private function viewStreamList()
{
csrf::getInstance()->buildToken();
$params = array();
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$page_index = (int) system::getInstance()->get('index');
$db_index = $page_index * self::ITEM_PER_PAGE;
if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/stream/delete')) {
$toDelete = system::getInstance()->post('check_array');
if (is_array($toDelete) && sizeof($toDelete) > 0) {
$listDelete = system::getInstance()->altimplode(',', $toDelete);
if (system::getInstance()->isIntList($listDelete)) {
database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_stream WHERE id IN (" . $listDelete . ")");
}
}
}
}
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_stream ORDER BY `date` DESC LIMIT ?," . self::ITEM_PER_PAGE);
$stmt->bindParam(1, $db_index, \PDO::PARAM_INT);
$stmt->execute();
$resultAll = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$stmt = null;
$ids = system::getInstance()->extractFromMultyArray('caster_id', $resultAll);
user::getInstance()->listload($ids);
foreach ($resultAll as $row) {
$params['stream'][] = array('id' => $row['id'], 'type' => $row['type'], 'user_id' => $row['caster_id'], 'user_name' => user::getInstance()->get('nick', $row['caster_id']), 'url' => $row['target_object'], 'text' => system::getInstance()->nohtml($row['text_preview']), 'date' => system::getInstance()->todate($row['date'], 'h'));
}
$count_all = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream', false)->streamCount();
$params['pagination'] = template::getInstance()->showFastPagination($page_index, self::ITEM_PER_PAGE, $count_all, '?object=components&action=stream&index=');
return template::getInstance()->twigRender('components/stream/list.tpl', $params);
}
public function make()
{
$post_id = (int) system::getInstance()->get('id');
$user_id = (int) user::getInstance()->get('id');
$message = system::getInstance()->nohtml(system::getInstance()->post('message'));
// thank unknown tester for detect XSS vuln
$time_between_posts = extension::getInstance()->getConfig('wall_post_delay', 'user', 'components', 'int');
if ($post_id > 0 && $user_id > 0 && system::getInstance()->length($message) > 0 && permission::getInstance()->have('global/write')) {
$stmt = database::getInstance()->con()->prepare("SELECT time FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE poster = ? ORDER BY id DESC LIMIT 1");
$stmt->bindParam(1, $user_id, PDO::PARAM_INT);
$stmt->execute();
$res = $stmt->fetch();
$last_post_time = $res['time'];
$stmt = null;
$current_time = time();
if ($current_time - $last_post_time >= $time_between_posts) {
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_wall_answer (wall_post_id, poster, message, time) VALUES(?, ?, ?, ?)");
$stmt->bindParam(1, $post_id, PDO::PARAM_INT);
$stmt->bindParam(2, $user_id, PDO::PARAM_INT);
$stmt->bindParam(3, $message, PDO::PARAM_STR);
$stmt->bindParam(4, $current_time, PDO::PARAM_INT);
$stmt->execute();
$stmt = null;
}
}
api::getInstance()->call('front', 'wallview')->make();
// refresh list
}
public function make()
{
$tpl = @file_get_contents(root . '/resource/ckeditor/customtpl/filebrowser.tpl');
$file_type = (int) system::getInstance()->get('type');
if ($tpl == null) {
echo "<p>Filebrowser tpl was not founded</p>";
return;
}
$file_array = null;
switch ($file_type) {
case 1:
if (!permission::getInstance()->have('admin/imagebrowser')) {
return null;
}
$file_array = $this->browseImage();
break;
case 2:
if (!permission::getInstance()->have('admin/flashbrowser')) {
return null;
}
$file_array = $this->browseSwf();
break;
default:
if (!permission::getInstance()->have('admin/filebrowser')) {
return null;
}
$file_array = $this->browseAll();
break;
}
template::getInstance()->justPrint($tpl, array('files' => $file_array, 'file_type' => $file_type, 'ckcallback' => system::getInstance()->get('CKEditorFuncNum')));
}
public function make()
{
$comment_id = (int) system::getInstance()->get('id');
if (user::getInstance()->get('id') > 0 && permission::getInstance()->have('comment/delete') && $comment_id > 0) {
$stmt = database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
$stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
$stmt->execute();
}
}
public function make()
{
if (!permission::getInstance()->have('admin/components/news/add') && !permission::getInstance()->have('admin/components/news/edit')) {
return;
}
$id = (int) system::getInstance()->get('id');
$fpath = root . '/upload/news/poster_' . $id . '.jpg';
if (file_exists($fpath)) {
@unlink($fpath);
}
}
public function make()
{
if (!permission::getInstance()->have('admin/components/news/add') && !permission::getInstance()->have('admin/components/news/edit')) {
return;
}
header('Content-type: application/json');
switch (system::getInstance()->get('action')) {
case 'upload':
$this->viewUpload();
break;
case 'list':
$this->viewList();
break;
case 'delete':
$this->viewDelete();
break;
}
}
/**
* Get comment list
* @param null $way
* @param int $end
* @param bool $show_all
* @return array
*/
public function getCommentsParams($way = null, $end = 0, $show_all = false)
{
$userid = user::getInstance()->get('id');
$stmt = null;
if (is_null($way)) {
$way = router::getInstance()->getUriString();
}
if ($show_all) {
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC");
$stmt->bindParam(1, $way, PDO::PARAM_STR);
$stmt->execute();
} else {
$comment_count = extension::getInstance()->getConfig('comments_count', 'comments', 'modules', 'int');
if ($end < 1) {
$end = 1;
}
$end *= $comment_count;
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC LIMIT 0,?");
$stmt->bindParam(1, $way, PDO::PARAM_STR);
$stmt->bindParam(2, $end, PDO::PARAM_INT);
$stmt->execute();
}
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
user::getInstance()->listload(system::getInstance()->extractFromMultyArray('author', $result));
$params = array();
foreach ($result as $item) {
$poster_id = $item['author'];
$can_edit = false;
$can_delete = false;
$editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
if ($userid > 0) {
if ($poster_id == $userid && time() - $item['time'] <= $editconfig || permission::getInstance()->have('comment/edit')) {
$can_edit = true;
}
if (permission::getInstance()->have('comment/delete')) {
$can_delete = true;
}
}
$params[] = array('author_id' => $poster_id, 'author_nick' => user::getInstance()->get('nick', $poster_id), 'author_avatar' => user::getInstance()->buildAvatar('small', $poster_id), 'comment_text' => extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->bbcode2html($item['comment']), 'comment_date' => system::getInstance()->toDate($item['time'], 'h'), 'unixtime' => $item['time'], 'comment_id' => $item['id'], 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'guest_name' => system::getInstance()->nohtml($item['guest_name']));
}
$stmt = null;
return $params;
}
public function make()
{
if ($_FILES['upload'] == null) {
return null;
}
$type = (int) system::getInstance()->get('type');
$result = false;
$save_folder = false;
$allow_ext = system::getInstance()->altexplode(';', property::getInstance()->get('upload_allowed_ext'));
foreach ($allow_ext as $key => $value) {
// no dots
$nodot = str_replace('.', '', $value);
if (system::getInstance()->length($nodot) > 0) {
$allow_ext[$key] = $nodot;
}
}
switch ($type) {
case 1:
if (permission::getInstance()->have('admin/imagebrowser')) {
$result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadImage('/images/', $_FILES['upload']);
$save_folder = 'images';
}
break;
case 2:
if (permission::getInstance()->have('admin/flashbrowser')) {
$result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadFile('/flash/', $_FILES['upload'], array('swf'));
$save_folder = 'flash';
}
break;
default:
if (permission::getInstance()->have('admin/filebrowser')) {
$result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadFile('/other/', $_FILES['upload'], $allow_ext);
$save_folder = 'other';
}
break;
}
if (!$result || !$save_folder) {
echo '<html><body><script type="text/javascript">window.parent.CKEDITOR.tools.callFunction("' . $_GET['CKEditorFuncNum'] . '", "", "' . language::getInstance()->get('fileupload_api_error') . '");</script></body></html>';
} else {
echo '<html><body><script type="text/javascript">window.parent.CKEDITOR.tools.callFunction("' . $_GET['CKEditorFuncNum'] . '", "' . property::getInstance()->get('script_url') . '/upload/' . $save_folder . '/' . $result . '");</script></body></html>';
}
}
public function make()
{
if (!permission::getInstance()->have('admin/components/video/add') && !permission::getInstance()->have('admin/components/video/edit')) {
return;
}
$id = (int) system::getInstance()->get('id');
$type = (int) system::getInstance()->get('type');
if ($type == 1) {
$fpath = root . '/upload/video/catposter/poster_' . $id . '.jpg';
if (file_exists($fpath)) {
@unlink($fpath);
}
}
if ($type == 2) {
$fpath = root . '/upload/video/poster_' . $id . '.jpg';
if (file_exists($fpath)) {
@unlink($fpath);
}
}
}
public function make()
{
if (!permission::getInstance()->have('admin/filemanager')) {
return;
}
include_once root . '/resource/elfinder/php/elFinderConnector.class.php';
include_once root . '/resource/elfinder/php/elFinder.class.php';
include_once root . '/resource/elfinder/php/elFinderVolumeDriver.class.php';
include_once root . '/resource/elfinder/php/elFinderVolumeLocalFileSystem.class.php';
function access($attr, $path, $data, $volume)
{
return strpos(basename($path), '.') === 0 ? !($attr == 'read' || $attr == 'write') : null;
// else elFinder decide it itself
}
if (!file_exists(root . '/upload/')) {
system::getInstance()->createDirectory(root . '/upload/', 0755);
}
$opts = array('roots' => array(array('driver' => 'LocalFileSystem', 'path' => root . '/upload/', 'URL' => property::getInstance()->get('script_url') . '/upload/', 'accessControl' => 'access')));
$connector = new elFinderConnector(new elFinder($opts));
$connector->run();
}
public function canEdit($comment_id)
{
if (permission::getInstance()->have('global/owner')) {
// no limits for full admin
return true;
}
if (user::getInstance()->get('id') < 1) {
return false;
}
if (!permission::getInstance()->have('global/write')) {
return false;
}
$userid = user::getInstance()->get('id');
$stmt = database::getInstance()->con()->prepare("SELECT author,time FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
$stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
$stmt->execute();
if ($result = $stmt->fetch()) {
$editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
if ($result['author'] != $userid || time() - $result['time'] > $editconfig && !permission::getInstance()->have('comment/edit')) {
return false;
}
}
return true;
}
private function viewVideoList()
{
csrf::getInstance()->buildToken();
$params = array();
if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/video/delete')) {
$toDelete = system::getInstance()->post('check_array');
if (is_array($toDelete) && sizeof($toDelete) > 0) {
foreach ($toDelete as $video_single_id) {
// remove posible poster files and gallery images
if (file_exists(root . '/upload/video/poster_' . $video_single_id . '.jpg')) {
@unlink(root . '/upload/video/poster_' . $video_single_id . '.jpg');
}
if (file_exists(root . '/upload/video/gallery/' . $video_single_id . '/')) {
system::getInstance()->removeDirectory(root . '/upload/video/gallery/' . $video_single_id . '/');
}
}
$listDelete = system::getInstance()->altimplode(',', $toDelete);
if (system::getInstance()->isIntList($listDelete)) {
database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery WHERE id IN (" . $listDelete . ")");
// drop tags
database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_tags WHERE object_type = 'video' AND object_id IN (" . $listDelete . ")");
}
}
}
}
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$params['search']['value'] = system::getInstance()->nohtml(system::getInstance()->get('search'));
$index_start = (int) system::getInstance()->get('index');
$db_index = $index_start * self::ITEM_PER_PAGE;
$stmt = null;
$filter = (int) system::getInstance()->get('filter');
if ($filter === self::FILTER_MODERATE) {
// 1
$stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.category,a.link,a.date,b.category_id,a.important,a.display,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery a, " . property::getInstance()->get('db_prefix') . "_com_video_category b WHERE a.category = b.category_id AND a.display = 0 ORDER BY a.id DESC LIMIT ?," . self::ITEM_PER_PAGE);
$stmt->bindParam(1, $db_index, PDO::PARAM_INT);
$stmt->execute();
} elseif ($filter === self::FILTER_IMPORTANT) {
// 2
$stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.category,a.link,a.date,a.important,a.display,b.category_id,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery a, " . property::getInstance()->get('db_prefix') . "_com_video_category b WHERE a.category = b.category_id AND a.important = 1 ORDER BY a.id DESC LIMIT ?," . self::ITEM_PER_PAGE);
$stmt->bindParam(1, $db_index, PDO::PARAM_INT);
$stmt->execute();
} elseif ($filter === self::FILTER_SEARCH) {
// 3
$search_string = "%" . $params['search']['value'] . "%";
$stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.category,a.link,a.date,a.important,a.display,b.category_id,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery a, " . property::getInstance()->get('db_prefix') . "_com_video_category b WHERE a.category = b.category_id AND (a.title like ? OR a.text like ?) ORDER BY a.id DESC LIMIT 0," . self::SEARCH_PER_PAGE);
$stmt->bindParam(1, $search_string, PDO::PARAM_STR);
$stmt->bindParam(2, $search_string, PDO::PARAM_STR);
$stmt->execute();
} else {
// 0 || > 3
$stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.category,a.link,a.date,b.category_id,a.important,a.display,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery a, " . property::getInstance()->get('db_prefix') . "_com_video_category b WHERE a.category = b.category_id ORDER BY a.important DESC, a.id DESC LIMIT ?," . self::ITEM_PER_PAGE);
$stmt->bindParam(1, $db_index, PDO::PARAM_INT);
$stmt->execute();
$filter = 0;
}
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt = null;
foreach ($result as $data) {
$title = unserialize($data['title']);
$link = $data['path'];
if ($link != null) {
$link .= "/";
}
$link .= $data['link'];
$params['video'][] = array('id' => $data['id'], 'title' => $title[language::getInstance()->getUseLanguage()], 'link' => $link, 'date' => system::getInstance()->toDate($data['date'], 'h'), 'important' => (int) $data['important'], 'moderate' => !(bool) $data['display']);
}
$params['pagination'] = template::getInstance()->showFastPagination($index_start, self::ITEM_PER_PAGE, $this->getTotalVideoCount($filter), '?object=components&action=video&filter=' . $filter . '&index=');
return template::getInstance()->twigRender('components/video/list.tpl', $params);
}
private function viewStaticList()
{
csrf::getInstance()->buildToken();
$params = array();
if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/static/delete')) {
$toDelete = system::getInstance()->post('check_array');
if (is_array($toDelete) && sizeof($toDelete) > 0) {
$listDelete = system::getInstance()->altimplode(',', $toDelete);
if (system::getInstance()->isIntList($listDelete)) {
database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE id IN (" . $listDelete . ")");
}
}
}
}
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$index_start = (int) system::getInstance()->get('index');
$db_index = $index_start * self::ITEM_PER_PAGE;
if (system::getInstance()->post('dosearch') && strlen(system::getInstance()->post('search')) > 0) {
$params['search']['value'] = system::getInstance()->nohtml(system::getInstance()->post('search'));
$search_string = "%" . system::getInstance()->nohtml(system::getInstance()->post('search')) . "%";
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE title like ? OR text like ? ORDER BY id DESC LIMIT 0," . self::SEARCH_PER_PAGE);
$stmt->bindParam(1, $search_string, PDO::PARAM_STR);
$stmt->bindParam(2, $search_string, PDO::PARAM_STR);
$stmt->execute();
} else {
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static ORDER BY id DESC LIMIT ?," . self::ITEM_PER_PAGE);
$stmt->bindParam(1, $db_index, PDO::PARAM_INT);
$stmt->execute();
}
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($result as $data) {
$title_locale = unserialize($data['title']);
$params['static'][] = array('id' => $data['id'], 'title' => $title_locale[language::getInstance()->getUseLanguage()], 'path' => $data['pathway'], 'date' => system::getInstance()->toDate($data['date'], 'h'));
}
$params['pagination'] = template::getInstance()->showFastPagination($index_start, self::ITEM_PER_PAGE, $this->getTotalStaticCount(), '?object=components&action=static&index=');
return template::getInstance()->twigRender('components/static/list.tpl', $params);
}
\engine\language::getInstance()->init();
// prepare language
\engine\database::getInstance()->init();
// init database PDO connect
\engine\extension::getInstance()->init();
// init extension controller
\engine\user::getInstance()->init();
// prepare user data
\engine\router::getInstance()->init();
// prepare URI worker
\engine\meta::getInstance()->init();
\engine\template::getInstance()->init();
// set default template variables according changes in dymanic variables
\engine\extension::getInstance()->loadModules();
// prepare modules
\engine\extension::getInstance()->loadHooks();
// prepare hooks
// statistic collector
\engine\robot::getInstance()->init();
// check ip/user is fully blocked?
\engine\ban::getInstance()->init();
\engine\router::getInstance()->makeRoute();
\engine\meta::getInstance()->compile();
\engine\maintenance::getInstance()->make();
echo \engine\template::getInstance()->make();
// load debug indifferent of templates. Sounds not good but cant be removed from theme.
if (\engine\permission::getInstance()->have('global/owner') && \engine\property::getInstance()->get('debug')) {
$debug_endtime = microtime(true);
$load_time = number_format($debug_endtime - $debug_starttime, 3);
echo "<hr />Debug loading: " . $load_time . " sec <br />Sql query count: " . \engine\database::getInstance()->getQueryCount() . "<br />Memory(peak): " . number_format(memory_get_peak_usage() / (1024 * 1024), 3) . "mb";
}
public function make()
{
$text = system::getInstance()->nohtml(system::getInstance()->post('comment_message'), true);
$authorid = user::getInstance()->get('id');
$position = (int) system::getInstance()->post('comment_position');
$pathway = system::getInstance()->nohtml(system::getInstance()->post('pathway'));
$guest_name = system::getInstance()->nohtml(system::getInstance()->post('guest_name'));
$timestamp = time();
$guest_type = false;
$ip = system::getInstance()->getRealIp();
$params = array();
$moderate = 0;
if ($authorid < 1) {
if (system::getInstance()->length($guest_name) > 0 && extension::getInstance()->getConfig('guest_comment', 'comments', extension::TYPE_MODULE, 'bool')) {
$guest_name = system::getInstance()->altsubstr($guest_name, 0, 16);
if (!extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->validate(system::getInstance()->post('captcha'))) {
$params['notify']['captcha_error'] = true;
}
} elseif (!permission::getInstance()->have('global/write') || !permission::getInstance()->have('comment/add')) {
// only for auth usr with post rule right
return null;
}
$authorid = 0;
$moderate = 1;
} else {
$guest_name = '';
}
if (system::getInstance()->length($text) < extension::getInstance()->getConfig('min_length', 'comments', 'modules', 'int') || system::getInstance()->length($text) > extension::getInstance()->getConfig('max_length', 'comments', 'modules', 'int')) {
$params['notify']['wrong_text'] = true;
}
// get last comment from this user and check time deps
$stmt = null;
if ($guest_type) {
$stmt = database::getInstance()->con()->prepare("SELECT `time` FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE ip = ? ORDER BY `time` DESC LIMIT 1");
$stmt->bindParam(1, $ip, PDO::PARAM_STR);
$stmt->execute();
} else {
$stmt = database::getInstance()->con()->prepare("SELECT `time` FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE author = ? ORDER BY `time` DESC LIMIT 1");
$stmt->bindParam(1, $authorid, PDO::PARAM_INT);
$stmt->execute();
}
if ($stmt != null && ($result = $stmt->fetch())) {
$lastposttime = $result['time'];
if ($timestamp - $lastposttime < extension::getInstance()->getConfig('time_delay', 'comments', 'modules', 'int')) {
$params['notify']['time_delay'] = true;
}
}
$stmt = null;
if (sizeof($params['notify']) == 0) {
// no shit happends ;D
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_mod_comments (comment, author, time, pathway, ip, guest_name, moderate)\n VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->bindParam(1, $text, PDO::PARAM_STR);
$stmt->bindParam(2, $authorid, PDO::PARAM_INT);
$stmt->bindParam(3, $timestamp, PDO::PARAM_INT);
$stmt->bindParam(4, $pathway, PDO::PARAM_STR);
$stmt->bindParam(5, $ip, PDO::PARAM_STR);
$stmt->bindParam(6, $guest_name, PDO::PARAM_STR);
$stmt->bindParam(7, $moderate, PDO::PARAM_INT, 1);
$stmt->execute();
$stmt = null;
$stream = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream');
$poster = $authorid > 0 ? $authorid : $guest_name;
if (is_object($stream)) {
$stream->add('comment.add', $poster, property::getInstance()->get('url') . $pathway, $text);
}
if ($moderate) {
$params['notify']['is_moderate'] = true;
}
}
echo extension::getInstance()->call(extension::TYPE_MODULE, 'comments')->buildCommentTemplate($pathway, $position, false, $params);
}
private function viewUserDelete()
{
csrf::getInstance()->buildToken();
$params = array();
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$userid = system::getInstance()->get('id');
if (!user::getInstance()->exists($userid) || permission::getInstance()->have('global/owner', $userid)) {
system::getInstance()->redirect("?object=components&action=user");
}
if (system::getInstance()->post('deleteuser') && csrf::getInstance()->check()) {
$stmt = database::getInstance()->con()->prepare("DELETE generaldata,customdata FROM " . property::getInstance()->get('db_prefix') . "_user as generaldata\n LEFT OUTER JOIN " . property::getInstance()->get('db_prefix') . "_user_custom as customdata\n ON generaldata.id = customdata.id WHERE generaldata.id = ?");
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
$stmt->execute();
// TODO: friendlist cleanup -> field friend_list, friend_request in user table
system::getInstance()->redirect("?object=components&action=user");
}
$params['udata'] = array('login' => user::getInstance()->get('login', $userid), 'email' => user::getInstance()->get('email', $userid), 'id' => $userid);
return template::getInstance()->twigRender('components/user/delete.tpl', $params);
}