmsCore::request('allow_who', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['allow_who'])) {
$errors = true;
}
$users['icq'] = cmsCore::request('icq', 'str', '');
$profiles['showicq'] = cmsCore::request('showicq', 'int');
$profiles['cm_subscribe'] = cmsCore::request('cm_subscribe', 'str');
if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['cm_subscribe'])) {
$errors = true;
}
$users['phone'] = cmsCore::request('phone', 'int', 0);
// получаем данные форм
$profiles['formsdata'] = '';
if (isset($model->config['privforms'])) {
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$profiles['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
if ($errors) {
cmsCore::redirectBack();
}
$inDB->update('cms_user_profiles', cmsCore::callEvent('UPDATE_USER_PROFILES', array_merge(array('id' => $usr['pid'], 'user_id' => $usr['id']), $profiles)), $usr['pid']);
$inDB->update('cms_users', cmsCore::callEvent('UPDATE_USER_USERS', array_merge(array('id' => $usr['id']), $users)), $usr['id']);
cmsCore::addSessionMessage($_LANG['PROFILE_SAVED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
if ($opt == 'changepass') {
$errors = false;
$oldpass = cmsCore::request('oldpass', 'str');
$newpass = cmsCore::request('newpass', 'str');
$newpass2 = cmsCore::request('newpass2', 'str');
if ($inUser->password != md5($oldpass)) {
cmsCore::addSessionMessage($_LANG['OLD_PASS_WRONG'], 'error');
$errors = true;
}
if ($newpass != $newpass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($oldpass && $newpass && $newpass2 && mb_strlen($newpass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
cmsCore::callEvent('UPDATE_USER_PASSWORD', array('user_id' => $usr['id'], 'oldpass' => $oldpass, 'newpass' => $newpass));
$sql = "UPDATE cms_users SET password='******' WHERE id = '{$id}' AND password='******'";
$inDB->query($sql);
cmsCore::addSessionMessage($_LANG['PASS_CHANGED'], 'info');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//============================= Просмотр профиля ============================//
//============================================================================//
if ($do == 'profile') {
$inPage->addHeadJsLang(array('NEW_POST_ON_WALL', 'CONFIRM_DEL_POST_ON_WALL'));
// если просмотр профиля гостям запрещен
if (!$inUser->id && !$model->config['sw_guest']) {
cmsUser::goToLogin();
}
if (is_numeric($login)) {
cmsCore::error404();
}
$usr = $model->getUser($login);
if (!$usr) {
cmsCore::error404();
}
$myprofile = $inUser->id == $usr['id'];
$inPage->setTitle($usr['nickname']);
$inPage->addPathway($usr['nickname']);
// просмотр профиля запрещен
if (!cmsUser::checkUserContentAccess($usr['allow_who'], $usr['id'])) {
cmsPage::initTemplate('components', 'com_users_not_allow')->assign('is_auth', $inUser->id)->assign('usr', $usr)->display('com_users_not_allow.tpl');
return;
}
// Профиль удален
if ($usr['is_deleted']) {
cmsPage::initTemplate('components', 'com_users_deleted.tpl')->assign('usr', $usr)->assign('is_admin', $inUser->is_admin)->assign('others_active', $inDB->rows_count('cms_users', "login='******'login']}' AND is_deleted=0", 1))->display('com_users_deleted.tpl');
return;
}
// Данные о друзьях
$usr['friends_total'] = cmsUser::getFriendsCount($usr['id']);
$usr['friends'] = cmsUser::getFriends($usr['id']);
// очищать сессию друзей если в своем профиле и количество друзей из базы не совпадает с количеством друзей в сессии
if ($myprofile && sizeof($usr['friends']) != $usr['friends_total']) {
cmsUser::clearSessionFriends();
}
// обрезаем список
$usr['friends'] = array_slice($usr['friends'], 0, 6);
// выясняем друзья ли мы с текущим пользователем
$usr['isfriend'] = !$myprofile ? cmsUser::isFriend($usr['id']) : false;
// награды пользователя
$usr['awards'] = $model->config['sw_awards'] ? $model->getUserAwards($usr['id']) : false;
// стена
if ($model->config['sw_wall']) {
$inDB->limitPage(1, $model->config['wall_perpage']);
$usr['wall_html'] = cmsUser::getUserWall($usr['id'], 'users', $myprofile, $inUser->is_admin);
}
// можно ли пользователю изменять карму
$usr['can_change_karma'] = $model->isUserCanChangeKarma($usr['id']) && $inUser->id;
// Фотоальбомы пользователя
if ($model->config['sw_photo']) {
$usr['albums'] = $model->getPhotoAlbums($usr['id'], $usr['isfriend'], !$inCore->isComponentEnable('photos'));
$usr['albums_total'] = sizeof($usr['albums']);
$usr['albums_show'] = 6;
if ($usr['albums_total'] > $usr['albums_show']) {
array_splice($usr['albums'], $usr['albums_show']);
}
}
$usr['board_count'] = $model->config['sw_board'] ? $inDB->rows_count('cms_board_items', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['comments_count'] = $model->config['sw_comm'] ? $inDB->rows_count('cms_comments', "user_id='{$usr['id']}' AND published=1") : 0;
$usr['forum_count'] = $model->config['sw_forum'] ? $inDB->rows_count('cms_forum_posts', "user_id = '{$usr['id']}'") : 0;
$usr['files_count'] = $model->config['sw_files'] ? $inDB->rows_count('cms_user_files', "user_id = '{$usr['id']}'") : 0;
$cfg_reg = $inCore->loadComponentConfig('registration');
$usr['invites_count'] = $inUser->id && $myprofile && $cfg_reg['reg_type'] == 'invite' ? $model->getUserInvitesCount($inUser->id) : 0;
$usr['blog'] = $model->config['sw_blogs'] ? $inDB->get_fields('cms_blogs', "user_id = '{$usr['id']}' AND owner = 'user'", 'title, seolink') : false;
$usr['form_fields'] = array();
if (is_array($model->config['privforms'])) {
foreach ($model->config['privforms'] as $form_id) {
$usr['form_fields'] = array_merge($usr['form_fields'], cmsForm::getFieldsValues($form_id, $usr['formsdata']));
}
}
if ($usr['city']) {
cmsCore::loadModel('geo');
$geo = new cms_model_geo();
$city_parents = $geo->getCityParents($usr['city']);
if ($city_parents) {
$usr['country'] = $city_parents['country_name'];
}
}
$plugins = $model->getPluginsOutput($usr);
cmsPage::initTemplate('components', 'com_users_profile.tpl')->assign('usr', $usr)->assign('plugins', $plugins)->assign('cfg', $model->config)->assign('myprofile', $myprofile)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('is_admin', $inUser->is_admin)->assign('is_auth', $inUser->id)->display('com_users_profile.tpl');
}
//============================================================================//
//============================= Список сообщений ============================//
//============================================================================//
if ($do == 'messages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_MESS']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['MY_MESS'], '/users/' . $id . '/messages.html');
include 'components/users/messages.php';
}
//============================================================================//
//=========================== Отправка сообщения ============================//
//============================================================================//
if ($do == 'sendmessage') {
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id && !cmsCore::inRequest('massmail') && !cmsCore::request('send_to_group', 'int', 0)) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gosend')) {
$replyid = cmsCore::request('replyid', 'int', 0);
if ($replyid) {
$msg = $model->getReplyMessage($replyid, $inUser->id);
if (!$msg) {
cmsCore::halt();
}
}
$inPage->setRequestIsAjax();
cmsPage::initTemplate('components', 'com_users_messages_add')->assign('msg', isset($msg) ? $msg : array())->assign('is_reply_user', $replyid)->assign('id', $id)->assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->assign('groups', $inUser->is_admin ? cmsUser::getGroups(true) : array())->assign('friends', cmsUser::getFriends($inUser->id))->assign('id_admin', $inUser->is_admin)->display('com_users_messages_add.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
if (cmsCore::inRequest('gosend')) {
// Кому отправляем
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
$message = cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true);
if (mb_strlen($message) < 2) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS']));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$output = cmsCore::callEvent('USER_SEND_MESSEDGE', array('text' => $message, 'to_id' => $id));
$message = $output['text'];
$id = $output['to_id'];
$send_to_group = cmsCore::request('send_to_group', 'int', 0);
$group_id = cmsCore::request('group_id', 'int', 0);
//
// Обычная отправка (1 получатель)
//
if (!cmsCore::inRequest('massmail') && !$send_to_group) {
//отправляем сообщение
$msg_id = cmsUser::sendMessage($inUser->id, $id, $message);
// отправляем уведомление на email если нужно
$model->sendNotificationByEmail($id, $inUser->id, $msg_id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_MESS_OK']));
}
//
// далее идут массовые рассылки, доступные только админам
//
if (!$inUser->is_admin) {
cmsCore::halt();
}
// отправить всем: получаем список всех пользователей
if (cmsCore::inRequest('massmail')) {
$userlist = cmsUser::getAllUsers();
// проверяем что есть кому отправлять
if (!$userlist) {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ERR_SEND_MESS']));
}
$count = array();
// отправляем всем по списку
foreach ($userlist as $usr) {
$count[] = cmsUser::sendMessage(USER_MASSMAIL, $usr['id'], $message);
}
cmsCore::jsonOutput(array('error' => false, 'text' => sprintf($_LANG['SEND_MESS_ALL_OK'], sizeof($count))));
}
// отправить группе: получаем список членов группы
if ($send_to_group) {
$count = cmsUser::sendMessageToGroup(USER_MASSMAIL, $group_id, $message);
$success_msg = sprintf($_LANG['SEND_MESS_GROUP_OK'], $count, cmsUser::getGroupTitle($group_id));
cmsCore::jsonOutput(array('error' => false, 'text' => $success_msg));
}
}
}
//============================================================================//
//============================= Удаление сообщения ==========================//
//============================================================================//
if ($do == 'delmessage') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$model->config['sw_msg']) {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$msg = $inDB->get_fields('cms_user_msg', "id='{$id}'", '*');
if (!$msg) {
cmsCore::halt();
}
$can_delete = $inUser->id == $msg['to_id'] || $inUser->id == $msg['from_id'] ? true : false;
if (!$can_delete && !$inUser->is_admin) {
cmsCore::halt();
}
// Сообщения с from_id < 0
if ($msg['from_id'] < 0) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_NOTICE_DEL_OK'];
}
// мне сообщение от пользователя
if ($msg['to_id'] == $inUser->id && $msg['from_id'] > 0) {
$inDB->query("UPDATE cms_user_msg SET to_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// от меня сообщение
if ($msg['from_id'] == $inUser->id && !$msg['is_new']) {
$inDB->query("UPDATE cms_user_msg SET from_del=1 WHERE id='{$id}'");
$info_text = $_LANG['MESS_DEL_OK'];
}
// отзываем сообщение
if ($msg['from_id'] == $inUser->id && $msg['is_new']) {
$inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1");
$info_text = $_LANG['MESS_BACK_OK'];
}
// удаляем сообщения, которые удалены с двух сторон
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
cmsCore::jsonOutput(array('error' => false, 'text' => $info_text));
}
//============================================================================//
//=========================== Удаление сообщений ============================//
//============================================================================//
if ($do == 'delmessages') {
if (!$model->config['sw_msg']) {
cmsCore::error404();
}
if ($inUser->id != $id && !$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$opt = cmsCore::request('opt', 'str', 'in');
if ($opt == 'notices') {
$inDB->query("DELETE FROM cms_user_msg WHERE to_id = '{$id}' AND from_id < 0");
} else {
$del_flag = $opt == 'in' ? 'to_del' : 'from_del';
$id_flag = $opt == 'in' ? 'to_id' : 'from_id';
$inDB->query("UPDATE cms_user_msg SET {$del_flag}=1 WHERE {$id_flag}='{$id}'");
$inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1");
}
cmsCore::addSessionMessage($_LANG['MESS_ALL_DEL_OK'], 'info');
cmsCore::redirectBack();
}
//============================================================================//
//============================= Загрузка аватара ============================//
//============================================================================//
if ($do == 'avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['LOAD_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['LOAD_AVATAR']);
if (cmsCore::inRequest('upload')) {
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/';
$inUploadPhoto->dir_medium = 'users/avatars/';
$inUploadPhoto->dir_small = 'users/avatars/small/';
$inUploadPhoto->small_size_w = $model->config['smallw'];
$inUploadPhoto->medium_size_w = $model->config['medw'];
$inUploadPhoto->medium_size_h = $model->config['medh'];
$inUploadPhoto->is_watermark = false;
$inUploadPhoto->input_name = 'picture';
$file = $inUploadPhoto->uploadPhoto($inUser->orig_imageurl);
if (!$file) {
cmsCore::addSessionMessage('<strong>' . $_LANG['ERROR'] . ':</strong> ' . cmsCore::uploadError() . '!', 'error');
cmsCore::redirect('/users/' . $id . '/avatar.html');
}
$sql = "UPDATE cms_user_profiles SET imageurl = '{$file['filename']}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $file['filename'] . '">
</a>'));
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
} else {
cmsPage::initTemplate('components', 'com_users_avatar_upload')->assign('id', $id)->display('com_users_avatar_upload.tpl');
}
}
//============================================================================//
//============================= Библиотека аватаров =========================//
//============================================================================//
if ($do == 'select_avatar') {
if (!$inUser->id || $inUser->id && $inUser->id != $id) {
cmsCore::error404();
}
$avatars_dir = PATH . "/images/users/avatars/library";
$avatars_dir_rel = "/images/users/avatars/library";
$avatars_dir_handle = opendir($avatars_dir);
$avatars = array();
while ($nextfile = readdir($avatars_dir_handle)) {
if ($nextfile != '.' && $nextfile != '..' && (mb_strstr($nextfile, '.gif') || mb_strstr($nextfile, '.jpg') || mb_strstr($nextfile, '.jpeg') || mb_strstr($nextfile, '.png'))) {
$avatars[] = $nextfile;
}
}
closedir($avatars_dir_handle);
if (!cmsCore::inRequest('set_avatar')) {
$inPage->setTitle($_LANG['SELECT_AVATAR']);
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['SELECT_AVATAR']);
$perpage = 20;
$total = sizeof($avatars);
$avatars = array_slice($avatars, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_avatars')->assign('userid', $id)->assign('avatars', $avatars)->assign('avatars_dir', $avatars_dir_rel)->assign('page', $page)->assign('perpage', $perpage)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/users/%user_id%/select-avatar-%page%.html', array('user_id' => $id)))->display('com_users_avatars.tpl');
} else {
$avatar_id = cmsCore::request('avatar_id', 'int', 0);
$file = $avatars[$avatar_id];
if (file_exists($avatars_dir . '/' . $file)) {
$uploaddir = PATH . '/images/users/avatars/';
$realfile = $file;
$filename = md5($realfile . '-' . $id . '-' . time()) . '.jpg';
$uploadfile = $avatars_dir . '/' . $realfile;
$uploadavatar = $uploaddir . $filename;
$uploadthumb = $uploaddir . 'small/' . $filename;
if ($inUser->orig_imageurl && $inUser->orig_imageurl != 'nopic.jpg') {
@unlink(PATH . '/images/users/avatars/' . $inUser->orig_imageurl);
@unlink(PATH . '/images/users/avatars/small/' . $inUser->orig_imageurl);
}
cmsCore::includeGraphics();
copy($uploadfile, $uploadavatar);
@img_resize($uploadfile, $uploadthumb, $model->config['smallw'], $model->config['smallw']);
$sql = "UPDATE cms_user_profiles SET imageurl = '{$filename}' WHERE user_id = '{$id}' LIMIT 1";
$inDB->query($sql);
// очищаем предыдущую запись о смене аватара
cmsActions::removeObjectLog('add_avatar', $id);
// выводим сообщение в ленту
cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava">
<img border="0" src="/images/users/avatars/small/' . $filename . '">
</a>'));
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
//============================================================================//
//======================== Работа с фотографиями ============================//
//============================================================================//
if ($do == 'photos') {
if (!$model->config['sw_photo']) {
cmsCore::error404();
}
$pdo = cmsCore::request('pdo', 'str', '');
include 'components/users/photos.php';
}
//============================================================================//
//============================= Друзья пользователя =========================//
//============================================================================//
if ($do == 'friendlist') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$perpage = 10;
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['FRIENDS']);
$inPage->setTitle($_LANG['FRIENDS']);
// все друзья
$friends = cmsUser::getFriends($usr['id']);
// их общее количество
$total = count($friends);
// получаем только нужных на странице
$friends = array_slice($friends, ($page - 1) * $perpage, $perpage);
cmsPage::initTemplate('components', 'com_users_friends')->assign('friends', $friends)->assign('usr', $usr)->assign('myprofile', $id == $inUser->id)->assign('total', $total)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/friendlist%page%.html\')'))->display('com_users_friends.tpl');
}
//============================================================================//
//============================= Запрос на дружбу ============================//
//============================================================================//
if ($do == 'addfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::halt();
}
cmsUser::clearSessionFriends();
if (cmsUser::isFriend($id)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['YOU_ARE_BE_FRIENDS']));
}
// проверяем был ли ранее запрос на дружбу
// если был, то делаем accept запросу
$is_need_accept_id = cmsUser::getFriendFieldId($id, 0, 'to_me');
if ($is_need_accept_id) {
$inDB->query("UPDATE cms_user_friends SET is_accepted = 1 WHERE id = '{$is_need_accept_id}'");
//регистрируем событие
cmsActions::log('add_friend', array('object' => $inUser->nickname, 'user_id' => $usr['id'], 'object_url' => cmsUser::getProfileURL($inUser->login), 'object_id' => $is_need_accept_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::callEvent('USER_ACCEPT_FRIEND', $id);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_FRIEND_OK'] . $usr['nickname']));
}
// Если пользователь пытается добавиться в друзья к
// пользователю, к которому уже отправил запрос
if (cmsUser::getFriendFieldId($id, 0, 'from_me')) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ADD_TO_FRIEND_SEND_ERR']));
}
// Мы вообще не друзья с пользователем, создаем запрос
cmsUser::addFriend($id);
cmsUser::sendMessage(USER_UPDATER, $id, sprintf($_LANG['RECEIVED_F_O'], cmsUser::getProfileLink($inUser->login, $inUser->nickname), '<a class="ajaxlink" href="javascript:void(0)" onclick="users.acceptFriend(' . $inUser->id . ', this);return false;">' . $_LANG['ACCEPT'] . '</a>', '<a class="ajaxlink" href="javascript:void(0)" onclick="users.rejectFriend(' . $inUser->id . ', this);return false;">' . $_LANG['REJECT'] . '</a>'));
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_TO_FRIEND_SEND']));
}
//============================================================================//
//============================= Прекращение дружбы ==========================//
//============================================================================//
if ($do == 'delfriend') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id || $inUser->id == $id) {
cmsCore::halt();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
if (cmsUser::getFriendFieldId($id)) {
$is_accepted_friend = cmsUser::isFriend($id);
if (cmsUser::deleteFriend($id)) {
// Если подтвержденный друг
if ($is_accepted_friend) {
cmsCore::jsonOutput(array('error' => false, 'text' => $usr['nickname'] . $_LANG['DEL_FRIEND']));
} else {
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['REJECT_FRIEND'] . $usr['nickname']));
}
} else {
cmsCore::halt();
}
} else {
cmsCore::halt();
}
}
//============================================================================//
//============================= История кармы ===============================//
//============================================================================//
if ($do == 'karma') {
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['KARMA_HISTORY']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['KARMA_HISTORY']);
cmsPage::initTemplate('components', 'com_users_karma')->assign('karma', $model->getUserKarma($usr['id']))->assign('usr', $usr)->display('com_users_karma.tpl');
}
//============================================================================//
//============================= Изменение кармы =============================//
//============================================================================//
if ($do == 'votekarma') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$points = cmsCore::request('sign', 'str', 'plus') == 'plus' ? 1 : -1;
$to = cmsCore::request('to', 'int', 0);
$user = cmsUser::getShortUserData($to);
if (!$user) {
cmsCore::halt();
}
if (!$model->isUserCanChangeKarma($to)) {
cmsCore::halt();
}
cmsCore::halt(cmsUser::changeKarmaUser($to, $points));
}
//============================================================================//
//======================= Наградить пользователя ============================//
//============================================================================//
if ($do == 'giveaward') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['AWARD_USER']);
$inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login']));
$inPage->addPathway($_LANG['AWARD']);
if (!cmsCore::inRequest('gosend')) {
cmsPage::initTemplate('components', 'com_users_awards_give')->assign('usr', $usr)->assign('awardslist', cmsUser::getAwardsImages())->display('com_users_awards_give.tpl');
} else {
$award['title'] = cmsCore::request('title', 'str', $_LANG['AWRD']);
$award['description'] = cmsCore::request('description', 'str', '');
$award['imageurl'] = cmsCore::request('imageurl', 'str', '');
$award['from_id'] = $inUser->id;
$award['id'] = 0;
cmsUser::giveAward($award, $id);
cmsCore::redirect(cmsUser::getProfileURL($usr['login']));
}
}
//============================================================================//
//============================= Удаление награды ============================//
//============================================================================//
if ($do == 'delaward') {
$aw = $inDB->get_fields('cms_user_awards', "id = '{$id}'", '*');
if (!$aw) {
cmsCore::error404();
}
if (!$inUser->id || $inUser->id != $aw['user_id'] && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->delete('cms_user_awards', "id = '{$id}'", 1);
cmsActions::removeObjectLog('add_award', $id);
cmsCore::redirectBack();
}
//============================================================================//
//============================= Награды на сайте ============================//
//============================================================================//
if ($do == 'awardslist') {
$inPage->setTitle($_LANG['SITE_AWARDS']);
$inPage->addPathway($_LANG['SITE_AWARDS']);
$awards = cmsUser::getAutoAwards();
if (!$awards) {
cmsCore::error404();
}
foreach ($awards as $aw) {
//Перебираем все награды и ищем пользователей с текущей наградой
$sql = "SELECT u.id as id, u.nickname as nickname, u.login as login, IFNULL(p.gender, 'm') as gender\r\n FROM cms_user_awards aw\r\n LEFT JOIN cms_users u ON u.id = aw.user_id\r\n LEFT JOIN cms_user_profiles p ON p.user_id = u.id\r\n WHERE aw.award_id = '{$aw['id']}'";
$rs = $inDB->query($sql);
$aw['uhtml'] = '';
if ($inDB->num_rows($rs)) {
while ($user = $inDB->fetch_assoc($rs)) {
$aw['uhtml'] .= cmsUser::getGenderLink($user['id'], $user['nickname'], $user['gender'], $user['login']) . ', ';
}
$aw['uhtml'] = rtrim($aw['uhtml'], ', ');
} else {
$aw['uhtml'] = $_LANG['NOT_USERS_WITH_THIS_AWARD'];
}
$aws[] = $aw;
}
cmsPage::initTemplate('components', 'com_users_awards_site')->assign('aws', $aws)->display('com_users_awards_site.tpl');
}
//============================================================================//
//============================= Удаление профиля ============================//
//============================================================================//
if ($do == 'delprofile') {
// неавторизованным тут делать нечего
if (!$inUser->id) {
cmsCore::error404();
}
// есть ли удаляемый профиль
$data = cmsUser::getShortUserData($id);
if (!$data) {
cmsCore::error404();
}
// владелец профиля или админ
if ($inUser->is_admin) {
// могут ли администраторы удалять профиль
if (!cmsUser::isAdminCan('admin/users', cmsUser::getAdminAccess())) {
cmsCore::error404();
}
// администратор сам себя не удалит
if ($inUser->id == $data['id']) {
cmsCore::error404();
}
} else {
// удаляем только свой профиль
if ($inUser->id != $data['id']) {
cmsCore::error404();
}
}
if (isset($_POST['csrf_token'])) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$model->deleteUser($id);
if (!$inUser->is_admin) {
session_destroy();
cmsCore::redirect('/logout');
} else {
cmsCore::addSessionMessage($_LANG['DELETING_PROFILE_OK'], 'info');
cmsCore::redirect('/users');
}
} else {
$inPage->setTitle($_LANG['DELETING_PROFILE']);
$inPage->addPathway($data['nickname'], $inUser->getProfileURL($data['login']));
$inPage->addPathway($_LANG['DELETING_PROFILE']);
$confirm['title'] = $_LANG['DELETING_PROFILE'];
$confirm['text'] = '<p>' . $_LANG['REALLY_DEL_PROFILE'] . '</p>';
$confirm['action'] = '/users/' . $id . '/delprofile.html';
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
cmsPage::initTemplate('components', 'action_confirm.tpl')->assign('confirm', $confirm)->display('action_confirm.tpl');
}
}
//============================================================================//
//============================ Восстановить профиль =========================//
//============================================================================//
if ($do == 'restoreprofile') {
if (!$inUser->is_admin) {
cmsCore::error404();
}
$usr = cmsUser::getShortUserData($id);
if (!$usr) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_deleted = 0 WHERE id = '{$id}'");
cmsCore::redirectBack();
}
//============================================================================//
//============================= Файлы пользователей =========================//
//============================================================================//
if ($do == 'files') {
if (!$model->config['sw_files']) {
cmsCore::error404();
}
$fdo = cmsCore::request('fdo', 'str', '');
include 'components/users/files.php';
}
//============================================================================//
//================================ Инвайты =================================//
//============================================================================//
if ($do == 'invites') {
$reg_cfg = $inCore->loadComponentConfig('registration');
if ($reg_cfg['reg_type'] != 'invite') {
cmsCore::error404();
}
$invites_count = $model->getUserInvitesCount($inUser->id);
if (!$invites_count) {
cmsCore::error404();
}
if (!cmsCore::inRequest('send_invite')) {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_INVITES']);
cmsPage::initTemplate('components', 'com_users_invites')->assign('invites_count', $invites_count)->display('com_users_invites.tpl');
return;
}
if (cmsCore::inRequest('send_invite')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$invite_email = cmsCore::request('invite_email', 'email', '');
if (!$invite_email) {
cmsCore::redirectBack();
}
if ($model->sendInvite($inUser->id, $invite_email)) {
cmsCore::addSessionMessage(sprintf($_LANG['INVITE_SENDED'], $invite_email), 'success');
} else {
cmsCore::addSessionMessage($_LANG['INVITE_ERROR'], 'error');
}
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
if ($do == 'change_email') {
if (!$inUser->id) {
cmsUser::goToLogin();
}
$email = cmsCore::request('email', 'email', '');
$token = cmsCore::request('token', 'str', '');
// не занят ли email
$is_email = $inDB->get_field('cms_users', "email='{$email}'", 'id');
if ($is_email || !$email || !$token) {
cmsCore::error404();
}
// проверяем токен
$valid_id = $inDB->get_field('cms_users_activate', "code='{$token}' AND user_id = '{$inUser->id}'", 'id');
if (!$valid_id) {
cmsCore::error404();
}
$inDB->delete('cms_users_activate', "id = '{$valid_id}'");
// Сохраняем новый email
$inDB->update('cms_users', array('email' => $email), $inUser->id);
cmsCore::addSessionMessage($_LANG['NEW_EMAIL_SAVED'], 'success');
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}
function content()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_content();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
cmsCore::loadClass('billing');
}
global $_LANG;
$id = cmsCore::request('id', 'int', 0);
$do = $inCore->do;
$seolink = cmsCore::strClear(urldecode(cmsCore::request('seolink', 'html', '')));
if (is_numeric($seolink)) {
cmsCore::error404();
}
$page = cmsCore::request('page', 'int', 1);
///////////////////////////////////// VIEW CATEGORY ////////////////////////////////////////////////////////////////////////////////
if ($do == 'view') {
$cat = $inDB->getNsCategory('cms_category', $seolink);
// если не найдена категория и мы не на главной, 404
if (!$cat && $inCore->menuId() !== 1) {
cmsCore::error404();
}
// языки
$cat = translations::process(cmsConfig::getConfig('lang'), 'content_category', $cat);
// Плагины
$cat = cmsCore::callEvent('GET_CONTENT_CAT', $cat);
// Неопубликованные показываем только админам
if (!$cat['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Проверяем доступ к категории
if (!$inCore->checkUserAccess('category', $cat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
// если не корень категорий
if ($cat['NSLevel'] > 0) {
$inPage->setTitle($cat['pagetitle'] ? $cat['pagetitle'] : $cat['title']);
$pagetitle = $cat['title'];
$showdate = $cat['showdate'];
$showcomm = $cat['showcomm'];
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars($cat['title']) . '" href="' . HOST . '/rss/content/' . $cat['id'] . '/feed.rss">');
}
// Если корневая категория
if ($cat['NSLevel'] == 0) {
if ($model->config['hide_root']) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['CATALOG_ARTICLES']);
$pagetitle = $_LANG['CATALOG_ARTICLES'];
$showdate = 1;
$showcomm = 1;
}
// Получаем дерево категорий
$path_list = $inDB->getNsCategoryPath('cms_category', $cat['NSLeft'], $cat['NSRight'], 'id, title, NSLevel, seolink, url');
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'content_category', $path_list);
foreach ($path_list as $pcat) {
if (!$inCore->checkUserAccess('category', $pcat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
$inPage->addPathway($pcat['title'], $model->getCategoryURL(null, $pcat['seolink']));
}
}
// Получаем подкатегории
$subcats_list = $model->getSubCats($cat['id']);
// Привязанный фотоальбом
$cat_photos = $model->getCatPhotoAlbum($cat['photoalbum']);
// Получаем статьи
// Редактор/администратор
$is_editor = $cat['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd') || $inUser->is_admin;
// Условия
$model->whereCatIs($cat['id']);
// Общее количество статей
$total = $model->getArticlesCount($is_editor);
// Сортировка и разбивка на страницы
$inDB->orderBy($cat['orderby'], $cat['orderto']);
$inDB->limitPage($page, $model->config['perpage']);
// Получаем статьи
$content_list = $total ? $model->getArticlesList(!$is_editor) : array();
$inDB->resetConditions();
if (!$content_list && $page > 1) {
cmsCore::error404();
}
$pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], $model->getCategoryURL(null, $cat['seolink'], 0, true));
$template = $cat['tpl'] ? $cat['tpl'] : 'com_content_view.tpl';
if ($cat['NSLevel'] > 0) {
// meta description
if ($cat['meta_desc']) {
$meta_desc = $cat['meta_desc'];
} elseif (mb_strlen(strip_tags($cat['description'])) >= 250) {
$meta_desc = crop($cat['description']);
} else {
$meta_desc = $cat['title'];
}
$inPage->setDescription($meta_desc);
// meta keywords
if ($cat['meta_keys']) {
$meta_keys = $cat['meta_keys'];
} elseif ($content_list) {
foreach ($content_list as $c) {
$k[] = $c['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $cat['title'];
}
$inPage->setKeywords($meta_keys);
}
cmsPage::initTemplate('components', $template)->assign('cat', $cat)->assign('is_homepage', (bool) ($inCore->menuId() == 1))->assign('showdate', $showdate)->assign('showcomm', $showcomm)->assign('pagetitle', $pagetitle)->assign('subcats', $subcats_list)->assign('cat_photos', $cat_photos)->assign('articles', $content_list)->assign('pagebar', $pagebar)->display($template);
}
///////////////////////////////////// READ ARTICLE ////////////////////////////////////////////////////////////////////////////////
if ($do == 'read') {
// Получаем статью
$article = $model->getArticle($seolink);
if (!$article) {
cmsCore::error404();
}
$article = translations::process(cmsConfig::getConfig('lang'), 'content_content', $article);
$article = cmsCore::callEvent('GET_ARTICLE', $article);
$is_admin = $inUser->is_admin;
$is_author = $inUser->id == $article['user_id'];
$is_author_del = cmsUser::isUserCan('content/delete');
$is_editor = $article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd');
// если статья не опубликована или дата публикации позже, 404
if ((!$article['published'] || strtotime($article['pubdate']) > time()) && !$is_admin && !$is_editor && !$is_author) {
cmsCore::error404();
}
if (!$inCore->checkUserAccess('material', $article['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect($model->getCategoryURL(null, $article['catseolink']));
}
// увеличиваем кол-во просмотров
if (@(!$is_author)) {
$inDB->setFlag('cms_content', $article['id'], 'hits', $article['hits'] + 1);
}
// Картинка статьи
$article['image'] = file_exists(PATH . '/images/photos/medium/article' . $article['id'] . '.jpg') ? 'article' . $article['id'] . '.jpg' : '';
// Заголовок страницы
$article['pagetitle'] = $article['pagetitle'] ? $article['pagetitle'] : $article['title'];
// Тело статьи в зависимости от настроек
$article['content'] = $model->config['readdesc'] ? $article['description'] . $article['content'] : $article['content'];
// Дата публикации
$article['pubdate'] = cmsCore::dateFormat($article['pubdate']);
// Шаблон статьи
$article['tpl'] = $article['tpl'] ? $article['tpl'] : 'com_content_read.tpl';
$inPage->setTitle($article['pagetitle']);
// Получаем дерево категорий
$path_list = $article['showpath'] ? $inDB->getNsCategoryPath('cms_category', $article['leftkey'], $article['rightkey'], 'id, title, NSLevel, seolink, url') : array();
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'content_category', $path_list);
foreach ($path_list as $pcat) {
if (!$inCore->checkUserAccess('category', $pcat['id'])) {
cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error');
cmsCore::redirect('/content');
}
$inPage->addPathway($pcat['title'], $model->getCategoryURL(null, $pcat['seolink']));
}
}
$inPage->addPathway($article['title']);
// Мета теги KEYWORDS и DESCRIPTION
if ($article['meta_keys']) {
$inPage->setKeywords($article['meta_keys']);
} else {
if (mb_strlen($article['content']) > 30) {
$inPage->setKeywords(cmsCore::getKeywords(cmsCore::strClear($article['content'])));
}
}
if (mb_strlen($article['meta_desc'])) {
$inPage->setDescription($article['meta_desc']);
}
// Выполняем фильтры
$article['content'] = cmsCore::processFilters($article['content']);
// Разбивка статей на страницы
$pt_pages = array();
if (!empty($GLOBALS['pt'])) {
foreach ($GLOBALS['pt'] as $num => $page_title) {
$pt_pages[$num]['title'] = $page_title;
$pt_pages[$num]['url'] = $model->getArticleURL(null, $article['seolink'], $num + 1);
}
}
// Рейтинг статьи
if ($model->config['rating'] && $article['canrate']) {
$karma = cmsKarma('content', $article['id']);
$karma_points = cmsKarmaFormatSmall($karma['points']);
$btns = cmsKarmaButtonsText('content', $article['id'], $karma['points'], $is_author);
}
cmsPage::initTemplate('components', $article['tpl'])->assign('article', $article)->assign('cfg', $model->config)->assign('page', $page)->assign('is_pages', !empty($GLOBALS['pt']))->assign('pt_pages', $pt_pages)->assign('is_admin', $is_admin)->assign('is_editor', $is_editor)->assign('is_author', $is_author)->assign('is_author_del', $is_author_del)->assign('tagbar', cmsTagBar('content', $article['id']))->assign('karma_points', @$karma_points)->assign('karma_votes', @$karma['votes'])->assign('karma_buttons', @$btns)->display($article['tpl']);
// Комментарии статьи
if ($article['published'] && $article['comments'] && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('article', $article['id'], array(), $is_author);
}
}
///////////////////////////////////// ADD ARTICLE //////////////////////////////////////////////////////////////////////////////////
if ($do == 'addarticle' || $do == 'editarticle') {
$is_add = cmsUser::isUserCan('content/add');
// может добавлять статьи
$is_auto_add = cmsUser::isUserCan('content/autoadd');
// добавлять статьи без модерации
if (!$is_add && !$is_auto_add) {
cmsCore::error404();
}
// Для редактирования получаем статью и проверяем доступ
if ($do == 'editarticle') {
// Получаем статью
$item = $model->getArticle($id);
if (!$item) {
cmsCore::error404();
}
$pubcats = array();
// доступ к редактированию админам, авторам и редакторам
if (!$inUser->is_admin && $item['user_id'] != $inUser->id && !($item['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd'))) {
cmsCore::error404();
}
}
// Для добавления проверяем не вводили ли мы данные ранее
if ($do == 'addarticle') {
$item = cmsUser::sessionGet('article');
if ($item) {
cmsUser::sessionDel('article');
}
// Категории, в которые разрешено публиковать
$pubcats = $model->getPublicCats();
if (!$pubcats) {
cmsCore::addSessionMessage($_LANG['ADD_ARTICLE_ERR_CAT'], 'error');
cmsCore::redirectBack();
}
}
// не было запроса на сохранение, показываем форму
if (!cmsCore::inRequest('add_mod')) {
$dynamic_cost = false;
// Если добавляем статью
if ($do == 'addarticle') {
$pagetitle = $_LANG['ADD_ARTICLE'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_ARTICLES'], '/content/my.html');
$inPage->addPathway($pagetitle);
// поддержка биллинга
if (IS_BILLING) {
$action = cmsBilling::getAction('content', 'add_content');
foreach ($pubcats as $p => $pubcat) {
if ($pubcat['cost']) {
$dynamic_cost = true;
} else {
$pubcats[$p]['cost'] = $action['point_cost'][$inUser->group_id];
}
}
cmsBilling::checkBalance('content', 'add_content', $dynamic_cost);
}
}
// Если редактируем статью
if ($do == 'editarticle') {
$pagetitle = $_LANG['EDIT_ARTICLE'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
if ($item['user_id'] != $inUser->id) {
$user = $inDB->get_fields('cms_users', "id='{$item['user_id']}'", 'login, nickname');
$inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login']));
} else {
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
}
$inPage->addPathway($_LANG['MY_ARTICLES'], '/content/my.html');
$inPage->addPathway($pagetitle);
$item['tags'] = cmsTagLine('content', $item['id'], false);
$item['image'] = file_exists(PATH . '/images/photos/small/article' . $item['id'] . '.jpg') ? 'article' . $item['id'] . '.jpg' : '';
if (!$is_auto_add) {
cmsCore::addSessionMessage($_LANG['ATTENTION'] . ': ' . $_LANG['EDIT_ARTICLE_PREMODER'], 'info');
}
}
$inPage->initAutocomplete();
$autocomplete_js = $inPage->getAutocompleteJS('tagsearch', 'tags');
$item = cmsCore::callEvent('PRE_EDIT_ARTICLE', @$item ? $item : array());
cmsPage::initTemplate('components', 'com_content_edit')->assign('mod', $item)->assign('do', $do)->assign('cfg', $model->config)->assign('pubcats', $pubcats)->assign('pagetitle', $pagetitle)->assign('is_admin', $inUser->is_admin)->assign('is_billing', IS_BILLING)->assign('dynamic_cost', $dynamic_cost)->assign('autocomplete_js', $autocomplete_js)->display('com_content_edit.tpl');
}
// Пришел запрос на сохранение статьи
if (cmsCore::inRequest('add_mod')) {
$errors = false;
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['user_id'] = $item['user_id'] ? $item['user_id'] : $inUser->id;
$article['title'] = cmsCore::request('title', 'str', '');
$article['tags'] = cmsCore::request('tags', 'str', '');
$article['description'] = cmsCore::request('description', 'html', '');
$article['content'] = cmsCore::request('content', 'html', '');
$article['description'] = cmsCore::badTagClear($article['description']);
$article['content'] = cmsCore::badTagClear($article['content']);
$article['published'] = $is_auto_add ? 1 : 0;
if ($do == 'editarticle') {
$article['published'] = $item['published'] == 0 ? $item['published'] : $article['published'];
}
$article['pubdate'] = $do == 'editarticle' ? $item['pubdate'] : date('Y-m-d H:i');
$article['enddate'] = $do == 'editarticle' ? $item['enddate'] : $article['pubdate'];
$article['is_end'] = $do == 'editarticle' ? $item['is_end'] : 0;
$article['showtitle'] = $do == 'editarticle' ? $item['showtitle'] : 1;
$article['meta_desc'] = $do == 'addarticle' ? mb_strtolower($article['title']) : $inDB->escape_string($item['meta_desc']);
$article['meta_keys'] = $do == 'addarticle' ? $inCore->getKeywords($article['content']) : $inDB->escape_string($item['meta_keys']);
$article['showdate'] = $do == 'editarticle' ? $item['showdate'] : 1;
$article['showlatest'] = $do == 'editarticle' ? $item['showlatest'] : 1;
$article['showpath'] = $do == 'editarticle' ? $item['showpath'] : 1;
$article['comments'] = $do == 'editarticle' ? $item['comments'] : 1;
$article['canrate'] = $do == 'editarticle' ? $item['canrate'] : 1;
$article['pagetitle'] = '';
if ($do == 'editarticle') {
$article['tpl'] = $item['tpl'];
}
if (mb_strlen($article['title']) < 2) {
cmsCore::addSessionMessage($_LANG['REQ_TITLE'], 'error');
$errors = true;
}
if (mb_strlen($article['content']) < 10) {
cmsCore::addSessionMessage($_LANG['REQ_CONTENT'], 'error');
$errors = true;
}
if ($errors) {
// При добавлении статьи при ошибках сохраняем введенные поля
if ($do == 'addarticle') {
cmsUser::sessionPut('article', $article);
}
cmsCore::redirectBack();
}
$article['description'] = $inDB->escape_string($article['description']);
$article['content'] = $inDB->escape_string($article['content']);
$article = cmsCore::callEvent('AFTER_EDIT_ARTICLE', $article);
// добавление статьи
if ($do == 'addarticle') {
$article_id = $model->addArticle($article);
}
// загрузка фото
$file = 'article' . (@$article_id ? $article_id : $item['id']) . '.jpg';
if (cmsCore::request('delete_image', 'int', 0)) {
@unlink(PATH . "/images/photos/small/{$file}");
@unlink(PATH . "/images/photos/medium/{$file}");
}
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $model->config['img_small_w'];
$inUploadPhoto->medium_size_w = $model->config['img_big_w'];
$inUploadPhoto->thumbsqr = $model->config['img_sqr'];
$inUploadPhoto->is_watermark = $model->config['watermark'];
$inUploadPhoto->input_name = 'picture';
$inUploadPhoto->filename = $file;
// Процесс загрузки фото
$inUploadPhoto->uploadPhoto();
// операции после добавления/редактирования статьи
// добавление статьи
if ($do == 'addarticle') {
// Получаем добавленную статью
$article = $model->getArticle($article_id);
if (!$article['published']) {
cmsCore::addSessionMessage($_LANG['ARTICLE_PREMODER_TEXT'], 'info');
// отсылаем уведомление администраторам
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_ARTICLE_SUBMIT']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessageToGroup(USER_UPDATER, cmsUser::getAdminGroups(), $message);
} else {
//регистрируем событие
cmsActions::log('add_article', array('object' => $article['title'], 'object_url' => $model->getArticleURL(null, $article['seolink']), 'object_id' => $article['id'], 'target' => $article['cat_title'], 'target_url' => $model->getCategoryURL(null, $article['catseolink']), 'target_id' => $article['category_id'], 'description' => ''));
if (IS_BILLING) {
$category_cost = $article['cost'] === '' ? false : (int) $article['cost'];
cmsBilling::process('content', 'add_content', $category_cost);
}
cmsUser::checkAwards($inUser->id);
}
cmsCore::addSessionMessage($_LANG['ARTICLE_SAVE'], 'info');
cmsCore::redirect('/my.html');
}
// Редактирование статьи
if ($do == 'editarticle') {
$model->updateArticle($item['id'], $article, true);
cmsActions::updateLog('add_article', array('object' => $article['title']), $item['id']);
if (!$article['published']) {
$link = '<a href="' . $model->getArticleURL(null, $item['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_ARTICLE_EDITED']);
$message = str_replace('%link%', $link, $message);
cmsUser::sendMessageToGroup(USER_UPDATER, cmsUser::getAdminGroups(), $message);
}
$mess = $article['published'] ? $_LANG['ARTICLE_SAVE'] : $_LANG['ARTICLE_SAVE'] . ' ' . $_LANG['ARTICLE_PREMODER_TEXT'];
cmsCore::addSessionMessage($mess, 'info');
cmsCore::redirect($model->getArticleURL(null, $item['seolink']));
}
}
}
///////////////////////// PUBLISH ARTICLE /////////////////////////////////////////////////////////////////////////////
if ($do == 'publisharticle') {
if (!$inUser->id) {
cmsCore::error404();
}
$article = $model->getArticle($id);
if (!$article) {
cmsCore::error404();
}
// Редактор с правами на добавление без модерации или администраторы могут публиковать
if (!($article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd')) && !$inUser->is_admin) {
cmsCore::error404();
}
$inDB->setFlag('cms_content', $article['id'], 'published', 1);
cmsCore::callEvent('ADD_ARTICLE_DONE', $article);
if (IS_BILLING) {
$author = $inDB->get_fields('cms_users', "id='{$article['user_id']}'", '*');
$category_cost = $article['cost'] === '' ? false : (int) $article['cost'];
cmsBilling::process('content', 'add_content', $category_cost, $author);
}
//регистрируем событие
cmsActions::log('add_article', array('object' => $article['title'], 'user_id' => $article['user_id'], 'object_url' => $model->getArticleURL(null, $article['seolink']), 'object_id' => $article['id'], 'target' => $article['cat_title'], 'target_url' => $model->getCategoryURL(null, $article['catseolink']), 'target_id' => $article['cat_id'], 'description' => ''));
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%link%', $link, $_LANG['MSG_ARTICLE_ACCEPTED']);
cmsUser::sendMessage(USER_UPDATER, $article['user_id'], $message);
cmsUser::checkAwards($article['user_id']);
cmsCore::redirectBack();
}
///////////////////////////////////// DELETE ARTICLE ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'deletearticle') {
if (!$inUser->id) {
cmsCore::error404();
}
$article = $model->getArticle($id);
if (!$article) {
cmsCore::error404();
}
// права доступа
$is_author = cmsUser::isUserCan('content/delete') && $article['user_id'] == $inUser->id;
$is_editor = $article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd');
if (!$is_author && !$is_editor && !$inUser->is_admin) {
cmsCore::error404();
}
if (!cmsCore::inRequest('goadd')) {
$inPage->setTitle($_LANG['ARTICLE_REMOVAL']);
$inPage->addPathway($_LANG['ARTICLE_REMOVAL']);
$confirm['title'] = $_LANG['ARTICLE_REMOVAL'];
$confirm['text'] = $_LANG['ARTICLE_REMOVAL_TEXT'] . ' <a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>?';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
$confirm['yes_button']['name'] = 'goadd';
cmsPage::initTemplate('components', 'action_confirm')->assign('confirm', $confirm)->display('action_confirm.tpl');
} else {
$model->deleteArticle($article['id']);
if ($_SERVER['HTTP_REFERER'] == '/my.html') {
cmsCore::addSessionMessage($_LANG['ARTICLE_DELETED'], 'info');
cmsCore::redirectBack();
} else {
// если удалили как администратор или редактор и мы не авторы статьи, отсылаем сообщение автору
if (($is_editor || $inUser->is_admin) && $article['user_id'] != $inUser->id) {
$link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>';
$message = str_replace('%link%', $link, $article['published'] ? $_LANG['MSG_ARTICLE_DELETED'] : $_LANG['MSG_ARTICLE_REJECTED']);
cmsUser::sendMessage(USER_UPDATER, $article['user_id'], $message);
} else {
cmsCore::addSessionMessage($_LANG['ARTICLE_DELETED'], 'info');
}
cmsCore::redirect($model->getCategoryURL(null, $article['catseolink']));
}
}
}
///////////////////////////////////// MY ARTICLES ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'my') {
if (!cmsUser::isUserCan('content/add')) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['MY_ARTICLES']);
$inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX));
$inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login));
$inPage->addPathway($_LANG['MY_ARTICLES']);
$perpage = 15;
// Условия
$model->whereUserIs($inUser->id);
// Общее количество статей
$total = $model->getArticlesCount(false);
// Сортировка и разбивка на страницы
$inDB->orderBy('con.pubdate', 'DESC');
$inDB->limitPage($page, $perpage);
// Получаем статьи
$content_list = $total ? $model->getArticlesList(false) : array();
$inDB->resetConditions();
cmsPage::initTemplate('components', 'com_content_my')->assign('articles', $content_list)->assign('total', $total)->assign('user_can_delete', cmsUser::isUserCan('content/delete'))->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/content/my%page%.html'))->display('com_content_my.tpl');
}
///////////////////////////////////// BEST ARTICLES ///////////////////////////////////////////////////////////////////////////////////
if ($do == 'best') {
$inPage->setTitle($_LANG['ARTICLES_RATING']);
$inPage->addPathway($_LANG['ARTICLES_RATING']);
// Только статьи, за которые можно голосовать
$inDB->where("con.canrate = 1");
// Сортировка и разбивка на страницы
$inDB->orderBy('con.rating', 'DESC');
$inDB->limitPage(1, 30);
// Получаем статьи
$content_list = $model->getArticlesList();
cmsPage::initTemplate('components', 'com_content_rating')->assign('articles', $content_list)->display('com_content_rating.tpl');
}
}
public function uploadPhoto($old_file = '')
{
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
$inUploadPhoto->upload_dir = PATH . '/images/catalog/';
$inUploadPhoto->small_size_w = $this->config['small_size'];
$inUploadPhoto->medium_size_w = $this->config['medium_size'];
$inUploadPhoto->is_watermark = $this->config['watermark'];
$inUploadPhoto->is_saveorig = 1;
$inUploadPhoto->input_name = 'imgfile';
return $inUploadPhoto->uploadPhoto($old_file);
}
cmsCore::loadClass('user');
cmsCore::loadClass('upload_photo');
$inUser = cmsUser::getInstance();
if (!$inUser->update()) {
cmsCore::error404();
}
if (!$inUser->id) {
cmsCore::error404();
}
// Получаем компонент, с которого идет загрузка
$component = cmsCore::request('component', 'str', 'content');
// Проверяем установлен ли он
if (!$inCore->isComponentInstalled($component)) {
cmsCore::error404();
}
$inUploadPhoto = cmsUploadPhoto::getInstance();
// объект плагина
$plugin = $inCore->loadPlugin('p_ckeditor');
// разрешена ли загрузка фото
if (!$plugin->canUpload()) {
cmsCore::error404();
}
// Загружаем конфиг плагина
$cfg = $inCore->loadPluginConfig('p_ckeditor');
if (!$cfg) {
cmsCore::error404();
}
global $_LANG;
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/upload/';
$inUploadPhoto->medium_size_w = $cfg['photo_width'];
public function uploadPhoto($old_file = '', $cat)
{
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/board/';
$inUploadPhoto->small_size_w = $cat['thumb1'];
$inUploadPhoto->medium_size_w = $cat['thumb2'];
$inUploadPhoto->thumbsqr = $cat['thumbsqr'];
$inUploadPhoto->is_watermark = $this->config['watermark'];
// Процесс загрузки фото
$file = $inUploadPhoto->uploadPhoto($old_file);
return $file;
}
function applet_cats()
{
$inCore = cmsCore::getInstance();
$inDB = cmsDatabase::getInstance();
global $_LANG;
$GLOBALS['cp_page_title'] = $_LANG['AD_ARTICLES'];
cpAddPathway($_LANG['AD_ARTICLES'], 'index.php?view=tree');
cmsCore::loadModel('content');
$model = new cms_model_content();
$small = $model->config['img_small_w'];
$big = $model->config['img_big_w'];
$do = cmsCore::request('do', 'str', 'add');
$id = cmsCore::request('id', 'int', -1);
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
cmsCore::loadClass('billing');
}
if ($do == 'delete') {
$is_with_content = cmsCore::inRequest('content');
$model->deleteCategory($id, $is_with_content);
cmsCore::addSessionMessage($is_with_content ? $_LANG['AD_CATEGORY_REMOVED'] : $_LANG['AD_CATEGORY_REMOVED_NOT_ARTICLE'], 'success');
cmsCore::redirect('?view=tree');
}
//update from categories table
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$category['id'] = cmsCore::request('id', 'int', 0);
$category['title'] = cmsCore::request('title', 'str', $_LANG['AD_SECTION_UNTITLED']);
$category['parent_id'] = cmsCore::request('parent_id', 'int');
$category['description'] = cmsCore::request('description', 'html');
$category['description'] = $inDB->escape_string($category['description']);
$category['published'] = cmsCore::request('published', 'int', 0);
$category['showdate'] = cmsCore::request('showdate', 'int', 0);
$category['showcomm'] = cmsCore::request('showcomm', 'int', 0);
$category['orderby'] = cmsCore::request('orderby', 'str');
$category['orderto'] = cmsCore::request('orderto', 'str');
$category['modgrp_id'] = cmsCore::request('modgrp_id', 'int', 0);
$category['maxcols'] = cmsCore::request('maxcols', 'int', 0);
$category['showtags'] = cmsCore::request('showtags', 'int', 0);
$category['showrss'] = cmsCore::request('showrss', 'int', 0);
$category['showdesc'] = cmsCore::request('showdesc', 'int', 0);
$category['is_public'] = cmsCore::request('is_public', 'int', 0);
$category['url'] = cmsCore::request('url', 'str');
$category['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$category['meta_desc'] = cmsCore::request('meta_desc', 'str');
$category['meta_keys'] = cmsCore::request('meta_keys', 'str');
$category['redirect_url'] = cmsCore::request('redirect_url', 'str');
//new
$category['show_in_main'] = cmsCore::request('show_in_main', 'int', 0);
//new
$category['perpage_item'] = cmsCore::request('perpage_item', 'str');
//new
if ($category['url']) {
$category['url'] = cmsCore::strToURL($category['url'], $model->config['is_url_cyrillic']);
}
$category['tpl'] = cmsCore::request('tpl', 'str', 'com_content_view.tpl');
$category['cost'] = cmsCore::request('cost', 'str', '');
if (!is_numeric($category['cost'])) {
$category['cost'] = '';
}
$album = array();
$album['id'] = cmsCore::request('album_id', 'int', 0);
$album['header'] = cmsCore::request('album_header', 'str', '');
$album['orderby'] = cmsCore::request('album_orderby', 'str', '');
$album['orderto'] = cmsCore::request('album_orderto', 'str', '');
$album['maxcols'] = cmsCore::request('album_maxcols', 'int', 0);
$album['max'] = cmsCore::request('album_max', 'int', 0);
if ($album['id']) {
$category['photoalbum'] = serialize($album);
} else {
$category['photoalbum'] = '';
}
// получаем старую категорию
$old = $inDB->get_fields('cms_category', "id='{$category['id']}'", '*');
if (!$old) {
cmsCore::error404();
}
// если сменили категорию
if ($old['parent_id'] != $category['parent_id']) {
// перемещаем ее в дереве
$inCore->nestedSetsInit('cms_category')->MoveNode($category['id'], $category['parent_id']);
// обновляем сеолинки категорий
$inDB->updateNsCategorySeoLink('cms_category', $category['id'], $model->config['is_url_cyrillic']);
// Обновляем ссылки меню на категории
$model->updateCatMenu();
// обновляем сеолинки всех вложенных статей
$model->updateArticlesSeoLink($category['id']);
cmsCore::addSessionMessage($_LANG['AD_CATEGORY_NEW_URL'], 'info');
}
$inDB->update('cms_category', $category, $category['id']);
// если пришел запрос на обновление ссылок
// и категория не менялась - если менялась, мы выше все обновили
if (cmsCore::inRequest('update_seolink') && $old['parent_id'] == $category['parent_id']) {
// обновляем сеолинки категорий
$inDB->updateNsCategorySeoLink('cms_category', $category['id'], $model->config['is_url_cyrillic']);
// Обновляем ссылки меню на категории
$model->updateCatMenu();
// обновляем сеолинки всех вложенных статей
$model->updateArticlesSeoLink($category['id']);
cmsCore::addSessionMessage($_LANG['AD_SECTION_AND_ARTICLES_NEW_URL'], 'info');
}
if (!cmsCore::request('is_access', 'int', 0)) {
$showfor = $_REQUEST['showfor'];
cmsCore::setAccess($category['id'], $showfor, 'category');
} else {
cmsCore::clearAccess($category['id'], 'category');
}
if (isset($_SESSION['lang']) && $_SESSION['lang'] != 'ru') {
$file = 'cat_article' . $category['id'] . '_' . $_SESSION['lang'] . '.jpg';
} else {
$file = 'cat_article' . $category['id'] . '.jpg';
}
// работа с файлами!
//$file = 'cat_article'.$category['id'].'.jpg';
if (cmsCore::request('delete_image', 'int', 0)) {
@unlink(PATH . "/images/photos/small/{$file}");
@unlink(PATH . "/images/photos/medium/{$file}");
} else {
//подгружаем параметры фото
$small_size_w = cmsCore::request('img_small_w', 'str', '');
$medium_size_w = cmsCore::request('img_big_w', 'str', '');
$thumbsqr = cmsCore::request('img_sqr', 'str', '');
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $small_size_w;
$inUploadPhoto->medium_size_w = $medium_size_w;
$inUploadPhoto->thumbsqr = $thumbsqr;
$inUploadPhoto->is_watermark = $model->config['watermark'];
$inUploadPhoto->input_name = 'picture';
$inUploadPhoto->filename = $file;
// Процесс загрузки фото
$inUploadPhoto->uploadPhoto();
//var_dump($inUploadPhoto);
}
cmsCore::addSessionMessage($_LANG['AD_CATEGORY_SAVED'], 'success');
if (!isset($_SESSION['editlist']) || @sizeof($_SESSION['editlist']) == 0) {
cmsCore::redirect('?view=tree&cat_id=' . $category['id']);
} else {
cmsCore::redirect('?view=tree');
}
}
// submit in to DB
if ($do == 'submit') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$category['title'] = cmsCore::request('title', 'str', $_LANG['AD_CATEGORY_UNTITLED']);
$category['url'] = cmsCore::request('url', 'str');
if ($category['url']) {
$category['url'] = cmsCore::strToURL($category['url']);
}
$category['parent_id'] = cmsCore::request('parent_id', 'int');
$category['description'] = cmsCore::request('description', 'html');
$category['description'] = $inDB->escape_string($category['description']);
$category['published'] = cmsCore::request('published', 'int', 0);
$category['showdate'] = cmsCore::request('showdate', 'int', 0);
$category['showcomm'] = cmsCore::request('showcomm', 'int', 0);
$category['orderby'] = cmsCore::request('orderby', 'str');
$category['orderto'] = cmsCore::request('orderto', 'str');
$category['modgrp_id'] = cmsCore::request('modgrp_id', 'int', 0);
$category['maxcols'] = cmsCore::request('maxcols', 'int', 0);
$category['showtags'] = cmsCore::request('showtags', 'int', 0);
$category['showrss'] = cmsCore::request('showrss', 'int', 0);
$category['showdesc'] = cmsCore::request('showdesc', 'int', 0);
$category['is_public'] = cmsCore::request('is_public', 'int', 0);
$category['tpl'] = cmsCore::request('tpl', 'str', 'com_content_view.tpl');
$category['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$category['meta_desc'] = cmsCore::request('meta_desc', 'str');
$category['meta_keys'] = cmsCore::request('meta_keys', 'str');
$category['redirect_url'] = cmsCore::request('redirect_url', 'str');
//new
$category['show_in_main'] = cmsCore::request('show_in_main', 'int', 0);
//new
$category['perpage_item'] = cmsCore::request('perpage_item', 'str');
//new
$category['cost'] = cmsCore::request('cost', 'str', 0);
if (!is_numeric($category['cost'])) {
$category['cost'] = '';
}
$album = array();
$album['id'] = cmsCore::request('album_id', 'int', 0);
$album['header'] = cmsCore::request('album_header', 'str', '');
$album['orderby'] = cmsCore::request('album_orderby', 'str', '');
$album['orderto'] = cmsCore::request('album_orderto', 'str', '');
$album['maxcols'] = cmsCore::request('album_maxcols', 'int', 0);
$album['max'] = cmsCore::request('album_max', 'int', 0);
if ($album['id']) {
$category['photoalbum'] = serialize($album);
} else {
$category['photoalbum'] = '';
}
$ns = $inCore->nestedSetsInit('cms_category');
$category['id'] = $ns->AddNode($category['parent_id']);
$category['seolink'] = cmsCore::generateCatSeoLink($category, 'cms_category', $model->config['is_url_cyrillic']);
if ($category['id']) {
$inDB->update('cms_category', $category, $category['id']);
if (!cmsCore::request('is_access', 'int', 0)) {
$showfor = $_REQUEST['showfor'];
cmsCore::setAccess($category['id'], $showfor, 'category');
} else {
cmsCore::clearAccess($category['id'], 'category');
}
}
$inmenu = cmsCore::request('createmenu', 'str', '');
if ($inmenu) {
createMenuItem($inmenu, $category['id'], $category['title']);
}
//подгружаем параметры фото
$small_size_w = cmsCore::request('img_small_w', 'str', '');
$medium_size_w = cmsCore::request('img_big_w', 'str', '');
$thumbsqr = cmsCore::request('img_sqr', 'str', '');
// Загружаем класс загрузки фото
cmsCore::loadClass('upload_photo');
$inUploadPhoto = cmsUploadPhoto::getInstance();
// Выставляем конфигурационные параметры
$inUploadPhoto->upload_dir = PATH . '/images/photos/';
$inUploadPhoto->small_size_w = $small_size_w;
$inUploadPhoto->medium_size_w = $medium_size_w;
$inUploadPhoto->thumbsqr = $thumbsqr;
$inUploadPhoto->is_watermark = $model->config['watermark'];
$inUploadPhoto->input_name = 'picture';
$inUploadPhoto->filename = $file;
// Процесс загрузки фото
$inUploadPhoto->uploadPhoto();
//var_dump($inUploadPhoto);
cmsCore::addSessionMessage($_LANG['AD_CATEGORY_ADD'], 'success');
cmsCore::redirect('?view=tree');
}
if ($do == 'add' || $do == 'edit') {
require '../includes/jwtabs.php';
$GLOBALS['cp_page_head'][] = jwHeader();
$toolmenu = array();
$toolmenu[0]['icon'] = 'save.gif';
$toolmenu[0]['title'] = $_LANG['SAVE'];
$toolmenu[0]['link'] = 'javascript:document.addform.submit();';
$toolmenu[1]['icon'] = 'cancel.gif';
$toolmenu[1]['title'] = $_LANG['CANCEL'];
$toolmenu[1]['link'] = 'javascript:history.go(-1);';
cpToolMenu($toolmenu);
$menu_list = cpGetList('menu');
if ($do == 'add') {
echo '<h3>' . $_LANG['AD_CREATE_SECTION'] . '</h3>';
cpAddPathway($_LANG['AD_CREATE_SECTION'], 'index.php?view=cats&do=add');
$mod['tpl'] = 'com_content_view.tpl';
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = $_REQUEST['item'];
} else {
echo '<p class="error">' . $_LANG['AD_NO_SELECT_OBJECTS'] . '</p>';
return;
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$id = (int) $_REQUEST['id'];
}
$sql = "SELECT * FROM cms_category WHERE id = {$id} LIMIT 1";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)) {
$mod = $inDB->fetch_assoc($result);
if (@$mod['photoalbum']) {
$mod['photoalbum'] = unserialize($mod['photoalbum']);
}
}
echo '<h3>' . $_LANG['AD_EDIT_SECTION'] . $ostatok . '</h3>';
cpAddPathway($mod['title'], 'index.php?view=cats&do=edit&id=' . $mod['id']);
}
?>
<form id="addform" name="addform" method="post" action="index.php" enctype="multipart/form-data">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<input type="hidden" name="view" value="cats" />
<table class="proptable" width="100%" cellpadding="5" cellspacing="2">
<tr>
<!-- главная ячейка -->
<td valign="top">
<table border="0" cellpadding="0" cellspacing="5" width="100%">
<tbody>
<tr>
<td>
<strong><?php
echo $_LANG['AD_TITLE_PARTITION'];
?>
</strong>
</td>
<td width="190" style="padding-left:6px">
<strong><?php
echo $_LANG['AD_TEMPLATE_PARTITION'];
?>
</strong>
</td>
</tr>
<tr>
<td>
<input name="title" type="text" id="title" style="width:100%" value="<?php
echo htmlspecialchars($mod['title']);
?>
" />
</td>
<!-- <td style="padding-left:6px">
<input name="tpl" type="text" style="width:98%" value="<?php
echo @$mod['tpl'];
?>
" />
</td>-->
<td style="padding-left:6px">
<?php
$inConf = cmsConfig::getInstance();
//задаём имя директории
$directory = PATH . "/templates/" . $inConf->template . "/components";
$scan_dir = scandir($directory);
if (is_dir($directory)) {
//проверяем наличие директории
//директория существует
echo '<select name="tpl">';
$scan_dir = scandir($directory);
//сканируем (получаем массив файлов)
array_shift($scan_dir);
// удаляем из массива '.'
array_shift($scan_dir);
// удаляем из массива '..'
for ($i = 0; $i < sizeof($scan_dir); $i++) {
$tpl = explode("_", $scan_dir[$i]);
if ($_GET['view'] == $tpl['1'] || $tpl['1'] == 'content') {
if ($_GET['view']) {
//выводим все файлы
if (@$mod["tpl"] == $scan_dir[$i]) {
echo '<option selected>' . $scan_dir[$i] . '</option>';
} else {
echo '<option>' . $scan_dir[$i] . '</option>';
}
}
}
}
echo '</select>';
} else {
echo '<input name="tpl" type="text" style="width:160px" value="' . @$mod["tpl"] . '">';
}
?>
</td>
</tr>
</tbody>
</table>
<div><strong><?php
echo $_LANG['AD_PARENT_PARTITION'];
?>
</strong></div>
<div>
<div class="parent_notice" style="color:red;margin:4px 0px;display:none"><?php
echo $_LANG['AD_ANOTHER_PARENT'];
?>
</div>
<select name="parent_id" size="12" id="parent_id" style="width:100%" onchange="if($('option:selected',this).data('nsleft')>='<?php
echo $mod['NSLeft'];
?>
' && $('option:selected',this).data('nsright')<='<?php
echo $mod['NSRight'];
?>
'){ $('.parent_notice').show();$('#add_mod').prop('disabled', true); } else { $('.parent_notice').hide();$('#add_mod').prop('disabled', false); }">
<?php
$rootid = $inDB->getNsRootCatId('cms_category');
?>
<option value="<?php
echo $rootid;
?>
" <?php
if (@$mod['parent_id'] == $rootid || !isset($mod['parent_id'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_SECTION'];
?>
</option>
<?php
if (isset($mod['parent_id'])) {
echo $inCore->getListItemsNS('cms_category', $mod['parent_id']);
} else {
echo $inCore->getListItemsNS('cms_category');
}
?>
</select>
</div>
<div><strong><?php
echo $_LANG['AD_SECTION_DESCRIPT'];
?>
</strong></div>
<div>
<?php
$inCore->insertEditor('description', $mod['description'], '250', '100%');
?>
</div>
</td>
<!-- боковая -->
<td valign="top" width="350" style="background:#ECECEC;">
<?php
ob_start();
?>
{tab=<?php
echo $_LANG['AD_TAB_PUBLISH'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20"><input type="checkbox" name="published" id="published" value="1" <?php
if ($mod['published'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="published"><strong><?php
echo $_LANG['AD_PUBLIC_SECTION'];
?>
</strong></label></td>
</tr>
</table>
<div style=" <?php
if ($do == 'edit') {
?>
display:none;<?php
}
?>
" class="url_cat">
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_SECTION_URL'];
?>
</strong><br/>
<div style="color:gray"><?php
echo $_LANG['AD_FROM_TITLE'];
?>
</div>
</div>
<div>
<input type="text" name="url" value="<?php
echo $mod['url'];
?>
" style="width:99%"/>
</div>
</div>
<div class="url_cat"><!--//my cod-->
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_SECTION_REDIRECT_URL'];
?>
</strong><br/>
<div style="color:gray"><?php
echo $_LANG['AD_FROM_URL'];
?>
</div>
</div>
<input type="text" name="redirect_url" value="<?php
echo $mod['redirect_url'];
?>
" style="width:99%"/>
</div>
<?php
if ($do == 'edit') {
?>
<table width="100%" cellpadding="0" cellspacing="0" border="0" style="margin-top:15px">
<tr>
<td width="20"><input type="checkbox" name="update_seolink" id="update_seolink" value="1" onclick="$('.url_cat').slideToggle('fast');" /></td>
<td><label for="update_seolink"><strong><?php
echo $_LANG['AD_NEW_LINK'];
?>
</strong></label></td>
</tr>
</table>
<div class="url_cat" style="display:none;"><strong style="color:#F00;"><?php
echo $_LANG['ATTENTION'];
?>
:</strong> <?php
echo $_LANG['AD_NO_LINKS'];
?>
</div>
<?php
}
?>
<div style="margin-top:20px"><strong><?php
echo $_LANG['AD_SORT_ARTICLES'];
?>
</strong></div>
<div>
<select name="orderby" id="orderby" style="width:100%">
<option value="pubdate" <?php
if (@$mod['orderby'] == 'pubdate') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_CALENDAR'];
?>
</option>
<option value="title" <?php
if (@$mod['orderby'] == 'title') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_TITLE'];
?>
</option>
<option value="ordering" <?php
if (@$mod['orderby'] == 'ordering') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_ORDER'];
?>
</option>
<option value="hits" <?php
if (@$mod['orderby'] == 'hits') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_VIEWS'];
?>
</option>
</select>
<select name="orderto" id="orderto" style="width:100%">
<option value="ASC" <?php
if (@$mod['orderto'] == 'ASC') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_INCREMENT'];
?>
</option>
<option value="DESC" <?php
if (@$mod['orderto'] == 'DESC') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_DECREMENT'];
?>
</option>
</select>
</div>
<div style="margin-top:12px"><strong>Фотография</strong></div>
<div style="margin-bottom:10px">
<?php
if ($do == 'edit') {
if (isset($_SESSION['lang']) && $_SESSION['lang'] != 'ru') {
$mod_id = $mod['id'] . '_' . $_SESSION['lang'];
$id_art = $mod['id'] . '_' . $_SESSION['lang'];
} else {
$mod_id = $mod['id'];
$id_art = $id;
}
//if (file_exists(PATH.'/images/photos/small/cat_article'.$mod['id'].'.jpg')){
if (file_exists(PATH . '/images/photos/small/cat_article' . $mod_id . '.jpg')) {
?>
<div style="margin-top:3px;margin-bottom:3px;padding:10px;border:solid 1px gray;text-align:center">
<?/*php<img src="/images/photos/small/cat_article<?php
echo $id;
?>
.jpg" border="0" />*/?>
<img src="/images/photos/small/cat_article<?php
echo $id_art;
?>
.jpg" border="0" />
</div>
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td width="16"><input type="checkbox" id="delete_image" name="delete_image" value="1" /></td>
<td><label for="delete_image">Удалить фотографию</label></td>
</tr>
</table>
<?php
}
}
?>
<input type="file" name="picture" style="width:100%" />
</div>
<!--------------------------------------------------------------------------------------------------->
<a style="cursor:pointer" onclick='$("#phto_config").slideToggle("");' >Параметры фото</a>
<table id="phto_config" style="display:none;">
<tr>
<td><strong>Ширина маленькой копии:</strong></td>
<td width="120">
<input type="text" size="5" value="<?php
echo $small;
?>
" id="img_small_w" name="img_small_w"> пикс.
</td>
</tr>
<tr>
<td><strong>Ширина большой копии:</strong></td>
<td>
<input type="text" size="5" value="<?php
echo $big;
?>
" id="img_big_w" name="img_big_w"> пикс.
</td>
</tr>
<tr>
<td><strong>Квадратные:</strong></td>
<td>
<input type="radio" value="0" name="img_sqr"> Да
<input type="radio" checked="checked" value="1" name="img_sqr"> Нет
</td>
</tr>
<!--
<tr>
<td>
<strong>Разрешить пользователям:</strong><br>
<span class="hinttext">Смогут ли пользователи добавлять фотографии к своим статьям</span>
</td>
<td>
<input type="radio" checked="checked" value="1" name="img_users"> Да
<input type="radio" value="0" name="img_users"> Нет
</td>
</tr>
<tr>
<td><strong>Наносить водяной знак:</strong> <br>Если включено, то на все загружаемые
фотографии (на большую миниатюру) к статьям будет наносится изображение
из файла "<a target="_blank" href="/images/watermark.png">/images/watermark.png</a>"</td>
<td width="260">
<input type="radio" checked="checked" value="1" name="watermark"> Да
<input type="radio" value="0" name="watermark"> Нет
</td>
</tr>
-->
</table>
<div style="margin-top:20px"><strong><?php
echo $_LANG['AD_HOW_MANY_COLUMNS'];
?>
</strong></div>
<div>
<?php
if (!isset($mod['maxcols'])) {
$mod['maxcols'] = 1;
}
?>
<input class="uispin" name="maxcols" type="text" id="maxcols" style="width:99%" value="<?php
echo @$mod['maxcols'];
?>
" />
</div>
<div style="margin-top:20px"><strong><?php
echo $_LANG['AD_HOW_MANY_PERPAGE'];
?>
</strong></div>
<div>
<input id="perpage_item" class="uispin ui-spinner-input" name="perpage_item" type="text" value="<?php
echo $mod['perpage_item'];
?>
" size="20" aria-valuenow="12" autocomplete="off" role="spinbutton">
</div>
<div style="margin-top:20px"><strong><?php
echo $_LANG['AD_HOW_PUBLISH_SET'];
?>
</strong></div>
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist">
<tr>
<td width="20"><input type="checkbox" name="show_in_main" id="show_in_main" value="1" <?php
if ($mod['show_in_main'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="show_in_main"><?php
echo $_LANG['SHOW_IN_MAIN'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="showdesc" id="showdesc" value="1" <?php
if ($mod['showdesc'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="showdesc"><?php
echo $_LANG['AD_PREVIEW'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="showdate" id="showdate" value="1" <?php
if ($mod['showdate'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="showdate"><?php
echo $_LANG['AD_CALENDAR_VIEW'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="showcomm" id="showcomm" value="1" <?php
if ($mod['showcomm'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="showcomm"><?php
echo $_LANG['AD_HOW_MANY_COMENTS'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="showtags" id="showtags" value="1" <?php
if ($mod['showtags'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="showtags"><?php
echo $_LANG['AD_HOW_MANY_TAGS'];
?>
</label></td>
</tr>
<tr>
<td width="20"><input type="checkbox" name="showrss" id="showrss" value="1" <?php
if ($mod['showrss'] || $do == 'add') {
echo 'checked="checked"';
}
?>
/></td>
<td><label for="showrss"><?php
echo $_LANG['AD_RSS_VIEW'];
?>
</label></td>
</tr>
</table>
<?php
if ($do == 'add') {
?>
<div style="margin-top:25px">
<strong><?php
echo $_LANG['AD_CREATE_LINK'];
?>
</strong>
</div>
<div>
<select name="createmenu" id="createmenu" style="width:99%">
<option value="0" selected="selected"><?php
echo $_LANG['AD_DONT_CREATE'];
?>
</option>
<?php
foreach ($menu_list as $menu) {
?>
<option value="<?php
echo $menu['id'];
?>
">
<?php
echo $menu['title'];
?>
</option>
<?php
}
?>
</select>
</div>
<?php
}
?>
{tab=<?php
echo $_LANG['AD_EDITORS'];
?>
}
<div style="margin-top:10px">
<strong><?php
echo $_LANG['AD_USERS_ARTICLES'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_IF_SWITCH'];
?>
</span>
</div>
<div>
<select name="is_public" style="width:100%">
<option value="0" <?php
if (!$mod['is_public']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['NO'];
?>
</option>
<option value="1" <?php
if ($mod['is_public']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['YES'];
?>
</option>
</select>
</div>
<?php
if (IS_BILLING) {
?>
<div style="margin-top:15px">
<strong><?php
echo $_LANG['AD_COST_ARTICLES_ADD'];
?>
</strong><br/>
<div style="color:gray"><?php
echo $_LANG['AD_COST_ARTICLES_BY_DEFAULT'];
?>
</div>
</div>
<div>
<input type="text" name="cost" value="<?php
echo $mod['cost'];
?>
" style="width:50px"/><?php
echo $_LANG['BILLING_POINT10'];
?>
</div>
<?php
}
?>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['AD_EDITORS_SECTION'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_USERS_CAN_ADMIN'];
?>
</span>
</div>
<div>
<select name="modgrp_id" id="modgrp_id" style="width:100%">
<option value="0" <?php
if (!isset($mod['modgrp_id']) || @$mod['modgrp_id'] == 0) {
echo 'selected';
}
?>
><?php
echo $_LANG['AD_ONLY_ADMINS'];
?>
</option>
<?php
if (@$mod['modgrp_id']) {
echo $inCore->getListItems('cms_user_groups', $mod['modgrp_id'], 'id', 'ASC', 'is_admin = 0');
} else {
echo $inCore->getListItems('cms_user_groups', 0, 'id', 'ASC', 'is_admin = 0');
}
?>
</select>
</div>
{tab=<?php
echo $_LANG['AD_FOTO'];
?>
}
<div style="margin-top:10px">
<strong><?php
echo $_LANG['AD_PHOTOALBUM_CONNECT'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_PHOTO_BY_ARTICLES'];
?>
</span>
</div>
<div>
<select name="album_id" id="album_id" style="width:100%" onchange="choosePhotoAlbum()">
<option value="0" <?php
if (!isset($mod['photoalbum']['id']) || !@$mod['photoalbum']['id']) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_DONT_CONNECT'];
?>
</option>
<?php
//FIND ROOT
if (isset($mod['photoalbum']['id'])) {
echo $inCore->getListItemsNS('cms_photo_albums', $mod['photoalbum']['id']);
} else {
echo $inCore->getListItemsNS('cms_photo_albums');
}
?>
</select>
</div>
<div id="con_photoalbum" <?php
if (!isset($mod['photoalbum']['id']) || !$mod['photoalbum']['id']) {
echo 'style="display:none;"';
}
?>
>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['AD_TITLE'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_OVER_PHOTOS'];
?>
</span>
</div>
<div>
<input name="album_header" type="text" id="album_header" style="width:99%" value="<?php
echo @$mod['photoalbum']['header'];
?>
" />
</div>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['AD_PHOTOS_SORT'];
?>
</strong>
</div>
<div>
<select name="album_orderby" id="album_orderby" style="width:100%">
<option value="title" <?php
if (@$mod['photoalbum']['orderby'] == 'title') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_ALPHABET'];
?>
</option>
<option value="pubdate" <?php
if (@$mod['photoalbum']['orderby'] == 'pubdate') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_CALENDAR'];
?>
</option>
<option value="rating" <?php
if (@$mod['photoalbum']['orderby'] == 'rating') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_RATING'];
?>
</option>
<option value="hits" <?php
if (@$mod['photoalbum']['orderby'] == 'hits') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_VIEWS'];
?>
</option>
</select>
<select name="album_orderto" id="album_orderto" style="width:100%">
<option value="desc" <?php
if (@$mod['photoalbum']['orderto'] == 'desc') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_DECREMENT'];
?>
</option>
<option value="asc" <?php
if (@$mod['photoalbum']['orderto'] == 'asc') {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_BY_INCREMENT'];
?>
</option>
</select>
</div>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['AD_HOW_MANY_COLUMNS'];
?>
</strong>
</div>
<div>
<?php
if (!isset($mod['photoalbum']['maxcols'])) {
$mod['photoalbum']['maxcols'] = 2;
}
?>
<input name="album_maxcols" type="text" id="album_maxcols" style="width:99%" value="<?php
echo @$mod['photoalbum']['maxcols'];
?>
"/>
</div>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['AD_HOW_MANY_PHOTO'];
?>
</strong>
</div>
<div>
<?php
if (!isset($mod['photoalbum']['max'])) {
$mod['photoalbum']['max'] = 8;
}
?>
<input name="album_max" type="text" id="album_max" style="width:99%" value="<?php
echo @$mod['photoalbum']['max'];
?>
"/>
</div>
</div>
{tab=SEO}
<div style="margin-top:5px">
<strong><?php
echo $_LANG['AD_PAGE_TITLE'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_IF_UNKNOWN_PAGETITLE'];
?>
</span>
</div>
<div>
<input name="pagetitle" type="text" id="pagetitle" style="width:99%" value="<?php
if (isset($mod['pagetitle'])) {
echo htmlspecialchars($mod['pagetitle']);
}
?>
" />
</div>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['KEYWORDS'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_FROM_COMMA'];
?>
</span>
</div>
<div>
<textarea name="meta_keys" style="width:97%" rows="4" id="meta_keys"><?php
echo htmlspecialchars($mod['meta_keys']);
?>
</textarea>
</div>
<div style="margin-top:20px">
<strong><?php
echo $_LANG['DESCRIPTION'];
?>
</strong><br/>
<span class="hinttext"><?php
echo $_LANG['AD_LESS_THAN'];
?>
</span>
</div>
<div>
<textarea name="meta_desc" style="width:97%" rows="6" id="meta_desc"><?php
echo htmlspecialchars($mod['meta_desc']);
?>
</textarea>
</div>
{tab=<?php
echo $_LANG['AD_TAB_ACCESS'];
?>
}
<table width="100%" cellpadding="0" cellspacing="0" border="0" class="checklist" style="margin-top:5px">
<tr>
<td width="20">
<?php
$sql = "SELECT * FROM cms_user_groups";
$result = $inDB->query($sql);
$style = 'disabled="disabled"';
$public = 'checked="checked"';
if ($do == 'edit') {
$sql2 = "SELECT * FROM cms_content_access WHERE content_id = " . $mod['id'] . " AND content_type = 'category'";
$result2 = $inDB->query($sql2);
$ord = array();
if ($inDB->num_rows($result2)) {
$public = '';
$style = '';
while ($r = $inDB->fetch_assoc($result2)) {
$ord[] = $r['group_id'];
}
}
}
?>
<input name="is_access" type="checkbox" id="is_public" onclick="checkGroupList()" value="1" <?php
echo $public;
?>
/>
</td>
<td><label for="is_public"><strong><?php
echo $_LANG['AD_SHARE'];
?>
</strong></label></td>
</tr>
</table>
<div style="padding:5px">
<span class="hinttext">
<?php
echo $_LANG['AD_IF_NOTED'];
?>
</span>
</div>
<div style="margin-top:10px;padding:5px;padding-right:0px;" id="grp">
<div>
<strong><?php
echo $_LANG['AD_GROUPS_VIEW'];
?>
</strong><br />
<span class="hinttext">
<?php
echo $_LANG['AD_SELECT_MULTIPLE_CTRL'];
?>
</span>
</div>
<div>
<?php
echo '<select style="width: 99%" name="showfor[]" id="showin" size="6" multiple="multiple" ' . $style . '>';
if ($inDB->num_rows($result)) {
while ($item = $inDB->fetch_assoc($result)) {
echo '<option value="' . $item['id'] . '"';
if ($do == 'edit') {
if (inArray($ord, $item['id'])) {
echo 'selected="selected"';
}
}
echo '>';
echo $item['title'] . '</option>';
}
}
echo '</select>';
?>
</div>
</div>
{/tabs}
<?php
echo jwTabs(ob_get_clean());
?>
</td>
</tr>
</table>
<p>
<input name="add_mod" type="submit" id="add_mod" <?php
if ($do == 'add') {
echo 'value="' . $_LANG['AD_SAVE_SECTION'] . '"';
} else {
echo 'value="' . $_LANG['AD_SAVE_SECTION'] . '"';
}
?>
/>
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.history.back();"/>
<input name="do" type="hidden" id="do" <?php
if ($do == 'add') {
echo 'value="submit"';
} else {
echo 'value="update"';
}
?>
/>
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="' . $mod['id'] . '" />';
}
?>
</p>
</form>
<script type="text/javascript">
function choosePhotoAlbum(){
id = $('select[name=album_id]').val();
if(id != 0){
$('#con_photoalbum').fadeIn();
} else {
$('#con_photoalbum').hide();
}
}
</script>
<?php
}
}
