public function update()
 {
     global $DB;
     global $website;
     global $events;
     global $user;
     if (!is_null($user)) {
         if ($user->permission("items.edit") == 'false' && $this->author != $user->id) {
             throw new Exception(t(610, "Sorry, you are not allowed to execute this function."));
         }
         if (!structure::category_allowed($this->category)) {
             throw new Exception(t(610, "Sorry, you are not allowed to execute this function."));
         }
     }
     $this->date_modified = core_time();
     $groups = '';
     if (is_array($this->groups)) {
         $this->groups = array_unique($this->groups);
         // remove duplicates
         $this->groups = array_filter($this->groups);
         // remove empty
         if (!empty($this->groups)) {
             $groups = 'g' . implode(',g', $this->groups);
         }
     }
     if ($groups == 'g') {
         $groups = '';
     }
     $ok = $DB->execute(' 
         UPDATE nv_items
         SET 
             association	= :association,
             category	=   :category,
             embedding	= 	:embedding,
             template	=   :template,
             date_to_display	=  :date_to_display,
             date_published	=  :date_published,
             date_unpublish	=  :date_unpublish,
             date_modified	=  :date_modified,
             author		=   :author,
             galleries	=  :galleries,
             comments_enabled_to = :comments_enabled_to,
             comments_moderator = :comments_moderator,
             access	 	=  :access,
             groups      =  :groups,
             permission 	=  :permission,
             views 	=  :views,
             votes 	=  :votes,
             score 	=  :score,
             position = :position
         WHERE id = :id
           AND website = :website', array(":association" => $this->association, ":category" => $this->category, ":embedding" => $this->embedding, ":template" => $this->template, ":date_to_display" => value_or_default($this->date_to_display, 0), ":date_published" => value_or_default($this->date_published, 0), ":date_unpublish" => value_or_default($this->date_unpublish, 0), ":date_modified" => $this->date_modified, ":author" => $this->author, ":galleries" => serialize($this->galleries), ":comments_enabled_to" => value_or_default($this->comments_enabled_to, 0), ":comments_moderator" => value_or_default($this->comments_moderator, 0), ":access" => $this->access, ":groups" => $groups, ":permission" => $this->permission, ":views" => $this->views, ":votes" => $this->votes, ":score" => $this->score, ":position" => value_or_default($this->position, 0), ":id" => $this->id, ":website" => $this->website));
     if (!$ok) {
         throw new Exception($DB->get_last_error());
     }
     webdictionary::save_element_strings('item', $this->id, $this->dictionary, $this->website);
     webdictionary_history::save_element_strings('item', $this->id, $this->dictionary, false, $this->website);
     path::saveElementPaths('item', $this->id, $this->paths, $this->website);
     $events->trigger('item', 'save', array('item' => $this));
     return true;
 }
Exemple #2
0
function run()
{
    global $layout;
    global $DB;
    global $website;
    global $theme;
    global $user;
    $out = '';
    $item = new item();
    switch ($_REQUEST['act']) {
        case 'json':
        case 1:
            // json data retrieval & operations
            switch ($_REQUEST['oper']) {
                case 'del':
                    // remove rows
                    $ids = $_REQUEST['ids'];
                    foreach ($ids as $id) {
                        $item->load($id);
                        $item->delete();
                    }
                    echo json_encode(true);
                    break;
                default:
                    // list or search
                    // translation of request search & order fields
                    switch ($_REQUEST['searchField']) {
                        case 'id':
                            $_REQUEST['searchField'] = 'i.id';
                            break;
                        case 'title':
                            $_REQUEST['searchField'] = 'd.text';
                            break;
                        case 'language':
                            $_REQUEST['searchField'] = 'd.lang';
                            break;
                        case 'category':
                            $_REQUEST['searchField'] = 'i.category';
                            break;
                        case 'dates':
                            $_REQUEST['searchField'] = 'i.date_published';
                            break;
                        case 'permission':
                            $_REQUEST['searchField'] = 'i.permission';
                            break;
                        default:
                    }
                    if ($_REQUEST['sidx'] == 'dates') {
                        $_REQUEST['sidx'] = 'i.date_published';
                    }
                    $page = intval($_REQUEST['page']);
                    $max = intval($_REQUEST['rows']);
                    $offset = ($page - 1) * $max;
                    $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
                    $where = ' i.website = ' . $website->id;
                    if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) {
                        if (isset($_REQUEST['quicksearch'])) {
                            $where .= $item->quicksearch($_REQUEST['quicksearch']);
                        } else {
                            if (isset($_REQUEST['filters'])) {
                                if (is_array($_REQUEST['filters'])) {
                                    $filters = json_decode(json_encode($_REQUEST['filters']), FALSE);
                                } else {
                                    $filters = json_decode($_REQUEST['filters']);
                                }
                                for ($r = 0; $r < count($filters->rules); $r++) {
                                    switch ($filters->rules[$r]->field) {
                                        case 'id':
                                            $filters->rules[$r]->field = 'i.id';
                                            break;
                                        case 'title':
                                            $filters->rules[$r]->field = 'd.text';
                                            break;
                                        case 'language':
                                            $filters->rules[$r]->field = 'd.lang';
                                            break;
                                        case 'category':
                                            $filters->rules[$r]->field = 'i.category';
                                            break;
                                        case 'dates':
                                            $filters->rules[$r]->field = 'i.date_published';
                                            break;
                                        case 'permission':
                                            $filters->rules[$r]->field = 'i.permission';
                                            break;
                                        default:
                                    }
                                }
                                $where .= navitable::jqgridsearch(json_encode($filters));
                            } else {
                                // single search
                                $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']);
                            }
                        }
                    }
                    $sql = ' SELECT SQL_CALC_FOUND_ROWS
					                i.*, d.text as title, d.lang as language,
                                    u.username as author_username,
                                    (   SELECT COUNT(*)
                                        FROM nv_comments cm
                                        WHERE cm.item = i.id
                                          AND cm.website = ' . $website->id . '
                                    ) as comments
							   FROM nv_items i
						  LEFT JOIN nv_webdictionary d
						  		 	 ON i.id = d.node_id
								 	AND d.node_type = "item"
									AND d.subtype = "title"
									AND d.lang = "' . $website->languages_list[0] . '"
									AND d.website = ' . $website->id . '
						  LEFT JOIN nv_users u
						  			 ON u.id = i.author
							  WHERE ' . $where . '	
						   GROUP BY i.id, d.text, d.lang, u.username						   
						   ORDER BY ' . $orderby . ' 
							  LIMIT ' . $max . '
							 OFFSET ' . $offset;
                    if (!$DB->query($sql, 'array')) {
                        throw new Exception($DB->get_last_error());
                    }
                    $dataset = $DB->result();
                    $total = $DB->foundRows();
                    $dataset = grid_notes::summary($dataset, 'item', 'id');
                    $access = array(0 => '<img src="img/icons/silk/page_white_go.png" align="absmiddle" title="' . t(254, 'Everybody') . '" />', 1 => '<img src="img/icons/silk/lock.png" align="absmiddle" title="' . t(361, 'Web users only') . '" />', 2 => '<img src="img/icons/silk/user_gray.png" align="absmiddle" title="' . t(363, 'Users who have not yet signed up or signed in') . '" />', 3 => '<img src="img/icons/silk/group_key.png" align="absmiddle" title="' . t(512, "Selected web user groups") . '" />');
                    $permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden'));
                    $hierarchy = structure::hierarchy(0);
                    // we need to format the values and retrieve the needed strings from the dictionary
                    $out = array();
                    for ($i = 0; $i < count($dataset); $i++) {
                        if (empty($dataset[$i])) {
                            continue;
                        }
                        if (empty($dataset[$i]['date_published'])) {
                            $dataset[$i]['date_published'] = '&infin;';
                        } else {
                            $dataset[$i]['date_published'] = core_ts2date($dataset[$i]['date_published'], false);
                        }
                        if (empty($dataset[$i]['date_unpublish'])) {
                            $dataset[$i]['date_unpublish'] = '&infin;';
                        } else {
                            $dataset[$i]['date_unpublish'] = core_ts2date($dataset[$i]['date_unpublish'], false);
                        }
                        if (empty($dataset[$i]['date_to_display'])) {
                            $dataset[$i]['date_to_display'] = '';
                        } else {
                            $dataset[$i]['date_to_display'] = core_ts2date($dataset[$i]['date_to_display'], false);
                        }
                        if ($dataset[$i]['category'] > 0) {
                            $category_path = structure::hierarchyPath($hierarchy, $dataset[$i]['category']);
                            if (is_array($category_path)) {
                                $dataset[$i]['category_path'] = implode(' › ', $category_path);
                            } else {
                                $dataset[$i]['category_path'] = $category_path;
                            }
                        }
                        $category_text = '';
                        if ($dataset[$i]['association'] == 'free') {
                            $category_text = '[ ' . strtolower(t(100, 'Free')) . ' ]';
                        } else {
                            $category_text = $dataset[$i]['category_path'];
                        }
                        $item_views = $dataset[$i]['views'];
                        if ($item_views > 1000) {
                            $item_views = round($item_views / 1000) . "K";
                        }
                        $item_comments = $dataset[$i]['comments'];
                        if ($item_comments > 1000) {
                            $item_comments = round($item_comments / 1000) . "K";
                        }
                        //$social_rating = '<img src="img/icons/silk/star.png" align="absmiddle" width="12px" height="12px" /> '.
                        //    '<span style="font-size: 90%;">'.$dataset[$i]['score'].' ('.$dataset[$i]['votes'].')</span>';
                        //$social_rating = '<i class="fa fa-fw fa-eye" /> <span style="font-size: 90%;">'.$dataset[$i]['views'].'</span>';
                        $social_rating = '<img src="img/icons/silk/eye.png" align="absmiddle" width="12px" height="12px" /> ' . '<span style="font-size: 90%;">' . $item_views . '</span>';
                        //$social_comments = '<i class="fa fa-fw fa-comments-o" /> <span style="font-size: 90%;">'.$dataset[$i]['comments'].'</span>';
                        $social_comments = '<img src="img/icons/silk/comments.png" align="absmiddle" width="12px" height="12px" /> ' . '<span style="font-size: 90%;">' . $item_comments . '</span>';
                        if (empty($dataset[$i]['title'])) {
                            // if title is empty for the default language,
                            // try to load the title in another language
                            $DB->query('
                                SELECT lang, text
                                  FROM nv_webdictionary
                                 WHERE website = ' . $website->id . ' AND
                                        node_type = "item" AND
                                        subtype="title" AND
                                        node_id = ' . $dataset[$i]['id'] . ' AND
                                        text != ""
                                ORDER BY id ASC');
                            $titles = $DB->result();
                            if (!empty($titles)) {
                                $dataset[$i]['title'] = '<img src="img/icons/silk/comment.png" align="absmiddle" />';
                                $dataset[$i]['title'] .= '<small>' . $titles[0]->lang . '</small>&nbsp;&nbsp;';
                                $dataset[$i]['title'] .= $titles[0]->text;
                            }
                        }
                        $out[$i] = array(0 => $dataset[$i]['id'], 1 => '<div class="list-row" data-permission="' . $dataset[$i]['permission'] . '">' . $dataset[$i]['title'] . '</div>', 2 => $social_rating . '&nbsp;&nbsp;' . $social_comments, 3 => $category_text, 4 => $dataset[$i]['date_to_display'], 5 => $dataset[$i]['date_published'] . ' - ' . $dataset[$i]['date_unpublish'], 6 => $access[$dataset[$i]['access']] . ' ' . $permissions[$dataset[$i]['permission']], 7 => $dataset[$i]['_grid_notes_html']);
                    }
                    navitable::jqgridJson($out, $page, $offset, $max, $total);
                    break;
            }
            core_terminate();
            break;
        case 'load':
        case 'create':
        case 'edit':
        case 2:
            // edit/new form
            if (!empty($_REQUEST['id'])) {
                $item->load(intval($_REQUEST['id']));
                if ($user->permission("items.edit") == "false" && $item->author != $user->id) {
                    $layout->navigate_notification(t(610, "Sorry, you are not allowed to execute the requested function"), true);
                    $_REQUEST['act'] = 'list';
                    return run();
                }
                // check if the current user can edit this item
                if ($item->association == 'category' && !empty($item->category)) {
                    if (!structure::category_allowed($item->category)) {
                        $layout->navigate_notification(t(610, "Sorry, you are not allowed to execute the requested function"), true);
                        $_REQUEST['act'] = 'list';
                        return run();
                    }
                }
            }
            if (isset($_REQUEST['form-sent'])) {
                $item->load_from_post();
                try {
                    $item->save();
                    property::save_properties_from_post('item', $item->id);
                    if (!empty($_REQUEST['items-order'])) {
                        item::reorder($_REQUEST['items-order']);
                    }
                    $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
                    $item->load($item->id);
                    users_log::action($_REQUEST['fid'], $item->id, 'save', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST));
                } catch (Exception $e) {
                    $layout->navigate_notification($e->getMessage(), true, true);
                }
            } else {
                users_log::action($_REQUEST['fid'], $item->id, 'load', $item->dictionary[$website->languages_list[0]]['title']);
            }
            $out = items_form($item);
            break;
        case 'delete':
        case 4:
            // remove
            if (!empty($_REQUEST['id'])) {
                $item->load(intval($_REQUEST['id']));
                try {
                    if (!empty($item->id)) {
                        $deleted = $item->delete() > 0;
                        if ($deleted) {
                            $layout->navigate_notification(t(55, 'Item removed successfully.'), false);
                            $out = items_list();
                            users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST));
                        }
                    }
                    if (!$deleted) {
                        $layout->navigate_notification(t(56, 'Unexpected error.'), false);
                        if (!empty($item->id)) {
                            $out = items_form($item);
                        } else {
                            $out = items_list();
                        }
                    }
                } catch (Exception $e) {
                    $layout->navigate_notification($e->getMessage(), true);
                    if (!empty($item->id)) {
                        $out = items_form($item);
                    }
                }
            }
            break;
        case 'duplicate':
            if (!empty($_REQUEST['id'])) {
                $item->load(intval($_REQUEST['id']));
                if ($item->association == 'category' && $item->embedding == 1) {
                    // get structure template
                    $category = new structure();
                    $category->load($item->category);
                    $properties = property::load_properties_associative('structure', $category->template, 'item', $item->id);
                } else {
                    $properties = property::load_properties_associative('item', $item->template, 'item', $item->id);
                }
                // try to duplicate
                $item->id = 0;
                $ok = $item->insert();
                if ($ok) {
                    // duplicate item properties too (but don't duplicate comments)
                    if ($item->association == 'category' && $item->embedding == 1) {
                        $ok = property::save_properties_from_array('item', $item->id, $category->template, $properties);
                    } else {
                        $ok = property::save_properties_from_array('item', $item->id, $item->template, $properties);
                    }
                }
                if ($ok) {
                    $layout->navigate_notification(t(478, 'Item duplicated successfully.'), false, false, 'fa fa-check');
                    $out = items_form($item);
                } else {
                    $layout->navigate_notification(t(56, 'Unexpected error.'), false);
                    $item = new item();
                    $item->load(intval($_REQUEST['id']));
                    $out = items_form($item);
                }
                users_log::action($_REQUEST['fid'], $item->id, 'duplicate', $item->dictionary[$website->languages_list[0]]['title'], json_encode($_REQUEST));
            }
            break;
        case 89:
            if (!empty($_REQUEST['id'])) {
                $DB->execute('DELETE FROM nv_webdictionary_history WHERE id = ' . intval($_REQUEST['id']) . ' LIMIT 1');
                echo 'true';
            } else {
                echo 'false';
            }
            core_terminate();
            break;
        case 90:
            $DB->query('SELECT id, date_created, autosave
						  FROM nv_webdictionary_history
						 WHERE node_type = "item"
						   AND subtype = ' . protect('section-' . $_REQUEST['section']) . '
						   AND lang = ' . protect($_GET['lang']) . '
						   AND node_id = ' . protect($_REQUEST['id']) . '
						   AND website = ' . $website->id . ' 
				      ORDER BY date_created DESC', 'array');
            $result = $DB->result();
            if (!is_array($result)) {
                $result = array();
            }
            for ($i = 0; $i < count($result); $i++) {
                $result[$i]['date'] = core_ts2date($result[$i]['date_created'], true);
                if ($result[$i]['autosave'] == 1) {
                    $result[$i]['date'] .= ' (' . t(273, 'Autosave') . ')';
                }
            }
            echo json_encode($result);
            core_terminate();
            break;
        case "search_by_title":
        case 91:
            // json search title request (for "copy from" dialog)
            $DB->query('
				SELECT node_id as id, text as label, text as value
				  FROM nv_webdictionary
				 WHERE node_type = "item"
				   AND subtype = "title"
				   AND lang = ' . protect($_REQUEST['lang']) . '
				   AND website = ' . $website->id . '
				   AND text LIKE ' . protect('%' . $_REQUEST['title'] . '%') . '
		      ORDER BY text ASC
			     LIMIT 20', 'array');
            echo json_encode($DB->result());
            core_terminate();
            break;
        case "raw_zone_content":
            // return raw item contents
            if (empty($_REQUEST['section'])) {
                $_REQUEST['section'] = 'main';
            }
            if ($_REQUEST['history'] == 'true') {
                $DB->query('SELECT text
							  FROM nv_webdictionary_history
							 WHERE node_type = "item"
							   AND website = ' . $website->id . ' 
							   AND id = ' . protect($_REQUEST['id']), 'array');
                $data = $DB->first();
                echo $data['text'];
            } else {
                if ($_REQUEST['zone'] == 'section') {
                    $DB->query('SELECT text
							  FROM nv_webdictionary
							 WHERE node_type = "item"
							   AND subtype = ' . protect('section-' . $_REQUEST['section']) . '
							   AND lang = ' . protect($_REQUEST['lang']) . '
							   AND website = ' . $website->id . ' 
							   AND node_id = ' . protect($_REQUEST['node_id']), 'array');
                    $data = $DB->first();
                    echo $data['text'];
                } else {
                    if ($_REQUEST['zone'] == 'property') {
                        $DB->query('SELECT text
							  FROM nv_webdictionary
							 WHERE node_type = "property-item"
							   AND subtype = ' . protect('property-' . $_REQUEST['section'] . '-' . $_REQUEST['lang']) . '
							   AND lang = ' . protect($_REQUEST['lang']) . '
							   AND website = ' . $website->id . '
							   AND node_id = ' . protect($_REQUEST['node_id']), 'array');
                        $data = $DB->first();
                        echo $data['text'];
                    }
                }
            }
            core_terminate();
            break;
            // return raw template content
        // return raw template content
        case 93:
            $DB->query('SELECT file
						  FROM nv_templates
						 WHERE enabled = 1
						   AND id = ' . protect($_REQUEST['id']) . '
						   AND website = ' . $website->id, 'array');
            $data = $DB->first();
            echo @file_get_contents(NAVIGATE_PRIVATE . '/' . $website->id . '/templates/' . $data['file']);
            core_terminate();
            break;
        case "copy_from_template_zones":
            // return template sections and (textarea) properties for a content id
            $item = new item();
            $item->load(intval($_REQUEST['id']));
            $template = $item->load_template();
            $zones = array();
            for ($ts = 0; $ts < count($template->sections); $ts++) {
                $title = $template->sections[$ts]['name'];
                if (!empty($theme)) {
                    $title = $theme->t($title);
                }
                if ($title == '#main#') {
                    $title = t(238, 'Main content');
                }
                $zones[] = array('type' => 'section', 'id' => $template->sections[$ts]['id'], 'title' => $title);
            }
            for ($ps = 0; $ps < count($template->properties); $ps++) {
                // ignore structure properties
                if (isset($template->properties[$ps]->element) && $template->properties[$ps]->element != 'item') {
                    continue;
                }
                // ignore non-textual properties
                if (!in_array($template->properties[$ps]->type, array("text", "textarea", "rich_textarea"))) {
                    continue;
                }
                $title = $template->properties[$ps]->name;
                if (!empty($theme)) {
                    $title = $theme->t($title);
                }
                $zones[] = array('type' => 'property', 'id' => $template->properties[$ps]->id, 'title' => $title);
            }
            echo json_encode($zones);
            core_terminate();
            break;
        case 95:
            // free path checking
            $path = $_REQUEST['path'];
            $id = $_REQUEST['id'];
            $DB->query('SELECT type, object_id, lang
	 					  FROM nv_paths
						 WHERE path = ' . protect($path) . '
						   AND website = ' . $website->id);
            $rs = $DB->result();
            echo json_encode($rs);
            core_terminate();
            break;
        case 96:
            // return category paths
            echo json_encode(path::loadElementPaths('structure', intval($_REQUEST['id'])));
            core_terminate();
            break;
        case 'json_find_user':
            // json find user by name request (for "moderator" autocomplete)
            $DB->query('
				SELECT id, username as text
				  FROM nv_users
				 WHERE username LIKE ' . protect('%' . $_REQUEST['username'] . '%') . '
		      ORDER BY username ASC
			     LIMIT 30', 'array
			');
            $rows = $DB->result();
            $total = $DB->foundRows();
            echo json_encode(array('items' => $rows, 'total_count' => $total));
            core_terminate();
            break;
        case 'json_find_item':
            // find items by its title
            // any language
            $template_filter = '';
            if (!empty($_REQUEST['template'])) {
                $template_filter = ' AND nvi.template = ' . protect($_REQUEST['template']) . ' ';
            }
            if (!empty($_REQUEST['association'])) {
                $template_filter = ' AND nvi.association = ' . protect($_REQUEST['association']) . ' ';
            }
            if (isset($_REQUEST['embedding'])) {
                $template_filter = ' AND nvi.embedding = ' . protect($_REQUEST['embedding']) . ' ';
            }
            $text = $_REQUEST['title'];
            if (!empty($_REQUEST['term'])) {
                // tagit request
                $text = $_REQUEST['term'];
            }
            $DB->query('
				SELECT SQL_CALC_FOUND_ROWS DISTINCT nvw.node_id as id, nvw.text as text
				  FROM nv_webdictionary nvw, nv_items nvi
				 WHERE nvw.node_type = "item"
				   AND nvw.node_id = nvi.id
				   ' . $template_filter . '
				   AND nvw.subtype = "title"
				   AND nvw.website = ' . $website->id . '
				   AND nvw.website = nvi.website
				   AND nvw.text LIKE ' . protect('%' . $text . '%') . '
		        GROUP BY nvw.node_id, nvw.text
		        ORDER BY nvw.text ASC
			     LIMIT ' . intval($_REQUEST['page_limit']) . '
			     OFFSET ' . max(0, intval($_REQUEST['page_limit']) * (intval($_REQUEST['page']) - 1)), 'array');
            $rows = $DB->result();
            $total = $DB->foundRows();
            if ($_REQUEST['association'] == 'free') {
                for ($i = 0; $i < count($rows); $i++) {
                    $rows[$i]['path'] = $DB->query_single('path', 'nv_paths', '	website = ' . protect($website->id) . ' AND 
							type="item" AND 
							object_id="' . $rows[$i]['id'] . '" AND 
							lang="' . $website->languages_list[0] . '"
						');
                    if (empty($rows[$i]['path'])) {
                        $rows[$i]['path'] = '/node/' . $rows[$i]['id'];
                    }
                }
            }
            if (empty($_REQUEST['format']) || $_REQUEST['format'] == 'select2') {
                echo json_encode(array('items' => $rows, 'totalCount' => $total));
            } else {
                if ($_REQUEST['format'] == 'tagit') {
                    $tags_json = array();
                    foreach ($rows as $row) {
                        $tags_json[] = json_decode('{ "id": "' . $row['id'] . '", "label": "' . $row['text'] . '", "value": "' . $row['text'] . '" }');
                    }
                    echo json_encode($tags_json);
                }
            }
            core_terminate();
            break;
        case 98:
            // change comment status
            if (empty($_REQUEST['id'])) {
                echo "false";
                core_terminate();
            }
            switch ($_REQUEST['opt']) {
                case 'publish':
                    $DB->execute('
						UPDATE nv_comments
						   SET status = 0
						 WHERE website = ' . $website->id . ' AND
						       id = ' . $_REQUEST['id']);
                    break;
                case 'unpublish':
                    $DB->execute('
						UPDATE nv_comments
						   SET status = 1
						 WHERE website = ' . $website->id . ' AND
						       id = ' . $_REQUEST['id']);
                    break;
                case 'delete':
                    $DB->execute('
						DELETE FROM nv_comments
						 WHERE website = ' . $website->id . ' AND
							   id = ' . $_REQUEST['id']);
                    break;
            }
            $error = $DB->get_last_error();
            if (empty($error)) {
                echo 'true';
            } else {
                echo 'false';
            }
            core_terminate();
            break;
        case 'autosave':
            if (!empty($_REQUEST['id'])) {
                $iDictionary = array();
                foreach ($_REQUEST as $key => $value) {
                    if (strpos($key, 'section-') === 0) {
                        $lang = substr($key, -2, 2);
                        $kname = substr($key, 0, strlen($key) - 3);
                        $iDictionary[$lang][$kname] = $value;
                    }
                }
                $changed = webdictionary_history::save_element_strings('item', intval($_REQUEST['id']), $iDictionary, true);
                if ($changed) {
                    echo 'changes_saved';
                } else {
                    echo 'no_changes';
                }
                core_terminate();
            }
            echo 'false';
            core_terminate();
            break;
        case 'votes_reset':
            webuser_vote::remove_object_votes('item', intval($_REQUEST['id']));
            echo 'true';
            core_terminate();
            break;
        case 'votes_by_webuser':
            if ($_POST['oper'] == 'del') {
                $ids = explode(',', $_POST['id']);
                for ($i = 0; $i < count($ids); $i++) {
                    if ($ids[$i] > 0) {
                        $vote = new webuser_vote();
                        $vote->load($ids[$i]);
                        $vote->delete();
                    }
                }
                webuser_vote::update_object_score('item', $vote->object_id);
                echo 'true';
                core_terminate();
            }
            $max = intval($_GET['rows']);
            $page = intval($_GET['page']);
            $offset = ($page - 1) * $max;
            if ($_REQUEST['_search'] == 'false') {
                list($dataset, $total) = webuser_vote::object_votes_by_webuser('item', intval($_REQUEST['id']), $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'], $offset, $max);
            }
            $out = array();
            for ($i = 0; $i < count($dataset); $i++) {
                if (empty($dataset[$i])) {
                    continue;
                }
                $out[$i] = array(0 => $dataset[$i]['id'], 1 => core_ts2date($dataset[$i]['date'], true), 2 => $dataset[$i]['username']);
            }
            navitable::jqgridJson($out, $page, $offset, $max, $total);
            core_terminate();
            break;
        case 'items_order':
            if (!empty($_POST['items-order'])) {
                // save new order
                $response = item::reorder($_POST['items-order']);
                if ($response !== true) {
                    echo $response['error'];
                } else {
                    echo 'true';
                }
            } else {
                // show ordered list
                echo items_order($_REQUEST['category']);
            }
            core_terminate();
            break;
        case 'json_tags_search':
            $tags = nvweb_tags_retrieve(null, null, 'top', $_REQUEST['term'], $_REQUEST['lang']);
            $tags_json = array();
            foreach (array_keys($tags) as $tag) {
                $tags_json[] = json_decode('{ "id": "' . $tag . '", "label": "' . $tag . '", "value": "' . $tag . '" }');
            }
            echo json_encode($tags_json);
            core_terminate();
            break;
        case 'json_tags_ranking':
            $tags = nvweb_tags_retrieve(100, null, 'top', null, $_REQUEST['lang']);
            $tags = array_keys($tags);
            echo json_encode($tags);
            core_terminate();
            break;
        case 'list':
        case 0:
            // list / search result
        // list / search result
        default:
            $out = items_list();
            break;
    }
    return $out;
}