function process($action) { if (!is_numeric($_REQUEST['param2'])) { throw new ControllerException('Неправильные параметры запроса.'); } $this->showErrorPage = TRUE; parent::process($action); foreach ($this->data['menu'] as $val) { if ($val['data_folder'] == $_REQUEST['param1']) { $this->data['section'] = $val; break; } } if (!isset($this->data['section'])) { throw new HttpException(404); } if (!($res = $this->db->fetch("SELECT articles.id AS article_id, title, DATE_FORMAT(pub_date, '%e.%m.%Y') AS pub_date, views, verifier_id, users.id AS user_id, login FROM articles INNER JOIN users ON articles.author_id = users.id WHERE articles.id=" . $this->db->escapeString($_REQUEST['param2']))) || !file_exists(PATH_SECTION . $this->data['section']['data_folder'] . '/' . $res[0]['article_id'])) { throw new HttpException(404); } try { $this->db->query('UPDATE articles SET views=views+1 WHERE id=' . $res[0]['article_id']); } catch (DatabaseException $ex) { } $this->data['article'] = $res[0]; require_once PATH_INCLUDE . 'TagsParser.php'; $parser = new TagsParser(file_get_contents(PATH_SECTION . "{$this->data['section']['data_folder']}/{$this->data['article']['article_id']}/text.txt")); $this->data['article']['contents'] = $parser->parse(); $res = $this->db->fetch("SELECT articles.id AS article_id, articles.title AS title, data_folder FROM articles INNER JOIN sections ON articles.section_id=sections.id ORDER BY views LIMIT 5"); foreach ($res as &$r) { $r['href'] = $this->app->config['path']['section'] . $r['data_folder'] . '/' . $r['article_id'] . '/'; } unset($r); $this->data['see_also'] = $res; }
function process($action) { //перенаправление на ArticleController if (!empty($_REQUEST['param2'])) { $this->app->callController('article'); return FALSE; } $this->showErrorPage = TRUE; parent::process($action); foreach ($this->data['menu'] as $val) { if ($val['data_folder'] == $_REQUEST['param1']) { $this->data['section'] = $val; break; } } if (!isset($this->data['section'])) { throw new HttpException(404); } $count = $this->db->fetch('SELECT COUNT(*) AS c FROM articles WHERE section_id=' . $this->data['section']['id'], 1)[0]['c']; $page = 1; if (isset($_GET['page']) && is_numeric($_GET['page'])) { $page = $_GET['page']; } $this->data = array_merge($this->data, $this->splitPages($count, $page)); if (!isset($_GET['sort']) || $_GET['sort'] == 0 || $_GET['sort'] > 2) { $sort_col = 'pub_date DESC'; } else { if ($_GET['sort'] == 1) { $sort_col = 'views DESC'; } else { $sort_col = 'title'; } } if (isset($_GET['sort'])) { $this->data['sort'] = $_GET['sort']; } $this->data['page_href'] = '?sort=' . (isset($_GET['sort']) ? $_GET['sort'] : '0'); $sql = 'SELECT articles.id AS article_id, if(verifier_id IS NULL, CONCAT("[Не проверено] ",title), title) AS title, DATE_FORMAT(pub_date, "%e.%m.%Y") AS pub_date, views, users.id AS user_id, login FROM articles INNER JOIN users ON articles.author_id = users.id WHERE section_id=' . $this->data['section']['id']; if (empty($this->data['user']['is_admin'])) { $sql .= ' AND verifier_id IS NOT NULL '; } $sql .= ' ORDER BY ' . $sort_col . ' LIMIT ' . ($this->data['page'] - 1) * $this->data['page_size'] . ', ' . $this->data['page_size']; $res = $this->db->fetch($sql); foreach ($res as &$a) { $a['href'] = "{$this->app->config['path']['section']}{$this->data['section']['data_folder']}/{$a['article_id']}/"; $a['description'] = @file_get_contents(PATH_SECTION . "{$this->data['section']['data_folder']}/{$a['article_id']}/description.txt"); } unset($a); $this->data['articles'] = $res; $this->data['see_also'] = []; foreach ($this->data['menu'] as $val) { if ($val['id'] != $this->data['section']['id'] && ($val['type'] == $this->data['section']['type'] || $this->data['section']['type'] == 2 && $val['id'] == $this->data['section']['parent_id'])) { $this->data['see_also'][] = $val; if (count($this->data['see_also']) == 5) { break; } } } return TRUE; }
function process($action) { //получение меню parent::process($action); //формирование данных для слайдера $show_res = []; foreach ($this->data['menu'] as &$val) { if ($val['show_main']) { if ($val['type'] != 2) { $show_res[$val['id']]['title'] = $val['title']; $show_res[$val['id']]['description'] = $val['description']; $show_res[$val['id']]['image'] = $val['big_file']; $show_res[$val['id']]['href'] = $val['href']; if (!isset($show_res[$val['id']]['moons'])) { $show_res[$val['id']]['moons'] = []; } } else { $show_res[$val['parent_id']]['moons'][] = ['title' => $val['title'], 'description' => $val['description'], 'image' => $val['big_file'], 'href' => $val['href']]; } } } unset($val); $this->data['show'] = $show_res; }
function process($action) { if ($this->db) { parent::process($action); } if ($this->showErrorPage) { $this->data['error'] = '<p>Нам очень жаль, но что то пошло не так!</p>'; switch (get_class($this->exception)) { case 'ControllerException': $this->data['error'] .= '<p>' . $this->exception . '</p>'; if ($d = trim($this->exception->getDetails())) { $this->data['error'] .= '<div class="details">' . $d . '</div>'; } http_response_code(500); break; case 'DatabaseException': $this->data['error'] .= '<p>' . $this->exception . '</p>'; http_response_code(500); break; case 'HttpException': switch ($this->exception->getCode()) { case 403: $this->data['error'] = '<h1>403 <span color="#D4CECE">Forbidden</span></h1>Доступ запрещен.'; break; case 404: $this->data['error'] = '<h1>404 <span color="#D4CECE">Not Found</span></h1>Страница, которую вы запросили, не существует.'; break; case 500: $this->data['error'] = '<h1>500 <span color="#D4CECE">Internal Server Error</span></h1>Сервер не может выполнить ваш запрос из-за критической ошибки.'; break; default: $this->data['error'] = '<h1>' . $this->exception->getCode() . ' <span color="#D4CECE"></h1>Неизвестная Http-ошибка.'; break; } http_response_code($this->exception->getCode()); break; case 'ErrorException': $this->data['error'] .= '<p>File: ' . $this->exception->getFile() . '<br/>Line: ' . $this->exception->getLine() . '<br/>Message: ' . $this->exception->getMessage() . '</p>'; http_response_code(500); break; default: $this->data['error'] .= '<p>Произошла неизвестная ошибка</p>'; http_response_code(500); break; } } else { if ($this->exception instanceof Exception) { $this->data['error']['code'] = $this->exception->getCode(); $this->data['error']['message'] = $this->exception->getMessage(); $this->data['error']['line'] = $this->exception->getLine(); $this->data['error']['file'] = $this->exception->getFile(); if ($this->exception instanceof ControllerException) { $this->data['error']['details'] = is_array($this->exception->getDetails()) ? array_values($this->exception->getDetails()) : $this->exception->getDetails(); } if ($this->exception instanceof HttpException) { http_response_code($this->exception->getCode()); } else { http_response_code(500); } } } }
function process($action) { parent::process(''); if (empty($action)) { $this->data['action'] = $action = 'messages'; } else { $this->data['action'] = $action; } $this->{$action}(); }
function edit() { $this->showErrorPage = FALSE; $this->validateArgs($_GET, [['id', 'numeric']]); $id = $_GET['id']; $update = isset($_GET['update']) ? $_GET['update'] : 0; if ($update) { $this->validateRights([$id]); if (!empty($_POST['old_psw'])) { $this->validateParam('password', $_POST['old_psw']); if (empty($_POST['new_psw']) || $this->validateParam('password', $_POST['new_psw'])) { throw new ControllerException('Неверный формат пароля.'); } if (!($res = $this->db->fetch('SELECT id, login, is_admin, email, real_name, DATE_FORMAT(reg_date, \'%e.%m.%Y %H:%i\') AS reg_date, DATE_FORMAT(last_visit, \'%e.%m.%Y %H:%i\') AS last_visit, avatar, rating, comments_cnt, skype, vk, facebook, twitter, site, from_where FROM users WHERE id=' . $id))) { throw new ControllerException('Пользователь не существует.'); } $this->checkUser($this->data['user']['login'], $_POST['old_psw']); } else { if (!empty($_POST['new_psw'])) { throw new ControllerException('Для выполнения действия требуется старый пароль.'); } } foreach ($_POST as $key => $value) { if (!empty($value)) { $this->validateParam($key, $value); } } $values = []; foreach ($_POST as $key => $value) { if (!in_array($key, ['new_psw', 'email', 'real_name', 'skype', 'vk', 'facebook', 'twitter', 'site', 'from_where', 'avatar_action'])) { continue; } if ($key == 'avatar_action') { if ($value == 1) { if (empty($_POST['avatar_path']) || !is_numeric($_POST['avatar_path'])) { throw new ControllerException('Неправильные параметры запроса'); } if (!($res = $this->db->fetch('SELECT id, extension FROM storage WHERE id=' . $_POST['avatar_path']))) { throw new ControllerException('Неправильный идентификатор изображения.'); } if (!($s = @getimagesize(PATH_STORAGE . $res[0]['id'] . '.' . $res[0]['extension'])) || $s[0] > 100 || $s[1] > 100) { throw new ControllerException('Превышены максимальные размеры аватара (100x100)'); } $values['avatar'] = $_POST['avatar_path']; } else { if ($value == 2) { $values['avatar'] = NULL; } } continue; } if ($key == 'new_psw') { if (!empty($value)) { $values['psw_hash'] = crypt($value, $this->data['user']['login']); } continue; } $values[$key] = empty($value) ? NULL : strip_tags($value); } $this->db->update('users', $values, ['id' => $id]); } else { $this->showErrorPage = TRUE; parent::validateRights([$id]); parent::process(''); if (!($res = $this->db->fetch('SELECT users.id AS id, login, is_admin, email, real_name, DATE_FORMAT(reg_date, \'%e.%m.%Y %H:%i\') AS reg_date, DATE_FORMAT(last_visit, \'%e.%m.%Y %H:%i\') AS last_visit, CONCAT(avatar, ".", extension) AS avatar, rating, comments_cnt, skype, vk, facebook, twitter, site, from_where FROM users LEFT JOIN storage ON avatar=storage.id WHERE users.id=' . $id))) { throw new ControllerException('Пользователь не существует.'); } $this->data['profile'] = $res[0]; if (!empty($this->data['profile']['avatar'])) { $this->data['profile']['avatar'] = $this->app->config['path']['storage'] . $this->data['profile']['avatar']; } $this->outputMode = OUT_EDIT_PROFILE; } }