private function showNewFriendRequestCount()
{
$friendRequestList = user::getInstance()->get('friend_request');
$friend_array = system::getInstance()->altexplode(',', $friendRequestList);
$request_count = sizeof($friend_array);
template::getInstance()->set(template::TYPE_MODULE, 'friendrequest_new_count', $request_count);
}
public function make()
{
$dir = system::getInstance()->get('dir');
if (system::getInstance()->isLatinOrNumeric($dir) && system::getInstance()->length($dir) > 0 && user::getInstance()->get('id') > 0 && $_FILES['img'] != null) {
$isIframe = $_POST["iframe"] ? true : false;
$idarea = $_POST["idarea"];
$obj = extension::getInstance()->call(extension::TYPE_HOOK, 'file');
if (!is_object($obj)) {
exit;
}
$result = $obj->uploadImage('/' . $dir . '/', $_FILES['img']);
$fulllink = property::getInstance()->get('script_url') . "/upload/{$dir}/" . $result;
if ($isIframe) {
if ($result != null) {
echo '<html><body>OK<script>window.parent.$("#' . $idarea . '").insertImage("' . $fulllink . '","' . $fulllink . '").closeModal().updateUI();</script></body></html>';
} else {
echo '<html><body>ERROR<script>window.parent.alert("Image upload error.");</script></body></html>';
}
} else {
header("Content-type: text/javascript");
if ($result != null) {
$json_response = array('status' => '1', 'msg' => 'ok', 'image_link' => $fulllink, 'thumb_link' => $fulllink);
} else {
$json_response = array('status' => '0', 'msg' => 'error');
}
echo stripslashes(json_encode($json_response));
}
}
}
public function make()
{
$comment_count = extension::getInstance()->getConfig('last_count', 'lastcomments', 'modules', 'int');
if ($comment_count < 1) {
$comment_count = 1;
}
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE `pathway` != '' AND moderate = '0' ORDER BY `time` DESC LIMIT 0,?");
$stmt->bindParam(1, $comment_count, PDO::PARAM_INT);
$stmt->execute();
$res = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt = null;
if (sizeof($res) > 0) {
// have comments in db
$max_comment_char_size = extension::getInstance()->getConfig('text_length', 'lastcomments', 'modules', 'int');
$prepared_userlist = system::getInstance()->extractFromMultyArray('author', $res);
user::getInstance()->listload($prepared_userlist);
$params = array();
foreach ($res as $result) {
$comment_text = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->nobbcode($result['comment']);
$params['comment'][] = array('user_id' => $result['author'], 'user_name' => user::getInstance()->get('nick', $result['author']), 'user_avatar' => user::getInstance()->buildAvatar('small', $result['author']), 'uri' => $result['pathway'], 'preview' => system::getInstance()->altsubstr($comment_text, 0, $max_comment_char_size), 'date' => system::getInstance()->toDate($result['time'], 'd'), 'guest_name' => system::getInstance()->nohtml($result['guest_name']));
}
$render = template::getInstance()->twigRender('modules/lastcomments/lastcomments.tpl', array('local' => $params));
template::getInstance()->set(template::TYPE_MODULE, 'lastcomments', $render);
}
}
public function make()
{
$params = array();
$news_count = extension::getInstance()->getConfig('new_count', 'news_new', extension::TYPE_MODULE, 'int');
if ($news_count < 1) {
$news_count = 1;
}
$stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.link,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_news_entery a," . property::getInstance()->get('db_prefix') . "_com_news_category b\n WHERE a.category = b.category_id AND a.display > 0 ORDER BY a.date DESC LIMIT 0,?");
$stmt->bindParam(1, $news_count, \PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$stmt = null;
foreach ($result as $row) {
$full_path = null;
$image = null;
if (property::getInstance()->get('use_multi_language')) {
$full_path .= '/' . language::getInstance()->getUseLanguage();
}
$full_path .= '/news/';
if ($row['path'] != null) {
$full_path .= $row['path'] . '/';
}
$full_path .= $row['link'];
$serial_title = system::getInstance()->altstripslashes(unserialize($row['title']));
if (file_exists(root . '/upload/news/poster_' . $row['id'] . '.jpg')) {
$image = 'poster_' . $row['id'];
}
$params['latest'][] = array('title' => $serial_title[language::getInstance()->getUseLanguage()], 'image' => $image, 'pathway' => $full_path);
}
$tmp = template::getInstance()->twigRender('modules/news_new/list.tpl', array('local' => $params));
template::getInstance()->set(template::TYPE_MODULE, 'news_new', $tmp);
}
public function make()
{
$post_id = (int) system::getInstance()->get('id');
$user_id = (int) user::getInstance()->get('id');
$message = system::getInstance()->nohtml(system::getInstance()->post('message'));
// thank unknown tester for detect XSS vuln
$time_between_posts = extension::getInstance()->getConfig('wall_post_delay', 'user', 'components', 'int');
if ($post_id > 0 && $user_id > 0 && system::getInstance()->length($message) > 0 && permission::getInstance()->have('global/write')) {
$stmt = database::getInstance()->con()->prepare("SELECT time FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE poster = ? ORDER BY id DESC LIMIT 1");
$stmt->bindParam(1, $user_id, PDO::PARAM_INT);
$stmt->execute();
$res = $stmt->fetch();
$last_post_time = $res['time'];
$stmt = null;
$current_time = time();
if ($current_time - $last_post_time >= $time_between_posts) {
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_wall_answer (wall_post_id, poster, message, time) VALUES(?, ?, ?, ?)");
$stmt->bindParam(1, $post_id, PDO::PARAM_INT);
$stmt->bindParam(2, $user_id, PDO::PARAM_INT);
$stmt->bindParam(3, $message, PDO::PARAM_STR);
$stmt->bindParam(4, $current_time, PDO::PARAM_INT);
$stmt->execute();
$stmt = null;
}
}
api::getInstance()->call('front', 'wallview')->make();
// refresh list
}
public function make()
{
if (user::getInstance()->get('id') > 0) {
$userid = user::getInstance()->get('id');
$title = system::getInstance()->nohtml(system::getInstance()->post('title'));
$url = system::getInstance()->nohtml(system::getInstance()->post('url'));
// only self domain
if (system::getInstance()->prefixEquals($url, property::getInstance()->get('script_url')) && filter_var($url, FILTER_VALIDATE_URL) && system::getInstance()->length($title) > 0) {
$stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_user_bookmarks WHERE target = ? AND href = ?");
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
$stmt->bindParam(2, $url, PDO::PARAM_STR);
$stmt->execute();
$res = $stmt->fetch();
$stmt = null;
if ($res[0] < 1) {
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_bookmarks (`target`, `title`, `href`) VALUES (?, ?, ?)");
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
$stmt->bindParam(2, $title, PDO::PARAM_STR);
$stmt->bindParam(3, $url, PDO::PARAM_STR);
$stmt->execute();
$stmt = null;
}
}
}
}
public function urlRelativeToAbsolute($url)
{
if (!system::getInstance()->prefixEquals($url, 'http')) {
$url = property::getInstance()->get('url') . $url;
}
return $url;
}
public function make()
{
$comment_id = (int) system::getInstance()->get('id');
if (user::getInstance()->get('id') > 0 && permission::getInstance()->have('comment/delete') && $comment_id > 0) {
$stmt = database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
$stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
$stmt->execute();
}
}
/**
* Parse bbcode to html syntax
* @param $bbtext
* @return mixed
*/
public function bbcode2html($bbtext)
{
if (is_null($this->parser)) {
require_once root . '/resource/xbbcode/bbcode.lib.php';
$this->parser = new bbcode();
}
$this->parser->parse($bbtext);
return system::getInstance()->htmlQuoteDecode($this->parser->get_html());
}
public function make()
{
$comment_way = system::getInstance()->nohtml(system::getInstance()->post('pathway'));
$comment_position = (int) system::getInstance()->post('comment_position');
$load_all = system::getInstance()->post('comment_all') === "true" ? true : false;
// to bool :D
$result = extension::getInstance()->call(extension::TYPE_MODULE, 'comments')->buildCommentTemplate($comment_way, $comment_position, $load_all);
echo $result;
}
function get_html($tree = null)
{
$this->autolinks = false;
$text = '';
foreach ($this->tree as $val) {
if ('text' == $val['type']) {
$text .= $val['str'];
}
}
$href = '';
if (isset($this->attrib['url'])) {
$href = $this->attrib['url'];
}
if (!$href && isset($this->attrib['a'])) {
$href = $this->attrib['a'];
}
if (!$href && isset($this->attrib['href'])) {
$href = $this->attrib['href'];
}
if (!$href && !isset($this->attrib['anchor'])) {
$href = $text;
}
$href = $this->checkUrl($href);
$attr = 'class="bb"';
if ($href) {
if (system::getInstance()->prefixEquals($href, property::getInstance()->get('url')) || $href == property::getInstance()->get('url')) {
$attr .= ' href="' . $href . '"';
} else {
$attr .= ' href="' . $href . '" rel="nofollow"';
}
}
if (isset($this->attrib['title'])) {
$title = $this->attrib['title'];
$attr .= ' title="' . htmlspecialchars($title) . '"';
}
$id = '';
if (isset($this->attrib['id'])) {
$id = $this->attrib['id'];
}
if (!$id && isset($this->attrib['name'])) {
$id = $this->attrib['name'];
}
if (!$id && isset($this->attrib['anchor'])) {
$id = $this->attrib['anchor'];
if (!$id) {
$id = $text;
}
}
if ($id) {
if ($id[0] < 'A' || $id[0] > 'z') {
$id = 'bb' . $id;
}
$attr .= ' id="' . htmlspecialchars($id) . '"';
}
return '<a ' . $attr . ' target="_blank">' . parent::get_html($this->tree) . '</a>';
}
/**
* Search and replace URL's for site mirrors
* @param $text
* @param bool $special_syntax
* @return array|mixed
*/
public function fix($text, $special_syntax = true)
{
if (!system::getInstance()->contains(';', property::getInstance()->get('source_url'))) {
// if only single url is defined
return $text;
}
if (is_array($text)) {
$result = array();
foreach ($text as $language => $i_text) {
$result[$language] = $this->fix($i_text);
}
return $result;
} else {
if (!$special_syntax) {
$text = system::getInstance()->nohtml($text);
$bbobject = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml');
if (is_object($bbobject)) {
$text = $bbobject->nobbcode($text);
}
}
$available_url = system::getInstance()->altexplode(';', property::getInstance()->get('source_url'));
$used_url = property::getInstance()->get('script_url');
$result = str_replace($available_url, $used_url, $text);
if (property::getInstance()->get('user_friendly_url')) {
// if url/index.php/ is used
// url/index.php/ to url/
$no_humanurls = $used_url . '/index.php/';
$result = str_replace($no_humanurls, $used_url . '/', $result);
} else {
// try to set links to non-user friendly model /index.php/lang/ from /lang/
foreach (language::getInstance()->getAvailable() as $s_lang) {
$source_human_urls = $used_url . '/' . $s_lang . '/';
$replacement_human_urls = $used_url . '/index.php/' . $s_lang . '/';
$result = str_replace($source_human_urls, $replacement_human_urls, $result);
}
}
// if disabled multi-lang
// /ru/page.html to /page.html, /index.php/ru/page.html to /index.php/page.html
if (!property::getInstance()->get('use_multi_language')) {
$to_replace = array();
$replacement = null;
foreach (language::getInstance()->getAvailable() as $s_lang) {
$to_replace[] = $used_url . '/index.php/' . $s_lang . '/';
$to_replace[] = $used_url . '/' . $s_lang . '/';
}
if (property::getInstance()->get('user_friendly_url')) {
$replacement = $used_url . '/';
} else {
$replacement = $used_url . '/index.php/';
}
$result = str_replace($to_replace, $replacement, $result);
}
return $result;
}
}
public function make()
{
if (!permission::getInstance()->have('admin/components/news/add') && !permission::getInstance()->have('admin/components/news/edit')) {
return;
}
$id = (int) system::getInstance()->get('id');
$fpath = root . '/upload/news/poster_' . $id . '.jpg';
if (file_exists($fpath)) {
@unlink($fpath);
}
}
public function make()
{
$params = array();
if (system::getInstance()->post('submit')) {
if (admin::getInstance()->saveExtensionConfigs()) {
$params['notify']['save_success'] = true;
}
}
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$params['config']['new_count'] = extension::getInstance()->getConfig('new_count', 'news_new', extension::TYPE_MODULE, 'int');
return template::getInstance()->twigRender('modules/news_new/settings.tpl', $params);
}
public function make()
{
$id = (int) system::getInstance()->get('id');
$user_id = user::getInstance()->get('id');
if ($user_id < 1 || $id < 1 || !extension::getInstance()->getConfig('enable_useradd', 'news', extension::TYPE_COMPONENT, 'bol') || !extension::getInstance()->call(extension::TYPE_COMPONENT, 'news')->checkNewsOwnerExist($user_id, $id)) {
return;
}
$fpath = root . '/upload/news/poster_' . $id . '.jpg';
if (file_exists($fpath)) {
@unlink($fpath);
}
}
private function viewFeedList()
{
$params = array();
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$index = (int) system::getInstance()->get('index');
$db_index = $index * self::ITEM_PER_PAGE;
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_feedback ORDER BY `id` DESC LIMIT ?," . self::ITEM_PER_PAGE);
$stmt->bindParam(1, $db_index, PDO::PARAM_INT);
$stmt->execute();
$params['feedback']['result'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
$params['pagination'] = template::getInstance()->showFastPagination($index, self::ITEM_PER_PAGE, $this->getFeedCount(), '?object=components&action=feedback&index=');
return template::getInstance()->twigRender('components/feedback/list.tpl', $params);
}
private function viewStreamSettings()
{
csrf::getInstance()->buildToken();
$params = array();
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
if (system::getInstance()->post('submit')) {
if (admin::getInstance()->saveExtensionConfigs() && csrf::getInstance()->check()) {
$params['notify']['save_success'] = true;
}
}
$params['config']['count_stream_page'] = extension::getInstance()->getConfig('count_stream_page', 'stream', extension::TYPE_COMPONENT, 'int');
return template::getInstance()->twigRender('components/stream/settings.tpl', $params);
}
public function validate($postdata)
{
$captcha_type = extension::getInstance()->getConfig('captcha_type', 'captcha', 'hooks');
if ($captcha_type == "recaptcha") {
require_once root . "/resource/recaptcha/recaptchalib.php";
$resp = recaptcha_check_answer(extension::getInstance()->getConfig('captcha_privatekey', 'captcha', 'hooks'), system::getInstance()->getRealIp(), $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
return $resp->is_valid;
}
$session_value = $_SESSION['captcha'];
$_SESSION['captcha'] = null;
// if unset is bugged or cannot override now
unset($_SESSION['captcha']);
return strlen($session_value) > 0 && strtolower($session_value) == strtolower($postdata) ? true : false;
}
public function make()
{
$post_id = (int) system::getInstance()->get('id');
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE wall_post_id = ? ORDER BY id DESC");
$stmt->bindParam(1, $post_id, PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
user::getInstance()->listload(system::getInstance()->extractFromMultyArray('poster', $result));
$params = array();
foreach ($result as $item) {
$params['answer'][] = array('poster_id' => $item['poster'], 'poster_name' => user::getInstance()->get('nick', $item['poster']), 'poster_avatar' => user::getInstance()->buildAvatar('small', $item['poster']), 'message' => $item['message'], 'time' => system::getInstance()->toDate($item['time'], 'h'));
}
echo template::getInstance()->twigRender('components/user/profile/profile_answer.tpl', array('local' => $params));
}
public function make()
{
$url = system::getInstance()->get('url');
if (!filter_var($url, FILTER_VALIDATE_URL)) {
$url_decode = @base64_decode($url);
if (filter_var($url_decode, FILTER_VALIDATE_URL)) {
$url = $url_decode;
} else {
$url = property::getInstance()->get('url');
}
}
$theme = "<html>\n <head>\n <meta http-equiv=\"refresh\" content=\"0; url={$url}\">\n <script type=\"text/javascript\">\n location.href = \"{$url}\";\n </script>\n </head>\n <body>\n Redirecting ... <br />\n <strong>Link: <noindex><a href=\"{$url}\" rel=\"nofollow\">{$url}</a></noindex></strong>\n </body>\n </html>";
echo $theme;
}
public function make()
{
csrf::getInstance()->buildToken();
$params = array();
if (system::getInstance()->post('submit') && csrf::getInstance()->check()) {
if (admin::getInstance()->saveExtensionConfigs()) {
$params['notify']['save_success'] = true;
}
}
$params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
$params['config']['captcha_type'] = extension::getInstance()->getConfig('captcha_type', 'captcha', extension::TYPE_HOOK, 'str');
$params['config']['captcha_publickey'] = extension::getInstance()->getConfig('captcha_publickey', 'captcha', extension::TYPE_HOOK, 'str');
$params['config']['captcha_privatekey'] = extension::getInstance()->getConfig('captcha_privatekey', 'captcha', extension::TYPE_HOOK, 'str');
return template::getInstance()->twigRender('hooks/captcha/settings.tpl', $params);
}
public function make()
{
$comment_id = (int) system::getInstance()->get('id');
if ($this->canEdit($comment_id)) {
$params = array();
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
$stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
$stmt->execute();
$content = null;
if ($result = $stmt->fetch()) {
$params['comment'] = array('id' => $comment_id, 'body' => $result['comment']);
echo template::getInstance()->twigRender('modules/comments/comment_api.tpl', array('local' => $params));
}
$stmt = null;
}
}
public function make()
{
$obj = api::getInstance()->call('front', 'commentedit');
if (is_object($obj)) {
$comment_id = (int) system::getInstance()->post('comment_id');
if (!$obj->canEdit($comment_id)) {
return null;
}
$comment_text = system::getInstance()->nohtml(system::getInstance()->post('comment_text'), true);
if ($comment_id > 0 && strlen($comment_text) > 0) {
$stmt = database::getInstance()->con()->prepare("UPDATE " . property::getInstance()->get('db_prefix') . "_mod_comments set comment = ? where id = ?");
$stmt->bindParam(1, $comment_text, PDO::PARAM_STR);
$stmt->bindParam(2, $comment_id, PDO::PARAM_INT);
$stmt->execute();
$stmt = null;
}
}
}
public function make()
{
$to = system::getInstance()->get('to');
$refer = $_SERVER['HTTP_REFERER'];
if (language::getInstance()->canUse($to) && system::getInstance()->prefixEquals($refer, property::getInstance()->get('url'))) {
$uri = system::getInstance()->altexplode('/', substr($refer, strlen(property::getInstance()->get('url'))));
if (!property::getInstance()->get('user_friendly_url')) {
array_shift($uri);
}
array_shift($uri);
$uri_no_lang = system::getInstance()->altimplode('/', $uri);
$uri_target = '/' . $to . '/';
$uri_target .= $uri_no_lang;
system::getInstance()->redirect($uri_target);
} else {
system::getInstance()->redirect();
}
}
private function searchOnPage($query)
{
$params = array();
$queryBuild = '%' . $query . '%';
$stmt = database::getInstance()->con()->prepare("SELECT title,text,pathway,date FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE text like ? OR title like ? ORDER BY `date` LIMIT 50");
$stmt->bindParam(1, $queryBuild, PDO::PARAM_STR);
$stmt->bindParam(2, $queryBuild, PDO::PARAM_STR);
$stmt->execute();
$compiled_body = null;
while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = unserialize($result['title']);
$serial_text = unserialize($result['text']);
$text = system::getInstance()->altsubstr(system::getInstance()->nohtml($serial_text[language::getInstance()->getUseLanguage()]), 0, 200);
$link = "static/" . $result['pathway'];
$params['static'][] = array('link' => $link, 'title' => $title[language::getInstance()->getUseLanguage()], 'snippet' => $text, 'date' => system::getInstance()->toDate($result['date'], 'h'));
}
return $params;
}
/**
* Get comment list
* @param null $way
* @param int $end
* @param bool $show_all
* @return array
*/
public function getCommentsParams($way = null, $end = 0, $show_all = false)
{
$userid = user::getInstance()->get('id');
$stmt = null;
if (is_null($way)) {
$way = router::getInstance()->getUriString();
}
if ($show_all) {
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC");
$stmt->bindParam(1, $way, PDO::PARAM_STR);
$stmt->execute();
} else {
$comment_count = extension::getInstance()->getConfig('comments_count', 'comments', 'modules', 'int');
if ($end < 1) {
$end = 1;
}
$end *= $comment_count;
$stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC LIMIT 0,?");
$stmt->bindParam(1, $way, PDO::PARAM_STR);
$stmt->bindParam(2, $end, PDO::PARAM_INT);
$stmt->execute();
}
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
user::getInstance()->listload(system::getInstance()->extractFromMultyArray('author', $result));
$params = array();
foreach ($result as $item) {
$poster_id = $item['author'];
$can_edit = false;
$can_delete = false;
$editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
if ($userid > 0) {
if ($poster_id == $userid && time() - $item['time'] <= $editconfig || permission::getInstance()->have('comment/edit')) {
$can_edit = true;
}
if (permission::getInstance()->have('comment/delete')) {
$can_delete = true;
}
}
$params[] = array('author_id' => $poster_id, 'author_nick' => user::getInstance()->get('nick', $poster_id), 'author_avatar' => user::getInstance()->buildAvatar('small', $poster_id), 'comment_text' => extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->bbcode2html($item['comment']), 'comment_date' => system::getInstance()->toDate($item['time'], 'h'), 'unixtime' => $item['time'], 'comment_id' => $item['id'], 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'guest_name' => system::getInstance()->nohtml($item['guest_name']));
}
$stmt = null;
return $params;
}
private function viewUpload()
{
$file = $_FILES['files'];
$news_id = (int) system::getInstance()->get('id');
if ($file['size'] < 1 || !is_int($news_id) || $news_id < 1) {
return;
}
$dir = self::FILES_PATH . $news_id . '/';
$full_img = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadImage($dir . 'orig/', $file);
if (!$full_img) {
return;
}
$full_path = root . '/upload' . $dir . 'orig/' . $full_img;
$dx = extension::getInstance()->getConfig('gallery_dx', 'news', extension::TYPE_COMPONENT, 'int');
$dy = extension::getInstance()->getConfig('gallery_dy', 'news', extension::TYPE_COMPONENT, 'int');
$thumb_img = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadResizedImage($dir . 'thumb/', $full_path, $dx, $dy, $full_img);
$output[] = array('name' => $full_img, 'url' => property::getInstance()->get('script_url') . '/upload' . $dir . 'orig/' . $full_img, 'thumbnailUrl' => property::getInstance()->get('script_url') . '/upload' . $dir . 'thumb/' . $thumb_img);
echo json_encode(array('files' => $output));
}
public function make()
{
$params = array();
$params['captcha_full'] = extension::getInstance()->getConfig('captcha_type', 'captcha', 'hooks') == "recaptcha" ? true : false;
$params['captcha'] = extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->show();
if (system::getInstance()->post('dofeedback')) {
$poster_name = system::getInstance()->nohtml(system::getInstance()->post('topic_name'));
$topic_title = system::getInstance()->nohtml(system::getInstance()->post('topic_title'));
$topic_text = system::getInstance()->nohtml(system::getInstance()->post('topic_body'));
$poster_email = user::getInstance()->get('id') > 0 ? user::getInstance()->get('email') : system::getInstance()->post('topic_email');
$captcha = system::getInstance()->post('captcha');
$date = time();
if (!filter_var($poster_email, FILTER_VALIDATE_EMAIL)) {
$params['notify']['wrong_email'] = true;
}
if (system::getInstance()->length($topic_title) < 3 || system::getInstance()->length($topic_title) > 70) {
$params['notify']['wrong_title'] = true;
}
if (system::getInstance()->length($poster_name) < 3 || system::getInstance()->length($poster_name) > 50) {
$params['notify']['wrong_name'] = true;
}
if (system::getInstance()->length($topic_text) < 10) {
$params['notify']['wrong_text'] = true;
}
if (!extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->validate($captcha)) {
$params['notify']['wrong_captcha'] = true;
}
if (sizeof($params['notify']) == 0) {
$stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_com_feedback (`from_name`, `from_email`, `title`, `text`, `time`) VALUES (?, ?, ?, ?, ?)");
$stmt->bindParam(1, $poster_name, PDO::PARAM_STR);
$stmt->bindParam(2, $poster_email, PDO::PARAM_STR);
$stmt->bindParam(3, $topic_title, PDO::PARAM_STR);
$stmt->bindParam(4, $topic_text, PDO::PARAM_STR);
$stmt->bindParam(5, $date, PDO::PARAM_INT);
$stmt->execute();
$params['notify']['success'] = true;
}
}
meta::getInstance()->add('title', language::getInstance()->get('feedback_form_title'));
$render = template::getInstance()->twigRender('components/feedback/form.tpl', array('local' => $params));
template::getInstance()->set(template::TYPE_CONTENT, 'body', $render);
}
public function make()
{
if ($_FILES['upload'] == null) {
return null;
}
$type = (int) system::getInstance()->get('type');
$result = false;
$save_folder = false;
$allow_ext = system::getInstance()->altexplode(';', property::getInstance()->get('upload_allowed_ext'));
foreach ($allow_ext as $key => $value) {
// no dots
$nodot = str_replace('.', '', $value);
if (system::getInstance()->length($nodot) > 0) {
$allow_ext[$key] = $nodot;
}
}
switch ($type) {
case 1:
if (permission::getInstance()->have('admin/imagebrowser')) {
$result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadImage('/images/', $_FILES['upload']);
$save_folder = 'images';
}
break;
case 2:
if (permission::getInstance()->have('admin/flashbrowser')) {
$result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadFile('/flash/', $_FILES['upload'], array('swf'));
$save_folder = 'flash';
}
break;
default:
if (permission::getInstance()->have('admin/filebrowser')) {
$result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadFile('/other/', $_FILES['upload'], $allow_ext);
$save_folder = 'other';
}
break;
}
if (!$result || !$save_folder) {
echo '<html><body><script type="text/javascript">window.parent.CKEDITOR.tools.callFunction("' . $_GET['CKEditorFuncNum'] . '", "", "' . language::getInstance()->get('fileupload_api_error') . '");</script></body></html>';
} else {
echo '<html><body><script type="text/javascript">window.parent.CKEDITOR.tools.callFunction("' . $_GET['CKEditorFuncNum'] . '", "' . property::getInstance()->get('script_url') . '/upload/' . $save_folder . '/' . $result . '");</script></body></html>';
}
}
public function make()
{
if (!permission::getInstance()->have('admin/components/video/add') && !permission::getInstance()->have('admin/components/video/edit')) {
return;
}
$id = (int) system::getInstance()->get('id');
$type = (int) system::getInstance()->get('type');
if ($type == 1) {
$fpath = root . '/upload/video/catposter/poster_' . $id . '.jpg';
if (file_exists($fpath)) {
@unlink($fpath);
}
}
if ($type == 2) {
$fpath = root . '/upload/video/poster_' . $id . '.jpg';
if (file_exists($fpath)) {
@unlink($fpath);
}
}
}