public function generateMap() { $config = cmsCore::getInstance()->loadComponentConfig('users'); if (!$config['sw_guest']) { $this->page = 0; return; } $gen_map = parent::generateMap(); if ($gen_map === false) { return; } $is_end = false; $item_nums = 0; // Заносим в карту пользователей while ($is_end === false) { $results = cmsCore::c('db')->query("SELECT id, login, nickname FROM cms_users WHERE is_locked=0 AND is_deleted=0 ORDER BY nickname ASC LIMIT ". $item_nums .", 1000"); if (cmsCore::c('db')->num_rows($results)) { while ($user = cmsCore::c('db')->fetch_assoc($results)) { $this->writeMapItem(array( 'loc' => cmsCore::c('config')->host . cmsUser::getProfileURL($user['ligin']), 'changefreq' => 'daily', 'priority' => '0.8' )); $item_nums++; } } else { $is_end = true; } } $this->closeFile(); }
<?php } else { ?> <span class="offline"><?php echo $club['logdate']; ?></span> <?php } ?> </div> <div class="nickname"><a href="<?php echo cmsUser::getProfileURL($club['login']); ?>" style="color:#F00" title="<?php echo $_LANG['CLUB_ADMIN']; ?>"><?php echo $club['nickname']; ?></a></div> <?php if ($club['status']) { ?> <div class="microstatus"><?php echo $club['status']; ?></div> <?php } ?> </td> </tr> <?php } ?> <?php foreach($members as $usr) { ?> <tr> <td width="80" valign="top"><div class="avatar"><a href="<?php echo cmsUser::getProfileURL($usr['login']); ?>"><img border="0" class="usr_img_small" src="<?php echo $usr['admin_avatar']; ?>" /></a></div></td> <td valign="top"> <div title="<?php echo $_LANG['KARMA']; ?>" class="karma<?php if ($usr['karma'] > 0) { ?> pos<?php } ?><?php if ($usr['karma'] < 0) { ?> neg<?php } ?>"><?php if ($usr['karma'] > 0) { ?>+<?php } ?><?php echo $usr['karma']; ?></div> <div class="status"> <?php if ($usr['is_online']) { ?> <span class="online"><?php echo $_LANG['ONLINE']; ?></span> <?php } else { ?> <span class="offline"><?php echo $usr['logdate']; ?></span> <?php } ?> </div> <div class="nickname"><a href="<?php echo cmsUser::getProfileURL($usr['login']); ?>" <?php if ($usr['role'] == 'moderator') { ?>style="color:#090;" title="<?php echo $_LANG['MODERATOR']; ?>"<?php } ?>><?php echo $usr['nickname']; ?></a></div> <?php if ($usr['status']) { ?> <div class="microstatus"><?php echo $usr['status']; ?></div> <?php } ?> </td> </tr> <?php } ?> </table> </div> <?php echo $pagebar; ?>
} if (sizeof($loaded_files)) { cmsCore::addSessionMessage($_LANG['FILE_UPLOAD_FINISH'], 'success'); if ($model->config['filessize']) { cmsCore::addSessionMessage('<strong>' . $_LANG['FREE_SPACE_LEFT'] . ':</strong> ' . round($free_mb - $size_mb, 2) . ' ' . $_LANG['MBITE'], 'info'); } cmsCore::redirect('/users/' . $usr['id'] . '/files.html'); } else { cmsCore::addSessionMessage($_LANG['ERR_BIG_FILE'] . ' ' . $_LANG['ERR_FILE_NAME'], 'error'); cmsCore::redirectBack(); } } if (!cmsCore::inRequest('upload')) { $inPage->setTitle($_LANG['UPLOAD_FILES']); $inPage->addHeadJS('includes/jquery/multifile/jquery.multifile.js'); $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['FILES_ARCHIVE'], '/users/' . $usr['id'] . '/files.html'); $inPage->addPathway($_LANG['UPLOAD_FILES']); $inPage->addHeadJsLang(array('FILE_SELECTED', 'FILE_DENIED', 'FILE_DUPLICATE')); $post_max_b = trim(@ini_get('upload_max_filesize')); $last = mb_strtolower($post_max_b[mb_strlen($post_max_b) - 1]); switch ($last) { case 'g': $post_max_b *= 1024; case 'm': $post_max_b *= 1024; case 'k': $post_max_b *= 1024; } cmsPage::initTemplate('components', 'com_users_file_add')->assign('free_mb', $free_mb)->assign('post_max_b', $post_max_b)->assign('post_max_mb', round($post_max_b / 1024) / 1024 . ' ' . $_LANG['MBITE'])->assign('cfg', $model->config)->assign('types', $model->config['filestype'])->display('com_users_file_add.tpl'); }
</h2> <?php if ($article['showdesc']) { ?> <div class="con_desc"> <?php if ($article['image_small']) { ?> <div class="con_image"> <img src="<?php echo $article['image_small']; ?>" border="0" alt="<?php echo $this->escape($article['title']); ?>"/> </div> <?php } ?> <?php echo $article['description']; ?> </div> <?php } ?> <?php if ($article['showcomm'] || $article['showdate'] || $article['tagline']) { ?> <div class="con_details"> <?php if ($article['showdate']) { ?> <?php echo $article['fpubdate']; ?> - <a href="<?php echo cmsUser::getProfileURL($article['user_login']); ?>" style="color:#666"><?php echo $article['author']; ?></a> <?php } ?> <?php if ($article['showcomm']) { ?> <?php if ($article['showdate']) { ?> | <?php } ?> <a href="<?php echo $article['url']; ?>#c" title="<?php echo $_LANG['COMMENTS']; ?>"><?php echo $this->spellcount($article['comments'], $_LANG['COMMENT'], $_LANG['COMMENT2'], $_LANG['COMMENT10']); ?></a> <?php } ?> | <?php echo $this->spellcount($article['hits'], $_LANG['HIT'], $_LANG['HIT2'], $_LANG['HIT10']); ?> <?php if ($article['tagline']) { ?> | <strong><?php echo $_LANG['TAGS']; ?>:</strong> <?php echo $article['tagline']; ?> <?php } ?> | <strong><?php echo $_LANG['CAT']; ?>:</strong> <a href="<?php echo $article['cat_url']; ?>"><?php echo $article['cat_title']; ?></a> </div> <?php } ?> </td> </tr> <?php } ?>
function smarty_function_profile_url($params, &$smarty) { return cmsUser::getProfileURL($params['login']); }
function registration() { header('X-Frame-Options: DENY'); $inCore = cmsCore::getInstance(); $inPage = cmsPage::getInstance(); $inDB = cmsDatabase::getInstance(); $inUser = cmsUser::getInstance(); $inConf = cmsConfig::getInstance(); $model = new cms_model_registration(); cmsCore::loadModel('users'); $users_model = new cms_model_users(); global $_LANG; $do = $inCore->do; //============================================================================// if ($do == 'sendremind') { if ($inUser->id) { cmsCore::error404(); } $inPage->setTitle($_LANG['REMINDER_PASS']); $inPage->addPathway($_LANG['REMINDER_PASS']); if (!cmsCore::inRequest('goremind')) { cmsPage::initTemplate('components', 'com_registration_sendremind')->display('com_registration_sendremind.tpl'); } else { if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $email = cmsCore::request('email', 'email', ''); if (!$email) { cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error'); cmsCore::redirectBack(); } $usr = cmsUser::getShortUserData($email); if (!$usr || $usr['is_locked'] || $usr['is_deleted']) { cmsCore::addSessionMessage($_LANG['ADRESS'] . ' "' . $email . '" ' . $_LANG['NOT_IN_OUR_BASE'], 'error'); cmsCore::redirectBack(); } if (cmsUser::userIsAdmin($usr['id'])) { cmsCore::addSessionMessage($_LANG['NOT_ADMIN_SENDREMIND'], 'error'); cmsCore::redirectBack(); } $usercode = md5($usr['id'] . '-' . uniqid() . '-' . microtime() . '-' . PATH); $sql = "INSERT cms_users_activate (pubdate, user_id, code)\n VALUES (NOW(), '{$usr['id']}', '{$usercode}')"; $inDB->query($sql); $newpass_link = HOST . '/registration/remind/' . $usercode; $mail_message = $_LANG['HELLO'] . ', ' . $usr['nickname'] . '!' . "\n\n"; $mail_message .= $_LANG['REMINDER_TEXT'] . ' "' . $inConf->sitename . '".' . "\n\n"; $mail_message .= $_LANG['YOUR_LOGIN'] . ': ' . $usr['login'] . "\n\n"; $mail_message .= $_LANG['NEW_PASS_LINK'] . ":\n" . $newpass_link . "\n\n"; $mail_message .= $_LANG['LINK_EXPIRES'] . "\n\n"; $mail_message .= $_LANG['SIGNATURE'] . ', ' . $inConf->sitename . ' (' . HOST . ').' . "\n"; $mail_message .= date('d-m-Y (H:i)'); $inCore->mailText($email, $inConf->sitename . ' - ' . $_LANG['REMINDER_PASS'], $mail_message); cmsCore::addSessionMessage($_LANG['NEW_PAS_SENDED'], 'info'); cmsCore::redirect('/login'); } } //============================================================================// if ($do == 'remind') { if ($inUser->id) { cmsCore::error404(); } $usercode = cmsCore::request('code', 'str', ''); //проверяем формат кода if (!preg_match('/^[0-9a-f]{32}$/i', $usercode)) { cmsCore::error404(); } // проверяем код $user_id = $inDB->get_field('cms_users_activate', "code = '{$usercode}'", 'user_id'); if (!$user_id) { cmsCore::error404(); } //получаем пользователя $user = $inDB->get_fields('cms_users', "id = '{$user_id}'", '*'); if (!$user) { cmsCore::error404(); } if (cmsUser::userIsAdmin($user['id'])) { cmsCore::error404(); } if (cmsCore::inRequest('submit')) { if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $errors = false; $pass = cmsCore::request('pass', 'str', ''); $pass2 = cmsCore::request('pass2', 'str', ''); if (!$pass) { cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error'); $errors = true; } if ($pass && !$pass2) { cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error'); $errors = true; } if ($pass && $pass2 && mb_strlen($pass) < 6) { cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error'); $errors = true; } if ($pass && $pass2 && $pass != $pass2) { cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error'); $errors = true; } if ($errors) { cmsCore::redirectBack(); } $md5_pass = md5($pass); $inDB->query("UPDATE cms_users SET password = '******', logdate = NOW() WHERE id = '{$user['id']}'"); $inDB->query("DELETE FROM cms_users_activate WHERE code = '{$usercode}'"); cmsCore::addSessionMessage($_LANG['CHANGE_PASS_COMPLETED'], 'info'); $inUser->signInUser($user['login'], $pass, true); cmsCore::redirect(cmsUser::getProfileURL($user['login'])); } $inPage->setTitle($_LANG['RECOVER_PASS']); $inPage->addPathway($_LANG['RECOVER_PASS']); cmsPage::initTemplate('components', 'com_registration_remind')->assign('cfg', $model->config)->assign('user', $user)->display('com_registration_remind.tpl'); } //============================================================================// if ($do == 'register') { if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } if ($inUser->id && !$inUser->is_admin) { if ($inCore->menuId() == 1) { return; } else { cmsCore::error404(); } } // регистрация закрыта if (!$model->config['is_on']) { cmsCore::error404(); } // регистрация по инвайтам if ($model->config['reg_type'] == 'invite') { if (!$users_model->checkInvite(cmsUser::sessionGet('invite_code'))) { cmsCore::error404(); } } $errors = false; // получаем данные $item['login'] = cmsCore::request('login', 'str', ''); $item['email'] = cmsCore::request('email', 'email'); $item['icq'] = cmsCore::request('icq', 'str', ''); $item['city'] = cmsCore::request('city', 'str', ''); $item['nickname'] = cmsCore::request('nickname', 'str', ''); $item['realname1'] = cmsCore::request('realname1', 'str', ''); $item['realname2'] = cmsCore::request('realname2', 'str', ''); $pass = cmsCore::request('pass', 'str', ''); $pass2 = cmsCore::request('pass2', 'str', ''); // проверяем логин if (mb_strlen($item['login']) < 2 || mb_strlen($item['login']) > 15 || is_numeric($item['login']) || !preg_match("/^([a-z0-9])+\$/ui", $item['login'])) { cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error'); $errors = true; } // проверяем пароль if (!$pass) { cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error'); $errors = true; } if ($pass && !$pass2) { cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error'); $errors = true; } if ($pass && $pass2 && mb_strlen($pass) < 6) { cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error'); $errors = true; } if ($pass && $pass2 && $pass != $pass2) { cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error'); $errors = true; } // Проверяем nickname или имя и фамилию if ($model->config['name_mode'] == 'nickname') { if (!$item['nickname']) { cmsCore::addSessionMessage($_LANG['TYPE_NICKNAME'], 'error'); $errors = true; } } else { if (!$item['realname1']) { cmsCore::addSessionMessage($_LANG['TYPE_NAME'], 'error'); $errors = true; } if (!$item['realname2']) { cmsCore::addSessionMessage($_LANG['TYPE_SONAME'], 'error'); $errors = true; } $item['nickname'] = trim($item['realname1']) . ' ' . trim($item['realname2']); } if (mb_strlen($item['nickname']) < 2) { cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error'); $errors = true; } if ($model->getBadNickname($item['nickname'])) { cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error'); $errors = true; } // Проверяем email if (!$item['email']) { cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error'); $errors = true; } // День рождения list($item['bday'], $item['bmonth'], $item['byear']) = array_values(cmsCore::request('birthdate', 'array_int', array())); $item['birthdate'] = sprintf('%04d-%02d-%02d', $item['byear'], $item['bmonth'], $item['bday']); // получаем данные конструктора форм $item['formsdata'] = ''; if (isset($users_model->config['privforms'])) { if (is_array($users_model->config['privforms'])) { foreach ($users_model->config['privforms'] as $form_id) { $form_input = cmsForm::getFieldsInputValues($form_id); $item['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values'])); // Проверяем значения формы foreach ($form_input['errors'] as $field_error) { if ($field_error) { cmsCore::addSessionMessage($field_error, 'error'); $errors = true; } } } } } // Проверяем каптчу if (!cmsPage::checkCaptchaCode()) { cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error'); $errors = true; } // проверяем есть ли такой пользователь $user_exist = $inDB->get_fields('cms_users', "(login LIKE '{$item['login']}' OR email LIKE '{$item['email']}') AND is_deleted = 0", 'id, login, email'); if ($user_exist) { if ($user_exist['login'] == $item['login']) { cmsCore::addSessionMessage($_LANG['LOGIN'] . ' "' . $item['login'] . '" ' . $_LANG['IS_BUSY'], 'error'); $errors = true; } else { cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error'); $errors = true; } } // В случае ошибок, возвращаемся в форму if ($errors) { cmsUser::sessionPut('item', $item); cmsCore::redirect('/registration'); } ////////////////////////////////////////////// //////////// РЕГИСТРАЦИЯ ///////////////////// ////////////////////////////////////////////// $item['is_locked'] = $model->config['act']; $item['password'] = md5($pass); $item['orig_password'] = $pass; $item['group_id'] = $model->config['default_gid']; $item['regdate'] = date('Y-m-d H:i:s'); $item['logdate'] = date('Y-m-d H:i:s'); if (cmsUser::sessionGet('invite_code')) { $invite_code = cmsUser::sessionGet('invite_code'); $item['invited_by'] = (int) $users_model->getInviteOwner($invite_code); if ($item['invited_by']) { $users_model->closeInvite($invite_code); } cmsUser::sessionDel('invite_code'); } else { $item['invited_by'] = 0; } $item = cmsCore::callEvent('USER_BEFORE_REGISTER', $item); $item['id'] = $item['user_id'] = $inDB->insert('cms_users', $item); if (!$item['id']) { cmsCore::error404(); } $inDB->insert('cms_user_profiles', $item); cmsCore::callEvent('USER_REGISTER', $item); if ($item['is_locked']) { $model->sendActivationNotice($pass, $item['id']); cmsPage::includeTemplateFile('special/regactivate.php'); cmsCore::halt(); } else { cmsActions::log('add_user', array('object' => '', 'user_id' => $item['id'], 'object_url' => '', 'object_id' => $item['id'], 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => '')); if ($model->config['send_greetmsg']) { $model->sendGreetsMessage($item['id']); } $model->sendRegistrationNotice($pass, $item['id']); $back_url = $inUser->signInUser($item['login'], $pass, true); cmsCore::redirect($back_url); } } //============================================================================// if ($do == 'view') { $pagetitle = $inCore->getComponentTitle(); $inPage->setTitle($pagetitle); $inPage->addPathway($pagetitle); $inPage->addHeadJsLang(array('WRONG_PASS')); // Если пользователь авторизован, то не показываем форму регистрации, редирект в профиль. if ($inUser->id && !$inUser->is_admin) { if ($inCore->menuId() == 1) { return; } else { cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } } $correct_invite = cmsUser::sessionGet('invite_code') ? true : false; if ($model->config['reg_type'] == 'invite' && cmsCore::inRequest('invite_code')) { $invite_code = cmsCore::request('invite_code', 'str', ''); $correct_invite = $users_model->checkInvite($invite_code); if ($correct_invite) { cmsUser::sessionPut('invite_code', $invite_code); } else { cmsCore::addSessionMessage($_LANG['INCORRECT_INVITE'], 'error'); } } $item = cmsUser::sessionGet('item'); if ($item) { cmsUser::sessionDel('item'); } if (empty($item['birthdate'])) { $item['birthdate'] = date('Y-m-d'); } $private_forms = array(); if (isset($users_model->config['privforms'])) { if (is_array($users_model->config['privforms'])) { foreach ($users_model->config['privforms'] as $form_id) { $private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, array(), true)); } } } cmsPage::initTemplate('components', 'com_registration')->assign('cfg', $model->config)->assign('item', $item)->assign('pagetitle', $pagetitle)->assign('correct_invite', $correct_invite)->assign('private_forms', $private_forms)->display('com_registration.tpl'); } //============================================================================// if ($do == 'activate') { $code = cmsCore::request('code', 'str', ''); if (!$code) { cmsCore::error404(); } $user_id = $inDB->get_field('cms_users_activate', "code = '{$code}'", 'user_id'); if (!$user_id) { cmsCore::error404(); } $inDB->query("UPDATE cms_users SET is_locked = 0 WHERE id = '{$user_id}'"); $inDB->query("DELETE FROM cms_users_activate WHERE code = '{$code}'"); cmsCore::callEvent('USER_ACTIVATED', $user_id); if ($model->config['send_greetmsg']) { $model->sendGreetsMessage($user_id); } // Регистрируем событие cmsActions::log('add_user', array('object' => '', 'user_id' => $user_id, 'object_url' => '', 'object_id' => $user_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => '')); cmsCore::addSessionMessage($_LANG['ACTIVATION_COMPLETE'], 'info'); cmsUser::goToLogin(); } //============================================================================// if ($do == 'auth') { //====================// //== разлогивание ==// if (cmsCore::inRequest('logout')) { $inUser->logout(); cmsCore::redirect('/'); } //====================// //== авторизация ==// if (!cmsCore::inRequest('logout')) { // флаг неуспешных авторизаций $anti_brute_force = cmsUser::sessionGet('anti_brute_force'); $login = cmsCore::request('login', 'str', ''); $passw = cmsCore::request('pass', 'str', ''); $remember_pass = cmsCore::inRequest('remember'); // если нет логина или пароля, показываем форму входа if (!$login || !$passw) { if ($inUser->id && !$inUser->is_admin) { cmsCore::redirect('/'); } $inPage->setTitle($_LANG['SITE_LOGIN']); $inPage->addPathway($_LANG['SITE_LOGIN']); cmsPage::initTemplate('components', 'com_registration_login')->assign('cfg', $model->config)->assign('anti_brute_force', $anti_brute_force)->assign('is_sess_back', cmsUser::sessionGet('auth_back_url'))->display('com_registration_login.tpl'); if (!mb_strstr(cmsCore::getBackURL(), 'login')) { cmsUser::sessionPut('auth_back_url', cmsCore::getBackURL()); } return; } if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } // Проверяем каптчу if ($anti_brute_force && !cmsPage::checkCaptchaCode()) { cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error'); cmsCore::redirect('/login'); } cmsUser::sessionDel('anti_brute_force'); $back_url = $inUser->signInUser($login, $passw, $remember_pass); cmsCore::redirect($back_url); } } //============================================================================// if ($do == 'autherror') { cmsUser::sessionPut('anti_brute_force', 1); cmsPage::includeTemplateFile('special/autherror.php'); cmsCore::halt(); } //============================================================================// }
$perpage = 21; $pagination = cmsPage::getPagebar($total, $page, $perpage, '/users/%user%/photos/%album%%id%-%page%.html', array('user' => $usr['login'], 'album' => $album_type, 'id' => $album_id)); $page_photos = array(); $start = $perpage * ($page - 1); for ($p = $start; $p < $start + $perpage; $p++) { if ($photos[$p]) { $page_photos[] = $photos[$p]; } } $photos = $page_photos; unset($page_photos); } //Отдаем в шаблон cmsPage::initTemplate('components', 'com_users_photos')->assign('page_title', $album['title'])->assign('album_type', $album_type)->assign('album', $album)->assign('photos', $photos)->assign('user_id', $usr['id'])->assign('usr', $usr)->assign('my_profile', $my_profile)->assign('is_admin', $inUser->is_admin)->assign('pagebar', $pagination)->display('com_users_photos.tpl'); } //============================================================================// //============================ Удалить фотоальбом ============================// //============================================================================// if ($pdo == 'delalbum') { $album_id = cmsCore::request('album_id', 'int', '0'); $album = $model->getPhotoAlbum('private', $album_id); if (!$album) { cmsCore::error404(); } if (!$inUser->is_admin && $album['user_id'] != $inUser->id) { cmsCore::error404(); } $model->deletePhotoAlbum($id, $album_id); $user = cmsUser::getShortUserData($album['user_id']); cmsCore::redirect(cmsUser::getProfileURL($user['login'])); }
<table width="100%" cellspacing="0" cellpadding="0" class="blog_records"> <tr> <td width="" class="blog_entry_title_td"> <div class="blog_entry_title"> <?php if ($post['blog_url']) { ?> <a href="<?php echo $post['blog_url']; ?>" style="color:gray"><?php echo $post['blog_title']; ?></a> → <?php } ?> <a href="<?php echo $post['url']; ?>"><?php echo $post['title']; ?></a> </div> </td> </tr> <tr> <td> <div class="blog_entry_text"><?php echo $post['content_html']; ?></div> <div class="blog_comments"> <a class="blog_user" href="<?php echo cmsUser::getProfileURL($post['login']); ?>"><?php echo $post['author']; ?></a> <span class="blog_entry_date"><?php if (!$post['published']) { ?><span style="color:#CC0000"><?php echo $_LANG['ON_MODERATE']; ?></span><?php } else { ?><?php echo $post['fpubdate']; ?><?php } ?></span> <span class="post_karma"><?php echo $this->rating($post['rating']); ?></span> <span class="post_hits"><?php echo $post['hits']; ?></span> <?php if ($post['comments_count'] > 0) { ?> <a class="blog_comments_link" href="<?php echo $post['url']; ?>#c"><?php echo $this->spellcount($post['comments_count'], $_LANG['COMMENT'], $_LANG['COMMENT2'], $_LANG['COMMENT10']); ?></a> <?php } else { ?> <a class="blog_comments_link" href="<?php echo $post['url']; ?>#c"><?php echo $_LANG['NOT_COMMENTS']; ?></a> <?php } ?> <?php if ($post['tagline'] != false) { ?> <span class="tagline"><?php echo $post['tagline']; ?></span> <?php } ?> </div> </td> </tr> </table>
<div class="jclock">00:00:00</div> </td> <td> <?php $new_messages = cmsUser::getNewMessages($inUser->id); if ($new_messages['total']) { $msg_link = '<a href="/users/' . $inUser->id . '/messages.html" style="color:yellow">' . $_LANG['AD_NEW_MSG'] . ' (' . $new_messages['total'] . ')</a>'; } else { $msg_link = '<span>' . $_LANG['NO'] . ' ' . $_LANG['NEW_MESSAGES'] . '</span>'; } ?> <div class="juser"><?php echo $_LANG['AD_YOU']; ?> — <a href="<?php echo cmsUser::getProfileURL($inUser->login); ?> " target="_blank" title="<?php echo $_LANG['AD_GO_PROFILE']; ?> "><?php echo $inDB->get_field('cms_users', 'id=' . $inUser->id, 'nickname'); ?> </a>, ip: <?php echo $inUser->ip; ?> </div> <div class="jmessages"><?php echo $msg_link; ?> </div>
public function getUser($login){ if(is_numeric($login)){ $where = "u.id = '{$login}'"; } else { $where = "u.login = '******'"; } $sql = "SELECT u.*, u.status as status_text, u.rating as user_rating, p.id as pid, p.city, p.description, p.showmail, p.showbirth, p.showicq, p.karma, p.imageurl, p.allow_who, p.gender as gender, p.formsdata, p.signature, p.email_newmsg, p.cm_subscribe, g.title as grp, g.alias as group_alias, b.user_id as banned, IFNULL(ui.login, '') as inv_login, IFNULL(ui.nickname, '') as inv_nickname FROM cms_users u INNER JOIN cms_user_profiles p ON p.user_id = u.id INNER JOIN cms_user_groups g ON g.id = u.group_id LEFT JOIN cms_banlist b ON b.user_id = u.id AND b.status = 1 LEFT JOIN cms_users ui ON ui.id = u.invited_by WHERE u.is_locked = 0 AND {$where} ORDER BY id DESC LIMIT 1"; $result = $this->inDB->query($sql); if (!$this->inDB->num_rows($result)){ return false; } $user = $this->inDB->fetch_assoc($result); global $_LANG; $user['avatar'] = cmsUser::getUserAvatarUrl($user['id'], 'big', $user['imageurl'], $user['is_deleted']); $user['status_date'] = cmsCore::dateDiffNow($user['status_date']); $user['flogdate'] = cmsUser::getOnlineStatus($user['id'], $user['logdate']); $user['fregdate'] = cmsCore::dateFormat($user['regdate']); $user['fbirthdate'] = cmsCore::dateFormat($user['birthdate']); $user['cityurl'] = urlencode($user['city']); $user['profile_link'] = HOST . cmsUser::getProfileURL($user['login']); $user['fdescription'] = cmsPage::getMetaSearchLink('/users/hobby/', $user['description']); $user['formsdata'] = cmsCore::yamlToArray($user['formsdata']); if ($user['gender']) { switch ($user['gender']){ case 'm': $user['fgender'] = $_LANG['MALES']; break; case 'f': $user['fgender'] = $_LANG['FEMALES']; break; default: $user['fgender'] = ''; } } return cmsCore::callEvent('GET_USER', $user); }
<?php if ($cfg['view_type'] == 'table') { ?> <?php foreach ($users as $user) { ?> <div class="mod_new_user"> <div class="mod_new_user_avatar"><a href="<?php echo cmsUser::getProfileURL($user['login']); ?>"><img border="0" class="usr_img_small" src="<?php echo $user['avatar']; ?>" /></a></div> <div class="mod_new_user_link"><a href="<?php echo cmsUser::getProfileURL($user['login']); ?>"><?php echo $user['nickname']; ?></a></div> </div> <?php } ?> <?php } ?> <?php if ($cfg['view_type'] == 'hr_table') { $col = 1; ?> <table cellspacing="5" border="0" width="100%"> <?php foreach ($users as $user) { ?> <?php if ($col == 1) { echo '<tr>'; } ?> <td width="" class="new_user_avatar" align="center" valign="middle"><a href="<?php echo cmsUser::getProfileURL($user['login']); ?>" class="new_user_link" title="<?php echo $this->escape($user['nickname']); ?>"><img border="0" class="usr_img_small" src="<?php echo $user['avatar']; ?>" /></a><div class="mod_new_user_link"><a href="<?php echo cmsUser::getProfileURL($user['login']); ?>"><?php echo $user['nickname']; ?></a></div> </td> <?php if ($col == $cfg['maxcool']) { echo '</tr>'; $col = 1; } else { $col++; } ?> <?php } ?> </table> <?php } ?> <?php if ($cfg['view_type'] == 'list') { $now = 0; foreach ($users as $user) { ?> <a href="<?php echo cmsUser::getProfileURL($user['login']); ?>" class="new_user_link"><?php echo $user['nickname']; ?></a> <?php $now++; if ($now != $total){ echo ' ,'; } ?> <?php } ?> <p><strong><?php echo $_LANG['LASTREG_TOTAL']; ?>:</strong> <?php echo $total_all; ?></p> <?php } ?>
<a class="blog_type_link" href="/blogs/single.html"><?php echo $_LANG['PERSONALS']; ?></a> <?php } ?> <?php if ($ownertype == 'multi') { ?> <span class="blog_type_active"><?php echo $_LANG['COLLECTIVES']; ?> <span class="blog_type_num">(<?php echo $total; ?>)</span></span> <?php } else { ?> <a class="blog_type_link" href="/blogs/multi.html"><?php echo $_LANG['COLLECTIVES']; ?></a> <?php } ?> </div> <?php if ($blogs) { ?> <table width="100%" cellspacing="0" cellpadding="4" class="blog_full_list"> <?php foreach($blogs as $blog) { ?> <tr> <td class="blog_title_td"><a class="blog_title" href="<?php echo $blog['url']; ?>"><?php echo $blog['title']; ?></a></td> <?php if ($blog['ownertype'] == 'single') { ?> <td width="220"><a class="blog_user" href="<?php echo cmsUser::getProfileURL($blog['login']); ?>"><?php echo $blog['nickname']; ?></a></td> <?php } else { ?> <td width="220"> </td> <?php } ?> <td width="40"><span class="blog_posts"><?php echo $blog['records']; ?></span></td> <td width="40"><span class="blog_comm"><?php echo $blog['comments_count']; ?></span></td> <?php if ($cfg['rss_one']) { ?> <td width="16"> <a class="blog_rss" href="/rss/blogs/<?php echo $blog['id']; ?>/feed.rss"></a> </td> <?php } ?> <td width="20" align="center" valign="middle"><?php echo $this->rating($blog['rating']); ?></td> </tr> <?php } ?> </table>
<?php foreach ($comments as $comment) { ?> <div class="mod_com_line"> <a class="mod_com_link" href="<?php echo $comment['target_link'] .'#c'. $comment['id']; ?>"><?php echo $this->truncate($this->strip_tags($comment['content']),90); ?></a> <?php if ($cfg['showtarg']) { echo $this->rating($comment['rating']); } ?> </div> <div class="mod_com_details"> <?php if (!$comment['is_profile']) { echo $comment['author']; } else { ?> <a class="mod_com_userlink" href="<?php echo cmsUser::getProfileURL($comment['author']['login']); ?>"><?php echo $comment['author']['nickname']; ?></a> <?php } ?> <?php echo $comment['fpubdate']; ?><br/> <?php if ($cfg['showtarg']) { ?> <a class="mod_com_targetlink" href="<?php echo $comment['target_link']; ?>"><?php echo $comment['target_title']; ?></a> <?php } ?> </div> <?php } ?> <?php if ($cfg['showrss']) { ?> <div style="margin-top:15px"> <a href="/rss/comments/all/feed.rss" class="mod_latest_rss"><?php echo $_LANG['COMMENTS_RSS']; ?></a> </div> <?php } ?> <div style="margin-top:5px"> <a href="/comments" class="mod_com_all"><?php echo $_LANG['COMMENTS_ALL']; ?></a> </div>
<div class="float_bar"> <strong><?php echo $_LANG['RATING']; ?>: </strong><span id="karmapoints"><?php echo $this->rating($photo['rating']); ?></span> | <strong><?php echo $_LANG['HITS']; ?>: </strong> <?php echo $photo['hits']; ?> | <?php if (!$photo['published']) { ?><span id="pub_photo_wait" style="color:#F00;"><?php echo $_LANG['WAIT_MODERING']; ?></span><span id="pub_photo_date" style="display:none;"><?php echo $photo['pubdate']; ?></span><?php } else { ?><?php echo $photo['pubdate']; ?><?php } ?> | <a href="<?php echo cmsUser::getProfileURL($photo['login']); ?>"><?php echo $photo['nickname']; ?></a> <?php if ($is_author || $is_admin || $is_moder) { ?>| <a class="ajaxlink" href="javascript:void(0)" onclick="clubs.editPhoto(<?php echo $photo['id']; ?>);return false;"><?php echo $_LANG['EDIT']; ?></a> <?php if ($is_admin || $is_moder) { ?><?php if (!$photo['published']) { ?><span id="pub_photo_link"> | <a class="ajaxlink" href="javascript:void(0)" onclick="clubs.publishPhoto(<?php echo $photo['id']; ?>);return false;"><?php echo $_LANG['PUBLISH']; ?></a></span><?php } ?> | <a class="ajaxlink" href="javascript:void(0)" onclick="clubs.deletePhoto(<?php echo $photo['id']; ?>, '<?php echo cmsUser::getCsrfToken(); ?>');return false;"><?php echo $_LANG['DELETE']; ?></a><?php } ?><?php } ?> </div> <h1 class="con_heading"><?php echo $photo['title']; ?></h1> <?php if ($photo['description']) { ?> <p class="photo_desc"><?php echo nl2br($photo['description']); ?> </p> <?php } ?> <table width="100%" cellspacing="0" cellpadding="3" border="0"> <tbody> <tr> <td width="150px" valign="middle" align="center"> <?php if ($photo['previd']) { ?> <cite><?php echo $_LANG['PREVIOUS']; ?></cite><br> <a href="/clubs/photo<?php echo $photo['previd']['id']; ?>.html#main"><img alt="{$photo.previd.title|escape:'html'}" src="/images/photos/small/<?php echo $photo['previd']['file']; ?>"></a> <?php } ?> </td> <td align="center" valign="top"> <?php if ($is_exists_original) { ?> <a href="/images/photos/<?php echo $photo['file']; ?>" class="photobox"> <img src="/images/photos/medium/<?php echo $photo['file']; ?>" alt="<?php echo $this->escape($photo['title']); ?>" id="view_photo" /> </a> <?php } else { ?> <img src="/images/photos/medium/<?php echo $photo['file']; ?>" alt="<?php echo $this->escape($photo['title']); ?>" id="view_photo" /> <?php } ?> </td> <td width="150px" valign="middle" align="center"> <?php if ($photo['nextid']) { ?> <cite><?php echo $_LANG['NEXT']; ?></cite><br> <a href="/clubs/photo<?php echo $photo['nextid']['id']; ?>.html#main"><img alt="{$photo.nextid.title|escape:'html'}" src="/images/photos/small/<?php echo $photo['nextid']['file']; ?>"></a> <?php } ?>
<span class="bd_item_is_vip"><?php echo $_LANG['VIP_ITEM']; ?></span> <?php } ?> <span class="bd_item_date"><?php echo $item['pubdate']; ?></span> <span class="bd_item_hits"><?php echo $item['hits']; ?></span> <?php if ($item['city']) { ?> <span class="bd_item_city"> <a href="/board/city/<?php echo $item['enc_city']; ?>"><?php echo $item['city']; ?></a> </span> <?php } ?> <?php if ($item['user']) { ?> <span class="bd_item_user"> <a href="<?php echo cmsUser::getProfileURL($item['user_login']); ?>"><?php echo $item['user']; ?></a> </span> <?php } else { ?> <span class="bd_item_user"><?php echo $_LANG['BOARD_GUEST']; ?></span> <?php } ?> <?php if ($item['moderator']) { ?> <span class="bd_item_edit"><a href="/board/edit<?php echo $item['id']; ?>.html"><?php echo $_LANG['EDIT']; ?></a></span> <?php if (!$item['published'] && ($is_admin || $is_moder)) { ?> <span class="bd_item_publish"><a href="/board/publish<?php echo $item['id']; ?>.html"><?php echo $_LANG['PUBLISH']; ?></a></span> <?php } ?> <span class="bd_item_delete"><a href="/board/delete<?php echo $item['id']; ?>.html"><?php echo $_LANG['DELETE']; ?></a></span> <?php } ?> <?php if ($item['is_overdue']) { ?> <span class="bd_item_status_bad"><?php echo $_LANG['ADV_IS_EXTEND']; ?></span>
/** * Авторизует пользователя * возвращает url для редиректа * @param str $login * @param str $passw * @param int $remember_pass * @return srt $back_url */ public function signInUser($login = '', $passw = '', $remember_pass = 1, $pass_in_md5 = 0) { if ($this->id) { return cmsCore::getBackURL(); } $default_back_url = '/auth/error.html'; if (!$login || !$passw) { return $default_back_url; } $inDB = cmsDatabase::getInstance(); $inCore = cmsCore::getInstance(); // Авторизация по логину или e-mail if (!preg_match("/^([a-z0-9\\._-]+)@([a-z0-9\\._-]+)\\.([a-z]{2,4})\$/ui", $login)) { $where_login = "******"; } else { $where_login = "******"; } $where_pass = $pass_in_md5 ? "u.password = '******'" : "u.password = md5('{$passw}')"; // Проверяем локальную пару логин + пароль $user = $this->loadUser(0, "{$where_login} AND {$where_pass}"); // иначе пытаемся авторизоваться через плагины if (!$user) { $user = cmsCore::callEvent('SIGNIN_USER', array('login' => $login, 'pass' => $passw)); } if (!$user) { return $default_back_url; } $_SESSION['user'] = $user; cmsCore::callEvent('USER_LOGIN', $_SESSION['user']); if ($remember_pass) { $cookie_code = md5($user['id'] . $user['password'] . PATH); cmsCore::setCookie('userid', $cookie_code, time() + 2592000); } // Флаг первой авторизации $first_time_auth = !$user['is_logged_once']; // обновляем дату последнего визита, ip self::setUserLogdate($user['id']); $inDB->query("UPDATE cms_users SET last_ip = '{$this->ip}', is_logged_once = 1 WHERE id = '{$user['id']}'"); // помечаем, что пользователь онлайн $inDB->query("UPDATE cms_online SET user_id = '{$user['id']}' WHERE sess_id = '" . session_id() . "'"); ////////////// юзер уже авторизован ////////////////////////// // Формируем url редиректа после авторизации // Получаем настройки что делать после авторизации $cfg = $inCore->loadComponentConfig('registration'); // Получаем URL, предыдущий перед формой логина $auth_back_url = cmsUser::sessionGet('auth_back_url'); $auth_back_url = $auth_back_url ? $auth_back_url : cmsCore::getBackURL(); if (strpos($auth_back_url, $_SERVER['HTTP_HOST']) === false || strpos($auth_back_url, '/auth/') !== false) { $auth_back_url = '/'; } cmsUser::sessionDel('auth_back_url'); // Авторизация в админку if ($_SESSION['user']['is_admin'] && cmsCore::inRequest('is_admin')) { return '/admin/'; } // Остальные пользователи if ($_SESSION['user']['id']) { if ($first_time_auth) { $cfg['auth_redirect'] = $cfg['first_auth_redirect']; } switch ($cfg['auth_redirect']) { case 'none': $url = $auth_back_url; break; case 'index': $url = '/'; break; case 'profile': $url = cmsUser::getProfileURL($user['login']); break; case 'editprofile': $url = '/users/' . $user['id'] . '/editprofile.html'; break; } return $url; } return $default_back_url; }
/** * Возвращает массив событий для ленты активности * @return array */ public function getActionsLog() { $inUser = cmsUser::getInstance(); if (!$this->only_friends) { $this->inDB->where('log.is_friends_only = 0'); } if (!$inUser->id) { $this->inDB->where('log.is_users_only = 0'); } $pactions = cmsCore::callEvent('GET_BEFORE_ACTIONS', false); if ($pactions !== false) { return $pactions; } $sql = "SELECT log.*,\r\n\t\t log.pubdate as orig_pubdate,\r\n a.message,\r\n a.name,\r\n u.nickname as user_nickname,\r\n u.login as user_login\r\n FROM cms_actions_log log\r\n LEFT JOIN cms_actions a ON a.id = log.action_id AND a.is_visible = 1\r\n LEFT JOIN cms_users u ON u.id = log.user_id\r\n WHERE 1=1 {$this->inDB->where}\r\n ORDER BY log.id DESC\r\n\t\t\t\t"; if ($this->inDB->limit) { $sql .= "LIMIT {$this->inDB->limit}"; } $result = $this->inDB->query($sql); // Сбрасываем условия $this->inDB->resetConditions(); if (!$this->inDB->num_rows($result)) { return false; } $actions = array(); global $_LANG; $last_date = ''; $today_date = date('j F Y'); $yesterday_date = date('j F Y', time() - 3600 * 24); while ($action = $this->inDB->fetch_assoc($result)) { $action['item_date'] = ''; $item_date = date('j F Y', strtotime($action['orig_pubdate'])); if ($item_date != $last_date) { switch ($item_date) { case $today_date: $date = icms_ucfirst($_LANG['TODAY']); break; case $yesterday_date: $date = icms_ucfirst($_LANG['YESTERDAY']); break; default: $date = cmsCore::dateFormat($item_date, true, false, false); } $action['item_date'] = $date; $last_date = $item_date; } $action['object_link'] = $action['target_link'] = ''; if ($action['object']) { $action['object_link'] = $action['object_url'] ? '<a href="' . $action['object_url'] . '" class="act_obj_' . $action['name'] . '">' . $action['object'] . '</a>' : $action['object']; } if ($action['target']) { $action['target_link'] = '<a href="' . $action['target_url'] . '" class="act_tgt_' . $action['name'] . '">' . $action['target'] . '</a>'; } if ($action['message']) { $target_pos = mb_strpos($action['message'], '|'); if ($target_pos !== false) { if (!$this->show_targets || !$action['target']) { $action['message'] = mb_substr($action['message'], 0, $target_pos); } else { $action['message'] = str_replace('|', '', $action['message']); } } $action['message'] = sprintf($action['message'], $action['object_link'], $action['target_link']); } $action['is_new'] = (bool) (strtotime($action['pubdate']) > strtotime($inUser->logdate)); $action['user_url'] = cmsUser::getProfileURL($action['user_login']); $action['pubdate'] = cmsCore::dateDiffNow($action['pubdate']); $actions[] = $action; } return cmsCore::callEvent('GET_ACTIONS', $actions); }
function board() { $inCore = cmsCore::getInstance(); global $_LANG; define('IS_BILLING', $inCore->isComponentInstalled('billing')); if (IS_BILLING) { cmsCore::loadClass('billing'); } $do = $inCore->do; $pagetitle = $inCore->getComponentTitle(); $pagekeys = $pagedesc = ''; cmsCore::c('page')->setTitle($pagetitle); cmsCore::c('page')->addPathway($pagetitle, '/board'); /////////////////////////////// VIEW CATEGORY ////////////////////////////////// if ($do == 'view') { //Получаем текущую категорию $category = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id); if (!$category || (!$category['published'] && !cmsCore::c('user')->is_admin)) { cmsCore::error404(); } if ($category['id'] != cmsCore::m('board')->root_cat['id']) { $pagetitle = $category['pagetitle'] ? $category['pagetitle'] : $category['title']; $pagekeys = $category['meta_keys']; $pagedesc = $category['meta_desc']; $category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $category['NSLeft'], $category['NSRight']); if ($category_path) { foreach($category_path as $pcat) { cmsCore::c('page')->addPathway($pcat['title'], '/board/'. $pcat['id']); } } } else { $category['title'] = $pagetitle = $inCore->menuTitle(); $category['description'] = cmsCore::m('board')->config['root_description']; $pagekeys = cmsCore::m('board')->config['meta_keys']; $pagedesc = cmsCore::m('board')->config['meta_desc']; } // rss в адресной строке $rss_cat_id = $category['id'] == cmsCore::m('board')->root_cat['id'] ? 'all' : $category['id']; cmsCore::c('page')->addHead('<link rel="alternate" type="application/rss+xml" title="'. $_LANG['BOARD'] .'" href="'. HOST .'/rss/board/'. $rss_cat_id .'/feed.rss">'); //Формируем категории $cats = cmsCore::m('board')->getSubCats($category['id']); // Формируем список объявлений // Устанавливаем категорию if ($category['id'] != cmsCore::m('board')->root_cat['id']) { cmsCore::m('board')->whereThisAndNestedCats($category['NSLeft'], $category['NSRight']); } //Город if (cmsCore::m('board')->city) { cmsCore::m('board')->whereCityIs(cmsCore::m('board')->city); $pagetitle .= ' :: '. cmsCore::m('board')->city; } // Типы объявлений if (cmsCore::m('board')->obtype && mb_stristr(icms_ucfirst($category['obtypes']), cmsCore::m('board')->obtype)) { cmsCore::m('board')->whereTypeIs(cmsCore::m('board')->obtype); $pagetitle .= ' :: '. cmsCore::m('board')->obtype; } // модератор или админ $is_moder = cmsCore::c('user')->is_admin || cmsCore::m('board')->is_moderator_by_group; // Общее количество объявлений по заданным выше условиям $total = cmsCore::m('board')->getAdvertsCount($is_moder, true); //устанавливаем сортировку $orderby = cmsCore::m('board')->getOrder('orderby', $category['orderby']); $orderto = cmsCore::m('board')->getOrder('orderto', $category['orderto']); cmsCore::c('db')->orderBy('is_vip DESC, '. $orderby, $orderto); //устанавливаем номер текущей страницы и кол-во объявлений на странице cmsCore::c('db')->limitPage(cmsCore::m('board')->page, $category['perpage']); // Получаем объявления $items = cmsCore::m('board')->getAdverts($is_moder, true, false, true); // Если объявлений на странице большей чем 1 нет, 404 if (!$items && cmsCore::m('board')->page > 1) { cmsCore::error404(); } // если не указаны ключевые слова, формируем их из названий рубрик и типов if (!$pagekeys && $cats) { foreach($cats as $c) { $keys[] = $c['title']; foreach (explode("\n", $c['obtypes']) as $obtype) { $keys[] = trim($obtype); } } $pagekeys = implode(',', $keys); } else if(!$cats) { $pagekeys = $category['title']; } // если не указано описание, формируем из текущих объявлений if (!$pagedesc && $items) { foreach ($items as $i) { $desc[] = $i['title']; } $pagedesc = implode('. ', $desc); } else if(!$items && $category['description']) { $pagedesc = crop($category['description']); } // Проставляем заголовки страницы и описание согласно выборки cmsCore::c('page')->setDescription(crop($pagedesc)); cmsCore::c('page')->setKeywords($pagekeys); cmsCore::c('page')->setTitle($pagetitle); // Отдаем в шаблон категории cmsPage::initTemplate('components', 'com_board_cats')-> assign('cats', $cats)-> assign('category', $category)-> assign('root_id', cmsCore::m('board')->root_cat['id'])-> assign('is_user', cmsCore::c('user')->id)-> assign('maxcols', cmsCore::m('board')->config['maxcols'])-> display(); $pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, $category['perpage'], '/board/%catid%-%page%', array('catid'=>$category['id'])); $order_form = $category['orderform'] ? cmsCore::m('board')->orderForm($orderby, $orderto, $category) : ''; // Отдаем в шаблон объявления cmsPage::initTemplate('components', 'com_board_items')-> assign('order_form', $order_form)-> assign('cfg', cmsCore::m('board')->config)-> assign('root_id', cmsCore::m('board')->root_cat['id'])-> assign('items', $items)-> assign('cat', $category)-> assign('maxcols', $category['maxcols'])-> assign('colwidth', round(100/$category['maxcols']))-> assign('pagebar', $pagebar)-> display(); } /////////////////////////////// VIEW USER ADV ////////////////////////////////// if ($do == 'by_user') { // логин пользователя $login = cmsCore::request('login', 'str', cmsCore::c('user')->login); // получаем данные пользователя $user = cmsUser::getShortUserData($login); if (!$user) { cmsCore::error404(); } $myprofile = cmsCore::m('board')->checkAccess($user['id']); cmsCore::c('page')->addPathway($user['nickname']); cmsCore::c('page')->setTitle($_LANG['BOARD'] .' - '. $user['nickname']); cmsCore::c('page')->setDescription($_LANG['BOARD'] .' - '. $user['nickname']); // Формируем список объявлений cmsCore::m('board')->whereUserIs($user['id']); // Общее количество объявлений по заданным выше условиям $total = cmsCore::m('board')->getAdvertsCount($myprofile); //устанавливаем сортировку cmsCore::c('db')->orderBy('pubdate', 'DESC'); //устанавливаем номер текущей страницы и кол-во объявлений на странице cmsCore::c('db')->limitPage(cmsCore::m('board')->page, 15); // Получаем объявления $items = cmsCore::m('board')->getAdverts($myprofile, true, false, true); // Если объявлений на странице большей чем 1 нет, 404 if(!$items && cmsCore::m('board')->page > 1){ cmsCore::error404(); } // Пагинация $pagebar = cmsPage::getPagebar($total, cmsCore::m('board')->page, 15, '/board/by_user_'.$login.'/page-%page%'); // Показываем даты $category['showdate'] = 1; cmsPage::initTemplate('components', 'com_board_items')-> assign('cfg', cmsCore::m('board')->config)-> assign('page_title', $_LANG['BOARD'].' - '.$user['nickname'])-> assign('root_id', cmsCore::m('board')->root_cat['id'])-> assign('items', $items)-> assign('cat', $category)-> assign('maxcols', 1)-> assign('colwidth', 100)-> assign('pagebar', $pagebar)-> display(); } /////////////////////////////// VIEW ITEM ////////////////////////////////////// if ($do == 'read') { // получаем объявление $item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id); if (!$item) { cmsCore::error404(); } // неопубликованные показываем админам, модераторам и автору if (!$item['published'] && !$item['moderator']) { cmsCore::error404(); } // для неопубликованного показываем инфо: просрочено/на модерации if (!$item['published']) { $info_text = $item['is_overdue'] ? $_LANG['ADV_IS_EXTEND'] : $_LANG['ADV_IS_MODER']; cmsCore::addSessionMessage($info_text, 'info'); } else { // увеличиваем кол-во просмотров cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'hits', $item['hits']+1); } // формируем заголовок и тело сообщения $item['title'] = $item['obtype'].' '.$item['title']; $item['content'] = nl2br($item['content']); $item['content'] = cmsCore::m('board')->config['auto_link'] ? $inCore->parseSmiles($item['content']) : $item['content']; $category_path = cmsCore::c('db')->getNsCategoryPath('cms_board_cats', $item['NSLeft'], $item['NSRight']); if ($category_path) { foreach ($category_path as $pcat) { cmsCore::c('page')->addPathway($pcat['title'], '/board/'.$pcat['id']); } } cmsCore::c('page')->addPathway($item['title']); $pagetitle = $item['pagetitle'] ? $item['pagetitle'] : $item['title']; $pagekeys = $item['meta_keys'] ? $item['meta_keys'] : $item['title']; $pagedesc = $item['meta_desc'] ? $item['meta_desc'] : $item['content']; cmsCore::c('page')->setTitle($pagetitle); cmsCore::c('page')->setDescription(crop($pagedesc)); cmsCore::c('page')->setKeywords($pagekeys); cmsPage::initTemplate('components', 'com_board_item')-> assign('item', $item)-> assign('cfg', cmsCore::m('board')->config)-> assign('user_id', cmsCore::c('user')->id)-> assign('is_admin', cmsCore::c('user')->is_admin)-> assign('formsdata', cmsForm::getFieldsValues($item['form_id'], $item['form_array']))-> assign('is_moder', cmsCore::m('board')->is_moderator_by_group)-> display(); } /////////////////////////////// NEW BOARD ITEM ///////////////////////////////// if ($do == 'additem') { // Получаем категории, в которые может загружать пользователь $catslist = cmsCore::m('board')->getPublicCats(cmsCore::m('board')->category_id); if (!$catslist) { cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV_ANY'], 'error'); $inCore->redirect('/board'); } $cat['is_photos'] = 1; $formsdata = array(); if (cmsCore::m('board')->category_id && cmsCore::m('board')->category_id != cmsCore::m('board')->root_cat['id']) { $cat = cmsCore::m('board')->getCategory(cmsCore::m('board')->category_id); $formsdata = cmsForm::getFieldsHtml($cat['form_id']); } cmsCore::c('page')->addPathway($_LANG['ADD_ADV']); if ( !cmsCore::inRequest('submit') ) { if (IS_BILLING) { cmsBilling::checkBalance('board', 'add_item'); } cmsCore::c('page')->setTitle($_LANG['ADD_ADV']); $item = cmsUser::sessionGet('item'); if ($item) { cmsUser::sessionDel('item'); } $item['city'] = !empty($item['city']) ? $item['city'] : cmsCore::c('user')->city; cmsPage::initTemplate('components', 'com_board_edit')-> assign('action', "/board/add.html")-> assign('form_do', 'add')-> assign('cfg', cmsCore::m('board')->config)-> assign('cat', $cat)-> assign('item', $item)-> assign('pagetitle', $_LANG['ADD_ADV'])-> assign('formsdata', $formsdata)-> assign('is_admin', cmsCore::c('user')->is_admin)-> assign('is_user', cmsCore::c('user')->id)-> assign('catslist', $catslist)-> assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)-> display(); cmsUser::sessionClearAll(); return; } if ( cmsCore::inRequest('submit') ) { // проверяем на заполненость скрытое поле $title_fake = cmsCore::request('title_fake', 'str', ''); // если оно заполнено, считаем что это бот, 404 if ($title_fake) { cmsCore::error404(); } $errors = false; // проверяем наличие категории if (!$cat['id']) { cmsCore::addSessionMessage($_LANG['NEED_CAT_ADV'], 'error'); $errors = true; } // Проверяем количество добавленных за сутки if (!cmsCore::m('board')->checkLoadedByUser24h($cat)){ cmsCore::addSessionMessage($_LANG['MAX_VALUE_OF_ADD_ADV'], 'error'); $errors = true; } // Можем ли добавлять в эту рубрику if (!cmsCore::m('board')->checkAdd($cat)){ cmsCore::addSessionMessage($_LANG['YOU_CANT_ADD_ADV'], 'error'); $errors = true; } // входные данные $obtype = icms_ucfirst(cmsCore::request('obtype', 'str', '')); $title = trim(str_ireplace($obtype, '', cmsCore::request('title', 'str', ''))); $content = cmsCore::request('content', 'str', ''); $city = cmsCore::request('city', 'str', ''); if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) { $pagetitle = cmsCore::request('pagetitle', 'str', ''); $meta_keys = cmsCore::request('meta_keys', 'str', ''); $meta_desc = cmsCore::request('meta_desc', 'str', ''); } else { $pagetitle = $meta_keys = $meta_desc = ''; } $form_input = cmsForm::getFieldsInputValues($cat['form_id']); $formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values'])); $vipdays = cmsCore::request('vipdays', 'int', 0); $published = cmsCore::m('board')->checkPublished($cat); if (cmsCore::m('board')->config['srok']){ $pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50; } if (!cmsCore::m('board')->config['srok']){ $pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14; } // Проверяем значения if (!$title) { cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error'); $errors = true; } if (!$content) { cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error'); $errors = true; } if (!$city) { cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error'); $errors = true; } if (!cmsCore::c('user')->id && !cmsCore::checkCaptchaCode()) { cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error'); $errors = true; } // Проверяем значения формы foreach ($form_input['errors'] as $field_error) { if ($field_error) { cmsCore::addSessionMessage($field_error, 'error'); $errors = true; } } if ($errors) { $item['content'] = htmlspecialchars(stripslashes($_REQUEST['content'])); $item['city'] = stripslashes($city); $item['title'] = stripslashes($title); $item['obtype'] = $obtype; cmsUser::sessionPut('item', $item); cmsCore::redirect('/board/'. cmsCore::m('board')->category_id .'/add.html'); } if ($cat['is_photos']) { // Загружаем фото $file = cmsCore::m('board')->uploadPhoto('', $cat); } else { $file['filename'] = ''; cmsCore::addSessionMessage($_LANG['INFO_CAT_NO_PHOTO'], 'info'); } $add = array( 'category_id' => cmsCore::m('board')->category_id, 'user_id' => cmsCore::c('user')->id, 'obtype' => $obtype, 'title' => $title, 'content' => $content, 'formsdata' => $formsdata, 'city' => $city, 'pubdays' => $pubdays, 'published' => $published, 'pagetitle' => $pagetitle, 'meta_keys' => $meta_keys, 'meta_desc' => $meta_desc, 'file' => $file['filename'] ); $add['id'] = cmsCore::m('board')->addRecord($add); if (cmsCore::c('user')->is_admin && $vipdays) { cmsCore::m('board')->setVip($add['id'], $vipdays); } if (IS_BILLING) { cmsBilling::process('board', 'add_item'); if (cmsCore::m('board')->config['vip_enabled'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) { if ($vipdays > cmsCore::m('board')->config['vip_max_days']) { $vipdays = cmsCore::m('board')->config['vip_max_days']; } $summ = $vipdays * cmsCore::m('board')->config['vip_day_cost']; if (cmsCore::c('user')->balance >= $summ) { cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']); cmsCore::m('board')->setVip($add['id'], $vipdays); } } } cmsUser::sessionClearAll(); if ($published) { //регистрируем событие cmsActions::log('add_board', array( 'object' => $obtype .' '. $title, 'object_url' => '/board/read'. $add['id'] .'.html', 'object_id' => $add['id'], 'target' => $cat['title'], 'target_url' => '/board/'. $cat['id'], 'target_id' => $cat['id'], 'description' => '' )); cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'], 'success'); cmsCore::callEvent('ADD_BOARD_DONE', $add); cmsCore::redirect('/board/read'. $add['id'] .'.html'); } if (!$published) { $link = '<a href="/board/read'. $add['id'] .'.html">'. $obtype .' '. $title .'</a>'; if (cmsCore::c('user')->id) { $user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>'; } else { $user = $_LANG['BOARD_GUEST'] .', ip: '. cmsCore::c('user')->ip; } $message = str_replace('%user%', $user, $_LANG['MSG_ADV_SUBMIT']); $message = str_replace('%link%', $link, $message); cmsUser::sendMessage(USER_UPDATER, 1, $message); cmsCore::addSessionMessage($_LANG['ADV_IS_ADDED'] .'<br>'. $_LANG['ADV_PREMODER_TEXT'], 'success'); cmsCore::redirect('/board/'.cmsCore::m('board')->category_id); } } } /////////////////////////////// EDIT BOARD ITEM //////////////////////////////// if ($do == 'edititem') { $item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id); $cat = cmsCore::m('board')->getCategory($item['category_id']); if (!$cat || !$item) { cmsCore::error404(); } cmsCore::c('page')->setTitle($_LANG['EDIT_ADV']); cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']); cmsCore::c('page')->addPathway($_LANG['EDIT_ADV']); if (!$item['moderator']) { cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error'); cmsCore::redirect('/board/read'. $item['id'] .'.html'); } $errors = false; if (!cmsCore::inRequest('submit')) { cmsPage::initTemplate('components', 'com_board_edit')-> assign('action', "/board/edit{$item['id']}.html")-> assign('form_do', 'edit')-> assign('cfg', cmsCore::m('board')->config)-> assign('cat', $cat)-> assign('item', $item)-> assign('pagetitle', $_LANG['EDIT_ADV'])-> assign('is_admin', cmsCore::c('user')->is_admin)-> assign('catslist', cmsCore::m('board')->getPublicCats($item['category_id'], true))-> assign('formsdata', cmsForm::getFieldsHtml($cat['form_id'], $item['form_array']))-> assign('is_user', cmsCore::c('user')->id)-> assign('is_billing', IS_BILLING)->assign('balance', cmsCore::c('user')->balance)-> display(); cmsUser::sessionClearAll(); } if (cmsCore::inRequest('submit')) { $new_cat_id = cmsCore::request('category_id', 'int', 0); if ($new_cat_id) { $item['category_id'] = $new_cat_id; } $form_input = cmsForm::getFieldsInputValues($cat['form_id']); $formsdata = cmsCore::c('db')->escape_string(cmsCore::arrayToYaml($form_input['values'])); if ($item['is_overdue'] && !$item['published']) { if (cmsCore::m('board')->config['srok']) { $pubdays = (cmsCore::request('pubdays', 'int') <= 50) ? cmsCore::request('pubdays', 'int') : 50; } if (!cmsCore::m('board')->config['srok']) { $pubdays = isset(cmsCore::m('board')->config['pubdays']) ? cmsCore::m('board')->config['pubdays'] : 14; } $pubdate = date('Y-m-d H:i:s'); } else { $pubdays = $item['pubdays']; $pubdate = $item['fpubdate']; } $update['obtype'] = icms_ucfirst(cmsCore::request('obtype', 'str')); $update['title'] = trim(str_ireplace($update['obtype'], '', cmsCore::request('title', 'str', ''))); $update['category_id'] = $item['category_id']; $update['content'] = cmsCore::request('content', 'str', ''); $update['formsdata'] = $formsdata; $update['city'] = cmsCore::request('city', 'str', ''); $update['pubdate'] = $pubdate; $update['pubdays'] = $pubdays; $update['published'] = cmsCore::m('board')->checkPublished($cat, true); if ((cmsCore::m('board')->config['seo_user_access'] && cmsCore::c('user')->id) || cmsCore::c('user')->is_admin) { $update['pagetitle'] = cmsCore::request('pagetitle', 'str', ''); $update['meta_keys'] = cmsCore::request('meta_keys', 'str', ''); $update['meta_desc'] = cmsCore::request('meta_desc', 'str', ''); } if (!$update['title']) { cmsCore::addSessionMessage($_LANG['NEED_TITLE'], 'error'); $errors = true; } if (!$update['content']) { cmsCore::addSessionMessage($_LANG['NEED_TEXT_ADV'], 'error'); $errors = true; } if (!$update['city']) { cmsCore::addSessionMessage($_LANG['NEED_CITY'], 'error'); $errors = true; } // Проверяем значения формы foreach ($form_input['errors'] as $field_error) { if ($field_error) { cmsCore::addSessionMessage($field_error, 'error'); $errors = true; } } if ($errors) { $inCore->redirect('/board/edit'. $item['id'] .'.html'); } if ($cat['is_photos']) { // Загружаем фото $file = cmsCore::m('board')->uploadPhoto($item['file'], $cat); } $update['file'] = $file['filename'] ? $file['filename'] : $item['file']; // обновляем объявление cmsCore::m('board')->updateRecord($item['id'], $update); // обновляем запись в ленте активности cmsActions::updateLog('add_board', array('object' => $update['obtype'] .' '. $update['title']), $item['id']); $vipdays = cmsCore::request('vipdays', 'int', 0); if (cmsCore::c('user')->is_admin) { if ($vipdays > 0) { cmsCore::m('board')->setVip($item['id'], $vipdays); } if ($vipdays == -1) { cmsCore::m('board')->deleteVip($item['id']); } } if (IS_BILLING) { if (cmsCore::m('board')->config['vip_enabled'] && cmsCore::m('board')->config['vip_prolong'] && $vipdays && cmsCore::m('board')->config['vip_day_cost']) { if ($vipdays > cmsCore::m('board')->config['vip_max_days']) { $vipdays = cmsCore::m('board')->config['vip_max_days']; } $summ = $vipdays * cmsCore::m('board')->config['vip_day_cost']; if (cmsCore::c('user')->balance >= $summ) { cmsBilling::pay(cmsCore::c('user')->id, $summ, $_LANG['VIP_ITEM']); cmsCore::m('board')->setVip($item['id'], $vipdays); } } } cmsUser::sessionClearAll(); if (!$update['published']) { $link = '<a href="/board/read'. $item['id'] .'.html">'. $update['obtype'] .' '. $update['title'] .'</a>'; $user = '******'. cmsUser::getProfileURL(cmsCore::c('user')->login) .'">'. cmsCore::c('user')->nickname .'</a>'; $message = str_replace(array('%link%','%user%'), array($link,$user), $_LANG['MSG_ADV_EDITED']); cmsUser::sendMessage(USER_UPDATER, 1, $message); cmsCore::addSessionMessage($_LANG['ADV_EDIT_PREMODER_TEXT'], 'info'); } cmsCore::addSessionMessage($_LANG['ADV_MODIFIED'], 'success'); cmsCore::redirect('/board/read'. $item['id'] .'.html'); } } ///////////////////////// PUBLISH BOARD ITEM /////////////////////////////////// if ($do == 'publish') { $item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id); if (!$item) { cmsCore::error404(); } // если уже опубликовано, 404 if ($item['published']) { cmsCore::error404(); } // публиковать могут админы и модераторы доски if (!cmsCore::c('user')->is_admin && !cmsCore::m('board')->is_moderator_by_group) { cmsCore::error404(); } // публикуем cmsCore::c('db')->setFlag('cms_board_items', cmsCore::m('board')->item_id, 'published', 1); cmsCore::callEvent('ADD_BOARD_DONE', $item); if ($item['user_id']) { //регистрируем событие cmsActions::log('add_board', array( 'object' => $item['obtype'] .' '. $item['title'], 'user_id' => $item['user_id'], 'object_url' => '/board/read'. $item['id'] .'.html', 'object_id' => $item['id'], 'target' => $item['category'], 'target_url' => '/board/'. $item['cat_id'], 'target_id' => $item['cat_id'], 'description' => '' )); $link = '<a href="/board/read'. $item['id'] .'.html">'. $item['obtype'] .' '. $item['title'] .'</a>'; $message = str_replace('%link%', $link, $_LANG['MSG_ADV_ACCEPTED']); cmsUser::sendMessage(USER_UPDATER, $item['user_id'], $message); } cmsCore::addSessionMessage($_LANG['ADV_IS_ACCEPTED'], 'success'); cmsCore::redirect('/board/read'. $item['id'] .'.html'); } /////////////////////////////// DELETE BOARD ITEM ////////////////////////////// if ($do == 'delete') { $item = cmsCore::m('board')->getRecord(cmsCore::m('board')->item_id); if (!$item) { cmsCore::error404(); } if (!$item['moderator']) { cmsCore::addSessionMessage($_LANG['YOU_HAVENT_ACCESS'], 'error'); cmsCore::redirect('/board/'. $item['cat_id']); } if (!cmsCore::inRequest('godelete')) { cmsCore::c('page')->setTitle($_LANG['DELETE_ADV']); cmsCore::c('page')->addPathway($item['category'], '/board/'. $item['cat_id']); cmsCore::c('page')->addPathway($_LANG['DELETE_ADV']); $confirm['title'] = $_LANG['DELETING_ADV']; $confirm['text'] = $_LANG['YOU_SURE_DELETE_ADV'] .' "'. $item['title'] .'"?'; $confirm['action'] = $_SERVER['REQUEST_URI']; $confirm['yes_button']['name'] = 'godelete'; cmsPage::initTemplate('components', 'action_confirm')-> assign('confirm', $confirm)-> display(); } if (cmsCore::inRequest('godelete')) { cmsCore::m('board')->deleteRecord(cmsCore::m('board')->item_id); cmsCore::addSessionMessage($_LANG['ADV_IS_DELETED'], 'success'); cmsCore::redirect('/board/'. $item['cat_id']); } } }
function content() { $inCore = cmsCore::getInstance(); $inPage = cmsPage::getInstance(); $inDB = cmsDatabase::getInstance(); $inUser = cmsUser::getInstance(); $model = new cms_model_content(); define('IS_BILLING', $inCore->isComponentInstalled('billing')); if (IS_BILLING) { cmsCore::loadClass('billing'); } global $_LANG; $id = cmsCore::request('id', 'int', 0); $do = $inCore->do; $seolink = cmsCore::strClear(urldecode(cmsCore::request('seolink', 'html', ''))); if (is_numeric($seolink)) { cmsCore::error404(); } $page = cmsCore::request('page', 'int', 1); ///////////////////////////////////// VIEW CATEGORY //////////////////////////////////////////////////////////////////////////////// if ($do == 'view') { $cat = $inDB->getNsCategory('cms_category', $seolink); // если не найдена категория и мы не на главной, 404 if (!$cat && $inCore->menuId() !== 1) { cmsCore::error404(); } // языки $cat = translations::process(cmsConfig::getConfig('lang'), 'content_category', $cat); // Плагины $cat = cmsCore::callEvent('GET_CONTENT_CAT', $cat); // Неопубликованные показываем только админам if (!$cat['published'] && !$inUser->is_admin) { cmsCore::error404(); } // Проверяем доступ к категории if (!$inCore->checkUserAccess('category', $cat['id'])) { cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error'); cmsCore::redirect('/content'); } // если не корень категорий if ($cat['NSLevel'] > 0) { $inPage->setTitle($cat['pagetitle'] ? $cat['pagetitle'] : $cat['title']); $pagetitle = $cat['title']; $showdate = $cat['showdate']; $showcomm = $cat['showcomm']; $inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars($cat['title']) . '" href="' . HOST . '/rss/content/' . $cat['id'] . '/feed.rss">'); } // Если корневая категория if ($cat['NSLevel'] == 0) { if ($model->config['hide_root']) { cmsCore::error404(); } $inPage->setTitle($_LANG['CATALOG_ARTICLES']); $pagetitle = $_LANG['CATALOG_ARTICLES']; $showdate = 1; $showcomm = 1; } // Получаем дерево категорий $path_list = $inDB->getNsCategoryPath('cms_category', $cat['NSLeft'], $cat['NSRight'], 'id, title, NSLevel, seolink, url'); if ($path_list) { $path_list = translations::process(cmsConfig::getConfig('lang'), 'content_category', $path_list); foreach ($path_list as $pcat) { if (!$inCore->checkUserAccess('category', $pcat['id'])) { cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error'); cmsCore::redirect('/content'); } $inPage->addPathway($pcat['title'], $model->getCategoryURL(null, $pcat['seolink'])); } } // Получаем подкатегории $subcats_list = $model->getSubCats($cat['id']); // Привязанный фотоальбом $cat_photos = $model->getCatPhotoAlbum($cat['photoalbum']); // Получаем статьи // Редактор/администратор $is_editor = $cat['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd') || $inUser->is_admin; // Условия $model->whereCatIs($cat['id']); // Общее количество статей $total = $model->getArticlesCount($is_editor); // Сортировка и разбивка на страницы $inDB->orderBy($cat['orderby'], $cat['orderto']); $inDB->limitPage($page, $model->config['perpage']); // Получаем статьи $content_list = $total ? $model->getArticlesList(!$is_editor) : array(); $inDB->resetConditions(); if (!$content_list && $page > 1) { cmsCore::error404(); } $pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], $model->getCategoryURL(null, $cat['seolink'], 0, true)); $template = $cat['tpl'] ? $cat['tpl'] : 'com_content_view.tpl'; if ($cat['NSLevel'] > 0) { // meta description if ($cat['meta_desc']) { $meta_desc = $cat['meta_desc']; } elseif (mb_strlen(strip_tags($cat['description'])) >= 250) { $meta_desc = crop($cat['description']); } else { $meta_desc = $cat['title']; } $inPage->setDescription($meta_desc); // meta keywords if ($cat['meta_keys']) { $meta_keys = $cat['meta_keys']; } elseif ($content_list) { foreach ($content_list as $c) { $k[] = $c['title']; } $meta_keys = implode(', ', $k); } else { $meta_keys = $cat['title']; } $inPage->setKeywords($meta_keys); } cmsPage::initTemplate('components', $template)->assign('cat', $cat)->assign('is_homepage', (bool) ($inCore->menuId() == 1))->assign('showdate', $showdate)->assign('showcomm', $showcomm)->assign('pagetitle', $pagetitle)->assign('subcats', $subcats_list)->assign('cat_photos', $cat_photos)->assign('articles', $content_list)->assign('pagebar', $pagebar)->display($template); } ///////////////////////////////////// READ ARTICLE //////////////////////////////////////////////////////////////////////////////// if ($do == 'read') { // Получаем статью $article = $model->getArticle($seolink); if (!$article) { cmsCore::error404(); } $article = translations::process(cmsConfig::getConfig('lang'), 'content_content', $article); $article = cmsCore::callEvent('GET_ARTICLE', $article); $is_admin = $inUser->is_admin; $is_author = $inUser->id == $article['user_id']; $is_author_del = cmsUser::isUserCan('content/delete'); $is_editor = $article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd'); // если статья не опубликована или дата публикации позже, 404 if ((!$article['published'] || strtotime($article['pubdate']) > time()) && !$is_admin && !$is_editor && !$is_author) { cmsCore::error404(); } if (!$inCore->checkUserAccess('material', $article['id'])) { cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error'); cmsCore::redirect($model->getCategoryURL(null, $article['catseolink'])); } // увеличиваем кол-во просмотров if (@(!$is_author)) { $inDB->setFlag('cms_content', $article['id'], 'hits', $article['hits'] + 1); } // Картинка статьи $article['image'] = file_exists(PATH . '/images/photos/medium/article' . $article['id'] . '.jpg') ? 'article' . $article['id'] . '.jpg' : ''; // Заголовок страницы $article['pagetitle'] = $article['pagetitle'] ? $article['pagetitle'] : $article['title']; // Тело статьи в зависимости от настроек $article['content'] = $model->config['readdesc'] ? $article['description'] . $article['content'] : $article['content']; // Дата публикации $article['pubdate'] = cmsCore::dateFormat($article['pubdate']); // Шаблон статьи $article['tpl'] = $article['tpl'] ? $article['tpl'] : 'com_content_read.tpl'; $inPage->setTitle($article['pagetitle']); // Получаем дерево категорий $path_list = $article['showpath'] ? $inDB->getNsCategoryPath('cms_category', $article['leftkey'], $article['rightkey'], 'id, title, NSLevel, seolink, url') : array(); if ($path_list) { $path_list = translations::process(cmsConfig::getConfig('lang'), 'content_category', $path_list); foreach ($path_list as $pcat) { if (!$inCore->checkUserAccess('category', $pcat['id'])) { cmsCore::addSessionMessage($_LANG['NO_PERM_FOR_VIEW_TEXT'] . '<br>' . $_LANG['NO_PERM_FOR_VIEW_RULES'], 'error'); cmsCore::redirect('/content'); } $inPage->addPathway($pcat['title'], $model->getCategoryURL(null, $pcat['seolink'])); } } $inPage->addPathway($article['title']); // Мета теги KEYWORDS и DESCRIPTION if ($article['meta_keys']) { $inPage->setKeywords($article['meta_keys']); } else { if (mb_strlen($article['content']) > 30) { $inPage->setKeywords(cmsCore::getKeywords(cmsCore::strClear($article['content']))); } } if (mb_strlen($article['meta_desc'])) { $inPage->setDescription($article['meta_desc']); } // Выполняем фильтры $article['content'] = cmsCore::processFilters($article['content']); // Разбивка статей на страницы $pt_pages = array(); if (!empty($GLOBALS['pt'])) { foreach ($GLOBALS['pt'] as $num => $page_title) { $pt_pages[$num]['title'] = $page_title; $pt_pages[$num]['url'] = $model->getArticleURL(null, $article['seolink'], $num + 1); } } // Рейтинг статьи if ($model->config['rating'] && $article['canrate']) { $karma = cmsKarma('content', $article['id']); $karma_points = cmsKarmaFormatSmall($karma['points']); $btns = cmsKarmaButtonsText('content', $article['id'], $karma['points'], $is_author); } cmsPage::initTemplate('components', $article['tpl'])->assign('article', $article)->assign('cfg', $model->config)->assign('page', $page)->assign('is_pages', !empty($GLOBALS['pt']))->assign('pt_pages', $pt_pages)->assign('is_admin', $is_admin)->assign('is_editor', $is_editor)->assign('is_author', $is_author)->assign('is_author_del', $is_author_del)->assign('tagbar', cmsTagBar('content', $article['id']))->assign('karma_points', @$karma_points)->assign('karma_votes', @$karma['votes'])->assign('karma_buttons', @$btns)->display($article['tpl']); // Комментарии статьи if ($article['published'] && $article['comments'] && $inCore->isComponentInstalled('comments')) { cmsCore::includeComments(); comments('article', $article['id'], array(), $is_author); } } ///////////////////////////////////// ADD ARTICLE ////////////////////////////////////////////////////////////////////////////////// if ($do == 'addarticle' || $do == 'editarticle') { $is_add = cmsUser::isUserCan('content/add'); // может добавлять статьи $is_auto_add = cmsUser::isUserCan('content/autoadd'); // добавлять статьи без модерации if (!$is_add && !$is_auto_add) { cmsCore::error404(); } // Для редактирования получаем статью и проверяем доступ if ($do == 'editarticle') { // Получаем статью $item = $model->getArticle($id); if (!$item) { cmsCore::error404(); } $pubcats = array(); // доступ к редактированию админам, авторам и редакторам if (!$inUser->is_admin && $item['user_id'] != $inUser->id && !($item['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd'))) { cmsCore::error404(); } } // Для добавления проверяем не вводили ли мы данные ранее if ($do == 'addarticle') { $item = cmsUser::sessionGet('article'); if ($item) { cmsUser::sessionDel('article'); } // Категории, в которые разрешено публиковать $pubcats = $model->getPublicCats(); if (!$pubcats) { cmsCore::addSessionMessage($_LANG['ADD_ARTICLE_ERR_CAT'], 'error'); cmsCore::redirectBack(); } } // не было запроса на сохранение, показываем форму if (!cmsCore::inRequest('add_mod')) { $dynamic_cost = false; // Если добавляем статью if ($do == 'addarticle') { $pagetitle = $_LANG['ADD_ARTICLE']; $inPage->setTitle($pagetitle); $inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX)); $inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login)); $inPage->addPathway($_LANG['MY_ARTICLES'], '/content/my.html'); $inPage->addPathway($pagetitle); // поддержка биллинга if (IS_BILLING) { $action = cmsBilling::getAction('content', 'add_content'); foreach ($pubcats as $p => $pubcat) { if ($pubcat['cost']) { $dynamic_cost = true; } else { $pubcats[$p]['cost'] = $action['point_cost'][$inUser->group_id]; } } cmsBilling::checkBalance('content', 'add_content', $dynamic_cost); } } // Если редактируем статью if ($do == 'editarticle') { $pagetitle = $_LANG['EDIT_ARTICLE']; $inPage->setTitle($pagetitle); $inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX)); if ($item['user_id'] != $inUser->id) { $user = $inDB->get_fields('cms_users', "id='{$item['user_id']}'", 'login, nickname'); $inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login'])); } else { $inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login)); } $inPage->addPathway($_LANG['MY_ARTICLES'], '/content/my.html'); $inPage->addPathway($pagetitle); $item['tags'] = cmsTagLine('content', $item['id'], false); $item['image'] = file_exists(PATH . '/images/photos/small/article' . $item['id'] . '.jpg') ? 'article' . $item['id'] . '.jpg' : ''; if (!$is_auto_add) { cmsCore::addSessionMessage($_LANG['ATTENTION'] . ': ' . $_LANG['EDIT_ARTICLE_PREMODER'], 'info'); } } $inPage->initAutocomplete(); $autocomplete_js = $inPage->getAutocompleteJS('tagsearch', 'tags'); $item = cmsCore::callEvent('PRE_EDIT_ARTICLE', @$item ? $item : array()); cmsPage::initTemplate('components', 'com_content_edit')->assign('mod', $item)->assign('do', $do)->assign('cfg', $model->config)->assign('pubcats', $pubcats)->assign('pagetitle', $pagetitle)->assign('is_admin', $inUser->is_admin)->assign('is_billing', IS_BILLING)->assign('dynamic_cost', $dynamic_cost)->assign('autocomplete_js', $autocomplete_js)->display('com_content_edit.tpl'); } // Пришел запрос на сохранение статьи if (cmsCore::inRequest('add_mod')) { $errors = false; $article['category_id'] = cmsCore::request('category_id', 'int', 1); $article['user_id'] = $item['user_id'] ? $item['user_id'] : $inUser->id; $article['title'] = cmsCore::request('title', 'str', ''); $article['tags'] = cmsCore::request('tags', 'str', ''); $article['description'] = cmsCore::request('description', 'html', ''); $article['content'] = cmsCore::request('content', 'html', ''); $article['description'] = cmsCore::badTagClear($article['description']); $article['content'] = cmsCore::badTagClear($article['content']); $article['published'] = $is_auto_add ? 1 : 0; if ($do == 'editarticle') { $article['published'] = $item['published'] == 0 ? $item['published'] : $article['published']; } $article['pubdate'] = $do == 'editarticle' ? $item['pubdate'] : date('Y-m-d H:i'); $article['enddate'] = $do == 'editarticle' ? $item['enddate'] : $article['pubdate']; $article['is_end'] = $do == 'editarticle' ? $item['is_end'] : 0; $article['showtitle'] = $do == 'editarticle' ? $item['showtitle'] : 1; $article['meta_desc'] = $do == 'addarticle' ? mb_strtolower($article['title']) : $inDB->escape_string($item['meta_desc']); $article['meta_keys'] = $do == 'addarticle' ? $inCore->getKeywords($article['content']) : $inDB->escape_string($item['meta_keys']); $article['showdate'] = $do == 'editarticle' ? $item['showdate'] : 1; $article['showlatest'] = $do == 'editarticle' ? $item['showlatest'] : 1; $article['showpath'] = $do == 'editarticle' ? $item['showpath'] : 1; $article['comments'] = $do == 'editarticle' ? $item['comments'] : 1; $article['canrate'] = $do == 'editarticle' ? $item['canrate'] : 1; $article['pagetitle'] = ''; if ($do == 'editarticle') { $article['tpl'] = $item['tpl']; } if (mb_strlen($article['title']) < 2) { cmsCore::addSessionMessage($_LANG['REQ_TITLE'], 'error'); $errors = true; } if (mb_strlen($article['content']) < 10) { cmsCore::addSessionMessage($_LANG['REQ_CONTENT'], 'error'); $errors = true; } if ($errors) { // При добавлении статьи при ошибках сохраняем введенные поля if ($do == 'addarticle') { cmsUser::sessionPut('article', $article); } cmsCore::redirectBack(); } $article['description'] = $inDB->escape_string($article['description']); $article['content'] = $inDB->escape_string($article['content']); $article = cmsCore::callEvent('AFTER_EDIT_ARTICLE', $article); // добавление статьи if ($do == 'addarticle') { $article_id = $model->addArticle($article); } // загрузка фото $file = 'article' . (@$article_id ? $article_id : $item['id']) . '.jpg'; if (cmsCore::request('delete_image', 'int', 0)) { @unlink(PATH . "/images/photos/small/{$file}"); @unlink(PATH . "/images/photos/medium/{$file}"); } // Загружаем класс загрузки фото cmsCore::loadClass('upload_photo'); $inUploadPhoto = cmsUploadPhoto::getInstance(); // Выставляем конфигурационные параметры $inUploadPhoto->upload_dir = PATH . '/images/photos/'; $inUploadPhoto->small_size_w = $model->config['img_small_w']; $inUploadPhoto->medium_size_w = $model->config['img_big_w']; $inUploadPhoto->thumbsqr = $model->config['img_sqr']; $inUploadPhoto->is_watermark = $model->config['watermark']; $inUploadPhoto->input_name = 'picture'; $inUploadPhoto->filename = $file; // Процесс загрузки фото $inUploadPhoto->uploadPhoto(); // операции после добавления/редактирования статьи // добавление статьи if ($do == 'addarticle') { // Получаем добавленную статью $article = $model->getArticle($article_id); if (!$article['published']) { cmsCore::addSessionMessage($_LANG['ARTICLE_PREMODER_TEXT'], 'info'); // отсылаем уведомление администраторам $link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>'; $message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_ARTICLE_SUBMIT']); $message = str_replace('%link%', $link, $message); cmsUser::sendMessageToGroup(USER_UPDATER, cmsUser::getAdminGroups(), $message); } else { //регистрируем событие cmsActions::log('add_article', array('object' => $article['title'], 'object_url' => $model->getArticleURL(null, $article['seolink']), 'object_id' => $article['id'], 'target' => $article['cat_title'], 'target_url' => $model->getCategoryURL(null, $article['catseolink']), 'target_id' => $article['category_id'], 'description' => '')); if (IS_BILLING) { $category_cost = $article['cost'] === '' ? false : (int) $article['cost']; cmsBilling::process('content', 'add_content', $category_cost); } cmsUser::checkAwards($inUser->id); } cmsCore::addSessionMessage($_LANG['ARTICLE_SAVE'], 'info'); cmsCore::redirect('/my.html'); } // Редактирование статьи if ($do == 'editarticle') { $model->updateArticle($item['id'], $article, true); cmsActions::updateLog('add_article', array('object' => $article['title']), $item['id']); if (!$article['published']) { $link = '<a href="' . $model->getArticleURL(null, $item['seolink']) . '">' . $article['title'] . '</a>'; $message = str_replace('%user%', cmsUser::getProfileLink($inUser->login, $inUser->nickname), $_LANG['MSG_ARTICLE_EDITED']); $message = str_replace('%link%', $link, $message); cmsUser::sendMessageToGroup(USER_UPDATER, cmsUser::getAdminGroups(), $message); } $mess = $article['published'] ? $_LANG['ARTICLE_SAVE'] : $_LANG['ARTICLE_SAVE'] . ' ' . $_LANG['ARTICLE_PREMODER_TEXT']; cmsCore::addSessionMessage($mess, 'info'); cmsCore::redirect($model->getArticleURL(null, $item['seolink'])); } } } ///////////////////////// PUBLISH ARTICLE ///////////////////////////////////////////////////////////////////////////// if ($do == 'publisharticle') { if (!$inUser->id) { cmsCore::error404(); } $article = $model->getArticle($id); if (!$article) { cmsCore::error404(); } // Редактор с правами на добавление без модерации или администраторы могут публиковать if (!($article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd')) && !$inUser->is_admin) { cmsCore::error404(); } $inDB->setFlag('cms_content', $article['id'], 'published', 1); cmsCore::callEvent('ADD_ARTICLE_DONE', $article); if (IS_BILLING) { $author = $inDB->get_fields('cms_users', "id='{$article['user_id']}'", '*'); $category_cost = $article['cost'] === '' ? false : (int) $article['cost']; cmsBilling::process('content', 'add_content', $category_cost, $author); } //регистрируем событие cmsActions::log('add_article', array('object' => $article['title'], 'user_id' => $article['user_id'], 'object_url' => $model->getArticleURL(null, $article['seolink']), 'object_id' => $article['id'], 'target' => $article['cat_title'], 'target_url' => $model->getCategoryURL(null, $article['catseolink']), 'target_id' => $article['cat_id'], 'description' => '')); $link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>'; $message = str_replace('%link%', $link, $_LANG['MSG_ARTICLE_ACCEPTED']); cmsUser::sendMessage(USER_UPDATER, $article['user_id'], $message); cmsUser::checkAwards($article['user_id']); cmsCore::redirectBack(); } ///////////////////////////////////// DELETE ARTICLE /////////////////////////////////////////////////////////////////////////////////// if ($do == 'deletearticle') { if (!$inUser->id) { cmsCore::error404(); } $article = $model->getArticle($id); if (!$article) { cmsCore::error404(); } // права доступа $is_author = cmsUser::isUserCan('content/delete') && $article['user_id'] == $inUser->id; $is_editor = $article['modgrp_id'] == $inUser->group_id && cmsUser::isUserCan('content/autoadd'); if (!$is_author && !$is_editor && !$inUser->is_admin) { cmsCore::error404(); } if (!cmsCore::inRequest('goadd')) { $inPage->setTitle($_LANG['ARTICLE_REMOVAL']); $inPage->addPathway($_LANG['ARTICLE_REMOVAL']); $confirm['title'] = $_LANG['ARTICLE_REMOVAL']; $confirm['text'] = $_LANG['ARTICLE_REMOVAL_TEXT'] . ' <a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>?'; $confirm['action'] = $_SERVER['REQUEST_URI']; $confirm['yes_button'] = array(); $confirm['yes_button']['type'] = 'submit'; $confirm['yes_button']['name'] = 'goadd'; cmsPage::initTemplate('components', 'action_confirm')->assign('confirm', $confirm)->display('action_confirm.tpl'); } else { $model->deleteArticle($article['id']); if ($_SERVER['HTTP_REFERER'] == '/my.html') { cmsCore::addSessionMessage($_LANG['ARTICLE_DELETED'], 'info'); cmsCore::redirectBack(); } else { // если удалили как администратор или редактор и мы не авторы статьи, отсылаем сообщение автору if (($is_editor || $inUser->is_admin) && $article['user_id'] != $inUser->id) { $link = '<a href="' . $model->getArticleURL(null, $article['seolink']) . '">' . $article['title'] . '</a>'; $message = str_replace('%link%', $link, $article['published'] ? $_LANG['MSG_ARTICLE_DELETED'] : $_LANG['MSG_ARTICLE_REJECTED']); cmsUser::sendMessage(USER_UPDATER, $article['user_id'], $message); } else { cmsCore::addSessionMessage($_LANG['ARTICLE_DELETED'], 'info'); } cmsCore::redirect($model->getCategoryURL(null, $article['catseolink'])); } } } ///////////////////////////////////// MY ARTICLES /////////////////////////////////////////////////////////////////////////////////// if ($do == 'my') { if (!cmsUser::isUserCan('content/add')) { cmsCore::error404(); } $inPage->setTitle($_LANG['MY_ARTICLES']); $inPage->addPathway($_LANG['USERS'], '/' . str_replace('/', '', cmsUser::PROFILE_LINK_PREFIX)); $inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login)); $inPage->addPathway($_LANG['MY_ARTICLES']); $perpage = 15; // Условия $model->whereUserIs($inUser->id); // Общее количество статей $total = $model->getArticlesCount(false); // Сортировка и разбивка на страницы $inDB->orderBy('con.pubdate', 'DESC'); $inDB->limitPage($page, $perpage); // Получаем статьи $content_list = $total ? $model->getArticlesList(false) : array(); $inDB->resetConditions(); cmsPage::initTemplate('components', 'com_content_my')->assign('articles', $content_list)->assign('total', $total)->assign('user_can_delete', cmsUser::isUserCan('content/delete'))->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/content/my%page%.html'))->display('com_content_my.tpl'); } ///////////////////////////////////// BEST ARTICLES /////////////////////////////////////////////////////////////////////////////////// if ($do == 'best') { $inPage->setTitle($_LANG['ARTICLES_RATING']); $inPage->addPathway($_LANG['ARTICLES_RATING']); // Только статьи, за которые можно голосовать $inDB->where("con.canrate = 1"); // Сортировка и разбивка на страницы $inDB->orderBy('con.rating', 'DESC'); $inDB->limitPage(1, 30); // Получаем статьи $content_list = $model->getArticlesList(); cmsPage::initTemplate('components', 'com_content_rating')->assign('articles', $content_list)->display('com_content_rating.tpl'); } }
<?php if ($my_profile) { ?> <div class="float_bar"> <a href="/users/addphoto.html" class="usr_photo_add"><?php echo $_LANG['ADD_PHOTO']; ?></a> </div> <?php } ?> <div class="con_heading"> <a href="<?php echo cmsUser::getProfileURL($user['login']); ?>"><?php echo $user['nickname']; ?></a> → <?php echo $_LANG['PHOTOALBUMS']; ?> </div> <?php if ($albums) { ?> <div class="usr_albums_block" style="margin-top:30px"> <ul class="usr_albums_list"> <?php foreach($albums as $album) { ?> <li> <div class="usr_album_thumb"> <a href="/users/<?php echo $user['login']; ?>/photos/<?php echo $album['type']; ?><?php echo $album['id']; ?>.html" title="<?php echo $this->escape($album['title']); ?>"> <img src="<?php echo $album['imageurl']; ?>" width="64" height="64" border="0" alt="<?php echo $this->escape($album['title']); ?>" /> </a> </div> <div class="usr_album"> <div class="link"> <a href="/users/<?php echo $user['login']; ?>/photos/<?php echo $album['type']; ?><?php echo $album['id']; ?>.html"><?php echo $album['title']; ?></a> </div> <div class="count"><?php echo $this->spellcount($album['photos_count'], $_LANG['PHOTO'], $_LANG['PHOTO2'], $_LANG['PHOTO10']); ?></div> <div class="date"><?php echo $album['pubdate']; ?></div> </div> </li> <?php } ?> </ul> <div class="blog_desc"></div>
<?php if ($myblog || $is_admin || ($is_writer && $is_author)) { ?> <div class="float_bar"> <?php if (!$post['published'] && ($is_admin)) { ?><span id="pub_link"><a class="ajaxlink" href="javascript:void(0)" onclick="<?php echo cmsCore::getInstance()->component; ?>.publishPost(<?php echo $post['id']; ?>);return false;"><?php echo $_LANG['PUBLISH']; ?></a> | </span><?php } ?><a href="/<?php echo cmsCore::getInstance()->component; ?>/editpost<?php echo $post['id']; ?>.html"><?php echo $_LANG['EDIT']; ?></a> | <a class="ajaxlink" href="javascript:void(0)" onclick="<?php echo cmsCore::getInstance()->component; ?>.deletePost(<?php echo $post['id']; ?>, '<?php echo cmsUser::getCsrfToken(); ?>');return false;"><?php echo $_LANG['DELETE']; ?></a> </div> <?php } ?> <h1 class="con_heading"><?php echo $post['title']; ?></h1> <table width="100%" cellpadding="4" cellspacing="0"> <tr> <td width="70" valign="top" align="center"> <div><strong><?php echo $_LANG['AVTOR']; ?></strong></div> <div class="blog_post_avatar"><a href="<?php echo cmsUser::getProfileURL($post['author_login']); ?>"><img border="0" class="usr_img_small" src="<?php echo $post['author_avatar']; ?>" /></a></div> <div><strong><a href="<?php echo cmsUser::getProfileURL($post['author_login']); ?>"><?php echo $post['author_nickname']; ?></a></strong></div> </td> <td> <div class="blog_post_data" valign="top"> <div><strong><?php echo $_LANG['PUBLISHED']; ?>:</strong> <?php if (!$post['published']) { ?><span id="pub_wait" style="color:#F00;"><?php echo $_LANG['ON_MODERATE']; ?></span><span id="pub_date" style="display:none;"><?php echo $post['fpubdate']; ?></span><?php } else { ?><?php echo $post['fpubdate']; ?><?php } ?></div> <div><strong><?php echo $_LANG['BLOG']; ?>:</strong> <a href="/<?php echo cmsCore::getInstance()->component; ?>/<?php echo $blog['seolink']; ?>"><?php echo $blog['title']; ?></a></div> <?php if ($blog['showcats'] && $cat) { ?> <div><strong><?php echo $_LANG['CAT']; ?>:</strong> <a href="/<?php echo cmsCore::getInstance()->component; ?>/<?php echo $blog['seolink']; ?>/cat-<?php echo $cat['id']; ?>"><?php echo $cat['title']; ?></a></div> <?php } ?> <?php if ($post['edit_times']) { ?> <div><strong><?php echo $_LANG['EDITED']; ?>:</strong> <?php echo $this->spellcount($post['edit_times'], $_LANG['TIME1'], $_LANG['TIME2'], $_LANG['TIME10']); ?> — <?php if ($post['edit_times'] > 1) { ?><?php echo $_LANG['LATS_TIME']; ?><?php } ?> <?php echo $post['feditdate']; ?></div> <?php } ?> <?php if ($post['feel']) { ?> <div><strong><?php echo $_LANG['MOOD']; ?>:</strong> <?php echo $post['feel']; ?></div> <?php } ?> <?php if ($post['music']) { ?> <div><strong><?php echo $_LANG['PLAYING']; ?>:</strong> <?php echo $post['music']; ?></div> <?php } ?> </div>
/** * Возвращает массив событий для ленты активности * @return array */ public function getActionsLog() { $inUser = cmsUser::getInstance(); if (!$this->only_friends) { $this->inDB->where('log.is_friends_only = 0'); } if (!$inUser->id) { $this->inDB->where('log.is_users_only = 0'); } $sql = "SELECT log.id as id,\n log.user_id,\n log.object,\n log.object_url,\n log.target,\n log.target_url,\n log.pubdate,\n log.description,\n a.message,\n a.name,\n u.nickname as user_nickname,\n u.login as user_login\n FROM cms_actions_log log\n LEFT JOIN cms_actions a ON a.id = log.action_id AND a.is_visible = 1\n LEFT JOIN cms_users u ON u.id = log.user_id\n WHERE 1=1 {$this->inDB->where}\n ORDER BY log.id DESC\n\t\t\t\t"; if ($this->inDB->limit) { $sql .= "LIMIT {$this->inDB->limit}"; } $result = $this->inDB->query($sql); // Сбрасываем условия $this->inDB->resetConditions(); if (!$this->inDB->num_rows($result)) { return false; } $actions = array(); while ($action = $this->inDB->fetch_assoc($result)) { $action['object_link'] = $action['target_link'] = ''; if ($action['object']) { $action['object_link'] = $action['object_url'] ? '<a href="' . $action['object_url'] . '" class="act_obj_' . $action['name'] . '">' . $action['object'] . '</a>' : $action['object']; } if ($action['target']) { $action['target_link'] = '<a href="' . $action['target_url'] . '" class="act_tgt_' . $action['name'] . '">' . $action['target'] . '</a>'; } if ($action['message']) { $target_pos = mb_strpos($action['message'], '|'); if ($target_pos !== false) { if (!$this->show_targets || !$action['target']) { $action['message'] = mb_substr($action['message'], 0, $target_pos); } else { $action['message'] = str_replace('|', '', $action['message']); } } $action['message'] = sprintf($action['message'], $action['object_link'], $action['target_link']); } $action['is_new'] = (bool) (strtotime($action['pubdate']) > strtotime($inUser->logdate)); $action['user_url'] = cmsUser::getProfileURL($action['user_login']); $action['pubdate'] = cmsCore::dateDiffNow($action['pubdate']); $actions[] = $action; } return cmsCore::callEvent('GET_ACTIONS', $actions); }
function comments($target = '', $target_id = 0, $labels = array()) { $inCore = cmsCore::getInstance(); $inPage = cmsPage::getInstance(); $inDB = cmsDatabase::getInstance(); $inUser = cmsUser::getInstance(); cmsCore::loadModel('comments'); $model = new cms_model_comments($labels); // Проверяем включени ли компонент if (!$inCore->isComponentEnable('comments')) { return false; } // Инициализируем права доступа для группы текущего пользователя $model->initAccess(); global $_LANG; $do = $inCore->do; $page = cmsCore::request('page', 'int', 1); $id = cmsCore::request('id', 'int', 0); $login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', ''))); $inPage->addHeadJS('components/comments/js/comments.js'); $inPage->addHeadJsLang(array('EDIT_COMMENT', 'CONFIRM_DEL_COMMENT', 'COMMENT_IN_LINK')); //========================================================================================================================// //========================================================================================================================// if ($do == 'view' && !$target && !$target_id) { if (!$login) { $myprofile = false; $page_title = $inCore->getComponentTitle(); $inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . $_LANG['COMMENTS'] . '" href="' . HOST . '/rss/comments/all/feed.rss">'); } else { // проверяем что пользователь есть $user = cmsUser::getShortUserData($login); if (!$user) { cmsCore::error404(); } // Мои комментарии $myprofile = $inUser->id == $user['id']; $page_title = $_LANG['COMMENTS'] . ' - ' . $user['nickname']; $inPage->addPathway($user['nickname'], cmsUser::getProfileURL($user['login'])); // Добавляем условие в выборку $model->whereUserIs($user['id']); } $inPage->setTitle($page_title); $inPage->addPathway($page_title); $inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $page_title); $inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $page_title); // флаг модератора $is_moder = $inUser->is_admin || $model->is_can_moderate; // Не админам только открытые комментарии if (!($is_moder || $myprofile)) { $model->whereIsShow(); } // Общее количество комментариев $total = $model->getCommentsCount(!($is_moder || $myprofile)); // Сортировка и разбивка на страницы $inDB->orderBy('c.pubdate', 'DESC'); $inDB->limitPage($page, $model->config['perpage']); // Сами комментарии $comments = $total ? $model->getComments(!($is_moder || $myprofile)) : array(); $inDB->resetConditions(); if (!$comments && $page > 1) { cmsCore::error404(); } // пагинация if (!$login) { $pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], '/comments/page-%page%'); } else { $pagebar = cmsPage::getPagebar($total, $page, $model->config['perpage'], 'javascript:centerLink(\'/comments/by_user_' . $user['login'] . '/page-%page%\')'); } // Отдаем в шаблон cmsPage::initTemplate('components', 'com_comments_list_all')->assign('comments_count', $total)->assign('comments', $comments)->assign('pagebar', $pagebar)->assign('is_user', $inUser->id)->assign('page_title', $page_title)->assign('cfg', $model->config)->assign('is_admin', $is_moder)->display('com_comments_list_all.tpl'); } //========================================================================================================================// //========================================================================================================================// if (!in_array($do, array('add', 'edit', 'delete')) && $target && $target_id) { if (!$model->config['cmm_ajax']) { $model->whereTargetIs($target, $target_id); $inDB->orderBy('c.pubdate', 'ASC'); $comments = cmsCore::callEvent('BEFORE_SHOW_COMMENTS', $model->getComments(!($inUser->is_admin || $model->is_can_moderate), true)); $total = count($comments); ob_start(); cmsPage::initTemplate('components', 'com_comments_list')->assign('comments_count', $total)->assign('comments', $comments)->assign('user_can_moderate', $model->is_can_moderate)->assign('user_can_delete', $model->is_can_delete)->assign('user_can_add', $model->is_can_add)->assign('is_admin', $inUser->is_admin)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('labels', $model->labels)->assign('target', $target)->assign('target_id', $target_id)->display('com_comments_list.tpl'); $html = ob_get_clean(); } else { $model->whereTargetIs($target, $target_id); $total = $model->getCommentsCount(!($inUser->is_admin || $model->is_can_moderate)); $inDB->resetConditions(); } cmsPage::initTemplate('components', 'com_comments_view')->assign('comments_count', $total)->assign('target', $target)->assign('target_id', $target_id)->assign('is_admin', $inUser->is_admin)->assign('labels', $model->labels)->assign('is_user', $inUser->id)->assign('cfg', $model->config)->assign('user_can_add', $model->is_can_add)->assign('html', isset($html) ? $html : '')->assign('add_comment_js', "addComment('" . $target . "', '" . $target_id . "', 0)")->assign('user_subscribed', cmsUser::isSubscribed($inUser->id, $target, $target_id))->display('com_comments_view.tpl'); } //========================================================================================================================// //========================================================================================================================// // Добавление комментария, форма добавления в addform.php if ($do == 'add') { // Только аякс if (!cmsCore::isAjax()) { cmsCore::error404(); } // Очищаем буфер ob_end_clean(); // Добавлять могут только админы и те, кому разрешено в настройках группы if (!$model->is_can_add && !$inUser->is_admin) { cmsCore::error404(); } // Входные данные $comment['guestname'] = cmsCore::request('guestname', 'str', ''); $comment['user_id'] = $inUser->id; if ($model->is_can_bbcode) { $content = cmsCore::request('content', 'html', ''); $comment['content_bbcode'] = $inDB->escape_string($content); $content = cmsCore::parseSmiles($content, true); $comment['content'] = $inDB->escape_string($content); } else { $comment['content'] = cmsCore::request('content', 'str', ''); $comment['content_bbcode'] = $comment['content']; $comment['content'] = str_replace(array('\\r', '\\n'), '<br>', $comment['content']); } $comment['parent_id'] = cmsCore::request('parent_id', 'int', 0); $comment['target'] = cmsCore::request('target', 'str', ''); $comment['target_id'] = cmsCore::request('target_id', 'int', 0); $comment['ip'] = cmsCore::strClear($_SERVER['REMOTE_ADDR']); // Проверяем правильность/наличие входных парамеров // цель комментария if (!$comment['target'] || !$comment['target_id']) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'])); } // Имя гостя отсутствует if (!$comment['guestname'] && !$inUser->id) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_USER_NAME'])); } // Текст комментраия отсутствует if (!$comment['content']) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT'])); } // проверяем каптчу $need_captcha = $model->config['regcap'] ? true : ($inUser->id ? false : true); if ($need_captcha && !cmsPage::checkCaptchaCode()) { cmsCore::jsonOutput(array('error' => true, 'is_captcha' => true, 'text' => $_LANG['ERR_CAPTCHA'])); } // получаем массив со ссылкой и заголовком цели комментария // для этого: // 1. узнаем ответственный компонент из cms_comment_targets $target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*'); if (!$target) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1')); } // 2. подключим модель этого компонента if (cmsCore::loadModel($target['component'])) { $model_class = 'cms_model_' . $target['component']; if (class_exists($model_class)) { $target_model = new $model_class(); } } if (!isset($target_model)) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #2')); } // 3. запросим массив $target_data[link, title] у метода getCommentTarget модели $target_data = $target_model->getCommentTarget($comment['target'], $comment['target_id']); if (!$target_data) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #3')); } $comment['target_title'] = $target_data['title']; $comment['target_link'] = $target_data['link']; // 4. Узнаем видимость комментария в модели $target_model if (method_exists($target_model, 'getVisibility')) { $comment['is_hidden'] = $target_model->getVisibility($comment['target'], $comment['target_id']); } else { $comment['is_hidden'] = 0; } // публикация согласно настроек $comment['published'] = $inUser->is_admin || $model->is_can_moderate || $model->is_add_published ? 1 : 0; // Проверяем токен перед самым добавлением комментария if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } // 5. добавляем комментарий в базу $comment_id = $model->addComment($comment); // 6. Пересчитываем количество комментариев у цели если нужно if (method_exists($target_model, 'updateCommentsCount')) { $target_model->updateCommentsCount($comment['target'], $comment['target_id']); } if (!$comment['is_hidden'] && $comment['published']) { //регистрируем событие $content_short = strip_tags($comment['content']); cmsActions::log('add_comment', array('object' => $_LANG['COMMENT'], 'object_url' => $comment['target_link'] . '#c' . $comment_id, 'object_id' => $comment_id, 'target' => $comment['target_title'], 'target_url' => $comment['target_link'], 'target_id' => $comment['target_id'], 'description' => mb_strlen($content_short) > 140 ? mb_substr($content_short, 0, 140) : $content_short)); } //////////////////////////////////////////////////////////////// ///////////////// Операции по уведомлениям ///////////////////// $inConf = cmsConfig::getInstance(); $from_nick = $inUser->id ? $inUser->nickname : $comment['guestname']; $targetlink = HOST . $comment['target_link'] . '#c' . $comment_id; //получаем ID и e-mail автора $author = $inUser->id ? $model->getTargetAuthor($target['target_table'], $comment['target_id']) : ''; //подписываем пользователя на обновления, если нужно if ($inUser->id && cmsCore::inRequest('subscribe')) { cmsUser::subscribe($inUser->id, $comment['target'], $comment['target_id']); } if ($comment['published']) { //рассылаем уведомления о новом комменте cmsUser::sendUpdateNotify($comment['target'], $comment['target_id'], array('link' => $comment['target_link'] . '#c' . $comment_id, 'title' => stripslashes($comment['target_title']), 'letter_file' => 'newcomment', 'author' => $inUser->id ? $inUser->nickname : $comment['guestname'])); //проверяем и выдаем награду если нужно cmsUser::checkAwards($inUser->id); } //отправляем админу уведомление о комментарии на e-mail, если нужно if ($model->config['email']) { $mailmsg = str_replace(array('{sitename}', '{date}', '{from}', '{subjtitle}', '{targetlink}', '{content}'), array($inConf->sitename, date('d/m/Y (H:i)'), $from_nick, stripslashes($comment['target_title']), $targetlink, strip_tags($comment['content'])), cmsCore::getLanguageTextFile('newcomment_admin')); $inCore->mailText($model->config['email'], '', $mailmsg); } //отправляем автору уведомление на e-mail if ($author && $comment['published']) { if ($model->isAuthorNeedMail($author['id']) && $inUser->id != $author['id']) { $letter = cmsCore::getLanguageTextFile('newpostcomment'); $letter = str_replace('{sitename}', $inConf->sitename, $letter); $letter = str_replace('{subj}', $target['subj'], $letter); $letter = str_replace('{subjtitle}', stripslashes($comment['target_title']), $letter); $letter = str_replace('{targetlink}', $targetlink, $letter); $letter = str_replace('{date}', date('d/m/Y H:i:s'), $letter); $letter = str_replace('{from}', $from_nick, $letter); $inCore->mailText($author['email'], '', $letter); } } if (!$comment['published']) { $message = str_replace(array('%user%', '%targetlink%'), array($from_nick, $targetlink), $_LANG['COMM_PREMODER_ADMIN_TEXT']); cmsUser::sendMessage(USER_UPDATER, 1, $message); } cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id'], 'is_premod' => $comment['published'] ? 0 : $_LANG['COMM_PREMODER_TEXT'], 'comment_id' => $comment_id)); } //========================================================================================================================// //========================================================================================================================// if ($do == 'edit') { if (!cmsCore::isAjax()) { cmsCore::error404(); } $comment = $model->getComment(cmsCore::request('comment_id', 'int', 0)); if (!$comment) { die; } // редактировать могут авторы (если время редактирования есть) // модераторы и администраторы if (!$model->is_can_moderate && !$inUser->is_admin && !($inUser->id == $comment['user_id'] && $comment['is_editable'])) { cmsCore::error404(); } if ($model->is_can_bbcode) { $content = cmsCore::request('content', 'html', ''); $com_new['content_bbcode'] = $inDB->escape_string($content); $com_new['content'] = $inDB->escape_string(cmsCore::parseSmiles($content, true)); } else { $com_new['content'] = cmsCore::request('content', 'str', ''); $com_new['content_bbcode'] = $com_new['content']; $com_new['content'] = str_replace(array('\\r', '\\n'), '<br>', $com_new['content']); } // Текст комментраия отсутствует if (!$com_new['content']) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_COMMENT_TEXT'])); } if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } //Если ошибок не было, //обновляем комментарий в базе $model->updateComment($comment['id'], $com_new); // Обновляем в ленте активности $content_short = mb_substr(strip_tags($com_new['content']), 0, 140); cmsActions::updateLog('add_comment', array('description' => $content_short), $comment['id']); $com_new['content'] = stripslashes(str_replace(array('\\r', '\\n'), ' ', $com_new['content'])); $com_new = cmsCore::callEvent('GET_COMMENT', $com_new); cmsCore::jsonOutput(array('error' => false, 'text' => $com_new['content'], 'comment_id' => $comment['id'])); } //========================================================================================================================// //========================================================================================================================// if ($do == 'delete') { if (!cmsCore::isAjax()) { cmsCore::error404(); } $comment = $model->getComment($id); if (!$comment) { cmsCore::error404(); } if (!$inUser->id && !($model->is_can_delete && $inUser->id == $comment['user_id']) && !$model->is_can_moderate && !$inUser->is_admin) { cmsCore::error404(); } //узнаем ответственный компонент из cms_comment_targets $target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*'); if (!$target) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1')); } if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $model->deleteComment($id); //подключим модель этого компонента if (cmsCore::loadModel($target['component'])) { $model_class = 'cms_model_' . $target['component']; if (class_exists($model_class)) { $target_model = new $model_class(); // Пересчитываем количество комментариев у цели если нужно if (method_exists($target_model, 'updateCommentsCount')) { $target_model->updateCommentsCount($comment['target'], $comment['target_id']); } } } cmsCore::jsonOutput(array('error' => false, 'target' => $comment['target'], 'target_id' => $comment['target_id'])); } }
<script type="text/javascript" src="/includes/jquery/jquery.form.js"></script> <?php if ($is_reply_user) { ?> <div class="usr_msgreply_source"> <div class="usr_msgreply_sourcetext"><?php echo $msg['message']; ?></div> <div class="usr_msgreply_author"><?php echo $_LANG['ORIGINAL_MESS']; ?>: <a href="<?php echo cmsUser::getProfileURL($msg['login']); ?>"><?php echo $msg['nickname']; ?></a>, <?php echo $msg['senddate']; ?></div> </div> <?php } ?> <form action="" method="POST" name="msgform" id="send_msgform"> <input type="hidden" name="gosend" value="1" /> <input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" /> <div class="usr_msg_bbcodebox"><?php echo $bbcodetoolbar; ?></div> <?php echo $smilestoolbar; ?> <div class="cm_editor"> <textarea class="ajax_autogrowarea" name="message" id="message"></textarea> </div> <div style="margin-top:6px; display:block"> <?php if (!$id && $friends) { ?> <strong><?php echo $_LANG['SEND_TO']; ?>: </strong> <select name="user_id" id="user_id" class="s_usr" style="width:160px;" onchange="changeFriendTo();"> <option value="0"></option> <?php foreach($friends as $friend) { ?> <option value="<?php echo $friend['id']; ?>" <?php if ($id == $friend['id']) {?> selected="selected"<?php } ?>><?php echo $friend['nickname']; ?></option> <?php } ?> </select> <?php } else { ?> <select name="user_id" id="user_id" style="display: none;"> <option value="<?php echo $id; ?>" selected="selected"></option> </select> <?php } ?>
<?php if ($articles) { ?> <table cellspacing="2" cellpadding="4" border="0" width="100%"> <?php foreach ($articles as $article) { ?> <tr> <td class="mod_blog_karma" valign="top" width="30"><?php echo $this->rating($article['rating']); ?></td> <td valign="top"> <div> <a class="mod_bcon_content" style="font-size:16px" href="<?php echo $article['url']; ?>"><?php echo $this->truncate($article['title'], 60); ?></a> — <span class="mod_bcon_date"><?php echo $article['fpubdate']; ?></span> (<a class="mod_bcon_author" href="<?php echo cmsUser::getProfileURL($article['user_login']) ?>"><?php echo $article['author']; ?></a>) </div> <?php if ($cfg['showdesc'] != 0) { ?> <?php if ($article['image_small']) { ?> <div class="mod_latest_image"> <img src="<?php echo $article['image_small']; ?>" border="0" width="32" height="32" alt="<?php echo $this->escape($article['title']); ?>"/> </div> <?php } ?> <div><?php echo $article['description']; ?></div> <?php } ?> </td> </tr> <?php } ?> <?php if ($cfg['showlink'] != 0) { ?> <tr><td colspan="2"> <div style="text-align:right"> <a href="/content/top.html"><?php echo $_LANG['BESTCONTENT_FULL_RATING']; ?></a> → </div> </td></tr> <?php } ?> </table> <?php } else { ?> <p><?php echo $_LANG['BESTCONTENT_NOT_ARTICLES']; ?></p>
function cmsTagItemLink($target, $item_id){ $inCore = cmsCore::getInstance(); $link = ''; switch ($target){ case 'content': $today = date("Y-m-d H:i:s"); $sql = "SELECT i.title as title, c.title as cat, i.seolink as seolink, c.seolink as cat_seolink FROM cms_content i INNER JOIN cms_category c ON c.id = i.category_id WHERE i.id = '$item_id' AND i.published = 1 AND i.is_arhive = 0 AND i.pubdate <= '$today' AND (i.is_end=0 OR (i.is_end=1 AND i.enddate >= '$today')) LIMIT 1"; $rs = cmsCore::c('db')->query($sql) ; if (cmsCore::c('db')->num_rows($rs)){ $item = cmsCore::c('db')->fetch_assoc($rs); $link = '<a href="/'.$item['cat_seolink'].'" class="tag_searchcat">'.$item['cat'].'</a> → '; $link .= '<a href="/'.$item['seolink'].'.html" class="tag_searchitem">'.$item['title'].'</a>'; } break; case 'blogpost': $sql = "SELECT i.title as title, i.id as item_id, c.title as cat, c.id as cat_id, c.owner as owner, c.user_id user_id, i.seolink as seolink, c.seolink as bloglink FROM cms_blog_posts i LEFT JOIN cms_blogs c ON c.id = i.blog_id WHERE i.id = '$item_id' AND i.published = 1"; $rs = cmsCore::c('db')->query($sql) ; if (cmsCore::c('db')->num_rows($rs)){ $item = cmsCore::c('db')->fetch_assoc($rs); if ($item['owner'] == 'club') { $item['cat'] = cmsCore::c('db')->get_field('cms_clubs','id='.$item['user_id'],'title'); } $link = '<a href="/blogs/'.$item['bloglink'].'" class="tag_searchcat">'.$item['cat'].'</a> → '; $link .= '<a href="/blogs/'.$item['bloglink'].'/'.$item['seolink'].'.html" class="tag_searchitem">'.$item['title'].'</a>'; } break; case 'photo': $sql = "SELECT i.title as title, i.id as item_id, c.title as cat, c.id as cat_id FROM cms_photo_files i LEFT JOIN cms_photo_albums c ON c.id = i.album_id WHERE i.id = '$item_id' AND i.published = 1"; $rs = cmsCore::c('db')->query($sql) ; if (cmsCore::c('db')->num_rows($rs)){ $item = cmsCore::c('db')->fetch_assoc($rs); $link = '<a href="/photos/'.$item['cat_id'].'" class="tag_searchcat">'.$item['cat'].'</a> → '; $link .= '<a href="/photos/photo'.$item['item_id'].'.html" class="tag_searchitem">'.$item['title'].'</a>'; } break; case 'userphoto': $sql = "SELECT i.title as title, i.id as item_id, c.nickname as cat, c.id as cat_id, c.login as login FROM cms_user_photos i LEFT JOIN cms_users c ON c.id = i.user_id WHERE i.id = '$item_id'"; $rs = cmsCore::c('db')->query($sql) ; if (cmsCore::c('db')->num_rows($rs)){ $item = cmsCore::c('db')->fetch_assoc($rs); $link = '<a href="'.cmsUser::getProfileURL($item['login']).'" class="tag_searchcat">'.$item['cat'].'</a> → '; $link .= '<a href="/users/'.$item['cat_id'].'/photo'.$item['item_id'].'.html" class="tag_searchitem">'.$item['title'].'</a>'; } break; case 'catalog': $sql = "SELECT i.title as title, i.id as item_id, c.title as cat, c.id as cat_id FROM cms_uc_items i LEFT JOIN cms_uc_cats c ON c.id = i.category_id WHERE i.id = '$item_id' AND i.published = 1"; $rs = cmsCore::c('db')->query($sql) ; if (cmsCore::c('db')->num_rows($rs)){ $item = cmsCore::c('db')->fetch_assoc($rs); $link = '<a href="/catalog/'.$item['cat_id'].'" class="tag_searchcat">'.$item['cat'].'</a> → '; $link .= '<a href="/catalog/item'.$item['item_id'].'.html" class="tag_searchitem">'.$item['title'].'</a>'; } break; case 'video': $inCore->loadModel('video'); $model = cms_model_video::initModel(); $sql = "SELECT i.title as title, i.id as item_id, i.seolink as movie_seolink, c.title as cat_title, c.id as cat_id, c.seolink as cat_seolink FROM cms_video_movie i INNER JOIN cms_video_category c ON c.id = i.cat_id WHERE i.id = '$item_id'"; $rs = cmsCore::c('db')->query($sql) ; if (cmsCore::c('db')->num_rows($rs)){ $item = cmsCore::c('db')->fetch_assoc($rs); $link = '<a href="'.$model->getCatLink($item['cat_seolink'], $item['cat_id']).'" class="tag_searchcat">'.$item['cat_title'].'</a> → '; $link .= '<a href="'.$model->getMovieLink($item['cat_seolink'].'/'.$item['movie_seolink'], $item['item_id']).'" class="tag_searchitem">'.$item['title'].'</a>'; } break; case 'shop': $sql = "SELECT i.title as title, i.seolink as seolink, c.title as cat, c.seolink as cat_seolink FROM cms_shop_items i LEFT JOIN cms_shop_cats c ON c.id = i.category_id WHERE i.id = '$item_id'"; $rs = cmsCore::c('db')->query($sql) ; if (cmsCore::c('db')->num_rows($rs)){ $item = cmsCore::c('db')->fetch_assoc($rs); $link = '<a href="/shop/'.$item['cat_seolink'].'" class="tag_searchcat">'.$item['cat'].'</a> → '; $link .= '<a href="/shop/'.$item['seolink'].'.html" class="tag_searchitem">'.$item['title'].'</a>'; } break; case 'maps': $sql = "SELECT i.title as title, i.seolink as seolink, c.title as cat, c.seolink as cat_seolink FROM cms_map_items i LEFT JOIN cms_map_cats c ON c.id = i.category_id WHERE i.id = '$item_id'"; $rs = cmsCore::c('db')->query($sql) ; if (cmsCore::c('db')->num_rows($rs)){ $item = cmsCore::c('db')->fetch_assoc($rs); $link = '<a href="/maps/'.$item['cat_seolink'].'" class="tag_searchcat">'.$item['cat'].'</a> → '; $link .= '<a href="/maps/'.$item['seolink'].'.html" class="tag_searchitem">'.$item['title'].'</a>'; } break; } return $link; }
function users() { header('X-Frame-Options: DENY'); $inCore = cmsCore::getInstance(); $inPage = cmsPage::getInstance(); $inDB = cmsDatabase::getInstance(); $inUser = cmsUser::getInstance(); global $_LANG; $model = new cms_model_users(); // id пользователя $id = cmsCore::request('id', 'int', 0); // логин пользователя $login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', ''))); $do = $inCore->do; $page = cmsCore::request('page', 'int', 1); $pagetitle = $inCore->getComponentTitle(); if ($model->config['sw_search'] != 2) { $inPage->addPathway($pagetitle, '/users'); } $inPage->setTitle($pagetitle); $inPage->setDescription($pagetitle); // js только авторизованным if ($inUser->id) { $inPage->addHeadJS('components/users/js/profile.js'); $inPage->addHeadJsLang(array('CONFIRM_CLEAN_CAT', 'CHOOSE_RECIPIENT', 'SEND_TO_USER', 'FRIENDSHIP_OFFER', 'STOP_FRIENDLY', 'REALY_STOP_FRIENDLY', 'ENTER_STATUS', 'HAVE_JUST')); } //============================================================================// //========================= Список пользователей ============================// //============================================================================// if ($do == 'view') { // если запрещен просмотр всех пользователей, 404 if ($model->config['sw_search'] == 2) { cmsCore::error404(); } //очищаем поисковые запросы если пришли со другой страницы if (!strstr(cmsCore::getBackURL(), '/users')) { cmsUser::sessionClearAll(); } $stext = array(); // Возможные входные переменные $name = cmsCore::getSearchVar('name'); $city = cmsCore::getSearchVar('city'); $hobby = cmsCore::getSearchVar('hobby'); $gender = cmsCore::getSearchVar('gender'); $orderby = cmsCore::request('orderby', array('karma', 'rating', 'regdate'), 'regdate'); $orderto = cmsCore::request('orderto', array('asc', 'desc'), 'desc'); $age_to = (int) cmsCore::getSearchVar('ageto', 'all'); $age_fr = (int) cmsCore::getSearchVar('agefrom', 'all'); $group_id = cmsCore::request('group_id', 'int', 0); // Флаг о показе только онлайн пользователей if (cmsCore::inRequest('online')) { cmsUser::sessionPut('usr_online', (bool) cmsCore::request('online', 'int')); $page = 1; } $only_online = cmsUser::sessionGet('usr_online'); if ($only_online) { $stext[] = $_LANG['SHOWING_ONLY_ONLINE']; } /////////////////////////////////////// //////////Условия выборки////////////// /////////////////////////////////////// // группа if ($group_id) { $model->whereUserGroupIs($group_id); $link['group'] = '/users/group/' . $group_id; $_LANG['GROUP_SEARCH_NAME'] = cmsUser::getGroupTitle($group_id); } // Добавляем в выборку имя, если оно есть if ($name) { $model->whereNameIs($name); $stext[] = $_LANG['NAME'] . " — " . htmlspecialchars(stripslashes($name)); } // Добавляем в выборку город, если он есть if ($city) { $model->whereCityIs($city); $stext[] = $_LANG['CITY'] . " — " . htmlspecialchars(stripslashes($city)); } // Добавляем в выборку хобби, если есть if ($hobby) { $model->whereHobbyIs($hobby); $stext[] = $_LANG['HOBBY'] . " — " . htmlspecialchars(stripslashes($hobby)); } // Добавляем в выборку пол, если есть if ($gender) { $model->whereGenderIs($gender); if ($gender == 'm') { $stext[] = $_LANG['MALE']; } else { $stext[] = $_LANG['FEMALE']; } } // Добавляем в выборку возраст, более if ($age_fr) { $model->whereAgeFrom($age_fr); $stext[] = $_LANG['NOT_YOUNG'] . " {$age_fr} " . $_LANG['YEARS']; } // Добавляем в выборку возраст, менее if ($age_to) { $model->whereAgeTo($age_to); $stext[] = $_LANG['NOT_OLD'] . " {$age_fr} " . $_LANG['YEARS']; } // Считаем общее количество согласно выборки $total = $model->getUsersCount($only_online); if ($total) { //устанавливаем сортировку $inDB->orderBy($orderby, $orderto); //устанавливаем номер текущей страницы и кол-во пользователей на странице $inDB->limitPage($page, $model->config['users_perpage']); // Загружаем пользователей согласно выборки $users = $model->getUsers($only_online); } else { $inDB->resetConditions(); } $link['latest'] = '/users'; $link['positive'] = '/users/positive.html'; $link['rating'] = '/users/rating.html'; if ($orderby == 'regdate') { $link['selected'] = 'latest'; } if ($orderby == 'karma') { $link['selected'] = 'positive'; } if ($orderby == 'rating') { $link['selected'] = 'rating'; } $pagebar_link = '/users/' . $link['selected'] . '%page%.html'; if ($group_id) { $link['selected'] = 'group'; $pagebar_link = '/users/' . $link['selected'] . '/' . $group_id . '-%page%'; } cmsPage::initTemplate('components', 'com_users_view')->assign('stext', $stext)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('users', $users)->assign('total', $total)->assign('only_online', $only_online)->assign('gender', $gender)->assign('name', stripslashes($name))->assign('city', stripslashes($city))->assign('hobby', stripslashes($hobby))->assign('age_to', $age_to)->assign('age_fr', $age_fr)->assign('cfg', $model->config)->assign('link', $link)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['users_perpage'], $pagebar_link))->display('com_users_view.tpl'); } //============================================================================// //======================= Редактирование профиля ============================// //============================================================================// if ($do == 'editprofile') { // неавторизованным, не владельцам и не админам тут делать нечего if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) { cmsCore::error404(); } $usr = $model->getUser($id); if (!$usr) { cmsCore::error404(); } $opt = cmsCore::request('opt', 'str', 'edit'); // главного админа может редактировать только он сам if ($id == 1 && $inUser->id != $id) { cmsCore::error404(); } // показываем форму if ($opt == 'edit') { $inPage->setTitle($_LANG['CONFIG_PROFILE'] . ' - ' . $usr['nickname']); $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['CONFIG_PROFILE']); $private_forms = array(); if (isset($model->config['privforms'])) { if (is_array($model->config['privforms'])) { foreach ($model->config['privforms'] as $form_id) { $private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, $usr['formsdata'])); } } } cmsPage::initTemplate('components', 'com_users_edit_profile')->assign('opt', $opt)->assign('usr', $usr)->assign('private_forms', $private_forms)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('cfg', $model->config)->display('com_users_edit_profile.tpl'); return; } // Если сохраняем профиль if ($opt == 'save') { if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $errors = false; $users['nickname'] = cmsCore::request('nickname', 'str'); if (mb_strlen($users['nickname']) < 2) { cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error'); $errors = true; } cmsCore::loadModel('registration'); $modreg = new cms_model_registration(); if (!$inUser->is_admin) { if ($modreg->getBadNickname($users['nickname'])) { cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error'); $errors = true; } } $profiles['gender'] = cmsCore::request('gender', 'str'); $profiles['city'] = cmsCore::request('city', 'str'); if (mb_strlen($profiles['city']) > 50) { cmsCore::addSessionMessage($_LANG['LONG_CITY_NAME'], 'error'); $errors = true; } $users['email'] = cmsCore::request('email', 'email'); if (!$users['email']) { cmsCore::addSessionMessage($_LANG['REALY_ADRESS_EMAIL'], 'error'); $errors = true; } if ($usr['email'] != $users['email']) { $is_set_email = $inDB->get_field('cms_users', "email='{$users['email']}'", 'id'); if ($is_set_email) { cmsCore::addSessionMessage($_LANG['ADRESS_EMAIL_IS_BUSY'], 'error'); $errors = true; } else { // формируем токен $token = md5($usr['email'] . uniqid() . microtime()); $inDB->insert('cms_users_activate', array('user_id' => $inUser->id, 'pubdate' => date("Y-m-d H:i:s"), 'code' => $token)); $codelink = HOST . '/users/change_email/' . $token . '/' . $users['email']; // по старому адресу высылаем письмо с подтверждением $letter = cmsCore::getLanguageTextFile('change_email'); $letter = str_replace(array('{nickname}', '{codelink}'), array($inUser->nickname, $codelink), $letter); cmsCore::mailText($usr['email'], '', $letter); cmsCore::addSessionMessage(sprintf($_LANG['YOU_CHANGE_EMAIL'], $usr['email']), 'info'); // email не меняем $users['email'] = $usr['email']; } } $profiles['showphone'] = cmsCore::request('showphone', 'int', 0); $profiles['showmail'] = cmsCore::request('showmail', 'int'); $profiles['email_newmsg'] = cmsCore::request('email_newmsg', 'int'); $profiles['showbirth'] = cmsCore::request('showbirth', 'int'); $profiles['description'] = cmsCore::request('description', 'str', ''); $users['birthdate'] = (int) $_REQUEST['birthdate']['year'] . '-' . (int) $_REQUEST['birthdate']['month'] . '-' . (int) $_REQUEST['birthdate']['day']; $profiles['signature'] = $inDB->escape_string(cmsCore::badTagClear(cmsCore::request('signature', 'html', ''))); $profiles['signature_html'] = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('signature', 'html', ''), true)); $profiles['allow_who'] = cmsCore::request('allow_who', 'str'); if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['allow_who'])) { $errors = true; } $users['icq'] = cmsCore::request('icq', 'str', ''); $profiles['showicq'] = cmsCore::request('showicq', 'int'); $profiles['cm_subscribe'] = cmsCore::request('cm_subscribe', 'str'); if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['cm_subscribe'])) { $errors = true; } $users['phone'] = cmsCore::request('phone', 'int', 0); // получаем данные форм $profiles['formsdata'] = ''; if (isset($model->config['privforms'])) { if (is_array($model->config['privforms'])) { foreach ($model->config['privforms'] as $form_id) { $form_input = cmsForm::getFieldsInputValues($form_id); $profiles['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values'])); // Проверяем значения формы foreach ($form_input['errors'] as $field_error) { if ($field_error) { cmsCore::addSessionMessage($field_error, 'error'); $errors = true; } } } } } if ($errors) { cmsCore::redirectBack(); } $inDB->update('cms_user_profiles', cmsCore::callEvent('UPDATE_USER_PROFILES', array_merge(array('id' => $usr['pid'], 'user_id' => $usr['id']), $profiles)), $usr['pid']); $inDB->update('cms_users', cmsCore::callEvent('UPDATE_USER_USERS', array_merge(array('id' => $usr['id']), $users)), $usr['id']); cmsCore::addSessionMessage($_LANG['PROFILE_SAVED'], 'info'); cmsCore::redirect(cmsUser::getProfileURL($usr['login'])); } if ($opt == 'changepass') { $errors = false; $oldpass = cmsCore::request('oldpass', 'str'); $newpass = cmsCore::request('newpass', 'str'); $newpass2 = cmsCore::request('newpass2', 'str'); if ($inUser->password != md5($oldpass)) { cmsCore::addSessionMessage($_LANG['OLD_PASS_WRONG'], 'error'); $errors = true; } if ($newpass != $newpass2) { cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error'); $errors = true; } if ($oldpass && $newpass && $newpass2 && mb_strlen($newpass) < 6) { cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error'); $errors = true; } if ($errors) { cmsCore::redirectBack(); } cmsCore::callEvent('UPDATE_USER_PASSWORD', array('user_id' => $usr['id'], 'oldpass' => $oldpass, 'newpass' => $newpass)); $sql = "UPDATE cms_users SET password='******' WHERE id = '{$id}' AND password='******'"; $inDB->query($sql); cmsCore::addSessionMessage($_LANG['PASS_CHANGED'], 'info'); cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } } //============================================================================// //============================= Просмотр профиля ============================// //============================================================================// if ($do == 'profile') { $inPage->addHeadJsLang(array('NEW_POST_ON_WALL', 'CONFIRM_DEL_POST_ON_WALL')); // если просмотр профиля гостям запрещен if (!$inUser->id && !$model->config['sw_guest']) { cmsUser::goToLogin(); } if (is_numeric($login)) { cmsCore::error404(); } $usr = $model->getUser($login); if (!$usr) { cmsCore::error404(); } $myprofile = $inUser->id == $usr['id']; $inPage->setTitle($usr['nickname']); $inPage->addPathway($usr['nickname']); // просмотр профиля запрещен if (!cmsUser::checkUserContentAccess($usr['allow_who'], $usr['id'])) { cmsPage::initTemplate('components', 'com_users_not_allow')->assign('is_auth', $inUser->id)->assign('usr', $usr)->display('com_users_not_allow.tpl'); return; } // Профиль удален if ($usr['is_deleted']) { cmsPage::initTemplate('components', 'com_users_deleted.tpl')->assign('usr', $usr)->assign('is_admin', $inUser->is_admin)->assign('others_active', $inDB->rows_count('cms_users', "login='******'login']}' AND is_deleted=0", 1))->display('com_users_deleted.tpl'); return; } // Данные о друзьях $usr['friends_total'] = cmsUser::getFriendsCount($usr['id']); $usr['friends'] = cmsUser::getFriends($usr['id']); // очищать сессию друзей если в своем профиле и количество друзей из базы не совпадает с количеством друзей в сессии if ($myprofile && sizeof($usr['friends']) != $usr['friends_total']) { cmsUser::clearSessionFriends(); } // обрезаем список $usr['friends'] = array_slice($usr['friends'], 0, 6); // выясняем друзья ли мы с текущим пользователем $usr['isfriend'] = !$myprofile ? cmsUser::isFriend($usr['id']) : false; // награды пользователя $usr['awards'] = $model->config['sw_awards'] ? $model->getUserAwards($usr['id']) : false; // стена if ($model->config['sw_wall']) { $inDB->limitPage(1, $model->config['wall_perpage']); $usr['wall_html'] = cmsUser::getUserWall($usr['id'], 'users', $myprofile, $inUser->is_admin); } // можно ли пользователю изменять карму $usr['can_change_karma'] = $model->isUserCanChangeKarma($usr['id']) && $inUser->id; // Фотоальбомы пользователя if ($model->config['sw_photo']) { $usr['albums'] = $model->getPhotoAlbums($usr['id'], $usr['isfriend'], !$inCore->isComponentEnable('photos')); $usr['albums_total'] = sizeof($usr['albums']); $usr['albums_show'] = 6; if ($usr['albums_total'] > $usr['albums_show']) { array_splice($usr['albums'], $usr['albums_show']); } } $usr['board_count'] = $model->config['sw_board'] ? $inDB->rows_count('cms_board_items', "user_id='{$usr['id']}' AND published=1") : 0; $usr['comments_count'] = $model->config['sw_comm'] ? $inDB->rows_count('cms_comments', "user_id='{$usr['id']}' AND published=1") : 0; $usr['forum_count'] = $model->config['sw_forum'] ? $inDB->rows_count('cms_forum_posts', "user_id = '{$usr['id']}'") : 0; $usr['files_count'] = $model->config['sw_files'] ? $inDB->rows_count('cms_user_files', "user_id = '{$usr['id']}'") : 0; $cfg_reg = $inCore->loadComponentConfig('registration'); $usr['invites_count'] = $inUser->id && $myprofile && $cfg_reg['reg_type'] == 'invite' ? $model->getUserInvitesCount($inUser->id) : 0; $usr['blog'] = $model->config['sw_blogs'] ? $inDB->get_fields('cms_blogs', "user_id = '{$usr['id']}' AND owner = 'user'", 'title, seolink') : false; $usr['form_fields'] = array(); if (is_array($model->config['privforms'])) { foreach ($model->config['privforms'] as $form_id) { $usr['form_fields'] = array_merge($usr['form_fields'], cmsForm::getFieldsValues($form_id, $usr['formsdata'])); } } if ($usr['city']) { cmsCore::loadModel('geo'); $geo = new cms_model_geo(); $city_parents = $geo->getCityParents($usr['city']); if ($city_parents) { $usr['country'] = $city_parents['country_name']; } } $plugins = $model->getPluginsOutput($usr); cmsPage::initTemplate('components', 'com_users_profile.tpl')->assign('usr', $usr)->assign('plugins', $plugins)->assign('cfg', $model->config)->assign('myprofile', $myprofile)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('is_admin', $inUser->is_admin)->assign('is_auth', $inUser->id)->display('com_users_profile.tpl'); } //============================================================================// //============================= Список сообщений ============================// //============================================================================// if ($do == 'messages') { if (!$model->config['sw_msg']) { cmsCore::error404(); } if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) { cmsUser::goToLogin(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $inPage->setTitle($_LANG['MY_MESS']); $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['MY_MESS'], '/users/' . $id . '/messages.html'); include 'components/users/messages.php'; } //============================================================================// //=========================== Отправка сообщения ============================// //============================================================================// if ($do == 'sendmessage') { if (!$model->config['sw_msg']) { cmsCore::halt(); } if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') { cmsCore::halt(); } if (!$inUser->id || $inUser->id == $id && !cmsCore::inRequest('massmail') && !cmsCore::request('send_to_group', 'int', 0)) { cmsCore::halt(); } if (!cmsCore::inRequest('gosend')) { $replyid = cmsCore::request('replyid', 'int', 0); if ($replyid) { $msg = $model->getReplyMessage($replyid, $inUser->id); if (!$msg) { cmsCore::halt(); } } $inPage->setRequestIsAjax(); cmsPage::initTemplate('components', 'com_users_messages_add')->assign('msg', isset($msg) ? $msg : array())->assign('is_reply_user', $replyid)->assign('id', $id)->assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->assign('groups', $inUser->is_admin ? cmsUser::getGroups(true) : array())->assign('friends', cmsUser::getFriends($inUser->id))->assign('id_admin', $inUser->is_admin)->display('com_users_messages_add.tpl'); cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean())); } if (cmsCore::inRequest('gosend')) { // Кому отправляем $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::halt(); } $message = cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true); if (mb_strlen($message) < 2) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS'])); } if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $output = cmsCore::callEvent('USER_SEND_MESSEDGE', array('text' => $message, 'to_id' => $id)); $message = $output['text']; $id = $output['to_id']; $send_to_group = cmsCore::request('send_to_group', 'int', 0); $group_id = cmsCore::request('group_id', 'int', 0); // // Обычная отправка (1 получатель) // if (!cmsCore::inRequest('massmail') && !$send_to_group) { //отправляем сообщение $msg_id = cmsUser::sendMessage($inUser->id, $id, $message); // отправляем уведомление на email если нужно $model->sendNotificationByEmail($id, $inUser->id, $msg_id); cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_MESS_OK'])); } // // далее идут массовые рассылки, доступные только админам // if (!$inUser->is_admin) { cmsCore::halt(); } // отправить всем: получаем список всех пользователей if (cmsCore::inRequest('massmail')) { $userlist = cmsUser::getAllUsers(); // проверяем что есть кому отправлять if (!$userlist) { cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ERR_SEND_MESS'])); } $count = array(); // отправляем всем по списку foreach ($userlist as $usr) { $count[] = cmsUser::sendMessage(USER_MASSMAIL, $usr['id'], $message); } cmsCore::jsonOutput(array('error' => false, 'text' => sprintf($_LANG['SEND_MESS_ALL_OK'], sizeof($count)))); } // отправить группе: получаем список членов группы if ($send_to_group) { $count = cmsUser::sendMessageToGroup(USER_MASSMAIL, $group_id, $message); $success_msg = sprintf($_LANG['SEND_MESS_GROUP_OK'], $count, cmsUser::getGroupTitle($group_id)); cmsCore::jsonOutput(array('error' => false, 'text' => $success_msg)); } } } //============================================================================// //============================= Удаление сообщения ==========================// //============================================================================// if ($do == 'delmessage') { if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') { cmsCore::halt(); } if (!$model->config['sw_msg']) { cmsCore::halt(); } if (!$inUser->id) { cmsCore::halt(); } $msg = $inDB->get_fields('cms_user_msg', "id='{$id}'", '*'); if (!$msg) { cmsCore::halt(); } $can_delete = $inUser->id == $msg['to_id'] || $inUser->id == $msg['from_id'] ? true : false; if (!$can_delete && !$inUser->is_admin) { cmsCore::halt(); } // Сообщения с from_id < 0 if ($msg['from_id'] < 0) { $inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1"); $info_text = $_LANG['MESS_NOTICE_DEL_OK']; } // мне сообщение от пользователя if ($msg['to_id'] == $inUser->id && $msg['from_id'] > 0) { $inDB->query("UPDATE cms_user_msg SET to_del=1 WHERE id='{$id}'"); $info_text = $_LANG['MESS_DEL_OK']; } // от меня сообщение if ($msg['from_id'] == $inUser->id && !$msg['is_new']) { $inDB->query("UPDATE cms_user_msg SET from_del=1 WHERE id='{$id}'"); $info_text = $_LANG['MESS_DEL_OK']; } // отзываем сообщение if ($msg['from_id'] == $inUser->id && $msg['is_new']) { $inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1"); $info_text = $_LANG['MESS_BACK_OK']; } // удаляем сообщения, которые удалены с двух сторон $inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1"); cmsCore::jsonOutput(array('error' => false, 'text' => $info_text)); } //============================================================================// //=========================== Удаление сообщений ============================// //============================================================================// if ($do == 'delmessages') { if (!$model->config['sw_msg']) { cmsCore::error404(); } if ($inUser->id != $id && !$inUser->is_admin) { cmsCore::error404(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $opt = cmsCore::request('opt', 'str', 'in'); if ($opt == 'notices') { $inDB->query("DELETE FROM cms_user_msg WHERE to_id = '{$id}' AND from_id < 0"); } else { $del_flag = $opt == 'in' ? 'to_del' : 'from_del'; $id_flag = $opt == 'in' ? 'to_id' : 'from_id'; $inDB->query("UPDATE cms_user_msg SET {$del_flag}=1 WHERE {$id_flag}='{$id}'"); $inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1"); } cmsCore::addSessionMessage($_LANG['MESS_ALL_DEL_OK'], 'info'); cmsCore::redirectBack(); } //============================================================================// //============================= Загрузка аватара ============================// //============================================================================// if ($do == 'avatar') { if (!$inUser->id || $inUser->id && $inUser->id != $id) { cmsCore::error404(); } $inPage->setTitle($_LANG['LOAD_AVATAR']); $inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login)); $inPage->addPathway($_LANG['LOAD_AVATAR']); if (cmsCore::inRequest('upload')) { cmsCore::loadClass('upload_photo'); $inUploadPhoto = cmsUploadPhoto::getInstance(); // Выставляем конфигурационные параметры $inUploadPhoto->upload_dir = PATH . '/images/'; $inUploadPhoto->dir_medium = 'users/avatars/'; $inUploadPhoto->dir_small = 'users/avatars/small/'; $inUploadPhoto->small_size_w = $model->config['smallw']; $inUploadPhoto->medium_size_w = $model->config['medw']; $inUploadPhoto->medium_size_h = $model->config['medh']; $inUploadPhoto->is_watermark = false; $inUploadPhoto->input_name = 'picture'; $file = $inUploadPhoto->uploadPhoto($inUser->orig_imageurl); if (!$file) { cmsCore::addSessionMessage('<strong>' . $_LANG['ERROR'] . ':</strong> ' . cmsCore::uploadError() . '!', 'error'); cmsCore::redirect('/users/' . $id . '/avatar.html'); } $sql = "UPDATE cms_user_profiles SET imageurl = '{$file['filename']}' WHERE user_id = '{$id}' LIMIT 1"; $inDB->query($sql); // очищаем предыдущую запись о смене аватара cmsActions::removeObjectLog('add_avatar', $id); // выводим сообщение в ленту cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava"> <img border="0" src="/images/users/avatars/small/' . $file['filename'] . '"> </a>')); cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } else { cmsPage::initTemplate('components', 'com_users_avatar_upload')->assign('id', $id)->display('com_users_avatar_upload.tpl'); } } //============================================================================// //============================= Библиотека аватаров =========================// //============================================================================// if ($do == 'select_avatar') { if (!$inUser->id || $inUser->id && $inUser->id != $id) { cmsCore::error404(); } $avatars_dir = PATH . "/images/users/avatars/library"; $avatars_dir_rel = "/images/users/avatars/library"; $avatars_dir_handle = opendir($avatars_dir); $avatars = array(); while ($nextfile = readdir($avatars_dir_handle)) { if ($nextfile != '.' && $nextfile != '..' && (mb_strstr($nextfile, '.gif') || mb_strstr($nextfile, '.jpg') || mb_strstr($nextfile, '.jpeg') || mb_strstr($nextfile, '.png'))) { $avatars[] = $nextfile; } } closedir($avatars_dir_handle); if (!cmsCore::inRequest('set_avatar')) { $inPage->setTitle($_LANG['SELECT_AVATAR']); $inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login)); $inPage->addPathway($_LANG['SELECT_AVATAR']); $perpage = 20; $total = sizeof($avatars); $avatars = array_slice($avatars, ($page - 1) * $perpage, $perpage); cmsPage::initTemplate('components', 'com_users_avatars')->assign('userid', $id)->assign('avatars', $avatars)->assign('avatars_dir', $avatars_dir_rel)->assign('page', $page)->assign('perpage', $perpage)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/users/%user_id%/select-avatar-%page%.html', array('user_id' => $id)))->display('com_users_avatars.tpl'); } else { $avatar_id = cmsCore::request('avatar_id', 'int', 0); $file = $avatars[$avatar_id]; if (file_exists($avatars_dir . '/' . $file)) { $uploaddir = PATH . '/images/users/avatars/'; $realfile = $file; $filename = md5($realfile . '-' . $id . '-' . time()) . '.jpg'; $uploadfile = $avatars_dir . '/' . $realfile; $uploadavatar = $uploaddir . $filename; $uploadthumb = $uploaddir . 'small/' . $filename; if ($inUser->orig_imageurl && $inUser->orig_imageurl != 'nopic.jpg') { @unlink(PATH . '/images/users/avatars/' . $inUser->orig_imageurl); @unlink(PATH . '/images/users/avatars/small/' . $inUser->orig_imageurl); } cmsCore::includeGraphics(); copy($uploadfile, $uploadavatar); @img_resize($uploadfile, $uploadthumb, $model->config['smallw'], $model->config['smallw']); $sql = "UPDATE cms_user_profiles SET imageurl = '{$filename}' WHERE user_id = '{$id}' LIMIT 1"; $inDB->query($sql); // очищаем предыдущую запись о смене аватара cmsActions::removeObjectLog('add_avatar', $id); // выводим сообщение в ленту cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava"> <img border="0" src="/images/users/avatars/small/' . $filename . '"> </a>')); } cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } } //============================================================================// //======================== Работа с фотографиями ============================// //============================================================================// if ($do == 'photos') { if (!$model->config['sw_photo']) { cmsCore::error404(); } $pdo = cmsCore::request('pdo', 'str', ''); include 'components/users/photos.php'; } //============================================================================// //============================= Друзья пользователя =========================// //============================================================================// if ($do == 'friendlist') { if (!$inUser->id) { cmsUser::goToLogin(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $perpage = 10; $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['FRIENDS']); $inPage->setTitle($_LANG['FRIENDS']); // все друзья $friends = cmsUser::getFriends($usr['id']); // их общее количество $total = count($friends); // получаем только нужных на странице $friends = array_slice($friends, ($page - 1) * $perpage, $perpage); cmsPage::initTemplate('components', 'com_users_friends')->assign('friends', $friends)->assign('usr', $usr)->assign('myprofile', $id == $inUser->id)->assign('total', $total)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/friendlist%page%.html\')'))->display('com_users_friends.tpl'); } //============================================================================// //============================= Запрос на дружбу ============================// //============================================================================// if ($do == 'addfriend') { if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') { cmsCore::halt(); } if (!$inUser->id || $inUser->id == $id) { cmsCore::halt(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::halt(); } cmsUser::clearSessionFriends(); if (cmsUser::isFriend($id)) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['YOU_ARE_BE_FRIENDS'])); } // проверяем был ли ранее запрос на дружбу // если был, то делаем accept запросу $is_need_accept_id = cmsUser::getFriendFieldId($id, 0, 'to_me'); if ($is_need_accept_id) { $inDB->query("UPDATE cms_user_friends SET is_accepted = 1 WHERE id = '{$is_need_accept_id}'"); //регистрируем событие cmsActions::log('add_friend', array('object' => $inUser->nickname, 'user_id' => $usr['id'], 'object_url' => cmsUser::getProfileURL($inUser->login), 'object_id' => $is_need_accept_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => '')); cmsCore::callEvent('USER_ACCEPT_FRIEND', $id); cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_FRIEND_OK'] . $usr['nickname'])); } // Если пользователь пытается добавиться в друзья к // пользователю, к которому уже отправил запрос if (cmsUser::getFriendFieldId($id, 0, 'from_me')) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ADD_TO_FRIEND_SEND_ERR'])); } // Мы вообще не друзья с пользователем, создаем запрос cmsUser::addFriend($id); cmsUser::sendMessage(USER_UPDATER, $id, sprintf($_LANG['RECEIVED_F_O'], cmsUser::getProfileLink($inUser->login, $inUser->nickname), '<a class="ajaxlink" href="javascript:void(0)" onclick="users.acceptFriend(' . $inUser->id . ', this);return false;">' . $_LANG['ACCEPT'] . '</a>', '<a class="ajaxlink" href="javascript:void(0)" onclick="users.rejectFriend(' . $inUser->id . ', this);return false;">' . $_LANG['REJECT'] . '</a>')); cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_TO_FRIEND_SEND'])); } //============================================================================// //============================= Прекращение дружбы ==========================// //============================================================================// if ($do == 'delfriend') { if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') { cmsCore::halt(); } if (!$inUser->id || $inUser->id == $id) { cmsCore::halt(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } if (cmsUser::getFriendFieldId($id)) { $is_accepted_friend = cmsUser::isFriend($id); if (cmsUser::deleteFriend($id)) { // Если подтвержденный друг if ($is_accepted_friend) { cmsCore::jsonOutput(array('error' => false, 'text' => $usr['nickname'] . $_LANG['DEL_FRIEND'])); } else { cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['REJECT_FRIEND'] . $usr['nickname'])); } } else { cmsCore::halt(); } } else { cmsCore::halt(); } } //============================================================================// //============================= История кармы ===============================// //============================================================================// if ($do == 'karma') { $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $inPage->setTitle($_LANG['KARMA_HISTORY']); $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['KARMA_HISTORY']); cmsPage::initTemplate('components', 'com_users_karma')->assign('karma', $model->getUserKarma($usr['id']))->assign('usr', $usr)->display('com_users_karma.tpl'); } //============================================================================// //============================= Изменение кармы =============================// //============================================================================// if ($do == 'votekarma') { if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') { cmsCore::halt(); } if (!$inUser->id) { cmsCore::halt(); } $points = cmsCore::request('sign', 'str', 'plus') == 'plus' ? 1 : -1; $to = cmsCore::request('to', 'int', 0); $user = cmsUser::getShortUserData($to); if (!$user) { cmsCore::halt(); } if (!$model->isUserCanChangeKarma($to)) { cmsCore::halt(); } cmsCore::halt(cmsUser::changeKarmaUser($to, $points)); } //============================================================================// //======================= Наградить пользователя ============================// //============================================================================// if ($do == 'giveaward') { if (!$inUser->is_admin) { cmsCore::error404(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $inPage->setTitle($_LANG['AWARD_USER']); $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['AWARD']); if (!cmsCore::inRequest('gosend')) { cmsPage::initTemplate('components', 'com_users_awards_give')->assign('usr', $usr)->assign('awardslist', cmsUser::getAwardsImages())->display('com_users_awards_give.tpl'); } else { $award['title'] = cmsCore::request('title', 'str', $_LANG['AWRD']); $award['description'] = cmsCore::request('description', 'str', ''); $award['imageurl'] = cmsCore::request('imageurl', 'str', ''); $award['from_id'] = $inUser->id; $award['id'] = 0; cmsUser::giveAward($award, $id); cmsCore::redirect(cmsUser::getProfileURL($usr['login'])); } } //============================================================================// //============================= Удаление награды ============================// //============================================================================// if ($do == 'delaward') { $aw = $inDB->get_fields('cms_user_awards', "id = '{$id}'", '*'); if (!$aw) { cmsCore::error404(); } if (!$inUser->id || $inUser->id != $aw['user_id'] && !$inUser->is_admin) { cmsCore::error404(); } $inDB->delete('cms_user_awards', "id = '{$id}'", 1); cmsActions::removeObjectLog('add_award', $id); cmsCore::redirectBack(); } //============================================================================// //============================= Награды на сайте ============================// //============================================================================// if ($do == 'awardslist') { $inPage->setTitle($_LANG['SITE_AWARDS']); $inPage->addPathway($_LANG['SITE_AWARDS']); $awards = cmsUser::getAutoAwards(); if (!$awards) { cmsCore::error404(); } foreach ($awards as $aw) { //Перебираем все награды и ищем пользователей с текущей наградой $sql = "SELECT u.id as id, u.nickname as nickname, u.login as login, IFNULL(p.gender, 'm') as gender\r\n FROM cms_user_awards aw\r\n LEFT JOIN cms_users u ON u.id = aw.user_id\r\n LEFT JOIN cms_user_profiles p ON p.user_id = u.id\r\n WHERE aw.award_id = '{$aw['id']}'"; $rs = $inDB->query($sql); $aw['uhtml'] = ''; if ($inDB->num_rows($rs)) { while ($user = $inDB->fetch_assoc($rs)) { $aw['uhtml'] .= cmsUser::getGenderLink($user['id'], $user['nickname'], $user['gender'], $user['login']) . ', '; } $aw['uhtml'] = rtrim($aw['uhtml'], ', '); } else { $aw['uhtml'] = $_LANG['NOT_USERS_WITH_THIS_AWARD']; } $aws[] = $aw; } cmsPage::initTemplate('components', 'com_users_awards_site')->assign('aws', $aws)->display('com_users_awards_site.tpl'); } //============================================================================// //============================= Удаление профиля ============================// //============================================================================// if ($do == 'delprofile') { // неавторизованным тут делать нечего if (!$inUser->id) { cmsCore::error404(); } // есть ли удаляемый профиль $data = cmsUser::getShortUserData($id); if (!$data) { cmsCore::error404(); } // владелец профиля или админ if ($inUser->is_admin) { // могут ли администраторы удалять профиль if (!cmsUser::isAdminCan('admin/users', cmsUser::getAdminAccess())) { cmsCore::error404(); } // администратор сам себя не удалит if ($inUser->id == $data['id']) { cmsCore::error404(); } } else { // удаляем только свой профиль if ($inUser->id != $data['id']) { cmsCore::error404(); } } if (isset($_POST['csrf_token'])) { if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $model->deleteUser($id); if (!$inUser->is_admin) { session_destroy(); cmsCore::redirect('/logout'); } else { cmsCore::addSessionMessage($_LANG['DELETING_PROFILE_OK'], 'info'); cmsCore::redirect('/users'); } } else { $inPage->setTitle($_LANG['DELETING_PROFILE']); $inPage->addPathway($data['nickname'], $inUser->getProfileURL($data['login'])); $inPage->addPathway($_LANG['DELETING_PROFILE']); $confirm['title'] = $_LANG['DELETING_PROFILE']; $confirm['text'] = '<p>' . $_LANG['REALLY_DEL_PROFILE'] . '</p>'; $confirm['action'] = '/users/' . $id . '/delprofile.html'; $confirm['yes_button'] = array(); $confirm['yes_button']['type'] = 'submit'; cmsPage::initTemplate('components', 'action_confirm.tpl')->assign('confirm', $confirm)->display('action_confirm.tpl'); } } //============================================================================// //============================ Восстановить профиль =========================// //============================================================================// if ($do == 'restoreprofile') { if (!$inUser->is_admin) { cmsCore::error404(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $inDB->query("UPDATE cms_users SET is_deleted = 0 WHERE id = '{$id}'"); cmsCore::redirectBack(); } //============================================================================// //============================= Файлы пользователей =========================// //============================================================================// if ($do == 'files') { if (!$model->config['sw_files']) { cmsCore::error404(); } $fdo = cmsCore::request('fdo', 'str', ''); include 'components/users/files.php'; } //============================================================================// //================================ Инвайты =================================// //============================================================================// if ($do == 'invites') { $reg_cfg = $inCore->loadComponentConfig('registration'); if ($reg_cfg['reg_type'] != 'invite') { cmsCore::error404(); } $invites_count = $model->getUserInvitesCount($inUser->id); if (!$invites_count) { cmsCore::error404(); } if (!cmsCore::inRequest('send_invite')) { $inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login)); $inPage->addPathway($_LANG['MY_INVITES']); cmsPage::initTemplate('components', 'com_users_invites')->assign('invites_count', $invites_count)->display('com_users_invites.tpl'); return; } if (cmsCore::inRequest('send_invite')) { if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $invite_email = cmsCore::request('invite_email', 'email', ''); if (!$invite_email) { cmsCore::redirectBack(); } if ($model->sendInvite($inUser->id, $invite_email)) { cmsCore::addSessionMessage(sprintf($_LANG['INVITE_SENDED'], $invite_email), 'success'); } else { cmsCore::addSessionMessage($_LANG['INVITE_ERROR'], 'error'); } cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } } if ($do == 'change_email') { if (!$inUser->id) { cmsUser::goToLogin(); } $email = cmsCore::request('email', 'email', ''); $token = cmsCore::request('token', 'str', ''); // не занят ли email $is_email = $inDB->get_field('cms_users', "email='{$email}'", 'id'); if ($is_email || !$email || !$token) { cmsCore::error404(); } // проверяем токен $valid_id = $inDB->get_field('cms_users_activate', "code='{$token}' AND user_id = '{$inUser->id}'", 'id'); if (!$valid_id) { cmsCore::error404(); } $inDB->delete('cms_users_activate', "id = '{$valid_id}'"); // Сохраняем новый email $inDB->update('cms_users', array('email' => $email), $inUser->id); cmsCore::addSessionMessage($_LANG['NEW_EMAIL_SAVED'], 'success'); cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// }
</tr> <?php } ?> </table> </div> <?php } ?> <?php if ($is_quests) { ?> <?php if ($id == 0) { ?> <h1 class="con_heading"><?php echo $_LANG['LAST_QUESTIONS']; ?></h1> <?php } ?> <?php foreach($quests as $quest) { ?> <div class="faq_quest"> <table cellspacing="5" cellpadding="0" border="0" width="100%"> <tr> <td width="30" valign="top"><img src="/templates/<?php echo cmsCore::c('config')->template; ?>/images/icons/big/faq_quest.png" border="0" /></td> <td width="" valign="middle"> <div class="faq_quest_link"><a href="/faq/quest<?php echo $quest['id']; ?>.html"><?php echo $quest['quest']; ?></a></div> <?php if ($id == 0) { ?> <div class="faq_questcat">→ <a href="/faq/<?php echo $quest['cid']; ?>"><?php echo $quest['cat_title']; ?></a></div> <?php } ?> <div class="faq_questdate"><?php echo $quest['pubdate']; ?></div> <?php if ($cfg['user_link']) { ?> <div class="faq_questuser"><?php if ($quest['nickname']) { ?><a href="<?php echo cmsUser::getProfileURL($quest['login']); ?>"><?php echo $quest['nickname']; ?></a><?php } else { ?><?php echo $_LANG['QUESTION_GUEST']; ?><?php } ?></div> <?php } ?> </td> </tr> </table> </div> <?php } ?> <?php if ($id > 0) { ?> <?php echo $pagebar; ?> <?php } ?> <?php } ?>
<table cellspacing="5" border="0" cellpadding="3" class="mod_user_rating"> <?php foreach ($users as $usr) { ?> <tr> <td width="20" class="avatar"><a href="<?php echo cmsUser::getProfileURL($usr['login']); ?>"><img border="0" class="usr_img_small" src="<?php echo $usr['avatar']; ?>" /></a></td> <td width=""> <?php echo $usr['user_link']; ?> <?php if ($cfg['view_type'] == 'rating') { ?> <div class="rating"><?php echo $this->rating($usr['rating']); ?></div> <?php } else { ?> <div class="karma"><?php echo $this->rating($usr['karma']); ?></div> <?php } ?> <?php if ($usr['microstatus']) { ?> <div class="microstatus"><?php echo $usr['microstatus']; ?></div> <?php } ?> </td> </tr> <?php } ?> </table>
<?php $last_thread_id = $post['thread_id']; ?> <tr class="posts_table_tr"> <td class="post_usercell" width="140" align="center" valign="top" height="150"> <div> <a href="<?php echo cmsUser::getProfileURL($post['login']); ?>" title="<?php echo $_LANG['GOTO_PROFILE']; ?>"><?php echo $this->escape($post['nickname']); ?></a> </div> <div class="post_userrank"> <?php if ($post['userrank']['group']) { ?> <span class="<?php echo $post['userrank']['class']; ?>"><?php echo $post['userrank']['group']; ?></span> <?php } ?> <?php if ($post['userrank']['rank']) { ?> <span class="<?php echo $post['userrank']['class']; ?>"><?php echo $post['userrank']['rank']; ?></span> <?php } ?> </div> <div class="post_userimg"> <a href="<?php echo cmsUser::getProfileURL($post['login']); ?>" title="<?php echo $_LANG['GOTO_PROFILE']; ?>"><img border="0" class="usr_img_small" src="<?php echo $post['avatar_url']; ?>" alt="<?php echo $this->escape($post['nickname']); ?>" /></a> <?php if ($post['user_awards']) { ?> <div class="post_userawards"> <?php foreach($post['user_awards'] as $award) { ?> <img src="/images/icons/award.gif" border="0" alt="<?php echo $this->escape($award['title']); ?>" title="<?php echo $this->escape($award['title']); ?>"/> <?php } ?> </div> <?php } ?> </div> <div class="post_usermsgcnt"><?php echo $_LANG['MESSAGES']; ?>: <?php echo $post['post_count']; ?></div> <?php if ($post['city']) { ?> <div class="post_usermsgcnt"><?php echo $post['city']; ?></div> <?php } ?> <div><?php echo $post['flogdate']; ?></div> </td> <td width="" class="post_msgcell" align="left" valign="top">