public function index($settings)
{
// Load dependencies
$this->load->model('catalog/tag');
// Hide block to next pages
if (isset($this->request->get['favorites']) || isset($this->request->get['purchased']) || isset($this->request->get['user_id'])) {
return false;
}
// Set class
if (isset($settings['class'])) {
$data['class'] = $settings['class'];
} else {
$data['class'] = 'col-lg-12';
}
$tags = $this->model_catalog_tag->getTags(array('limit' => 5), $this->language->getId());
$data['tags'] = array();
foreach ($tags as $tag) {
$data['tags'][] = array('tag_id' => $tag->tag_id, 'name' => $tag->name, 'url' => $this->url->link('catalog/search', 'q=' . urlencode($tag->name)));
}
// Filter by search term & tags
if (isset($this->request->get['q']) && !empty($this->request->get['q']) && ValidatorProduct::titleValid($this->request->get['q'])) {
$data['query'] = $this->request->get['q'];
} else {
$data['query'] = false;
}
$data['action'] = $this->url->link('catalog/search', 'q=');
return $this->load->view('module/search.tpl', $data);
}
public function index()
{
// Init variables
$data = array();
$breadcrumbs = array();
$filter_data = array('order' => 'DESC');
$title = tt('Products');
$meta_title = '';
$breadcrumbs[] = array('name' => tt('Home'), 'href' => $this->url->link('common/home'), 'active' => false);
$breadcrumbs[] = array('name' => tt('Search'), 'href' => $this->url->link('catalog/search'), 'active' => true);
// Filter by user
if (isset($this->request->get['user_id']) && ($user_info = $this->model_account_user->getUser((int) $this->request->get['user_id']))) {
$title .= sprintf(' ' . tt('by %s'), $user_info->username);
$meta_title .= sprintf(' ' . tt('by %s'), $user_info->username);
$filter_data['user_id'] = (int) $this->request->get['user_id'];
}
// Filter by search term & tags
if (isset($this->request->get['q']) && !empty($this->request->get['q']) && ValidatorProduct::titleValid($this->request->get['q'])) {
$title .= sprintf(' ' . tt('containing %s'), ucfirst($this->request->get['q']));
$meta_title .= sprintf(' ' . tt('Buy %s Thematic with Bitcoin | Royalty Free %s Thematic Store'), ucfirst($this->request->get['q']), ucfirst($this->request->get['q']));
$filter_data['filter_query'] = $this->request->get['q'];
}
// Filter by favorites
if (isset($this->request->get['favorites'])) {
$title .= ' ' . tt('favorites');
$meta_title .= $title;
$filter_data['favorites'] = true;
}
// Filter by purchased
if (isset($this->request->get['purchased'])) {
$title .= ' ' . tt('purchased');
$meta_title .= $title;
$filter_data['purchased'] = true;
}
// Load products
$data['products'] = array();
$products_total = 0;
foreach ($this->model_catalog_product->getProducts($filter_data, $this->language->getId(), $this->auth->getId(), ORDER_APPROVED_STATUS_ID) as $product_info) {
$products_total++;
// Prepare special counter
if ($product_info->special_date_end) {
$special_left_seconds = strtotime($product_info->special_date_end) - time();
$special_left_minutes = floor($special_left_seconds / 60);
$special_left_hours = floor($special_left_minutes / 60);
$special_left_days = floor($special_left_hours / 24);
if ($special_left_minutes < 60) {
$special_expires = sprintf(tt('%s %s left'), $special_left_minutes, plural($special_left_minutes, array(tt('minute'), tt('minutes'), tt('minutes'))));
} else {
if ($special_left_hours < 24) {
$special_expires = sprintf(tt('%s %s left'), $special_left_hours, plural($special_left_hours, array(tt('hour'), tt('hours'), tt('hours'))));
} else {
$special_expires = sprintf(tt('%s %s left'), $special_left_days, plural($special_left_days, array(tt('day'), tt('days'), tt('days'))));
}
}
} else {
$special_expires = false;
}
switch ($product_info->order_status_id) {
case ORDER_APPROVED_STATUS_ID:
$product_order_status = 'approved';
break;
case ORDER_PROCESSED_STATUS_ID:
$product_order_status = 'processed';
break;
default:
$product_order_status = $product_info->user_id == $this->auth->getId() ? 'approved' : false;
}
// Generate products
$data['products'][] = array('product_order_status' => $product_order_status, 'favorite' => $product_info->favorite, 'demo' => $product_info->main_product_demo_id ? true : false, 'product_id' => $product_info->product_id, 'title' => $product_info->title, 'favorites' => $product_info->favorites ? $product_info->favorites : false, 'status' => $product_info->status, 'src' => $this->cache->image($product_info->main_product_image_id, $product_info->user_id, 144, 144), 'href_view' => $this->url->link('catalog/product', 'product_id=' . $product_info->product_id), 'href_download' => $this->url->link('catalog/product/download', 'product_id=' . $product_info->product_id), 'href_demo' => $this->url->link('catalog/product/demo', 'product_demo_id=' . $product_info->main_product_demo_id), 'special_expires' => $special_expires, 'special_regular_price' => $product_info->special_regular_price > 0 ? $this->currency->format($product_info->special_regular_price, $product_info->currency_id) : 0, 'special_exclusive_price' => $product_info->special_exclusive_price > 0 ? $this->currency->format($product_info->special_exclusive_price, $product_info->currency_id) : 0, 'regular_price' => $this->currency->format($product_info->regular_price, $product_info->currency_id), 'exclusive_price' => $this->currency->format($product_info->exclusive_price, $product_info->currency_id), 'has_regular_price' => $product_info->regular_price > 0 ? true : false, 'has_exclusive_price' => $product_info->exclusive_price > 0 ? true : false, 'has_special_regular_price' => $product_info->special_regular_price > 0 ? true : false, 'has_special_exclusive_price' => $product_info->special_exclusive_price > 0 ? true : false);
}
// Log search request
if (isset($this->request->get['q']) && !empty($this->request->get['q']) && ValidatorProduct::titleValid($this->request->get['q'])) {
$this->model_common_log->createLogSearch($this->auth->getId(), $this->request->get['q'], $products_total);
}
// Load layout
$this->document->setTitle($meta_title);
$data['title'] = $title;
$data['footer'] = $this->load->controller('common/footer');
$data['header'] = $this->load->controller('common/header');
$data['module_breadcrumbs'] = $this->load->controller('module/breadcrumbs', $breadcrumbs);
$data['module_search'] = $this->load->controller('module/search');
$data['user_is_logged'] = $this->auth->isLogged();
// Renter the template
$this->response->setOutput($this->load->view('catalog/list.tpl', $data));
}
private function _validateProductForm()
{
// Category
if (!isset($this->request->post['category_id']) || $this->request->post['category_id'] != 0 && !$this->model_catalog_category->getCategory($this->request->post['category_id'], $this->language->getId())) {
$this->_error['general']['category_id'] = tt('Wrong category field');
// Filter critical request
$this->security_log->write('Wrong category_id field');
$this->request->post['category_id'] = 0;
} else {
if ($this->request->post['category_id'] == 0) {
$this->_error['general']['category_id'] = tt('Category is required');
}
}
// Product description
if (isset($this->request->post['product_description'])) {
foreach ($this->request->post['product_description'] as $language_id => $product_description) {
// Language
if (!$this->language->hasId($language_id)) {
$this->_error['general']['common'] = tt('Wrong language field');
// Filter critical request
$this->security_log->write('Wrong language_id field');
unset($this->request->post['product_description'][$language_id]);
break;
}
// Title
if (!isset($product_description['title'])) {
$this->_error['general']['product_description'][$language_id]['title'] = tt('Wrong title input');
// Filter critical request
$this->security_log->write('Wrong product_description[title] field');
unset($this->request->post['product_description'][$language_id]);
break;
} else {
if (empty($product_description['title'])) {
$this->_error['general']['product_description'][$language_id]['title'] = tt('Title is required');
} else {
if (!ValidatorProduct::titleValid(html_entity_decode($product_description['title']))) {
$this->_error['general']['product_description'][$language_id]['title'] = tt('Invalid title format');
}
}
}
// Description
if (!isset($product_description['description'])) {
$this->_error['general']['product_description'][$language_id]['description'] = tt('Wrong description input');
// Filter critical request
$this->security_log->write('Wrong product_description[description] field');
unset($this->request->post['product_description'][$language_id]);
break;
} else {
if (empty($product_description['description'])) {
$this->_error['general']['product_description'][$language_id]['description'] = tt('Description is required');
} else {
if (!ValidatorProduct::descriptionValid(html_entity_decode($product_description['description']))) {
$this->_error['general']['product_description'][$language_id]['description'] = tt('Invalid description format');
}
}
}
// Tags
if (!isset($product_description['tags'])) {
$this->_error['general']['product_description'][$language_id]['tags'] = tt('Wrong tags input');
// Filter critical request
$this->security_log->write('Wrong product_description[tags] field');
unset($this->request->post['product_description'][$language_id]);
break;
} else {
if (!ValidatorProduct::tagsValid(html_entity_decode($product_description['tags']))) {
$this->_error['general']['product_description'][$language_id]['tags'] = tt('Invalid tags format');
}
}
}
}
// Package file
if (isset($this->request->files['package']['tmp_name']) && !empty($this->request->files['package']['tmp_name'])) {
$this->_error['file']['common'] = tt('Package file is not allowed for this action');
$this->security_log->write('Try to load package file without ajax interface');
unset($this->request->files['package']);
} else {
if (!isset($this->request->get['product_id']) && empty($this->request->post['product_file_id'])) {
$this->_error['file']['common'] = tt('Package file is required');
} else {
if (!isset($this->request->post['product_file_id'])) {
$this->_error['file']['common'] = tt('Package file input is wrong');
$this->security_log->write('Wrong product package field');
} else {
if (!file_exists(DIR_STORAGE . $this->auth->getId() . DIR_SEPARATOR . $this->request->post['product_file_id'] . '.' . STORAGE_FILE_EXTENSION)) {
$this->_error['file']['common'] = tt('Temporary package file is wrong');
$this->security_log->write('Try to access not own\'s temporary package file');
}
}
}
}
// Demos
if (isset($this->request->post['demo'])) {
// Main Demo
if (!isset($this->request->post['main_demo'])) {
$this->_error['demo']['common'] = tt('Main demo is required');
// Filter critical request
$this->security_log->write('Wrong product main_demo field');
unset($this->request->post['demo']);
}
$demo_count = 0;
foreach ($this->request->post['demo'] as $row => $demo) {
$demo_count++;
// Title
if (isset($demo['title'])) {
foreach ($demo['title'] as $language_id => $title) {
// Language
if (!$this->language->hasId($language_id)) {
$this->_error['demo']['common'] = tt('Wrong language field');
// Filter critical request
$this->security_log->write('Wrong product demo language_id field');
unset($this->request->post['demo'][$row]);
break;
}
// Title validation
if (empty($title)) {
$this->_error['demo'][$row]['title'][$language_id] = tt('Title is required');
} else {
if (!ValidatorProduct::titleValid(html_entity_decode($title))) {
$this->_error['demo'][$row]['title'][$language_id] = tt('Invalid title format');
}
}
}
} else {
$this->_error['demo']['common'] = tt('Wrong title input');
// Filter critical request
$this->security_log->write('Wrong product demo title field');
unset($this->request->post['demo'][$row]);
break;
}
// Url
if (isset($demo['url'])) {
if (empty($demo['url'])) {
$this->_error['demo'][$row]['url'] = tt('Demo URL is required');
} else {
if (!ValidatorProduct::urlValid(html_entity_decode($demo['url']))) {
$this->_error['demo'][$row]['url'] = tt('Invalid URL format');
}
}
} else {
$this->_error['demo']['common'] = tt('Wrong demo URL input');
// Filter critical request
$this->security_log->write('Wrong product demo URL field');
unset($this->request->post['demo'][$row]);
break;
}
// Sort order
if (!isset($demo['sort_order']) || !$demo['sort_order']) {
$this->_error['demo']['common'] = tt('Wrong sort order input');
// Filter critical request
$this->security_log->write('Wrong product demo sort_order field');
unset($this->request->post['demo'][$row]);
break;
}
}
// Maximum demo pages per product
if (QUOTA_DEMO_PER_PRODUCT < $demo_count) {
$this->_error['demo']['common'] = sprintf(tt('Allowed maximum %s demo pages per one product'), QUOTA_DEMO_PER_PRODUCT);
// Filter critical request
$this->security_log->write('Exceeded limit of product demo');
unset($this->request->post['demo']);
}
}
// Images
if (isset($this->request->post['image'])) {
// Filter downloads (moved to AJAX)
unset($this->request->files['image']);
// Required main image
if (!isset($this->request->post['main_image'])) {
$this->_error['image']['common'] = tt('Main image is required');
// Filter critical request
$this->security_log->write('Wrong product main_image field');
unset($this->request->post['image']);
}
$image_count = 0;
foreach ($this->request->post['image'] as $row => $image) {
$image_count++;
// Title
if (isset($image['title'])) {
foreach ($image['title'] as $language_id => $title) {
// Language
if (!$this->language->hasId($language_id)) {
$this->_error['image']['common'] = tt('Wrong language field');
// Filter critical request
$this->security_log->write('Wrong product image language_id field');
unset($this->request->post['image']);
break;
}
// Title validation
if (empty($title)) {
$this->_error['image'][$row]['title'][$language_id] = tt('Title is required');
} else {
if (!ValidatorProduct::titleValid(html_entity_decode($title))) {
$this->_error['image'][$row]['title'][$language_id] = tt('Invalid title format');
}
}
}
} else {
$this->_error['image']['common'] = tt('Wrong title input');
// Filter critical request
$this->security_log->write('Wrong product image title field');
unset($this->request->post['image']);
break;
}
// Require sort order field
if (!isset($image['sort_order']) || !$image['sort_order']) {
$this->_error['image']['common'] = tt('Wrong sort order input');
// Filter critical request
$this->security_log->write('Wrong product image sort_order field');
unset($this->request->post['image']);
break;
}
// Require product product_image_id
if (!isset($image['product_image_id'])) {
$this->_error['image']['common'] = tt('Wrong temporary ID image input');
// Filter critical request
$this->security_log->write('Wrong product image product_image_id field');
unset($this->request->post['image']);
break;
}
// Require product product_image_id
if (!isset($image['product_image_id'])) {
$this->_error['image']['common'] = tt('Wrong image ID input');
// Filter critical request
$this->security_log->write('Wrong product image product_image_id field');
unset($this->request->post['image']);
break;
}
// Check temporary image file if exists
if (!file_exists(DIR_STORAGE . $this->auth->getId() . DIR_SEPARATOR . $image['product_image_id'] . '.' . STORAGE_IMAGE_EXTENSION)) {
$this->_error['image']['common'] = tt('Temporary image ID is wrong');
$this->security_log->write('Try to access not own\'s temporary image file');
unset($this->request->post['image']);
break;
}
// Check if new temporary and stored image fields is not empty
if (isset($this->request->get['product_id']) && empty($image['product_image_id']) && empty($image['product_image_id'])) {
$this->_error['image']['common'] = tt('Image file is required');
}
}
// Maximum images per one product
if (QUOTA_IMAGES_PER_PRODUCT < $image_count) {
$this->_error['image']['common'] = sprintf(tt('Maximum %s images pages per one product'), QUOTA_DEMO_PER_PRODUCT);
// Filter critical request
$this->security_log->write('Exceeded limit of product images');
unset($this->request->post['image']);
}
}
// Videos
if (isset($this->request->post['video'])) {
$video_count = 0;
foreach ($this->request->post['video'] as $row => $video) {
$video_count++;
// Title
if (isset($video['title'])) {
foreach ($video['title'] as $language_id => $title) {
// Language
if (!$this->language->hasId($language_id)) {
$this->_error['video']['common'] = tt('Wrong language field');
// Filter critical request
$this->security_log->write('Wrong product video language_id field');
unset($this->request->post['video'][$row]);
break;
}
// Title string validation
if (empty($title)) {
$this->_error['video'][$row]['title'][$language_id] = tt('Title is required');
} else {
if (!ValidatorProduct::titleValid(html_entity_decode($title))) {
$this->_error['video'][$row]['title'][$language_id] = tt('Invalid title format');
}
}
}
} else {
$this->_error['video']['common'] = tt('Wrong title URL input');
// Filter critical request
$this->security_log->write('Wrong product video URL field');
unset($this->request->post['video'][$row]);
break;
}
// Source
if (!isset($video['source'])) {
$this->_error['video']['common'] = tt('Wrong video source input');
// Filter critical request
$this->security_log->write('Wrong product video source field');
unset($this->request->post['video'][$row]);
break;
} else {
// Video server validate
$video_server_info = $this->model_common_video_server->getVideoServer($video['source']);
if (!$video_server_info) {
$this->_error['video'][$row]['source'] = tt('Wrong video_server_id source');
// Filter critical request
$this->security_log->write('Wrong product video video_server_id field');
unset($this->request->post['video'][$row]);
break;
} else {
// ID relations validate
if (isset($video['id'])) {
switch (mb_strtolower($video_server_info->name)) {
case 'youtube':
if (empty($video['id'])) {
$this->_error['video'][$row]['id'] = tt('YouTube ID is required');
} else {
if (!ValidatorYoutube::idValid(html_entity_decode($video['id']))) {
$this->_error['video'][$row]['id'] = tt('Invalid YouTube ID format');
}
}
break;
case 'vimeo':
if (empty($video['id'])) {
$this->_error['video'][$row]['id'] = tt('YouTube Vimeo is required');
} else {
if (!ValidatorVimeo::idValid(html_entity_decode($video['id']))) {
$this->_error['video'][$row]['id'] = tt('Invalid Vimeo ID format');
}
}
break;
default:
$this->_error['video'][$row]['source'] = tt('Undefined video source');
}
} else {
$this->_error['video']['common'] = tt('Wrong video ID input');
// Filter critical request
$this->security_log->write('Wrong product video ID field');
unset($this->request->post['video'][$row]);
break;
}
}
}
// Sort order
if (!isset($video['sort_order']) || !$video['sort_order']) {
$this->_error['video']['common'] = tt('Wrong sort order input');
// Filter critical request
$this->security_log->write('Wrong product video sort_order field');
unset($this->request->post['video'][$row]);
break;
}
}
// Maximum video pages per product
if (QUOTA_VIDEO_PER_PRODUCT < $video_count) {
$this->_error['video']['common'] = sprintf(tt('Maximum %s video links per one product'), QUOTA_DEMO_PER_PRODUCT);
// Filter critical request
$this->security_log->write('Exceeded limit of product videos');
unset($this->request->post['video']);
}
}
// Audios
if (isset($this->request->post['audio'])) {
$audio_count = 0;
foreach ($this->request->post['audio'] as $row => $audio) {
$audio_count++;
// Title
if (isset($audio['title'])) {
foreach ($audio['title'] as $language_id => $title) {
// Language
if (!$this->language->hasId($language_id)) {
$this->_error['audio']['common'] = tt('Wrong language field');
// Filter critical request
$this->security_log->write('Wrong product audio language_id field');
unset($this->request->post['audio'][$row]);
break;
}
// Title string validation
if (empty($title)) {
$this->_error['audio'][$row]['title'][$language_id] = tt('Title is required');
} else {
if (!ValidatorProduct::titleValid(html_entity_decode($title))) {
$this->_error['audio'][$row]['title'][$language_id] = tt('Invalid title format');
}
}
}
} else {
$this->_error['audio']['common'] = tt('Wrong title URL input');
// Filter critical request
$this->security_log->write('Wrong product audio URL field');
unset($this->request->post['audio'][$row]);
break;
}
// Source
if (!isset($audio['source'])) {
$this->_error['audio']['common'] = tt('Wrong audio source input');
// Filter critical request
$this->security_log->write('Wrong product audio source field');
unset($this->request->post['audio'][$row]);
break;
} else {
// Audio server validate
$audio_server_info = $this->model_common_audio_server->getAudioServer($audio['source']);
if (!$audio_server_info) {
$this->_error['audio'][$row]['source'] = tt('Wrong audio_server_id source');
// Filter critical request
$this->security_log->write('Wrong product audio audio_server_id field');
unset($this->request->post['audio'][$row]);
break;
} else {
// ID relations validate
if (isset($audio['id'])) {
switch (mb_strtolower($audio_server_info->name)) {
case 'soundcloud':
if (empty($audio['id'])) {
$this->_error['audio'][$row]['id'] = tt('SoundCloud ID is required');
} else {
if (!ValidatorSoundcloud::idValid(html_entity_decode($audio['id']))) {
$this->_error['audio'][$row]['id'] = tt('Invalid SoundCloud ID format');
}
}
break;
default:
$this->_error['audio'][$row]['source'] = tt('Undefined audio source');
}
} else {
$this->_error['audio']['common'] = tt('Wrong audio ID input');
// Filter critical request
$this->security_log->write('Wrong product audio ID field');
unset($this->request->post['audio'][$row]);
break;
}
}
}
// Sort order
if (!isset($audio['sort_order']) || !$audio['sort_order']) {
$this->_error['audio']['common'] = tt('Wrong sort order input');
// Filter critical request
$this->security_log->write('Wrong product audio sort_order field');
unset($this->request->post['audio'][$row]);
break;
}
}
// Maximum audio pages per product
if (QUOTA_AUDIO_PER_PRODUCT < $audio_count) {
$this->_error['audio']['common'] = sprintf(tt('Maximum %s audio links per one product'), QUOTA_DEMO_PER_PRODUCT);
// Filter critical request
$this->security_log->write('Exceeded limit of product audios');
unset($this->request->post['audio']);
}
}
// Currency
if (!isset($this->request->post['currency_id'])) {
// Filter critical request
$this->security_log->write('Wrong product currency field');
$this->request->post['currency_id'] = $this->currency->getId();
} else {
if (!$this->currency->hasId($this->request->post['currency_id'])) {
$this->_error['price']['common'] = tt('Wrong currency field');
// Filter critical request
$this->security_log->write('Wrong product currency_id field');
$this->request->post['currency_id'] = $this->currency->getId();
} else {
if (empty($this->request->post['currency_id']) || $this->request->post['currency_id'] == 0) {
$this->_error['price']['currency_id'] = tt('Currency is required');
}
}
}
// Withdraw address
if (!isset($this->request->post['withdraw_address'])) {
$this->_error['price']['withdraw_address'] = tt('Wrong withdraw address field');
// Filter critical request
$this->security_log->write('Wrong product withdraw_address field');
$this->request->post['withdraw_address'] = false;
} else {
if (empty($this->request->post['withdraw_address'])) {
$this->_error['price']['withdraw_address'] = tt('Withdraw address is required');
} else {
if (!ValidatorBitcoin::addressValid(html_entity_decode($this->request->post['withdraw_address']))) {
$this->_error['price']['withdraw_address'] = tt('Invalid withdraw address');
}
}
}
// Pricing
// Requirements
if (!isset($this->request->post['regular_price'])) {
$this->_error['price']['regular_price'] = tt('Wrong regular price field');
// Filter critical request
$this->security_log->write('Wrong regular price field');
$this->request->post['regular_price'] = 0;
}
if (!isset($this->request->post['exclusive_price'])) {
$this->_error['price']['exclusive_price'] = tt('Wrong exclusive price field');
// Filter critical request
$this->security_log->write('Wrong exclusive price field');
$this->request->post['exclusive_price'] = 0;
}
// Regular price
if (!empty($this->request->post['regular_price'])) {
if ($this->request->post['regular_price'] < ALLOWED_PRODUCT_MIN_PRICE) {
$this->_error['price']['regular_price'] = sprintf(tt('Price must be %s or more'), $this->currency->format(ALLOWED_PRODUCT_MIN_PRICE));
} else {
if ($this->request->post['regular_price'] > ALLOWED_PRODUCT_MAX_PRICE) {
$this->_error['price']['regular_price'] = sprintf(tt('Maximum price is %s'), $this->currency->format(ALLOWED_PRODUCT_MAX_PRICE));
} else {
if (!ValidatorBitcoin::amountValid(html_entity_decode($this->request->post['regular_price']))) {
$this->_error['price']['regular_price'] = tt('Invalid price format');
}
}
}
}
// Exclusive price
if (!empty($this->request->post['exclusive_price'])) {
if ($this->request->post['exclusive_price'] < ALLOWED_PRODUCT_MIN_PRICE) {
$this->_error['price']['exclusive_price'] = sprintf(tt('Price must be %s or more'), $this->currency->format(ALLOWED_PRODUCT_MIN_PRICE));
} else {
if ($this->request->post['exclusive_price'] > ALLOWED_PRODUCT_MAX_PRICE) {
$this->_error['price']['exclusive_price'] = sprintf(tt('Maximum price is %s'), $this->currency->format(ALLOWED_PRODUCT_MAX_PRICE));
} else {
if (!ValidatorBitcoin::amountValid(html_entity_decode($this->request->post['exclusive_price']))) {
$this->_error['price']['exclusive_price'] = tt('Invalid price format');
}
}
}
}
// Logic validation
if (empty($this->request->post['regular_price']) && empty($this->request->post['exclusive_price'])) {
$this->_error['price']['regular_exclusive_price'] = tt('Regular or exclusive price is required');
} else {
if ($this->request->post['regular_price'] == $this->request->post['exclusive_price']) {
$this->_error['price']['regular_exclusive_price'] = tt('The regular and exclusive prices should not be the same');
} else {
if ($this->request->post['exclusive_price'] && $this->request->post['regular_price'] > $this->request->post['exclusive_price']) {
$this->_error['price']['regular_exclusive_price'] = tt('The regular price should not be greater than exclusive price');
}
}
}
// Special
if (isset($this->request->post['special'])) {
$special_count = 0;
foreach ($this->request->post['special'] as $row => $special) {
$special_count++;
// Requirements
if (!isset($special['regular_price'])) {
$this->_error['special'][$row]['regular_price'] = tt('Wrong regular price field');
// Filter critical request
$this->security_log->write('Wrong special regular price field');
$special['regular_price'] = 0;
}
if (!isset($special['exclusive_price'])) {
$this->_error['special'][$row]['price']['exclusive_price'] = tt('Wrong exclusive price field');
// Filter critical request
$this->security_log->write('Wrong special exclusive price field');
$special['exclusive_price'] = 0;
}
// Regular price
if (!empty($special['regular_price'])) {
if ($special['regular_price'] < ALLOWED_PRODUCT_MIN_PRICE) {
$this->_error['special'][$row]['regular_price'] = sprintf(tt('Price must be %s or more'), $this->currency->format(ALLOWED_PRODUCT_MIN_PRICE));
} else {
if ($special['regular_price'] > ALLOWED_PRODUCT_MAX_PRICE) {
$this->_error['special'][$row]['regular_price'] = sprintf(tt('Maximum price is %s'), $this->currency->format(ALLOWED_PRODUCT_MAX_PRICE));
} else {
if (!ValidatorBitcoin::amountValid(html_entity_decode($special['regular_price']))) {
$this->_error['special'][$row]['regular_price'] = tt('Invalid price format');
}
}
}
}
// Exclusive price
if (!empty($special['exclusive_price'])) {
if ($special['exclusive_price'] < ALLOWED_PRODUCT_MIN_PRICE) {
$this->_error['special'][$row]['exclusive_price'] = sprintf(tt('Price must be %s or more'), $this->currency->format(ALLOWED_PRODUCT_MIN_PRICE));
} else {
if ($special['exclusive_price'] > ALLOWED_PRODUCT_MAX_PRICE) {
$this->_error['special'][$row]['exclusive_price'] = sprintf(tt('Maximum price is %s'), $this->currency->format(ALLOWED_PRODUCT_MAX_PRICE));
} else {
if (!ValidatorBitcoin::amountValid(html_entity_decode($special['exclusive_price']))) {
$this->_error['special'][$row]['exclusive_price'] = tt('Invalid price format');
}
}
}
}
// Logic validation
if (empty($special['regular_price']) && empty($special['exclusive_price'])) {
$this->_error['special'][$row]['regular_exclusive_price'] = tt('Regular or exclusive price is required');
} else {
if ($special['regular_price'] == $special['exclusive_price']) {
$this->_error['special'][$row]['regular_exclusive_price'] = tt('The regular and exclusive prices should not be the same');
} else {
if ($special['exclusive_price'] && $special['regular_price'] > $special['exclusive_price']) {
$this->_error['special'][$row]['regular_exclusive_price'] = tt('The regular price should not be greater than exclusive price');
}
}
}
// Date start
if (!isset($special['date_start'])) {
$this->_error['special'][$row]['date_start'] = tt('Wrong date start input');
// Filter critical request
$this->security_log->write('Wrong product special date_start field');
unset($this->request->post['special'][$row]);
break;
} else {
if (empty($special['date_start'])) {
$this->_error['special'][$row]['date_start'] = tt('Date start is required');
} else {
if (!ValidatorProduct::dateValid(html_entity_decode($special['date_start']))) {
$this->_error['special'][$row]['date_start'] = tt('Invalid date format');
}
}
}
// Date end
if (!isset($special['date_end'])) {
$this->_error['special'][$row]['date_end'] = tt('Wrong date end input');
// Filter critical request
$this->security_log->write('Wrong product special date_end field');
unset($this->request->post['special'][$row]);
break;
} else {
if (empty($special['date_end'])) {
$this->_error['special'][$row]['date_end'] = tt('Date end is required');
} else {
if (!ValidatorProduct::dateValid(html_entity_decode($special['date_end']))) {
$this->_error['special'][$row]['date_end'] = tt('Invalid date format');
}
}
}
// Logic validation
if (strtotime($special['date_start']) >= strtotime($special['date_end'])) {
$this->_error['special'][$row]['date_end'] = tt('Date end should not begin prior to Date start');
}
// Sort order
if (!isset($special['sort_order']) || !$special['sort_order']) {
$this->_error['special']['common'] = tt('Wrong sort order input');
// Filter critical request
$this->security_log->write('Wrong product special sort_order field');
unset($this->request->post['special'][$row]);
}
}
// Maximum special pages per product
if (QUOTA_SPECIALS_PER_PRODUCT < $special_count) {
$this->_error['special']['common'] = sprintf(tt('Maximum %s specials per one product'), QUOTA_DEMO_PER_PRODUCT);
// Filter critical request
$this->security_log->write('Exceeded limit of product specials');
unset($this->request->post['special']);
}
}
return !$this->_error;
}
public function review()
{
// Check request
if (!$this->request->isAjax()) {
$this->security_log->write('Try to get product image without ajax request');
exit;
}
// Only for logged users
if (!$this->auth->isLogged()) {
$this->security_log->write('Try to add product as favorite from guest request');
exit;
}
// Check dependencies
if (!isset($this->request->post['product_id'])) {
$this->security_log->write('Try to get product reviews without product_id parameter');
exit;
}
// Review text can not by empty
if (!isset($this->request->post['review'])) {
$this->security_log->write('Try to get product reviews without product_id parameter');
exit;
}
// Validate review text
if (empty($this->request->post['review']) || !ValidatorProduct::descriptionValid($this->request->post['review'])) {
$json = array('error_message' => tt('Review text is not valid!'));
} else {
if ($this->model_catalog_product->createProductReview((int) $this->request->post['product_id'], $this->request->post['review'], $this->auth->getId(), $this->language->getId(), 1)) {
// Get requires
$product = $this->model_catalog_product->getProduct((int) $this->request->post['product_id'], DEFAULT_LANGUAGE_ID, $this->auth->getId(), ORDER_APPROVED_STATUS_ID);
$user = $this->model_account_user->getUser($product->user_id);
$languages = array();
foreach ($this->model_common_language->getLanguages() as $language) {
$languages[$language->language_id] = $language->code;
}
// Get product descriptions
$product_descriptions = array();
foreach ($this->model_catalog_product->getProductDescriptions($product->product_id) as $product_description) {
$product_descriptions[$product_description->language_id] = array('title' => $product_description->title);
}
// Is not seller
if ($product->user_id != $this->auth->getId()) {
// Add notification
if ($user_notification_id = $this->model_account_notification->addNotification($product->user_id, 'activity')) {
// Add notification description for each system language
foreach ($this->_languages as $language_id => $code) {
$translation = $this->language->loadTranslation($language_id);
$this->model_account_notification->addNotificationDescription($user_notification_id, $language_id, tt('Your product has been commented', $translation), sprintf(tt('@%s has posted a comment about your product %s.', $translation), $this->auth->getUsername(), $product_descriptions[$user->language_id]['title']));
}
}
// If subscription enabled
if ($this->model_account_subscription->checkUserSubscription($product->user_id, REVIEW_SUBSCRIPTION_ID)) {
// Load current language
$translation = $this->language->loadTranslation($user->language_id);
// Send mail
$mail_data = array();
$mail_data['translation'] = $translation;
$mail_data['project_name'] = PROJECT_NAME;
$mail_data['subject'] = sprintf(tt('Your product has been commented - %s', $translation), PROJECT_NAME);
$mail_data['message'] = sprintf(tt('@%s has posted a comment about your product %s.', $translation), $this->auth->getUsername(), $product_descriptions[$user->language_id]['title']);
$mail_data['href_home'] = $this->url->link('common/home');
$mail_data['href_contact'] = $this->url->link('common/contact');
$mail_data['href_subscription'] = $this->url->link('account/account/subscription');
$mail_data['href_facebook'] = URL_FACEBOOK;
$mail_data['href_twitter'] = URL_TWITTER;
$mail_data['href_tumblr'] = URL_TUMBLR;
$mail_data['href_github'] = URL_GITHUB;
$this->mail->setTo($user->email);
$this->mail->setSubject($mail_data['subject']);
$this->mail->setHtml($this->load->view('email/common.tpl', $mail_data));
$this->mail->send();
}
}
// Notice admin
$this->mail->setFrom($this->auth->getEmail());
$this->mail->setTo(MAIL_EMAIL_BILLING_ADDRESS);
$this->mail->setSender($this->auth->getEmail());
$this->mail->setSubject(sprintf('%s REPORT', PROJECT_NAME));
$this->mail->setHtml(false);
$this->mail->setText(sprintf('New review for product: %s (%s)', $product->title, $this->url->link('catalog/product', 'product_id=' . $product->product_id)));
$this->mail->send();
$json = array('success_message' => tt('Thank you for your review!'));
} else {
$json = array('error_message' => tt('Internal server error! Please try again later.'));
}
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
public function review()
{
// Check request
if (!$this->request->isAjax()) {
$this->security_log->write('Try to get product image without ajax request');
exit;
}
// Only for logged users
if (!$this->auth->isLogged()) {
$this->security_log->write('Try to add product as favorite from guest request');
exit;
}
// Check dependencies
if (!isset($this->request->post['product_id'])) {
$this->security_log->write('Try to get product reviews without product_id parameter');
exit;
}
// Review text can not by empty
if (!isset($this->request->post['review'])) {
$this->security_log->write('Try to get product reviews without product_id parameter');
exit;
}
// Validate review text
if (empty($this->request->post['review']) || !ValidatorProduct::descriptionValid($this->request->post['review'])) {
$json = array('error_message' => tt('Review text is not valid!'));
} else {
if ($this->model_catalog_product->createProductReview((int) $this->request->post['product_id'], $this->request->post['review'], $this->auth->getId(), $this->language->getId(), 1)) {
// Get requires
$product = $this->model_catalog_product->getProduct((int) $this->request->post['product_id'], $this->auth->getId(), ORDER_APPROVED_STATUS_ID);
$user = $this->model_account_user->getUser($product->user_id);
// Is not seller
if ($product->user_id != $this->auth->getId()) {
// Add notification
$this->model_account_notification->addNotification($product->user_id, $this->language->getId(), 'activity', tt('Your product has been commented'), sprintf(tt("@%s has posted a comment about your product %s.\n"), $this->auth->getUsername(), $product->title));
// If subscription enabled
if ($this->model_account_subscription->checkUserSubscription($product->user_id, REVIEW_SUBSCRIPTION_ID)) {
// Send mail
$mail_data['project_name'] = PROJECT_NAME;
$mail_data['subject'] = sprintf(tt('Your product has been commented - %s'), PROJECT_NAME);
$mail_data['message'] = sprintf(tt("@%s has posted a comment about your product %s.\n"), $this->auth->getUsername(), $product->title);
$mail_data['href_home'] = $this->url->link('common/home');
$mail_data['href_contact'] = $this->url->link('common/contact');
$mail_data['href_subscription'] = $this->url->link('account/account/subscription');
$mail_data['href_facebook'] = URL_FACEBOOK;
$mail_data['href_twitter'] = URL_TWITTER;
$mail_data['href_tumblr'] = URL_TUMBLR;
$mail_data['href_github'] = URL_GITHUB;
$this->mail->setTo($user->email);
$this->mail->setSubject($mail_data['subject']);
$this->mail->setHtml($this->load->view('email/common.tpl', $mail_data));
$this->mail->send();
}
}
$json = array('success_message' => tt('Thank you for your review!'));
} else {
$json = array('error_message' => tt('Internal server error! Please try again later.'));
}
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
public function review()
{
// Check request
if (!$this->request->isAjax()) {
$this->security_log->write('Try to get product image without ajax request');
exit;
}
// Only for logged users
if (!$this->auth->isLogged()) {
$this->security_log->write('Try to add product as favorite from guest request');
exit;
}
// Check dependencies
if (!isset($this->request->post['product_id'])) {
$this->security_log->write('Try to get product reviews without product_id parameter');
exit;
}
// Review text can not by empty
if (!isset($this->request->post['review'])) {
$this->security_log->write('Try to get product reviews without product_id parameter');
exit;
}
// Validate review text
if (empty($this->request->post['review']) || !ValidatorProduct::descriptionValid($this->request->post['review'])) {
$json = array('error_message' => tt('Review text is not valid!'));
} else {
if ($this->model_catalog_product->createProductReview((int) $this->request->post['product_id'], $this->request->post['review'], $this->auth->getId(), $this->language->getId(), 1)) {
$json = array('success_message' => tt('Thank you for your review!'));
} else {
$json = array('error_message' => tt('Internal server error! Please try again later.'));
}
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
