public function make()
{
$dir = system::getInstance()->get('dir');
if (system::getInstance()->isLatinOrNumeric($dir) && system::getInstance()->length($dir) > 0 && user::getInstance()->get('id') > 0 && $_FILES['img'] != null) {
$isIframe = $_POST["iframe"] ? true : false;
$idarea = $_POST["idarea"];
$obj = extension::getInstance()->call(extension::TYPE_HOOK, 'file');
if (!is_object($obj)) {
exit;
}
$result = $obj->uploadImage('/' . $dir . '/', $_FILES['img']);
$fulllink = property::getInstance()->get('script_url') . "/upload/{$dir}/" . $result;
if ($isIframe) {
if ($result != null) {
echo '<html><body>OK<script>window.parent.$("#' . $idarea . '").insertImage("' . $fulllink . '","' . $fulllink . '").closeModal().updateUI();</script></body></html>';
} else {
echo '<html><body>ERROR<script>window.parent.alert("Image upload error.");</script></body></html>';
}
} else {
header("Content-type: text/javascript");
if ($result != null) {
$json_response = array('status' => '1', 'msg' => 'ok', 'image_link' => $fulllink, 'thumb_link' => $fulllink);
} else {
$json_response = array('status' => '0', 'msg' => 'error');
}
echo stripslashes(json_encode($json_response));
}
}
}
private function viewStreamList()
{
csrf::getInstance()->buildToken();
$params = array();
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$page_index = (int) system::getInstance()->get('index');
$db_index = $page_index * self::ITEM_PER_PAGE;
if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/stream/delete')) {
$toDelete = system::getInstance()->post('check_array');
if (is_array($toDelete) && sizeof($toDelete) > 0) {
$listDelete = system::getInstance()->altimplode(',', $toDelete);
if (system::getInstance()->isIntList($listDelete)) {
database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_stream WHERE id IN (" . $listDelete . ")");
}
}
}
}
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_stream ORDER BY `date` DESC LIMIT ?," . self::ITEM_PER_PAGE);
$stmt->bindParam(1, $db_index, \PDO::PARAM_INT);
$stmt->execute();
$resultAll = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$stmt = null;
$ids = system::getInstance()->extractFromMultyArray('caster_id', $resultAll);
user::getInstance()->listload($ids);
foreach ($resultAll as $row) {
$params['stream'][] = array('id' => $row['id'], 'type' => $row['type'], 'user_id' => $row['caster_id'], 'user_name' => user::getInstance()->get('nick', $row['caster_id']), 'url' => $row['target_object'], 'text' => system::getInstance()->nohtml($row['text_preview']), 'date' => system::getInstance()->todate($row['date'], 'h'));
}
$count_all = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream', false)->streamCount();
$params['pagination'] = template::getInstance()->showFastPagination($page_index, self::ITEM_PER_PAGE, $count_all, '?object=components&action=stream&index=');
return template::getInstance()->twigRender('components/stream/list.tpl', $params);
}
public function urlRelativeToAbsolute($url)
{
if (!system::getInstance()->prefixEquals($url, 'http')) {
$url = property::getInstance()->get('url') . $url;
}
return $url;
}
public function make()
{
$comment_count = extension::getInstance()->getConfig('last_count', 'lastcomments', 'modules', 'int');
if ($comment_count < 1) {
$comment_count = 1;
}
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE `pathway` != '' AND moderate = '0' ORDER BY `time` DESC LIMIT 0,?");
$stmt->bindParam(1, $comment_count, PDO::PARAM_INT);
$stmt->execute();
$res = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt = null;
if (sizeof($res) > 0) {
// have comments in db
$max_comment_char_size = extension::getInstance()->getConfig('text_length', 'lastcomments', 'modules', 'int');
$prepared_userlist = system::getInstance()->extractFromMultyArray('author', $res);
user::getInstance()->listload($prepared_userlist);
$params = array();
foreach ($res as $result) {
$comment_text = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->nobbcode($result['comment']);
$params['comment'][] = array('user_id' => $result['author'], 'user_name' => user::getInstance()->get('nick', $result['author']), 'user_avatar' => user::getInstance()->buildAvatar('small', $result['author']), 'uri' => $result['pathway'], 'preview' => system::getInstance()->altsubstr($comment_text, 0, $max_comment_char_size), 'date' => system::getInstance()->toDate($result['time'], 'd'), 'guest_name' => system::getInstance()->nohtml($result['guest_name']));
}
$render = template::getInstance()->twigRender('modules/lastcomments/lastcomments.tpl', array('local' => $params));
template::getInstance()->set(template::TYPE_MODULE, 'lastcomments', $render);
}
}
public function make()
{
$params = array();
$news_count = extension::getInstance()->getConfig('new_count', 'news_new', extension::TYPE_MODULE, 'int');
if ($news_count < 1) {
$news_count = 1;
}
$stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.link,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_news_entery a," . property::getInstance()->get('db_prefix') . "_com_news_category b\n WHERE a.category = b.category_id AND a.display > 0 ORDER BY a.date DESC LIMIT 0,?");
$stmt->bindParam(1, $news_count, \PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$stmt = null;
foreach ($result as $row) {
$full_path = null;
$image = null;
if (property::getInstance()->get('use_multi_language')) {
$full_path .= '/' . language::getInstance()->getUseLanguage();
}
$full_path .= '/news/';
if ($row['path'] != null) {
$full_path .= $row['path'] . '/';
}
$full_path .= $row['link'];
$serial_title = system::getInstance()->altstripslashes(unserialize($row['title']));
if (file_exists(root . '/upload/news/poster_' . $row['id'] . '.jpg')) {
$image = 'poster_' . $row['id'];
}
$params['latest'][] = array('title' => $serial_title[language::getInstance()->getUseLanguage()], 'image' => $image, 'pathway' => $full_path);
}
$tmp = template::getInstance()->twigRender('modules/news_new/list.tpl', array('local' => $params));
template::getInstance()->set(template::TYPE_MODULE, 'news_new', $tmp);
}
public function make()
{
$post_id = (int) system::getInstance()->get('id');
$user_id = (int) user::getInstance()->get('id');
$message = system::getInstance()->nohtml(system::getInstance()->post('message'));
// thank unknown tester for detect XSS vuln
$time_between_posts = extension::getInstance()->getConfig('wall_post_delay', 'user', 'components', 'int');
if ($post_id > 0 && $user_id > 0 && system::getInstance()->length($message) > 0 && permission::getInstance()->have('global/write')) {
$stmt = database::getInstance()->con()->prepare("SELECT time FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE poster = ? ORDER BY id DESC LIMIT 1");
$stmt->bindParam(1, $user_id, PDO::PARAM_INT);
$stmt->execute();
$res = $stmt->fetch();
$last_post_time = $res['time'];
$stmt = null;
$current_time = time();
if ($current_time - $last_post_time >= $time_between_posts) {
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_wall_answer (wall_post_id, poster, message, time) VALUES(?, ?, ?, ?)");
$stmt->bindParam(1, $post_id, PDO::PARAM_INT);
$stmt->bindParam(2, $user_id, PDO::PARAM_INT);
$stmt->bindParam(3, $message, PDO::PARAM_STR);
$stmt->bindParam(4, $current_time, PDO::PARAM_INT);
$stmt->execute();
$stmt = null;
}
}
api::getInstance()->call('front', 'wallview')->make();
// refresh list
}
public function make()
{
if (user::getInstance()->get('id') > 0) {
$userid = user::getInstance()->get('id');
$title = system::getInstance()->nohtml(system::getInstance()->post('title'));
$url = system::getInstance()->nohtml(system::getInstance()->post('url'));
// only self domain
if (system::getInstance()->prefixEquals($url, property::getInstance()->get('script_url')) && filter_var($url, FILTER_VALIDATE_URL) && system::getInstance()->length($title) > 0) {
$stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_user_bookmarks WHERE target = ? AND href = ?");
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
$stmt->bindParam(2, $url, PDO::PARAM_STR);
$stmt->execute();
$res = $stmt->fetch();
$stmt = null;
if ($res[0] < 1) {
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_bookmarks (`target`, `title`, `href`) VALUES (?, ?, ?)");
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
$stmt->bindParam(2, $title, PDO::PARAM_STR);
$stmt->bindParam(3, $url, PDO::PARAM_STR);
$stmt->execute();
$stmt = null;
}
}
}
}
private function getFeedCount()
{
$stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_feedback");
$stmt->execute();
$res = $stmt->fetch();
$stmt = null;
return $res[0];
}
public function make()
{
$comment_id = (int) system::getInstance()->get('id');
if (user::getInstance()->get('id') > 0 && permission::getInstance()->have('comment/delete') && $comment_id > 0) {
$stmt = database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
$stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
$stmt->execute();
}
}
public function show()
{
$captcha_type = extension::getInstance()->getConfig('captcha_type', 'captcha', 'hooks');
if ($captcha_type == "recaptcha") {
require_once root . "/resource/recaptcha/recaptchalib.php";
return recaptcha_get_html(extension::getInstance()->getConfig('captcha_publickey', 'captcha', 'hooks'));
}
return property::getInstance()->get('script_url') . '/resource/ccaptcha/captcha.php';
}
function get_html($tree = null)
{
$this->autolinks = false;
$text = '';
foreach ($this->tree as $val) {
if ('text' == $val['type']) {
$text .= $val['str'];
}
}
$href = '';
if (isset($this->attrib['url'])) {
$href = $this->attrib['url'];
}
if (!$href && isset($this->attrib['a'])) {
$href = $this->attrib['a'];
}
if (!$href && isset($this->attrib['href'])) {
$href = $this->attrib['href'];
}
if (!$href && !isset($this->attrib['anchor'])) {
$href = $text;
}
$href = $this->checkUrl($href);
$attr = 'class="bb"';
if ($href) {
if (system::getInstance()->prefixEquals($href, property::getInstance()->get('url')) || $href == property::getInstance()->get('url')) {
$attr .= ' href="' . $href . '"';
} else {
$attr .= ' href="' . $href . '" rel="nofollow"';
}
}
if (isset($this->attrib['title'])) {
$title = $this->attrib['title'];
$attr .= ' title="' . htmlspecialchars($title) . '"';
}
$id = '';
if (isset($this->attrib['id'])) {
$id = $this->attrib['id'];
}
if (!$id && isset($this->attrib['name'])) {
$id = $this->attrib['name'];
}
if (!$id && isset($this->attrib['anchor'])) {
$id = $this->attrib['anchor'];
if (!$id) {
$id = $text;
}
}
if ($id) {
if ($id[0] < 'A' || $id[0] > 'z') {
$id = 'bb' . $id;
}
$attr .= ' id="' . htmlspecialchars($id) . '"';
}
return '<a ' . $attr . ' target="_blank">' . parent::get_html($this->tree) . '</a>';
}
private function buildTagCloud()
{
$tag_count = extension::getInstance()->getConfig('tag_count', 'tagcloud', 'modules', 'int');
$stmt = database::getInstance()->con()->prepare("SELECT SQL_CALC_FOUND_ROWS tag, COUNT(*) AS count FROM " . property::getInstance()->get('db_prefix') . "_mod_tags WHERE object_type = 'news' GROUP BY tag ORDER BY count DESC LIMIT 0,?");
$stmt->bindParam(1, $tag_count, PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt = null;
return template::getInstance()->twigRender('modules/tagcloud/cloud.tpl', array('local' => $result));
}
/**
* Search and replace URL's for site mirrors
* @param $text
* @param bool $special_syntax
* @return array|mixed
*/
public function fix($text, $special_syntax = true)
{
if (!system::getInstance()->contains(';', property::getInstance()->get('source_url'))) {
// if only single url is defined
return $text;
}
if (is_array($text)) {
$result = array();
foreach ($text as $language => $i_text) {
$result[$language] = $this->fix($i_text);
}
return $result;
} else {
if (!$special_syntax) {
$text = system::getInstance()->nohtml($text);
$bbobject = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml');
if (is_object($bbobject)) {
$text = $bbobject->nobbcode($text);
}
}
$available_url = system::getInstance()->altexplode(';', property::getInstance()->get('source_url'));
$used_url = property::getInstance()->get('script_url');
$result = str_replace($available_url, $used_url, $text);
if (property::getInstance()->get('user_friendly_url')) {
// if url/index.php/ is used
// url/index.php/ to url/
$no_humanurls = $used_url . '/index.php/';
$result = str_replace($no_humanurls, $used_url . '/', $result);
} else {
// try to set links to non-user friendly model /index.php/lang/ from /lang/
foreach (language::getInstance()->getAvailable() as $s_lang) {
$source_human_urls = $used_url . '/' . $s_lang . '/';
$replacement_human_urls = $used_url . '/index.php/' . $s_lang . '/';
$result = str_replace($source_human_urls, $replacement_human_urls, $result);
}
}
// if disabled multi-lang
// /ru/page.html to /page.html, /index.php/ru/page.html to /index.php/page.html
if (!property::getInstance()->get('use_multi_language')) {
$to_replace = array();
$replacement = null;
foreach (language::getInstance()->getAvailable() as $s_lang) {
$to_replace[] = $used_url . '/index.php/' . $s_lang . '/';
$to_replace[] = $used_url . '/' . $s_lang . '/';
}
if (property::getInstance()->get('user_friendly_url')) {
$replacement = $used_url . '/';
} else {
$replacement = $used_url . '/index.php/';
}
$result = str_replace($to_replace, $replacement, $result);
}
return $result;
}
}
/**
* Comments count by URI
* @param string|null $way
* @return mixed
*/
public function getCount($way = null)
{
if (is_null($way)) {
$way = router::getInstance()->getUriString();
}
$stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = 0");
$stmt->bindParam(1, $way, PDO::PARAM_STR);
$stmt->execute();
$resultSet = $stmt->fetch();
return $resultSet[0];
}
public function make()
{
$post_id = (int) system::getInstance()->get('id');
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE wall_post_id = ? ORDER BY id DESC");
$stmt->bindParam(1, $post_id, PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
user::getInstance()->listload(system::getInstance()->extractFromMultyArray('poster', $result));
$params = array();
foreach ($result as $item) {
$params['answer'][] = array('poster_id' => $item['poster'], 'poster_name' => user::getInstance()->get('nick', $item['poster']), 'poster_avatar' => user::getInstance()->buildAvatar('small', $item['poster']), 'message' => $item['message'], 'time' => system::getInstance()->toDate($item['time'], 'h'));
}
echo template::getInstance()->twigRender('components/user/profile/profile_answer.tpl', array('local' => $params));
}
public function make()
{
$url = system::getInstance()->get('url');
if (!filter_var($url, FILTER_VALIDATE_URL)) {
$url_decode = @base64_decode($url);
if (filter_var($url_decode, FILTER_VALIDATE_URL)) {
$url = $url_decode;
} else {
$url = property::getInstance()->get('url');
}
}
$theme = "<html>\n <head>\n <meta http-equiv=\"refresh\" content=\"0; url={$url}\">\n <script type=\"text/javascript\">\n location.href = \"{$url}\";\n </script>\n </head>\n <body>\n Redirecting ... <br />\n <strong>Link: <noindex><a href=\"{$url}\" rel=\"nofollow\">{$url}</a></noindex></strong>\n </body>\n </html>";
echo $theme;
}
private function searchOnPage($query)
{
$params = array();
$queryBuild = '%' . $query . '%';
$stmt = database::getInstance()->con()->prepare("SELECT title,text,pathway,date FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE text like ? OR title like ? ORDER BY `date` LIMIT 50");
$stmt->bindParam(1, $queryBuild, PDO::PARAM_STR);
$stmt->bindParam(2, $queryBuild, PDO::PARAM_STR);
$stmt->execute();
$compiled_body = null;
while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = unserialize($result['title']);
$serial_text = unserialize($result['text']);
$text = system::getInstance()->altsubstr(system::getInstance()->nohtml($serial_text[language::getInstance()->getUseLanguage()]), 0, 200);
$link = "static/" . $result['pathway'];
$params['static'][] = array('link' => $link, 'title' => $title[language::getInstance()->getUseLanguage()], 'snippet' => $text, 'date' => system::getInstance()->toDate($result['date'], 'h'));
}
return $params;
}
public function make()
{
$to = system::getInstance()->get('to');
$refer = $_SERVER['HTTP_REFERER'];
if (language::getInstance()->canUse($to) && system::getInstance()->prefixEquals($refer, property::getInstance()->get('url'))) {
$uri = system::getInstance()->altexplode('/', substr($refer, strlen(property::getInstance()->get('url'))));
if (!property::getInstance()->get('user_friendly_url')) {
array_shift($uri);
}
array_shift($uri);
$uri_no_lang = system::getInstance()->altimplode('/', $uri);
$uri_target = '/' . $to . '/';
$uri_target .= $uri_no_lang;
system::getInstance()->redirect($uri_target);
} else {
system::getInstance()->redirect();
}
}
public function make()
{
$obj = api::getInstance()->call('front', 'commentedit');
if (is_object($obj)) {
$comment_id = (int) system::getInstance()->post('comment_id');
if (!$obj->canEdit($comment_id)) {
return null;
}
$comment_text = system::getInstance()->nohtml(system::getInstance()->post('comment_text'), true);
if ($comment_id > 0 && strlen($comment_text) > 0) {
$stmt = database::getInstance()->con()->prepare("UPDATE " . property::getInstance()->get('db_prefix') . "_mod_comments set comment = ? where id = ?");
$stmt->bindParam(1, $comment_text, PDO::PARAM_STR);
$stmt->bindParam(2, $comment_id, PDO::PARAM_INT);
$stmt->execute();
$stmt = null;
}
}
}
/**
* Get comment list
* @param null $way
* @param int $end
* @param bool $show_all
* @return array
*/
public function getCommentsParams($way = null, $end = 0, $show_all = false)
{
$userid = user::getInstance()->get('id');
$stmt = null;
if (is_null($way)) {
$way = router::getInstance()->getUriString();
}
if ($show_all) {
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC");
$stmt->bindParam(1, $way, PDO::PARAM_STR);
$stmt->execute();
} else {
$comment_count = extension::getInstance()->getConfig('comments_count', 'comments', 'modules', 'int');
if ($end < 1) {
$end = 1;
}
$end *= $comment_count;
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC LIMIT 0,?");
$stmt->bindParam(1, $way, PDO::PARAM_STR);
$stmt->bindParam(2, $end, PDO::PARAM_INT);
$stmt->execute();
}
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
user::getInstance()->listload(system::getInstance()->extractFromMultyArray('author', $result));
$params = array();
foreach ($result as $item) {
$poster_id = $item['author'];
$can_edit = false;
$can_delete = false;
$editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
if ($userid > 0) {
if ($poster_id == $userid && time() - $item['time'] <= $editconfig || permission::getInstance()->have('comment/edit')) {
$can_edit = true;
}
if (permission::getInstance()->have('comment/delete')) {
$can_delete = true;
}
}
$params[] = array('author_id' => $poster_id, 'author_nick' => user::getInstance()->get('nick', $poster_id), 'author_avatar' => user::getInstance()->buildAvatar('small', $poster_id), 'comment_text' => extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->bbcode2html($item['comment']), 'comment_date' => system::getInstance()->toDate($item['time'], 'h'), 'unixtime' => $item['time'], 'comment_id' => $item['id'], 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'guest_name' => system::getInstance()->nohtml($item['guest_name']));
}
$stmt = null;
return $params;
}
private function viewUpload()
{
$file = $_FILES['files'];
$news_id = (int) system::getInstance()->get('id');
if ($file['size'] < 1 || !is_int($news_id) || $news_id < 1) {
return;
}
$dir = self::FILES_PATH . $news_id . '/';
$full_img = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadImage($dir . 'orig/', $file);
if (!$full_img) {
return;
}
$full_path = root . '/upload' . $dir . 'orig/' . $full_img;
$dx = extension::getInstance()->getConfig('gallery_dx', 'news', extension::TYPE_COMPONENT, 'int');
$dy = extension::getInstance()->getConfig('gallery_dy', 'news', extension::TYPE_COMPONENT, 'int');
$thumb_img = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadResizedImage($dir . 'thumb/', $full_path, $dx, $dy, $full_img);
$output[] = array('name' => $full_img, 'url' => property::getInstance()->get('script_url') . '/upload' . $dir . 'orig/' . $full_img, 'thumbnailUrl' => property::getInstance()->get('script_url') . '/upload' . $dir . 'thumb/' . $thumb_img);
echo json_encode(array('files' => $output));
}
public function make()
{
$params = array();
$params['captcha_full'] = extension::getInstance()->getConfig('captcha_type', 'captcha', 'hooks') == "recaptcha" ? true : false;
$params['captcha'] = extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->show();
if (system::getInstance()->post('dofeedback')) {
$poster_name = system::getInstance()->nohtml(system::getInstance()->post('topic_name'));
$topic_title = system::getInstance()->nohtml(system::getInstance()->post('topic_title'));
$topic_text = system::getInstance()->nohtml(system::getInstance()->post('topic_body'));
$poster_email = user::getInstance()->get('id') > 0 ? user::getInstance()->get('email') : system::getInstance()->post('topic_email');
$captcha = system::getInstance()->post('captcha');
$date = time();
if (!filter_var($poster_email, FILTER_VALIDATE_EMAIL)) {
$params['notify']['wrong_email'] = true;
}
if (system::getInstance()->length($topic_title) < 3 || system::getInstance()->length($topic_title) > 70) {
$params['notify']['wrong_title'] = true;
}
if (system::getInstance()->length($poster_name) < 3 || system::getInstance()->length($poster_name) > 50) {
$params['notify']['wrong_name'] = true;
}
if (system::getInstance()->length($topic_text) < 10) {
$params['notify']['wrong_text'] = true;
}
if (!extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->validate($captcha)) {
$params['notify']['wrong_captcha'] = true;
}
if (sizeof($params['notify']) == 0) {
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_com_feedback (`from_name`, `from_email`, `title`, `text`, `time`) VALUES (?, ?, ?, ?, ?)");
$stmt->bindParam(1, $poster_name, PDO::PARAM_STR);
$stmt->bindParam(2, $poster_email, PDO::PARAM_STR);
$stmt->bindParam(3, $topic_title, PDO::PARAM_STR);
$stmt->bindParam(4, $topic_text, PDO::PARAM_STR);
$stmt->bindParam(5, $date, PDO::PARAM_INT);
$stmt->execute();
$params['notify']['success'] = true;
}
}
meta::getInstance()->add('title', language::getInstance()->get('feedback_form_title'));
$render = template::getInstance()->twigRender('components/feedback/form.tpl', array('local' => $params));
template::getInstance()->set(template::TYPE_CONTENT, 'body', $render);
}
public function make()
{
if ($_FILES['upload'] == null) {
return null;
}
$type = (int) system::getInstance()->get('type');
$result = false;
$save_folder = false;
$allow_ext = system::getInstance()->altexplode(';', property::getInstance()->get('upload_allowed_ext'));
foreach ($allow_ext as $key => $value) {
// no dots
$nodot = str_replace('.', '', $value);
if (system::getInstance()->length($nodot) > 0) {
$allow_ext[$key] = $nodot;
}
}
switch ($type) {
case 1:
if (permission::getInstance()->have('admin/imagebrowser')) {
$result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadImage('/images/', $_FILES['upload']);
$save_folder = 'images';
}
break;
case 2:
if (permission::getInstance()->have('admin/flashbrowser')) {
$result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadFile('/flash/', $_FILES['upload'], array('swf'));
$save_folder = 'flash';
}
break;
default:
if (permission::getInstance()->have('admin/filebrowser')) {
$result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadFile('/other/', $_FILES['upload'], $allow_ext);
$save_folder = 'other';
}
break;
}
if (!$result || !$save_folder) {
echo '<html><body><script type="text/javascript">window.parent.CKEDITOR.tools.callFunction("' . $_GET['CKEditorFuncNum'] . '", "", "' . language::getInstance()->get('fileupload_api_error') . '");</script></body></html>';
} else {
echo '<html><body><script type="text/javascript">window.parent.CKEDITOR.tools.callFunction("' . $_GET['CKEditorFuncNum'] . '", "' . property::getInstance()->get('script_url') . '/upload/' . $save_folder . '/' . $result . '");</script></body></html>';
}
}
public function make()
{
if (!permission::getInstance()->have('admin/filemanager')) {
return;
}
include_once root . '/resource/elfinder/php/elFinderConnector.class.php';
include_once root . '/resource/elfinder/php/elFinder.class.php';
include_once root . '/resource/elfinder/php/elFinderVolumeDriver.class.php';
include_once root . '/resource/elfinder/php/elFinderVolumeLocalFileSystem.class.php';
function access($attr, $path, $data, $volume)
{
return strpos(basename($path), '.') === 0 ? !($attr == 'read' || $attr == 'write') : null;
// else elFinder decide it itself
}
if (!file_exists(root . '/upload/')) {
system::getInstance()->createDirectory(root . '/upload/', 0755);
}
$opts = array('roots' => array(array('driver' => 'LocalFileSystem', 'path' => root . '/upload/', 'URL' => property::getInstance()->get('script_url') . '/upload/', 'accessControl' => 'access')));
$connector = new elFinderConnector(new elFinder($opts));
$connector->run();
}
private function browseAll()
{
$result = array();
$path = root . '/upload/other/';
$allow_ext = system::getInstance()->altexplode(';', property::getInstance()->get('upload_allowed_ext'));
foreach ($allow_ext as $key => $value) {
// no dots
$nodot = str_replace('.', '', $value);
if (system::getInstance()->length($nodot) > 0) {
$allow_ext[$key] = $nodot;
}
}
foreach (scandir($path) as $file) {
$f_pharse = system::getInstance()->altexplode('.', $file);
$file_ext = array_pop($f_pharse);
if (in_array($file_ext, $allow_ext)) {
$result[] = array('path' => system::getInstance()->get('script_url') . 'upload/flash/' . $file, 'name' => system::getInstance()->nohtml($file));
}
}
return $result;
}
private function showNewPmCount()
{
$userid = user::getInstance()->get('id');
$lastpmview = user::getInstance()->get('lastpmview');
//$stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM ".property::getInstance()->get('db_prefix')."_user_messages WHERE `to` = ? AND timeupdate >= ?");
$stmt = database::getInstance()->con()->prepare("SELECT COUNT(DISTINCT msg.id) FROM " . property::getInstance()->get('db_prefix') . "_user_messages as msg\n LEFT OUTER JOIN " . property::getInstance()->get('db_prefix') . "_user_messages_answer as ans ON msg.id = ans.topic\n WHERE (msg.to = ? OR ans.from != ?) AND (msg.timeupdate >= ? OR ans.time >= ?) GROUP BY msg.id");
$stmt->bindParam(1, $userid, \PDO::PARAM_INT);
$stmt->bindParam(2, $userid, \PDO::PARAM_INT);
$stmt->bindParam(3, $lastpmview, \PDO::PARAM_INT);
$stmt->bindParam(4, $lastpmview, \PDO::PARAM_INT);
//$stmt->bindParam(1, $userid, PDO::PARAM_INT);
//$stmt->bindParam(2, $lastpmview, PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetch();
$stmt = null;
$new_pm_count = $result[0];
if ($new_pm_count < 1) {
$new_pm_count = 0;
}
template::getInstance()->set(template::TYPE_MODULE, 'message_new_count', $new_pm_count);
}
public function make()
{
$params = array();
if (system::getInstance()->post('submit')) {
if (admin::getInstance()->saveExtensionConfigs()) {
$params['notify']['save_success'] = true;
}
}
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$params['config']['show_date'] = extension::getInstance()->getConfig('show_date', 'static_on_main', extension::TYPE_MODULE, 'int');
$params['config']['news_id'] = extension::getInstance()->getConfig('news_id', 'static_on_main', extension::TYPE_MODULE, 'int');
$stmt = database::getInstance()->con()->prepare("SELECT `id`, `title` FROM " . property::getInstance()->get('db_prefix') . "_com_static ORDER BY `id` DESC");
$stmt->execute();
$resultAll = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($resultAll as $row) {
$serial_title = unserialize($row['title']);
$params['staticpages'][] = array('id' => $row['id'], 'title' => $serial_title[language::getInstance()->getUseLanguage()]);
}
$stmt = null;
return template::getInstance()->twigRender('modules/static_on_main/settings.tpl', $params);
}
/**
* Set in body position static page for $pathway
* @param string $pathway
* @param int $id
* @param boolean $show_date
* @param boolean $is_main
* @return string|null
*/
public function display($pathway, $id = null, $show_date = true, $is_main = false)
{
$stmt = null;
if (is_null($id)) {
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE pathway = ?");
$stmt->bindParam(1, $pathway, PDO::PARAM_STR);
$stmt->execute();
} else {
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE id = ?");
$stmt->bindParam(1, $id, PDO::PARAM_INT);
$stmt->execute();
}
if ($stmt != null && ($result = $stmt->fetch())) {
$serial_title = unserialize($result['title']);
$serial_text = unserialize($result['text']);
$serial_keywords = unserialize($result['keywords']);
$serial_description = unserialize($result['description']);
if (system::getInstance()->length($serial_title[language::getInstance()->getUseLanguage()]) < 1 || system::getInstance()->length($serial_text[language::getInstance()->getUseLanguage()]) < 1) {
return null;
}
$urlfix_object = extension::getInstance()->call(extension::TYPE_HOOK, 'urlfixer');
if (is_object($urlfix_object)) {
$serial_text = $urlfix_object->fix($serial_text);
}
if ($pathway) {
meta::getInstance()->add('title', $serial_title[language::getInstance()->getUseLanguage()]);
meta::getInstance()->add('keywords', $serial_keywords[language::getInstance()->getUseLanguage()]);
meta::getInstance()->add('description', $serial_description[language::getInstance()->getUseLanguage()]);
}
$params = array('title' => $serial_title[language::getInstance()->getUseLanguage()], 'text' => $serial_text[language::getInstance()->getUseLanguage()], 'date' => system::getInstance()->toDate($result['date'], 'd'), 'show_date' => $show_date, 'is_main' => $is_main, 'pathway' => property::getInstance()->get('url') . '/static/' . $pathway);
if (system::getInstance()->get('print') == 'true') {
template::getInstance()->justPrint(template::getInstance()->twigRender('components/static/print.tpl', array('local' => $params)));
}
return template::getInstance()->twigRender('components/static/page.tpl', array('local' => $params));
}
return null;
}
public function send($to, $title, $text, $ownername = null)
{
if (is_null($this->mailer)) {
require_once root . '/resource/phpmailer/class.phpmailer.php';
$this->mailer = new PHPMailer(true);
}
if (property::getInstance()->get('mail_smtp_use') != 0) {
$this->mailer->IsSMTP();
// telling the class to use SMTP
$this->mailer->SMTPDebug = 0;
// enables SMTP debug information (for testing)
$this->mailer->SMTPAuth = property::getInstance()->get('mail_smtp_auth');
// enable SMTP authentication
$this->mailer->Host = property::getInstance()->get('mail_smtp_host');
// sets the SMTP server
$this->mailer->Port = property::getInstance()->get('mail_smtp_port');
// set the SMTP port for the GMAIL server
$this->mailer->Username = property::getInstance()->get('mail_smtp_login');
// SMTP account username
$this->mailer->Password = property::getInstance()->get('mail_smtp_password');
// SMTP account password
$this->mailer->SetFrom(property::getInstance()->get('mail_from'), property::getInstance()->get('mail_ownername'));
$this->mailer->AddReplyTo(property::getInstance()->get('mail_from'), property::getInstance()->get('mail_ownername'));
$this->mailer->Subject = $title;
$this->mailer->AltBody = "To view the message, please use an HTML compatible email viewer!";
// optional, comment out and test
$this->mailer->MsgHTML($text);
$this->mailer->AddAddress($to, $ownername);
$this->mailer->IsHTML(true);
return $this->mailer->Send();
} else {
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
$headers .= 'From: ' . property::getInstance()->get('mail_from') . "\r\n";
return mail($to, $title, $text, $headers);
}
}
public function canEdit($comment_id)
{
if (permission::getInstance()->have('global/owner')) {
// no limits for full admin
return true;
}
if (user::getInstance()->get('id') < 1) {
return false;
}
if (!permission::getInstance()->have('global/write')) {
return false;
}
$userid = user::getInstance()->get('id');
$stmt = database::getInstance()->con()->prepare("SELECT author,time FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
$stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
$stmt->execute();
if ($result = $stmt->fetch()) {
$editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
if ($result['author'] != $userid || time() - $result['time'] > $editconfig && !permission::getInstance()->have('comment/edit')) {
return false;
}
}
return true;
}