예제 #1
0
파일: back.php 프로젝트: ZerGabriel/ffcms
 private function viewStreamList()
 {
     csrf::getInstance()->buildToken();
     $params = array();
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $page_index = (int) system::getInstance()->get('index');
     $db_index = $page_index * self::ITEM_PER_PAGE;
     if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
         if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/stream/delete')) {
             $toDelete = system::getInstance()->post('check_array');
             if (is_array($toDelete) && sizeof($toDelete) > 0) {
                 $listDelete = system::getInstance()->altimplode(',', $toDelete);
                 if (system::getInstance()->isIntList($listDelete)) {
                     database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_stream WHERE id IN (" . $listDelete . ")");
                 }
             }
         }
     }
     $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_stream ORDER BY `date` DESC LIMIT ?," . self::ITEM_PER_PAGE);
     $stmt->bindParam(1, $db_index, \PDO::PARAM_INT);
     $stmt->execute();
     $resultAll = $stmt->fetchAll(\PDO::FETCH_ASSOC);
     $stmt = null;
     $ids = system::getInstance()->extractFromMultyArray('caster_id', $resultAll);
     user::getInstance()->listload($ids);
     foreach ($resultAll as $row) {
         $params['stream'][] = array('id' => $row['id'], 'type' => $row['type'], 'user_id' => $row['caster_id'], 'user_name' => user::getInstance()->get('nick', $row['caster_id']), 'url' => $row['target_object'], 'text' => system::getInstance()->nohtml($row['text_preview']), 'date' => system::getInstance()->todate($row['date'], 'h'));
     }
     $count_all = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream', false)->streamCount();
     $params['pagination'] = template::getInstance()->showFastPagination($page_index, self::ITEM_PER_PAGE, $count_all, '?object=components&action=stream&index=');
     return template::getInstance()->twigRender('components/stream/list.tpl', $params);
 }
예제 #2
0
 public function make()
 {
     $post_id = (int) system::getInstance()->get('id');
     $user_id = (int) user::getInstance()->get('id');
     $message = system::getInstance()->nohtml(system::getInstance()->post('message'));
     // thank unknown tester for detect XSS vuln
     $time_between_posts = extension::getInstance()->getConfig('wall_post_delay', 'user', 'components', 'int');
     if ($post_id > 0 && $user_id > 0 && system::getInstance()->length($message) > 0 && permission::getInstance()->have('global/write')) {
         $stmt = database::getInstance()->con()->prepare("SELECT time FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE poster = ? ORDER BY id DESC LIMIT 1");
         $stmt->bindParam(1, $user_id, PDO::PARAM_INT);
         $stmt->execute();
         $res = $stmt->fetch();
         $last_post_time = $res['time'];
         $stmt = null;
         $current_time = time();
         if ($current_time - $last_post_time >= $time_between_posts) {
             $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_wall_answer (wall_post_id, poster, message, time) VALUES(?, ?, ?, ?)");
             $stmt->bindParam(1, $post_id, PDO::PARAM_INT);
             $stmt->bindParam(2, $user_id, PDO::PARAM_INT);
             $stmt->bindParam(3, $message, PDO::PARAM_STR);
             $stmt->bindParam(4, $current_time, PDO::PARAM_INT);
             $stmt->execute();
             $stmt = null;
         }
     }
     api::getInstance()->call('front', 'wallview')->make();
     // refresh list
 }
예제 #3
0
 public function make()
 {
     $tpl = @file_get_contents(root . '/resource/ckeditor/customtpl/filebrowser.tpl');
     $file_type = (int) system::getInstance()->get('type');
     if ($tpl == null) {
         echo "<p>Filebrowser tpl was not founded</p>";
         return;
     }
     $file_array = null;
     switch ($file_type) {
         case 1:
             if (!permission::getInstance()->have('admin/imagebrowser')) {
                 return null;
             }
             $file_array = $this->browseImage();
             break;
         case 2:
             if (!permission::getInstance()->have('admin/flashbrowser')) {
                 return null;
             }
             $file_array = $this->browseSwf();
             break;
         default:
             if (!permission::getInstance()->have('admin/filebrowser')) {
                 return null;
             }
             $file_array = $this->browseAll();
             break;
     }
     template::getInstance()->justPrint($tpl, array('files' => $file_array, 'file_type' => $file_type, 'ckcallback' => system::getInstance()->get('CKEditorFuncNum')));
 }
예제 #4
0
 public function make()
 {
     $comment_id = (int) system::getInstance()->get('id');
     if (user::getInstance()->get('id') > 0 && permission::getInstance()->have('comment/delete') && $comment_id > 0) {
         $stmt = database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
         $stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
         $stmt->execute();
     }
 }
예제 #5
0
 public function make()
 {
     if (!permission::getInstance()->have('admin/components/news/add') && !permission::getInstance()->have('admin/components/news/edit')) {
         return;
     }
     $id = (int) system::getInstance()->get('id');
     $fpath = root . '/upload/news/poster_' . $id . '.jpg';
     if (file_exists($fpath)) {
         @unlink($fpath);
     }
 }
예제 #6
0
 public function make()
 {
     if (!permission::getInstance()->have('admin/components/news/add') && !permission::getInstance()->have('admin/components/news/edit')) {
         return;
     }
     header('Content-type: application/json');
     switch (system::getInstance()->get('action')) {
         case 'upload':
             $this->viewUpload();
             break;
         case 'list':
             $this->viewList();
             break;
         case 'delete':
             $this->viewDelete();
             break;
     }
 }
예제 #7
0
파일: front.php 프로젝트: ZerGabriel/ffcms
 /**
  * Get comment list
  * @param null $way
  * @param int $end
  * @param bool $show_all
  * @return array
  */
 public function getCommentsParams($way = null, $end = 0, $show_all = false)
 {
     $userid = user::getInstance()->get('id');
     $stmt = null;
     if (is_null($way)) {
         $way = router::getInstance()->getUriString();
     }
     if ($show_all) {
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC");
         $stmt->bindParam(1, $way, PDO::PARAM_STR);
         $stmt->execute();
     } else {
         $comment_count = extension::getInstance()->getConfig('comments_count', 'comments', 'modules', 'int');
         if ($end < 1) {
             $end = 1;
         }
         $end *= $comment_count;
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC LIMIT 0,?");
         $stmt->bindParam(1, $way, PDO::PARAM_STR);
         $stmt->bindParam(2, $end, PDO::PARAM_INT);
         $stmt->execute();
     }
     $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
     user::getInstance()->listload(system::getInstance()->extractFromMultyArray('author', $result));
     $params = array();
     foreach ($result as $item) {
         $poster_id = $item['author'];
         $can_edit = false;
         $can_delete = false;
         $editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
         if ($userid > 0) {
             if ($poster_id == $userid && time() - $item['time'] <= $editconfig || permission::getInstance()->have('comment/edit')) {
                 $can_edit = true;
             }
             if (permission::getInstance()->have('comment/delete')) {
                 $can_delete = true;
             }
         }
         $params[] = array('author_id' => $poster_id, 'author_nick' => user::getInstance()->get('nick', $poster_id), 'author_avatar' => user::getInstance()->buildAvatar('small', $poster_id), 'comment_text' => extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->bbcode2html($item['comment']), 'comment_date' => system::getInstance()->toDate($item['time'], 'h'), 'unixtime' => $item['time'], 'comment_id' => $item['id'], 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'guest_name' => system::getInstance()->nohtml($item['guest_name']));
     }
     $stmt = null;
     return $params;
 }
예제 #8
0
 public function make()
 {
     if ($_FILES['upload'] == null) {
         return null;
     }
     $type = (int) system::getInstance()->get('type');
     $result = false;
     $save_folder = false;
     $allow_ext = system::getInstance()->altexplode(';', property::getInstance()->get('upload_allowed_ext'));
     foreach ($allow_ext as $key => $value) {
         // no dots
         $nodot = str_replace('.', '', $value);
         if (system::getInstance()->length($nodot) > 0) {
             $allow_ext[$key] = $nodot;
         }
     }
     switch ($type) {
         case 1:
             if (permission::getInstance()->have('admin/imagebrowser')) {
                 $result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadImage('/images/', $_FILES['upload']);
                 $save_folder = 'images';
             }
             break;
         case 2:
             if (permission::getInstance()->have('admin/flashbrowser')) {
                 $result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadFile('/flash/', $_FILES['upload'], array('swf'));
                 $save_folder = 'flash';
             }
             break;
         default:
             if (permission::getInstance()->have('admin/filebrowser')) {
                 $result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadFile('/other/', $_FILES['upload'], $allow_ext);
                 $save_folder = 'other';
             }
             break;
     }
     if (!$result || !$save_folder) {
         echo '<html><body><script type="text/javascript">window.parent.CKEDITOR.tools.callFunction("' . $_GET['CKEditorFuncNum'] . '", "", "' . language::getInstance()->get('fileupload_api_error') . '");</script></body></html>';
     } else {
         echo '<html><body><script type="text/javascript">window.parent.CKEDITOR.tools.callFunction("' . $_GET['CKEditorFuncNum'] . '", "' . property::getInstance()->get('script_url') . '/upload/' . $save_folder . '/' . $result . '");</script></body></html>';
     }
 }
예제 #9
0
 public function make()
 {
     if (!permission::getInstance()->have('admin/components/video/add') && !permission::getInstance()->have('admin/components/video/edit')) {
         return;
     }
     $id = (int) system::getInstance()->get('id');
     $type = (int) system::getInstance()->get('type');
     if ($type == 1) {
         $fpath = root . '/upload/video/catposter/poster_' . $id . '.jpg';
         if (file_exists($fpath)) {
             @unlink($fpath);
         }
     }
     if ($type == 2) {
         $fpath = root . '/upload/video/poster_' . $id . '.jpg';
         if (file_exists($fpath)) {
             @unlink($fpath);
         }
     }
 }
예제 #10
0
 public function make()
 {
     if (!permission::getInstance()->have('admin/filemanager')) {
         return;
     }
     include_once root . '/resource/elfinder/php/elFinderConnector.class.php';
     include_once root . '/resource/elfinder/php/elFinder.class.php';
     include_once root . '/resource/elfinder/php/elFinderVolumeDriver.class.php';
     include_once root . '/resource/elfinder/php/elFinderVolumeLocalFileSystem.class.php';
     function access($attr, $path, $data, $volume)
     {
         return strpos(basename($path), '.') === 0 ? !($attr == 'read' || $attr == 'write') : null;
         // else elFinder decide it itself
     }
     if (!file_exists(root . '/upload/')) {
         system::getInstance()->createDirectory(root . '/upload/', 0755);
     }
     $opts = array('roots' => array(array('driver' => 'LocalFileSystem', 'path' => root . '/upload/', 'URL' => property::getInstance()->get('script_url') . '/upload/', 'accessControl' => 'access')));
     $connector = new elFinderConnector(new elFinder($opts));
     $connector->run();
 }
예제 #11
0
 public function canEdit($comment_id)
 {
     if (permission::getInstance()->have('global/owner')) {
         // no limits for full admin
         return true;
     }
     if (user::getInstance()->get('id') < 1) {
         return false;
     }
     if (!permission::getInstance()->have('global/write')) {
         return false;
     }
     $userid = user::getInstance()->get('id');
     $stmt = database::getInstance()->con()->prepare("SELECT author,time FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
     $stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
     $stmt->execute();
     if ($result = $stmt->fetch()) {
         $editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
         if ($result['author'] != $userid || time() - $result['time'] > $editconfig && !permission::getInstance()->have('comment/edit')) {
             return false;
         }
     }
     return true;
 }
예제 #12
0
 private function viewVideoList()
 {
     csrf::getInstance()->buildToken();
     $params = array();
     if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
         if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/video/delete')) {
             $toDelete = system::getInstance()->post('check_array');
             if (is_array($toDelete) && sizeof($toDelete) > 0) {
                 foreach ($toDelete as $video_single_id) {
                     // remove posible poster files and gallery images
                     if (file_exists(root . '/upload/video/poster_' . $video_single_id . '.jpg')) {
                         @unlink(root . '/upload/video/poster_' . $video_single_id . '.jpg');
                     }
                     if (file_exists(root . '/upload/video/gallery/' . $video_single_id . '/')) {
                         system::getInstance()->removeDirectory(root . '/upload/video/gallery/' . $video_single_id . '/');
                     }
                 }
                 $listDelete = system::getInstance()->altimplode(',', $toDelete);
                 if (system::getInstance()->isIntList($listDelete)) {
                     database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery WHERE id IN (" . $listDelete . ")");
                     // drop tags
                     database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_tags WHERE object_type = 'video' AND object_id IN (" . $listDelete . ")");
                 }
             }
         }
     }
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $params['search']['value'] = system::getInstance()->nohtml(system::getInstance()->get('search'));
     $index_start = (int) system::getInstance()->get('index');
     $db_index = $index_start * self::ITEM_PER_PAGE;
     $stmt = null;
     $filter = (int) system::getInstance()->get('filter');
     if ($filter === self::FILTER_MODERATE) {
         // 1
         $stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.category,a.link,a.date,b.category_id,a.important,a.display,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery a, " . property::getInstance()->get('db_prefix') . "_com_video_category b WHERE a.category = b.category_id AND a.display = 0 ORDER BY a.id DESC LIMIT ?," . self::ITEM_PER_PAGE);
         $stmt->bindParam(1, $db_index, PDO::PARAM_INT);
         $stmt->execute();
     } elseif ($filter === self::FILTER_IMPORTANT) {
         // 2
         $stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.category,a.link,a.date,a.important,a.display,b.category_id,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery a, " . property::getInstance()->get('db_prefix') . "_com_video_category b WHERE a.category = b.category_id AND a.important = 1 ORDER BY a.id DESC LIMIT ?," . self::ITEM_PER_PAGE);
         $stmt->bindParam(1, $db_index, PDO::PARAM_INT);
         $stmt->execute();
     } elseif ($filter === self::FILTER_SEARCH) {
         // 3
         $search_string = "%" . $params['search']['value'] . "%";
         $stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.category,a.link,a.date,a.important,a.display,b.category_id,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery a, " . property::getInstance()->get('db_prefix') . "_com_video_category b WHERE a.category = b.category_id AND (a.title like ? OR a.text like ?) ORDER BY a.id DESC LIMIT 0," . self::SEARCH_PER_PAGE);
         $stmt->bindParam(1, $search_string, PDO::PARAM_STR);
         $stmt->bindParam(2, $search_string, PDO::PARAM_STR);
         $stmt->execute();
     } else {
         // 0 || > 3
         $stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.category,a.link,a.date,b.category_id,a.important,a.display,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_video_entery a, " . property::getInstance()->get('db_prefix') . "_com_video_category b WHERE a.category = b.category_id ORDER BY a.important DESC, a.id DESC LIMIT ?," . self::ITEM_PER_PAGE);
         $stmt->bindParam(1, $db_index, PDO::PARAM_INT);
         $stmt->execute();
         $filter = 0;
     }
     $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
     $stmt = null;
     foreach ($result as $data) {
         $title = unserialize($data['title']);
         $link = $data['path'];
         if ($link != null) {
             $link .= "/";
         }
         $link .= $data['link'];
         $params['video'][] = array('id' => $data['id'], 'title' => $title[language::getInstance()->getUseLanguage()], 'link' => $link, 'date' => system::getInstance()->toDate($data['date'], 'h'), 'important' => (int) $data['important'], 'moderate' => !(bool) $data['display']);
     }
     $params['pagination'] = template::getInstance()->showFastPagination($index_start, self::ITEM_PER_PAGE, $this->getTotalVideoCount($filter), '?object=components&action=video&filter=' . $filter . '&index=');
     return template::getInstance()->twigRender('components/video/list.tpl', $params);
 }
예제 #13
0
파일: back.php 프로젝트: ZerGabriel/ffcms
 private function viewStaticList()
 {
     csrf::getInstance()->buildToken();
     $params = array();
     if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
         if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/static/delete')) {
             $toDelete = system::getInstance()->post('check_array');
             if (is_array($toDelete) && sizeof($toDelete) > 0) {
                 $listDelete = system::getInstance()->altimplode(',', $toDelete);
                 if (system::getInstance()->isIntList($listDelete)) {
                     database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE id IN (" . $listDelete . ")");
                 }
             }
         }
     }
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $index_start = (int) system::getInstance()->get('index');
     $db_index = $index_start * self::ITEM_PER_PAGE;
     if (system::getInstance()->post('dosearch') && strlen(system::getInstance()->post('search')) > 0) {
         $params['search']['value'] = system::getInstance()->nohtml(system::getInstance()->post('search'));
         $search_string = "%" . system::getInstance()->nohtml(system::getInstance()->post('search')) . "%";
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE title like ? OR text like ? ORDER BY id DESC LIMIT 0," . self::SEARCH_PER_PAGE);
         $stmt->bindParam(1, $search_string, PDO::PARAM_STR);
         $stmt->bindParam(2, $search_string, PDO::PARAM_STR);
         $stmt->execute();
     } else {
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static ORDER BY id DESC LIMIT ?," . self::ITEM_PER_PAGE);
         $stmt->bindParam(1, $db_index, PDO::PARAM_INT);
         $stmt->execute();
     }
     $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
     foreach ($result as $data) {
         $title_locale = unserialize($data['title']);
         $params['static'][] = array('id' => $data['id'], 'title' => $title_locale[language::getInstance()->getUseLanguage()], 'path' => $data['pathway'], 'date' => system::getInstance()->toDate($data['date'], 'h'));
     }
     $params['pagination'] = template::getInstance()->showFastPagination($index_start, self::ITEM_PER_PAGE, $this->getTotalStaticCount(), '?object=components&action=static&index=');
     return template::getInstance()->twigRender('components/static/list.tpl', $params);
 }
예제 #14
0
파일: front.php 프로젝트: ZerGabriel/ffcms
\engine\language::getInstance()->init();
// prepare language
\engine\database::getInstance()->init();
// init database PDO connect
\engine\extension::getInstance()->init();
// init extension controller
\engine\user::getInstance()->init();
// prepare user data
\engine\router::getInstance()->init();
// prepare URI worker
\engine\meta::getInstance()->init();
\engine\template::getInstance()->init();
// set default template variables according changes in dymanic variables
\engine\extension::getInstance()->loadModules();
// prepare modules
\engine\extension::getInstance()->loadHooks();
// prepare hooks
// statistic collector
\engine\robot::getInstance()->init();
// check ip/user is fully blocked?
\engine\ban::getInstance()->init();
\engine\router::getInstance()->makeRoute();
\engine\meta::getInstance()->compile();
\engine\maintenance::getInstance()->make();
echo \engine\template::getInstance()->make();
// load debug indifferent of templates. Sounds not good but cant be removed from theme.
if (\engine\permission::getInstance()->have('global/owner') && \engine\property::getInstance()->get('debug')) {
    $debug_endtime = microtime(true);
    $load_time = number_format($debug_endtime - $debug_starttime, 3);
    echo "<hr />Debug loading: " . $load_time . " sec <br />Sql query count: " . \engine\database::getInstance()->getQueryCount() . "<br />Memory(peak): " . number_format(memory_get_peak_usage() / (1024 * 1024), 3) . "mb";
}
예제 #15
0
 public function make()
 {
     $text = system::getInstance()->nohtml(system::getInstance()->post('comment_message'), true);
     $authorid = user::getInstance()->get('id');
     $position = (int) system::getInstance()->post('comment_position');
     $pathway = system::getInstance()->nohtml(system::getInstance()->post('pathway'));
     $guest_name = system::getInstance()->nohtml(system::getInstance()->post('guest_name'));
     $timestamp = time();
     $guest_type = false;
     $ip = system::getInstance()->getRealIp();
     $params = array();
     $moderate = 0;
     if ($authorid < 1) {
         if (system::getInstance()->length($guest_name) > 0 && extension::getInstance()->getConfig('guest_comment', 'comments', extension::TYPE_MODULE, 'bool')) {
             $guest_name = system::getInstance()->altsubstr($guest_name, 0, 16);
             if (!extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->validate(system::getInstance()->post('captcha'))) {
                 $params['notify']['captcha_error'] = true;
             }
         } elseif (!permission::getInstance()->have('global/write') || !permission::getInstance()->have('comment/add')) {
             // only for auth usr with post rule right
             return null;
         }
         $authorid = 0;
         $moderate = 1;
     } else {
         $guest_name = '';
     }
     if (system::getInstance()->length($text) < extension::getInstance()->getConfig('min_length', 'comments', 'modules', 'int') || system::getInstance()->length($text) > extension::getInstance()->getConfig('max_length', 'comments', 'modules', 'int')) {
         $params['notify']['wrong_text'] = true;
     }
     // get last comment from this user and check time deps
     $stmt = null;
     if ($guest_type) {
         $stmt = database::getInstance()->con()->prepare("SELECT `time` FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE ip = ? ORDER BY `time` DESC LIMIT 1");
         $stmt->bindParam(1, $ip, PDO::PARAM_STR);
         $stmt->execute();
     } else {
         $stmt = database::getInstance()->con()->prepare("SELECT `time` FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE author = ? ORDER BY `time` DESC LIMIT 1");
         $stmt->bindParam(1, $authorid, PDO::PARAM_INT);
         $stmt->execute();
     }
     if ($stmt != null && ($result = $stmt->fetch())) {
         $lastposttime = $result['time'];
         if ($timestamp - $lastposttime < extension::getInstance()->getConfig('time_delay', 'comments', 'modules', 'int')) {
             $params['notify']['time_delay'] = true;
         }
     }
     $stmt = null;
     if (sizeof($params['notify']) == 0) {
         // no shit happends ;D
         $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_mod_comments (comment, author, time, pathway, ip, guest_name, moderate)\n                    VALUES (?, ?, ?, ?, ?, ?, ?)");
         $stmt->bindParam(1, $text, PDO::PARAM_STR);
         $stmt->bindParam(2, $authorid, PDO::PARAM_INT);
         $stmt->bindParam(3, $timestamp, PDO::PARAM_INT);
         $stmt->bindParam(4, $pathway, PDO::PARAM_STR);
         $stmt->bindParam(5, $ip, PDO::PARAM_STR);
         $stmt->bindParam(6, $guest_name, PDO::PARAM_STR);
         $stmt->bindParam(7, $moderate, PDO::PARAM_INT, 1);
         $stmt->execute();
         $stmt = null;
         $stream = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream');
         $poster = $authorid > 0 ? $authorid : $guest_name;
         if (is_object($stream)) {
             $stream->add('comment.add', $poster, property::getInstance()->get('url') . $pathway, $text);
         }
         if ($moderate) {
             $params['notify']['is_moderate'] = true;
         }
     }
     echo extension::getInstance()->call(extension::TYPE_MODULE, 'comments')->buildCommentTemplate($pathway, $position, false, $params);
 }
예제 #16
0
파일: back.php 프로젝트: ZerGabriel/ffcms
 private function viewUserDelete()
 {
     csrf::getInstance()->buildToken();
     $params = array();
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $userid = system::getInstance()->get('id');
     if (!user::getInstance()->exists($userid) || permission::getInstance()->have('global/owner', $userid)) {
         system::getInstance()->redirect("?object=components&action=user");
     }
     if (system::getInstance()->post('deleteuser') && csrf::getInstance()->check()) {
         $stmt = database::getInstance()->con()->prepare("DELETE generaldata,customdata FROM " . property::getInstance()->get('db_prefix') . "_user as generaldata\n                LEFT OUTER JOIN " . property::getInstance()->get('db_prefix') . "_user_custom as customdata\n                ON generaldata.id = customdata.id WHERE generaldata.id = ?");
         $stmt->bindParam(1, $userid, PDO::PARAM_INT);
         $stmt->execute();
         // TODO: friendlist cleanup -> field friend_list, friend_request in user table
         system::getInstance()->redirect("?object=components&action=user");
     }
     $params['udata'] = array('login' => user::getInstance()->get('login', $userid), 'email' => user::getInstance()->get('email', $userid), 'id' => $userid);
     return template::getInstance()->twigRender('components/user/delete.tpl', $params);
 }