public static function add($contentID, $comment = "", $replyUID = 0, $replyID = 0, $replyCommentID = 0) { if (!isset($_SESSION["user"]) || !$comment) { return false; } $comment = comments::ex_strip_tags($comment); $comment = trim(comments::bbcodes($comment)); $insip = system::getClientIP(); $userID = intval($_SESSION["user"]["userID"]); $replyUID = intval($replyUID); $replyCommentID = intval($replyCommentID); if (!$comment) { return false; } $replyCommentID = 0; $article = array(); if ($replyCommentID && $replyUID && $_SESSION["user"]["userID"] != $replyUID) { $rusers_res = self::$db->query("SELECT * FROM `users` WHERE `userID`=? LIMIT 1", $replyUID); $article_res = self::$db->query("SELECT `title`,`type` FROM `content` WHERE `contentID`=? LIMIT 1", $contentID); $article = $article_res->fetch(); $ruser = $rusers_res->fetch(); $ruser["article_title"] = $article["title"]; $ruser["article_returnPath"] = self::$routePath; $ruser["type"] = $article["type"]; $ruser["commentID"] = $commentID; self::$mail->assign("data", $ruser); self::$mail->sendMail(TPL_PATH . "/mail/mailNotifyReply.tpl", $ruser["email"]); } self::$db->query("INSERT `comments` SET `contentID`=?, `userID`=?, `dt`=NOW(), `email`='?', `author`='?', `body`='?', `guest`='N', `ip`=INET_ATON('?'), `type`='?', `reply_to`=?", $contentID, $_SESSION["user"]["userID"], $_SESSION["user"]["email"], $_SESSION["user"]["nick"], $comment, $insip, self::$controllerCall, $replyCommentID); $commentID = self::$db->insert_id(); self::$db->query("UPDATE `content` SET `comments_count`=`comments_count`+1 WHERE `contentID`=? AND `type`='?'", $contentID, self::$controllerCall); if (isset($_POST["quotedUID"]) && $_POST["quotedUID"]) { $qip = array_filter($_POST["quotedUID"], create_function("\$a", "return ( {$userID} == \$a ? false : true );")); $qip = array_diff($qip, array($replyUID)); if ($qip) { $qip = array_map("intval", $qip); $qusers_res = self::$db->query("SELECT * FROM `users` WHERE `userID` IN (" . implode(",", $qip) . ")"); if ($qusers_res->getNumRows()) { if ($article) { $article_res = self::$db->query("SELECT `title`,`type` FROM `content` WHERE `contentID`=? LIMIT 1", $contentID); $article = $article_res->fetch(); } $qusers = $qusers_res->fetchAll(); foreach ($qusers as $k => $v) { $v["article_title"] = $article["title"]; $v["article_returnPath"] = self::$routePath; $v["type"] = $article["type"]; $v["commentID"] = $commentID; self::$mail->assign("data", $v); self::$mail->sendMail(TPL_PATH . "/mail/mailNotifyQuote.tpl", $v["email"]); } } } } self::$smarty->clearCurrentCache(); system::redirect("/" . self::$routePath . "/#comment_{$commentID}"); return $commentID; }
public static function processPasswordRequest() { system::checkFields(array("email" => "e-mail")); if (isset($_GET["email"])) { $email = trim(urldecode($_GET["email"])); $email = preg_replace("/[^a-zа-яё0-9\\._\\-@]/iu", '', $email); self::$smarty->assign("fill", array("email" => $email)); $IP = system::getClientIP(); if ($email === "0" || !filter_var($email, FILTER_VALIDATE_EMAIL)) { system::registerEvent("error", "email", "Адрес электронной почты введён не правильно.", "e-mail"); } if (!system::checkErrors()) { $usrChk = self::$db->query("SELECT `email`,`userID`,`nick` FROM `users` WHERE `email`='?' AND `source`='direct' LIMIT 1", $email); if (!$usrChk->getNumRows()) { system::registerEvent("error", "email", "Пользователя с таким e-mail не существует", "e-mail"); } } if (!system::checkErrors()) { $retChk = self::$db->query("SELECT `email` FROM `password_recovery` WHERE `add_date`>=(NOW() - INTERVAL 5 MINUTE) AND " . "`email`='?' AND `ip`='?'", $email, $IP); if ($retChk->getNumRows() > 0) { system::registerEvent("error", "email", "Запрос на этот адрес отправлялся 5 минут назад. Подождите.", "e-mail"); } } if (!system::checkErrors()) { $code = self::generateCode(15); $userData = $usrChk->fetch(); self::$db->query("INSERT INTO `password_recovery` SET `userID`=?, `code`='?', `add_date`=NOW(), `ip`='?',`email`='?'", $userData["userID"], $code, $IP, $email); self::$mail->assign("code", $code); self::$mail->assign("appeal", $userData["nick"]); system::registerEvent("mail", "passwordRequest", $email); self::$smarty->assign("emailForSend", $email); self::$mail->assign("emailForSend", $email); self::$smarty->assign("showPassDialog", true); return true; } return false; } return false; }