function doModel() { switch ($this->action) { case 'change_email_confirm': //change email confirm if (Params::getParam('userId') && Params::getParam('code')) { $userManager = new User(); $user = $userManager->findByPrimaryKey(Params::getParam('userId')); if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) { $userEmailTmp = UserEmailTmp::newInstance()->findByPk(Params::getParam('userId')); $code = osc_genRandomPassword(50); $userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id'])); Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']); UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email'])); osc_add_flash_ok_message(_m('Your email has been changed successfully')); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $result = 0; if ($email != '' && $secret != '') { $result = Alerts::newInstance()->activate($email, $secret); } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator')); } $this->redirectTo(osc_base_url(true)); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); if ($email != '' && $secret != '') { Alerts::newInstance()->delete(array('s_email' => $email, 'S_secret' => $secret)); osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator')); } $this->redirectTo(osc_base_url()); break; default: $this->redirectTo(osc_user_login_url()); break; } }
function doModel() { switch ($this->action) { case 'change_email_confirm': //change email confirm if (Params::getParam('userId') && Params::getParam('code')) { $userManager = new User(); $user = $userManager->findByPrimaryKey(Params::getParam('userId')); if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) { $userEmailTmp = UserEmailTmp::newInstance()->findByPk(Params::getParam('userId')); $code = osc_genRandomPassword(50); $userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id'])); Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']); UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email'])); osc_add_flash_ok_message(_m('Your email has been changed successfully')); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $result = 0; if ($email != '' && $secret != '') { $result = Alerts::newInstance()->activate($email, $secret); } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator')); } $this->redirectTo(osc_base_url(true)); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); if ($email != '' && $secret != '') { Alerts::newInstance()->delete(array('s_email' => $email, 'S_secret' => $secret)); osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator')); } $this->redirectTo(osc_base_url()); break; case 'pub_profile': $userID = Params::getParam('id'); $user = User::newInstance()->findByPrimaryKey($userID); // user doesn't exist if (!$user) { $this->redirectTo(osc_base_url()); } View::newInstance()->_exportVariableToView('user', $user); $items = Item::newInstance()->findByUserIDEnabled($user['pk_i_id'], 0, 3); View::newInstance()->_exportVariableToView('items', $items); $this->doView('user-public-profile.php'); break; case 'contact_post': $user = User::newInstance()->findByPrimaryKey(Params::getParam('id')); View::newInstance()->_exportVariableToView('user', $user); if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); $this->redirectTo(osc_user_public_profile_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } osc_run_hook('hook_email_contact_user', Params::getParam('id'), Params::getParam('yourEmail'), Params::getParam('yourName'), Params::getParam('phoneNumber'), Params::getParam('message')); $this->redirectTo(osc_user_public_profile_url()); break; default: $this->redirectTo(osc_user_login_url()); break; } }
function doModel() { switch ($this->action) { case 'dashboard': //dashboard... $max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5; $aItems = Item::newInstance()->findByUserIDEnabled(osc_logged_user_id(), 0, $max_items); //calling the view... $this->_exportVariableToView('items', $aItems); $this->_exportVariableToView('max_items', $max_items); $this->doView('user-dashboard.php'); break; case 'profile': //profile... $user = User::newInstance()->findByPrimaryKey(osc_logged_user_id()); $aCountries = Country::newInstance()->listAll(); $aRegions = array(); if ($user['fk_c_country_code'] != '') { $aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']); } elseif (count($aCountries) > 0) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } $aCities = array(); if ($user['fk_i_region_id'] != '') { $aCities = City::newInstance()->findByRegion($user['fk_i_region_id']); } else { if (count($aRegions) > 0) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } } //calling the view... $this->_exportVariableToView('countries', $aCountries); $this->_exportVariableToView('regions', $aRegions); $this->_exportVariableToView('cities', $aCities); $this->_exportVariableToView('user', $user); $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled()); $this->doView('user-profile.php'); break; case 'profile_post': //profile post... osc_csrf_check(); $userId = Session::newInstance()->_get('userId'); require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(false); $success = $userActions->edit($userId); if ($success == 1 || $success == 2) { osc_add_flash_ok_message(_m('Your profile has been updated successfully')); } else { osc_add_flash_error_message($success); } $this->redirectTo(osc_user_profile_url()); break; case 'alerts': //alerts $aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'), false); $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); foreach ($aAlerts as $k => $a) { $array_conditions = (array) json_decode($a['s_search']); // $search = Search::newInstance(); $search = new Search(); $search->setJsonAlert($array_conditions); $search->limit(0, 3); $aAlerts[$k]['items'] = $search->doSearch(); } $this->_exportVariableToView('alerts', $aAlerts); View::newInstance()->_reset('alerts'); $this->_exportVariableToView('user', $user); $this->doView('user-alerts.php'); break; case 'change_email': //change email $this->doView('user-change_email.php'); break; case 'change_email_post': //change email post osc_csrf_check(); if (!osc_validate_email(Params::getParam('new_email'))) { osc_add_flash_error_message(_m('The specified e-mail is not valid')); $this->redirectTo(osc_change_user_email_url()); } else { $user = User::newInstance()->findByEmail(Params::getParam('new_email')); if (!isset($user['pk_i_id'])) { $userEmailTmp = array(); $userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId'); $userEmailTmp['s_new_email'] = Params::getParam('new_email'); UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp); $code = osc_genRandomPassword(30); $date = date('Y-m-d H:i:s'); $userManager = new User(); $userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId'))); $validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code); osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('The specified e-mail is already in use')); $this->redirectTo(osc_change_user_email_url()); } } break; case 'change_username': //change username $this->doView('user-change_username.php'); break; case 'change_username_post': //change username $username = osc_sanitize_username(Params::getParam('s_username')); osc_run_hook('before_username_change', Session::newInstance()->_get('userId'), $username); if ($username != '') { $user = User::newInstance()->findByUsername($username); if (isset($user['s_username'])) { osc_add_flash_error_message(_m('The specified username is already in use')); } else { if (!osc_is_username_blacklisted($username)) { User::newInstance()->update(array('s_username' => $username), array('pk_i_id' => Session::newInstance()->_get('userId'))); osc_add_flash_ok_message(_m('The username was updated')); osc_run_hook('after_username_change', Session::newInstance()->_get('userId'), Params::getParam('s_username')); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('The specified username is not valid, it contains some invalid words')); } } } else { osc_add_flash_error_message(_m('The specified username could not be empty')); } $this->redirectTo(osc_change_user_username_url()); break; case 'change_password': //change password $this->doView('user-change_password.php'); break; case 'change_password_post': //change password post osc_csrf_check(); $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') { osc_add_flash_warning_message(_m('Password cannot be blank')); $this->redirectTo(osc_change_user_password_url()); } if (!osc_verify_password(Params::getParam('password', false, false), $user['s_password'])) { osc_add_flash_error_message(_m("Current password doesn't match")); $this->redirectTo(osc_change_user_password_url()); } if (!Params::getParam('new_password', false, false)) { osc_add_flash_error_message(_m("Passwords can't be empty")); $this->redirectTo(osc_change_user_password_url()); } if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) { osc_add_flash_error_message(_m("Passwords don't match")); $this->redirectTo(osc_change_user_password_url()); } User::newInstance()->update(array('s_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId'))); osc_add_flash_ok_message(_m('Password has been changed')); $this->redirectTo(osc_user_profile_url()); break; case 'items': // view items user $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10; $page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0; $itemType = Params::getParam('itemType'); $total_items = Item::newInstance()->countItemTypesByUserID(osc_logged_user_id(), $itemType); $total_pages = ceil($total_items / $itemsPerPage); $items = Item::newInstance()->findItemTypesByUserID(osc_logged_user_id(), $page * $itemsPerPage, $itemsPerPage, $itemType); $this->_exportVariableToView('items', $items); $this->_exportVariableToView('search_total_pages', $total_pages); $this->_exportVariableToView('search_total_items', $total_items); $this->_exportVariableToView('items_per_page', $itemsPerPage); $this->_exportVariableToView('items_type', $itemType); $this->_exportVariableToView('search_page', $page); $this->doView('user-items.php'); break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $result = 0; if ($email != '' && $secret != '') { $result = Alerts::newInstance()->activate($email, $secret); } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator')); } $this->redirectTo(osc_base_url()); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $id = Params::getParam('id'); $alert = Alerts::newInstance()->findByPrimaryKey($id); $result = 0; if (!empty($alert)) { if ($email == $alert['s_email'] && $secret == $alert['s_secret']) { $result = Alerts::newInstance()->unsub($id); } } if ($result == 1) { osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator')); } $this->redirectTo(osc_user_alerts_url()); break; case 'delete': $id = Params::getParam('id'); $secret = Params::getParam('secret'); if (osc_is_web_user_logged_in()) { $user = User::newInstance()->findByPrimaryKey(osc_logged_user_id()); View::newInstance()->_exportVariableToView('user', $user); if (!empty($user) && osc_logged_user_id() == $id && $secret == $user['s_secret']) { User::newInstance()->deleteUser(osc_logged_user_id()); Session::newInstance()->_drop('userId'); Session::newInstance()->_drop('userName'); Session::newInstance()->_drop('userEmail'); Session::newInstance()->_drop('userPhone'); Cookie::newInstance()->pop('oc_userId'); Cookie::newInstance()->pop('oc_userSecret'); Cookie::newInstance()->set(); osc_add_flash_ok_message(_m("Your account have been deleted")); $this->redirectTo(osc_base_url()); } else { osc_add_flash_error_message(_m("Oops! you can not do that")); $this->redirectTo(osc_user_dashboard_url()); } } else { osc_add_flash_error_message(_m("Oops! you can not do that")); $this->redirectTo(osc_base_url()); } break; } }
function doModel() { switch ($this->action) { case 'change_email_confirm': //change email confirm if (Params::getParam('userId') && Params::getParam('code')) { $userManager = new User(); $user = $userManager->findByPrimaryKey(Params::getParam('userId')); if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) { $userEmailTmp = UserEmailTmp::newInstance()->findByPrimaryKey(Params::getParam('userId')); $code = osc_genRandomPassword(50); $userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id'])); Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id'])); Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']); UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email'])); osc_add_flash_ok_message(_m('Your email has been changed successfully')); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } } else { osc_add_flash_error_message(_m('Sorry, the link is not valid')); $this->redirectTo(osc_base_url()); } break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $id = Params::getParam('id'); $alert = Alerts::newInstance()->findByPrimaryKey($id); $result = 0; if (!empty($alert)) { if ($email == $alert['s_email'] && $secret == $alert['s_secret']) { $user = User::newInstance()->findByEmail($alert['s_email']); if (isset($user['pk_i_id'])) { Alerts::newInstance()->update(array('fk_i_user_id' => $user['pk_i_id']), array('pk_i_id' => $id)); } $result = Alerts::newInstance()->activate($id); } } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator')); } $this->redirectTo(osc_base_url()); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $id = Params::getParam('id'); $alert = Alerts::newInstance()->findByPrimaryKey($id); $result = 0; if (!empty($alert)) { if ($email == $alert['s_email'] && $secret == $alert['s_secret']) { $result = Alerts::newInstance()->unsub($id); } } if ($result == 1) { osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator')); } $this->redirectTo(osc_base_url()); break; case 'pub_profile': if (Params::getParam('username') != '') { $user = User::newInstance()->findByUsername(Params::getParam('username')); } else { $user = User::newInstance()->findByPrimaryKey(Params::getParam('id')); } // user doesn't exist, show 404 error if (!$user) { $this->do404(); return; } $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10; $page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0; $total_items = Item::newInstance()->countItemTypesByUserID($user['pk_i_id'], 'active'); if ($itemsPerPage == 'all') { $total_pages = 1; $items = Item::newInstance()->findItemTypesByUserID($user['pk_i_id'], 0, null, 'active'); } else { $total_pages = ceil($total_items / $itemsPerPage); $items = Item::newInstance()->findItemTypesByUserID($user['pk_i_id'], $page * $itemsPerPage, $itemsPerPage, 'active'); } View::newInstance()->_exportVariableToView('user', $user); $this->_exportVariableToView('items', $items); $this->_exportVariableToView('search_total_pages', $total_pages); $this->_exportVariableToView('search_total_items', $total_items); $this->_exportVariableToView('items_per_page', $itemsPerPage); $this->_exportVariableToView('search_page', $page); $this->_exportVariableToView('canonical', osc_user_public_profile_url()); $this->doView('user-public-profile.php'); break; case 'contact_post': $user = User::newInstance()->findByPrimaryKey(Params::getParam('id')); View::newInstance()->_exportVariableToView('user', $user); if (osc_recaptcha_private_key() != '') { if (!osc_check_recaptcha()) { osc_add_flash_error_message(_m('The Recaptcha code is wrong')); Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail')); Session::newInstance()->_setForm("yourName", Params::getParam('yourName')); Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber')); Session::newInstance()->_setForm("message_body", Params::getParam('message')); $this->redirectTo(osc_user_public_profile_url()); return false; // BREAK THE PROCESS, THE RECAPTCHA IS WRONG } } $banned = osc_is_banned(Params::getParam('yourEmail')); if ($banned == 1) { osc_add_flash_error_message(_m('Your current email is not allowed')); $this->redirectTo(osc_user_public_profile_url()); } else { if ($banned == 2) { osc_add_flash_error_message(_m('Your current IP is not allowed')); $this->redirectTo(osc_user_public_profile_url()); } } osc_run_hook('hook_email_contact_user', Params::getParam('id'), Params::getParam('yourEmail'), Params::getParam('yourName'), Params::getParam('phoneNumber'), Params::getParam('message')); osc_add_flash_ok_message(_m('Your email has been sent properly.')); $this->redirectTo(osc_user_public_profile_url()); break; default: $this->redirectTo(osc_user_login_url()); break; } }
function doModel() { switch ($this->action) { case 'dashboard': //dashboard... $max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5; $aItems = Item::newInstance()->findByUserIDEnabled(Session::newInstance()->_get('userId'), 0, $max_items); //calling the view... $this->_exportVariableToView('items', $aItems); $this->_exportVariableToView('max_items', $max_items); $this->doView('user-dashboard.php'); break; case 'profile': //profile... $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); $aCountries = Country::newInstance()->listAll(); $aRegions = array(); if ($user['fk_c_country_code'] != '') { $aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']); } elseif (count($aCountries) > 0) { $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']); } $aCities = array(); if ($user['fk_i_region_id'] != '') { $aCities = City::newInstance()->findByRegion($user['fk_i_region_id']); } else { if (count($aRegions) > 0) { $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']); } } //calling the view... $this->_exportVariableToView('countries', $aCountries); $this->_exportVariableToView('regions', $aRegions); $this->_exportVariableToView('cities', $aCities); $this->_exportVariableToView('user', $user); $this->doView('user-profile.php'); break; case 'profile_post': //profile post... $userId = Session::newInstance()->_get('userId'); require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(false); $success = $userActions->edit($userId); osc_add_flash_ok_message(_m('Your profile has been updated successfully')); $this->redirectTo(osc_user_profile_url()); break; case 'alerts': //alerts $aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId')); $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); foreach ($aAlerts as $k => $a) { $search = osc_unserialize(base64_decode($a['s_search'])); $search->limit(0, 3); $aAlerts[$k]['items'] = $search->doSearch(); } $this->_exportVariableToView('alerts', $aAlerts); View::newInstance()->_reset('alerts'); $this->_exportVariableToView('user', $user); $this->doView('user-alerts.php'); break; case 'change_email': //change email $this->doView('user-change_email.php'); break; case 'change_email_post': //change email post if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) { osc_add_flash_error_message(_m('The specified e-mail is not valid')); $this->redirectTo(osc_change_user_email_url()); } else { $user = User::newInstance()->findByEmail(Params::getParam('new_email')); if (!isset($user['pk_i_id'])) { $userEmailTmp = array(); $userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId'); $userEmailTmp['s_new_email'] = Params::getParam('new_email'); UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp); $code = osc_genRandomPassword(30); $date = date('Y-m-d H:i:s'); $userManager = new User(); $userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId'))); $validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code); osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url); $this->redirectTo(osc_user_profile_url()); } else { osc_add_flash_error_message(_m('The specified e-mail is already in use')); $this->redirectTo(osc_change_user_email_url()); } } break; case 'change_password': //change password $this->doView('user-change_password.php'); break; case 'change_password_post': //change password post $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); if (Params::getParam('password') == '' || Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') { osc_add_flash_warning_message(_m('Password cannot be blank')); $this->redirectTo(osc_change_user_password_url()); } if ($user['s_password'] != sha1(Params::getParam('password'))) { osc_add_flash_error_message(_m('Current password doesn\'t match')); $this->redirectTo(osc_change_user_password_url()); } if (!Params::getParam('new_password')) { osc_add_flash_error_message(_m('Passwords can\'t be empty')); $this->redirectTo(osc_change_user_password_url()); } if (Params::getParam('new_password') != Params::getParam('new_password2')) { osc_add_flash_error_message(_m('Passwords don\'t match')); $this->redirectTo(osc_change_user_password_url()); } User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => Session::newInstance()->_get('userId'))); osc_add_flash_ok_message(_m('Password has been changed')); $this->redirectTo(osc_user_profile_url()); break; case 'items': // view items user $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5; $page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0; $total_items = Item::newInstance()->countByUserIDEnabled($_SESSION['userId']); $total_pages = ceil($total_items / $itemsPerPage); $items = Item::newInstance()->findByUserIDEnabled($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage); $this->_exportVariableToView('items', $items); $this->_exportVariableToView('list_total_pages', $total_pages); $this->_exportVariableToView('list_total_items', $total_items); $this->_exportVariableToView('items_per_page', $itemsPerPage); $this->_exportVariableToView('list_page', $page); $this->doView('user-items.php'); break; case 'activate_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); $result = 0; if ($email != '' && $secret != '') { $result = Alerts::newInstance()->activate($email, $secret); } if ($result == 1) { osc_add_flash_ok_message(_m('Alert activated')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator')); } $this->redirectTo(osc_base_url(true)); break; case 'unsub_alert': $email = Params::getParam('email'); $secret = Params::getParam('secret'); if ($email != '' && $secret != '') { Alerts::newInstance()->delete(array('s_email' => $email, 's_secret' => $secret)); osc_add_flash_ok_message(_m('Unsubscribed correctly')); } else { osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator')); } $this->redirectTo(osc_user_alerts_url()); break; case 'deleteResource': $id = Params::getParam('id'); $name = Params::getParam('name'); $fkid = Params::getParam('fkid'); osc_deleteResource($id); ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name)); $this->redirectTo(osc_base_url(true) . "?page=item&action=item_edit&id=" . $fkid); break; } }
function doModel() { switch ($this->action) { case 'dashboard': //dashboard... $max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5; $aItems = Item::newInstance()->findByUserID(Session::newInstance()->_get('userId'), 0, $max_items); //Item::newInstance()->listWhere("fk_i_user_id = ".Session::newInstance()->_get('userId')); //calling the view... $this->_exportVariableToView('items', $aItems); $this->_exportVariableToView('max_items', $max_items); $this->doView('user-dashboard.php'); break; case 'profile': //profile... $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); $aCountries = Country::newInstance()->listAll(); $aRegions = array(); if ($user['fk_c_country_code'] != '') { $aRegions = Region::newInstance()->getByCountry($user['fk_c_country_code']); } elseif (count($aCountries) > 0) { $aRegions = Region::newInstance()->getByCountry($aCountries[0]['pk_c_code']); } $aCities = array(); if ($user['fk_i_region_id'] != '') { $aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $user['fk_i_region_id']); } else { if (count($aRegions) > 0) { $aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $aRegions[0]['pk_i_id']); } } //calling the view... $this->_exportVariableToView('countries', $aCountries); $this->_exportVariableToView('regions', $aRegions); $this->_exportVariableToView('cities', $aCities); $this->_exportVariableToView('user', $user); $this->doView('user-profile.php'); break; case 'profile_post': //profile post... $userId = Session::newInstance()->_get('userId'); require_once LIB_PATH . 'osclass/UserActions.php'; $userActions = new UserActions(false); $success = $userActions->edit($userId); // This has been moved to special area (only password changes) /*if( $success == 1 ) { osc_add_flash_message( _m('Passwords don\'t match') ) ; } else {*/ osc_add_flash_message(_m('Your profile has been updated successfully')); //} $this->redirectTo(osc_user_profile_url()); break; case 'alerts': //alerts $aAlerts = Alerts::newInstance()->getAlertsFromUser(Session::newInstance()->_get('userId')); $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); foreach ($aAlerts as $k => $a) { $search = osc_unserialize(base64_decode($a['s_search'])); $search->limit(0, 3); $aAlerts[$k]['items'] = $search->doSearch(); } $this->_exportVariableToView('alerts', $aAlerts); View::newInstance()->_reset('alerts'); $this->_exportVariableToView('user', $user); $this->doView('user-alerts.php'); break; case 'change_email': //change email $this->doView('user-change_email.php'); break; case 'change_email_post': //change email post if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) { osc_add_flash_message(_m('The specified e-mail is not valid')); $this->redirectTo(osc_change_user_email_url()); } else { $user = User::newInstance()->findByEmail(Params::getParam('new_email')); if (!isset($user['pk_i_id'])) { if (osc_user_validation_enabled()) { $userEmailTmp = array(); $userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId'); $userEmailTmp['s_new_email'] = Params::getParam('new_email'); UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp); $code = osc_genRandomPassword(30); $date = date('Y-m-d H:i:s'); $userManager = new User(); $userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId'))); $locale = osc_current_user_locale(); $aPage = Page::newInstance()->findByInternalName('email_new_email'); if (isset($aPage['locale'][$locale]['s_title'])) { $content = $aPage['locale'][$locale]; } else { $content = current($aPage['locale']); } if (!is_null($content)) { $validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code); $words = array(); $words[] = array('{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{WEB_TITLE}', '{VALIDATION_LINK}', '{VALIDATION_URL}'); $words[] = array(Session::newInstance()->_get('userName'), Params::getParam('new_email'), osc_base_url(), osc_page_title(), '<a href="' . $validation_url . '" >' . $validation_url . '</a>', $validation_url); $title = osc_mailBeauty($content['s_title'], $words); $body = osc_mailBeauty($content['s_text'], $words); $params = array('subject' => $title, 'to' => Params::getParam('new_email'), 'to_name' => Session::newInstance()->_get('userName'), 'body' => $body, 'alt_body' => $body); osc_sendMail($params); osc_add_flash_message(_m('We have sent you an e-mail. Follow the instructions to validate the changes')); } else { osc_add_flash_message(_m('We tried to sent you an e-mail, but it failed. Please, contact the administrator')); } $this->redirectTo(osc_user_profile_url()); } else { User::newInstance()->update(array('s_email' => Params::getParam('new_email')), array('pk_i_id' => Params::getParam('userId'))); osc_add_flash_message(_m('Your email has been changed successfully')); $this->redirectTo(osc_user_profile_url()); } } else { osc_add_flash_message(_m('The specified e-mail is already in use')); $this->redirectTo(osc_change_user_email_url()); } } break; case 'change_password': //change password $this->doView('user-change_password.php'); break; case 'change_password_post': //change password post $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId')); if ($user['s_password'] != sha1(Params::getParam('password'))) { osc_add_flash_message(_m('Current password doesn\'t match')); $this->redirectTo(osc_change_user_password_url()); } elseif (!Params::getParam('new_password')) { osc_add_flash_message(_m('Passwords can\'t be empty')); $this->redirectTo(osc_change_user_password_url()); } elseif (Params::getParam('new_password') != Params::getParam('new_password2')) { osc_add_flash_message(_m('Passwords don\'t match')); $this->redirectTo(osc_change_user_password_url()); } User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => Session::newInstance()->_get('userId'))); osc_add_flash_message(_m('Password has been changed')); $this->redirectTo(osc_user_profile_url()); break; case 'items': // view items user $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5; $page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0; $total_items = Item::newInstance()->countByUserID($_SESSION['userId']); $total_pages = ceil($total_items / $itemsPerPage); $items = Item::newInstance()->findByUserID($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage); $this->_exportVariableToView('items', $items); $this->_exportVariableToView('list_total_pages', $total_pages); $this->_exportVariableToView('list_total_items', $total_items); $this->_exportVariableToView('items_per_page', $itemsPerPage); $this->_exportVariableToView('list_page', $page); $this->doView('user-items.php'); break; case 'unsub_alert': $email = Params::getParam('email'); $alert = Params::getParam('alert'); if ($email != '' && $alert != '') { Alerts::newInstance()->delete(array('s_email' => $email, 's_search' => $alert)); osc_add_flash_message(__('Unsubscribed correctly.')); } else { osc_add_flash_message(__('Ops! There was a problem trying to unsubscribe you. Please contact the administrator.')); } $this->redirectTo(osc_user_alerts_url()); break; } }