function doModel()
{
switch ($this->action) {
case 'logout':
// unset only the required parameters in Session
Session::newInstance()->_drop('adminId');
Session::newInstance()->_drop('adminUserName');
Session::newInstance()->_drop('adminName');
Session::newInstance()->_drop('adminEmail');
Session::newInstance()->_drop('adminLocale');
Cookie::newInstance()->pop('oc_adminId');
Cookie::newInstance()->pop('oc_adminSecret');
Cookie::newInstance()->pop('oc_adminLocale');
Cookie::newInstance()->set();
$this->redirectTo(osc_admin_base_url(true));
break;
default:
//default dashboard page (main page at oc-admin)
$this->_exportVariableToView("numUsers", User::newInstance()->count());
$this->_exportVariableToView("numAdmins", Admin::newInstance()->count());
$this->_exportVariableToView("numItems", Item::newInstance()->count());
$this->_exportVariableToView("numItemsSpam", Item::newInstance()->totalItems(null, 'SPAM'));
$this->_exportVariableToView("numItemsBlock", Item::newInstance()->totalItems(null, 'DISABLED'));
$this->_exportVariableToView("numItemsInactive", Item::newInstance()->totalItems(null, 'INACTIVE'));
$this->_exportVariableToView("numItemsPerCategory", osc_get_non_empty_categories());
$this->_exportVariableToView("newsList", osc_listNews());
$this->_exportVariableToView("comments", ItemComment::newInstance()->getLastComments(5));
//calling the view...
$this->doView('main/index.php');
}
}
public static function newInstance()
{
if (!self::$instance instanceof self) {
self::$instance = new self();
}
return self::$instance;
}
function doModel()
{
switch ($this->action) {
case 'change_email_confirm':
//change email confirm
if (Params::getParam('userId') && Params::getParam('code')) {
$userManager = new User();
$user = $userManager->findByPrimaryKey(Params::getParam('userId'));
if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) {
$userEmailTmp = UserEmailTmp::newInstance()->findByPk(Params::getParam('userId'));
$code = osc_genRandomPassword(50);
$userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id']));
Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']);
UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email']));
osc_add_flash_ok_message(_m('Your email has been changed successfully'));
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator'));
}
$this->redirectTo(osc_base_url(true));
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
if ($email != '' && $secret != '') {
Alerts::newInstance()->delete(array('s_email' => $email, 'S_secret' => $secret));
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator'));
}
$this->redirectTo(osc_base_url());
break;
default:
$this->redirectTo(osc_user_login_url());
break;
}
}
public function table($params)
{
$this->addTableHeader();
$this->getDBParams($params);
$comments = ItemComment::newInstance()->search($this->resourceID, $this->start, $this->limit, $this->order_by['column_name'] ? $this->order_by['column_name'] : 'pk_i_id', $this->order_by['type'] ? $this->order_by['type'] : 'desc', $this->showAll);
$this->processData($comments);
if ($this->showAll) {
$this->total = ItemComment::newInstance()->countAll();
} else {
$this->total = ItemComment::newInstance()->countAll('( c.b_active = 0 OR c.b_enabled = 0 OR c.b_spam = 1 )');
}
if ($this->resourceID == null) {
$this->total_filtered = $this->total;
} else {
$this->total_filtered = ItemComment::newInstance()->count($this->resourceID);
}
return $this->getData();
}
function __construct($params)
{
$this->_get = $params;
$this->getDBParams();
// force ORDER BY
$this->order_by['column_name'] = $this->column_names[3];
$this->order_by['type'] = 'desc';
$this->comments = ItemComment::newInstance()->search($this->resourceID, $this->start, $this->limit, $this->order_by['column_name'] ? $this->order_by['column_name'] : 'pk_i_id', $this->order_by['type'] ? $this->order_by['type'] : 'desc', $this->showAll);
if ($this->showAll) {
$this->total = ItemComment::newInstance()->countAll();
} else {
$this->total = ItemComment::newInstance()->countAll('( c.b_active = 0 OR c.b_enabled = 0 OR c.b_spam = 1 )');
}
if ($this->resourceID == null) {
$this->total_filtered = $this->total;
} else {
$this->total_filtered = ItemComment::newInstance()->count($this->resourceID);
}
}
function edit($userId)
{
$input = $this->prepareData(false);
$this->manager->update($input, array('pk_i_id' => $userId));
if ($this->is_admin) {
Item::newInstance()->update(array('s_contact_name' => $input['s_name'], 's_contact_email' => $input['s_email']), array('fk_i_user_id' => $userId));
ItemComment::newInstance()->update(array('s_author_name' => $input['s_name'], 's_author_email' => $input['s_email']), array('fk_i_user_id' => $userId));
Alerts::newInstance()->update(array('s_email' => $input['s_email']), array('fk_i_user_id' => $userId));
Log::newInstance()->insertLog('user', 'edit', $userId, $input['s_email'], $this->is_admin ? 'admin' : 'user', $this->is_admin ? osc_logged_admin_id() : osc_logged_user_id());
} else {
Item::newInstance()->update(array('s_contact_name' => $input['s_name']), array('fk_i_user_id' => $userId));
ItemComment::newInstance()->update(array('s_author_name' => $input['s_name']), array('fk_i_user_id' => $userId));
$user = $this->manager->findByPrimaryKey($userId);
Log::newInstance()->insertLog('user', 'edit', $userId, $user['s_email'], $this->is_admin ? 'admin' : 'user', $this->is_admin ? osc_logged_admin_id() : osc_logged_user_id());
}
Session::newInstance()->_set('userName', $input['s_name']);
$phone = $input['s_phone_mobile'] ? $input['s_phone_mobile'] : $input['s_phone_land'];
Session::newInstance()->_set('userPhone', $phone);
if (is_array(Params::getParam('s_info'))) {
foreach (Params::getParam('s_info') as $key => $value) {
$this->manager->updateDescription($userId, $key, $value);
}
}
osc_run_hook('user_edit_completed', $userId);
if ($this->is_admin) {
$iUpdated = 0;
if (Params::getParam("b_enabled") != '' && Params::getParam("b_enabled") == 1) {
$iUpdated += $this->manager->update(array('b_enabled' => 1), array('pk_i_id' => $userId));
} else {
$iUpdated += $this->manager->update(array('b_enabled' => 0), array('pk_i_id' => $userId));
}
if (Params::getParam("b_active") != '' && Params::getParam("b_active") == 1) {
$iUpdated += $this->manager->update(array('b_active' => 1), array('pk_i_id' => $userId));
} else {
$iUpdated += $this->manager->update(array('b_active' => 0), array('pk_i_id' => $userId));
}
if ($iUpdated > 0) {
return 2;
}
}
return 0;
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
$id = Params::getParam('id');
if ($id) {
switch (Params::getParam('bulk_actions')) {
case 'delete_all':
$this->itemCommentManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $id) . ')'));
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->delete(array('pk_i_id' => $_id));
osc_add_hook("delete_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been deleted'), 'admin');
break;
case 'activate_all':
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $_id));
if ($iUpdated) {
$this->sendCommentActivated($_id);
}
osc_add_hook("activate_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been approved'), 'admin');
break;
case 'deactivate_all':
foreach ($id as $_id) {
$this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $_id));
osc_add_hook("deactivate_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been disapproved'), 'admin');
break;
case 'enable_all':
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $_id));
if ($iUpdated) {
$this->sendCommentActivated($_id);
}
osc_add_hook("enable_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been unblocked'), 'admin');
break;
case 'disable_all':
foreach ($id as $_id) {
$this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $_id));
osc_add_hook("disable_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been blocked'), 'admin');
break;
}
}
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'status':
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) {
return false;
}
if ($value == 'ACTIVE') {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $id));
if ($iUpdated) {
$this->sendCommentActivated($id);
}
osc_add_hook("activate_comment", $id);
osc_add_flash_ok_message(_m('The comment has been approved'), 'admin');
} else {
if ($value == 'INACTIVE') {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $id));
osc_add_hook("deactivate_comment", $id);
osc_add_flash_ok_message(_m('The comment has been disapproved'), 'admin');
} else {
if ($value == 'ENABLE') {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $id));
osc_add_hook("enable_comment", $id);
osc_add_flash_ok_message(_m('The comment has been enabled'), 'admin');
} else {
if ($value == 'DISABLE') {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $id));
osc_add_hook("disable_comment", $id);
osc_add_flash_ok_message(_m('The comment has been disabled'), 'admin');
}
}
}
}
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'comment_edit':
$comment = ItemComment::newInstance()->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('comment', $comment);
$this->doView('comments/frm.php');
break;
case 'comment_edit_post':
$msg = '';
if (!osc_validate_email(Params::getParam('authorEmail'), true)) {
$msg .= _m('Email is not correct') . "<br/>";
}
if (!osc_validate_text(Params::getParam('body'), 1, true)) {
$msg .= _m('Comment is required') . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=comments&action=comment_edit&id=" . Params::getParam('id'));
}
$this->itemCommentManager->update(array('s_title' => Params::getParam('title'), 's_body' => Params::getParam('body'), 's_author_name' => Params::getParam('authorName'), 's_author_email' => Params::getParam('authorEmail')), array('pk_i_id' => Params::getParam('id')));
osc_run_hook('edit_comment', Params::getParam('id'));
osc_add_flash_ok_message(_m('Great! We just updated your comment'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'delete':
$this->itemCommentManager->deleteByPrimaryKey(Params::getParam('id'));
osc_add_flash_ok_message(_m('The comment has been deleted'), 'admin');
osc_run_hook('delete_comment', Params::getParam('id'));
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
default:
if (Params::getParam('iDisplayLength') == '') {
Params::setParam('iDisplayLength', 10);
}
// showAll == ''
// -> show all comments filtered
// showAll != ''
// -> show comments which are not
// -> diplayed at frontend
if (Params::getParam('showAll') == '' || Params::getParam('showAll') == '1') {
Params::setParam('showAll', true);
} else {
Params::setParam('showAll', false);
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
require_once osc_admin_base_path() . 'ajax/comments_processing.php';
$params = Params::getParamsAsArray("get");
$comments_processing = new CommentsProcessingAjax($params);
$aData = $comments_processing->result($params);
$page = (int) Params::getParam('iPage');
if (count($aData['aaData']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aComments', $aData);
$this->doView('comments/index.php');
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
osc_csrf_check();
$id = Params::getParam('id');
if ($id) {
switch (Params::getParam('bulk_actions')) {
case 'delete_all':
$this->itemCommentManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $id) . ')'));
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->delete(array('pk_i_id' => $_id));
osc_add_hook("delete_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been deleted'), 'admin');
break;
case 'activate_all':
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $_id));
if ($iUpdated) {
$this->sendCommentActivated($_id);
}
osc_add_hook("activate_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been approved'), 'admin');
break;
case 'deactivate_all':
foreach ($id as $_id) {
$this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $_id));
osc_add_hook("deactivate_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been disapproved'), 'admin');
break;
case 'enable_all':
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $_id));
if ($iUpdated) {
$this->sendCommentActivated($_id);
}
osc_add_hook("enable_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been unblocked'), 'admin');
break;
case 'disable_all':
foreach ($id as $_id) {
$this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $_id));
osc_add_hook("disable_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been blocked'), 'admin');
break;
default:
if (Params::getParam("bulk_actions") != "") {
osc_run_hook("item_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id'));
}
break;
}
}
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'status':
osc_csrf_check();
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) {
return false;
}
if ($value == 'ACTIVE') {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $id));
if ($iUpdated) {
$this->sendCommentActivated($id);
}
osc_add_hook("activate_comment", $id);
osc_add_flash_ok_message(_m('The comment has been approved'), 'admin');
} else {
if ($value == 'INACTIVE') {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $id));
osc_add_hook("deactivate_comment", $id);
osc_add_flash_ok_message(_m('The comment has been disapproved'), 'admin');
} else {
if ($value == 'ENABLE') {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $id));
osc_add_hook("enable_comment", $id);
osc_add_flash_ok_message(_m('The comment has been enabled'), 'admin');
} else {
if ($value == 'DISABLE') {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $id));
osc_add_hook("disable_comment", $id);
osc_add_flash_ok_message(_m('The comment has been disabled'), 'admin');
}
}
}
}
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'comment_edit':
$comment = ItemComment::newInstance()->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('comment', $comment);
$this->doView('comments/frm.php');
break;
case 'comment_edit_post':
osc_csrf_check();
$msg = '';
if (!osc_validate_email(Params::getParam('authorEmail'), true)) {
$msg .= _m('Email is not correct') . "<br/>";
}
if (!osc_validate_text(Params::getParam('body'), 1, true)) {
$msg .= _m('Comment is required') . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=comments&action=comment_edit&id=" . Params::getParam('id'));
}
$this->itemCommentManager->update(array('s_title' => Params::getParam('title'), 's_body' => Params::getParam('body'), 's_author_name' => Params::getParam('authorName'), 's_author_email' => Params::getParam('authorEmail')), array('pk_i_id' => Params::getParam('id')));
osc_run_hook('edit_comment', Params::getParam('id'));
osc_add_flash_ok_message(_m('Great! We just updated your comment'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'delete':
osc_csrf_check();
$this->itemCommentManager->deleteByPrimaryKey(Params::getParam('id'));
osc_add_flash_ok_message(_m('The comment has been deleted'), 'admin');
osc_run_hook('delete_comment', Params::getParam('id'));
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
default:
require_once osc_lib_path() . "osclass/classes/datatables/CommentsDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$commentsDataTable = new CommentsDataTable();
$commentsDataTable->table($params);
$aData = $commentsDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $commentsDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Delete'))), 'label' => __('Delete')), array('value' => 'activate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'disable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'enable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Unblock'))), 'label' => __('Unblock')));
$bulk_options = osc_apply_filter("comment_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
$this->doView('comments/index.php');
break;
}
}
/**
* Delete an user given its id
*
* @access public
* @since unknown
* @param int $id
* @return bool
*/
public function deleteUser($id = null)
{
if ($id != null) {
osc_run_hook('delete_user', $id);
$this->dao->select('pk_i_id, fk_i_category_id');
$this->dao->from(DB_TABLE_PREFIX . "t_item");
$this->dao->where('fk_i_user_id', $id);
$result = $this->dao->get();
$items = $result->result();
$itemManager = Item::newInstance();
foreach ($items as $item) {
$itemManager->deleteByPrimaryKey($item['pk_i_id']);
}
ItemComment::newInstance()->delete(array('fk_i_user_id' => $id));
$this->dao->delete(DB_TABLE_PREFIX . 't_user_email_tmp', array('fk_i_user_id' => $id));
$this->dao->delete(DB_TABLE_PREFIX . 't_user_description', array('fk_i_user_id' => $id));
$this->dao->delete(DB_TABLE_PREFIX . 't_alerts', array('fk_i_user_id' => $id));
return $this->dao->delete($this->getTableName(), array('pk_i_id' => $id));
}
return false;
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (osc_reg_user_post() && $this->user == null) {
// CHANGEME: This text
osc_add_flash_error_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
if (Session::newInstance()->_getForm('countryId') != "") {
$countryId = Session::newInstance()->_getForm('countryId');
$regions = Region::newInstance()->getByCountry($countryId);
$this->_exportVariableToView('regions', $regions);
if (Session::newInstance()->_getForm('regionId') != "") {
$regionId = Session::newInstance()->_getForm('regionId');
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regionId);
$this->_exportVariableToView('cities', $cities);
}
}
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_error_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_base_url(true));
}
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(true);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
// POST ITEM ( ADD ITEM )
$success = $mItems->add();
if ($success != 1 && $success != 2) {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_post_url());
} else {
Session::newInstance()->_dropkeepForm('meta_' . $key);
if ($success == 1) {
osc_add_flash_ok_message(_m('Check your inbox to verify your email address'));
} else {
osc_add_flash_ok_message(_m('Your item has been published'));
}
$itemId = Params::getParam('itemId');
$item = $this->itemManager->findByPrimaryKey($itemId);
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
}
break;
case 'item_edit':
// edit item
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView('item', $item);
osc_run_hook("before_item_edit", $item);
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
osc_add_flash_error_message(_m('Sorry, we don\'t have any items with that ID'));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$success = $mItems->edit();
osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id));
if ($success == 1) {
osc_add_flash_ok_message(_m('Great! We\'ve just updated your item'));
$this->redirectTo(osc_base_url(true) . "?page=item&id={$id}");
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['b_active'] == 0) {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_ok_message(_m('The item has been validated'));
} else {
osc_add_flash_error_message(_m('The item can\'t be validated'));
}
} else {
osc_add_flash_error_message(_m('The item has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_ok_message(_m('Your item has been deleted'));
} else {
osc_add_flash_error_message(_m('The item you are trying to delete couldn\'t be deleted'));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m('The item you are trying to delete couldn\'t be deleted'));
$this->redirectTo(osc_base_url());
}
break;
case 'mark':
$mItem = new ItemActions(false);
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
$mItem->mark($id, $as);
osc_add_flash_ok_message(_m('Thanks! That\'s very helpful'));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_send_friend_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$mItem = new ItemActions(false);
$success = $mItem->send_friend();
if ($success) {
Session::newInstance()->_clearVariables();
$this->redirectTo(osc_item_url());
} else {
$this->redirectTo(osc_item_send_friend_url());
}
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
if (empty($item)) {
osc_add_flash_error_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
$this->_exportVariableToView('item', $item);
if (osc_item_is_expired()) {
osc_add_flash_error_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
$this->doView('item-contact.php');
} else {
osc_add_flash_error_message(_m('You can\'t contact the seller, only registered users can'));
$this->redirectTo(osc_item_url());
}
}
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date && $item['b_premium'] != 1) {
// The item is expired, we can not contact the seller
osc_add_flash_error_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
}
$mItem = new ItemActions(false);
$result = $mItem->contact();
if (is_string($result)) {
osc_add_flash_error_message($result);
} else {
osc_add_flash_ok_message(_m('We\'ve just sent an e-mail to the seller'));
}
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
osc_add_flash_error_message($msg);
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
osc_add_flash_error_message($msg);
break;
case 2:
$msg = _m('Your comment has been approved');
osc_add_flash_ok_message($msg);
break;
case 3:
$msg = _m('Please fill the required fields (name, email)');
osc_add_flash_error_message($msg);
break;
case 4:
$msg = _m('Please type a comment');
osc_add_flash_error_message($msg);
break;
case 5:
$msg = _m('Your comment has been marked as spam');
osc_add_flash_error_message($msg);
break;
}
$this->redirectTo(osc_item_url());
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_error_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_error_message(_m('The comment doesn\'t exist'));
$this->redirectTo(osc_item_url());
}
if ($aComment['b_active'] != 1) {
osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_ok_message(_m('The comment has been deleted'));
$this->redirectTo(osc_item_url());
break;
default:
if (Params::getParam('id') == '') {
$this->redirectTo(osc_base_url());
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist redirect to base url
if (count($item) == 0) {
osc_add_flash_error_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
if ($item['b_active'] != 1) {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_error_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users'));
} else {
osc_add_flash_error_message(_m('This item hasn\'t been validated'));
$this->redirectTo(osc_base_url(true));
}
} else {
if ($item['b_enabled'] == 0) {
osc_add_flash_error_message(_m('The item has been suspended'));
$this->redirectTo(osc_base_url(true));
}
}
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
$this->_exportVariableToView('items', array($item));
osc_run_hook('show_item', $item);
$this->doView('item.php');
}
break;
case 'dashboard':
//dashboard...
break;
}
}
function osc_admin_toolbar_comments()
{
$total = ItemComment::newInstance()->countAll('( c.b_active = 0 OR c.b_enabled = 0 OR c.b_spam = 1 )');
if ($total > 0) {
$title = '<i class="circle circle-green">' . $total . '</i>' . __('New comments');
AdminToolbar::newInstance()->add_menu(array('id' => 'comments', 'title' => $title, 'href' => osc_admin_base_url(true) . "?page=comments", 'meta' => array('class' => 'action-btn action-btn-black')));
}
}
/**
* new Design - return array
* @return type
*/
private function toArrayFormat()
{
$this->result['iTotalRecords'] = $this->total_filtered;
$this->result['iTotalDisplayRecords'] = $this->total;
$this->result['sColumns'] = $this->sColumns;
$this->result['iDisplayLength'] = $this->_get['iDisplayLength'];
$this->result['aaData'] = array();
$this->result['aaObject'] = array();
if (count($this->items) == 0) {
return;
}
$this->result['aaObject'] = $this->items;
$count = 0;
foreach ($this->items as $aRow) {
View::newInstance()->_exportVariableToView('item', $aRow);
$row = array();
$options = array();
// -- prepare data --
// prepare item title
$title = mb_substr($aRow['s_title'], 0, 30, 'utf-8');
if ($title != $aRow['s_title']) {
$title .= '...';
}
// show more options
$options_more = array();
if ($aRow['b_active']) {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&value=INACTIVE">' . __('Deactivate') . '</a>';
} else {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&value=ACTIVE">' . __('Activate') . '</a>';
}
if ($aRow['b_enabled']) {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&value=DISABLE">' . __('Block') . '</a>';
} else {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&value=ENABLE">' . __('Unblock') . '</a>';
}
if ($aRow['b_premium']) {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $aRow['pk_i_id'] . '&value=0">' . __('Unmark as premium') . '</a>';
} else {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $aRow['pk_i_id'] . '&value=1">' . __('Mark as premium') . '</a>';
}
if ($aRow['b_spam']) {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $aRow['pk_i_id'] . '&value=0">' . __('Unmark as spam') . '</a>';
} else {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $aRow['pk_i_id'] . '&value=1">' . __('Mark as spam') . '</a>';
}
// general options
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=item_edit&id=' . $aRow['pk_i_id'] . '">' . __('Edit') . '</a>';
$options[] = '<a onclick="return delete_dialog(\'' . $aRow['pk_i_id'] . '\');" href="' . osc_admin_base_url(true) . '?page=items&action=delete&id[]=' . $aRow['pk_i_id'] . '">' . __('Delete') . '</a>';
// only show if there are data
if (ItemComment::newInstance()->totalComments($aRow['pk_i_id']) > 0) {
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=comments&action=list&id=' . $aRow['pk_i_id'] . '">' . __('View comments') . '</a>';
}
if (ItemResource::newInstance()->countResources($aRow['pk_i_id']) > 0) {
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=media&action=list&resourceId=' . $aRow['pk_i_id'] . '">' . __('View media') . '</a>';
}
$options_more = osc_apply_filter('more_actions_manage_items', $options_more, $aRow);
// more actions
$moreOptions = '<li class="show-more">' . PHP_EOL . '<a href="#" class="show-more-trigger">' . __('Show more') . '...</a>' . PHP_EOL . '<ul>' . PHP_EOL;
foreach ($options_more as $actual) {
$moreOptions .= '<li>' . $actual . "</li>" . PHP_EOL;
}
$moreOptions .= '</ul>' . PHP_EOL . '</li>' . PHP_EOL;
$options = osc_apply_filter('actions_manage_items', $options, $aRow);
// create list of actions
$auxOptions = '<ul>' . PHP_EOL;
foreach ($options as $actual) {
$auxOptions .= '<li>' . $actual . '</li>' . PHP_EOL;
}
$auxOptions .= $moreOptions;
$auxOptions .= '</ul>' . PHP_EOL;
$actions = '<div class="actions">' . $auxOptions . '</div>' . PHP_EOL;
// fill a row
$row[] = '<input type="checkbox" name="id[]" value="' . $aRow['pk_i_id'] . '" active="' . $aRow['b_active'] . '" blocked="' . $aRow['b_enabled'] . '"/>';
$row[] = '<a href="' . osc_item_url() . '" target="_blank">' . $title . '</a>' . $actions;
$row[] = $aRow['s_user_name'];
$row[] = $aRow['s_category_name'];
$row[] = $aRow['s_country'];
$row[] = $aRow['s_region'];
$row[] = $aRow['s_city'];
$row[] = $aRow['dt_pub_date'];
$count++;
$this->result['aaData'][] = $row;
}
return;
}
$comments = $result->result();
foreach ($comments as $comment) {
ItemComment::newInstance()->update(array("b_active" => $comment['e_status'] == 'ACTIVE' ? 1 : 0, 'b_enabled' => 1), array('pk_i_id' => $comment['pk_i_id']));
}
unset($comments);
// populate b_active/b_enabled (t_item)
$result = $comm->query(sprintf("SELECT * FROM %st_item", DB_TABLE_PREFIX));
$items = $result->result();
foreach ($items as $item) {
Item::newInstance()->update(array("b_active" => $item['e_status'] == 'ACTIVE' ? 1 : 0, 'b_enabled' => 1), array('pk_i_id' => $item['pk_i_id']));
}
unset($items);
// populate i_items/i_comments/b_active/b_enabled (t_user)
$users = User::newInstance()->listAll();
foreach ($users as $user) {
$comments = count(ItemComment::newInstance()->findByAuthorID($user['pk_i_id']));
$items = count(Item::newInstance()->findByUserIDEnabled($user['pk_i_id']));
User::newInstance()->update(array('i_items' => $items, 'i_comments' => $comments), array('pk_i_id' => $user['pk_i_id']));
// CHANGE FROM b_enabled to b_active
User::newInstance()->update(array('b_active' => $user['b_enabled'], 'b_enabled' => 1), array('pk_i_id' => $user['pk_i_id']));
}
unset($users);
// Drop e_status column in t_item and t_item_comment
$comm->query(sprintf("ALTER TABLE %st_item DROP e_status", DB_TABLE_PREFIX));
$comm->query(sprintf("ALTER TABLE %st_item_comment DROP e_status", DB_TABLE_PREFIX));
// Delete enabled_item_validation in t_preference
$comm->query(sprintf("DELETE FROM %st_preference WHERE s_name = 'enabled_item_validation'", DB_TABLE_PREFIX));
// insert two new e-mail notifications
$comm->query(sprintf("INSERT INTO %st_pages (s_internal_name, b_indelible, dt_pub_date) VALUES ('email_alert_validation', 1, '%s' )", DB_TABLE_PREFIX, date('Y-m-d H:i:s')));
$comm->query(sprintf("INSERT INTO %st_pages_description (fk_i_pages_id, fk_c_locale_code, s_title, s_text) VALUES (%d, 'en_US', 'Please validate your alert', '<p>Hi {USER_NAME},</p>\n<p>Please validate your alert registration by clicking on the following link: {VALIDATION_LINK}</p>\n<p>Thank you!</p>\n<p>Regards,</p>\n<p>{WEB_TITLE}</p>')", DB_TABLE_PREFIX, $comm->insertedId()));
$comm->query(sprintf("INSERT INTO %st_pages (s_internal_name, b_indelible, dt_pub_date) VALUES ('email_comment_validated', 1, '%s' )", DB_TABLE_PREFIX, date('Y-m-d H:i:s')));
public function add_comment()
{
if(!osc_comments_enabled()) {
return 7;
}
$aItem = $this->prepareDataForFunction('add_comment');
$authorName = trim(strip_tags($aItem['authorName']));
$authorEmail = trim(strip_tags($aItem['authorEmail']));
$body = trim(strip_tags($aItem['body']));
$title = trim(strip_tags($aItem['title']));
$itemId = $aItem['id'];
$userId = $aItem['userId'];
$status_num = -1;
$banned = osc_is_banned(trim(strip_tags($aItem['authorEmail'])));
if($banned==1 || $banned==2) {
Session::newInstance()->_setForm('commentAuthorName', $authorName);
Session::newInstance()->_setForm('commentTitle', $title);
Session::newInstance()->_setForm('commentBody', $body);
Session::newInstance()->_setForm('commentAuthorEmail', $authorEmail);
return 5;
}
$item = $this->manager->findByPrimaryKey($itemId);
View::newInstance()->_exportVariableToView('item', $item);
$itemURL = osc_item_url();
$itemURL = '<a href="'.$itemURL.'" >'.$itemURL.'</a>';
Params::setParam('itemURL', $itemURL);
if(osc_reg_user_post_comments() && !osc_is_web_user_logged_in()) {
Session::newInstance()->_setForm('commentAuthorName', $authorName);
Session::newInstance()->_setForm('commentTitle', $title);
Session::newInstance()->_setForm('commentBody', $body);
return 6;
}
if( !preg_match('|^.*?@.{2,}\..{2,3}$|', $authorEmail)) {
Session::newInstance()->_setForm('commentAuthorName', $authorName);
Session::newInstance()->_setForm('commentTitle', $title);
Session::newInstance()->_setForm('commentBody', $body);
return 3;
}
if( ($body == '') ) {
Session::newInstance()->_setForm('commentAuthorName', $authorName);
Session::newInstance()->_setForm('commentAuthorEmail', $authorEmail);
Session::newInstance()->_setForm('commentTitle', $title);
return 4;
}
$num_moderate_comments = osc_moderate_comments();
if($userId==null) {
$num_comments = 0;
} else {
$user = User::newInstance()->findByPrimaryKey($userId);
$num_comments = $user['i_comments'];
}
if ($num_moderate_comments == -1 || ($num_moderate_comments != 0 && $num_comments >= $num_moderate_comments)) {
$status = 'ACTIVE';
$status_num = 2;
} else {
$status = 'INACTIVE';
$status_num = 1;
}
if (osc_akismet_key()) {
require_once LIB_PATH . 'Akismet.class.php';
$akismet = new Akismet(osc_base_url(), osc_akismet_key());
$akismet->setCommentAuthor($authorName);
$akismet->setCommentAuthorEmail($authorEmail);
$akismet->setCommentContent($body);
$akismet->setPermalink($itemURL);
$status = $akismet->isCommentSpam() ? 'SPAM' : $status;
if($status == 'SPAM') {
$status_num = 5;
}
}
$mComments = ItemComment::newInstance();
$aComment = array('dt_pub_date' => date('Y-m-d H:i:s')
,'fk_i_item_id' => $itemId
,'s_author_name' => $authorName
,'s_author_email' => $authorEmail
,'s_title' => $title
,'s_body' => $body
,'b_active' => ($status=='ACTIVE' ? 1 : 0)
,'b_enabled' => 1
,'fk_i_user_id' => $userId);
osc_run_hook('before_add_comment', $aComment);
if( $mComments->insert($aComment) ) {
$commentID = $mComments->dao->insertedId();
if($status_num == 2 && $userId != null) { // COMMENT IS ACTIVE
$user = User::newInstance()->findByPrimaryKey($userId);
if( $user ) {
User::newInstance()->update( array( 'i_comments' => $user['i_comments'] + 1)
,array( 'pk_i_id' => $user['pk_i_id'] ) );
}
}
//Notify admin
if ( osc_notify_new_comment() ) {
osc_run_hook('hook_email_new_comment_admin', $aItem);
}
//Notify user
if ( osc_notify_new_comment_user() ) {
osc_run_hook('hook_email_new_comment_user', $aItem);
}
osc_run_hook( 'add_comment', $commentID );
return $status_num;
}
return -1;
}
function osc_count_item_comments()
{
if (!View::newInstance()->_exists('comments')) {
View::newInstance()->_exportVariableToView('comments', ItemComment::newInstance()->findByItemID(osc_item_id()));
}
return View::newInstance()->_count('comments');
}
function doModel()
{
switch ($this->action) {
case 'change_email_confirm':
//change email confirm
if (Params::getParam('userId') && Params::getParam('code')) {
$userManager = new User();
$user = $userManager->findByPrimaryKey(Params::getParam('userId'));
if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) {
$userEmailTmp = UserEmailTmp::newInstance()->findByPrimaryKey(Params::getParam('userId'));
$code = osc_genRandomPassword(50);
$userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id']));
Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']);
UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email']));
osc_add_flash_ok_message(_m('Your email has been changed successfully'));
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$alert = Alerts::newInstance()->findByPrimaryKey($id);
$result = 0;
if (!empty($alert)) {
if ($email == $alert['s_email'] && $secret == $alert['s_secret']) {
$user = User::newInstance()->findByEmail($alert['s_email']);
if (isset($user['pk_i_id'])) {
Alerts::newInstance()->update(array('fk_i_user_id' => $user['pk_i_id']), array('pk_i_id' => $id));
}
$result = Alerts::newInstance()->activate($id);
}
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator'));
}
$this->redirectTo(osc_base_url());
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$alert = Alerts::newInstance()->findByPrimaryKey($id);
$result = 0;
if (!empty($alert)) {
if ($email == $alert['s_email'] && $secret == $alert['s_secret']) {
$result = Alerts::newInstance()->unsub($id);
}
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator'));
}
$this->redirectTo(osc_base_url());
break;
case 'pub_profile':
if (Params::getParam('username') != '') {
$user = User::newInstance()->findByUsername(Params::getParam('username'));
} else {
$user = User::newInstance()->findByPrimaryKey(Params::getParam('id'));
}
// user doesn't exist, show 404 error
if (!$user) {
$this->do404();
return;
}
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10;
$page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0;
$total_items = Item::newInstance()->countItemTypesByUserID($user['pk_i_id'], 'active');
if ($itemsPerPage == 'all') {
$total_pages = 1;
$items = Item::newInstance()->findItemTypesByUserID($user['pk_i_id'], 0, null, 'active');
} else {
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findItemTypesByUserID($user['pk_i_id'], $page * $itemsPerPage, $itemsPerPage, 'active');
}
View::newInstance()->_exportVariableToView('user', $user);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('search_total_pages', $total_pages);
$this->_exportVariableToView('search_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('search_page', $page);
$this->_exportVariableToView('canonical', osc_user_public_profile_url());
$this->doView('user-public-profile.php');
break;
case 'contact_post':
$user = User::newInstance()->findByPrimaryKey(Params::getParam('id'));
View::newInstance()->_exportVariableToView('user', $user);
if (osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_user_public_profile_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$banned = osc_is_banned(Params::getParam('yourEmail'));
if ($banned == 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
$this->redirectTo(osc_user_public_profile_url());
} else {
if ($banned == 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
$this->redirectTo(osc_user_public_profile_url());
}
}
osc_run_hook('hook_email_contact_user', Params::getParam('id'), Params::getParam('yourEmail'), Params::getParam('yourName'), Params::getParam('phoneNumber'), Params::getParam('message'));
osc_add_flash_ok_message(_m('Your email has been sent properly.'));
$this->redirectTo(osc_user_public_profile_url());
break;
default:
$this->redirectTo(osc_user_login_url());
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
$id = Params::getParam('id');
if ($id) {
switch (Params::getParam('bulk_actions')) {
case 'delete_all':
$this->itemCommentManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $id) . ')'));
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->delete(array('pk_i_id' => $_id));
osc_add_hook("delete_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been deleted'), 'admin');
break;
case 'activate_all':
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $_id));
if ($iUpdated) {
$this->sendCommentActivated($_id);
}
osc_add_hook("activate_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been approved'), 'admin');
break;
case 'deactivate_all':
foreach ($id as $_id) {
$this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $_id));
osc_add_hook("deactivate_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been disapproved'), 'admin');
break;
case 'enable_all':
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $_id));
if ($iUpdated) {
$this->sendCommentActivated($_id);
}
osc_add_hook("enable_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been approved'), 'admin');
break;
case 'disable_all':
foreach ($id as $_id) {
$this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $_id));
osc_add_hook("disable_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been disapproved'), 'admin');
break;
}
}
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'status':
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) {
return false;
}
if ($value == 'ACTIVE') {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $id));
if ($iUpdated) {
$this->sendCommentActivated($id);
}
osc_add_hook("activate_comment", $id);
osc_add_flash_ok_message(_m('The comment has been approved'), 'admin');
} else {
if ($value == 'INACTIVE') {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $id));
osc_add_hook("deactivate_comment", $id);
osc_add_flash_ok_message(_m('The comment has been disapproved'), 'admin');
} else {
if ($value == 'ENABLE') {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $id));
osc_add_hook("enable_comment", $id);
osc_add_flash_ok_message(_m('The comment has been enabled'), 'admin');
} else {
if ($value == 'DISABLE') {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $id));
osc_add_hook("disable_comment", $id);
osc_add_flash_ok_message(_m('The comment has been disabled'), 'admin');
}
}
}
}
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'comment_edit':
$id = Params::getParam('id');
$comment = ItemComment::newInstance()->findByPrimaryKey($id);
$this->_exportVariableToView('comment', $comment);
$this->doView('comments/frm.php');
break;
case 'comment_edit_post':
$this->itemCommentManager->update(array('s_title' => Params::getParam('title'), 's_body' => Params::getParam('body'), 's_author_name' => Params::getParam('authorName'), 's_author_email' => Params::getParam('authorEmail')), array('pk_i_id' => Params::getParam('id')));
osc_run_hook('edit_comment', Params::getParam('id'));
osc_add_flash_ok_message(_m('Great! We just updated your comment'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'delete':
$this->itemCommentManager->deleteByPrimaryKey(Params::getParam('id'));
osc_add_flash_ok_message(_m('The comment have been deleted'), 'admin');
osc_run_hook('delete_comment', Params::getParam('id'));
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
default:
if (Params::getParam('id') != '') {
$comments = $this->itemCommentManager->getAllComments(Params::getParam('id'));
} else {
$comments = $this->itemCommentManager->getAllComments();
}
$this->_exportVariableToView('comments', $comments);
//calling the view...
$this->doView('comments/index.php');
}
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (!osc_users_enabled()) {
osc_add_flash_message(_m('Users not enabled'));
$this->redirectTo(osc_base_url(true));
}
if (osc_reg_user_post() && $this->user == null) {
// CHANGEME: This text
osc_add_flash_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (!osc_users_enabled()) {
osc_add_flash_message(_m('Users not allowed'));
$this->redirectTo(osc_base_url(true));
}
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_base_url(true));
}
// POST ITEM ( ADD ITEM )
$mItems = new ItemActions(false);
$success = $mItems->add();
if ($success) {
$PcontactName = Params::getParam('contactName');
$PcontactEmail = Params::getParam('contactEmail');
$itemId = Params::getParam('itemId');
$item = array();
if (Session::newInstance()->_get('userId') == '') {
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_new_item_non_register_user');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item = $this->itemManager->findByPrimaryKey($itemId);
$item_url = osc_item_url();
// before page = user , action = item_edit
$edit_url = osc_item_edit_url($item['s_secret'], $itemId);
// before page = user , action = item_delete
$delete_url = osc_item_delete_url($item['s_secret'], $itemId);
$words = array();
$words[] = array('{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{EDIT_LINK}', '{EDIT_URL}', '{DELETE_LINK}', '{DELETE_URL}');
$words[] = array($itemId, $PcontactName, $PcontactEmail, osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $edit_url . '">' . $edit_url . '</a>', $edit_url, '<a href="' . $delete_url . '">' . $delete_url . '</a>', $delete_url);
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $PcontactEmail, 'to_name' => $PcontactName, 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
} else {
$this->redirectTo(osc_item_post_url());
}
break;
case 'item_edit':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$categories = Category::newInstance()->toTree();
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$currencies = Currency::newInstance()->listAll();
$this->_exportVariableToView('item', $item);
//$this->_exportVariableToView('user', $this->user) ;
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
//$this->redirectTo(osc_base_url(true));
osc_add_flash_message(_m('Sorry, we don\'t have any items with that ID'));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
$success = $mItems->edit();
if ($success) {
osc_add_flash_message(_m('Great! We\'ve just updated your item'));
$this->redirectTo(osc_base_url(true) . "?page=item&id={$id}");
} else {
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['e_status'] == 'INACTIVE') {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_message(_m('The item has been validated'));
} else {
osc_add_flash_message(_m('The item can\'t be validated'));
}
} else {
osc_add_flash_message(_m('The item has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_message(_m('Your item has been deleted'));
} else {
osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
$this->redirectTo(osc_base_url());
}
break;
case 'deleteResource':
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
osc_add_flash_message(_m("The selected photo couldn't be deleted, the url doesn't exist"));
if ($this->userId == null) {
$this->redirectTo(osc_base_url());
} else {
$this->redirectTo(osc_user_dashboard_url());
}
}
$aItem = $this->itemManager->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
osc_add_flash_message(_m('The item doesn\'t exist'));
$this->redirectTo(osc_base_url());
}
// Check if the item belong to the user
if ($this->userId != null && $this->userId != $aItem['fk_i_user_id']) {
osc_add_flash_message(_m('The item doesn\'t belong to you'));
$this->redirectTo(osc_item_url_ns($item));
}
// Check if the secret passphrase match with the item
if ($this->userId == null && $secret != $aItem['s_secret']) {
osc_add_flash_message(_m('The item doesn\'t belong to you'));
$this->redirectTo(osc_item_url_ns($item));
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->getResourceSecure($id, $code);
if ($result > 0) {
// Delete: file, db table entry
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
osc_add_flash_message(_m('The selected photo has been successfully deleted'));
} else {
osc_add_flash_message(_m("The selected photo couldn't be deleted"));
}
// Redirect to item_edit. If unregistered user, include $secret.
$this->redirectTo(osc_item_edit_url($secret, $item));
break;
case 'mark':
$mItem = new ItemActions(false);
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
$mItem->mark($id, $as);
osc_add_flash_message(_m('Thanks! That\'s very helpful'));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$mItem = new ItemActions(false);
$mItem->send_friend();
$item_url = Params::getParam('item_url');
$this->redirectTo($item_url);
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date) {
// The item is expired, we can not contact the seller
osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_create_item_url($item));
}
}
$this->_exportVariableToView('item', $item);
$this->doView('item-contact.php');
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date) {
// The item is expired, we can not contact the seller
osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
}
$mItem = new ItemActions(false);
$mItem->contact();
osc_add_flash_message(_m('We\'ve just sent an e-mail to the seller'));
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
break;
case 2:
$msg = _m('Your comment has been approved');
break;
case 3:
$msg = _m('Please fill the required fields (name, email)');
break;
case 4:
$msg = _m('Please type a comment');
break;
case 5:
$msg = _m('Your comment has been marked as spam');
break;
}
osc_add_flash_message($msg);
$this->redirectTo(Params::getParam('itemURL'));
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_message(_m('You have to be logged to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_message(_m('The comment doesn\'t exist'));
$this->redirectTo(osc_item_url());
}
if ($aComment['e_status'] != 'ACTIVE') {
osc_add_flash_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_message(_m('You cannot delete the comment'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_message(_m('The comment has been deleted correctly'));
$this->redirectTo(osc_item_url());
break;
default:
if (Params::getParam('id') == '') {
$this->redirectTo(osc_base_url());
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist redirect to base url
if (count($item) == 0) {
osc_add_flash_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
if ($item['e_status'] != 'ACTIVE') {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users'));
} else {
osc_add_flash_message(_m('This item hasn\'t been validated'));
$this->redirectTo(osc_base_url(true));
}
}
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
$this->_exportVariableToView('items', array($item));
osc_run_hook('show_item', $item);
$this->doView('item.php');
}
break;
case 'dashboard':
//dashboard...
break;
}
}
private function processData($items)
{
if(!empty($items)) {
$csrf_token_url = osc_csrf_token_url();
foreach($items as $aRow) {
View::newInstance()->_exportVariableToView('item', $aRow);
$row = array();
$options = array();
// -- prepare data --
// prepare item title
$title = mb_substr($aRow['s_title'], 0, 30, 'UTF-8');
if($title != $aRow['s_title']) {
$title .= '...';
}
//icon open add new window
$title .= '<span class="icon-new-window"></span>';
// Options of each row
$options_more = array();
if($aRow['b_active']) {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=INACTIVE">' . __('Deactivate') .'</a>';
} else {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=ACTIVE">' . __('Activate') .'</a>';
}
if($aRow['b_enabled']) {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=DISABLE">' . __('Block') .'</a>';
} else {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=ENABLE">' . __('Unblock') .'</a>';
}
if($aRow['b_premium']) {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=0">' . __('Unmark as premium') .'</a>';
} else {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=1">' . __('Mark as premium') .'</a>';
}
if($aRow['b_spam']) {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=0">' . __('Unmark as spam') .'</a>';
} else {
$options_more[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $aRow['pk_i_id'] . '&' . $csrf_token_url . '&value=1">' . __('Mark as spam') .'</a>';
}
// general options
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=items&action=item_edit&id=' . $aRow['pk_i_id'] . '">' . __('Edit') . '</a>';
$options[] = '<a onclick="return delete_dialog(\'' . $aRow['pk_i_id'] . '\');" href="' . osc_admin_base_url(true) . '?page=items&action=delete&id[]=' . $aRow['pk_i_id'] . '">' . __('Delete') . '</a>';
// only show if there are data
if(ItemComment::newInstance()->totalComments( $aRow['pk_i_id'] ) > 0) {
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=comments&action=list&id=' . $aRow['pk_i_id'] . '">' . __('View comments') . '</a>';
}
if(ItemResource::newInstance()->countResources( $aRow['pk_i_id'] ) > 0) {
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=media&action=list&resourceId=' . $aRow['pk_i_id'] . '">' . __('View media') . '</a>';
}
$options_more = osc_apply_filter('more_actions_manage_items', $options_more, $aRow);
// more actions
$moreOptions = '<li class="show-more">'.PHP_EOL.'<a href="#" class="show-more-trigger">'. __('Show more') .'...</a>'. PHP_EOL .'<ul>'. PHP_EOL;
foreach( $options_more as $actual) {
$moreOptions .= '<li>'.$actual."</li>".PHP_EOL;
}
$moreOptions .= '</ul>'. PHP_EOL .'</li>'.PHP_EOL;
$options = osc_apply_filter('actions_manage_items', $options, $aRow);
// create list of actions
$auxOptions = '<ul>'.PHP_EOL;
foreach( $options as $actual) {
$auxOptions .= '<li>'.$actual.'</li>'.PHP_EOL;
}
if(!empty($options_more)) {
$auxOptions .= $moreOptions;
}
$auxOptions .= '</ul>'.PHP_EOL;
$actions = '<div class="actions">'.$auxOptions.'</div>'.PHP_EOL;
// fill a row
$row['bulkactions'] = '<input type="checkbox" name="id[]" value="' . $aRow['pk_i_id'] . '" active="' . $aRow['b_active'] . '" blocked="' . $aRow['b_enabled'] . '"/>';
$status = $this->get_row_status();
$row['status-border'] = '';
$row['status'] = $status['text'];
$row['title'] = '<a href="' . osc_item_url() . '" target="_blank">' . $title. '</a>'. $actions;
if($aRow['fk_i_user_id']!=null) {
$row['user'] = '******' . osc_admin_base_url(true) . '?page=users&action=edit&id=' . $aRow['fk_i_user_id'] . '" target="_blank">' . $aRow['s_user_name'] . '</a>';
} else {
$row['user'] = $aRow['s_user_name'];
}
$row['category'] = $aRow['s_category_name'];
$row['location'] = $this->get_row_location();
$row['date'] = osc_format_date($aRow['dt_pub_date']);
$row['expiration'] = osc_format_date($aRow['dt_expiration']);
$row = osc_apply_filter('items_processing_row', $row, $aRow);
$this->addRow($row);
$this->rawRows[] = $aRow;
}
}
}
foreach ($users as $user) {
$comments = count(ItemComment::newInstance()->findByAuthorID($user['pk_i_id']));
$items = count(Item::newInstance()->findByUserIDEnabled($user['pk_i_id']));
User::newInstance()->update(array('i_items' => $items, 'i_comments' => $comments), array('pk_i_id' => $user['pk_i_id']));
// CHANGE FROM b_enabled to b_active
User::newInstance()->update(array('b_active' => $user['b_enabled'], 'b_enabled' => 1), array('pk_i_id' => $user['pk_i_id']));
}
unset($users);
$items = $conn->osc_dbFetchResults(sprintf("SELECT * FROM %st_item", DB_TABLE_PREFIX));
foreach ($items as $item) {
Item::newInstance()->update(array("b_active" => $item['e_status'] == 'ACTIVE' ? 1 : 0, 'b_enabled' => 1), array('pk_i_id' => $item['pk_i_id']));
}
unset($items);
$comments = $conn->osc_dbFetchResults(sprintf("SELECT * FROM %st_item_comment", DB_TABLE_PREFIX));
foreach ($comments as $comment) {
ItemComment::newInstance()->update(array("b_active" => $comment['e_status'] == 'ACTIVE' ? 1 : 0, 'b_enabled' => 1), array('pk_i_id' => $comment['pk_i_id']));
}
unset($comments);
// Drop e_status column in t_item and t_item_comment
$conn->osc_dbExec(sprintf("ALTER TABLE %st_item DROP e_status", DB_TABLE_PREFIX));
$conn->osc_dbExec(sprintf("ALTER TABLE %st_item_comment DROP e_status", DB_TABLE_PREFIX));
// Delete enabled_item_validation in t_preference
$conn->osc_dbExec(sprintf("DELETE FROM %st_preference WHERE s_name = 'enabled_item_validation'", DB_TABLE_PREFIX));
// insert two new e-mail notifications
$conn->osc_dbExec(sprintf("INSERT INTO %st_pages (s_internal_name, b_indelible, dt_pub_date) VALUES ('email_alert_validation', 1, '%s' )", DB_TABLE_PREFIX, date('Y-m-d H:i:s')));
$conn->osc_dbExec(sprintf("INSERT INTO %st_pages_description (fk_i_pages_id, fk_c_locale_code, s_title, s_text) VALUES (%d, 'en_US', 'Please validate your alert', '<p>Hi {USER_NAME},</p>\n<p>Please validate your alert registration by clicking on the following link: {VALIDATION_LINK}</p>\n<p>Thank you!</p>\n<p>Regards,</p>\n<p>{WEB_TITLE}</p>')", DB_TABLE_PREFIX, $conn->get_last_id()));
$conn->osc_dbExec(sprintf("INSERT INTO %st_pages (s_internal_name, b_indelible, dt_pub_date) VALUES ('email_comment_validated', 1, '%s' )", DB_TABLE_PREFIX, date('Y-m-d H:i:s')));
$conn->osc_dbExec(sprintf("INSERT INTO %st_pages_description (fk_i_pages_id, fk_c_locale_code, s_title, s_text) VALUES (%d, 'en_US', '{WEB_TITLE} - Your comment has been approved', '<p>Hi {COMMENT_AUTHOR},</p>\n<p>Your comment has been approved on the following item: {ITEM_URL}</p>\n<p>Regards,</p>\n<p>{WEB_TITLE}</p>')", DB_TABLE_PREFIX, $conn->get_last_id()));
osc_changeVersionTo(210);
}
if (osc_version() < 220) {
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
if (Session::newInstance()->_getForm('countryId') != "") {
$countryId = Session::newInstance()->_getForm('countryId');
$regions = Region::newInstance()->findByCountry($countryId);
$this->_exportVariableToView('regions', $regions);
if (Session::newInstance()->_getForm('regionId') != "") {
$regionId = Session::newInstance()->_getForm('regionId');
$cities = City::newInstance()->findByRegion($regionId);
$this->_exportVariableToView('cities', $cities);
}
}
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
$this->redirectTo(osc_base_url(true));
}
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(true);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (!osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByEmail($mItems->data['contactEmail']);
// The user exists but it's not logged
if (isset($user['pk_i_id'])) {
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_keepForm($key);
}
osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in'));
$this->redirectTo(osc_user_login_url());
}
}
// POST ITEM ( ADD ITEM )
$success = $mItems->add();
if ($success != 1 && $success != 2) {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_post_url());
} else {
Session::newInstance()->_dropkeepForm('meta_' . $key);
if ($success == 1) {
osc_add_flash_ok_message(_m('Check your inbox to validate your listing'));
} else {
osc_add_flash_ok_message(_m('Your listing has been published'));
}
$itemId = Params::getParam('itemId');
$item = $this->itemManager->findByPrimaryKey($itemId);
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
}
break;
case 'item_edit':
// edit item
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView('item', $item);
osc_run_hook("before_item_edit", $item);
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID"));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_edit_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$success = $mItems->edit();
osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id));
if ($success == 1) {
osc_add_flash_ok_message(_m("Great! We've just updated your listing"));
View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id));
$this->redirectTo(osc_item_url());
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
// item doesn't exist
if (count($item) == 0) {
$this->do404();
return;
}
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['b_active'] == 0) {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_ok_message(_m('The listing has been validated'));
} else {
osc_add_flash_error_message(_m("The listing can't be validated"));
}
} else {
osc_add_flash_warning_message(_m('The listing has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_ok_message(_m('Your listing has been deleted'));
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
$this->redirectTo(osc_base_url());
}
break;
case 'mark':
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) {
// mark item if it's not a bot
$mItem = new ItemActions(false);
$mItem->mark($id, $as);
break;
}
}
osc_add_flash_ok_message(_m("Thanks! That's very helpful"));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_send_friend_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$mItem = new ItemActions(false);
$success = $mItem->send_friend();
if ($success) {
Session::newInstance()->_clearVariables();
$this->redirectTo(osc_item_url());
} else {
$this->redirectTo(osc_item_send_friend_url());
}
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
if (empty($item)) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
} else {
$this->_exportVariableToView('item', $item);
if (osc_item_is_expired()) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
$this->doView('item-contact.php');
} else {
osc_add_flash_error_message(_m("You can't contact the seller, only registered users can"));
$this->redirectTo(osc_item_url());
}
}
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (osc_isExpired($item['dt_expiration'])) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
$mItem = new ItemActions(false);
$result = $mItem->contact();
if (is_string($result)) {
osc_add_flash_error_message($result);
} else {
osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller"));
}
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
osc_add_flash_error_message($msg);
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
osc_add_flash_info_message($msg);
break;
case 2:
$msg = _m('Your comment has been approved');
osc_add_flash_ok_message($msg);
break;
case 3:
$msg = _m('Please fill the required field (email)');
osc_add_flash_warning_message($msg);
break;
case 4:
$msg = _m('Please type a comment');
osc_add_flash_warning_message($msg);
break;
case 5:
$msg = _m('Your comment has been marked as spam');
osc_add_flash_error_message($msg);
break;
}
$this->redirectTo(osc_item_url());
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_error_message(_m("The comment doesn't exist"));
$this->redirectTo(osc_item_url());
}
if ($aComment['b_active'] != 1) {
osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_ok_message(_m('The comment has been deleted'));
$this->redirectTo(osc_item_url());
break;
default:
// if there isn't ID, show an error 404
if (Params::getParam('id') == '') {
$this->do404();
return;
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist show an error 404
if (count($item) == 0) {
$this->do404();
return;
}
if ($item['b_active'] != 1) {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public"));
} else {
osc_add_flash_warning_message(_m("This listing hasn't been validated"));
$this->redirectTo(osc_base_url(true));
}
} else {
if ($item['b_enabled'] == 0) {
osc_add_flash_warning_message(_m('The listing has been suspended'));
$this->redirectTo(osc_base_url(true));
}
}
if (!osc_is_admin_user_logged_in()) {
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) {
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
break;
}
}
}
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
if ($item['fk_i_user_id'] != '') {
$user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
$this->_exportVariableToView('user', $user);
}
$this->_exportVariableToView('item', $item);
osc_run_hook('show_item', $item);
// redirect to the correct url just in case it has changed
$itemURI = str_replace(osc_base_url(), '', osc_item_url());
$URI = preg_replace('|^' . REL_WEB_URL . '|', '', $_SERVER['REQUEST_URI']);
// do not clean QUERY_STRING if permalink is not enabled
if (osc_rewrite_enabled()) {
$URI = str_replace('?' . $_SERVER['QUERY_STRING'], '', $URI);
} else {
$params_keep = array('page', 'id');
$params = array();
foreach (Params::getParamsAsArray('get') as $k => $v) {
if (in_array($k, $params_keep)) {
$params[] = "{$k}={$v}";
}
}
$URI = 'index.php?' . implode('&', $params);
}
// redirect to the correct url
if ($itemURI != $URI) {
$this->redirectTo(osc_base_url() . $itemURI);
}
$this->doView('item.php');
break;
}
}
/**
* Returns the static model of the specified AR class.
* @param string $className active record class name.
* @return WItemComment the static model class
*/
public static function model($className = __CLASS__)
{
return parent::model($className);
}
function doModel()
{
switch ($this->action) {
case 'change_email_confirm':
//change email confirm
if (Params::getParam('userId') && Params::getParam('code')) {
$userManager = new User();
$user = $userManager->findByPrimaryKey(Params::getParam('userId'));
if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) {
$userEmailTmp = UserEmailTmp::newInstance()->findByPk(Params::getParam('userId'));
$code = osc_genRandomPassword(50);
$userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id']));
Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']);
UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email']));
osc_add_flash_ok_message(_m('Your email has been changed successfully'));
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator'));
}
$this->redirectTo(osc_base_url(true));
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
if ($email != '' && $secret != '') {
Alerts::newInstance()->delete(array('s_email' => $email, 'S_secret' => $secret));
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator'));
}
$this->redirectTo(osc_base_url());
break;
case 'pub_profile':
$userID = Params::getParam('id');
$user = User::newInstance()->findByPrimaryKey($userID);
// user doesn't exist
if (!$user) {
$this->redirectTo(osc_base_url());
}
View::newInstance()->_exportVariableToView('user', $user);
$items = Item::newInstance()->findByUserIDEnabled($user['pk_i_id'], 0, 3);
View::newInstance()->_exportVariableToView('items', $items);
$this->doView('user-public-profile.php');
break;
case 'contact_post':
$user = User::newInstance()->findByPrimaryKey(Params::getParam('id'));
View::newInstance()->_exportVariableToView('user', $user);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_user_public_profile_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
osc_run_hook('hook_email_contact_user', Params::getParam('id'), Params::getParam('yourEmail'), Params::getParam('yourName'), Params::getParam('phoneNumber'), Params::getParam('message'));
$this->redirectTo(osc_user_public_profile_url());
break;
default:
$this->redirectTo(osc_user_login_url());
break;
}
}
public function add_comment()
{
$aItem = $this->prepareDataForFunction('add_comment');
$authorName = trim($aItem['authorName']);
$authorName = strip_tags($authorName);
$authorEmail = trim($aItem['authorEmail']);
$authorEmail = strip_tags($authorEmail);
$body = trim($aItem['body']);
$body = strip_tags($body);
$title = $aItem['title'];
$itemId = $aItem['id'];
$userId = $aItem['userId'];
$status_num = -1;
$item = $this->manager->findByPrimaryKey($itemId);
$itemURL = osc_item_url();
Params::setParam('itemURL', $itemURL);
if ($authorName == '' || !preg_match('|^.*?@.{2,}\\..{2,3}$|', $authorEmail)) {
return 3;
}
if ($body == '') {
return 4;
}
$num_moderate_comments = osc_moderate_comments();
if ($userId == null) {
$num_comments = 0;
} else {
$num_comments = count(ItemComment::newInstance()->findByAuthorID($userId));
}
if ($num_moderate_comments == -1 || $num_moderate_comments != 0 && $num_comments >= $num_moderate_comments) {
$status = 'ACTIVE';
$status_num = 2;
} else {
$status = 'INACTIVE';
$status_num = 1;
}
if (osc_akismet_key()) {
require_once LIB_PATH . 'Akismet.class.php';
$akismet = new Akismet(osc_base_url(), osc_akismet_key());
$akismet->setCommentAuthor($authorName);
$akismet->setCommentAuthorEmail($authorEmail);
$akismet->setCommentContent($body);
$akismet->setPermalink($itemURL);
$status = $akismet->isCommentSpam() ? 'SPAM' : $status;
if ($status == 'SPAM') {
$status_num = 5;
}
}
$mComments = ItemComment::newInstance();
$aComment = array('dt_pub_date' => DB_FUNC_NOW, 'fk_i_item_id' => $itemId, 's_author_name' => $authorName, 's_author_email' => $authorEmail, 's_title' => $title, 's_body' => $body, 'e_status' => $status, 'fk_i_user_id' => $userId);
if ($mComments->insert($aComment)) {
$notify = osc_notify_new_comment();
$admin_email = osc_contact_email();
$prefLocale = osc_language();
//Notify admin
if ($notify) {
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_new_comment_admin');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$words = array();
$words[] = array('{COMMENT_AUTHOR}', '{COMMENT_EMAIL}', '{COMMENT_TITLE}', '{COMMENT_TEXT}', '{ITEM_TITLE}', '{ITEM_ID}', '{ITEM_URL}');
$words[] = array($authorName, $authorEmail, $title, $body, $item['s_title'], $itemId, $itemURL);
$title_email = osc_mailBeauty($content['s_title'], $words);
$body_email = osc_mailBeauty($content['s_text'], $words);
$from = osc_contact_email();
$from_name = osc_page_title();
if (osc_notify_contact_item()) {
$add_bbc = osc_contact_email();
}
$emailParams = array('from' => $admin_email, 'from_name' => __('Admin mail system'), 'subject' => $title_email, 'to' => $admin_email, 'to_name' => __('Admin mail system'), 'body' => $body_email, 'alt_body' => $body_email);
osc_sendMail($emailParams);
}
osc_run_hook('add_comment', $item);
return $status_num;
}
return -1;
}
/**
* Gets next comment of current premium comments
*
* @return array
*/
function osc_has_premium_comments()
{
if (!View::newInstance()->_exists('comments')) {
View::newInstance()->_exportVariableToView('comments', ItemComment::newInstance()->findBypremiumID(osc_premium_id(), osc_premium_comments_page(), osc_comments_per_page()));
}
return View::newInstance()->_next('comments');
}
function edit($userId)
{
$input = $this->prepareData(false);
// hook pre add or edit
osc_run_hook('pre_user_post');
$flash_error = '';
$error = array();
if($this->is_admin) {
$user_email = $this->manager->findByEmail($input['s_email']);
if(isset($user_email['pk_i_id']) && $user_email['pk_i_id']!=$userId) {
$flash_error .= sprintf(_m('The specified e-mail is already used by %s') , $user_email['s_username']) . PHP_EOL;
$error[] = 3;
}
}
if($input['s_name']=='') {
$flash_error .= _m('The name cannot be empty').PHP_EOL;
$error[] = 10;
}
if($this->is_admin){
if( Params::getParam('s_password', false, false) != Params::getParam('s_password2', false, false) ) {
$flash_error .= _m("Passwords don't match") . PHP_EOL;
$error[] = 7;
}
}
if($flash_error!='') {
return $flash_error;
}
$this->manager->update($input, array('pk_i_id' => $userId));
if($this->is_admin) {
Item::newInstance()->update( array('s_contact_name' => $input['s_name'], 's_contact_email' => $input['s_email']), array('fk_i_user_id' => $userId) );
ItemComment::newInstance()->update( array('s_author_name' => $input['s_name'], 's_author_email' => $input['s_email']), array('fk_i_user_id' => $userId) );
Alerts::newInstance()->update( array('s_email' => $input['s_email']), array('fk_i_user_id' => $userId) );
Log::newInstance()->insertLog( 'user', 'edit', $userId, $input['s_email'], $this->is_admin ? 'admin' : 'user', $this->is_admin ? osc_logged_admin_id() : osc_logged_user_id() );
} else {
Item::newInstance()->update( array('s_contact_name' => $input['s_name']), array('fk_i_user_id' => $userId) );
ItemComment::newInstance()->update( array('s_author_name' => $input['s_name']), array('fk_i_user_id' => $userId) );
$user = $this->manager->findByPrimaryKey($userId);
Log::newInstance()->insertLog('user', 'edit', $userId, $user['s_email'], $this->is_admin ? 'admin' : 'user', $this->is_admin ? osc_logged_admin_id() : osc_logged_user_id() );
}
if(!$this->is_admin) {
Session::newInstance()->_set('userName', $input['s_name']);
$phone = ($input['s_phone_mobile'])? $input['s_phone_mobile'] : $input['s_phone_land'];
Session::newInstance()->_set('userPhone', $phone);
}
if ( is_array( Params::getParam('s_info') ) ) {
foreach (Params::getParam('s_info') as $key => $value) {
$this->manager->updateDescription($userId, $key, $value);
}
}
osc_run_hook('user_edit_completed', $userId);
if ( $this->is_admin ) {
$iUpdated = 0;
if( (Params::getParam("b_enabled") != '') && (Params::getParam("b_enabled") == 1 ) ) {
$iUpdated += $this->manager->update( array('b_enabled' => 1), array('pk_i_id' => $userId) );
} else {
$iUpdated += $this->manager->update( array('b_enabled' => 0), array('pk_i_id' => $userId) );
}
if( (Params::getParam("b_active") != '') && (Params::getParam("b_active") == 1) ) {
$iUpdated += $this->manager->update( array('b_active' => 1), array('pk_i_id' => $userId) );
} else {
$iUpdated += $this->manager->update( array('b_active' => 0), array('pk_i_id' => $userId) );
}
if($iUpdated > 0) {
return 2;
}
}
return 1;
}
