/** * CRUD controller: UPDATE */ public function action_update() { $id_role = $this->request->param('id'); //we do not allow modify the admin if ($id_role == Model_Role::ROLE_ADMIN) { Alert::set(Alert::WARNING, __('Admin Role can not be modified!')); $this->redirect(Route::url('oc-panel', array('controller' => 'role'))); } $this->template->title = __('Update') . ' ' . __($this->_orm_model) . ' ' . $id_role; $role = new Model_Role($id_role); if ($this->request->post() and $role->loaded()) { //delete all the access DB::delete('access')->where('id_role', '=', $role->id_role)->execute(); //set all the access where post = on foreach ($_POST as $key => $value) { if ($value == 'on') { DB::insert('access', array('id_role', 'access'))->values(array($role->id_role, str_replace('|', '.', $key)))->execute(); } } //saving the role params $role->name = core::post('name'); $role->description = core::post('description'); $role->save(); Alert::set(Alert::SUCCESS, __('Item updated')); $this->redirect(Route::get($this->_route_name)->uri(array('controller' => Request::current()->controller()))); } //getting controllers actions $controllers = Model_Access::list_controllers(); //get all the access this user has $query = DB::select('access')->from('access')->where('id_role', '=', $id_role)->execute(); $access_in_use = array_keys($query->as_array('access')); // d(in_array('access_index',$access_in_use)); //d($access_in_use); return $this->render('oc-panel/pages/role/update', array('role' => $role, 'controllers' => $controllers, 'access_in_use' => $access_in_use)); }
/** * check if its valid or not * @param string $name for the session * @return boolean */ public static function check($name = '', $ajax = FALSE) { //d(strtolower(core::post('captcha'))); //d(Session::instance()->get('captcha_'.$name)); //d(Session::instance()->get('captcha_'.$name) == strtolower(core::post('captcha'))); if (core::config('advertisement.captcha') == FALSE) { // Captchas are disabled return TRUE; } // verify with recaptcha if enabled if (Core::config('general.recaptcha_active')) { if (self::recaptcha_verify()) { return TRUE; } else { return FALSE; } } if (Session::instance()->get('captcha_' . $name) == strtolower(core::post('captcha'))) { if ($ajax === FALSE) { Session::instance()->set('captcha_' . $name, ''); } return TRUE; } else { return FALSE; } }
/** * Update new forum */ public function action_update() { Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Edit Topic'))); $topic = new Model_Topic($this->request->param('id')); $get_all = Model_Forum::get_all(); //get all forums to build forum parents in select $forum_parents = array(); foreach ($get_all[0] as $parent) { $forum_parents[$parent['id']] = $parent['name']; } $this->template->content = View::factory('oc-panel/pages/forum/topic', array('topic' => $topic, 'forum_parents' => $forum_parents)); if ($_POST) { $topic->title = core::post('title'); $topic->id_forum = core::post('id_forum'); $topic->description = core::post('description'); if (core::post('seotitle') != $topic->seotitle) { $topic->seotitle = $topic->gen_seotitle(core::post('seotitle')); } if (core::post('status') == 'on') { $topic->status = 1; } else { $topic->status = 0; } try { $topic->save(); Alert::set(Alert::SUCCESS, __('Topic is updated.')); } catch (Exception $e) { Alert::set(Alert::ERROR, $e->getMessage()); } HTTP::redirect(Route::url('oc-panel', array('controller' => 'topic', 'action' => 'index'))); } }
public function action_index() { //template header $this->template->title = __('Contact Us'); $this->template->meta_description = __('Contact') . ' ' . core::config('general.site_name'); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Home'))->set_url(Route::url('default'))); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Contact Us'))); if ($this->request->post()) { //captcha check if (captcha::check('contact')) { //check if user is loged in if (Auth::instance()->logged_in()) { $email_from = Auth::instance()->get_user()->email; $name_from = Auth::instance()->get_user()->name; } else { $email_from = core::post('email'); $name_from = core::post('name'); } //akismet spam filter if (!core::akismet($name_from, $email_from, core::post('message'))) { $replace = array('[EMAIL.BODY]' => core::post('message'), '[EMAIL.SENDER]' => $name_from, '[EMAIL.FROM]' => $email_from); if (Email::content(core::config('email.notify_email'), core::config('general.site_name'), $email_from, $name_from, 'contact-admin', $replace)) { Alert::set(Alert::SUCCESS, __('Your message has been sent')); } else { Alert::set(Alert::ERROR, __('Message not sent')); } } else { Alert::set(Alert::WARNING, __('This email has been considered as spam! We are sorry but we can not send this email.')); } } else { Alert::set(Alert::ERROR, __('Wrong captcha')); } } $this->template->content = View::factory('pages/contact'); }
public function action_edit() { $this->template->scripts['footer'] = array('js/oc-panel/edit_profile.js'); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Edit profile'))); // $this->template->title = $user->name; //$this->template->meta_description = $user->name;//@todo phpseo $user = Auth::instance()->get_user(); $this->template->bind('content', $content); $this->template->content = View::factory('oc-panel/profile/edit', array('user' => $user, 'custom_fields' => Model_UserField::get_all())); if ($this->request->post()) { $user->name = core::post('name'); $user->description = core::post('description'); $user->email = core::post('email'); $user->subscriber = core::post('subscriber', 0); //$user->seoname = $user->gen_seo_title(core::post('name')); $user->last_modified = Date::unix2mysql(); //modify custom fields foreach ($this->request->post() as $custom_field => $value) { if (strpos($custom_field, 'cf_') !== FALSE) { $user->{$custom_field} = $value; } } try { $user->save(); Alert::set(Alert::SUCCESS, __('You have successfully changed your data')); } catch (Exception $e) { //throw 500 throw HTTP_Exception::factory(500, $e->getMessage()); } $this->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'edit'))); } }
/** * check if its valid or not * @param string $name for the session * @return boolean */ public static function check($name = '') { if (Session::instance()->get('captcha_' . $name) == strtolower(core::post('captcha'))) { Session::instance()->set('captcha_' . $name, ''); return TRUE; } else { return FALSE; } }
public function action_message() { Controller::$full_width = TRUE; if ($this->request->param('id') !== NULL and is_numeric($id_msg_thread = $this->request->param('id'))) { $messages = Model_Message::get_thread($id_msg_thread, $this->user->id_user); if ($messages !== FALSE) { $msg_thread = new Model_Message(); $msg_thread = $msg_thread->where('id_message', '=', $this->request->param('id'))->find(); // send reply message if ($this->request->post() and Form::token('reply_message', TRUE)) { $validation = Validation::factory($this->request->post())->rule('message', 'not_empty'); if ($validation->check()) { $ret = Model_Message::reply(core::post('message'), $this->user->id_user, $id_msg_thread, NULL); if ($ret !== FALSE) { //who is who? if from is the same then send to TO, else to from if ($msg_thread->id_user_from == $this->user->id_user) { $user_to = $msg_thread->to; $user_from = $msg_thread->from; } else { $user_to = $msg_thread->from; $user_from = $msg_thread->to; } //email title if ($msg_thread->id_ad !== NULL) { $email_title = $msg_thread->ad->title; } else { $email_title = sprintf(__('Direct message from %s'), $user_from->name); } $user_to->email('messaging-reply', array('[TITLE]' => $email_title, '[DESCRIPTION]' => core::post('message'), '[URL.QL]' => $user_to->ql('oc-panel', array('controller' => 'messages', 'action' => 'message', 'id' => $this->request->param('id'))))); Alert::set(Alert::SUCCESS, __('Reply created.')); $this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'message', 'id' => Request::current()->param('id')))); } else { Alert::set(Alert::ERROR, __('Message not sent')); } } else { $errors = $validation->errors('message'); } } Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Messaging'))->set_url(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index')))); if ($msg_thread->id_ad !== NULL) { Breadcrumbs::add(Breadcrumb::factory()->set_title($msg_thread->ad->title)); } else { Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Direct Message'))); } $this->template->styles = array('css/jquery.sceditor.default.theme.min.css' => 'screen'); $this->template->scripts['footer'] = array('js/jquery.sceditor.bbcode.min.js', 'js/messages.js'); $this->template->content = View::factory('oc-panel/pages/messages/message', array('msg_thread' => $msg_thread, 'messages' => $messages, 'user' => $this->user)); } else { Alert::set(Alert::ERROR, __('Message not found')); $this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index'))); } } else { Alert::set(Alert::ERROR, __('Message not found')); $this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index'))); } }
public function action_index() { Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Newsletter'))); $this->template->title = __('Newsletter'); //count all users $user = new Model_User(); $user->where('status', '=', Model_User::STATUS_ACTIVE); $count_all_users = $user->count_all(); //count support expired $query = DB::select(DB::expr('COUNT(id_order) count'))->from('orders')->where('status', '=', Model_Order::STATUS_PAID)->where('support_date', '<', Date::unix2mysql())->execute(); $count_support_expired = $query->as_array(); $count_support_expired = $count_support_expired[0]['count']; //count license expired $query = DB::select(DB::expr('COUNT(id_license) count'))->from('licenses')->where('valid_date', 'IS NOT', NULL)->where('valid_date', '<', Date::unix2mysql())->execute(); $count_license_expired = $query->as_array(); $count_license_expired = $count_license_expired[0]['count']; //orders per product, not accuarate since 1 user could buy more than 1 product but will do $query = DB::select(DB::expr('COUNT(id_order) count'))->select('p.title')->select('p.id_product')->from(array('products', 'p'))->join(array('orders', 'o'))->using('id_product')->where('o.status', '=', Model_Order::STATUS_PAID)->group_by('p.id_product')->execute(); $products = $query->as_array(); //post done sending newsletter if ($this->request->post() and Core::post('subject') != NULL) { $users = array(); if (core::post('send_all') == 'on') { $query = DB::select('email')->select('name')->from('users')->where('status', '=', Model_User::STATUS_ACTIVE)->execute(); $users = array_merge($users, $query->as_array()); } if (Theme::get('premium') == 1) { if (core::post('send_expired_support') == 'on') { $query = DB::select('email')->select('name')->from(array('users', 'u'))->join(array('orders', 'o'))->using('id_user')->where('o.status', '=', Model_Order::STATUS_PAID)->where('o.support_date', '<', Date::unix2mysql())->where('u.subscriber', '=', 1)->group_by('u.id_user')->execute(); $users = array_merge($users, $query->as_array()); } if (core::post('send_expired_license') == 'on') { $query = DB::select('email')->select('name')->from(array('licenses', 'l'))->join(array('users', 'u'))->using('id_user')->where('l.valid_date', 'IS NOT', NULL)->where('l.valid_date', '<', Date::unix2mysql())->where('u.subscriber', '=', 1)->group_by('u.id_user')->execute(); $users = array_merge($users, $query->as_array()); } if (is_numeric(core::post('send_product'))) { $query = DB::select('email')->select('name')->from(array('users', 'u'))->join(array('orders', 'o'))->using('id_user')->where('o.id_product', '=', core::post('send_product'))->where('o.status', '=', Model_Order::STATUS_PAID)->where('u.subscriber', '=', 1)->group_by('u.id_user')->execute(); $users = array_merge($users, $query->as_array()); } } //NOTE $users may have duplicated emails, but phpmailer takes care of not sending the email 2 times to same recipient //sending! if (count($users) > 0) { if (!Email::send($users, '', Core::post('subject'), Kohana::$_POST_ORIG['description'], Core::post('from'), Core::post('from_email'))) { Alert::set(Alert::ERROR, __('Error on mail delivery, not sent')); } else { Alert::set(Alert::SUCCESS, __('Email sent')); } } else { Alert::set(Alert::ERROR, __('Mail not sent')); } } $this->template->content = View::factory('oc-panel/pages/newsletter', array('count_all_users' => $count_all_users, 'count_support_expired' => $count_support_expired, 'count_license_expired' => $count_license_expired, 'products' => $products)); }
/** * check if its valid or not * @param string $name for the session * @return boolean */ public static function check($name = '') { //d(strtolower(core::post('captcha'))); //d(Session::instance()->get('captcha_'.$name)); //d(Session::instance()->get('captcha_'.$name) == strtolower(core::post('captcha'))); if (core::config('advertisement.captcha') == FALSE) { // Captchas are disabled return TRUE; } if (Session::instance()->get('captcha_' . $name) == strtolower(core::post('captcha'))) { Session::instance()->set('captcha_' . $name, ''); return TRUE; } else { return FALSE; } }
/** * action_save * @return save widget (make active) */ public function action_save() { // save only changed values if ($this->request->post()) { //deleting the fragment cache...a bit ugly but works. View::delete_fragment('sidebar_front'); View::delete_fragment('footer_front'); //get place holder name $placeholder = core::post('placeholder'); //get widget class $widget = core::post('widget_class'); //widget name $widget_name = core::post('widget_name'); //$data = array(); //extract all the data and prepare array foreach ($this->request->post() as $name => $value) { if ($name != 'placeholder' and $name != 'widget_class' and $name != 'widget_name') { $data[$name] = $value; } } $old_placeholder = NULL; $widget = new $widget(); //the widget exists, we load it since we need the previous placeholder if ($widget_name != NULL) { $widget->load($widget_name); $old_placeholder = $widget->placeholder; } $widget->placeholder = $placeholder; $widget->data = $data; try { $widget->save($old_placeholder); //clean cache config $c = new ConfigDB(); $c->reload_config(); if ($widget_name != NULL) { Alert::set(Alert::SUCCESS, sprintf(__('Widget %s saved in %s'), $widget_name, $placeholder)); } else { Alert::set(Alert::SUCCESS, sprintf(__('Widget created in %s'), $placeholder)); } } catch (Exception $e) { //throw 500 throw HTTP_Exception::factory(500, $e->getMessage()); } $this->redirect(Route::url('oc-panel', array('controller' => 'widget', 'action' => 'index'))); } }
public function action_message() { Controller::$full_width = TRUE; if ($this->request->param('id') !== NULL and is_numeric($id_msg_thread = $this->request->param('id'))) { $messages = Model_Message::get_thread($id_msg_thread, $this->user); if ($messages !== FALSE) { $msg_thread = new Model_Message(); $msg_thread = $msg_thread->where('id_message', '=', $id_msg_thread)->where('id_message_parent', '=', $id_msg_thread)->find(); // send reply message if ($this->request->post() and Form::token('reply_message', TRUE)) { $validation = Validation::factory($this->request->post())->rule('message', 'not_empty'); if ($validation->check()) { $ret = Model_Message::reply(core::post('message'), $this->user, $id_msg_thread, NULL); if ($ret !== FALSE) { Alert::set(Alert::SUCCESS, __('Reply created.')); $this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'message', 'id' => Request::current()->param('id')))); } else { Alert::set(Alert::ERROR, __('Message not sent')); } } else { $errors = $validation->errors('message'); } } Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Messaging'))->set_url(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index')))); if ($msg_thread->id_ad !== NULL) { Breadcrumbs::add(Breadcrumb::factory()->set_title($msg_thread->ad->title)); } else { Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Direct Message'))); } $this->template->styles = array('css/jquery.sceditor.default.theme.min.css' => 'screen', '//cdn.jsdelivr.net/sweetalert/0.1.2/sweet-alert.min.css' => 'screen'); $this->template->scripts['footer'] = array('js/jquery.sceditor.bbcode.min.js', '//cdn.jsdelivr.net/sweetalert/0.1.2/sweet-alert.min.js', 'js/messages.js'); $this->template->content = View::factory('oc-panel/pages/messages/message', array('msg_thread' => $msg_thread, 'messages' => $messages, 'user' => $this->user)); } else { Alert::set(Alert::ERROR, __('Message not found')); $this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index'))); } } else { Alert::set(Alert::ERROR, __('Message not found')); $this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index'))); } }
/** * simple registration without password * @return [type] [description] */ public function action_register() { $provider_name = $this->request->param('id'); $this->template->content = View::factory('pages/auth/register-social', array('provider' => $provider_name, 'uid' => core::get('uid'), 'name' => core::get('name'))); if (core::post('email') and CSRF::valid('register_social')) { $email = core::post('email'); if (Valid::email($email, TRUE)) { //register the user in DB Model_User::create_social($email, core::post('name'), $provider_name, core::get('uid')); //log him in Auth::instance()->social_login($provider_name, core::get('uid')); Alert::set(Alert::SUCCESS, __('Welcome!')); //change the redirect $this->redirect(Route::url('default')); } else { Form::set_errors(array(__('Invalid Email'))); } } //template header $this->template->title = __('Register new user'); }
/** * theme options/settings * @return [view] Renders view with form inputs */ public function action_options() { $options = NULL; $data = NULL; //this is how we manage the mobile options, or if we want to set other theme options without enableing it. ;) if ($this->request->param('id')) { $options = Theme::get_options($this->request->param('id')); $data = Theme::load($this->request->param('id')); } if ($options === NULL) { $options = Theme::$options; } if ($data === NULL) { $data = Theme::$data; } // validation active //$this->template->scripts['footer'][]= '/js/oc-panel/settings.js'; Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Theme Options'))); $this->template->title = __('Theme Options'); // save only changed values if ($this->request->post()) { //for each option read the post and store it foreach ($_POST as $key => $value) { if (isset($options[$key])) { //if textarea allow HTML if ($options[$key]['display'] == 'textarea') { $data[$key] = Kohana::$_POST_ORIG[$key]; } else { $data[$key] = core::post($key); } } } Theme::save($this->request->param('id'), $data); Alert::set(Alert::SUCCESS, __('Theme configuration updated')); $this->request->redirect(Route::url('oc-panel', array('controller' => 'theme', 'action' => 'options', 'id' => $this->request->param('id')))); } $this->template->content = View::factory('oc-panel/pages/themes/options', array('options' => $options, 'data' => $data)); }
public function action_userprofile_contact() { $user = new Model_User($this->request->param('id')); //message to user if ($user->loaded() and $this->request->post()) { if (captcha::check('contact')) { //akismet spam filter if (!core::akismet(core::post('name'), core::post('email'), core::post('message'))) { $ret = $user->email('userprofile.contact', array('[EMAIL.BODY]' => core::post('message'), '[EMAIL.SENDER]' => core::post('name'), '[EMAIL.SUBJECT]' => core::post('subject'), '[EMAIL.FROM]' => core::post('email')), core::post('email'), core::post('name')); //if succesfully sent if ($ret) { Alert::set(Alert::SUCCESS, __('Your message has been sent')); } else { Alert::set(Alert::ERROR, __('Message not sent')); } } else { Alert::set(Alert::SUCCESS, __('This email has been considered as spam! We are sorry but we can not send this email.')); } } else { Alert::set(Alert::ERROR, __('You made some mistake')); } Request::current()->redirect(Route::url('profile', array('seoname' => $user->seoname))); } }
echo Form::errors(); ?> <div class="form-group"> <div id="review_raty" data-baseurl="<?php echo Route::url('default'); ?> "></div> </div> <div class="form-group"> <?php echo FORM::label('description', __('Review'), array('for' => 'description')); ?> <div class="controls"> <?php echo FORM::textarea('description', core::post('description', ''), array('placeholder' => __('Review'), 'class' => 'form-control', 'name' => 'description', 'id' => 'description', 'required')); ?> </div> </div> <?php if (core::config('advertisement.captcha') != FALSE) { ?> <div class="form-group"> <?php if (Core::config('general.recaptcha_active')) { ?> <?php echo Captcha::recaptcha_display(); ?>
public function action_edit() { $this->template->scripts['footer'] = array('js/oc-panel/edit_profile.js'); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Edit profile'))); // $this->template->title = $user->name; //$this->template->meta_description = $user->name;//@todo phpseo $user = Auth::instance()->get_user(); $this->template->bind('content', $content); $this->template->content = View::factory('oc-panel/profile/edit', array('user' => $user, 'custom_fields' => Model_UserField::get_all())); if ($this->request->post()) { //change elastic email status, he was subscribed but not anymore if (Core::config('email.elastic_listname') != '' and $user->subscriber == 1 and core::post('subscriber', 0) == 0) { ElasticEmail::unsubscribe(Core::config('email.elastic_listname'), $user->email); } elseif (Core::config('email.elastic_listname') != '' and $user->subscriber == 0 and core::post('subscriber', 0) == 1) { ElasticEmail::subscribe(Core::config('email.elastic_listname'), $user->email, $user->name); } $user->name = core::post('name'); $user->description = core::post('description'); $user->email = core::post('email'); $user->subscriber = core::post('subscriber', 0); //$user->seoname = $user->gen_seo_title(core::post('name')); $user->last_modified = Date::unix2mysql(); //modify custom fields foreach ($this->request->post() as $custom_field => $value) { if (strpos($custom_field, 'cf_') !== FALSE) { $user->{$custom_field} = $value; } } if (core::post('cf_vatnumber') and core::post('cf_vatcountry')) { if (!euvat::verify_vies(core::post('cf_vatnumber'), core::post('cf_vatcountry'))) { Alert::set(Alert::ERROR, __('Invalid EU Vat Number, please verify number and country match')); $this->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'edit'))); } } try { $user->save(); Alert::set(Alert::SUCCESS, __('You have successfully changed your data')); } catch (Exception $e) { //throw 500 throw HTTP_Exception::factory(500, $e->getMessage()); } $this->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'edit'))); } }
public function action_update() { //template header $this->template->title = __('Edit Product'); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Edit Product'))); $this->template->styles = array('css/sortable.css' => 'screen', '//cdn.jsdelivr.net/bootstrap.datepicker/0.1/css/datepicker.css' => 'screen', '//cdn.jsdelivr.net/jquery.fileupload/9.5.2/css/jquery.fileupload.css' => 'screen', 'css/jasny-bootstrap.min.css' => 'screen'); $this->template->scripts['footer'] = array('//cdn.jsdelivr.net/bootstrap.datepicker/0.1/js/bootstrap-datepicker.js', 'js/jasny-bootstrap.min.js', 'js/oc-panel/products.js', 'js/jquery-sortable-min.js', '//cdn.jsdelivr.net/jquery.fileupload/9.5.2/js/vendor/jquery.ui.widget.js', '//cdn.jsdelivr.net/jquery.fileupload/9.5.2/js/jquery.iframe-transport.js', '//cdn.jsdelivr.net/jquery.fileupload/9.5.2/js/jquery.fileupload.js'); $cats = Model_Category::get_as_array(); $order = Model_Category::get_multidimensional(); $obj_product = new Model_Product($this->request->param('id')); if ($obj_product->loaded()) { // get currencies from product, returns array $currency = $obj_product::get_currency(); $this->template->content = View::factory('oc-panel/pages/products/update', array('product' => $obj_product, 'categories' => $cats, 'order_categories' => $order, 'currency' => $currency)); if ($product = $this->request->post()) { // save product file if (isset($_FILES['file_name'])) { if ($file = $_FILES['file_name']) { $file = $obj_product->save_product($file); if ($file != FALSE) { $obj_product->file_name = $file; } else { Alert::set(Alert::INFO, __('Product is not uploaded.')); } } } // deleting single image by path $deleted_image = core::post('img_delete'); if (is_numeric($deleted_image)) { $img_path = $obj_product->gen_img_path($obj_product->id_product, $obj_product->created); $img_seoname = $obj_product->seotitle; // delete image from Amazon S3 if (core::config('image.aws_s3_active')) { require_once Kohana::find_file('vendor', 'amazon-s3-php-class/S3', 'php'); $s3 = new S3(core::config('image.aws_access_key'), core::config('image.aws_secret_key')); //delete original image $s3->deleteObject(core::config('image.aws_s3_bucket'), $img_path . $img_seoname . '_' . $deleted_image . '.jpg'); //delete formated image $s3->deleteObject(core::config('image.aws_s3_bucket'), $img_path . 'thumb_' . $img_seoname . '_' . $deleted_image . '.jpg'); //re-ordering image file names for ($i = $deleted_image; $i < $obj_product->has_images; $i++) { //rename original image $s3->copyObject(core::config('image.aws_s3_bucket'), $img_path . $img_seoname . '_' . ($i + 1) . '.jpg', core::config('image.aws_s3_bucket'), $img_path . $img_seoname . '_' . $i . '.jpg', S3::ACL_PUBLIC_READ); $s3->deleteObject(core::config('image.aws_s3_bucket'), $img_path . $img_seoname . '_' . ($i + 1) . '.jpg'); //rename formated image $s3->copyObject(core::config('image.aws_s3_bucket'), $img_path . 'thumb_' . $img_seoname . '_' . ($i + 1) . '.jpg', core::config('image.aws_s3_bucket'), $img_path . 'thumb_' . $img_seoname . '_' . $i . '.jpg', S3::ACL_PUBLIC_READ); $s3->deleteObject(core::config('image.aws_s3_bucket'), $img_path . 'thumb_' . $img_seoname . '_' . ($i + 1) . '.jpg'); } } if (!is_dir($img_path)) { return FALSE; } else { //delete original image @unlink($img_path . $img_seoname . '_' . $deleted_image . '.jpg'); //delete formated image @unlink($img_path . 'thumb_' . $img_seoname . '_' . $deleted_image . '.jpg'); //re-ordering image file names for ($i = $deleted_image; $i < $obj_product->has_images; $i++) { rename($img_path . $img_seoname . '_' . ($i + 1) . '.jpg', $img_path . $img_seoname . '_' . $i . '.jpg'); rename($img_path . 'thumb_' . $img_seoname . '_' . ($i + 1) . '.jpg', $img_path . 'thumb_' . $img_seoname . '_' . $i . '.jpg'); } } $obj_product->has_images = $obj_product->has_images > 0 ? $obj_product->has_images - 1 : 0; $obj_product->updated = Date::unix2mysql(); try { $obj_product->save(); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } $this->redirect(Route::url('oc-panel', array('controller' => 'product', 'action' => 'update', 'id' => $obj_product->id_product))); } // end of img delete //delete product file $product_delete = core::post('product_delete'); if ($product_delete) { $p_path = $obj_product->get_file($obj_product->file_name); if (!is_file($p_path)) { return FALSE; } else { @chmod($p_path, 0755); //delete product unlink($p_path); $obj_product->file_name = ''; $obj_product->save(); $this->redirect(Route::url('oc-panel', array('controller' => 'product', 'action' => 'update', 'id' => $obj_product->id_product))); } } $product['status'] = (!isset($_POST['status']) or core::post('status') === NULL) ? Model_Product::STATUS_NOACTIVE : Model_Product::STATUS_ACTIVE; $product['updated'] = Date::unix2mysql(); //we do this so we assure use the entire day , nasty $product['offer_valid'] .= ' 23:59:59'; $product['featured'] .= ' 23:59:59'; // each field in edit product foreach ($product as $field => $value) { // do not include submit if ($field != 'submit' and $field != 'notify') { // check if its different, and set it is if ($value != $obj_product->{$field}) { $obj_product->{$field} = $value; // if title is changed, make new seotitle if ($field == 'title') { $seotitle = $obj_product->gen_seotitle($product['title']); $obj_product->seotitle = $seotitle; } } } } // save product or trow exeption try { $obj_product->save(); Alert::set(Alert::SUCCESS, __('Product saved.')); Sitemap::generate(); //notify users of new update if ($this->request->post('notify')) { //get users with that product $query = DB::select('email')->select('name')->from(array('users', 'u'))->join(array('orders', 'o'), 'INNER')->on('u.id_user', '=', 'o.id_user')->where('u.status', '=', Model_User::STATUS_ACTIVE)->where('o.status', '=', Model_Order::STATUS_PAID)->where('o.id_product', '=', $obj_product->id_product)->execute(); $users = $query->as_array(); if (count($users) > 0) { //download link $download = ''; if ($obj_product->has_file() == TRUE) { $download = '\\n\\n==== ' . __('Download') . ' ====\\n' . Route::url('oc-panel', array('controller' => 'profile', 'action' => 'orders')); } //theres an expire? 0 = unlimited $expire = ''; $expire_hours = Core::config('product.download_hours'); $expire_times = Core::config('product.download_times'); if (($expire_hours > 0 or $expire_times > 0) and $obj_product->has_file() == TRUE) { if ($expire_hours > 0 and $expire_times > 0) { $expire = sprintf(__('Your download expires in %u hours and can be downloaded %u times.'), $expire_hours, $expire_times); } elseif ($expire_hours > 0) { $expire = sprintf(__('Your download expires in %u hours.'), $expire_hours); } elseif ($expire_times > 0) { $expire = sprintf(__('Can be downloaded %u times.'), $expire_times); } $expire = '\\n' . $expire; } if (!Email::content($users, '', NULL, NULL, 'product-update', array('[TITLE]' => $obj_product->title, '[URL.PRODUCT]' => Route::url('product', array('seotitle' => $obj_product->seotitle, 'category' => $obj_product->category->seoname)), '[DOWNLOAD]' => $download, '[EXPIRE]' => $expire, '[VERSION]' => $obj_product->version))) { Alert::set(Alert::ERROR, __('Error on mail delivery, not sent')); } else { Alert::set(Alert::SUCCESS, __('Email sent to all the users')); } } else { Alert::set(Alert::ERROR, __('Mail not sent')); } } } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } // save images if (isset($_FILES)) { foreach ($_FILES as $file_name => $file) { if ($file_name != 'file_name') { $file = $obj_product->save_image($file); } if ($file) { $obj_product->has_images++; } } //since theres images save the ad again... try { $obj_product->save(); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } } } }
<li><?php echo $message; ?> </li> <?php } ?> </ul> </div> <?php } ?> <div class="form-group control-group pad_10"> <textarea name="message" rows="7" class="form-control input-xxlarge disable-bbcode" placeholder="Type reply here...." data-editor="html" required><?php echo core::post('message'); ?> </textarea> </div> <div class="form-group"> <?php echo Form::token('reply_message'); ?> </div> </div> </div> <div class="panel-footer text-center"> <a href="<?php echo Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index')); ?> " class="btn btn-default"><?php
/** * shortcut to get or post * @param [type] $key [description] * @param [type] $default [description] * @return [type] [description] */ public static function request($key, $default = NULL) { return core::post($key) !== NULL ? core::post($key) : core::get($key, $default); }
/** * 2step verification form * */ public function action_2step() { // 2step disabled or trying to access directly if (!Auth::instance()->logged_in() or Core::config('general.google_authenticator') == FALSE) { $this->redirect(Route::get('oc-panel')->uri()); } //template header $this->template->title = __('2 Step Authentication'); $this->template->content = View::factory('pages/auth/2step'); //if user loged in redirect home if (Auth::instance()->logged_in() and (Cookie::get('google_authenticator') == $this->user->id_user or $this->user->google_authenticator == '')) { $this->redirect(Route::get('oc-panel')->uri()); } elseif (core::post('code') and CSRF::valid('2step')) { //load library require Kohana::find_file('vendor', 'GoogleAuthenticator'); $ga = new PHPGangsta_GoogleAuthenticator(); if ($ga->verifyCode($this->user->google_authenticator, core::post('code'), 2)) { //set cookie Cookie::set('google_authenticator', $this->user->id_user, Core::config('auth.lifetime')); // redirect to the url we wanted to see Auth::instance()->login_redirect(); } else { Form::set_errors(array(__('Invalid Code'))); } } }
echo $message; ?> </li> <?php } ?> </ul> <?php } ?> <div class="form-group control-group"> <div class="col-md-12"> <textarea name="description" rows="10" class="form-control input-xxlarge" required><?php echo core::post('description', __('Reply here')); ?> </textarea> </div> </div> <?if (core::config('advertisement.captcha') != FALSE):?> <div class="form-group"> <div class="col-md-4"> <?if (Core::config('general.recaptcha_active')):?> <?php echo Captcha::recaptcha_display(); ?> <?else:?> <?php echo __('Captcha');
/** * Payment deatails and paypal configuration can be configured here * @return [view] Renders view with form inputs */ public function action_payment() { // validation active //$this->template->scripts['footer'][]= '/js/oc-panel/settings.js'; Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Payments'))); $this->template->title = __('Payments'); // all form config values $paymentconf = new Model_Config(); $config = $paymentconf->where('group_name', '=', 'payment')->find_all(); $paypal_currency = Paypal::get_currency(); // currencies limited by paypal // save only changed values if ($this->request->post()) { $validation = Validation::factory($this->request->post())->rule('sandbox', 'range', array(':value', 0, 1))->rule('authorize_sandbox', 'range', array(':value', 0, 1))->rule('stripe_address', 'range', array(':value', 0, 1)); if ($validation->check()) { foreach ($config as $c) { $config_res = $this->request->post($c->config_key); if ($c->config_key == 'paypal_currency') { $config_res = $paypal_currency[core::post('paypal_currency')]; } if ($config_res != $c->config_value) { $c->config_value = $config_res; try { $c->save(); } catch (Exception $e) { echo $e; } } } } else { $errors = $validation->errors('config'); foreach ($errors as $error) { Alert::set(Alert::ALERT, $error); } $this->redirect(Route::url('oc-panel', array('controller' => 'settings', 'action' => 'payment'))); } Alert::set(Alert::SUCCESS, __('Payment Configuration updated')); $this->redirect(Route::url('oc-panel', array('controller' => 'settings', 'action' => 'payment'))); } $pages = array('' => __('Deactivated')); foreach (Model_Content::get_pages() as $key => $value) { $pages[$value->seotitle] = $value->title; } $this->template->content = View::factory('oc-panel/pages/settings/payment', array('config' => $config, 'pages' => $pages, 'paypal_currency' => $paypal_currency)); }
public function action_changepass() { // only admins can change password if ($this->request->post() and $this->user->id_role == Model_Role::ROLE_ADMIN) { $user = new Model_User($this->request->param('id')); if (core::post('password1') == core::post('password2')) { if (!empty(core::post('password1'))) { $user->password = core::post('password1'); $user->last_modified = Date::unix2mysql(); $user->failed_attempts = 0; $user->last_failed = NULL; try { $user->save(); // email user with new password Email::content($user->email, $user->name, NULL, NULL, 'password-changed', array('[USER.PWD]' => core::post('password1'))); } catch (ORM_Validation_Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } Alert::set(Alert::SUCCESS, __('Password is changed')); } else { Form::set_errors(array(__('Nothing is provided'))); } } else { Form::set_errors(array(__('Passwords do not match'))); } } $this->redirect(Route::url('oc-panel', array('controller' => 'user', 'action' => 'update', 'id' => $this->request->param('id')))); }
/** * Simple register for user * */ public function action_register() { $this->template->content = View::factory('pages/auth/register'); $this->template->content->msg = ''; //if user loged in redirect home if (Auth::instance()->logged_in()) { $this->redirect(Route::get('oc-panel')->uri()); } elseif ($this->request->post()) { $validation = Validation::factory($this->request->post())->rule('name', 'not_empty')->rule('email', 'not_empty')->rule('email', 'email')->rule('password1', 'not_empty')->rule('password2', 'not_empty')->rule('password1', 'matches', array(':validation', 'password1', 'password2')); if ($validation->check()) { //posting data so try to remember password if (CSRF::valid('register')) { $email = core::post('email'); //check we have this email in the DB $user = new Model_User(); $user = $user->where('email', '=', $email)->limit(1)->find(); if ($user->loaded()) { Form::set_errors(array(__('User already exists'))); } else { //creating the user $user = Model_User::create_email($email, core::post('name'), core::post('password1')); //login the user Auth::instance()->login(core::post('email'), core::post('password1')); Alert::set(Alert::SUCCESS, __('Welcome!')); //login the user $this->redirect(Core::post('auth_redirect', Route::url('oc-panel'))); } } } else { $errors = $validation->errors('auth'); foreach ($errors as $error) { Alert::set(Alert::ALERT, $error); } } } //template header $this->template->title = __('Register new user'); $this->template->meta_description = __('Create a new profile at') . ' ' . Core::config('general.site_name'); }
/** * deletes all the locations * @return void */ public function action_delete_all() { if (core::post('confirmation')) { //delete location icons $locations = new Model_Location(); if ($id_location = intval(Core::post('id_location')) and $id_location > 0) { $selected_location = new Model_Location($id_location); $locations->where('id_location', 'in', $selected_location->get_siblings_ids())->where('id_location', '!=', $selected_location->id_location); } else { $locations->where('id_location', '!=', '1')->find_all(); } $locations = $locations->find_all(); foreach ($locations as $location) { $root = DOCROOT . 'images/locations/'; //root folder if (is_dir($root)) { @unlink($root . $location->seoname . '.png'); // delete icon from Amazon S3 if (core::config('image.aws_s3_active')) { $s3->deleteObject(core::config('image.aws_s3_bucket'), 'images/locations/' . $location->seoname . '.png'); } } } $query_update = DB::update('ads'); $query_delete = DB::delete('locations'); if ($id_location = intval(Core::post('id_location')) and $id_location > 0) { $query_update->set(array('id_location' => $selected_location->id_location)); $query_delete->where('id_location', 'in', $selected_location->get_siblings_ids())->where('id_location', '!=', $selected_location->id_location); } else { $query_update->set(array('id_location' => '1')); $query_delete->where('id_location', '!=', '1'); } $query_update->execute(); $query_delete->execute(); Core::delete_cache(); Alert::set(Alert::SUCCESS, __('All locations were deleted.')); } else { Alert::set(Alert::ERROR, __('You did not confirmed your delete action.')); } HTTP::redirect(Route::url('oc-panel', array('controller' => 'location', 'action' => 'index'))); }
/** * * Display reviews advert. * @throws HTTP_Exception_404 * */ public function action_reviews() { $seotitle = $this->request->param('seotitle', NULL); if ($seotitle !== NULL and Core::config('advertisement.reviews') == 1) { $ad = new Model_Ad(); $ad->where('seotitle', '=', $seotitle)->where('status', '!=', Model_Ad::STATUS_SPAM)->limit(1)->cached()->find(); if ($ad->loaded()) { $errors = NULL; //adding a new review if ($this->request->post() and Auth::instance()->logged_in()) { $user = Auth::instance()->get_user(); //only able to review if bought the product if (Core::config('advertisement.reviews_paid') == 1) { $order = new Model_Order(); $order->where('id_ad', '=', $ad->id_ad)->where('id_user', '=', $user->id_user)->where('id_product', '=', Model_Order::PRODUCT_AD_SELL)->where('status', '=', Model_Order::STATUS_PAID)->find(); if (!$order->loaded()) { Alert::set(Alert::ERROR, __('You can only add a review if you bought this product')); $this->redirect(Route::url('ad-review', array('seotitle' => $ad->seotitle))); } } //not allowing to review to yourself if ($user->id_user == $ad->id_user) { Alert::set(Alert::ERROR, __('You can not review yourself.')); $this->redirect(Route::url('ad-review', array('seotitle' => $ad->seotitle))); } $review = new Model_Review(); $review->where('id_ad', '=', $ad->id_ad)->where_open()->or_where('id_user', '=', $user->id_user)->or_where('ip_address', '=', ip2long(Request::$client_ip))->where_close()->find(); //d($review); if (!$review->loaded()) { if (captcha::check('review')) { $validation = Validation::factory($this->request->post())->rule('rate', 'numeric')->rule('description', 'not_empty')->rule('description', 'min_length', array(':value', 5))->rule('description', 'max_length', array(':value', 1000)); if ($validation->check()) { $rate = core::post('rate'); if ($rate > Model_Review::RATE_MAX) { $rate = Model_Review::RATE_MAX; } elseif ($rate < 0) { $rate = 0; } $review = new Model_Review(); $review->id_user = $user->id_user; $review->id_ad = $ad->id_ad; $review->description = core::post('description'); $review->status = Model_Review::STATUS_ACTIVE; $review->ip_address = ip2long(Request::$client_ip); $review->rate = $rate; $review->save(); //email product owner?? notify him of new review $ad->user->email('ad-review', array('[AD.TITLE]' => $ad->title, '[RATE]' => $review->rate, '[DESCRIPTION]' => $review->description, '[URL.QL]' => $ad->user->ql('ad-review', array('seotitle' => $ad->seotitle)))); $ad->recalculate_rate(); $ad->user->recalculate_rate(); Alert::set(Alert::SUCCESS, __('Thanks for your review!')); } else { $errors = $validation->errors('ad'); foreach ($errors as $f => $err) { Alert::set(Alert::ALERT, $err); } } } else { Alert::set(Alert::ERROR, __('Wrong Captcha')); } } else { Alert::set(Alert::ERROR, __('You already added a review')); } } $this->template->scripts['footer'][] = 'js/jquery.raty.min.js'; $this->template->scripts['footer'][] = 'js/review.js'; Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Home'))->set_url(Route::url('default'))); Breadcrumbs::add(Breadcrumb::factory()->set_title($ad->title)->set_url(Route::url('ad', array('seotitle' => $ad->seotitle, 'category' => $ad->category->seoname)))); $this->template->title = $ad->title . ' - ' . __('Reviews'); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Reviews'))); $this->template->meta_description = text::removebbcode($ad->description); $permission = TRUE; //permission to add hit to advert and give access rights. $auth_user = Auth::instance(); if (!$auth_user->logged_in() or $auth_user->get_user()->id_user != $ad->id_user and ($auth_user->get_user()->id_role != Model_Role::ROLE_ADMIN and $auth_user->get_user()->id_role != Model_Role::ROLE_MODERATOR) or $auth_user->get_user()->id_role != Model_Role::ROLE_ADMIN and $auth_user->get_user()->id_role != Model_Role::ROLE_MODERATOR) { $permission = FALSE; $user = NULL; } else { $user = $auth_user->get_user()->id_user; } $captcha_show = core::config('advertisement.captcha'); if ($ad->get_first_image() !== NULL) { Controller::$image = $ad->get_first_image(); } $reviews = new Model_Review(); $reviews = $reviews->where('id_ad', '=', $ad->id_ad)->where('status', '=', Model_Review::STATUS_ACTIVE)->find_all(); $this->template->bind('content', $content); $this->template->content = View::factory('pages/ad/reviews', array('ad' => $ad, 'permission' => $permission, 'captcha_show' => $captcha_show, 'user' => $user, 'reviews' => $reviews, 'errors' => $errors)); } else { //throw 404 throw HTTP_Exception::factory(404, __('Page not found')); } } else { //throw 404 throw HTTP_Exception::factory(404, __('Page not found')); } }
/** * deletes all the categories * @return void */ public function action_delete_all() { if (core::post('confirmation')) { //delete categories icons $categories = new Model_Category(); $categories = $categories->where('id_category', '!=', '1')->find_all(); foreach ($categories as $category) { $root = DOCROOT . 'images/categories/'; //root folder if (is_dir($root)) { @unlink($root . $category->seoname . '.png'); // delete icon from Amazon S3 if (core::config('image.aws_s3_active')) { $s3->deleteObject(core::config('image.aws_s3_bucket'), 'images/categories/' . $category->seoname . '.png'); } } } //set home category to all the ads $query = DB::update('ads')->set(array('id_category' => '1'))->execute(); //delete all categories $query = DB::delete('categories')->where('id_category', '!=', '1')->execute(); Core::delete_cache(); Alert::set(Alert::SUCCESS, __('All categories were deleted.')); } else { Alert::set(Alert::ERROR, __('You did not confirmed your delete action.')); } HTTP::redirect(Route::url('oc-panel', array('controller' => 'category', 'action' => 'index'))); }
/** * Edit advertisement: Update * * All post fields are validated */ public function action_update() { //template header $this->template->title = __('Edit advertisement'); $this->template->meta_description = __('Edit advertisement'); Controller::$full_width = TRUE; //local files if (Theme::get('cdn_files') == FALSE) { $this->template->styles = array('css/jquery.sceditor.default.theme.min.css' => 'screen'); $this->template->scripts['footer'] = array('js/jquery.sceditor.bbcode.min.js', 'js/jquery.chained.min.js', '//maps.google.com/maps/api/js?sensor=false&libraries=geometry&v=3.7', '//cdn.jsdelivr.net/gmaps/0.4.15/gmaps.min.js', 'js/oc-panel/edit_ad.js'); } else { $this->template->styles = array('css/jquery.sceditor.default.theme.min.css' => 'screen'); $this->template->scripts['footer'] = array('js/jquery.sceditor.bbcode.min.js', 'js/jquery.chained.min.js', '//maps.google.com/maps/api/js?sensor=false&libraries=geometry&v=3.7', '//cdn.jsdelivr.net/gmaps/0.4.15/gmaps.min.js', 'js/oc-panel/edit_ad.js'); } Breadcrumbs::add(Breadcrumb::factory()->set_title(__('My ads'))->set_url(Route::url('oc-panel', array('controller' => 'myads', 'action' => 'index')))); $form = new Model_Ad($this->request->param('id')); if (Auth::instance()->get_user()->id_user == $form->id_user or Auth::instance()->get_user()->id_role == Model_Role::ROLE_ADMIN or Auth::instance()->get_user()->id_role == Model_Role::ROLE_MODERATOR) { $original_category = $form->category; $extra_payment = core::config('payment'); $cat = new Model_Category(); $loc = new Model_Location(); //find all, for populating form select fields $categories = Model_Category::get_as_array(); $order_categories = Model_Category::get_multidimensional(); $parent_category = Model_Category::get_by_deep(); //get locations $locations = Model_Location::get_as_array(); $order_locations = Model_Location::get_multidimensional(); $loc_parent_deep = Model_Location::get_by_deep(); if ($this->request->post()) { // deleting single image by path if (is_numeric($deleted_image = core::post('img_delete'))) { $form->delete_image($deleted_image); //TODO! usage of the api? die; } // end of img delete $data = $this->request->post(); //to make it backward compatible with older themes: UGLY!! if (isset($data['category']) and is_numeric($data['category'])) { $data['id_category'] = $data['category']; unset($data['category']); } if (isset($data['location']) and is_numeric($data['location'])) { $data['id_location'] = $data['location']; unset($data['location']); } $return = $form->save_ad($data); //there was an error on the validation if (isset($return['validation_errors']) and is_array($return['validation_errors'])) { foreach ($return['validation_errors'] as $f => $err) { Alert::set(Alert::ALERT, $err); } } elseif (isset($return['error'])) { Alert::set($return['error_type'], $return['error']); } elseif (isset($return['message'])) { // IMAGE UPLOAD // in case something wrong happens user is redirected to edit advert. $filename = NULL; for ($i = 0; $i < core::config("advertisement.num_images"); $i++) { if (isset($_FILES['image' . $i])) { $filename = $form->save_image($_FILES['image' . $i]); } } if ($filename !== NULL) { $form->last_modified = Date::unix2mysql(); try { $form->save(); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } Alert::set(Alert::SUCCESS, $return['message']); //redirect user to pay if (isset($return['checkout_url']) and !empty($return['checkout_url'])) { $this->redirect($return['checkout_url']); } } $this->redirect(Route::url('oc-panel', array('controller' => 'myads', 'action' => 'update', 'id' => $form->id_ad))); } //get all orders $orders = new Model_Order(); $orders = $orders->where('id_user', '=', $form->id_user)->where('status', '=', Model_Order::STATUS_CREATED)->where('id_ad', '=', $form->id_ad)->find_all(); Breadcrumbs::add(Breadcrumb::factory()->set_title("Update")); $this->template->content = View::factory('oc-panel/profile/edit_ad', array('ad' => $form, 'locations' => $locations, 'order_locations' => $order_locations, 'categories' => $categories, 'order_categories' => $order_categories, 'order_parent_deep' => $parent_category, 'loc_parent_deep' => $loc_parent_deep, 'extra_payment' => $extra_payment, 'orders' => $orders, 'fields' => Model_Field::get_all())); } else { Alert::set(Alert::ERROR, __('You dont have permission to access this link')); $this->redirect(Route::url('default')); } }
/** * add a repply to a topic * @param Model_Post $topic * @param Model_Forum $forum */ public function add_topic_reply(Model_Post $topic, Model_Forum $forum) { //if loged in add styles and check for post if (Auth::instance()->logged_in()) { $this->template->styles = array('css/jquery.sceditor.min.css' => 'screen'); $this->template->scripts['footer'] = array('js/jquery.sceditor.min.js?v=144', 'js/jquery.sceditor.bbcode.min.js', 'js/forum-new.js'); $errors = NULL; if ($this->request->post()) { //captcha check if (captcha::check('new-reply-topic')) { $user = Auth::instance()->get_user(); //akismet spam filter if (!core::akismet($user->name, $user->email, core::post('description'))) { $validation = Validation::factory($this->request->post())->rule('description', 'not_empty')->rule('description', 'max_length', array(':value', 1000))->rule('description', 'min_length', array(':value', 5)); if ($validation->check()) { $reply = new Model_Post(); $reply->id_user = $user->id_user; $reply->id_forum = $forum->id_forum; $reply->id_post_parent = $topic->id_post; $reply->title = mb_substr(core::post('description'), 0, 145); $reply->seotitle = $reply->gen_seotitle($reply->title); $reply->description = Text::banned_words(core::post('description')); $reply->status = Model_Post::STATUS_ACTIVE; $reply->ip_address = ip2long(Request::$client_ip); $reply->save(); //set empty since they already replied Request::current()->post('description', ''); Alert::set(Alert::SUCCESS, __('Reply added, thanks!')); } else { $errors = $validation->errors('ad'); } } else { Alert::set(Alert::ERROR, __('This email has been considered as spam! We are sorry but we can not send this email.')); } } else { Alert::set(Alert::ERROR, __('Check the form for errors')); } } return $errors; } }
<div class="col-md-5"> <input type="text" name="title" value="<?php echo core::post('title'); ?> " class="col-md-6 form-control" required /> </div> </div> <div class="form-group"> <label class="col-md-2"><?php echo __("Description"); ?> :</label> <div class="col-md-9 col-sm-9 col-md-12"> <textarea id="description" name="description" rows="20" class="col-md-9 col-sm-9 col-md-12 form-control" required><?php echo core::post('description', __('Description')); ?> </textarea> </div> </div> <div class="form-actions"> <a href="<?php echo Route::url('oc-panel', array('controller' => 'support', 'action' => 'index')); ?> " class="btn btn-default"><?php echo __('Cancel'); ?> </a> <button type="submit" class="btn btn-primary"><?php echo __('Create');