コード例 #1
0
ファイル: bookmarkadd.php プロジェクト: ZerGabriel/ffcms
 public function make()
 {
     if (user::getInstance()->get('id') > 0) {
         $userid = user::getInstance()->get('id');
         $title = system::getInstance()->nohtml(system::getInstance()->post('title'));
         $url = system::getInstance()->nohtml(system::getInstance()->post('url'));
         // only self domain
         if (system::getInstance()->prefixEquals($url, property::getInstance()->get('script_url')) && filter_var($url, FILTER_VALIDATE_URL) && system::getInstance()->length($title) > 0) {
             $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_user_bookmarks WHERE target = ? AND href = ?");
             $stmt->bindParam(1, $userid, PDO::PARAM_INT);
             $stmt->bindParam(2, $url, PDO::PARAM_STR);
             $stmt->execute();
             $res = $stmt->fetch();
             $stmt = null;
             if ($res[0] < 1) {
                 $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_bookmarks (`target`, `title`, `href`) VALUES (?, ?, ?)");
                 $stmt->bindParam(1, $userid, PDO::PARAM_INT);
                 $stmt->bindParam(2, $title, PDO::PARAM_STR);
                 $stmt->bindParam(3, $url, PDO::PARAM_STR);
                 $stmt->execute();
                 $stmt = null;
             }
         }
     }
 }
コード例 #2
0
ファイル: back.php プロジェクト: ZerGabriel/ffcms
 private function viewStreamList()
 {
     csrf::getInstance()->buildToken();
     $params = array();
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $page_index = (int) system::getInstance()->get('index');
     $db_index = $page_index * self::ITEM_PER_PAGE;
     if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
         if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/stream/delete')) {
             $toDelete = system::getInstance()->post('check_array');
             if (is_array($toDelete) && sizeof($toDelete) > 0) {
                 $listDelete = system::getInstance()->altimplode(',', $toDelete);
                 if (system::getInstance()->isIntList($listDelete)) {
                     database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_stream WHERE id IN (" . $listDelete . ")");
                 }
             }
         }
     }
     $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_stream ORDER BY `date` DESC LIMIT ?," . self::ITEM_PER_PAGE);
     $stmt->bindParam(1, $db_index, \PDO::PARAM_INT);
     $stmt->execute();
     $resultAll = $stmt->fetchAll(\PDO::FETCH_ASSOC);
     $stmt = null;
     $ids = system::getInstance()->extractFromMultyArray('caster_id', $resultAll);
     user::getInstance()->listload($ids);
     foreach ($resultAll as $row) {
         $params['stream'][] = array('id' => $row['id'], 'type' => $row['type'], 'user_id' => $row['caster_id'], 'user_name' => user::getInstance()->get('nick', $row['caster_id']), 'url' => $row['target_object'], 'text' => system::getInstance()->nohtml($row['text_preview']), 'date' => system::getInstance()->todate($row['date'], 'h'));
     }
     $count_all = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream', false)->streamCount();
     $params['pagination'] = template::getInstance()->showFastPagination($page_index, self::ITEM_PER_PAGE, $count_all, '?object=components&action=stream&index=');
     return template::getInstance()->twigRender('components/stream/list.tpl', $params);
 }
コード例 #3
0
ファイル: wallpost.php プロジェクト: ZerGabriel/ffcms
 public function make()
 {
     $post_id = (int) system::getInstance()->get('id');
     $user_id = (int) user::getInstance()->get('id');
     $message = system::getInstance()->nohtml(system::getInstance()->post('message'));
     // thank unknown tester for detect XSS vuln
     $time_between_posts = extension::getInstance()->getConfig('wall_post_delay', 'user', 'components', 'int');
     if ($post_id > 0 && $user_id > 0 && system::getInstance()->length($message) > 0 && permission::getInstance()->have('global/write')) {
         $stmt = database::getInstance()->con()->prepare("SELECT time FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE poster = ? ORDER BY id DESC LIMIT 1");
         $stmt->bindParam(1, $user_id, PDO::PARAM_INT);
         $stmt->execute();
         $res = $stmt->fetch();
         $last_post_time = $res['time'];
         $stmt = null;
         $current_time = time();
         if ($current_time - $last_post_time >= $time_between_posts) {
             $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_wall_answer (wall_post_id, poster, message, time) VALUES(?, ?, ?, ?)");
             $stmt->bindParam(1, $post_id, PDO::PARAM_INT);
             $stmt->bindParam(2, $user_id, PDO::PARAM_INT);
             $stmt->bindParam(3, $message, PDO::PARAM_STR);
             $stmt->bindParam(4, $current_time, PDO::PARAM_INT);
             $stmt->execute();
             $stmt = null;
         }
     }
     api::getInstance()->call('front', 'wallview')->make();
     // refresh list
 }
コード例 #4
0
ファイル: wysibbimage.php プロジェクト: ZerGabriel/ffcms
 public function make()
 {
     $dir = system::getInstance()->get('dir');
     if (system::getInstance()->isLatinOrNumeric($dir) && system::getInstance()->length($dir) > 0 && user::getInstance()->get('id') > 0 && $_FILES['img'] != null) {
         $isIframe = $_POST["iframe"] ? true : false;
         $idarea = $_POST["idarea"];
         $obj = extension::getInstance()->call(extension::TYPE_HOOK, 'file');
         if (!is_object($obj)) {
             exit;
         }
         $result = $obj->uploadImage('/' . $dir . '/', $_FILES['img']);
         $fulllink = property::getInstance()->get('script_url') . "/upload/{$dir}/" . $result;
         if ($isIframe) {
             if ($result != null) {
                 echo '<html><body>OK<script>window.parent.$("#' . $idarea . '").insertImage("' . $fulllink . '","' . $fulllink . '").closeModal().updateUI();</script></body></html>';
             } else {
                 echo '<html><body>ERROR<script>window.parent.alert("Image upload error.");</script></body></html>';
             }
         } else {
             header("Content-type: text/javascript");
             if ($result != null) {
                 $json_response = array('status' => '1', 'msg' => 'ok', 'image_link' => $fulllink, 'thumb_link' => $fulllink);
             } else {
                 $json_response = array('status' => '0', 'msg' => 'error');
             }
             echo stripslashes(json_encode($json_response));
         }
     }
 }
コード例 #5
0
ファイル: front.php プロジェクト: ZerGabriel/ffcms
 public function make()
 {
     $comment_count = extension::getInstance()->getConfig('last_count', 'lastcomments', 'modules', 'int');
     if ($comment_count < 1) {
         $comment_count = 1;
     }
     $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE `pathway` != '' AND moderate = '0' ORDER BY `time` DESC LIMIT 0,?");
     $stmt->bindParam(1, $comment_count, PDO::PARAM_INT);
     $stmt->execute();
     $res = $stmt->fetchAll(PDO::FETCH_ASSOC);
     $stmt = null;
     if (sizeof($res) > 0) {
         // have comments in db
         $max_comment_char_size = extension::getInstance()->getConfig('text_length', 'lastcomments', 'modules', 'int');
         $prepared_userlist = system::getInstance()->extractFromMultyArray('author', $res);
         user::getInstance()->listload($prepared_userlist);
         $params = array();
         foreach ($res as $result) {
             $comment_text = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->nobbcode($result['comment']);
             $params['comment'][] = array('user_id' => $result['author'], 'user_name' => user::getInstance()->get('nick', $result['author']), 'user_avatar' => user::getInstance()->buildAvatar('small', $result['author']), 'uri' => $result['pathway'], 'preview' => system::getInstance()->altsubstr($comment_text, 0, $max_comment_char_size), 'date' => system::getInstance()->toDate($result['time'], 'd'), 'guest_name' => system::getInstance()->nohtml($result['guest_name']));
         }
         $render = template::getInstance()->twigRender('modules/lastcomments/lastcomments.tpl', array('local' => $params));
         template::getInstance()->set(template::TYPE_MODULE, 'lastcomments', $render);
     }
 }
コード例 #6
0
ファイル: front.php プロジェクト: ZerGabriel/ffcms
 private function showNewFriendRequestCount()
 {
     $friendRequestList = user::getInstance()->get('friend_request');
     $friend_array = system::getInstance()->altexplode(',', $friendRequestList);
     $request_count = sizeof($friend_array);
     template::getInstance()->set(template::TYPE_MODULE, 'friendrequest_new_count', $request_count);
 }
コード例 #7
0
ファイル: commentdelete.php プロジェクト: ZerGabriel/ffcms
 public function make()
 {
     $comment_id = (int) system::getInstance()->get('id');
     if (user::getInstance()->get('id') > 0 && permission::getInstance()->have('comment/delete') && $comment_id > 0) {
         $stmt = database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
         $stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
         $stmt->execute();
     }
 }
コード例 #8
0
ファイル: front.php プロジェクト: ZerGabriel/ffcms
 public function uploadAvatar($file)
 {
     $userid = user::getInstance()->get('id');
     if (!$this->validImageMime($file) || $userid < 1) {
         return false;
     }
     $dir_original = root . self::UPLOAD_FOLDER . "/user/avatar/original/";
     $tmp_arr = explode(".", $file['name']);
     $image_extension = array_pop($tmp_arr);
     $file_save_original = "avatar_{$userid}.{$image_extension}";
     $file_save_min_jpg = "avatar_{$userid}.jpg";
     $file_original_fullpath = $dir_original . $file_save_original;
     system::getInstance()->createDirectory($dir_original);
     move_uploaded_file($file['tmp_name'], $file_original_fullpath);
     $file_infofunction = getimagesize($file_original_fullpath);
     $image_buffer = null;
     if ($file_infofunction['mime'] == "image/jpg" || $file_infofunction['mime'] == "image/jpeg") {
         $image_buffer = imagecreatefromjpeg($file_original_fullpath);
     } elseif ($file_infofunction['mime'] == "image/gif") {
         $image_buffer = imagecreatefromgif($file_original_fullpath);
     } elseif ($file_infofunction['mime'] == "image/png") {
         $image_buffer = imagecreatefrompng($file_original_fullpath);
     } else {
         return false;
     }
     $image_ox = imagesx($image_buffer);
     $image_oy = imagesy($image_buffer);
     $image_big_dx = 400;
     $image_medium_dx = 200;
     $image_small_dx = 100;
     $image_big_dy = floor($image_oy * ($image_big_dx / $image_ox));
     $image_medium_dy = floor($image_oy * ($image_medium_dx / $image_ox));
     $image_small_dy = floor($image_oy * ($image_small_dx / $image_ox));
     $image_big_truecolor = imagecreatetruecolor($image_big_dx, $image_big_dy);
     $image_medium_truecolor = imagecreatetruecolor($image_medium_dx, $image_medium_dy);
     $image_small_truecolor = imagecreatetruecolor($image_small_dx, $image_small_dy);
     imagecopyresized($image_big_truecolor, $image_buffer, 0, 0, 0, 0, $image_big_dx, $image_big_dy, $image_ox, $image_oy);
     imagecopyresized($image_medium_truecolor, $image_buffer, 0, 0, 0, 0, $image_medium_dx, $image_medium_dy, $image_ox, $image_oy);
     imagecopyresized($image_small_truecolor, $image_buffer, 0, 0, 0, 0, $image_small_dx, $image_small_dy, $image_ox, $image_oy);
     if (!file_exists(root . self::UPLOAD_FOLDER . '/user/avatar/big/')) {
         system::getInstance()->createDirectory(root . self::UPLOAD_FOLDER . '/user/avatar/big/');
     }
     if (!file_exists(root . self::UPLOAD_FOLDER . '/user/avatar/medium/')) {
         system::getInstance()->createDirectory(root . self::UPLOAD_FOLDER . '/user/avatar/medium/');
     }
     if (!file_exists(root . self::UPLOAD_FOLDER . '/user/avatar/small/')) {
         system::getInstance()->createDirectory(root . self::UPLOAD_FOLDER . '/user/avatar/small/');
     }
     imagejpeg($image_big_truecolor, root . self::UPLOAD_FOLDER . "/user/avatar/big/{$file_save_min_jpg}");
     imagejpeg($image_medium_truecolor, root . self::UPLOAD_FOLDER . "/user/avatar/medium/{$file_save_min_jpg}");
     imagejpeg($image_small_truecolor, root . self::UPLOAD_FOLDER . "/user/avatar/small/{$file_save_min_jpg}");
     imagedestroy($image_big_truecolor);
     imagedestroy($image_medium_truecolor);
     imagedestroy($image_small_truecolor);
     imagedestroy($image_buffer);
     return true;
 }
コード例 #9
0
ファイル: newsposterdelete.php プロジェクト: ZerGabriel/ffcms
 public function make()
 {
     $id = (int) system::getInstance()->get('id');
     $user_id = user::getInstance()->get('id');
     if ($user_id < 1 || $id < 1 || !extension::getInstance()->getConfig('enable_useradd', 'news', extension::TYPE_COMPONENT, 'bol') || !extension::getInstance()->call(extension::TYPE_COMPONENT, 'news')->checkNewsOwnerExist($user_id, $id)) {
         return;
     }
     $fpath = root . '/upload/news/poster_' . $id . '.jpg';
     if (file_exists($fpath)) {
         @unlink($fpath);
     }
 }
コード例 #10
0
ファイル: wallview.php プロジェクト: ZerGabriel/ffcms
 public function make()
 {
     $post_id = (int) system::getInstance()->get('id');
     $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE wall_post_id = ? ORDER BY id DESC");
     $stmt->bindParam(1, $post_id, PDO::PARAM_INT);
     $stmt->execute();
     $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
     user::getInstance()->listload(system::getInstance()->extractFromMultyArray('poster', $result));
     $params = array();
     foreach ($result as $item) {
         $params['answer'][] = array('poster_id' => $item['poster'], 'poster_name' => user::getInstance()->get('nick', $item['poster']), 'poster_avatar' => user::getInstance()->buildAvatar('small', $item['poster']), 'message' => $item['message'], 'time' => system::getInstance()->toDate($item['time'], 'h'));
     }
     echo template::getInstance()->twigRender('components/user/profile/profile_answer.tpl', array('local' => $params));
 }
コード例 #11
0
ファイル: front.php プロジェクト: ZerGabriel/ffcms
 /**
  * Get comment list
  * @param null $way
  * @param int $end
  * @param bool $show_all
  * @return array
  */
 public function getCommentsParams($way = null, $end = 0, $show_all = false)
 {
     $userid = user::getInstance()->get('id');
     $stmt = null;
     if (is_null($way)) {
         $way = router::getInstance()->getUriString();
     }
     if ($show_all) {
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC");
         $stmt->bindParam(1, $way, PDO::PARAM_STR);
         $stmt->execute();
     } else {
         $comment_count = extension::getInstance()->getConfig('comments_count', 'comments', 'modules', 'int');
         if ($end < 1) {
             $end = 1;
         }
         $end *= $comment_count;
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC LIMIT 0,?");
         $stmt->bindParam(1, $way, PDO::PARAM_STR);
         $stmt->bindParam(2, $end, PDO::PARAM_INT);
         $stmt->execute();
     }
     $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
     user::getInstance()->listload(system::getInstance()->extractFromMultyArray('author', $result));
     $params = array();
     foreach ($result as $item) {
         $poster_id = $item['author'];
         $can_edit = false;
         $can_delete = false;
         $editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
         if ($userid > 0) {
             if ($poster_id == $userid && time() - $item['time'] <= $editconfig || permission::getInstance()->have('comment/edit')) {
                 $can_edit = true;
             }
             if (permission::getInstance()->have('comment/delete')) {
                 $can_delete = true;
             }
         }
         $params[] = array('author_id' => $poster_id, 'author_nick' => user::getInstance()->get('nick', $poster_id), 'author_avatar' => user::getInstance()->buildAvatar('small', $poster_id), 'comment_text' => extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->bbcode2html($item['comment']), 'comment_date' => system::getInstance()->toDate($item['time'], 'h'), 'unixtime' => $item['time'], 'comment_id' => $item['id'], 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'guest_name' => system::getInstance()->nohtml($item['guest_name']));
     }
     $stmt = null;
     return $params;
 }
コード例 #12
0
ファイル: front.php プロジェクト: ZerGabriel/ffcms
 public function make()
 {
     $params = array();
     $params['captcha_full'] = extension::getInstance()->getConfig('captcha_type', 'captcha', 'hooks') == "recaptcha" ? true : false;
     $params['captcha'] = extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->show();
     if (system::getInstance()->post('dofeedback')) {
         $poster_name = system::getInstance()->nohtml(system::getInstance()->post('topic_name'));
         $topic_title = system::getInstance()->nohtml(system::getInstance()->post('topic_title'));
         $topic_text = system::getInstance()->nohtml(system::getInstance()->post('topic_body'));
         $poster_email = user::getInstance()->get('id') > 0 ? user::getInstance()->get('email') : system::getInstance()->post('topic_email');
         $captcha = system::getInstance()->post('captcha');
         $date = time();
         if (!filter_var($poster_email, FILTER_VALIDATE_EMAIL)) {
             $params['notify']['wrong_email'] = true;
         }
         if (system::getInstance()->length($topic_title) < 3 || system::getInstance()->length($topic_title) > 70) {
             $params['notify']['wrong_title'] = true;
         }
         if (system::getInstance()->length($poster_name) < 3 || system::getInstance()->length($poster_name) > 50) {
             $params['notify']['wrong_name'] = true;
         }
         if (system::getInstance()->length($topic_text) < 10) {
             $params['notify']['wrong_text'] = true;
         }
         if (!extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->validate($captcha)) {
             $params['notify']['wrong_captcha'] = true;
         }
         if (sizeof($params['notify']) == 0) {
             $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_com_feedback (`from_name`, `from_email`, `title`, `text`, `time`) VALUES (?, ?, ?, ?, ?)");
             $stmt->bindParam(1, $poster_name, PDO::PARAM_STR);
             $stmt->bindParam(2, $poster_email, PDO::PARAM_STR);
             $stmt->bindParam(3, $topic_title, PDO::PARAM_STR);
             $stmt->bindParam(4, $topic_text, PDO::PARAM_STR);
             $stmt->bindParam(5, $date, PDO::PARAM_INT);
             $stmt->execute();
             $params['notify']['success'] = true;
         }
     }
     meta::getInstance()->add('title', language::getInstance()->get('feedback_form_title'));
     $render = template::getInstance()->twigRender('components/feedback/form.tpl', array('local' => $params));
     template::getInstance()->set(template::TYPE_CONTENT, 'body', $render);
 }
コード例 #13
0
ファイル: front.php プロジェクト: ZerGabriel/ffcms
 /**
  * Add line to stream logs user activity
  * @param string $type
  * @param int|string $caster_id
  * @param string $target_url
  * @param null|string $preview_text
  * @param bool $save_syntax
  * @return bool
  */
 public function add($type, $caster_id, $target_url, $preview_text = null, $save_syntax = true)
 {
     if (strlen($type) < 1) {
         return false;
     }
     if (system::getInstance()->isInt($caster_id)) {
         if (!user::getInstance()->exists($caster_id)) {
             return false;
         }
     } else {
         if (system::getInstance()->length($caster_id) < 1) {
             return false;
         }
     }
     if (!system::getInstance()->prefixEquals($target_url, property::getInstance()->get('url'))) {
         return false;
     }
     if (!$save_syntax) {
         $preview_text = system::getInstance()->nohtml($preview_text);
         $bbobject = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml');
         if (is_object($bbobject)) {
             $preview_text = $bbobject->nobbcode($preview_text);
         }
     }
     if (system::getInstance()->length($preview_text) > 25) {
         $preview_text = system::getInstance()->sentenceSub($preview_text, 25) . '...';
     }
     $date = time();
     $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_com_stream (`type`, `caster_id`, `target_object`, `text_preview`, `date`) VALUES (?, ?, ?, ?, ?)");
     $stmt->bindParam(1, $type, \PDO::PARAM_STR);
     $stmt->bindParam(2, $caster_id, \PDO::PARAM_STR);
     $stmt->bindParam(3, $target_url, \PDO::PARAM_STR);
     $stmt->bindParam(4, $preview_text, \PDO::PARAM_STR | \PDO::PARAM_NULL);
     $stmt->bindParam(5, $date, \PDO::PARAM_INT);
     $stmt->execute();
     return true;
 }
コード例 #14
0
ファイル: commentedit.php プロジェクト: ZerGabriel/ffcms
 public function canEdit($comment_id)
 {
     if (permission::getInstance()->have('global/owner')) {
         // no limits for full admin
         return true;
     }
     if (user::getInstance()->get('id') < 1) {
         return false;
     }
     if (!permission::getInstance()->have('global/write')) {
         return false;
     }
     $userid = user::getInstance()->get('id');
     $stmt = database::getInstance()->con()->prepare("SELECT author,time FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
     $stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
     $stmt->execute();
     if ($result = $stmt->fetch()) {
         $editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
         if ($result['author'] != $userid || time() - $result['time'] > $editconfig && !permission::getInstance()->have('comment/edit')) {
             return false;
         }
     }
     return true;
 }
コード例 #15
0
ファイル: payment.php プロジェクト: ZerGabriel/ffcms
 private function viewWebmoney()
 {
     if (!extension::getInstance()->getConfig('balance_use_webmoney', 'user', extension::TYPE_COMPONENT, 'boolean')) {
         exit("Webmoney API disabled");
     }
     $wm_cfg_purse = extension::getInstance()->getConfig('balance_wm_purse', 'user', extension::TYPE_COMPONENT, 'str');
     $wm_cfg_mul = extension::getInstance()->getConfig('balance_wm_mul', 'user', extension::TYPE_COMPONENT, 'float');
     $wm_cfg_secret = extension::getInstance()->getConfig('balance_wm_secretkey', 'user', extension::TYPE_COMPONENT, 'str');
     $real_ip = system::getInstance()->getRealIp();
     $ip_array_routes = system::getInstance()->altexplode('.', $real_ip);
     array_pop($ip_array_routes);
     $ip_masc = system::getInstance()->altimplode('.', $ip_array_routes);
     $wm_ips = array('212.118.48', '212.158.173', '91.200.28', '91.227.52');
     if (!in_array($ip_masc, $wm_ips)) {
         logger::getInstance()->log(logger::LEVEL_WARN, 'Call to Webmoney REST_API from wrong ip: ' . $real_ip . ' masc: ' . $ip_masc);
         return null;
     }
     $pre_request = system::getInstance()->post('LMI_PREREQUEST');
     $wm_seller_purse = system::getInstance()->post('LMI_PAYEE_PURSE');
     // seller purse (must be our)
     $wm_payment_amount = system::getInstance()->post('LMI_PAYMENT_AMOUNT');
     // payment price amount
     $wm_item_id = (int) system::getInstance()->post('LMI_PAYMENT_NO');
     // user id
     $wm_test_mode = system::getInstance()->post('LMI_MODE');
     // is test?
     $wm_paym_id = system::getInstance()->post('LMI_SYS_INVS_NO');
     // webmoney payment id
     $wm_trans_id = system::getInstance()->post('LMI_SYS_TRANS_NO');
     // webmoney transaction id
     $wm_trans_date = system::getInstance()->post('LMI_SYS_TRANS_DATE');
     // date in strange format
     $wm_hash_trans = system::getInstance()->post('LMI_HASH');
     // hash sum, can be null before 200OK response is checked
     $wm_buyer_wmpurse = system::getInstance()->post('LMI_PAYER_PURSE');
     // client wm purse
     $wm_buyer_wmid = system::getInstance()->post('LMI_PAYER_WM');
     // client WMID
     if ($pre_request == 1) {
         // its a pre-request, validation before pay
         if ($wm_seller_purse != $wm_cfg_purse) {
             exit("Seller purse is invalid");
         }
         if (!user::getInstance()->exists($wm_item_id)) {
             exit("User id: " . $wm_item_id . " not exist");
         }
         echo "YES";
     } else {
         // its a result request after payment
         if ($wm_hash_trans == null) {
             // didnt know why, but webmoney make 2 requests if PREREQUEST is disabled.
             exit("Hash sum is null");
         }
         $totaldata = $wm_seller_purse . $wm_payment_amount . $wm_item_id . $wm_test_mode . $wm_paym_id . $wm_trans_id . $wm_trans_date . $wm_cfg_secret . $wm_buyer_wmpurse . $wm_buyer_wmid;
         $calchash = strtoupper(hash('sha256', $totaldata));
         if ($calchash != $wm_hash_trans || $wm_seller_purse != $wm_cfg_purse) {
             logger::getInstance()->log(logger::LEVEL_NOTIFY, 'Wrong balance recharge webmoney from ip: ' . $real_ip . '. Hash gen: ' . $calchash . ' get: ' . $wm_hash_trans . '. All data json: ' . json_encode(system::getInstance()->post()));
             return null;
         }
         $money_to_balance = $wm_payment_amount * $wm_cfg_mul;
         if ($money_to_balance <= 0) {
             return null;
         }
         user::getInstance()->addBalance($wm_item_id, $money_to_balance);
         $payparam = array('from_wm_purse' => $wm_buyer_wmpurse, 'from_wm_id' => $wm_buyer_wmid, 'date' => $wm_trans_date, 'sys_invs_id' => $wm_paym_id, 'sys_trans_id' => $wm_trans_id, 'amount' => $money_to_balance);
         user::getInstance()->putLog($wm_item_id, 'balance.wmadd', $payparam, 'Recharge balance via webmoney');
     }
 }
コード例 #16
0
ファイル: front.php プロジェクト: ZerGabriel/ffcms
 public function getUfieldData($target_id)
 {
     $stmt = database::getInstance()->con()->query("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_user_fields");
     $allFields = $stmt->fetchAll(\PDO::FETCH_ASSOC);
     $stmt = null;
     $ufield_user = unserialize(user::getInstance()->get('ufields', $target_id));
     $output = array();
     foreach ($allFields as $ufield) {
         $title_serial = unserialize($ufield['name']);
         $params_serial = unserialize($ufield['params']);
         if ($ufield['type'] == 'text') {
             $output[] = array('id' => $ufield['id'], 'type' => $ufield['type'], 'title' => $title_serial[language::getInstance()->getUseLanguage()], 'reg_exp' => $params_serial['regexp'], 'reg_cond' => $params_serial['regcond'], 'default' => $ufield_user[$ufield['id']]['data']);
         } elseif ($ufield['type'] == 'img') {
             $output[] = array('id' => $ufield['id'], 'type' => $ufield['type'], 'title' => $title_serial[language::getInstance()->getUseLanguage()], 'img_dx' => $params_serial['dx'], 'img_dy' => $params_serial['dy'], 'default' => $ufield_user[$ufield['id']]['data']);
         } elseif ($ufield['type'] == 'link') {
             $output[] = array('id' => $ufield['id'], 'type' => $ufield['type'], 'title' => $title_serial[language::getInstance()->getUseLanguage()], 'domain' => $params_serial['domain'], 'redirect' => $params_serial['redirect'], 'default' => $ufield_user[$ufield['id']]['data']);
         }
     }
     return $output;
 }
コード例 #17
0
ファイル: back.php プロジェクト: ZerGabriel/ffcms
 private function viewUserEdit()
 {
     $params = array();
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $userid = system::getInstance()->get('id');
     if (!user::getInstance()->exists($userid)) {
         system::getInstance()->redirect("?object=components&action=user");
     }
     if (system::getInstance()->post('submit')) {
         $new_nick = system::getInstance()->post('nick');
         $new_sex = system::getInstance()->post('sex');
         $new_phone = system::getInstance()->post('phone');
         $new_webpage = system::getInstance()->post('webpage');
         $new_birthday = system::getInstance()->post('birthday');
         $new_status = system::getInstance()->post('status');
         $new_groupid = system::getInstance()->post('groupid');
         $new_pass = strlen(system::getInstance()->post('newpass')) > 3 ? system::getInstance()->doublemd5(system::getInstance()->post('newpass')) : user::getInstance()->get('pass', $userid);
         $stmt = database::getInstance()->con()->prepare("UPDATE " . property::getInstance()->get('db_prefix') . "_user a\n                INNER JOIN " . property::getInstance()->get('db_prefix') . "_user_custom b USING(id) SET a.nick = ?, a.pass = ?, b.birthday = ?, b.sex = ?, b.phone = ?, b.webpage = ?, b.status = ?, a.access_level = ? WHERE a.id = ?");
         $stmt->bindParam(1, $new_nick, PDO::PARAM_STR);
         $stmt->bindParam(2, $new_pass, PDO::PARAM_STR, 32);
         $stmt->bindParam(3, $new_birthday, PDO::PARAM_STR);
         $stmt->bindParam(4, $new_sex, PDO::PARAM_INT);
         $stmt->bindParam(5, $new_phone, PDO::PARAM_STR);
         $stmt->bindParam(6, $new_webpage, PDO::PARAM_STR);
         $stmt->bindParam(7, $new_status, PDO::PARAM_STR);
         $stmt->bindParam(8, $new_groupid, PDO::PARAM_INT);
         $stmt->bindParam(9, $userid, PDO::PARAM_INT);
         $stmt->execute();
         $stmt = null;
         user::getInstance()->overload($userid);
         $params['notify']['saved'] = true;
     }
     $params['udata']['id'] = $userid;
     $params['udata']['login'] = user::getInstance()->get('login', $userid);
     $params['udata']['nick'] = user::getInstance()->get('nick', $userid);
     $params['udata']['email'] = user::getInstance()->get('email', $userid);
     $params['udata']['sex'] = user::getInstance()->get('sex', $userid);
     $params['udata']['webpage'] = user::getInstance()->get('webpage', $userid);
     $params['udata']['birthday'] = user::getInstance()->get('birthday', $userid);
     $params['udata']['status'] = user::getInstance()->get('status', $userid);
     $params['udata']['group_data'] = $this->getGroupArray();
     $params['udata']['current_group'] = user::getInstance()->get('access_level', $userid);
     return template::getInstance()->twigRender('components/user/edit.tpl', $params);
 }
コード例 #18
0
ファイル: back.php プロジェクト: ZerGabriel/ffcms
<?php

/**
|==========================================================|
|========= @copyright Pyatinskii Mihail, 2013-2014 ========|
|================= @website: www.ffcms.ru =================|
|========= @license: GNU GPL V3, file: license.txt ========|
|==========================================================|
*/
// system are not installed or file is missed
if (!file_exists(root . "/config.php")) {
    exit("System are not installed or file config.php is missed. Run <a href='/install/'>Installer</a>.");
} else {
    require_once root . '/config.php';
}
\engine\property::getInstance()->init();
// processing of URI for multi-language and friendly url's
\engine\timezone::getInstance()->init();
// prepare tz_data worker
date_default_timezone_set(\engine\property::getInstance()->get('time_zone'));
// default timezone from configs
\engine\language::getInstance()->init();
\engine\database::getInstance()->init();
// init database PDO connect
\engine\user::getInstance()->init();
\engine\router::getInstance()->init();
\engine\extension::getInstance()->init();
// init extension controller
\engine\template::getInstance()->init();
echo \engine\admin::getInstance()->make();
コード例 #19
0
ファイル: commentpost.php プロジェクト: ZerGabriel/ffcms
 public function make()
 {
     $text = system::getInstance()->nohtml(system::getInstance()->post('comment_message'), true);
     $authorid = user::getInstance()->get('id');
     $position = (int) system::getInstance()->post('comment_position');
     $pathway = system::getInstance()->nohtml(system::getInstance()->post('pathway'));
     $guest_name = system::getInstance()->nohtml(system::getInstance()->post('guest_name'));
     $timestamp = time();
     $guest_type = false;
     $ip = system::getInstance()->getRealIp();
     $params = array();
     $moderate = 0;
     if ($authorid < 1) {
         if (system::getInstance()->length($guest_name) > 0 && extension::getInstance()->getConfig('guest_comment', 'comments', extension::TYPE_MODULE, 'bool')) {
             $guest_name = system::getInstance()->altsubstr($guest_name, 0, 16);
             if (!extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->validate(system::getInstance()->post('captcha'))) {
                 $params['notify']['captcha_error'] = true;
             }
         } elseif (!permission::getInstance()->have('global/write') || !permission::getInstance()->have('comment/add')) {
             // only for auth usr with post rule right
             return null;
         }
         $authorid = 0;
         $moderate = 1;
     } else {
         $guest_name = '';
     }
     if (system::getInstance()->length($text) < extension::getInstance()->getConfig('min_length', 'comments', 'modules', 'int') || system::getInstance()->length($text) > extension::getInstance()->getConfig('max_length', 'comments', 'modules', 'int')) {
         $params['notify']['wrong_text'] = true;
     }
     // get last comment from this user and check time deps
     $stmt = null;
     if ($guest_type) {
         $stmt = database::getInstance()->con()->prepare("SELECT `time` FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE ip = ? ORDER BY `time` DESC LIMIT 1");
         $stmt->bindParam(1, $ip, PDO::PARAM_STR);
         $stmt->execute();
     } else {
         $stmt = database::getInstance()->con()->prepare("SELECT `time` FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE author = ? ORDER BY `time` DESC LIMIT 1");
         $stmt->bindParam(1, $authorid, PDO::PARAM_INT);
         $stmt->execute();
     }
     if ($stmt != null && ($result = $stmt->fetch())) {
         $lastposttime = $result['time'];
         if ($timestamp - $lastposttime < extension::getInstance()->getConfig('time_delay', 'comments', 'modules', 'int')) {
             $params['notify']['time_delay'] = true;
         }
     }
     $stmt = null;
     if (sizeof($params['notify']) == 0) {
         // no shit happends ;D
         $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_mod_comments (comment, author, time, pathway, ip, guest_name, moderate)\n                    VALUES (?, ?, ?, ?, ?, ?, ?)");
         $stmt->bindParam(1, $text, PDO::PARAM_STR);
         $stmt->bindParam(2, $authorid, PDO::PARAM_INT);
         $stmt->bindParam(3, $timestamp, PDO::PARAM_INT);
         $stmt->bindParam(4, $pathway, PDO::PARAM_STR);
         $stmt->bindParam(5, $ip, PDO::PARAM_STR);
         $stmt->bindParam(6, $guest_name, PDO::PARAM_STR);
         $stmt->bindParam(7, $moderate, PDO::PARAM_INT, 1);
         $stmt->execute();
         $stmt = null;
         $stream = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream');
         $poster = $authorid > 0 ? $authorid : $guest_name;
         if (is_object($stream)) {
             $stream->add('comment.add', $poster, property::getInstance()->get('url') . $pathway, $text);
         }
         if ($moderate) {
             $params['notify']['is_moderate'] = true;
         }
     }
     echo extension::getInstance()->call(extension::TYPE_MODULE, 'comments')->buildCommentTemplate($pathway, $position, false, $params);
 }
コード例 #20
0
ファイル: back.php プロジェクト: ZerGabriel/ffcms
 private function viewStaticAdd()
 {
     $params = array();
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $params['langs']['all'] = language::getInstance()->getAvailable();
     $params['langs']['current'] = property::getInstance()->get('lang');
     if (system::getInstance()->post('save')) {
         $params['static']['title'] = system::getInstance()->nohtml(system::getInstance()->post('title'));
         $params['static']['text'] = system::getInstance()->post('text');
         $params['static']['pathway'] = system::getInstance()->nohtml(system::getInstance()->post('pathway'));
         $params['static']['keywords'] = system::getInstance()->nohtml(system::getInstance()->post('keywords'));
         $params['static']['description'] = system::getInstance()->nohtml(system::getInstance()->post('description'));
         $page_date = system::getInstance()->post('current_date') == "on" ? time() : system::getInstance()->toUnixTime(system::getInstance()->post('date'));
         $params['static']['date'] = system::getInstance()->toDate($page_date, 'd');
         $page_owner = user::getInstance()->get('id');
         if (strlen($params['static']['title'][property::getInstance()->get('lang')]) < 1) {
             $params['notify']['notitle'] = true;
         } elseif (!$this->checkPageWay($params['static']['pathway'])) {
             $params['notify']['pathmatch'] = true;
         } else {
             $serial_title = serialize($params['static']['title']);
             $serial_text = serialize($params['static']['text']);
             $serial_description = serialize($params['static']['description']);
             $serial_keywords = serialize($params['static']['keywords']);
             $save_pathway = $params['static']['pathway'] . ".html";
             if ($page_date == null) {
                 $page_date = time();
             }
             $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_com_static (title, text, owner, pathway, date, description, keywords) VALUES (?, ?, ?, ?, ?, ?, ?)");
             $stmt->bindParam(1, $serial_title, PDO::PARAM_STR);
             $stmt->bindParam(2, $serial_text, PDO::PARAM_STR);
             $stmt->bindParam(3, $page_owner, PDO::PARAM_INT);
             $stmt->bindParam(4, $save_pathway, PDO::PARAM_STR);
             $stmt->bindParam(5, $page_date, PDO::PARAM_INT);
             $stmt->bindParam(6, $serial_description, PDO::PARAM_STR);
             $stmt->bindParam(7, $serial_keywords, PDO::PARAM_STR);
             $stmt->execute();
             $stmt = null;
             $stream = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream');
             if (is_object($stream)) {
                 $stream->add('static.add', $page_owner, property::getInstance()->get('url') . '/static/' . $save_pathway, $params['static']['title'][language::getInstance()->getUseLanguage()]);
             }
             system::getInstance()->redirect("?object=components&action=static");
         }
     }
     return template::getInstance()->twigRender('components/static/edit.tpl', $params);
 }
コード例 #21
0
ファイル: back.php プロジェクト: ZerGabriel/ffcms
 private function viewCommentList()
 {
     csrf::getInstance()->buildToken();
     $params = array();
     if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
         $toDelete = system::getInstance()->post('check_array');
         if (is_array($toDelete) && sizeof($toDelete) > 0) {
             $listDelete = system::getInstance()->altimplode(',', $toDelete);
             if (system::getInstance()->isIntList($listDelete)) {
                 database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id IN (" . $listDelete . ")");
             }
         }
     }
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $filter = (int) system::getInstance()->get('filter');
     $index = (int) system::getInstance()->get('index');
     $db_index = $index * self::ITEM_PER_PAGE;
     $stmt = null;
     if ($filter == self::FILTER_MODERATE) {
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE moderate = 1 ORDER BY id DESC LIMIT ?," . self::ITEM_PER_PAGE);
         $stmt->bindParam(1, $db_index, PDO::PARAM_INT);
         $stmt->execute();
     } else {
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments ORDER BY id DESC LIMIT ?," . self::ITEM_PER_PAGE);
         $stmt->bindParam(1, $db_index, PDO::PARAM_INT);
         $stmt->execute();
     }
     $resultFetch = $stmt->fetchAll(PDO::FETCH_ASSOC);
     $authors_ids = system::getInstance()->extractFromMultyArray('author', $resultFetch);
     if (sizeof($authors_ids) > 1) {
         // 2 or more
         user::getInstance()->listload(system::getInstance()->extractFromMultyArray('author', $resultFetch));
     }
     foreach ($resultFetch as $row) {
         $params['comments']['list'][] = array('id' => $row['id'], 'user_id' => $row['author'], 'user_name' => user::getInstance()->get('nick', $row['author']), 'comment' => extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->nobbcode($row['comment']), 'guest_name' => system::getInstance()->nohtml($row['guest_name']), 'moderate' => $row['moderate'], 'date' => system::getInstance()->toDate($row['time'], 'h'), 'uri' => $row['pathway']);
     }
     $params['pagination'] = template::getInstance()->showFastPagination($index, self::ITEM_PER_PAGE, $this->getTotalCommentCount($filter), '?object=modules&action=comments&filter=' . $filter . '&index=');
     return template::getInstance()->twigRender('modules/comments/list.tpl', $params);
 }
コード例 #22
0
ファイル: back.php プロジェクト: ZerGabriel/ffcms-video
 private function viewVideoEdit()
 {
     $params = array();
     $video_id = (int) system::getInstance()->get('id');
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $params['langs']['all'] = language::getInstance()->getAvailable();
     $params['langs']['current'] = property::getInstance()->get('lang');
     $params['video']['categorys'] = extension::getInstance()->call(extension::TYPE_COMPONENT, 'video')->getCategoryArray();
     if (system::getInstance()->post('save')) {
         $editor_id = user::getInstance()->get('id');
         $title = system::getInstance()->nohtml(system::getInstance()->post('title'));
         $category_id = system::getInstance()->post('category');
         $pathway = system::getInstance()->nohtml(system::getInstance()->post('pathway')) . ".html";
         $display = system::getInstance()->post('display_content') == "on" ? 1 : 0;
         $important = system::getInstance()->post('important_content') == "on" ? 1 : 0;
         $text = system::getInstance()->post('text');
         $description = system::getInstance()->nohtml(system::getInstance()->post('description'));
         $keywords = system::getInstance()->nohtml(system::getInstance()->post('keywords'));
         $video_code = system::getInstance()->post('videocode');
         $date = system::getInstance()->post('current_date') == "on" ? time() : system::getInstance()->toUnixTime(system::getInstance()->post('date'));
         if (strlen($video_code) < 1) {
             $params['notify']['nocode'] = true;
         }
         if (strlen($title[property::getInstance()->get('lang')]) < 1) {
             $params['notify']['notitle'] = true;
         }
         if (!system::getInstance()->isInt($category_id)) {
             $params['notify']['nocat'] = true;
         }
         if (strlen($pathway) < 1 || !extension::getInstance()->call(extension::TYPE_COMPONENT, 'video')->checkVideoWay($pathway, $video_id, $category_id)) {
             $params['notify']['wrongway'] = true;
         }
         if (strlen($text[property::getInstance()->get('lang')]) < 1) {
             $params['notify']['notext'] = true;
         }
         if (sizeof($params['notify']) == 0) {
             $serial_title = serialize(system::getInstance()->altaddslashes($title));
             $serial_text = serialize(system::getInstance()->altaddslashes($text));
             $serial_description = serialize(system::getInstance()->altaddslashes($description));
             $serial_keywords = serialize(system::getInstance()->altaddslashes($keywords));
             $stmt = database::getInstance()->con()->prepare("UPDATE " . property::getInstance()->get('db_prefix') . "_com_video_entery SET code = ?, title = ?, text = ?, link = ?,\n\t\t\t\t\t\tcategory = ?, date = ?, description = ?, keywords = ?, display = ?, important = ? WHERE id = ?");
             $stmt->bindParam(1, $video_code, PDO::PARAM_STR);
             $stmt->bindParam(2, $serial_title, PDO::PARAM_STR);
             $stmt->bindParam(3, $serial_text, PDO::PARAM_STR);
             $stmt->bindParam(4, $pathway, PDO::PARAM_STR);
             $stmt->bindParam(5, $category_id, PDO::PARAM_INT);
             $stmt->bindParam(6, $date, PDO::PARAM_INT);
             $stmt->bindParam(7, $serial_description, PDO::PARAM_STR);
             $stmt->bindParam(8, $serial_keywords, PDO::PARAM_STR);
             $stmt->bindParam(9, $display, PDO::PARAM_INT);
             $stmt->bindParam(10, $important, PDO::PARAM_INT);
             $stmt->bindParam(11, $video_id, PDO::PARAM_INT);
             $stmt->execute();
             $stmt = null;
             $stmt = database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_tags WHERE `object_type` = 'video' AND `object_id` = ?");
             $stmt->bindParam(1, $video_id, PDO::PARAM_INT);
             $stmt->execute();
             $stmt = null;
             foreach ($keywords as $keyrow) {
                 $keyrow_array = system::getInstance()->altexplode(',', $keyrow);
                 foreach ($keyrow_array as $objectkey) {
                     $objectkey = system::getInstance()->altlower(trim($objectkey));
                     $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_mod_tags(`object_id`, `object_type`, `tag`) VALUES (?, 'video', ?)");
                     $stmt->bindParam(1, $video_id, PDO::PARAM_INT);
                     $stmt->bindParam(2, $objectkey, PDO::PARAM_STR);
                     $stmt->execute();
                     $stmt = null;
                 }
             }
             $params['notify']['success'] = true;
             if ($_FILES['videoimage']['size'] > 0) {
                 $dx = extension::getInstance()->getConfig('poster_dx', 'video', extension::TYPE_COMPONENT, 'int');
                 $dy = extension::getInstance()->getConfig('poster_dy', 'video', extension::TYPE_COMPONENT, 'int');
                 $save_name = 'poster_' . $video_id . '.jpg';
                 extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadResizedImage('/video/', $_FILES['videoimage'], $dx, $dy, $save_name);
             }
         }
     }
     $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery WHERE id = ?");
     $stmt->bindParam(1, $video_id, PDO::PARAM_INT);
     $stmt->execute();
     if ($result = $stmt->fetch()) {
         $params['video']['id'] = $video_id;
         $params['video']['title'] = system::getInstance()->altstripslashes(unserialize($result['title']));
         $params['video']['text'] = system::getInstance()->altstripslashes(unserialize($result['text']));
         $params['video']['pathway'] = system::getInstance()->noextention($result['link']);
         $params['video']['cat_id'] = $result['category'];
         $params['video']['date'] = system::getInstance()->toDate($result['date'], 'h');
         $params['video']['description'] = system::getInstance()->altstripslashes(unserialize($result['description']));
         $params['video']['keywords'] = system::getInstance()->altstripslashes(unserialize($result['keywords']));
         $params['video']['display'] = $result['display'];
         $params['video']['important'] = $result['important'];
         $params['video']['code'] = $result['code'];
         if (file_exists(root . '/upload/video/poster_' . $video_id . '.jpg')) {
             $params['video']['poster_path'] = '/upload/video/poster_' . $video_id . '.jpg';
             $params['video']['poster_name'] = 'poster_' . $video_id . '.jpg';
         }
     } else {
         system::getInstance()->redirect($_SERVER['PHP_SELF'] . '?object=components&action=static');
     }
     return template::getInstance()->twigRender('components/video/edit.tpl', $params);
 }
コード例 #23
0
ファイル: checkauth.php プロジェクト: ZerGabriel/ffcms
 public function make()
 {
     echo (int) user::getInstance()->get('id');
     return null;
 }
コード例 #24
0
ファイル: front.php プロジェクト: ZerGabriel/ffcms-video
 public function viewCategory()
 {
     $way = router::getInstance()->shiftUriArray();
     $item_type = 'all';
     if (in_array($way[0], array('all', 'top'))) {
         $item_type = array_shift($way);
     }
     $pop_array = $way;
     $last_item = array_pop($pop_array);
     $page_index = 0;
     $page_video_count = extension::getInstance()->getConfig('count_video_page', 'video', 'components', 'int');
     $total_video_count = 0;
     $cat_link = null;
     if (system::getInstance()->isInt($last_item)) {
         $page_index = $last_item;
         $cat_link = system::getInstance()->altimplode("/", $pop_array);
     } else {
         $cat_link = system::getInstance()->altimplode("/", $way);
     }
     $select_coursor_start = $page_index * $page_video_count;
     $category_select_array = array();
     $category_list = null;
     $fstmt = null;
     $page_title = null;
     $page_desc = null;
     if (extension::getInstance()->getConfig('multi_category', 'video', 'components', 'boolean')) {
         $fstmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_video_category WHERE path like ?");
         $path_swarm = "{$cat_link}%";
         $fstmt->bindParam(1, $path_swarm, PDO::PARAM_STR);
         $fstmt->execute();
     } else {
         $fstmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_video_category WHERE path = ?");
         $fstmt->bindParam(1, $cat_link, PDO::PARAM_STR);
         $fstmt->execute();
     }
     while ($fresult = $fstmt->fetch()) {
         $category_select_array[] = $fresult['category_id'];
         if ($cat_link == $fresult['path']) {
             $serial_name = system::getInstance()->nohtml(unserialize($fresult['name']));
             $serial_desc = unserialize($fresult['desc']);
             $page_title = language::getInstance()->get('video_view_category') . ': ';
             if ($item_type == 'top') {
                 $page_title .= language::getInstance()->get('vide_view_top');
             } else {
                 $page_title .= $serial_name[language::getInstance()->getUseLanguage()];
             }
             $seo_title = $page_title;
             $seo_desc = $page_desc = $serial_desc[language::getInstance()->getUseLanguage()];
             if ($page_index > 0) {
                 $seo_title .= " - " . language::getInstance()->get('video_page_title') . ' ' . ($page_index + 1);
                 $seo_desc .= " - " . language::getInstance()->get('video_page_title') . ' ' . ($page_index + 1);
             }
             meta::getInstance()->add('title', $seo_title);
             meta::getInstance()->add('description', $seo_desc);
         }
     }
     $category_list = system::getInstance()->altimplode(',', $category_select_array);
     $theme_array = array();
     $fstmt = null;
     if (system::getInstance()->isIntList($category_list)) {
         $max_preview_length = 150;
         $time = time();
         $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery WHERE category in ({$category_list}) AND date <= ? AND display = 1");
         $stmt->bindParam(1, $time, PDO::PARAM_INT);
         $stmt->execute();
         if ($countRows = $stmt->fetch()) {
             $total_video_count = $countRows[0];
         }
         $stmt = null;
         $order_column = 'a.date';
         if ($item_type == 'top') {
             $order_column = 'a.views';
         }
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery a,\n\t\t\t\t\t\t\t\t\t\t\t\t  " . property::getInstance()->get('db_prefix') . "_com_video_category b\n\t\t\t\t\t\t\t\t\t\t\t\t  WHERE a.category in ({$category_list}) AND a.date <= ?\n\t\t\t\t\t\t\t\t\t\t\t\t  AND a.category = b.category_id\n\t\t\t\t\t\t\t\t\t\t\t\t  AND a.display = 1\n\t\t\t\t\t\t\t\t\t\t\t\t  ORDER BY a.important DESC, {$order_column} DESC LIMIT ?,?");
         $stmt->bindParam(1, $time, PDO::PARAM_INT);
         $stmt->bindParam(2, $select_coursor_start, PDO::PARAM_INT);
         $stmt->bindParam(3, $page_video_count, PDO::PARAM_INT);
         $stmt->execute();
         if (sizeof($category_select_array) > 0) {
             while ($result = $stmt->fetch()) {
                 $lang_text = system::getInstance()->altstripslashes(unserialize($result['text']));
                 $lang_title = system::getInstance()->altstripslashes(unserialize($result['title']));
                 $lang_keywords = system::getInstance()->altstripslashes(unserialize($result['keywords']));
                 $video_short_text = $lang_text[language::getInstance()->getUseLanguage()];
                 if (system::getInstance()->length($lang_title[language::getInstance()->getUseLanguage()]) < 1) {
                     // do not add the empty title video
                     continue;
                 }
                 if (system::getInstance()->contains('<hr />', $video_short_text)) {
                     $video_short_text = strstr($video_short_text, '<hr />', true);
                 } elseif (system::getInstance()->length($video_short_text) > $max_preview_length) {
                     $video_short_text = system::getInstance()->sentenceSub(system::getInstance()->nohtml($video_short_text), $max_preview_length) . "...";
                 }
                 if ($result['path'] == null) {
                     $video_full_link = $result['link'];
                 } else {
                     $video_full_link = $result['path'] . "/" . $result['link'];
                 }
                 $tagPrepareArray = system::getInstance()->altexplode(',', $lang_keywords[language::getInstance()->getUseLanguage()]);
                 $tag_array = array();
                 foreach ($tagPrepareArray as $tagItem) {
                     $tag_array[] = trim($tagItem);
                 }
                 $comment_count = 0;
                 if (is_object(extension::getInstance()->call(extension::TYPE_HOOK, 'comment'))) {
                     $comment_count = extension::getInstance()->call(extension::TYPE_HOOK, 'comment')->getCount('/' . language::getInstance()->getUseLanguage() . '/video/' . $video_full_link);
                 }
                 $cat_serial_text = system::getInstance()->altstripslashes(unserialize($result['name']));
                 $video_view_id = $result['id'];
                 $image_poster_root = root . '/upload/video/poster_' . $video_view_id . '.jpg';
                 $image_poster_url = false;
                 if (file_exists($image_poster_root)) {
                     $image_poster_url = property::getInstance()->get('script_url') . '/upload/video/poster_' . $video_view_id . '.jpg';
                 }
                 $theme_array[] = array('tags' => $tag_array, 'title' => $lang_title[language::getInstance()->getUseLanguage()], 'text' => $video_short_text, 'date' => system::getInstance()->toDate($result['date'], 'h'), 'unixtime' => $result['date'], 'category_url' => $result['path'], 'category_name' => $cat_serial_text[language::getInstance()->getUseLanguage()], 'author_id' => $result['author'], 'author_nick' => user::getInstance()->get('nick', $result['author']), 'full_video_uri' => $video_full_link, 'comment_count' => $comment_count, 'view_count' => $result['views'], 'poster' => $image_poster_url, 'important' => $result['important']);
             }
         }
         $stmt = null;
     }
     if ($item_type == 'top') {
         $page_link = $cat_link == null ? "video/top" : "video/top/" . $cat_link;
     } else {
         $page_link = $cat_link == null ? "video" : "video/" . $cat_link;
     }
     $pagination = template::getInstance()->showFastPagination($page_index, $page_video_count, $total_video_count, $page_link);
     $full_params = array('local' => $theme_array, 'pagination' => $pagination, 'page_title' => $page_title, 'page_desc' => $page_desc, 'page_link' => $cat_link, 'video_sort_type' => $item_type);
     return template::getInstance()->twigRender('/components/video/short_view.tpl', $full_params);
 }