$shp_item = !empty($pinfo['pay_code']) ? $pinfo['pay_area'] . '_' . $pinfo['pay_code'] : $pinfo['pay_area']; $inv_desc = $pinfo['pay_desc']; $in_curr = ''; $culture = "ru"; $out_summ = $pinfo['pay_summ'] * $cfg['plugin']['roboxbilling']['rate']; if ($cfg['plugin']['roboxbilling']['testmode']) { $test_string = "&IsTest=1"; } $crc = md5("{$mrh_login}:{$out_summ}:{$inv_id}:{$mrh_pass1}:Shp_item={$shp_item}"); $post_opt = "MrchLogin="******"&OutSum=" . $out_summ . "&InvId=" . $inv_id . "&Desc=" . $inv_desc . "&SignatureValue=" . $crc . "&Shp_item=" . $shp_item . "&IncCurrLabel=" . $in_curr . "&Culture=" . $culture . $test_string; cot_payments_updatestatus($pid, 'process'); // Изменяем статус "в процессе оплаты" header('Location: ' . $url . '?' . $post_opt); exit; } else { cot_die(); } } elseif ($m == 'success') { // регистрационная информация (пароль #1) // registration info (password #1) $mrh_pass1 = $cfg['plugin']['roboxbilling']['mrh_pass1']; // чтение параметров // read parameters $out_summ = $_REQUEST["OutSum"]; $inv_id = $_REQUEST["InvId"]; $shp_item = $_REQUEST["Shp_item"]; $crc = $_REQUEST["SignatureValue"]; $crc = strtoupper($crc); $my_crc = strtoupper(md5("{$out_summ}:{$inv_id}:{$mrh_pass1}:Shp_item={$shp_item}")); $plugin_body = $L['roboxbilling_error_otkaz']; // проверка корректности подписи
cot_redirect(cot_url('page', $page_urlp, '', true, false, true)); } $out['subtitle'] = $L['i18n_editing']; $t = new XTemplate(cot_tplfile('i18n.page', 'plug')); $t->assign(array('I18N_ACTION' => cot_url('plug', "e=i18n&m=page&a=edit&id={$id}&l={$i18n_locale}"), 'I18N_TITLE' => $L['i18n_editing'], 'I18N_ORIGINAL_LANG' => $i18n_locales[$cfg['defaultlang']], 'I18N_LOCALIZED_LANG' => $i18n_locales[$i18n_locale], 'I18N_PAGE_TITLE' => htmlspecialchars($pag['page_title']), 'I18N_PAGE_DESC' => htmlspecialchars($pag['page_desc']), 'I18N_PAGE_TEXT' => cot_parse($pag['page_text'], $cfg['page']['markup']), 'I18N_IPAGE_TITLE' => htmlspecialchars($pag_i18n['ipage_title']), 'I18N_IPAGE_DESC' => htmlspecialchars($pag_i18n['ipage_desc']), 'I18N_IPAGE_TEXT' => cot_textarea('translate_text', $pag_i18n['ipage_text'], 32, 80, '', 'input_textarea_editor'))); cot_display_messages($t); /* === Hook === */ foreach (cot_getextplugins('i18n.page.edit.tags') as $pl) { include $pl; } /* =============*/ } elseif ($a == 'delete' && ($i18n_admin || $usr['id'] == $pag['ipage_translatorid'])) { // Send to trashcan if available if ($cfg['plugin']['trashcan']['trash_page']) { require_once cot_incfile('trashcan', 'plug'); $row = $db->query("SELECT * FROM {$db_i18n_pages}\n\t\t\t\tWHERE ipage_id = {$id} AND ipage_locale = '{$i18n_locale}'")->fetch(); cot_trash_put('i18n_page', $L['i18n_translation'] . " #{$id} ({$i18n_locale}) " . $row['ipage_title'], $id, $row); } $db->delete($db_i18n_pages, "ipage_id = {$id} AND ipage_locale = '{$i18n_locale}'"); /* === Hook === */ foreach (cot_getextplugins('i18n.page.delete.done') as $pl) { include $pl; } /* =============*/ cot_message('Deleted'); $page_urlp = empty($pag['page_alias']) ? 'c=' . $pag['page_cat'] . "id={$id}" : 'c=' . $pag['page_cat'] . 'al=' . $pag['page_alias']; cot_redirect(cot_url('page', $page_urlp, '', true)); } } else { cot_die(true, true); }
$adminsubtitle = $L['Configuration']; $t = new XTemplate(cot_tplfile('admin.config', 'core')); /* === Hook === */ foreach (cot_getextplugins('admin.config.first') as $pl) { include $pl; } /* ===== */ switch ($n) { case 'edit': $o = cot_import('o', 'G', 'ALP'); $p = cot_import('p', 'G', 'ALP'); $v = cot_import('v', 'G', 'ALP'); $o = empty($o) ? 'core' : $o; $p = empty($p) ? 'global' : $p; $optionslist = cot_config_list($o, $p, ''); cot_die(!sizeof($optionslist), true); if ($o != 'core' && file_exists(cot_langfile($p, $o))) { require cot_langfile($p, $o); } if ($o != 'core' && file_exists(cot_incfile($p, $o))) { require_once cot_incfile($p, $o); } /* === Hook === */ foreach (cot_getextplugins('admin.config.edit.first') as $pl) { include $pl; } /* ===== */ if ($a == 'update' && !empty($_POST)) { $updated = cot_config_update_options($p, $optionslist, $o); $errors = cot_get_messages('', 'error'); if ($o == 'module' || $o == 'plug') {
include $pl; } /* ===== */ $res ? cot_message('Resynced') : cot_message("Error: function {$area_sync} doesn't exist."); // TODO i18n $cache && $cfg['cache_' . $n] && $cache->page->clear($n); cot_redirect(cot_url('admin', 'm=structure&n=' . $n . '&mode=' . $mode . '&d=' . $durl, '', true)); } $ext_info = cot_get_extensionparams($n, true); $adminpath[] = array(cot_url('admin', 'm=extensions'), $L['Extensions']); $adminpath[] = array($is_module ? cot_url('admin', 'm=' . $n) : cot_url('admin', 'm=extensions&a=details&pl=' . $n), $ext_info['name']); $adminpath[] = array(cot_url('admin', 'm=structure&n=' . $n), $L['Structure']); if ($id > 0 || !empty($al)) { $where = $id > 0 ? 'structure_id=' . (int) $id : "structure_code='" . $db->prep($al) . "'"; $sql = $db->query("SELECT * FROM {$db_structure} WHERE {$where} LIMIT 1"); cot_die($sql->rowCount() == 0); } elseif ($mode && ($mode == 'all' || $structure[$n][$mode])) { $sqlmask = $mode == 'all' ? "structure_path NOT LIKE '%.%'" : "structure_path LIKE '" . $db->prep($structure[$n][$mode]['rpath']) . ".%' AND structure_path NOT LIKE '" . $db->prep($structure[$n][$mode]['rpath']) . ".%.%'"; $sql = $db->query("SELECT * FROM {$db_structure} WHERE structure_area='" . $db->prep($n) . "' AND {$sqlmask} ORDER BY structure_path ASC, structure_code ASC LIMIT {$d}, " . $maxrowsperpage); $totalitems = $db->query("SELECT COUNT(*) FROM {$db_structure} WHERE structure_area='" . $db->prep($n) . "' AND {$sqlmask}")->fetchColumn(); $pagenav = cot_pagenav('admin', 'm=structure&n=' . $n . '&mode=' . $mode, $d, $totalitems, $maxrowsperpage, 'd', '', $cfg['jquery'] && $cfg['turnajax']); } else { $sql = $db->query("SELECT * FROM {$db_structure} WHERE structure_area='" . $db->prep($n) . "' ORDER BY structure_path ASC, structure_code ASC LIMIT {$d}, " . $maxrowsperpage); $totalitems = $db->query("SELECT COUNT(*) FROM {$db_structure} WHERE structure_area='" . $db->prep($n) . "'")->fetchColumn(); $pagenav = cot_pagenav('admin', 'm=structure&n=' . $n, $d, $totalitems, $maxrowsperpage, 'd', '', $cfg['jquery'] && $cfg['turnajax']); } $t->assign(array('ADMIN_STRUCTURE_UPDATE_FORM_URL' => cot_url('admin', 'm=structure&n=' . $n . '&mode=' . $mode . '&a=update&d=' . $durl), 'ADMIN_PAGE_STRUCTURE_RESYNCALL' => cot_url('admin', 'm=structure&n=' . $n . '&mode=' . $mode . '&a=resyncall&' . cot_xg() . '&d=' . $durl), 'ADMIN_STRUCTURE_URL_EXTRAFIELDS' => cot_url('admin', 'm=extrafields&n=' . $db_structure))); $ii = 0; /* === Hook - Part1 : Set === */ $extp = cot_getextplugins('admin.structure.loop'); /* ===== */
$s = 'date'; $w = 'desc'; } elseif ($c == 'saved_drafts') { $cat['tpl'] = 'unvalidated'; $where['state'] = 'page_state = 2'; $where['ownerid'] = $usr['isadmin'] ? '1' : 'page_ownerid = ' . $usr['id']; $cat['title'] = $L['page_drafts']; $cat['desc'] = $L['page_drafts_desc']; $s = 'date'; $w = 'desc'; } elseif ($c != 'all') { $where['cat'] = 'page_cat=' . $db->quote($c); $where['state'] = "page_state=0"; } $c = empty($cat['title']) ? 'all' : $c; cot_die(empty($cat['title']) && !$usr['isadmin']); if ($o && $p) { if (!is_array($o)) { $o = array($o); } if (!is_array($p)) { $p = array($p); } $filters = array_combine($o, $p); foreach ($filters as $key => $val) { $key = cot_import($key, 'D', 'ALP', 16); $val = cot_import($val, 'D', 'TXT', 16); if ($key && $val && $db->fieldExists($db_pages, "page_{$key}")) { $params[$key] = $val; $where['filter'][] = "page_{$key} = :{$key}"; }
* * @package Forums * @copyright (c) Cotonti Team * @license https://github.com/Cotonti/Cotonti/blob/master/License.txt */ defined('COT_CODE') or die('Wrong URL'); $s = cot_import('s', 'G', 'TXT'); // section cat cot_blockguests(); cot_die(empty($s)); /* === Hook === */ foreach (cot_getextplugins('forums.newtopic.first') as $pl) { include $pl; } /* ===== */ isset($structure['forums'][$s]) || cot_die(); list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('forums', $s); /* === Hook === */ foreach (cot_getextplugins('forums.newtopic.rights') as $pl) { include $pl; } /* ===== */ cot_block($usr['auth_write']); if ($structure['forums'][$s]['locked']) { cot_die_message(602, true); } if ($a == 'newtopic') { cot_shield_protect(); /* === Hook === */ foreach (cot_getextplugins('forums.newtopic.newtopic.first') as $pl) { include $pl;
$pfs_extension = $row['pfs_extension']; $pfs_desc = htmlspecialchars($row['pfs_desc']); $pfs_size = floor($row['pfs_size'] / 1024); // in KiB; deprecated but kept for compatibility $pfs_size_bytes = $row['pfs_size']; $ff = $pfs_dir_user . $pfs_file; } else { cot_die(); } $title[] = htmlspecialchars($pfs_file); if ($a == 'update' && !empty($id)) { $rdesc = cot_import('rdesc', 'P', 'TXT'); $folderid = cot_import('folderid', 'P', 'INT'); if ($folderid > 0) { $sql_pfs_pffcount = $db->query("SELECT pff_id FROM {$db_pfs_folders} WHERE pff_userid={$userid} AND pff_id={$folderid}"); cot_die($sql_pfs_pffcount->rowCount() == 0); } else { $folderid = 0; } $sql_pfs_update = $db->query("UPDATE {$db_pfs} SET\n\t\tpfs_desc='" . $db->prep($rdesc) . "',\n\t\tpfs_folderid={$folderid}\n\t\tWHERE pfs_userid={$userid} AND pfs_id={$id}"); cot_redirect(cot_url('pfs', "f={$pfs_folderid}&" . $more, '', true)); } /* ============= */ $out['subtitle'] = $L['pfs_title']; if (!$standalone) { require_once $cfg['system_dir'] . '/header.php'; } $t = new XTemplate(cot_tplfile('pfs.edit')); if ($standalone) { cot_sendheaders(); $html = Resources::render();
$sql2->closeCursor(); } /* == Hook == */ foreach (cot_getextplugins('comments.edit.update.done') as $pl) { include $pl; } /* ===== */ $com_grp = $usr['isadmin'] ? 'adm' : 'usr'; cot_log('Edited comment #' . $id, $com_grp); cot_redirect(cot_url($url_area, $url_params, '#c' . $id, true)); } } $t->assign(array('COMMENTS_TITLE' => $plugin_title, 'COMMENTS_TITLE_URL' => cot_url('plug', 'e=comments'))); $t->parse('MAIN.COMMENTS_TITLE'); $sql = $db->query("SELECT * FROM {$db_com} WHERE com_id=? AND com_code=? AND com_area=?", array($id, $item, $area)); cot_die($sql->rowCount() != 1); $com = $sql->fetch(); $com_limit = $sys['now'] < $com['com_date'] + $cfg['plugin']['comments']['time'] * 60 ? TRUE : FALSE; $usr['isowner'] = $com_limit && ($usr['id'] > 0 && $com['com_authorid'] == $usr['id'] || $usr['id'] == 0 && isset($_SESSION['cot_comments_edit'][$id])); $usr['allow_write'] = $usr['isadmin'] || $usr['isowner']; cot_block($usr['allow_write']); $editor = $cfg['plugin']['comments']['markup'] ? 'input_textarea_minieditor' : ''; $t->assign(array('COMMENTS_FORM_POST' => cot_url('plug', 'e=comments&m=edit&a=update&area=' . $area . '&cat=' . $cat . '&item=' . $com['com_code'] . '&id=' . $com['com_id']), 'COMMENTS_POSTER_TITLE' => $L['Poster'], 'COMMENTS_POSTER' => $com['com_author'], 'COMMENTS_IP_TITLE' => $L['Ip'], 'COMMENTS_IP' => $com['com_authorip'], 'COMMENTS_DATE_TITLE' => $L['Date'], 'COMMENTS_DATE' => cot_date('datetime_medium', $com['com_date']), 'COMMENTS_DATE_STAMP' => $com['com_date'], 'COMMENTS_FORM_UPDATE_BUTTON' => $L['Update'], 'COMMENTS_FORM_TEXT' => cot_textarea('comtext', $com['com_text'], 8, 64, '', $editor))); // Extra fields foreach ($cot_extrafields[$db_com] as $exfld) { $uname = strtoupper($exfld['field_name']); $exfld_val = cot_build_extrafields('rcomments' . $exfld['field_name'], $exfld, $com[$exfld['field_name']]); $exfld_title = isset($L['comments_' . $exfld['field_name'] . '_title']) ? $L['comments_' . $exfld['field_name'] . '_title'] : $exfld['field_description']; $t->assign(array('COMMENTS_FORM_' . $uname => $exfld_val, 'COMMENTS_FORM_' . $uname . '_TITLE' => $exfld_title, 'COMMENTS_FORM_EXTRAFLD' => $exfld_val, 'COMMENTS_FORM_EXTRAFLD_TITLE' => $exfld_title)); $t->parse('COMMENTS.COMMENTS_FORM_EDIT.EXTRAFLD'); }
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('users', 'a'); cot_block($usr['auth_read']); /* === Hook === */ foreach (cot_getextplugins('users.details.first') as $pl) { include $pl; } /* ===== */ if (!empty($u) && empty($id)) { $u = $db->query("SELECT user_id FROM {$db_users} WHERE user_name=" . $db->quote($u) . " LIMIT 1")->fetch(); $id = $u['user_id']; } elseif (empty($id) && empty($u) && $usr['id'] > 0) { $id = $usr['id']; } cot_die(empty($id), true); $sql = $db->query("SELECT * FROM {$db_users} WHERE user_id={$id} LIMIT 1"); cot_die($sql->rowCount() == 0, true); $urr = $sql->fetch(); $title_params = array('USER' => $L['User'], 'NAME' => $urr['user_name']); $out['subtitle'] = cot_title('title_users_details', $title_params); $mskin = cot_tplfile(array('users', 'details'), 'module'); /* === Hook === */ foreach (cot_getextplugins('users.details.main') as $pl) { include $pl; } /* ===== */ require_once $cfg['system_dir'] . '/header.php'; $t = new XTemplate($mskin); $t->assign(cot_generate_usertags($urr, 'USERS_DETAILS_', '', true)); $t->assign(array('USERS_DETAILS_TITLE' => cot_breadcrumbs(array(array(cot_url('users'), $L['Users']), array(cot_url('users', 'm=details&id=' . $urr['user_id'] . '&u=' . $urr['user_name']), $urr['user_name'])), $cfg['homebreadcrumb']), 'USERS_DETAILS_SUBTITLE' => $L['use_subtitle'])); /* === Hook === */ foreach (cot_getextplugins('users.details.tags') as $pl) {
/** * Список объявлений * @param $c * @return string * @throws Exception */ public function adList($c) { global $structure, $cot_extrafields, $db_structure, $Ls; if ($c == 'all') { cot_block(cot::$usr['isadmin']); } elseif (!in_array($c, array('unvalidated', 'saved-drafts'))) { if (!isset($structure['advboard'][$c])) { cot_die_message(404, TRUE); } else { list(cot::$usr['auth_read'], cot::$usr['auth_write'], cot::$usr['isadmin']) = cot_auth('advboard', $c); cot_block(cot::$usr['auth_read']); } } $sort = cot_import('s', 'G', 'ALP'); // order field name $way = cot_import('w', 'G', 'ALP', 4); // order way (asc, desc) $maxrowsperpage = cot::$cfg['advboard']['cat_' . $c]['maxrowsperpage'] ? cot::$cfg['advboard']['cat_' . $c]['maxrowsperpage'] : cot::$cfg['advboard']['cat___default']['maxrowsperpage']; if ($maxrowsperpage < 1) { $maxrowsperpage = 1; } list($pg, $d, $durl) = cot_import_pagenav('d', $maxrowsperpage); //page number for pages list list($pgc, $dc, $dcurl) = cot_import_pagenav('dc', cot::$cfg['advboard']['maxlistsperpage']); // page number for cats list // Фильтры для модератора $mf = array('period' => 0, 'state' => -2); if (cot::$usr['isadmin']) { $mf['period'] = isset($_GET['mf']['period']) ? cot_import($_GET['mf']['period'], 'D', 'ALP') : 0; $mf['state'] = isset($_GET['mf']['state']) ? cot_import($_GET['mf']['state'], 'D', 'INT') : -2; } /* === Hook === */ foreach (cot_getextplugins('advboard.list.first') as $pl) { include $pl; } /* ===== */ $category = array('config' => array()); if (isset($structure['advboard'][$c])) { $category = $structure['advboard'][$c]; $category['config'] = cot::$cfg['advboard']['cat_' . $c]; } $category['code'] = $c; $fields = advboard_model_Advert::getColumns(); if (empty($sort)) { $sort = cot::$cfg['advboard']['cat_' . $c]['order']; } elseif (!in_array($sort, $fields)) { $sort = 'sort'; } $way = empty($way) ? cot::$cfg['advboard']['cat_' . $c]['way'] : $way; $sort = empty($sort) ? cot::$cfg['advboard']['cat___default']['order'] : $sort; $way = empty($way) || !in_array($way, array('asc', 'desc')) ? cot::$cfg['advboard']['cat___default']['way'] : $way; $urlParams = array('c' => $c); if ($sort != cot::$cfg['advboard']['cat_' . $c]['order']) { $urlParams['s'] = $sort; } if ($way != cot::$cfg['advboard']['cat_' . $c]['way']) { $urlParams['w'] = $way; } $canonicalUrlParams = array('c' => $c); if ($durl > 1) { $canonicalUrlParams['d'] = $durl; } if ($dcurl > 1) { $canonicalUrlParams['dc'] = $dcurl; } $template = array('advboard', 'list'); $where = array(); if ($c == 'unvalidated') { $template = array('advboard', 'list', 'unvalidated'); $where['state'] = array('state', advboard_model_Advert::AWAITING_MODERATION); if (!cot::$usr['isadmin']) { $where['user'] = array('user', cot::$usr['id']); } $category['title'] = cot::$L['page_validation']; $category['desc'] = cot::$L['page_validation_desc']; $sort = 'created'; $way = 'desc'; } elseif ($c == 'saved-drafts') { $template = array('advboard', 'list', 'unvalidated'); $where['state'] = array('state', advboard_model_Advert::DRAFT); if (!cot::$usr['isadmin']) { $where['user'] = array('user', cot::$usr['id']); } $category['title'] = cot::$L['page_drafts']; $category['desc'] = cot::$L['page_drafts_desc']; $sort = 'created'; $way = 'desc'; } elseif ($c == 'all') { $category['title'] = cot::$L['advboard_ads_board']; } else { $where['category'] = array('category', $c); $where['state'] = array('state', advboard_model_Advert::PUBLISHED); $where['begin'] = array('begin', cot::$sys['now'], '<='); $where['expire'] = array('SQL', "expire = 0 OR expire > " . cot::$sys['now']); $template = array('advboard', 'list', $structure['advboard'][$c]['tpl']); } $moderatorFilters = array(); if (cot::$usr['isadmin']) { if ($mf['state'] == -1) { unset($where['state']); } elseif ($mf['state'] >= 0 && $mf['state'] < 3) { $where['state'] = array('state', $mf['state']); } if ($mf['period'] == 'all') { unset($where['begin'], $where['expire']); } elseif ($mf['period'] == 'exp') { unset($where['begin']); $where['expire'] = array('SQL', "expire > 0 AND expire <= " . cot::$sys['now']); } elseif ($mf['period'] == 'fut') { unset($where['expire']); $where['begin'] = array('begin', cot::$sys['now'], '>'); } $tmp = array(-2 => cot::$R['code_option_empty'], -1 => cot::$L['All'], 0 => cot::$L['advboard_state_0'], 1 => cot::$L['advboard_state_1'], 2 => cot::$L['advboard_state_2']); $moderatorFilters['state'] = cot_selectbox($mf['state'], 'mf[state]', array_keys($tmp), array_values($tmp), false); $tmp = array('0' => cot::$R['code_option_empty'], 'all' => cot::$L['All'], 'exp' => cot::$L['advboard_expired'], 'fut' => cot::$L['advboard_future']); $moderatorFilters['period'] = cot_selectbox(strval($mf['period']), 'mf[period]', array_keys($tmp), array_values($tmp), false); $moderatorFilters['action'] = cot_url('advboard', $urlParams); $moderatorFilters['hidden'] = ''; foreach ($urlParams as $key => $val) { $moderatorFilters['hidden'] .= cot_inputbox('hidden', $key, $val); } $moderatorFilters['reset'] = cot_url('advboard', $urlParams); } cot_die(empty($category['title']) && !cot::$usr['isadmin']); cot::$out['desc'] = htmlspecialchars(strip_tags($category['desc'])); cot::$out['subtitle'] = $category['title']; if (!empty(cot::$cfg['advboard']['cat_' . $c]['keywords'])) { cot::$out['keywords'] = cot::$cfg['advboard']['cat_' . $c]['keywords']; } if (!empty(cot::$cfg['advboard']['cat_' . $c]['metadesc'])) { cot::$out['desc'] = cot::$cfg['advboard']['cat_' . $c]['metadesc']; } if (!empty(cot::$cfg['advboard']['cat_' . $c]['metatitle'])) { cot::$out['subtitle'] = cot::$cfg['advboard']['cat_' . $c]['metatitle']; } // Building the canonical URL cot::$out['canonical_uri'] = cot_url('advboard', $canonicalUrlParams); $condition = array(); foreach ($where as $key => $val) { $condition[] = $val; } $order = array(array('sticky', 'desc'), array($sort, $way)); /* === Hook === */ foreach (cot_getextplugins('advboard.list.query') as $pl) { include $pl; } /* ===== */ $totallines = advboard_model_Advert::count($condition); $advertisement = null; if ($totallines > 0) { $advertisement = advboard_model_Advert::find($condition, $maxrowsperpage, $d, $order); } $allowComments = cot_plugin_active('comments'); if ($allowComments) { if (!isset(cot::$cfg['advboard']['cat_' . $c])) { $allowComments = false; } else { $allowComments = cot::$cfg['advboard']['cat_' . $c]['enable_comments']; } } $addNewUrl = ''; if ((cot::$usr['auth_write'] || cot::$usr['isadmin']) && !empty($category['id'])) { $addNewUrl = cot_url('advboard', array('a' => 'edit', 'c' => $category['code'])); } /* === Hook === */ foreach (cot_getextplugins('advboard.list.main') as $pl) { include $pl; } /* ===== */ // Extra fields for structure foreach ($cot_extrafields[$db_structure] as $exfld) { $uname = $exfld['field_name']; $val = $structure['advboard'][$c][$exfld['field_name']]; $category[$uname . '_title'] = isset(cot::$L['structure_' . $exfld['field_name'] . '_title']) ? cot::$L['structure_' . $exfld['field_name'] . '_title'] : $exfld['field_description']; $category[$uname] = cot_build_extrafields_data('structure', $exfld, $val); $category[$uname . '_value'] = $val; } $kk = 0; $allsub = cot_structure_children('advboard', $c, false, false, true, false); $subcat = array_slice($allsub, $dc, cot::$cfg['advboard']['maxlistsperpage']); /* === Hook === */ foreach (cot_getextplugins('advboard.list.rowcat.first') as $pl) { include $pl; } /* ===== */ /* === Hook - Part1 : Set === */ $extp = cot_getextplugins('advboard.list.rowcat.loop'); /* ===== */ $subCategories = array(); foreach ($subcat as $x) { $kk++; $cat_childs = cot_structure_children('advboard', $x); $sub_count = 0; foreach ($cat_childs as $cat_child) { $sub_count += (int) $structure['advboard'][$cat_child]['count']; } $sub_url_path = $urlParams; $sub_url_path['c'] = $x; $subCategories[$x] = $structure['advboard'][$x]; $subCategories[$x]['config'] = cot::$cfg['advboard']['cat_' . $x]; $subCategories[$x]['code'] = $x; $subCategories[$x]['count'] = $sub_count; $subCategories[$x]['num'] = $kk; // Extra fields for structure foreach ($cot_extrafields[$db_structure] as $exfld) { $uname = $exfld['field_name']; $val = $structure['advboard'][$x][$exfld['field_name']]; $subCategories[$x][$uname . '_title'] = isset(cot::$L['structure_' . $exfld['field_name'] . '_title']) ? cot::$L['structure_' . $exfld['field_name'] . '_title'] : $exfld['field_description']; $subCategories[$x][$uname] = cot_build_extrafields_data('structure', $exfld, $val); $subCategories[$x][$uname . '_value'] = $val; } /* === Hook - Part2 : Include === */ foreach ($extp as $pl) { include $pl; } /* ===== */ } $crumbs = array(); if (!empty($category['id'])) { $crumbs = cot_structure_buildpath('advboard', $c); if (cot::$cfg['advboard']['firstCrumb']) { array_unshift($crumbs, array(cot_url('advboard'), cot::$L['advboard_ads'])); } } // Фильтры для модератора if (cot::$usr['isadmin']) { if ($mf['period'] != '0') { $urlParams['mf[period]'] = $mf['period']; } if ($mf['state'] != -2) { $urlParams['mf[state]'] = $mf['state']; } } $pagenavCategory = cot_pagenav('advboard', $urlParams + array('d' => $durl), $dc, count($allsub), cot::$cfg['advboard']['maxlistsperpage'], 'dc'); if (empty($pagenavCategory['current'])) { $pagenavCategory['current'] = 1; } $pagenav = cot_pagenav('advboard', $urlParams + array('dc' => $dcurl), $d, $totallines, $maxrowsperpage); if (empty($pagenav['current'])) { $pagenav['current'] = 1; } $breadcrumbs = ''; if (!empty($crumbs)) { $breadcrumbs = cot_breadcrumbs($crumbs, cot::$cfg['homebreadcrumb'], true); } $pageUrlParams = $urlParams; if ($durl > 1) { $pageUrlParams['d'] = $durl; } $view = new View(); $view->breadcrumbs = $breadcrumbs; $view->page_title = htmlspecialchars($category['title']); $view->category = $category; $view->subCategories = $subCategories; $view->condition = $condition; $view->order = $order; $view->advertisement = $advertisement; $view->totalitems = $totallines; $view->allowComments = $allowComments; $view->pagenav = $pagenav; $view->pagenavCategory = $pagenavCategory; $view->moderatorFilters = $moderatorFilters; $view->addNewUrl = $addNewUrl; $view->urlParams = $urlParams; $view->pageUrlParams = $pageUrlParams; /* === Hook === */ foreach (cot_getextplugins('advboard.list.view') as $pl) { include $pl; } /* ===== */ return $view->render($template); }
/** * Upload one or more files, return parent folder ID * * @param int $userid User ID * @param int $folderid Folder ID * @return int */ function cot_pfs_upload($userid, $folderid = '') { global $db, $cfg, $sys, $cot_extensions, $gd_supported, $maxfile, $maxtotal, $db_pfs, $db_pfs_folders, $L, $err_msg; if ($folderid === '') { $folderid = cot_import('folderid', 'P', 'INT'); } $ndesc = cot_import('ndesc', 'P', 'ARR'); $npath = cot_pfs_folderpath($folderid); /* === Hook === */ foreach (cot_getextplugins('pfs.upload.first') as $pl) { include $pl; } /* ===== */ cot_die($npath === FALSE); for ($ii = 0; $ii < $cfg['pfs']['pfsmaxuploads']; $ii++) { $disp_errors = ''; $u_tmp_name = $_FILES['userfile']['tmp_name'][$ii]; $u_type = $_FILES['userfile']['type'][$ii]; $u_name = $_FILES['userfile']['name'][$ii]; $u_size = $_FILES['userfile']['size'][$ii]; $u_name = str_replace("\\'", '', $u_name); $u_name = trim(str_replace("\"", '', $u_name)); if (!empty($u_name)) { $disp_errors .= $u_name . ' : '; $u_name = mb_strtolower($u_name); $dotpos = mb_strrpos($u_name, ".") + 1; $f_extension = mb_substr($u_name, $dotpos); $f_extension_ok = 0; $desc = $ndesc[$ii]; if ($cfg['pfs']['pfstimename']) { $u_name = time() . '_' . $u_name; } if (!$cfg['pfs']['pfsuserfolder']) { $u_name = $usr['id'] . '_' . $u_name; } $u_newname = cot_safename($u_name, true); $u_sqlname = $db->prep($u_newname); if ($f_extension != 'php' && $f_extension != 'php3' && $f_extension != 'php4' && $f_extension != 'php5') { foreach ($cot_extensions as $k => $line) { if (mb_strtolower($f_extension) == $line[0]) { $f_extension_ok = 1; } } } if (is_uploaded_file($u_tmp_name) && $u_size > 0 && $u_size < $maxfile && $f_extension_ok && $pfs_totalsize + $u_size < $maxtotal) { $fcheck = cot_file_check($u_tmp_name, $u_name, $f_extension); if ($fcheck == 1) { $pfs_dir_user = cot_pfs_path($userid); $thumbs_dir_user = cot_pfs_thumbpath($userid); if (!file_exists($pfs_dir_user . $npath . $u_newname)) { $is_moved = true; if ($cfg['pfs']['pfsuserfolder']) { if (!is_dir($pfs_dir_user)) { $is_moved &= mkdir($pfs_dir_user, $cfg['dir_perms']); } if (!is_dir($thumbs_dir_user)) { $is_moved &= mkdir($thumbs_dir_user, $cfg['dir_perms']); } } $is_moved &= move_uploaded_file($u_tmp_name, $pfs_dir_user . $npath . $u_newname); $is_moved &= chmod($pfs_dir_user . $npath . $u_newname, $cfg['file_perms']); $u_size = filesize($pfs_dir_user . $npath . $u_newname); if ($is_moved && (int) $u_size > 0) { /* === Hook === */ foreach (cot_getextplugins('pfs.upload.moved') as $pl) { include $pl; } /* ===== */ $db->insert($db_pfs, array('pfs_userid' => (int) $userid, 'pfs_date' => (int) $sys['now'], 'pfs_file' => $u_sqlname, 'pfs_extension' => $f_extension, 'pfs_folderid' => (int) $folderid, 'pfs_desc' => $desc, 'pfs_size' => (int) $u_size, 'pfs_count' => 0)); $db->update($db_pfs_folders, array('pff_updated' => $sys['now']), 'pff_id="' . $folderid . '"'); $disp_errors .= $L['Yes']; $pfs_totalsize += $u_size; /* === Hook === */ foreach (cot_getextplugins('pfs.upload.done') as $pl) { include $pl; } /* ===== */ if (in_array($f_extension, $gd_supported) && $cfg['pfs']['th_amode'] != 'Disabled' && file_exists($pfs_dir_user . $u_newname)) { @unlink($thumbs_dir_user . $npath . $u_newname); $th_colortext = array(hexdec(substr($cfg['pfs']['th_colortext'], 0, 2)), hexdec(substr($cfg['pfs']['th_colortext'], 2, 2)), hexdec(substr($cfg['pfs']['th_colortext'], 4, 2))); $th_colorbg = array(hexdec(substr($cfg['pfs']['th_colorbg'], 0, 2)), hexdec(substr($cfg['pfs']['th_colorbg'], 2, 2)), hexdec(substr($cfg['pfs']['th_colorbg'], 4, 2))); cot_imageresize($pfs_dir_user . $npath . $u_newname, $cfg['pfs']['thumbs_dir_user'] . $npath . $u_newname, $cfg['pfs']['th_x'], $cfg['pfs']['th_y'], '', $th_colorbg, $cfg['pfs']['th_jpeg_quality'], true); } } else { @unlink($pfs_dir_user . $npath . $u_newname); $disp_errors .= $L['pfs_filenotmoved']; } } else { $disp_errors .= $L['pfs_fileexists']; } } elseif ($fcheck == 2) { $disp_errors .= sprintf($L['pfs_filemimemissing'], $f_extension); } else { $disp_errors .= sprintf($L['pfs_filenotvalid'], $f_extension); } } else { $disp_errors .= $L['pfs_filetoobigorext']; } $err_msg[] = $disp_errors; } } return $folderid; }