function photos()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
cmsCore::loadClass('photo');
$inPhoto = cmsPhoto::getInstance();
global $_LANG;
$model = new cms_model_photos();
$pagetitle = $inCore->menuTitle();
$root_album_id = $inDB->getNsRootCatId('cms_photo_albums');
$id = cmsCore::request('id', 'int', $root_album_id);
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$inPage->addPathway($inCore->getComponentTitle(), '/photos');
// только авторизованные пользуются js
if ($inUser->id) {
$inPage->addHeadJS('components/photos/js/photos.js');
$inPage->addHeadJsLang(array('NO_PUBLISH', 'EDIT_PHOTO', 'YOU_REALLY_DELETE_PHOTO', 'MOVE_PHOTO'));
}
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
/////////////////////////////// Просмотр альбома ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'view') {
$album = $inDB->getNsCategory('cms_photo_albums', $id, null);
if (!$album && $inCore->menuId() !== 1) {
cmsCore::error404();
}
// Неопубликованные альбомы показываем только админам
if (!$album['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $album);
// если не корневой альбом
if ($album['id'] != $root_album_id) {
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $album['NSLeft'], $album['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $album['title'] . ' - ' . $_LANG['PHOTOGALLERY'];
$inPage->setTitle($album['pagetitle'] ? $album['pagetitle'] : $pagetitle);
} else {
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['PHOTOGALLERY'];
$inPage->setTitle($pagetitle);
$album['title'] = $pagetitle;
}
//Формируем подкатегории альбома
$inDB->orderBy('f.' . $model->config['orderby'], $model->config['orderto']);
$subcats = $inPhoto->getAlbums($album['id']);
// Сортировка фотографий
$orderby = cmsCore::getSearchVar('orderby', $album['orderby']);
$orderto = cmsCore::getSearchVar('orderto', $album['orderto']);
if (!in_array($orderby, array('title', 'pubdate', 'rating', 'hits'))) {
$orderby = $album['orderby'];
}
if (!in_array($orderto, array('desc', 'asc'))) {
$orderto = $album['orderto'];
}
// Устанавливаем альбом
$inPhoto->whereAlbumIs($album['id']);
// Общее количество фото по заданным выше условиям
$total = $inPhoto->getPhotosCount($inUser->is_admin);
//устанавливаем сортировку
$inDB->orderBy('f.' . $orderby, $orderto);
//устанавливаем номер текущей страницы и кол-во фото на странице
$inDB->limitPage($page, $album['perpage']);
$photos = $inPhoto->getPhotos($inUser->is_admin, $album['showdate']);
if (!$photos && $page > 1) {
cmsCore::error404();
}
if ($album['id'] != $root_album_id) {
// meta description
if ($album['meta_desc']) {
$meta_desc = $album['meta_desc'];
} elseif (mb_strlen(strip_tags($album['description'])) >= 250) {
$meta_desc = crop($album['description']);
} else {
$meta_desc = $album['title'];
}
$inPage->setDescription($meta_desc);
// meta keywords
if ($album['meta_keys']) {
$meta_keys = $album['meta_keys'];
} elseif ($photos) {
foreach ($photos as $p) {
$k[] = $p['title'];
}
$meta_keys = implode(', ', $k);
} else {
$meta_keys = $album['title'];
}
$inPage->setKeywords($meta_keys);
}
cmsPage::initTemplate('components', 'com_photos_view')->assign('root_album_id', $root_album_id)->assign('cfg', $model->config)->assign('album', $album)->assign('can_add_photo', $album['public'] && $inUser->id || $inUser->is_admin)->assign('subcats', $subcats)->assign('photos', $photos)->assign('pagebar', cmsPage::getPagebar($total, $page, $album['perpage'], '/photos/' . $album['id'] . '-%page%'))->assign('total', $total)->assign('orderby', $orderby)->assign('orderto', $orderto)->display('com_photos_view.tpl');
// если есть фотограйии в альбоме и включены комментарии в альбоме, то показываем их
if ($album['is_comments'] && $photos && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('palbum', $album['id']);
}
}
/////////////////////////////// VIEW PHOTO ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'viewphoto') {
// получаем фото
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::error404();
}
// Если фото клуба редиректим на новый алрес
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::redirect('/clubs/photo' . $photo['id'] . '.html', '301');
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
// неопубликованное фото видно админам и автору
if (!$photo['published'] && !$inUser->is_admin && !$is_author) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $photo['NSLeft'], $photo['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
$inPage->addPathway($photo['title']);
$inPage->setTitle($photo['pagetitle'] ? $photo['pagetitle'] : $photo['title']);
$inPage->setKeywords($photo['meta_keys'] ? $photo['meta_keys'] : $photo['title']);
if (!$photo['meta_desc']) {
if ($photo['description']) {
$inPage->setDescription(crop($photo['description']));
} else {
$inPage->setDescription($photo['title']);
}
} else {
$inPage->setDescription($photo['meta_desc']);
}
// Обновляем количество просмотров фотографии
if (!$is_author) {
$inDB->setFlag('cms_photo_files', $photo['id'], 'hits', $photo['hits'] + 1);
}
//навигация
if ($photo['album_nav']) {
$nextid = $inDB->get_fields('cms_photo_files', 'id<' . $photo['id'] . ' AND album_id = ' . $photo['album_id'] . ' AND published=1', 'id, file', 'id DESC');
$previd = $inDB->get_fields('cms_photo_files', 'id>' . $photo['id'] . ' AND album_id = ' . $photo['album_id'] . ' AND published=1', 'id, file', 'id ASC');
} else {
$previd = false;
$nextid = false;
}
$photo['karma_buttons'] = cmsKarmaButtons('photo', $photo['id'], $photo['rating'], $is_author);
$photo['genderlink'] = cmsUser::getGenderLink($photo['user_id'], $photo['nickname'], $photo['gender'], $photo['login']);
cmsPage::initTemplate('components', 'com_photos_view_photo')->assign('photo', $photo)->assign('bbcode', '[IMG]' . HOST . '/images/photos/medium/' . $photo['file'] . '[/IMG]')->assign('previd', $previd)->assign('nextid', $nextid)->assign('cfg', $model->config)->assign('is_author', $is_author)->assign('is_admin', $inUser->is_admin)->assign('tagbar', $photo['a_tags'] ? cmsTagBar('photo', $photo['id']) : '')->display('com_photos_view_photo.tpl');
//выводим комментарии, если они разрешены и фото опубликовано
if ($photo['comments'] && $inCore->isComponentInstalled('comments')) {
cmsCore::includeComments();
comments('photo', $photo['id'], array(), $is_author);
}
}
/////////////////////////////// PHOTO UPLOAD ////////////////////////////////////////////////////////////////////////////////
if ($do == 'addphoto') {
// Неавторизованных просим авторизоваться
if (!$inUser->id) {
cmsUser::goToLogin();
}
$do_photo = cmsCore::request('do_photo', 'str', 'addphoto');
// получаем альбом
$album = $inDB->getNsCategory('cms_photo_albums', $id);
if (!$album) {
cmsCore::error404();
}
if (!$album['published'] && !$inUser->is_admin) {
cmsCore::error404();
}
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $album);
// права доступа
// загружаем только в разрешенные альбомы
if (!$album['public'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Смотрим ограничения загрузки в сутки
$today_uploaded = $album['uplimit'] ? $model->loadedByUser24h($inUser->id, $album['id']) : 0;
if (!$inUser->is_admin && $album['uplimit'] && $today_uploaded >= $album['uplimit']) {
cmsCore::addSessionMessage('<strong>' . $_LANG['MAX_UPLOAD_IN_DAY'] . '</strong> ' . $_LANG['CAN_UPLOAD_TOMORROW'], 'error');
cmsCore::redirectBack();
}
// глубиномер
$path_list = $inDB->getNsCategoryPath('cms_photo_albums', $album['NSLeft'], $album['NSRight'], 'id, title, NSLevel');
if ($path_list) {
foreach ($path_list as $pcat) {
$inPage->addPathway($pcat['title'], '/photos/' . $pcat['id']);
}
}
include 'components/photos/add_photo.php';
}
/////////////////////////////// PHOTO EDIT ///////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'editphoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
// получаем фото
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
if (!$inUser->is_admin && !$is_author) {
cmsCore::halt();
}
if (cmsCore::inRequest('edit_photo')) {
$mod['title'] = cmsCore::request('title', 'str', '');
$mod['title'] = $mod['title'] ? $mod['title'] : $photo['title'];
$mod['description'] = cmsCore::request('description', 'str', '');
$mod['tags'] = cmsCore::request('tags', 'str', '');
$mod['comments'] = $inUser->is_admin ? cmsCore::request('comments', 'int') : $photo['comments'];
if ($model->config['seo_user_access'] || $inUser->is_admin) {
$mod['pagetitle'] = cmsCore::request('pagetitle', 'str', '');
$mod['meta_keys'] = cmsCore::request('meta_keys', 'str', '');
$mod['meta_desc'] = cmsCore::request('meta_desc', 'str', '');
}
$file = $model->initUploadClass($inDB->getNsCategory('cms_photo_albums', $photo['album_id']))->uploadPhoto($photo['file']);
$mod['file'] = $file['filename'] ? $file['filename'] : $photo['file'];
$inPhoto->updatePhoto($mod, $photo['id']);
$description = '<a href="/photos/photo' . $photo['id'] . '.html" class="act_photo"><img src="/images/photos/small/' . $mod['file'] . '" alt="' . htmlspecialchars(stripslashes($mod['title'])) . '" /></a>';
cmsActions::updateLog('add_photo', array('object' => $mod['title'], 'description' => $description), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_SAVED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/photo' . $photo['id'] . '.html'));
} else {
$photo['tags'] = cmsTagLine('photo', $photo['id'], false);
cmsPage::initTemplate('components', 'com_photos_edit')->assign('photo', $photo)->assign('form_action', '/photos/editphoto' . $photo['id'] . '.html')->assign('no_tags', false)->assign('is_admin', $inUser->is_admin)->assign('cfg', $model->config)->display('com_photos_edit.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
}
/////////////////////////////// PHOTO MOVE /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'movephoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
if (!$inUser->is_admin) {
cmsCore::halt();
}
if (!cmsCore::inRequest('move_photo')) {
cmsPage::initTemplate('components', 'com_photos_move')->assign('form_action', '/photos/movephoto' . $photo['id'] . '.html')->assign('html', $inPhoto->getAlbumsOption('', $photo['album_id']))->display('com_photos_move.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int')));
if (!$album) {
cmsCore::halt();
}
if (!$album['public'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Смотрим ограничения загрузки в сутки
$today_uploaded = $album['uplimit'] ? $model->loadedByUser24h($inUser->id, $album['id']) : 0;
if (!$inUser->is_admin && $album['uplimit'] && $today_uploaded >= $album['uplimit']) {
cmsCore::jsonOutput(array('error' => true, 'text' => '<strong>' . $_LANG['MAX_UPLOAD_IN_DAY'] . '</strong> ' . $_LANG['CAN_UPLOAD_TOMORROW']));
}
$inDB->query("UPDATE cms_photo_files SET album_id = '{$album['id']}' WHERE id = '{$photo['id']}'");
cmsActions::updateLog('add_photo', array('target' => $album['title'], 'target_url' => '/photos/' . $album['id'], 'target_id' => $album['id']), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_MOVED'], 'info');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $album['id']));
}
}
/////////////////////////////// PHOTO DELETE /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'delphoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
if (!$inUser->is_admin && !$is_author) {
cmsCore::halt();
}
$inPhoto->deletePhoto($photo, $model->initUploadClass($inDB->getNsCategory('cms_photo_albums', $photo['album_id'])));
cmsCore::addSessionMessage($_LANG['PHOTO_DELETED'], 'success');
cmsUser::clearCsrfToken();
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $photo['album_id']));
}
/////////////////////////////// PHOTO PUBLISH /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'publish_photo') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (!$inUser->is_admin) {
cmsCore::halt();
}
$inPhoto->publishPhoto($photo['id']);
cmsCore::callEvent('ADD_PHOTO_DONE', $photo);
$description = '<a href="/photos/photo' . $photo['id'] . '.html" class="act_photo"><img src="/images/photos/small/' . $photo['file'] . '" alt="' . htmlspecialchars(stripslashes($photo['title'])) . '" /></a>';
cmsActions::log('add_photo', array('object' => $photo['title'], 'object_url' => '/photos/photo' . $photo['id'] . '.html', 'object_id' => $photo['id'], 'user_id' => $photo['user_id'], 'target' => $photo['cat_title'], 'target_id' => $photo['album_id'], 'target_url' => '/photos/' . $photo['album_id'], 'description' => $description));
cmsCore::halt('ok');
}
/////////////////////////////// VIEW LATEST/BEST PHOTOS //////////////////////////////////////////////////////////////////////////////
if (in_array($do, array('latest', 'best'))) {
if ($do == 'latest') {
$inDB->orderBy('f.pubdate', 'DESC');
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['NEW_PHOTO_IN_GALLERY'];
} else {
$inDB->orderBy('f.rating', 'DESC');
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['BEST_PHOTOS'];
}
$inDB->limit($model->config['best_latest_perpage']);
// выбираем категории фото
$inDB->addJoin("INNER JOIN cms_photo_albums a ON a.id = f.album_id AND a.published = 1 AND a.NSDiffer = ''");
$inDB->addSelect('a.title as cat_title');
$photos = $inPhoto->getPhotos(false, 'with_comments');
if (!$photos) {
cmsCore::error404();
}
$inPage->addPathway($pagetitle);
$inPage->setTitle($pagetitle);
cmsPage::initTemplate('components', 'com_photos_bl')->assign('maxcols', $model->config['best_latest_maxcols'])->assign('pagetitle', $pagetitle)->assign('photos', $photos)->display('com_photos_bl.tpl');
}
/////////////////////////////// /////////////////////////////// ////////////////
}
function applet_plugins()
{
global $_LANG;
$inCore = cmsCore::getInstance();
$GLOBALS['cp_page_title'] = $_LANG['AD_PLUGINS'];
cpAddPathway($_LANG['AD_PLUGINS'], 'index.php?view=plugins');
global $adminAccess;
if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) {
cpAccessDenied();
}
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
// ===================================================================================== //
if ($do == 'hide') {
dbHide('cms_plugins', $id);
echo '1';
exit;
}
// ===================================================================================== //
if ($do == 'show') {
dbShow('cms_plugins', $id);
echo '1';
exit;
}
// ===================================================================================== //
if ($do == 'list') {
$toolmenu = array();
$toolmenu[1]['icon'] = 'install.gif';
$toolmenu[1]['title'] = $_LANG['AD_INSTALL_PLUGINS'];
$toolmenu[1]['link'] = '?view=install&do=plugin';
cpToolMenu($toolmenu);
$plugin_id = cmsCore::request('installed', 'str', '');
if ($plugin_id) {
$task = cmsCore::request('task', 'str', 'install');
if ($task == 'install' || $task == 'upgrade') {
$plugin = $inCore->loadPlugin($plugin_id);
$task_str = $task == 'install' ? $_LANG['AD_IS_INSTALL'] : $_LANG['AD_IS_UPDATE'];
echo '<div style="color:green;margin-top:12px;margin-bottom:5px;">' . $_LANG['AD_PLUGIN'] . ' <strong>"' . $plugin->info['title'] . '"</strong> ' . $task_str . '. ' . $_LANG['AD_ENABLE_PLUGIN'] . '.</div>';
}
if ($task == 'remove') {
echo '<div style="color:green;margin-top:12px;margin-bottom:5px;">' . $_LANG['AD_REMOVE_PLUGIN_OK'] . '.</div>';
}
}
$fields = array();
$fields[0]['title'] = 'id';
$fields[0]['field'] = 'id';
$fields[0]['width'] = '20';
$fields[1]['title'] = $_LANG['TITLE'];
$fields[1]['field'] = 'title';
$fields[1]['width'] = '250';
$fields[2]['title'] = $_LANG['DESCRIPTION'];
$fields[2]['field'] = 'description';
$fields[2]['width'] = '';
$fields[3]['title'] = $_LANG['AD_AUTHOR'];
$fields[3]['field'] = 'author';
$fields[3]['width'] = '160';
$fields[4]['title'] = $_LANG['AD_VERSION'];
$fields[4]['field'] = 'version';
$fields[4]['width'] = '50';
$fields[5]['title'] = $_LANG['AD_FOLDER'];
$fields[5]['field'] = 'plugin';
$fields[5]['width'] = '100';
$fields[6]['title'] = $_LANG['AD_ENABLE'];
$fields[6]['field'] = 'published';
$fields[6]['width'] = '60';
$actions = array();
$actions[0]['title'] = $_LANG['AD_CONFIG'];
$actions[0]['icon'] = 'config.gif';
$actions[0]['link'] = '?view=plugins&do=config&id=%id%';
$actions[1]['title'] = $_LANG['DELETE'];
$actions[1]['icon'] = 'delete.gif';
$actions[1]['confirm'] = $_LANG['AD_REMOVE_PLUGIN_FROM'];
$actions[1]['link'] = '?view=install&do=remove_plugin&id=%id%';
cpListTable('cms_plugins', $fields, $actions);
}
// ===================================================================================== //
if ($do == 'save_config') {
if (!cmsCore::validateForm()) {
cmsCore::error404();
}
$plugin_name = cmsCore::request('plugin', 'str', 0);
$config = cmsCore::request('config', 'array_str');
if (!$config || !$plugin_name) {
cmsCore::redirectBack();
}
$inCore->savePluginConfig($plugin_name, $config);
cmsUser::clearCsrfToken();
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
cmsCore::redirect('index.php?view=plugins');
}
// ===================================================================================== //
if ($do == 'config') {
$plugin_name = $inCore->getPluginById($id);
if (!$plugin_name) {
cmsCore::error404();
}
$plugin = $inCore->loadPlugin($plugin_name);
$config = $inCore->loadPluginConfig($plugin_name);
$GLOBALS['cp_page_title'] = $plugin->info['title'];
cpAddPathway($plugin->info['title'], 'index.php?view=plugins&do=config&id=' . $id);
echo '<h3>' . $plugin->info['title'] . '</h3>';
if (!$config) {
echo '<p>' . $_LANG['AD_PLUGIN_DISABLE'] . '.</p>';
echo '<p><a href="javascript:window.history.go(-1);">' . $_LANG['BACK'] . '</a></p>';
return;
}
echo '<form action="index.php?view=plugins&do=save_config&plugin=' . $plugin_name . '" method="POST">';
echo '<input type="hidden" name="csrf_token" value="' . cmsUser::getCsrfToken() . '" />';
echo '<table class="proptable" width="605" cellpadding="8" cellspacing="0" border="0">';
foreach ($config as $field => $value) {
echo '<tr>';
echo '<td width="150"><strong>' . (isset($_LANG[mb_strtoupper($field)]) ? $_LANG[mb_strtoupper($field)] : $field) . ':</strong></td>';
echo '<td><input type="text" style="width:90%" name="config[' . $field . ']" value="' . htmlspecialchars($value) . '" /></td>';
echo '</tr>';
}
echo '</table>';
echo '<div style="margin-top:6px;">';
echo '<input type="submit" name="save" value="' . $_LANG['SAVE'] . '" /> ';
echo '<input type="button" name="back" value="' . $_LANG['CANCEL'] . '" onclick="window.history.go(-1)" />';
echo '</div>';
echo '</form>';
}
// ===================================================================================== //
}
function blog()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
cmsCore::loadClass('blog');
$inBlog = cmsBlogs::getInstance();
$inBlog->owner = 'site';
global $_LANG;
cmsCore::loadModel('blog');
$model = new cms_model_blog();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
cmsCore::loadClass('billing');
}
// Проверяем включени ли компонент
if (!$model->config['component_enabled']) {
cmsCore::error404();
}
//Получаем параметры
$id = cmsCore::request('id', 'int', 0);
$post_id = cmsCore::request('post_id', 'int', 0);
$seolink = cmsCore::request('seolink', 'str', '');
$do = cmsCore::request('do', 'str', 'blog');
$page = cmsCore::request('page', 'int', 1);
$cat_id = cmsCore::request('cat_id', 'int', 0);
$ownertype = cmsCore::request('ownertype', 'str', '');
$on_moderate = cmsCore::request('on_moderate', 'int', 0);
$pagetitle = $inCore->menuTitle();
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['RSS_BLOGS'];
$inPage->addPathway($pagetitle, '/blog');
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
$blog_id = 25;
////////// НАСТРОЙКИ БЛОГА ////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'config') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
// получаем блог
$blog = $inBlog->getBlog($id);
if (!$blog) {
cmsCore::error404();
}
//Проверяем является пользователь хозяином блога или админом
if ($blog['user_id'] != $inUser->id && !$inUser->is_admin) {
cmsCore::halt();
}
//Если нет запроса на сохранение, показываем форму настроек блога
if (!cmsCore::inRequest('goadd')) {
//Получаем список авторов блога
$authors = $inBlog->getBlogAuthors($blog['id']);
$smarty = $inCore->initSmarty('components', 'com_blog_config.tpl');
$smarty->assign('blog', $blog);
$smarty->assign('form_action', '/blog/' . $blog['id'] . '/editblog.html');
$smarty->assign('authors_list', cmsUser::getAuthorsList($authors));
$smarty->assign('users_list', cmsUser::getUsersList(false, $authors));
$smarty->assign('is_restrictions', !$inUser->is_admin && $model->config['min_karma']);
$smarty->assign('cfg', $model->config);
$smarty->display('com_blog_config.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
//Если пришел запрос на сохранение
if (cmsCore::inRequest('goadd')) {
if (!cmsCore::validateForm()) {
cmsCore::halt();
}
//Получаем настройки
$title = cmsCore::request('title', 'str');
$allow_who = cmsCore::request('allow_who', 'str', 'all');
$ownertype = cmsCore::request('ownertype', 'str', 'single');
$premod = cmsCore::request('premod', 'int', 0);
$forall = cmsCore::request('forall', 'int', 1);
$showcats = cmsCore::request('showcats', 'int', 1);
$authors = cmsCore::request('authorslist', 'array_int', array());
//Проверяем настройки
if (mb_strlen($title) < 5) {
$title = $blog['title'];
}
//Проверяем ограничения по карме (для смены типа блога)
if ($model->config['min_karma'] && !$inUser->is_admin) {
// если персональный блог
if ($ownertype == 'single' && $inUser->karma < $model->config['min_karma_private']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['BLOG_YOU_NEED'] . ' <a href="/users/' . $inUser->id . '/karma.html">' . $_LANG['BLOG_KARMS'] . '</a> ' . $_LANG['FOR_CREATE_PERSON_BLOG'] . ' — ' . $model->config['min_karma_private'] . ', ' . $_LANG['BLOG_HEAVING'] . ' — ' . $inUser->karma));
}
// если коллективный блог
if ($ownertype == 'multi' && $inUser->karma < $model->config['min_karma_public']) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['BLOG_YOU_NEED'] . ' <a href="/users/' . $inUser->id . '/karma.html">' . $_LANG['BLOG_KARMS'] . '</a> ' . $_LANG['FOR_CREATE_TEAM_BLOG'] . ' — ' . $model->config['min_karma_public'] . ', ' . $_LANG['BLOG_HEAVING'] . ' — ' . $inUser->karma));
}
}
//сохраняем авторов
$inBlog->updateBlogAuthors($blog['id'], $authors);
//сохраняем настройки блога
$blog['seolink_new'] = $inBlog->updateBlog($blog['id'], array('title' => $title, 'allow_who' => $allow_who, 'showcats' => $showcats, 'ownertype' => $ownertype, 'premod' => $premod, 'forall' => $forall), $model->config['update_seo_link_blog']);
$blog['seolink'] = $blog['seolink_new'] ? $blog['seolink_new'] : $blog['seolink'];
if (stripslashes($title) != $blog['title']) {
// обновляем записи постов
cmsActions::updateLog('add_post', array('target' => $title, 'target_url' => $model->getBlogURL()), 0, $blog['id']);
// обновляем запись добавления блога
cmsActions::updateLog('add_blog', array('object' => $title, 'object_url' => $model->getBlogURL()), $blog['id']);
}
// Очищаем токен
cmsUser::clearCsrfToken();
cmsCore::jsonOutput(array('error' => false, 'redirect' => $model->getBlogURL()));
}
}
////////// ПРОСМОТР БЛОГА ////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'blog') {
// получаем блог
$blog = $inBlog->getBlog($blog_id);
if (!$blog) {
cmsCore::error404();
}
// Права доступа
$myblog = $inUser->id && $inUser->id == $blog['user_id'];
// автор блога
$is_writer = $inBlog->isUserBlogWriter($blog, $inUser->id);
// может ли пользователь писать в блог
// Заполняем head страницы
$inPage->setTitle($blog['title']);
//$inPage->addPathway($blog['title'], $model->getBlogURL($blog['seolink']));
$inPage->setDescription($blog['title']);
// rss в адресной строке
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars(strip_tags($blog['title'])) . '" href="' . HOST . '/rss/blogs/' . $blog['id'] . '/feed.rss">');
if ($myblog || $inUser->is_admin) {
$inPage->addHeadJS('components/blog/js/blog.js');
}
//Если доступа нет, возвращаемся и выводим сообщение об ошибке
if (!cmsUser::checkUserContentAccess($blog['allow_who'], $blog['user_id'])) {
cmsCore::addSessionMessage($_LANG['CLOSED_BLOG'] . '<br>' . $_LANG['CLOSED_BLOG_TEXT'], 'error');
cmsCore::redirect('/');
}
// Если показываем посты на модерации, если запрашиваем их
if ($on_moderate) {
if (!$inUser->is_admin && !($myblog && $blog['ownertype'] == 'multi' && $blog['premod'])) {
cmsCore::error404();
}
$inBlog->whereNotPublished();
$inPage->setTitle($_LANG['POSTS_ON_MODERATE']);
$inPage->addPathway($_LANG['POSTS_ON_MODERATE']);
$blog['title'] .= ' - ' . $_LANG['POSTS_ON_MODERATE'];
}
//Получаем html-код ссылки на автора с иконкой его пола
$blog['author'] = cmsUser::getGenderLink($blog['user_id']);
// посты данного блога
$inBlog->whereBlogIs($blog['id']);
// кроме админов автора в списке только с доступом для всех
if (!$inUser->is_admin && !$myblog) {
$inBlog->whereOnlyPublic();
}
// если пришла категория
if ($cat_id) {
$all_total = $inBlog->getPostsCount($inUser->is_admin || $myblog);
$inBlog->whereCatIs($cat_id);
}
// всего постов
$total = $inBlog->getPostsCount($inUser->is_admin || $myblog);
//устанавливаем сортировку
$inDB->orderBy('p.pubdate', 'DESC');
$inDB->limitPage($page, $model->config['perpage']);
// сами посты
$posts = $inBlog->getPosts($inUser->is_admin || $myblog, $model);
if (!$posts && $page > 1) {
cmsCore::error404();
}
//Если нужно, получаем список рубрик (категорий) этого блога
$blogcats = $blog['showcats'] ? $inBlog->getBlogCats($blog['id']) : false;
//Считаем количество постов, ожидающих модерации
$on_moderate = ($inUser->is_admin || $myblog) && !$on_moderate ? $inBlog->getModerationCount($blog['id']) : false;
// админлинки
$blog['moderate_link'] = $model->getBlogURL() . '/moderate.html';
$blog['blog_link'] = $model->getBlogURL();
$blog['add_post_link'] = '/blog/newpost' . ($cat_id ? $cat_id : '') . '.html';
//Генерируем панель со страницами
if ($cat_id) {
$pagination = cmsPage::getPagebar($total, $page, $model->config['perpage'], $blog['blog_link'] . '/page-%page%/cat-' . $cat_id);
} else {
$pagination = cmsPage::getPagebar($total, $page, $model->config['perpage'], $blog['blog_link'] . '/page-%page%');
}
$smarty = $inCore->initSmarty('components', 'com_blog_view.tpl');
$smarty->assign('myblog', $myblog);
$smarty->assign('is_config', true);
$smarty->assign('is_admin', $inUser->is_admin);
$smarty->assign('is_writer', $is_writer);
$smarty->assign('on_moderate', $on_moderate);
$smarty->assign('cat_id', $cat_id);
$smarty->assign('blogcats', $blogcats);
$smarty->assign('total', $total);
$smarty->assign('all_total', isset($all_total) ? $all_total : 0);
$smarty->assign('blog', $blog);
$smarty->assign('posts', $posts);
$smarty->assign('pagination', $pagination);
$smarty->display('com_blog_view.tpl');
}
////////// НОВЫЙ ПОСТ / РЕДАКТИРОВАНИЕ ПОСТА //////////////////////////////////////////////////////////////////
if ($do == 'newpost' || $do == 'editpost') {
// для редактирования сначала получаем пост
if ($do == 'editpost') {
$post = $inBlog->getPost($post_id);
if (!$post) {
cmsCore::error404();
}
$id = $post['blog_id'];
$post['tags'] = cmsTagLine('blogpost', $post['id'], false);
}
// получаем блог
$blog = $inBlog->getBlog($blog_id);
if (!$blog) {
cmsCore::error404();
}
//Если доступа нет, возвращаемся и выводим сообщение об ошибке
if (!cmsUser::checkUserContentAccess($blog['allow_who'], $blog['user_id'])) {
cmsCore::addSessionMessage($_LANG['CLOSED_BLOG'] . '<br>' . $_LANG['CLOSED_BLOG_TEXT'], 'error');
cmsCore::redirect('/blog');
}
// Права доступа
$myblog = $inUser->id && $inUser->id == $blog['user_id'];
// автор блога
$is_writer = $inBlog->isUserBlogWriter($blog, $inUser->id);
// может ли пользователь писать в блог
// если не его блог, пользователь не писатель и не админ, вне зависимости от авторства показываем 404
if (!$myblog && !$is_writer && !$inUser->is_admin) {
cmsCore::error404();
}
// проверяем является ли пользователь автором, если редактируем пост
if ($do == 'editpost' && !$inUser->is_admin && $post['user_id'] != $inUser->id) {
cmsCore::error404();
}
//Если еще не было запроса на сохранение
if (!cmsCore::inRequest('goadd')) {
$inPage->addPathway($blog['title'], $model->getBlogURL());
//для нового поста
if ($do == 'newpost') {
if (IS_BILLING) {
cmsBilling::checkBalance('blogs', 'add_post');
}
$inPage->addPathway($_LANG['NEW_POST']);
$inPage->setTitle($_LANG['NEW_POST']);
$post = cmsUser::sessionGet('mod');
if ($post) {
cmsUser::sessionDel('mod');
} else {
$post['cat_id'] = $cat_id;
$post['comments'] = 1;
}
}
//для редактирования поста
if ($do == 'editpost') {
$inPage->addPathway($post['title'], $model->getPostURL('', $post['seolink']));
$inPage->addPathway($_LANG['EDIT_POST']);
$inPage->setTitle($_LANG['EDIT_POST']);
}
$inPage->initAutocomplete();
$autocomplete_js = $inPage->getAutocompleteJS('tagsearch', 'tags');
//получаем рубрики блога
$cat_list = cmsCore::getListItems('cms_blog_cats', $post['cat_id'], 'id', 'ASC', "blog_id = '{$blog['id']}'");
//получаем код панелей bbcode и смайлов
$bb_toolbar = cmsPage::getBBCodeToolbar('message', $model->config['img_on'], 'blogs', 'post', $post_id);
$smilies = cmsPage::getSmilesPanel('message');
$inCore->initAutoGrowText('#message');
//показываем форму
$smarty = $inCore->initSmarty('components', 'com_blog_edit_post.tpl');
$smarty->assign('blog', $blog);
$smarty->assign('pagetitle', $do == 'editpost' ? $_LANG['EDIT_POST'] : $_LANG['NEW_POST']);
$smarty->assign('mod', $post);
$smarty->assign('cat_list', $cat_list);
$smarty->assign('bb_toolbar', $bb_toolbar);
$smarty->assign('smilies', $smilies);
$smarty->assign('is_admin', $inUser->is_admin);
$smarty->assign('myblog', $myblog);
$smarty->assign('user_can_iscomments', cmsUser::isUserCan('comments/iscomments'));
$smarty->assign('autocomplete_js', $autocomplete_js);
$smarty->display('com_blog_edit_post.tpl');
}
//Если есть запрос на сохранение
if (cmsCore::inRequest('goadd')) {
$error = false;
//Получаем параметры
$mod['title'] = cmsCore::request('title', 'str');
$mod['content'] = cmsCore::request('content', 'html');
$mod['feel'] = cmsCore::request('feel', 'str', '');
$mod['music'] = cmsCore::request('music', 'str', '');
$mod['cat_id'] = cmsCore::request('cat_id', 'int');
$mod['allow_who'] = cmsCore::request('allow_who', 'str', $blog['allow_who']);
$mod['tags'] = cmsCore::request('tags', 'str', '');
$mod['comments'] = cmsCore::request('comments', 'int', 1);
$mod['published'] = $myblog || !$blog['premod'] ? 1 : 0;
$mod['blog_id'] = $blog['id'];
//Проверяем их
if (mb_strlen($mod['title']) < 2) {
cmsCore::addSessionMessage($_LANG['POST_ERR_TITLE'], 'error');
$errors = true;
}
if (mb_strlen($mod['content']) < 5) {
cmsCore::addSessionMessage($_LANG['POST_ERR_TEXT'], 'error');
$errors = true;
}
// Если есть ошибки, возвращаемся назад
if ($errors) {
cmsUser::sessionPut('mod', $mod);
cmsCore::redirectBack();
}
//Если нет ошибок
//добавляем новый пост...
if ($do == 'newpost') {
if (IS_BILLING) {
cmsBilling::process('blogs', 'add_post');
}
$mod['pubdate'] = date('Y-m-d H:i:s');
$mod['user_id'] = $inUser->id;
// добавляем пост, получая его id и seolink
$added = $inBlog->addPost($mod);
if ($mod['published']) {
if ($blog['allow_who'] != 'nobody' && $mod['allow_who'] != 'nobody') {
cmsActions::log('add_post', array('object' => $mod['title'], 'object_url' => $model->getPostURL('', $added['seolink']), 'object_id' => $added['id'], 'target' => $blog['title'], 'target_url' => $model->getBlogURL(), 'target_id' => $blog['id'], 'description' => '', 'is_friends_only' => (int) ($blog['allow_who'] == 'friends' || $mod['allow_who'] == 'friends')));
}
cmsCore::addSessionMessage($_LANG['POST_CREATED'], 'success');
cmsCore::redirect($model->getPostURL('', $added['seolink']));
}
if (!$mod['published']) {
$message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_POST_SUBMIT']);
$message = str_replace('%post%', '<a href="' . $model->getPostURL('', $added['seolink']) . '">' . $mod['title'] . '</a>', $message);
$message = str_replace('%blog%', '<a href="' . $model->getBlogURL() . '">' . $blog['title'] . '</a>', $message);
cmsUser::sendMessage(USER_UPDATER, $blog['user_id'], $message);
cmsCore::addSessionMessage($_LANG['POST_PREMODER_TEXT'], 'info');
cmsCore::redirect($model->getBlogURL());
}
}
//...или сохраняем пост после редактирования
if ($do == 'editpost') {
if ($model->config['update_date']) {
$mod['pubdate'] = date('Y-m-d H:i:s');
}
$mod['edit_times'] = (int) $post['edit_times'] + 1;
$new_post_seolink = $inBlog->updatePost($post['id'], $mod, $model->config['update_seo_link']);
$post['seolink'] = is_string($new_post_seolink) ? $new_post_seolink : $post['seolink'];
cmsActions::updateLog('add_post', array('object' => $mod['title'], 'pubdate' => $model->config['update_date'] ? $mod['pubdate'] : $post['pubdate'], 'object_url' => $model->getPostURL('', $post['seolink'])), $post['id']);
if (!$mod['published']) {
$message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_POST_UPDATE']);
$message = str_replace('%post%', '<a href="' . $model->getPostURL('', $post['seolink']) . '">' . $mod['title'] . '</a>', $message);
$message = str_replace('%blog%', '<a href="' . $model->getBlogURL() . '">' . $blog['title'] . '</a>', $message);
cmsUser::sendMessage(USER_UPDATER, $blog['user_id'], $message);
cmsCore::addSessionMessage($_LANG['POST_PREMODER_TEXT'], 'info');
} else {
cmsCore::addSessionMessage($_LANG['POST_UPDATED'], 'success');
}
cmsCore::redirect($model->getPostURL('', $post['seolink']));
}
}
}
////////// НОВАЯ РУБРИКА / РЕДАКТИРОВАНИЕ РУБРИКИ //////////////////////////////////////////////////////
if ($do == 'newcat' || $do == 'editcat') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
// Для редактирования сначала получаем рубрику
if ($do == 'editcat') {
$cat = $inBlog->getBlogCategory($cat_id);
if (!$cat) {
cmsCore::halt();
}
$id = $cat['blog_id'];
}
// получаем блог
$blog = $inBlog->getBlog($id);
if (!$blog) {
cmsCore::halt();
}
//Проверяем является пользователь хозяином блога или админом
if ($blog['user_id'] != $inUser->id && !$inUser->is_admin) {
cmsCore::halt();
}
//Если нет запроса на сохранение
if (!cmsCore::inRequest('goadd')) {
$smarty = $inCore->initSmarty('components', 'com_blog_edit_cat.tpl');
$smarty->assign('mod', $cat);
$smarty->assign('form_action', $do == 'newcat' ? '/blog/' . $blog['id'] . '/newcat.html' : '/blog/editcat' . $cat['id'] . '.html');
$smarty->display('com_blog_edit_cat.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
}
//Если есть запрос на сохранение
if (cmsCore::inRequest('goadd')) {
if (!cmsCore::validateForm()) {
cmsCore::halt();
}
$new_cat['title'] = cmsCore::request('title', 'str', '');
$new_cat['description'] = cmsCore::request('description', 'str', '');
$new_cat['blog_id'] = $blog['id'];
if (mb_strlen($new_cat['title']) < 3) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CAT_ERR_TITLE']));
}
//новая рубрика
if ($do == 'newcat') {
$cat['id'] = $inBlog->addBlogCategory($new_cat);
cmsCore::addSessionMessage($_LANG['CAT_IS_ADDED'], 'success');
}
//редактирование рубрики
if ($do == 'editcat') {
$inBlog->updateBlogCategory($cat['id'], $new_cat);
cmsCore::addSessionMessage($_LANG['CAT_IS_UPDATED'], 'success');
}
cmsUser::clearCsrfToken();
cmsCore::jsonOutput(array('error' => false, 'redirect' => $model->getBlogURL(1, $cat['id'])));
}
}
///////////////////////// УДАЛЕНИЕ РУБРИКИ /////////////////////////////////////////////////////////////////////////
if ($do == 'delcat') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$cat = $inBlog->getBlogCategory($cat_id);
if (!$cat) {
cmsCore::halt();
}
$blog = $inBlog->getBlog($cat['blog_id']);
if (!$blog) {
cmsCore::halt();
}
if ($blog['user_id'] != $inUser->id && !$inUser->is_admin) {
cmsCore::halt();
}
if (!cmsCore::validateForm()) {
cmsCore::halt();
}
$inBlog->deleteBlogCategory($cat['id']);
cmsCore::addSessionMessage($_LANG['CAT_IS_DELETED'], 'success');
cmsUser::clearCsrfToken();
cmsCore::jsonOutput(array('error' => false, 'redirect' => $model->getBlogURL()));
}
////////////////////////// ПРОСМОТР ПОСТА /////////////////////////////////////////////////////////////////////////
if ($do == 'post') {
$post = $inBlog->getPost($seolink);
if (!$post) {
cmsCore::error404();
}
$blog = $inBlog->getBlog($post['blog_id']);
if (!$blog) {
cmsCore::error404();
}
// право просмотра блога
if (!cmsUser::checkUserContentAccess($blog['allow_who'], $blog['user_id'])) {
cmsCore::addSessionMessage($_LANG['CLOSED_BLOG'] . '<br>' . $_LANG['CLOSED_BLOG_TEXT'], 'error');
cmsCore::redirect('/blog');
}
// право просмотра самого поста
if (!cmsUser::checkUserContentAccess($post['allow_who'], $post['user_id'])) {
cmsCore::addSessionMessage($_LANG['CLOSED_POST'] . '<br>' . $_LANG['CLOSED_POST_TEXT'], 'error');
cmsCore::redirect($model->getBlogURL());
}
if ($inUser->id) {
$inPage->addHeadJS('components/blog/js/blog.js');
}
$inPage->addPathway($blog['title'], $model->getBlogURL());
$inPage->setTitle($post['title']);
$inPage->addPathway($post['title']);
$inPage->setDescription($post['title']);
if ($post['cat_id']) {
$cat = $inBlog->getBlogCategory($post['cat_id']);
}
$post['tags'] = cmsTagBar('blogpost', $post['id']);
$is_author = $inUser->id && $inUser->id == $post['user_id'];
$smarty = $inCore->initSmarty('components', 'com_blog_view_post.tpl');
$smarty->assign('post', $post);
$smarty->assign('blog', $blog);
$smarty->assign('cat', $cat);
$smarty->assign('is_author', $is_author);
$smarty->assign('myblog', $inUser->id && $inUser->id == $blog['user_id']);
$smarty->assign('is_admin', $inUser->is_admin);
$smarty->assign('karma_form', cmsKarmaForm('blogpost', $post['id'], $post['rating'], $is_author));
$smarty->assign('navigation', $inBlog->getPostNavigation($post['id'], $blog['id'], $model, $blog['seolink']));
$smarty->display('com_blog_view_post.tpl');
if ($inCore->isComponentInstalled('comments') && $post['comments']) {
cmsCore::includeComments();
comments('blog', $post['id']);
}
}
///////////////////////// УДАЛЕНИЕ ПОСТА /////////////////////////////////////////////////////////////////////////////
if ($do == 'delpost') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$post = $inBlog->getPost($post_id);
if (!$post) {
cmsCore::halt();
}
$blog = $inBlog->getBlog($post['blog_id']);
if (!$blog) {
cmsCore::halt();
}
// удалять могут авторы, авторы блога, админы
if ($blog['user_id'] != $inUser->id && !$inUser->is_admin && $inUser->id != $post['user_id']) {
cmsCore::halt();
}
if (!cmsCore::validateForm()) {
cmsCore::halt();
}
$inBlog->deletePost($post['id']);
if ($inUser->id != $post['user_id']) {
cmsUser::sendMessage(USER_UPDATER, $post['user_id'], $_LANG['YOUR_POST'] . ' <b>«' . $post['title'] . '»</b> ' . $_LANG['WAS_DELETED_FROM_BLOG'] . ' <b>«<a href="' . $model->getBlogURL() . '">' . $blog['title'] . '</a>»</b>');
}
cmsCore::addSessionMessage($_LANG['POST_IS_DELETED'], 'success');
cmsUser::clearCsrfToken();
cmsCore::jsonOutput(array('error' => false, 'redirect' => $model->getBlogURL()));
}
///////////////////////// ПУБЛИКАЦИЯ ПОСТА /////////////////////////////////////////////////////////////////////////
if ($do == 'publishpost') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$post = $inBlog->getPost($post_id);
if (!$post) {
cmsCore::halt();
}
$blog = $inBlog->getBlog($post['blog_id']);
if (!$blog) {
cmsCore::halt();
}
// публикуют авторы блога и админы
if ($blog['user_id'] != $inUser->id && !$inUser->is_admin) {
cmsCore::halt();
}
$inBlog->publishPost($post_id);
if ($blog['allow_who'] == 'all' && $post['allow_who'] == 'all') {
cmsCore::callEvent('ADD_POST_DONE', $post);
}
$post['seolink'] = $model->getPostURL('', $post['seolink']);
if ($blog['allow_who'] != 'nobody' && $post['allow_who'] != 'nobody') {
cmsActions::log('add_post', array('object' => $post['title'], 'user_id' => $post['user_id'], 'object_url' => $post['seolink'], 'object_id' => $post['id'], 'target' => $blog['title'], 'target_url' => $model->getBlogURL(), 'target_id' => $blog['id'], 'description' => '', 'is_friends_only' => (int) ($blog['allow_who'] == 'friends' || $post['allow_who'] == 'friends')));
}
cmsUser::sendMessage(USER_UPDATER, $post['user_id'], $_LANG['YOUR_POST'] . ' <b>«<a href="' . $post['seolink'] . '">' . $post['title'] . '</a>»</b> ' . $_LANG['PUBLISHED_IN_BLOG'] . ' <b>«<a href="' . $model->getBlogURL() . '">' . $blog['title'] . '</a>»</b>');
cmsCore::halt('ok');
}
////////// VIEW POPULAR POSTS ////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'best') {
$inPage->setTitle($_LANG['POPULAR_IN_BLOGS']);
$inPage->addPathway($_LANG['POPULAR_IN_BLOGS']);
$inPage->setDescription($_LANG['POPULAR_IN_BLOGS']);
// кроме админов в списке только с доступом для всех
if (!$inUser->is_admin) {
$inBlog->whereOnlyPublic();
}
// ограничиваем по рейтингу если надо
if ($model->config['list_min_rating']) {
$inBlog->ratingGreaterThan($model->config['list_min_rating']);
}
// всего постов
$total = $inBlog->getPostsCount($inUser->is_admin);
//устанавливаем сортировку
$inDB->orderBy('p.rating', 'DESC');
$inDB->limitPage($page, $model->config['perpage']);
// сами посты
$posts = $inBlog->getPosts($inUser->is_admin, $model);
if (!$posts && $page > 1) {
cmsCore::error404();
}
$smarty = $inCore->initSmarty('components', 'com_blog_view_posts.tpl');
$smarty->assign('pagetitle', $_LANG['POPULAR_IN_BLOGS']);
$smarty->assign('total', $total);
$smarty->assign('ownertype', $ownertype);
$smarty->assign('posts', $posts);
$smarty->assign('pagination', cmsPage::getPagebar($total, $page, $model->config['perpage'], '/blogs/popular-%page%.html'));
$smarty->assign('cfg', $model->config);
$smarty->display('com_blog_view_posts.tpl');
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
$inCore->executePluginRoute($do);
}
