public function run() { if (!$this->request->isAjax()) { cmsCore::error404(); } if (!cmsUser::isAllowed('comments', 'delete')) { cmsCore::error404(); } $comment = $this->model->getComment((int) $this->request->get('id')); // Проверяем if (!$comment) { cmsTemplate::getInstance()->renderJSON($result = array('error' => true, 'message' => LANG_ERROR)); } $user = cmsUser::getInstance(); if (!cmsUser::isAllowed('comments', 'delete', 'all') && !cmsUser::isAllowed('comments', 'delete', 'full_delete')) { if (cmsUser::isAllowed('comments', 'delete', 'own') && $comment['user']['id'] != $user->id) { cmsTemplate::getInstance()->renderJSON(array('error' => true, 'message' => LANG_ERROR)); } } // проверяем, есть ли дети комментария $is_comment_child = $this->model->getItemByField('comments', 'parent_id', $comment['id']); $this->model->deleteComment($comment['id'], !$is_comment_child && cmsUser::isAllowed('comments', 'delete', 'full_delete', true)); if (cmsUser::isAllowed('comments', 'delete', 'full_delete')) { cmsEventsManager::hook('comments_after_delete', $comment['id']); } else { cmsEventsManager::hook('comments_after_hide', $comment['id']); } cmsTemplate::getInstance()->renderJSON(array('error' => false, 'message' => LANG_COMMENT_DELETED)); }
public function run() { // Получаем название типа контента и сам тип $ctype = $this->model->getContentTypeByName($this->request->get('ctype_name', '')); if (!$ctype) { cmsCore::error404(); } // проверяем наличие доступа if (!cmsUser::isAllowed($ctype['name'], 'delete_cat')) { cmsCore::error404(); } $category = $this->model->getCategory($ctype['name'], $this->request->get('id', 0)); if (!$category) { cmsCore::error404(); } if (sizeof($category['path']) > 1) { $path = array_values($category['path']); $parent = $path[sizeof($category['path']) - 2]; } $this->model->deleteCategory($ctype['name'], $category['id'], true); $back_url = $this->request->get('back', ''); if ($back_url) { $this->redirect($back_url); } else { if ($ctype['options']['list_on']) { if (isset($parent)) { $this->redirectTo($ctype['name'], $parent['slug']); } else { $this->redirectTo($ctype['name']); } } else { $this->redirectToHome(); } } }
public function run($group) { if (!cmsUser::isAllowed('groups', 'delete')) { cmsCore::error404(); } if (!cmsUser::isAllowed('groups', 'delete', 'all') && $group['owner_id'] != $this->cms_user->id) { cmsCore::error404(); } if ($this->request->has('submit')) { // подтвержение получено $csrf_token = $this->request->get('csrf_token', ''); $is_delete_content = $this->request->get('is_delete_content', 0); if (!cmsForm::validateCSRFToken($csrf_token)) { cmsCore::error404(); } list($group, $is_delete_content) = cmsEventsManager::hook('group_before_delete', array($group, $is_delete_content)); $this->model->removeContentFromGroup($group['id'], $is_delete_content); $this->model->deleteGroup($group); cmsUser::addSessionMessage(sprintf(LANG_GROUPS_DELETED, $group['title'])); $this->redirectToAction(''); } else { // спрашиваем подтверждение return $this->cms_template->render('group_delete', array('user' => $this->cms_user, 'group' => $group)); } }
public function run($data) { list($ctype, $album, $fields) = $data; $is_allow = $album['is_public'] || $album['user_id'] == $this->cms_user->id || $this->cms_user->is_admin; if ($is_allow && cmsUser::isAllowed($ctype['name'], 'add')) { $this->cms_template->addToolButton(array('class' => 'images', 'title' => LANG_PHOTOS_UPLOAD, 'href' => href_to($this->name, 'upload', $album['id']))); } $album['filter_panel'] = array('ordering' => modelPhotos::getOrderList(), 'types' => !empty($this->options['types']) ? array('' => LANG_PHOTOS_ALL) + $this->options['types'] : array(), 'orientation' => modelPhotos::getOrientationList(), 'width' => '', 'height' => ''); $album['filter_values'] = array('ordering' => $this->cms_core->request->get('ordering', $this->options['ordering']), 'types' => $this->cms_core->request->get('types', ''), 'orientation' => $this->cms_core->request->get('orientation', ''), 'width' => $this->cms_core->request->get('width', 0) ?: '', 'height' => $this->cms_core->request->get('height', 0) ?: ''); $album['url_params'] = array_filter($album['filter_values']); $album['filter_selected'] = $album['url_params']; if ($album['filter_selected']['ordering'] == $this->options['ordering']) { unset($album['filter_selected']['ordering']); } if (!in_array($album['filter_values']['ordering'], array_keys($album['filter_panel']['ordering']))) { $album['filter_values']['ordering'] = 'date_pub'; } if ($album['filter_values']['types'] && !in_array($album['filter_values']['types'], array_keys($album['filter_panel']['types']))) { $album['filter_values']['types'] = ''; } if ($album['filter_values']['orientation'] && !in_array($album['filter_values']['orientation'], array_keys($album['filter_panel']['orientation']))) { $album['filter_values']['orientation'] = ''; } $album['base_url'] = href_to($ctype['name'], $album['slug'] . '.html') . '?' . http_build_query($album['url_params']); foreach ($album['filter_selected'] as $key => $value) { if (isset($album['filter_panel'][$key][$value])) { $title[] = $album['filter_panel'][$key][$value]; } } if (!empty($title)) { $album['title'] .= ' — ' . mb_strtolower(implode(', ', $title)); $album['seo_desc'] .= ' ' . $album['title']; } return array($ctype, $album, $fields); }
public function run() { if (!$this->request->isAjax()) { cmsCore::error404(); } $comment_id = $this->request->get('comment_id'); $score = $this->request->get('score'); // Проверяем валидность $is_valid = is_numeric($comment_id) && in_array($score, array(-1, 1)); $template = cmsTemplate::getInstance(); if (!$is_valid) { $template->renderJSON(array('error' => true)); } $user = cmsUser::getInstance(); $is_can_rate = cmsUser::isAllowed('comments', 'rate'); if (!$is_can_rate) { $template->renderJSON(array('error' => true)); } $is_voted = $this->model->isUserVoted($comment_id, $user->id); if ($is_voted) { $template->renderJSON(array('error' => true)); } $comment = $this->model->getComment($comment_id); if ($comment['user_id'] == $user->id) { $template->renderJSON(array('error' => true)); } $success = $this->model->rateComment($comment_id, $user->id, $score); $template->renderJSON(array('error' => !$success)); }
public function run() { $camera = urldecode($this->request->get('name', '')); if (!$camera) { cmsCore::error404(); } if (cmsUser::isAllowed('albums', 'view_all')) { $this->model->disablePrivacyFilter(); } $this->model->filterEqual('camera', $camera); $page = $this->request->get('photo_page', 1); $perpage = empty($this->options['limit']) ? 16 : $this->options['limit']; $this->model->limitPagePlus($page, $perpage); $this->model->orderBy($this->options['ordering'], 'desc'); $photos = $this->getPhotosList(); if (!$photos) { cmsCore::error404(); } if ($photos && count($photos) > $perpage) { $has_next = true; array_pop($photos); } else { $has_next = false; } $ctype = cmsCore::getModel('content')->getContentTypeByName('albums'); $this->cms_template->render('camera', array('page_title' => sprintf(LANG_PHOTOS_CAMERA_TITLE, $camera), 'ctype' => $ctype, 'page' => $page, 'row_height' => $this->getRowHeight(), 'user' => $this->cms_user, 'item' => array('id' => 0, 'user_id' => 0, 'url_params' => array('camera' => $camera), 'base_url' => href_to('photos', 'camera-' . urlencode($camera))), 'item_type' => 'camera', 'photos' => $photos, 'is_owner' => cmsUser::isAllowed('albums', 'delete', 'all'), 'has_next' => $has_next, 'hooks_html' => cmsEventsManager::hookAll('photo_camera_html', $camera), 'preset_small' => $this->options['preset_small'])); }
public function run() { if (!$this->request->isAjax()) { cmsCore::error404(); } if (!cmsUser::isAllowed('comments', 'delete')) { cmsCore::error404(); } $comment_id = $this->request->get('id'); // Проверяем валидность $is_valid = is_numeric($comment_id); if (!$is_valid) { $result = array('error' => true, 'message' => LANG_ERROR); cmsTemplate::getInstance()->renderJSON($result); } $user = cmsUser::getInstance(); $comment = $this->model->getComment($comment_id); if (!cmsUser::isAllowed('comments', 'edit', 'all')) { if (cmsUser::isAllowed('comments', 'edit', 'own') && $comment['user']['id'] != $user->id) { $result = array('error' => true, 'message' => LANG_ERROR); cmsTemplate::getInstance()->renderJSON($result); } } $this->model->deleteComment($comment_id); $result = array('error' => false, 'message' => LANG_COMMENT_DELETED); cmsTemplate::getInstance()->renderJSON($result); }
public function run() { if (!$this->request->isAjax()) { cmsCore::error404(); } if (!cmsUser::isAllowed('comments', 'edit')) { cmsCore::error404(); } $comment_id = $this->request->get('id'); // Проверяем валидность $is_valid = is_numeric($comment_id); if (!$is_valid) { $result = array('error' => true, 'message' => LANG_ERROR); cmsTemplate::getInstance()->renderJSON($result); } $user = cmsUser::getInstance(); $comment = $this->model->getComment($comment_id); if (!cmsUser::isAllowed('comments', 'edit', 'all')) { if (cmsUser::isAllowed('comments', 'edit', 'own') && $comment['user']['id'] != $user->id) { $result = array('error' => true, 'message' => LANG_ERROR); cmsTemplate::getInstance()->renderJSON($result); } } // Формируем и возвращаем результат $result = array('error' => $comment ? false : true, 'id' => $comment_id, 'html' => $comment ? string_strip_br($comment['content']) : false); cmsTemplate::getInstance()->renderJSON($result); }
public function run() { $cat_id = $this->getOption('category_id'); $ctype_id = $this->getOption('ctype_id'); $dataset_id = $this->getOption('dataset'); $image_field = $this->getOption('image_field'); $big_image_field = $this->getOption('big_image_field'); $big_image_preset = $this->getOption('big_image_preset'); $teaser_fields = $this->getOption('teaser_field'); $limit = $this->getOption('limit', 10); $delay = $this->getOption('delay', 5); $teaser_len = $this->getOption('teaser_len', 100); $model = cmsCore::getModel('content'); $ctype = $model->getContentType($ctype_id); if (!$ctype) { return false; } if ($cat_id) { $category = $model->getCategory($ctype['name'], $cat_id); } else { $category = false; } if ($dataset_id) { $dataset = $model->getContentDataset($dataset_id); if ($dataset) { $model->applyDatasetFilters($dataset); } else { $dataset_id = false; } } if ($category) { $model->filterCategory($ctype['name'], $category, true); } // Приватность // флаг показа только названий $hide_except_title = !empty($ctype['options']['privacy_type']) && $ctype['options']['privacy_type'] == 'show_title'; // Сначала проверяем настройки типа контента if (!empty($ctype['options']['privacy_type']) && in_array($ctype['options']['privacy_type'], array('show_title', 'show_all'), true)) { $model->disablePrivacyFilter(); if ($ctype['options']['privacy_type'] != 'show_title') { $hide_except_title = false; } } // А потом, если разрешено правами доступа, отключаем фильтр приватности if (cmsUser::isAllowed($ctype['name'], 'view_all')) { $model->disablePrivacyFilter(); $hide_except_title = false; } // Скрываем записи из скрытых родителей (приватных групп и т.п.) $model->filterHiddenParents(); list($ctype, $model) = cmsEventsManager::hook('content_list_filter', array($ctype, $model)); list($ctype, $model) = cmsEventsManager::hook("content_{$ctype['name']}_list_filter", array($ctype, $model)); $items = $model->limit($limit)->getContentItems($ctype['name']); if (!$items) { return false; } list($ctype, $items) = cmsEventsManager::hook("content_before_list", array($ctype, $items)); list($ctype, $items) = cmsEventsManager::hook("content_{$ctype['name']}_before_list", array($ctype, $items)); return array('ctype' => $ctype, 'teaser_len' => $teaser_len, 'hide_except_title' => $hide_except_title, 'delay' => $delay, 'image_field' => $image_field, 'big_image_field' => $big_image_field, 'big_image_preset' => $big_image_preset, 'teaser_field' => $teaser_fields, 'items' => $items); }
public function run($photo_id = null) { if (!$this->request->isAjax()) { cmsCore::error404(); } if (!$photo_id) { $photo_id = $this->request->get('id'); if (!$photo_id) { cmsCore::error404(); } } $photo = $this->model->getPhoto($photo_id); $success = true; // проверяем наличие доступа $user = cmsUser::getInstance(); if (!cmsUser::isAllowed('albums', 'edit')) { $success = false; } if (!cmsUser::isAllowed('albums', 'edit', 'all') && $photo['user_id'] != $user->id) { $success = false; } if (!$success) { cmsTemplate::getInstance()->renderJSON(array('success' => false)); } $album = cmsCore::getModel('content')->getContentItem('albums', $photo['album_id']); $this->model->deletePhoto($photo_id); $this->model->setRandomAlbumCoverImage($photo['album_id']); cmsTemplate::getInstance()->renderJSON(array('success' => true, 'album_url' => href_to('albums', $album['slug'] . '.html'))); }
public function renderPhotosList($item, $item_type, $page, $perpage = false, $show_next = true) { $perpage = $perpage ? $perpage : (empty($this->options['limit']) ? 16 : $this->options['limit']); if (!$this->model->order_by) { $this->model->orderBy($this->options['ordering'], 'desc'); } if ($show_next) { // получаем на одну страницу больше $this->model->limitPagePlus($page, $perpage); } else { $this->model->limit($perpage); } $photos = $this->getPhotosList($item['id'], $item_type); if (!$photos && $page > 1) { cmsCore::error404(); } if ($show_next && $photos && count($photos) > $perpage) { $has_next = true; array_pop($photos); } else { $has_next = false; } $is_owner = cmsUser::isAllowed('albums', 'delete', 'all') || cmsUser::isAllowed('albums', 'delete', 'own') && $item['user_id'] == $this->cms_user->id; $tpl_data = array('row_height' => $this->getRowHeight(), 'user' => $this->cms_user, 'item' => $item, 'photos' => $photos, 'page' => $page, 'has_next' => $has_next, 'is_owner' => $is_owner, 'item_type' => $item_type, 'preset_small' => $this->options['preset_small']); if (!$this->request->isAjax()) { return $this->cms_template->renderInternal($this, 'album', $tpl_data); } else { $this->halt($this->cms_template->renderInternal($this, 'photos', $tpl_data)); } }
public function run($profile_id) { if (!cmsUser::isLogged()) { cmsCore::error404(); } if (!$this->request->isAjax()) { cmsCore::error404(); } $user = cmsUser::getInstance(); $direction = $this->request->get('direction'); $comment = $this->request->get('comment'); // // Проверяем валидность // $is_valid = $user->is_logged && cmsUser::isAllowed('users', 'vote_karma') && is_numeric($profile_id) && $user->id != $profile_id && in_array($direction, array('up', 'down')) && (!$this->options['is_karma_comments'] || $comment); if (!$is_valid) { $result = array('error' => true, 'message' => LANG_ERROR); cmsTemplate::getInstance()->renderJSON($result); } $profile = $this->model->getUser($profile_id); if (!$profile || !$this->model->isUserCanVoteKarma($user->id, $profile_id, $this->options['karma_time'])) { $result = array('error' => true, 'message' => LANG_ERROR); cmsTemplate::getInstance()->renderJSON($result); } // // Сохраняем оценку // $vote = array('user_id' => $user->id, 'profile_id' => $profile_id, 'points' => $direction == 'up' ? 1 : -1, 'comment' => $comment); $vote_id = $this->model->addKarmaVote($vote); $value = $profile['karma'] + $vote['points']; $result = array('error' => $vote_id ? false : true, 'value' => html_signed_num($value), 'css_class' => html_signed_class($value)); cmsTemplate::getInstance()->renderJSON($result); }
public function run() { if (!$this->request->isAjax()) { cmsCore::error404(); } $comment_id = $this->request->get('comment_id', 0); $score = $this->request->get('score', ''); // Проверяем валидность $is_valid = is_numeric($comment_id) && in_array($score, array(-1, 1)); if (!$is_valid) { $this->cms_template->renderJSON(array('error' => true)); } $is_can_rate = cmsUser::isAllowed('comments', 'rate'); if (!$is_can_rate) { $this->cms_template->renderJSON(array('error' => true)); } $is_voted = $this->model->isUserVoted($comment_id, $this->cms_user->id); if ($is_voted) { $this->cms_template->renderJSON(array('error' => true)); } $comment = $this->model->getComment($comment_id); if ($comment['user_id'] == $this->cms_user->id) { $this->cms_template->renderJSON(array('error' => true)); } $success = $this->model->rateComment($comment_id, $this->cms_user->id, $score); if ($success && $comment['user_id'] && !empty($this->options['update_user_rating'])) { $rating = $this->model->getItemById('{users}', $comment['user_id']); $this->model->update('{users}', $comment['user_id'], array('rating' => $rating['rating'] + $score)); } cmsCore::getController('activity')->addEntry($this->name, 'vote.comment', array('is_private' => (int) $comment['is_private'], 'subject_title' => $comment['target_title'], 'subject_id' => $comment_id, 'subject_url' => $comment['target_url'] . '#comment_' . $comment['id'])); $this->cms_template->renderJSON(array('error' => !$success)); }
public function run() { if (!$this->request->isAjax()) { cmsCore::error404(); } $photo_id = $this->request->get('id'); $new_title = $this->request->get('title'); if (!$photo_id || !$new_title) { cmsCore::error404(); } $photo = $this->model->getPhoto($photo_id); $success = true; // проверяем наличие доступа $user = cmsUser::getInstance(); if (!cmsUser::isAllowed('albums', 'edit')) { $success = false; } if (!cmsUser::isAllowed('albums', 'edit', 'all') && $photo['user_id'] != $user->id) { $success = false; } if (!$success) { cmsTemplate::getInstance()->renderJSON(array('success' => false)); } $this->model->renamePhoto($photo_id, $new_title); cmsTemplate::getInstance()->renderJSON(array('success' => true)); }
public function run() { if (!$this->request->isAjax()) { cmsCore::error404(); } if (!cmsUser::isAllowed('comments', 'is_moderator')) { return $this->cms_template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR)); } $comment_id = $this->request->get('id', 0); if (!$comment_id) { return $this->cms_template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR)); } $comment = $this->model->getComment($comment_id); if (!$comment) { return $this->cms_template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR)); } $this->model->approveComment($comment['id']); // Уведомляем модель целевого контента об изменении количества комментариев $comments_count = $this->model->filterCommentTarget($comment['target_controller'], $comment['target_subject'], $comment['target_id'])->getCommentsCount(); $this->model->resetFilters(); cmsCore::getModel($comment['target_controller'])->updateCommentsCount($comment['target_subject'], $comment['target_id'], $comments_count); $parent_comment = $comment['parent_id'] ? $this->model->getComment($comment['parent_id']) : false; // Уведомляем подписчиков $this->notifySubscribers($comment, $parent_comment); // Уведомляем об ответе на комментарий if ($parent_comment) { $this->notifyParent($comment, $parent_comment); } $comment = cmsEventsManager::hook('comment_after_add', $comment); return $this->cms_template->renderJSON(array('error' => false, 'message' => '', 'id' => $comment['id'], 'parent_id' => $comment['parent_id'], 'level' => $comment['level'], 'html' => cmsEventsManager::hook('parse_text', $comment['content_html']))); }
public function run($data) { list($ctype, $items) = $data; if (cmsUser::isAllowed($ctype['name'], 'add')) { cmsTemplate::getInstance()->addToolButton(array('class' => 'images', 'title' => LANG_PHOTOS_UPLOAD, 'href' => href_to($this->name, 'upload'))); } return $data; }
public function run($data) { list($ctype, $items) = $data; if (cmsUser::isAllowed($ctype['name'], 'add')) { $this->cms_template->addToolButton(array('class' => 'images', 'title' => LANG_PHOTOS_UPLOAD, 'href' => href_to($this->name, 'upload'))); } $ctype['photos_options'] = $this->options; return array($ctype, $items); }
public function run() { if (!$this->request->isAjax()) { cmsCore::error404(); } // включено ли голосование от гостей? if (empty($this->options['allow_guest_vote']) && !$this->cms_user->is_logged) { return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_ERROR)); } // Получаем параметры $direction = $this->request->get('direction', ''); $target_controller = $this->request->get('controller', ''); $target_subject = $this->request->get('subject', ''); $target_id = $this->request->get('id', 0); $is_valid = $this->validate_sysname($target_controller) === true && $this->validate_sysname($target_subject) === true && is_numeric($target_id) && in_array($direction, array('up', 'down')); if (!$is_valid) { return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_ERROR)); } // Объединяем всю информацию о голосе $vote = array('user_id' => $this->cms_user->id ? $this->cms_user->id : null, 'target_controller' => $target_controller, 'target_subject' => $target_subject, 'target_id' => $target_id, 'score' => $direction == 'up' ? 1 : -1, 'ip' => sprintf('%u', ip2long(cmsUser::getIp()))); $cookie_key = $target_subject . $target_id . $target_controller; // Этот голос уже учитывался? $is_voted = $this->model->isUserVoted($vote, $this->cms_user->is_logged); if ($is_voted) { // если куки нет, ставим if (!empty($this->options['is_hidden']) && !cmsUser::getCookie($cookie_key)) { cmsUser::setCookie($cookie_key, 1, 2628000); // год } return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_RATING_VOTED)); } $target_model = cmsCore::getModel($target_controller); $target = $target_model->getRatingTarget($target_subject, $target_id); if (!empty($target['user_id'])) { if ($this->cms_user->is_logged) { if ($target['user_id'] == $this->cms_user->id || !cmsUser::isAllowed($target_subject, 'rate')) { return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_RATING_DISABLED)); } } } // Добавляем голос в лог $this->model->addVote($vote); // Обновляем суммарный рейтинг цели $rating = (int) $target['rating'] + $vote['score']; $target_model->updateRating($target_subject, $target_id, $rating); // Оповещаем всех об изменении рейтинга cmsEventsManager::hook('rating_vote', array('subject' => $target_subject, 'id' => $target_id, 'target' => $target, 'vote' => $vote, 'rating' => $rating)); // Собираем результат $result = array('success' => true, 'rating' => html_signed_num($rating), 'css_class' => html_signed_class($rating) . ($this->options['is_show'] ? ' clickable' : ''), 'message' => LANG_RATING_VOTED); // запоминаем в куках if (!empty($this->options['is_hidden'])) { cmsUser::setCookie($cookie_key, 1, 2628000); // год } return $this->cms_template->renderJSON($result); }
private function getUserViewHtml($ctype, $profile, $current_folder) { $this->model->orderBy($this->options['ordering'], 'desc'); if (cmsUser::isAllowed('albums', 'view_all') || $this->cms_user->id == $profile['user_id']) { $this->model->disablePrivacyFilter(); } $profile['url_params'] = array('photo_page' => 1); $profile['base_url'] = href_to('users', $profile['id'], array('content', $ctype['name'])); return $this->renderPhotosList($profile, 'user_id', $this->cms_core->request->get('photo_page', 1)); }
public function run($id = false) { if (!$id) { cmsCore::error404(); } if (!cmsUser::isAllowed('activity', 'delete')) { cmsCore::error404(); } $this->model->deleteEntryById($id); $this->redirectBack(); }
public function run() { $ctype_id = $this->getOption('ctype_id'); $dataset_id = $this->getOption('dataset'); $cat_id = $this->getOption('category_id'); $image_field = $this->getOption('image_field'); $teaser_field = $this->getOption('teaser_field'); $is_show_details = $this->getOption('show_details'); $style = $this->getOption('style', 'basic'); $limit = $this->getOption('limit', 10); $model = cmsCore::getModel('content'); $ctype = $model->getContentType($ctype_id); if (!$ctype) { return false; } if ($cat_id) { $category = $model->getCategory($ctype['name'], $cat_id); } else { $category = false; } if ($dataset_id) { $dataset = $model->getContentDataset($dataset_id); if ($dataset) { $model->applyDatasetFilters($dataset); } else { $dataset_id = false; } } if ($category) { $model->filterCategory($ctype['name'], $category, true); $model->groupBy('i.id'); } if (!$dataset_id) { $model->orderBy('date_pub', 'desc'); } // Отключаем фильтр приватности для тех кому это разрешено if (cmsUser::isAllowed($ctype['name'], 'view_all')) { $model->disablePrivacyFilter(); } // Скрываем записи из скрытых родителей (приватных групп и т.п.) $model->filterHiddenParents(); list($ctype, $model) = cmsEventsManager::hook("content_list_filter", array($ctype, $model)); list($ctype, $model) = cmsEventsManager::hook("content_{$ctype['name']}_list_filter", array($ctype, $model)); $items = $model->limit($limit)->getContentItems($ctype['name']); if (!$items) { return false; } if ($style) { $this->setTemplate('list_' . $style); } else { $this->setTemplate($this->tpl_body); } return array('ctype' => $ctype, 'image_field' => $image_field, 'teaser_field' => $teaser_field, 'is_show_details' => $is_show_details, 'style' => $style, 'items' => $items); }
public function run($profile, $tab_name, $tab) { $this->model->filterEqual('user_id', $profile['id']); if ($profile['id'] == $this->cms_user->id || cmsUser::isAllowed('comments', 'is_moderator')) { $this->model->disableApprovedFilter(); $this->model->orderByList(array(array('by' => 'is_approved', 'to' => 'desc'), array('by' => 'date_pub', 'to' => 'desc'))); } $page_url = href_to('users', $profile['id'], 'comments'); $list_html = $this->renderCommentsList($page_url); $this->model->enableApprovedFilter(); return $this->cms_template->renderInternal($this, 'profile_tab', array('tab' => $tab, 'user' => $this->cms_user, 'profile' => $profile, 'html' => $list_html)); }
public function getGroupContentCounts($group) { return $this->model->getGroupContentCounts($group['id'], $this->cms_user->is_admin || $this->cms_user->id == $group['owner_id'], function ($ctype, $content_model) { $content_model->enablePrivacyFilter(); if (!empty($ctype['options']['privacy_type']) && in_array($ctype['options']['privacy_type'], array('show_title', 'show_all'), true)) { $content_model->disablePrivacyFilter(); } if (cmsUser::isAllowed($ctype['name'], 'view_all')) { $content_model->disablePrivacyFilter(); } }); }
public function run() { // Получаем название типа контента и сам тип $ctype_name = $this->request->get('ctype_name'); $ctype = $this->model->getContentTypeByName($ctype_name); if (!$ctype) { cmsCore::error404(); } $id = $this->request->get('id'); if (!$id) { cmsCore::error404(); } $item = $this->model->getContentItem($ctype_name, $id); if (!$item) { cmsCore::error404(); } // проверяем наличие доступа $user = cmsUser::getInstance(); if (!cmsUser::isAllowed($ctype['name'], 'delete')) { cmsCore::error404(); } if (!cmsUser::isAllowed($ctype['name'], 'delete', 'all') && $item['user_id'] != $user->id) { cmsCore::error404(); } $is_moderator = $user->is_admin || $this->model->userIsContentTypeModerator($ctype_name, $user->id); if (!$item['is_approved'] && !$is_moderator) { cmsCore::error404(); } $back_action = ''; if ($ctype['is_cats'] && $item['category_id']) { $category = $this->model->getCategory($ctype_name, $item['category_id']); $back_action = $category['slug']; } cmsEventsManager::hook("content_before_delete", array('ctype_name' => $ctype_name, 'item' => $item)); cmsEventsManager::hook("content_{$ctype['name']}_before_delete", $item); $this->model->deleteContentItem($ctype_name, $id); if (!$item['is_approved']) { $this->notifyAuthor($ctype_name, $item); } cmsEventsManager::hook("content_after_delete", array('ctype_name' => $ctype_name, 'item' => $item)); cmsEventsManager::hook("content_{$ctype['name']}_after_delete", $item); $back_url = $this->request->get('back'); if ($back_url) { $this->redirect($back_url); } else { if ($ctype['options']['list_on']) { $this->redirectTo($ctype_name, $back_action); } else { $this->redirectToHome(); } } }
public function getWidget() { $user = cmsUser::getInstance(); $comments = $this->model->lockFilters()->filterEqual('target_controller', $this->target_controller)->filterEqual('target_subject', $this->target_subject)->filterEqual('target_id', $this->target_id)->getComments(); $comments = cmsEventsManager::hook('comments_before_list', $comments); $is_tracking = $this->model->getTracking($user->id); $is_highlight_new = $this->request->hasInQuery('new_comments'); if ($is_highlight_new && !$user->is_logged) { cmsCore::error404(); } $csrf_token_seed = implode('/', array($this->target_controller, $this->target_subject, $this->target_id)); return cmsTemplate::getInstance()->renderInternal($this, 'list', array('user' => $user, 'target_controller' => $this->target_controller, 'target_subject' => $this->target_subject, 'target_id' => $this->target_id, 'target_user_id' => $this->target_user_id, 'is_tracking' => $is_tracking, 'is_highlight_new' => $is_highlight_new, 'comments' => $comments, 'csrf_token_seed' => $csrf_token_seed, 'is_can_rate' => cmsUser::isAllowed('comments', 'rate'))); }
public function run() { $types = array(); $ctypes = $this->model->getContentTypes(); foreach ($ctypes as $ctype) { // проверяем наличие доступа if (!cmsUser::isAllowed($ctype['name'], 'add') || !isset($ctype['labels']['many'])) { continue; } $types['view_user_' . $ctype['name']] = array('title' => sprintf(LANG_USERS_PRIVACY_PROFILE_CTYPE, $ctype['labels']['many']), 'options' => array('anyone', 'friends')); } return $types; }
public function run($album) { $core = cmsCore::getInstance(); $template = cmsTemplate::getInstance(); $user = cmsUser::getInstance(); $page = $core->request->get('page', 1); $perpage = 16; $total = $this->model->getPhotosCount($album['id']); $this->model->limitPage($page, $perpage); $photos = $this->model->getPhotos($album['id']); if (!$photos && $page > 1) { $this->redirect(href_to('albums', $album['slug'] . '.html')); } $is_owner = cmsUser::isAllowed('albums', 'delete', 'all') || cmsUser::isAllowed('albums', 'delete', 'own') && $album['user_id'] == $user->id; return $template->renderInternal($this, 'album', array('album' => $album, 'photos' => $photos, 'page' => $page, 'perpage' => $perpage, 'total' => $total, 'is_owner' => $is_owner, 'page_url' => '')); }
public function run() { $show_avatars = $this->getOption('show_avatars', true); $show_text = $this->getOption('show_text', false); $limit = $this->getOption('limit', 10); $model = cmsCore::getModel('comments'); $model->orderBy('date_pub', 'desc'); if (!cmsUser::isAllowed('comments', 'view_all')) { $model->filterEqual('is_private', 0); } $items = $model->filterIsNull('is_deleted')->limit($limit)->getComments(); if (!$items) { return false; } return array('show_avatars' => $show_avatars, 'show_text' => $show_text, 'items' => $items); }
public function showUploadForm($album_id) { if (!cmsUser::isAllowed('albums', 'add')) { cmsCore::error404(); } $user = cmsUser::getInstance(); $content_model = cmsCore::getModel('content'); $ctype = $content_model->getContentTypeByName('albums'); $albums = $content_model->filterEqual('user_id', $user->id)->filterOr()->filterEqual('is_public', 1)->orderByList(array(array('by' => 'is_public', 'to' => 'asc'), array('by' => 'date_pub', 'to' => 'desc')))->getContentItems('albums'); if (!$albums) { $this->redirect(href_to('albums', 'add')); } if ($this->request->has('submit')) { $album_id = $this->request->get('album_id'); if (!isset($albums[$album_id])) { $this->redirectBack(); } if (!$this->request->has('photos')) { $this->redirectBack(); } $album = $albums[$album_id]; $photos_titles = $this->request->get('photos'); $this->model->assignAlbumId($album_id); $this->model->updateAlbumCoverImage($album['id'], $photos_titles); $this->model->updateAlbumPhotosCount($album_id, sizeof($photos_titles)); $this->model->updatePhotoTitles($album_id, $photos_titles); $activity_thumb_images = array(); $photos = $this->model->getPhotosByIdsList(array_keys($photos_titles)); $photos_count = count($photos); if ($photos_count > 5) { $photos = array_slice($photos, 0, 4); } if ($photos_count) { foreach ($photos as $photo) { $activity_thumb_images[] = array('url' => href_to('photos', 'view', $photo['id']), 'src' => html_image_src($photo['image'], 'small')); } } $activity_controller = cmsCore::getController('activity'); $activity_controller->addEntry($this->name, "add.photos", array('user_id' => $user->id, 'subject_title' => $album['title'], 'subject_id' => $album['id'], 'subject_url' => href_to('albums', $album['slug'] . '.html'), 'is_private' => isset($album['is_private']) ? $album['is_private'] : 0, 'group_id' => isset($album['parent_id']) ? $album['parent_id'] : null, 'images' => $activity_thumb_images, 'images_count' => $photos_count)); $this->redirect(href_to('albums', $albums[$album_id]['slug'] . '.html')); } $photos = $this->model->getOrphanPhotos(); if (!isset($albums[$album_id])) { $album_id = false; } cmsTemplate::getInstance()->render('upload', array('ctype' => $ctype, 'albums' => $albums, 'photos' => $photos, 'album_id' => $album_id)); }
public function run($group, $do = false) { if (!cmsUser::isAllowed('groups', 'edit')) { cmsCore::error404(); } $user = cmsUser::getInstance(); $is_owner = $group['owner_id'] == $user->id || $user->is_admin; $membership = $this->model->getMembership($group['id'], $user->id); $is_member = $membership !== false; $member_role = $is_member ? $membership['role'] : groups::ROLE_NONE; if (!cmsUser::isAllowed('groups', 'edit', 'all')) { if (cmsUser::isAllowed('groups', 'edit', 'own')) { if ($member_role != groups::ROLE_STAFF || $group['edit_policy'] == groups::EDIT_POLICY_OWNER && !$is_owner) { cmsCore::error404(); } } } // если нужно, передаем управление другому экшену if ($do) { $this->runAction('group_edit_' . $do, array($group) + array_slice($this->params, 2)); return; } $form = $this->getForm('group'); if (!$is_owner) { $form->removeField('basic', 'join_policy'); $form->removeField('basic', 'edit_policy'); $form->removeField('basic', 'wall_policy'); $form->removeField('basic', 'is_closed'); } if ($is_owner && !$this->options['is_wall']) { $form->removeField('basic', 'wall_policy'); } $is_submitted = $this->request->has('submit'); if ($is_submitted) { $group = array_merge($group, $form->parse($this->request, $is_submitted, $group)); $errors = $form->validate($this, $group); if (!$errors) { $this->model->updateGroup($group['id'], $group); $this->redirectToAction($group['id']); } if ($errors) { cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error'); } } return cmsTemplate::getInstance()->render('group_edit', array('do' => 'edit', 'group' => $group, 'form' => $form, 'errors' => isset($errors) ? $errors : false)); }