public function getWidget($title, $target, $permissions = array())
{
$user = cmsUser::getInstance();
extract($target);
$page = $this->request->get('page', 1);
$show_id = $this->request->get('wid');
$go_reply = $this->request->get('reply', 0);
$show_reply_id = 0;
if ($show_id) {
$entry = $this->model->getEntry($show_id);
if ($entry) {
if ($entry['parent_id'] > 0) {
$show_id = $entry['parent_id'];
$show_reply_id = $entry['id'];
}
$page = $this->model->getEntryPageNumber($show_id, $target, self::$perpage);
}
}
$total = $this->model->getEntriesCount($profile_type, $profile_id);
$entries = $this->model->getEntries($profile_type, $profile_id, $page);
$entries = cmsEventsManager::hook('wall_before_list', $entries);
$csrf_token_seed = implode('/', array($profile_type, $profile_id));
$template = cmsTemplate::getInstance();
return $template->renderInternal($this, 'list', array('title' => $title, 'user' => $user, 'controller' => $controller, 'profile_type' => $profile_type, 'profile_id' => $profile_id, 'user' => $user, 'entries' => $entries, 'permissions' => $permissions, 'page' => $page, 'perpage' => wall::$perpage, 'total' => $total, 'max_entries' => $show_id ? 0 : 5, 'csrf_token_seed' => $csrf_token_seed, 'show_id' => $show_id, 'show_reply_id' => $show_reply_id, 'go_reply' => $go_reply));
}
public function run()
{
if (!$this->request->isAjax()) {
cmsCore::error404();
}
$template = cmsTemplate::getInstance();
$entry_id = $this->request->get('id');
// Проверяем валидность
$is_valid = is_numeric($entry_id);
if (!$is_valid) {
$result = array('error' => true, 'message' => LANG_ERROR);
$template->renderJSON($result);
}
$user = cmsUser::getInstance();
$entry = $this->model->getEntry($entry_id);
$replies = $this->model->getReplies($entry_id);
if (!$replies) {
$result = array('error' => true, 'message' => LANG_ERROR);
$template->renderJSON($result);
}
$replies = cmsEventsManager::hook('wall_before_list', $replies);
$permissions = array('add' => $user->is_logged, 'delete' => $user->is_admin || $user->id == $entry['profile_id']);
$html = $template->renderInternal($this, 'entry', array('entries' => $replies, 'user' => $user, 'permissions' => $permissions));
// Формируем и возвращаем результат
$result = array('error' => false, 'html' => $html);
$template->renderJSON($result);
}
public function run()
{
$template = cmsTemplate::getInstance();
$config = cmsConfig::getInstance();
$user = cmsUser::getInstance();
$contact_id = $this->request->get('contact_id') or cmsCore::error404();
$content = $this->request->get('content') or cmsCore::error404();
$csrf_token = $this->request->get('csrf_token');
// Проверяем валидность
$is_valid = is_numeric($contact_id) && cmsForm::validateCSRFToken($csrf_token, false);
if (!$is_valid) {
$result = array('error' => true, 'message' => '');
$template->renderJSON($result);
}
$contact = $this->model->getContact($user->id, $contact_id);
// Контакт существует?
if (!$contact) {
$result = array('error' => true, 'message' => '');
$template->renderJSON($result);
}
// Контакт не в игноре у отправителя?
if ($contact['is_ignored']) {
$result = array('error' => true, 'message' => LANG_PM_CONTACT_IS_IGNORED);
$template->renderJSON($result);
}
// Отправитель не в игноре у контакта?
if ($this->model->isContactIgnored($contact_id, $user->id)) {
$result = array('error' => true, 'message' => LANG_PM_YOU_ARE_IGNORED);
$template->renderJSON($result);
}
// Контакт принимает сообщения от этого пользователя?
if (!$user->isPrivacyAllowed($contact, 'messages_pm')) {
$result = array('error' => true, 'message' => LANG_PM_CONTACT_IS_PRIVATE);
$template->renderJSON($result);
}
//
// Отправляем сообщение
//
$content_html = cmsEventsManager::hook('html_filter', $content);
if (!$content_html) {
$template->renderJSON(array('error' => false, 'date' => false, 'message' => false));
}
$this->setSender($user->id);
$this->addRecipient($contact_id);
$message_id = $this->sendMessage($content_html);
//
// Отправляем уведомление на почту
//
$user_to = cmsCore::getModel('users')->getUser($contact_id);
if (!$user_to['is_online']) {
$this->sendNoticeEmail('messages_new');
}
//
// Получаем и рендерим добавленное сообщение
//
$message = $this->model->getMessage($message_id);
$message_html = $template->render('message', array('messages' => array($message), 'user' => $user), new cmsRequest(array(), cmsRequest::CTX_INTERNAL));
// Результат
$template->renderJSON(array('error' => false, 'date' => date($config->date_format, time()), 'message' => $message_html));
}
public function actionOptions()
{
if (empty($this->useDefaultOptionsAction)) {
cmsCore::error404();
}
$form = $this->getForm('options');
if (!$form) {
cmsCore::error404();
}
$form = cmsEventsManager::hook("form_options_{this->name}", $form);
$is_submitted = $this->request->has('submit');
$options = cmsController::loadOptions($this->name);
if ($is_submitted) {
$options = $form->parse($this->request, $is_submitted);
$errors = $form->validate($this, $options);
if (!$errors) {
cmsUser::addSessionMessage(LANG_CP_SAVE_SUCCESS, 'success');
cmsController::saveOptions($this->name, $options);
$this->redirectToAction('options');
}
if ($errors) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
}
return cmsTemplate::getInstance()->render('backend/options', array('options' => $options, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
}
public function run($pass_token)
{
if (!$pass_token) {
cmsCore::error404();
}
if (cmsUser::isLogged()) {
$this->redirectToHome();
}
$users_model = cmsCore::getModel('users');
$user = $users_model->getUserByPassToken($pass_token);
if (!$user) {
cmsCore::error404();
}
$users_model->unlockUser($user['id']);
$users_model->clearUserPassToken($user['id']);
cmsEventsManager::hook('user_registered', $user);
cmsUser::addSessionMessage($this->options['reg_auto_auth'] ? LANG_REG_SUCCESS_VERIFIED_AND_AUTH : LANG_REG_SUCCESS_VERIFIED, 'success');
// авторизуем пользователя автоматически
if ($this->options['reg_auto_auth']) {
$user = cmsEventsManager::hook('user_login', $user);
cmsUser::sessionSet('user', array('id' => $user['id'], 'groups' => $user['groups'], 'time_zone' => $user['time_zone'], 'perms' => cmsUser::getPermissions($user['groups']), 'is_admin' => $user['is_admin']));
$update_data = array('ip' => cmsUser::getIp());
$this->model->update('{users}', $user['id'], $update_data, true);
cmsEventsManager::hook('auth_login', $user['id']);
}
$this->redirect($this->getAuthRedirectUrl($this->options['first_auth_redirect']));
}
public function run()
{
if (!$this->request->isAjax()) {
cmsCore::error404();
}
if (!cmsUser::isAllowed('comments', 'is_moderator')) {
return $this->cms_template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR));
}
$comment_id = $this->request->get('id', 0);
if (!$comment_id) {
return $this->cms_template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR));
}
$comment = $this->model->getComment($comment_id);
if (!$comment) {
return $this->cms_template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR));
}
$this->model->approveComment($comment['id']);
// Уведомляем модель целевого контента об изменении количества комментариев
$comments_count = $this->model->filterCommentTarget($comment['target_controller'], $comment['target_subject'], $comment['target_id'])->getCommentsCount();
$this->model->resetFilters();
cmsCore::getModel($comment['target_controller'])->updateCommentsCount($comment['target_subject'], $comment['target_id'], $comments_count);
$parent_comment = $comment['parent_id'] ? $this->model->getComment($comment['parent_id']) : false;
// Уведомляем подписчиков
$this->notifySubscribers($comment, $parent_comment);
// Уведомляем об ответе на комментарий
if ($parent_comment) {
$this->notifyParent($comment, $parent_comment);
}
$comment = cmsEventsManager::hook('comment_after_add', $comment);
return $this->cms_template->renderJSON(array('error' => false, 'message' => '', 'id' => $comment['id'], 'parent_id' => $comment['parent_id'], 'level' => $comment['level'], 'html' => cmsEventsManager::hook('parse_text', $comment['content_html'])));
}
public function run()
{
$cat_id = $this->getOption('category_id');
$ctype_id = $this->getOption('ctype_id');
$dataset_id = $this->getOption('dataset');
$image_field = $this->getOption('image_field');
$big_image_field = $this->getOption('big_image_field');
$big_image_preset = $this->getOption('big_image_preset');
$teaser_fields = $this->getOption('teaser_field');
$limit = $this->getOption('limit', 10);
$delay = $this->getOption('delay', 5);
$teaser_len = $this->getOption('teaser_len', 100);
$model = cmsCore::getModel('content');
$ctype = $model->getContentType($ctype_id);
if (!$ctype) {
return false;
}
if ($cat_id) {
$category = $model->getCategory($ctype['name'], $cat_id);
} else {
$category = false;
}
if ($dataset_id) {
$dataset = $model->getContentDataset($dataset_id);
if ($dataset) {
$model->applyDatasetFilters($dataset);
} else {
$dataset_id = false;
}
}
if ($category) {
$model->filterCategory($ctype['name'], $category, true);
}
// Приватность
// флаг показа только названий
$hide_except_title = !empty($ctype['options']['privacy_type']) && $ctype['options']['privacy_type'] == 'show_title';
// Сначала проверяем настройки типа контента
if (!empty($ctype['options']['privacy_type']) && in_array($ctype['options']['privacy_type'], array('show_title', 'show_all'), true)) {
$model->disablePrivacyFilter();
if ($ctype['options']['privacy_type'] != 'show_title') {
$hide_except_title = false;
}
}
// А потом, если разрешено правами доступа, отключаем фильтр приватности
if (cmsUser::isAllowed($ctype['name'], 'view_all')) {
$model->disablePrivacyFilter();
$hide_except_title = false;
}
// Скрываем записи из скрытых родителей (приватных групп и т.п.)
$model->filterHiddenParents();
list($ctype, $model) = cmsEventsManager::hook('content_list_filter', array($ctype, $model));
list($ctype, $model) = cmsEventsManager::hook("content_{$ctype['name']}_list_filter", array($ctype, $model));
$items = $model->limit($limit)->getContentItems($ctype['name']);
if (!$items) {
return false;
}
list($ctype, $items) = cmsEventsManager::hook("content_before_list", array($ctype, $items));
list($ctype, $items) = cmsEventsManager::hook("content_{$ctype['name']}_before_list", array($ctype, $items));
return array('ctype' => $ctype, 'teaser_len' => $teaser_len, 'hide_except_title' => $hide_except_title, 'delay' => $delay, 'image_field' => $image_field, 'big_image_field' => $big_image_field, 'big_image_preset' => $big_image_preset, 'teaser_field' => $teaser_fields, 'items' => $items);
}
public function run($group)
{
if (!cmsUser::isAllowed('groups', 'delete')) {
cmsCore::error404();
}
if (!cmsUser::isAllowed('groups', 'delete', 'all') && $group['owner_id'] != $this->cms_user->id) {
cmsCore::error404();
}
if ($this->request->has('submit')) {
// подтвержение получено
$csrf_token = $this->request->get('csrf_token', '');
$is_delete_content = $this->request->get('is_delete_content', 0);
if (!cmsForm::validateCSRFToken($csrf_token)) {
cmsCore::error404();
}
list($group, $is_delete_content) = cmsEventsManager::hook('group_before_delete', array($group, $is_delete_content));
$this->model->removeContentFromGroup($group['id'], $is_delete_content);
$this->model->deleteGroup($group);
cmsUser::addSessionMessage(sprintf(LANG_GROUPS_DELETED, $group['title']));
$this->redirectToAction('');
} else {
// спрашиваем подтверждение
return $this->cms_template->render('group_delete', array('user' => $this->cms_user, 'group' => $group));
}
}
public function parse($value)
{
if ($this->getOption('is_html_filter')) {
$value = cmsEventsManager::hook('html_filter', array('text' => $value, 'is_auto_br' => false, 'build_redirect_link' => (bool) $this->getOption('build_redirect_link')));
}
return $value;
}
public function run($id)
{
if (!$id) {
cmsCore::error404();
}
$content_model = cmsCore::getModel('content');
$ctype = $content_model->getContentType($id);
$ctype = cmsEventsManager::hook("ctype_before_delete", $ctype);
$content_model->deleteContentType($id);
cmsEventsManager::hook("ctype_after_delete", $ctype);
cmsCore::getModel('widgets')->deletePagesByName('content', "{$ctype['name']}.*");
$binded_widgets = $content_model->get('widgets_bind', function ($item, $model) {
$item['options'] = cmsModel::yamlToArray($item['options']);
return $item;
});
if ($binded_widgets) {
foreach ($binded_widgets as $widget) {
if (isset($widget['options']['ctype_id']) && $ctype['id'] == $widget['options']['ctype_id']) {
$content_model->delete('widgets_bind', $widget['id']);
}
}
}
cmsCore::getController('activity')->deleteType('content', "add.{$ctype['name']}");
$this->redirectToAction('ctypes');
}
public function run()
{
if (!$this->request->isAjax()) {
cmsCore::error404();
}
if (!cmsUser::isAllowed('comments', 'delete')) {
cmsCore::error404();
}
$comment = $this->model->getComment((int) $this->request->get('id'));
// Проверяем
if (!$comment) {
cmsTemplate::getInstance()->renderJSON($result = array('error' => true, 'message' => LANG_ERROR));
}
$user = cmsUser::getInstance();
if (!cmsUser::isAllowed('comments', 'delete', 'all') && !cmsUser::isAllowed('comments', 'delete', 'full_delete')) {
if (cmsUser::isAllowed('comments', 'delete', 'own') && $comment['user']['id'] != $user->id) {
cmsTemplate::getInstance()->renderJSON(array('error' => true, 'message' => LANG_ERROR));
}
}
// проверяем, есть ли дети комментария
$is_comment_child = $this->model->getItemByField('comments', 'parent_id', $comment['id']);
$this->model->deleteComment($comment['id'], !$is_comment_child && cmsUser::isAllowed('comments', 'delete', 'full_delete', true));
if (cmsUser::isAllowed('comments', 'delete', 'full_delete')) {
cmsEventsManager::hook('comments_after_delete', $comment['id']);
} else {
cmsEventsManager::hook('comments_after_hide', $comment['id']);
}
cmsTemplate::getInstance()->renderJSON(array('error' => false, 'message' => LANG_COMMENT_DELETED));
}
public function run($feed_id)
{
$feed = $this->model->getFeed($feed_id);
if (!$feed) {
cmsCore::error404();
}
$form = $this->getForm('feed');
// выясняем контроллер ленты
$controller = $feed['ctype_name'];
if ($this->model->isCtypeFeed($feed['ctype_name'])) {
$controller = 'content';
}
list($form, $feed) = cmsEventsManager::hook('rss_' . $controller . '_controller_form', array($form, $feed));
list($form, $feed) = cmsEventsManager::hook('rss_edit_form', array($form, $feed));
list($form, $feed) = cmsEventsManager::hook('rss_' . $feed['ctype_name'] . '_edit_form', array($form, $feed));
if ($this->request->has('submit')) {
$feed = array_merge($feed, $form->parse($this->request, true));
$errors = $form->validate($this, $feed);
if (!$errors) {
$this->model->updateFeed($feed_id, $feed);
cmsEventsManager::hook('rss_' . $controller . '_controller_after_update', $feed);
$this->redirectToAction();
}
if ($errors) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
}
return cmsTemplate::getInstance()->render('backend/edit', array('feed' => $feed, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
}
public function run($ctype_name)
{
$values = $this->request->get('value');
if (!$values || !$ctype_name) {
cmsCore::error404();
}
$content_model = cmsCore::getModel('content');
$ctype = $content_model->getContentTypeByName($ctype_name);
if (!$ctype) {
cmsCore::error404();
}
$rules = cmsPermissions::getRulesList('content');
list($ctype, $rules, $values) = cmsEventsManager::hook('content_perms', array($ctype, $rules, $values));
list($ctype, $rules, $values) = cmsEventsManager::hook("content_{$ctype['name']}_perms", array($ctype, $rules, $values));
$users_model = cmsCore::getModel('users');
$groups = $users_model->getGroups(false);
// перебираем правила
foreach ($rules as $rule) {
// если для этого правила вообще ничего нет,
// то присваиваем null
if (empty($values[$rule['id']])) {
$values[$rule['id']] = null;
continue;
}
// перебираем группы, заменяем на нуллы
// значения отсутствующих правил
foreach ($groups as $group) {
if (empty($values[$rule['id']][$group['id']])) {
$values[$rule['id']][$group['id']] = null;
}
}
}
cmsPermissions::savePermissions($ctype_name, $values);
$this->redirectBack();
}
public function actionLogout()
{
cmsEventsManager::hook('auth_logout', cmsUser::getInstance()->id);
cmsUser::logout();
$this->redirectToHome();
$this->halt();
}
public function run($ctype_name = false)
{
if (!$ctype_name) {
cmsCore::error404();
}
$feed = $this->model->getFeedByCtypeName($ctype_name);
if (!$feed || !$feed['is_enabled']) {
cmsCore::error404();
}
$category_id = $this->request->get('category', false);
$user_id = $this->request->get('user', false);
$content_model = cmsCore::getModel('content');
if ($category_id) {
$category = $content_model->getCategory($ctype_name, $category_id);
}
if ($user_id) {
$author = cmsCore::getModel('users')->getUser($user_id);
}
if (!empty($category)) {
$content_model->filterCategory($ctype_name, $category, true);
}
if (!empty($author)) {
$content_model->filterEqual('user_id', $user_id);
}
$content_model->orderBy('id', 'desc')->limit($feed['limit']);
$feed['items'] = $content_model->getContentItems($ctype_name);
$feed = cmsEventsManager::hook('before_render_' . $ctype_name . '_feed_list', $feed);
header('Content-type: application/rss+xml; charset=utf-8');
return cmsTemplate::getInstance()->renderPlain('feed', array('feed' => $feed, 'category' => isset($category) ? $category : false, 'author' => isset($author) ? $author : false));
}
public function parse($value)
{
if ($this->getOption('is_html_filter')) {
$value = cmsEventsManager::hook('html_filter', array('text' => $value, 'is_auto_br' => false));
}
return $value;
}
public function run($group)
{
if ($this->model->getMembership($group['id'], $this->cms_user->id)) {
$this->redirectToAction($group['id']);
}
$invite = $this->model->getInvite($group['id'], $this->cms_user->id);
if ($group['join_policy'] != groups::JOIN_POLICY_FREE && !$invite) {
cmsCore::error404();
}
$result = cmsEventsManager::hook('group_before_join', array('allow' => true, 'group' => $group, 'invite' => $invite));
if (!$result['allow']) {
if (isset($result['access_text'])) {
cmsUser::addSessionMessage($result['access_text'], 'error');
if (isset($result['redirect_url'])) {
$this->redirect($result['redirect_url']);
} else {
$this->redirectToAction($group['id']);
}
}
cmsCore::error404();
}
$group = $result['group'];
$invite = $result['invite'];
$this->model->addMembership($group['id'], $this->cms_user->id);
if ($invite) {
$this->model->deleteInvite($invite['id']);
}
cmsCore::getController('activity')->addEntry($this->name, 'join', array('subject_title' => $group['title'], 'subject_id' => $group['id'], 'subject_url' => href_to_rel($this->name, $group['id']), 'group_id' => $group['id']));
cmsUser::addSessionMessage(LANG_GROUPS_JOIN_MESSAGE, 'success');
$this->redirectToAction($group['id']);
}
public function run()
{
$form = $this->getForm('ctypes_basic', array('add'));
$form = cmsEventsManager::hook('ctype_basic_form', $form);
$is_submitted = $this->request->has('submit');
$ctype = $form->parse($this->request, $is_submitted);
if ($is_submitted) {
$errors = $form->validate($this, $ctype);
if (!$errors) {
if (cmsCore::isControllerExists($ctype['name'])) {
$errors['name'] = LANG_CP_CTYPE_ERROR_NAME;
}
}
if (!$errors) {
$content_model = cmsCore::getModel('content');
$ctype = cmsEventsManager::hook('ctype_before_add', $ctype);
$ctype = cmsEventsManager::hook("ctype_{$ctype['name']}_before_add", $ctype);
$ctype_id = $content_model->addContentType($ctype);
$ctype['id'] = $ctype_id;
cmsEventsManager::hook('ctype_after_add', $ctype);
cmsEventsManager::hook("ctype_{$ctype['name']}_after_add", $ctype);
if ($ctype_id) {
cmsCore::getController('content')->addWidgetsPages($ctype);
cmsUser::addSessionMessage(sprintf(LANG_CP_CTYPE_CREATED, $ctype['title']), 'success');
}
$this->redirectToAction('ctypes', array('labels', $ctype_id), array('wizard_mode' => true));
}
if ($errors) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
}
return $this->cms_template->render('ctypes_basic', array('do' => 'add', 'ctype' => $ctype, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
}
public function run()
{
if (cmsUser::isLogged()) {
$this->redirectToHome();
}
$email = $this->request->get('login_email');
$password = $this->request->get('login_password');
$remember = (bool) $this->request->get('remember');
$back_url = $this->request->has('back') ? $this->request->get('back') : false;
$is_site_offline = !cmsConfig::get('is_site_on');
if ($this->request->has('submit')) {
$is_captcha_valid = true;
if (cmsUser::sessionGet('is_auth_captcha') && $this->options['auth_captcha']) {
$is_captcha_valid = cmsEventsManager::hook('captcha_validate', $this->request);
}
if ($is_captcha_valid) {
cmsUser::sessionUnset('is_auth_captcha');
$logged_id = cmsUser::login($email, $password, $remember);
if ($logged_id) {
if ($is_site_offline) {
$userSession = cmsUser::sessionGet('user');
if (!$userSession['is_admin']) {
cmsUser::addSessionMessage(LANG_LOGIN_ADMIN_ONLY, 'error');
cmsUser::logout();
$this->redirectBack();
}
}
cmsEventsManager::hook('auth_login', $logged_id);
$is_back = $this->request->get('is_back');
if ($is_back) {
$this->redirectBack();
}
if ($back_url) {
$this->redirect($back_url);
} else {
$this->redirectToHome();
}
}
}
if ($this->options['auth_captcha'] && !$is_site_offline) {
cmsUser::sessionSet('is_auth_captcha', true);
}
if ($is_captcha_valid) {
cmsUser::addSessionMessage(LANG_LOGIN_ERROR, 'error');
if ($is_site_offline) {
$this->redirectBack();
}
} else {
cmsUser::addSessionMessage(LANG_CAPTCHA_ERROR, 'error');
}
}
if ($back_url) {
cmsUser::addSessionMessage(LANG_LOGIN_REQUIRED, 'error');
}
if (cmsUser::sessionGet('is_auth_captcha')) {
$captcha_html = cmsEventsManager::hook('captcha_html');
}
return cmsTemplate::getInstance()->render('login', array('back_url' => $back_url, 'captcha_html' => isset($captcha_html) ? $captcha_html : false));
}
public function parse($value)
{
if ($this->getOption('is_html_filter')) {
return cmsEventsManager::hook('html_filter', $value);
} else {
return nl2br(htmlspecialchars($value));
}
}
public function parse($value)
{
if ($this->getOption('is_html_filter')) {
return cmsEventsManager::hook('html_filter', array('text' => $value, 'is_auto_br' => true, 'build_redirect_link' => (bool) $this->getOption('build_redirect_link')));
} else {
return nl2br(htmlspecialchars($value));
}
}
public function getPhotosList($item_type_id = 0, $item_type = '')
{
cmsEventsManager::hook('photos_list_filter', $this->model);
$photos = $this->model->getPhotos($item_type_id, $item_type);
if (!$photos) {
return false;
}
return cmsEventsManager::hook('photos_before_list', $photos);
}
public function run()
{
if (!$this->request->isAjax()) {
cmsCore::error404();
}
// включено ли голосование от гостей?
if (empty($this->options['allow_guest_vote']) && !$this->cms_user->is_logged) {
return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_ERROR));
}
// Получаем параметры
$direction = $this->request->get('direction', '');
$target_controller = $this->request->get('controller', '');
$target_subject = $this->request->get('subject', '');
$target_id = $this->request->get('id', 0);
$is_valid = $this->validate_sysname($target_controller) === true && $this->validate_sysname($target_subject) === true && is_numeric($target_id) && in_array($direction, array('up', 'down'));
if (!$is_valid) {
return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_ERROR));
}
// Объединяем всю информацию о голосе
$vote = array('user_id' => $this->cms_user->id ? $this->cms_user->id : null, 'target_controller' => $target_controller, 'target_subject' => $target_subject, 'target_id' => $target_id, 'score' => $direction == 'up' ? 1 : -1, 'ip' => sprintf('%u', ip2long(cmsUser::getIp())));
$cookie_key = $target_subject . $target_id . $target_controller;
// Этот голос уже учитывался?
$is_voted = $this->model->isUserVoted($vote, $this->cms_user->is_logged);
if ($is_voted) {
// если куки нет, ставим
if (!empty($this->options['is_hidden']) && !cmsUser::getCookie($cookie_key)) {
cmsUser::setCookie($cookie_key, 1, 2628000);
// год
}
return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_RATING_VOTED));
}
$target_model = cmsCore::getModel($target_controller);
$target = $target_model->getRatingTarget($target_subject, $target_id);
if (!empty($target['user_id'])) {
if ($this->cms_user->is_logged) {
if ($target['user_id'] == $this->cms_user->id || !cmsUser::isAllowed($target_subject, 'rate')) {
return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_RATING_DISABLED));
}
}
}
// Добавляем голос в лог
$this->model->addVote($vote);
// Обновляем суммарный рейтинг цели
$rating = (int) $target['rating'] + $vote['score'];
$target_model->updateRating($target_subject, $target_id, $rating);
// Оповещаем всех об изменении рейтинга
cmsEventsManager::hook('rating_vote', array('subject' => $target_subject, 'id' => $target_id, 'target' => $target, 'vote' => $vote, 'rating' => $rating));
// Собираем результат
$result = array('success' => true, 'rating' => html_signed_num($rating), 'css_class' => html_signed_class($rating) . ($this->options['is_show'] ? ' clickable' : ''), 'message' => LANG_RATING_VOTED);
// запоминаем в куках
if (!empty($this->options['is_hidden'])) {
cmsUser::setCookie($cookie_key, 1, 2628000);
// год
}
return $this->cms_template->renderJSON($result);
}
public function run($group_id)
{
$content_model = cmsCore::getModel('content')->setTablePrefix('');
$ctype = $content_model->getContentTypeByName('users');
$fields = $content_model->getContentFields('users');
$fields[] = array('title' => LANG_RATING, 'name' => 'rating', 'handler' => new fieldNumber('rating'));
$fields[] = array('title' => LANG_KARMA, 'name' => 'karma', 'handler' => new fieldNumber('karma'));
$fields = cmsEventsManager::hook('admin_users_filter', $fields);
return cmsTemplate::getInstance()->render('users_filter', array('ctype' => $ctype, 'fields' => $fields));
}
public function run()
{
$ctype_id = $this->getOption('ctype_id');
$dataset_id = $this->getOption('dataset');
$cat_id = $this->getOption('category_id');
$image_field = $this->getOption('image_field');
$teaser_field = $this->getOption('teaser_field');
$is_show_details = $this->getOption('show_details');
$style = $this->getOption('style', 'basic');
$limit = $this->getOption('limit', 10);
$model = cmsCore::getModel('content');
$ctype = $model->getContentType($ctype_id);
if (!$ctype) {
return false;
}
if ($cat_id) {
$category = $model->getCategory($ctype['name'], $cat_id);
} else {
$category = false;
}
if ($dataset_id) {
$dataset = $model->getContentDataset($dataset_id);
if ($dataset) {
$model->applyDatasetFilters($dataset);
} else {
$dataset_id = false;
}
}
if ($category) {
$model->filterCategory($ctype['name'], $category, true);
$model->groupBy('i.id');
}
if (!$dataset_id) {
$model->orderBy('date_pub', 'desc');
}
// Отключаем фильтр приватности для тех кому это разрешено
if (cmsUser::isAllowed($ctype['name'], 'view_all')) {
$model->disablePrivacyFilter();
}
// Скрываем записи из скрытых родителей (приватных групп и т.п.)
$model->filterHiddenParents();
list($ctype, $model) = cmsEventsManager::hook("content_list_filter", array($ctype, $model));
list($ctype, $model) = cmsEventsManager::hook("content_{$ctype['name']}_list_filter", array($ctype, $model));
$items = $model->limit($limit)->getContentItems($ctype['name']);
if (!$items) {
return false;
}
if ($style) {
$this->setTemplate('list_' . $style);
} else {
$this->setTemplate($this->tpl_body);
}
return array('ctype' => $ctype, 'image_field' => $image_field, 'teaser_field' => $teaser_field, 'is_show_details' => $is_show_details, 'style' => $style, 'items' => $items);
}
public function run($group)
{
$is_member = $this->model->getMembership($group['id'], $this->cms_user->id);
$is_owner = $group['owner_id'] == $this->cms_user->id;
if ($is_member && !$is_owner) {
$group = cmsEventsManager::hook('group_before_leave', $group);
$this->model->deleteMembership($group['id'], $this->cms_user->id);
cmsCore::getController('activity')->addEntry($this->name, 'leave', array('subject_title' => $group['title'], 'subject_id' => $group['id'], 'subject_url' => href_to_rel($this->name, $group['id']), 'group_id' => $group['id']));
}
cmsUser::addSessionMessage(LANG_GROUPS_LEAVE_MESSAGE, 'info');
$this->redirectToAction($group['id']);
}
public function run()
{
// Получаем название типа контента и сам тип
$ctype_name = $this->request->get('ctype_name');
$ctype = $this->model->getContentTypeByName($ctype_name);
if (!$ctype) {
cmsCore::error404();
}
$id = $this->request->get('id');
if (!$id) {
cmsCore::error404();
}
$item = $this->model->getContentItem($ctype_name, $id);
if (!$item) {
cmsCore::error404();
}
// проверяем наличие доступа
$user = cmsUser::getInstance();
if (!cmsUser::isAllowed($ctype['name'], 'delete')) {
cmsCore::error404();
}
if (!cmsUser::isAllowed($ctype['name'], 'delete', 'all') && $item['user_id'] != $user->id) {
cmsCore::error404();
}
$is_moderator = $user->is_admin || $this->model->userIsContentTypeModerator($ctype_name, $user->id);
if (!$item['is_approved'] && !$is_moderator) {
cmsCore::error404();
}
$back_action = '';
if ($ctype['is_cats'] && $item['category_id']) {
$category = $this->model->getCategory($ctype_name, $item['category_id']);
$back_action = $category['slug'];
}
cmsEventsManager::hook("content_before_delete", array('ctype_name' => $ctype_name, 'item' => $item));
cmsEventsManager::hook("content_{$ctype['name']}_before_delete", $item);
$this->model->deleteContentItem($ctype_name, $id);
if (!$item['is_approved']) {
$this->notifyAuthor($ctype_name, $item);
}
cmsEventsManager::hook("content_after_delete", array('ctype_name' => $ctype_name, 'item' => $item));
cmsEventsManager::hook("content_{$ctype['name']}_after_delete", $item);
$back_url = $this->request->get('back');
if ($back_url) {
$this->redirect($back_url);
} else {
if ($ctype['options']['list_on']) {
$this->redirectTo($ctype_name, $back_action);
} else {
$this->redirectToHome();
}
}
}
public function run($ctype_id)
{
if (!$ctype_id) {
cmsCore::error404();
}
$content_model = cmsCore::getModel('content');
$ctype = $content_model->getContentType($ctype_id);
if (!$ctype) {
cmsCore::error404();
}
$form = $this->getForm('ctypes_field', array('add', $ctype['name']));
$form = cmsEventsManager::hook('ctype_field_form', $form);
list($form, $ctype) = cmsEventsManager::hook($ctype['name'] . '_ctype_field_form', array($form, $ctype));
$field = array('ctype_id' => $ctype['id']);
if ($this->request->has('submit')) {
// добавляем поля настроек типа поля в общую форму
// чтобы они были обработаны парсером и валидатором
// вместе с остальными полями
$field_type = $this->request->get('type');
$field_class = "field" . string_to_camel('_', $field_type);
$field_object = new $field_class(null, null);
$field_options = $field_object->getOptions();
foreach ($field_options as $option_field) {
$option_field->setName("options:{$option_field->name}");
$form->addField('type', $option_field);
}
$field = $form->parse($this->request, true);
$errors = $form->validate($this, $field);
$field['ctype_id'] = $ctype['id'];
if (!$errors) {
// если не выбрана группа, обнуляем поле группы
if (!$field['fieldset']) {
$field['fieldset'] = null;
}
// если создается новая группа, то выбираем ее
if ($field['new_fieldset']) {
$field['fieldset'] = $field['new_fieldset'];
}
unset($field['new_fieldset']);
// сохраняем поле
$field_id = $content_model->addContentField($ctype['name'], $field);
if ($field_id) {
cmsUser::addSessionMessage(sprintf(LANG_CP_FIELD_CREATED, $field['title']), 'success');
}
$this->redirectToAction('ctypes', array('fields', $ctype['id']));
}
if ($errors) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
}
return $this->cms_template->render('ctypes_field', array('do' => 'add', 'ctype' => $ctype, 'field' => $field, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
}
public function run($controller_name)
{
if (!$controller_name) {
cmsCore::error404();
}
$controller_info = $this->model->getControllerInfo($controller_name);
if (!$controller_info) {
// если компонент имеет несколько контроллеров и один из них использует опции другого
$controller_info = cmsEventsManager::hook("admin_{$controller_name}_controller_info", false);
if (!$controller_info) {
cmsCore::error404();
}
}
cmsCore::loadControllerLanguage($controller_info['name']);
$controller_title = string_lang($controller_info['name'] . '_CONTROLLER', $controller_info['title']);
if (!$controller_info['is_backend']) {
return $this->cms_template->render('controllers_edit', array('is_backend' => false, 'ctype' => false, 'controller_name' => $controller_info['name'], 'controller_title' => $controller_title));
}
//
// Загружаем бакенд выбранного контроллера
//
$backend_context = $this->request->isAjax() ? cmsRequest::CTX_AJAX : cmsRequest::CTX_INTERNAL;
$backend_request = new cmsRequest($this->request->getData(), $backend_context);
$backend_controller = $this->loadControllerBackend($controller_info['name'], $backend_request);
// Определяем текущий экшен бакенда
$action_name = sizeof($this->params) > 1 ? $this->params[1] : 'index';
//
// Удаляем из массива параметров название контроллера и экшен
//
if (sizeof($this->params) <= 2) {
$params = array();
} else {
$params = $this->params;
unset($params[0]);
unset($params[1]);
}
// Если запрос пришел по AJAX, то выполняем экшен бакенда сразу же
// иначе он будет выполнен позже, в шаблоне, чтобы тулбары и pathwey бакенда
// вывелись позже, чем админки
if ($this->request->isAjax()) {
$backend_controller->runAction($action_name, $params);
$this->halt();
}
// Подключаем CSS бакенда если он есть
$css_file = $this->cms_template->getStylesFileName($controller_info['name'], 'backend');
if ($css_file) {
$this->cms_template->addCSS($css_file);
}
$this->cms_template->setMenuItems('backend', $backend_controller->getBackendMenu());
return $this->cms_template->render('controllers_edit', array('is_backend' => true, 'ctype' => cmsCore::getModel('content')->getContentTypeByName($backend_controller->maintained_ctype ? $backend_controller->maintained_ctype : $controller_name), 'controller_name' => $controller_info['name'], 'controller_title' => $controller_title, 'params' => $params, 'action_name' => $action_name, 'backend_controller' => $backend_controller));
}
public function run($id = false)
{
if (!$id) {
cmsCore::error404();
}
$users_model = cmsCore::getModel('users');
$user = $users_model->getUser($id);
$user = cmsEventsManager::hook('user_delete', $user);
if ($user !== false) {
$users_model->deleteUser($user);
cmsUser::addSessionMessage(sprintf(LANG_CP_USER_DELETED, $user['nickname']), 'success');
}
$this->redirectBack();
}