/**
* Send email to user when they get a new PM
*
* @param integer $item
* @param integer $offer_value
*
* @dynamic tags
*
* '{RECIP_NAME}', '{SENDER_NAME}', '{WEB_URL}', '{WEB_TITLE}', '{PM_URL}', '{PM_SUBJECT}', '{PM_MESSAGE}'
*/
function new_pm_email($pm_info)
{
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_PM_alert');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
if ($pm_info['sender_id'] == 0) {
$sender_name = pmAdmin();
} else {
$pm_senderData = User::newInstance()->findByPrimaryKey($pm_info['sender_id']);
$sender_name = $pm_senderData['s_name'];
}
if ($pm_info['recip_id'] == 0) {
$pm_url = osc_admin_base_url(true) . '?page=plugins&action=renderplugin&file=osclass_pm/admin-send.php?userId=' . $pm_info['sender_id'] . '&mType=adminQuote&messId=' . $pm_info['pm_id'];
$pm_name = pmAdmin();
$pm_recipData['s_email'] = osc_contact_email();
} else {
$pm_url = osc_base_url(true) . '?page=custom&file=osclass_pm/user-send.php?userId=' . $pm_info['sender_id'] . '&mType=quote&messId=' . $pm_info['pm_id'];
$pm_recipData = User::newInstance()->findByPrimaryKey($pm_info['recip_id']);
$pm_name = $pm_recipData['s_name'];
}
$pm_url = '<a href="' . $pm_url . '" >' . $pm_url . '</a>';
$words = array();
$words[] = array('{RECIP_NAME}', '{SENDER_NAME}', '{WEB_URL}', '{WEB_TITLE}', '{PM_URL}', '{PM_SUBJECT}', '{PM_MESSAGE}', '[quote]', '[/quote]', '[quoteAuthor]', '[/quoteAuthor]');
$words[] = array($pm_name, $sender_name, osc_base_url(), osc_page_title(), $pm_url, $pm_info['pm_subject'], nl2br($pm_info['pm_message']), '<div class="messQuote">', '</div>', '<div class="quoteAuthor">', '</div>');
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $pm_recipData['s_email'], 'to_name' => $pm_name, 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
function doModel()
{
switch ($this->action) {
case 'contact_post':
//contact_post
$yourName = Params::getParam('yourName');
$yourEmail = Params::getParam('yourEmail');
$subject = Params::getParam('subject');
$message = Params::getParam('message');
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourName", $yourName);
Session::newInstance()->_setForm("yourEmail", $yourEmail);
Session::newInstance()->_setForm("subject", $subject);
Session::newInstance()->_setForm("message_body", $message);
$this->redirectTo(osc_contact_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (!preg_match('|.*?@.{2,}\\..{2,}|', $yourEmail)) {
osc_add_flash_error_message(_m('Please enter a correct email'));
Session::newInstance()->_setForm("yourName", $yourName);
Session::newInstance()->_setForm("subject", $subject);
Session::newInstance()->_setForm("message_body", $message);
$this->redirectTo(osc_contact_url());
}
$message = sprintf(__("%s (%s) left this message : %s"), $yourName, $yourEmail, $message);
$params = array('reply_to' => $yourEmail, 'subject' => '[' . osc_page_title() . '] ' . __('Contact form') . ': ' . $subject, 'to' => osc_contact_email(), 'to_name' => __('Administrator'), 'body' => $message, 'alt_body' => $message);
if (osc_contact_attachment()) {
$attachment = Params::getFiles('attachment');
$resourceName = $attachment['name'];
$tmpName = $attachment['tmp_name'];
$resourceType = $attachment['type'];
$path = osc_content_path() . 'uploads/' . time() . '_' . $resourceName;
if (!is_writable(osc_content_path() . 'uploads/')) {
osc_add_flash_error_message(_m('There have been some errors sending the message'));
$this->redirectTo(osc_contact_url());
}
if (!move_uploaded_file($tmpName, $path)) {
unset($path);
}
}
if (isset($path)) {
$params['attachment'] = $path;
}
osc_sendMail($params);
osc_add_flash_ok_message(_m('Your email has been sent properly. Thank you for contacting us!'));
$this->redirectTo(osc_contact_url());
break;
default:
//contact
$this->doView('contact.php');
}
}
function email_link_problem($url_from, $url_to, $contact)
{
$page = new Page();
$page = $page->findByInternalName('seo_link_problem');
if (empty($page)) {
exit;
}
$locale = osc_current_user_locale();
$content = array();
if (isset($page['locale'][$locale]['s_title'])) {
$content = $page['locale'][$locale];
} else {
$content = current($page['locale']);
}
$words = array();
$words[] = array('{LINK_FROM}', '{LINK_TO}');
$words[] = array($url_from, $url_to);
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$email_build = array('subject' => $title, 'to' => $contact, 'to_name' => 'Partner', 'body' => $body, 'alt_body' => $body);
osc_sendMail($email_build);
}
function fn_email_new_comment_user($aItem)
{
$authorName = trim($aItem['authorName']);
$authorName = strip_tags($authorName);
$authorEmail = trim($aItem['authorEmail']);
$authorEmail = strip_tags($authorEmail);
$body = trim($aItem['body']);
$body = strip_tags($body);
$title = $aItem['title'];
$itemId = $aItem['id'];
$userId = $aItem['userId'];
$admin_email = osc_contact_email();
$prefLocale = osc_language();
$item = Item::newInstance()->findByPrimaryKey($itemId);
View::newInstance()->_exportVariableToView('item', $item);
$itemURL = osc_item_url();
$itemURL = '<a href="' . $itemURL . '" >' . $itemURL . '</a>';
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_new_comment_user');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$words = array();
$words[] = array('{COMMENT_AUTHOR}', '{COMMENT_EMAIL}', '{COMMENT_TITLE}', '{COMMENT_TEXT}', '{ITEM_TITLE}', '{ITEM_ID}', '{ITEM_URL}', '{SELLER_NAME}', '{SELLER_EMAIL}');
$words[] = array($authorName, $authorEmail, $title, $body, $item['s_title'], $itemId, $itemURL, $item['s_contact_name'], $item['s_contact_email']);
$title_email = osc_mailBeauty(osc_apply_filter('email_title', osc_apply_filter('email_new_comment_user_title', $content['s_title'])), $words);
$body_email = osc_mailBeauty(osc_apply_filter('email_description', osc_apply_filter('email_new_comment_user_description', $content['s_text'])), $words);
$from = osc_contact_email();
$from_name = osc_page_title();
$emailParams = array('from' => $admin_email, 'from_name' => __('Admin mail system'), 'subject' => $title_email, 'to' => $item['s_contact_email'], 'to_name' => $item['s_contact_name'], 'body' => $body_email, 'alt_body' => $body_email);
osc_sendMail($emailParams);
}
function moreedit_moderate_edit($item_)
{
$cat_id = $item_['fk_i_category_id'];
$item_id = $item_['pk_i_id'];
if (osc_get_preference('notify_edit', 'moreedit') == '1') {
$aPage = Page::newInstance()->findByInternalName('email_moreedit_notify_edit');
$content = array();
$locale = osc_current_user_locale();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item = Item::newInstance()->findByPrimaryKey($item_id);
View::newInstance()->_exportVariableToView('item', $item);
$item_url = osc_item_url();
$item_url = '<a href="' . $item_url . '" >' . $item_url . '</a>';
$admin_edit_url = osc_item_admin_edit_url($item['pk_i_id']);
$words = array();
$words[] = array('{EDIT_LINK}', '{EDIT_URL}', '{ITEM_DESCRIPTION}', '{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}');
$words[] = array('<a href="' . $admin_edit_url . '" >' . $admin_edit_url . '</a>', $admin_edit_url, $item['s_description'], $item['pk_i_id'], $item['s_contact_name'], $item['s_contact_email'], '<a href="' . osc_base_url() . '" >' . osc_base_url() . '</a>', $item['s_title'], $item_url, osc_page_title());
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
if (osc_get_preference('moderate_edit', 'moreedit') == '1') {
Item::newInstance()->update(array('b_enabled' => 0), array('pk_i_id' => $item_id));
}
}
/**
* Send email to users when their ad has expired
*
* @param array $item
* @param string $r_secret
* @param integer $permDeleted
*
* @dynamic tags
*
* '{CONTACT_NAME}', '{ITEM_TITLE}',
* '{WEB_TITLE}', '{REPUBLISH_URL}', '{PERM_DELETED}'
*/
function item_expired_email($itemId, $r_secret, $permDeleted)
{
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_ad_expired');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item = Item::newInstance()->findByPrimaryKey($itemId);
$secret = '';
$secret = '&secret=' . $item['s_secret'];
$republish_url = osc_base_url() . 'oc-content/plugins/advanced_ad_management/item_republish.php?id=' . $item['pk_i_id'] . '&repub=republish&rSecret=' . $r_secret . $secret;
$republish_url = '<a href="' . $republish_url . '" >' . $republish_url . '</a>';
$words = array();
$words[] = array('{CONTACT_NAME}', '{ITEM_TITLE}', '{WEB_TITLE}', '{REPUBLISH_URL}', '{PERM_DELETED}');
$words[] = array($item['s_contact_name'], $item['s_title'], osc_page_title(), $republish_url, $permDeleted);
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $item['s_contact_email'], 'to_name' => $item['s_contact_name'], 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
$admin = Admin::newInstance()->findByUsername(Params::getParam('user'));
if ($admin) {
if ($admin["s_password"] == sha1(Params::getParam('password'))) {
if (Params::getParam('remember')) {
//this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
Admin::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $admin['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_adminId', $admin['pk_i_id']);
Cookie::newInstance()->push('oc_adminSecret', $secret);
Cookie::newInstance()->push('oc_adminLocale', Params::getParam('locale'));
Cookie::newInstance()->set();
}
//we are logged in... let's go!
Session::newInstance()->_set('adminId', $admin['pk_i_id']);
Session::newInstance()->_set('adminUserName', $admin['s_username']);
Session::newInstance()->_set('adminName', $admin['s_name']);
Session::newInstance()->_set('adminEmail', $admin['s_email']);
Session::newInstance()->_set('adminLocale', Params::getParam('locale'));
} else {
osc_add_flash_message(_m('The password is incorrect'), 'admin');
}
} else {
osc_add_flash_message(_m('That username does not exist'), 'admin');
}
//returning logged in to the main page...
$this->redirectTo(osc_admin_base_url());
break;
case 'recover':
//form to recover the password (in this case we have the form in /gui/)
//#dev.conquer: we cannot use the doView here and only here
$this->doView('gui/recover.php');
break;
case 'recover_post':
//post execution to recover the password
$admin = Admin::newInstance()->findByEmail(Params::getParam('email'));
if ($admin) {
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_message(_m('The Recaptcha code is wrong'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=login&action=recover');
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$newPassword = osc_genRandomPassword(40);
Admin::newInstance()->update(array('s_secret' => $newPassword), array('pk_i_id' => $admin['pk_i_id']));
$password_link = osc_forgot_admin_password_confirm_url($admin['pk_i_id'], $newPassword);
$aPage = Page::newInstance()->findByInternalName('email_user_forgot_password');
$content = array();
$locale = osc_current_user_locale();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
if (!is_null($content)) {
$words = array();
$words[] = array('{USER_NAME}', '{USER_EMAIL}', '{WEB_TITLE}', '{IP_ADDRESS}', '{PASSWORD_LINK}', '{DATE_TIME}');
$words[] = array($admin['s_name'], $admin['s_email'], osc_page_title(), $_SERVER['REMOTE_ADDR'], $password_link, date(osc_time_format() . ' ' . osc_date_format()));
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $admin['s_email'], 'to_name' => $admin['s_name'], 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
}
osc_add_flash_message(_m('A new password has been sent to your e-mail'), 'admin');
$this->redirectTo(osc_admin_base_url());
break;
case 'forgot':
//form to recover the password (in this case we have the form in /gui/)
$admin = Admin::newInstance()->findByIdSecret(Params::getParam('adminId'), Params::getParam('code'));
if ($admin) {
$this->doView('gui/forgot_password.php');
} else {
osc_add_flash_message(_m('Sorry, the link is not valid'), 'admin');
$this->redirectTo(osc_admin_base_url());
}
break;
case 'forgot_post':
$admin = Admin::newInstance()->findByIdSecret(Params::getParam('adminId'), Params::getParam('code'));
if ($admin) {
if (Params::getParam('new_password') == Params::getParam('new_password2')) {
Admin::newInstance()->update(array('s_secret' => osc_genRandomPassword(), 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $admin['pk_i_id']));
osc_add_flash_message(_m('The password has been changed'), 'admin');
$this->redirectTo(osc_admin_base_url());
} else {
osc_add_flash_message(_m('Error, the password don\'t match'), 'admin');
$this->redirectTo(osc_forgot_admin_password_confirm_url(Params::getParam('adminId'), Params::getParam('code')));
}
} else {
osc_add_flash_message(_m('Sorry, the link is not valid'), 'admin');
}
$this->redirectTo(osc_admin_base_url());
break;
}
}
<?php
osc_show_flash_message('admin');
if (Params::getParam('nepcoders_action') == 'send_email') {
$subject = Params::getParam('subject');
$message = stripslashes($_REQUEST['message']);
$message = str_replace('src="../', 'src="' . osc_base_url() . '/', $message);
$recipients = array();
$recipients = array_merge($recipients, User::newInstance()->listAll());
foreach ($recipients as $user) {
$params = array('subject' => $subject, 'to' => $user['s_email'], 'to_name' => osc_page_title(), 'body' => $message, 'alt_body' => strip_tags($message), 'add_bcc' => '', 'from' => 'donotreply@' . osc_get_domain());
osc_sendMail($params);
osc_add_flash_ok_message(__('Your email has been sent', 'nepcoders'), 'admin');
}
}
?>
<script>
tinyMCE.init({
mode : "textareas",
theme : "advanced",
plugins : "emotions,spellchecker,advhr,insertdatetime,preview,fullpage,save,table,template",
// Theme options - button# indicated the row# only
theme_advanced_buttons1 : "newdocument,|,bold,italic,underline,|,justifyleft,justifycenter,justifyright,fontselect,fontsizeselect,formatselect",
theme_advanced_buttons2 : "cut,copy,paste,|,bullist,numlist,|,outdent,indent,|,undo,redo,|,link,unlink,anchor,image,|,code,preview,|,forecolor,backcolor",
theme_advanced_buttons3 : "insertdate,inserttime,|,spellchecker,advhr,,removeformat,|,sub,sup,|,charmap,emotions,|,table,fullpage",
theme_advanced_toolbar_location : "top",
theme_advanced_toolbar_align : "left",
theme_advanced_statusbar_location : "bottom",
theme_advanced_resizing : true
});
function fn_email_item_validation_non_register_user($item)
{
View::newInstance()->_exportVariableToView('item', $item);
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_item_validation_non_register_user');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item_url = osc_item_url();
$item_url = '<a href="' . $item_url . '" >' . $item_url . '</a>';
$edit_url = osc_item_edit_url($item['s_secret'], $item['pk_i_id']);
$delete_url = osc_item_delete_url($item['s_secret'], $item['pk_i_id']);
$all = '';
if (isset($item['locale'])) {
foreach ($item['locale'] as $locale => $data) {
$locale_name = OSCLocale::newInstance()->listWhere("pk_c_code = '" . $locale . "'");
$all .= '<br/>';
if (isset($locale_name[0]) && isset($locale_name[0]['s_name'])) {
$all .= __('Language') . ': ' . $locale_name[0]['s_name'] . '<br/>';
} else {
$all .= __('Language') . ': ' . $locale . '<br/>';
}
$all .= __('Title') . ': ' . $data['s_title'] . '<br/>';
$all .= __('Description') . ': ' . $data['s_description'] . '<br/>';
$all .= '<br/>';
}
} else {
$all .= __('Title') . ': ' . $item['s_title'] . '<br/>';
$all .= __('Description') . ': ' . $item['s_description'] . '<br/>';
}
// Format activation URL
$validation_url = osc_item_activate_url($item['s_secret'], $item['pk_i_id']);
$words = array();
$words[] = array('{ITEM_DESCRIPTION_ALL_LANGUAGES}', '{ITEM_DESCRIPTION}', '{ITEM_COUNTRY}', '{ITEM_PRICE}', '{ITEM_REGION}', '{ITEM_CITY}', '{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{VALIDATION_LINK}', '{VALIDATION_URL}', '{EDIT_LINK}', '{EDIT_URL}', '{DELETE_LINK}', '{DELETE_URL}');
$words[] = array($all, $item['s_description'], $item['s_country'], osc_prepare_price($item['s_price']), $item['s_region'], $item['s_city'], $item['pk_i_id'], $item['s_contact_name'], $item['s_contact_email'], '<a href="' . osc_base_url() . '" >' . osc_base_url() . '</a>', $item['s_title'], $item_url, osc_page_title(), '<a href="' . $validation_url . '" >' . $validation_url . '</a>', $validation_url, '<a href="' . $edit_url . '">' . $edit_url . '</a>', $edit_url, '<a href="' . $delete_url . '">' . $delete_url . '</a>', $delete_url);
$title = osc_mailBeauty(osc_apply_filter('email_title', osc_apply_filter('email_item_validation_non_register_user_title', $content['s_title'])), $words);
$body = osc_mailBeauty(osc_apply_filter('email_description', osc_apply_filter('email_item_validation_non_register_user_description', $content['s_text'])), $words);
$emailParams = array('subject' => $title, 'to' => $item['s_contact_email'], 'to_name' => $item['s_contact_name'], 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
function doModel()
{
switch ($this->action) {
case 'contact_post':
//contact_post
osc_csrf_check();
$yourName = Params::getParam('yourName');
$yourEmail = Params::getParam('yourEmail');
$subject = Params::getParam('subject');
$message = Params::getParam('message');
if (osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm('yourName', $yourName);
Session::newInstance()->_setForm('yourEmail', $yourEmail);
Session::newInstance()->_setForm('subject', $subject);
Session::newInstance()->_setForm('message_body', $message);
$this->redirectTo(osc_contact_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (!preg_match('|.*?@.{2,}\\..{2,}|', $yourEmail)) {
osc_add_flash_error_message(_m('Please enter a correct email'));
Session::newInstance()->_setForm('yourName', $yourName);
Session::newInstance()->_setForm('subject', $subject);
Session::newInstance()->_setForm('message_body', $message);
$this->redirectTo(osc_contact_url());
}
$message_name = sprintf(__('Name: %s'), $yourName);
$message_email = sprintf(__('Email: %s'), $yourEmail);
$message_subject = sprintf(__('Subject: %s'), $subject);
$message_body = sprintf(__('Message: %s'), $message);
$message_date = sprintf(__('Date: %s at %s'), date('l F d, Y'), date('g:i a'));
$message_IP = sprintf(__('IP Address: %s'), get_ip());
$message = <<<MESSAGE
{$message_name}
{$message_email}
{$message_subject}
{$message_body}
{$message_date}
{$message_IP}
MESSAGE;
$params = array('from' => osc_contact_email(), 'to' => osc_contact_email(), 'to_name' => osc_page_title(), 'reply_to' => $yourEmail, 'subject' => '[' . osc_page_title() . '] ' . __('Contact'), 'body' => nl2br($message));
if (osc_contact_attachment()) {
$attachment = Params::getFiles('attachment');
if (isset($attachment['tmp_name'])) {
$resourceName = $attachment['name'];
$tmpName = $attachment['tmp_name'];
$resourceType = $attachment['type'];
$path = osc_content_path() . 'uploads/' . time() . '_' . $resourceName;
if (!is_writable(osc_content_path() . 'uploads/')) {
osc_add_flash_error_message(_m('There have been some errors sending the message'));
$this->redirectTo(osc_contact_url());
}
if (!move_uploaded_file($tmpName, $path)) {
unset($path);
}
}
}
if (isset($path)) {
$params['attachment'] = $path;
}
osc_run_hook('pre_contact_post', $params);
osc_sendMail(osc_apply_filter('contact_params', $params));
osc_add_flash_ok_message(_m('Your email has been sent properly. Thank you for contacting us!'));
$this->redirectTo(osc_contact_url());
break;
default:
//contact
$this->doView('contact.php');
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'userajax':
// This is the autocomplete AJAX
$users = User::newInstance()->ajax(Params::getParam("term"));
if (count($users) == 0) {
echo json_encode(array(0 => array('id' => '', 'label' => __('No results'), 'value' => __('No results'))));
} else {
echo json_encode($users);
}
break;
case 'date_format':
echo json_encode(array('format' => Params::getParam('format'), 'str_formatted' => osc_format_date(date('Y-m-d H:i:s'), Params::getParam('format'))));
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_admin_' . $hook);
break;
}
break;
case 'categories_order':
// Save the order of the categories
osc_csrf_check(false);
$aIds = Params::getParam('list');
$order = array();
$error = 0;
$catManager = Category::newInstance();
$aRecountCat = array();
foreach ($aIds as $cat) {
if (!isset($order[$cat['p']])) {
$order[$cat['p']] = 0;
}
$res = $catManager->update(array('fk_i_parent_id' => $cat['p'] == 'root' ? NULL : $cat['p'], 'i_position' => $order[$cat['p']]), array('pk_i_id' => $cat['c']));
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
$aRecountCat[] = $cat['c'];
}
}
$order[$cat['p']] = $order[$cat['p']] + 1;
}
// update category stats
foreach ($aRecountCat as $rId) {
osc_update_cat_stats_id($rId);
}
if ($error) {
$result = array('error' => __("An error occurred"));
} else {
$result = array('ok' => __("Order saved"));
}
echo json_encode($result);
break;
case 'category_edit_iframe':
$this->_exportVariableToView('category', Category::newInstance()->findByPrimaryKey(Params::getParam("id"), 'all'));
if (count(Category::newInstance()->findSubcategories(Params::getParam("id"))) > 0) {
$this->_exportVariableToView('has_subcategories', true);
} else {
$this->_exportVariableToView('has_subcategories', false);
}
$this->_exportVariableToView('languages', OSCLocale::newInstance()->listAllEnabled());
$this->doView("categories/iframe.php");
break;
case 'field_categories_iframe':
$selected = Field::newInstance()->categories(Params::getParam("id"));
if ($selected == null) {
$selected = array();
}
$this->_exportVariableToView("selected", $selected);
$this->_exportVariableToView("field", Field::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->doView("fields/iframe.php");
break;
case 'field_categories_post':
osc_csrf_check(false);
$error = 0;
$field = Field::newInstance()->findByName(Params::getParam("s_name"));
if (!isset($field['pk_i_id']) || isset($field['pk_i_id']) && $field['pk_i_id'] == Params::getParam("id")) {
// remove categories from a field
Field::newInstance()->cleanCategoriesFromField(Params::getParam("id"));
// no error... continue updating fields
if ($error == 0) {
$slug = Params::getParam("field_slug") != '' ? Params::getParam("field_slug") : Params::getParam("s_name");
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($slug)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
// trim options
$s_options = '';
$aux = Params::getParam('s_options');
$aAux = explode(',', $aux);
foreach ($aAux as &$option) {
$option = trim($option);
}
$s_options = implode(',', $aAux);
$res = Field::newInstance()->update(array('s_name' => Params::getParam("s_name"), 'e_type' => Params::getParam("field_type"), 's_slug' => $slug, 'b_required' => Params::getParam("field_required") == "1" ? 1 : 0, 'b_searchable' => Params::getParam("field_searchable") == "1" ? 1 : 0, 's_options' => $s_options), array('pk_i_id' => Params::getParam("id")));
if (is_bool($res) && !$res) {
$error = 1;
}
}
// no error... continue inserting categories-field
if ($error == 0) {
$aCategories = Params::getParam("categories");
if (is_array($aCategories) && count($aCategories) > 0) {
$res = Field::newInstance()->insertCategories(Params::getParam("id"), $aCategories);
if (!$res) {
$error = 1;
}
}
}
// error while updating?
if ($error == 1) {
$message = __("An error occurred while updating.");
}
} else {
$error = 1;
$message = __("Sorry, you already have a field with that name");
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"), 'text' => Params::getParam("s_name"), 'field_id' => Params::getParam("id"));
}
echo json_encode($result);
break;
case 'delete_field':
osc_csrf_check(false);
$res = Field::newInstance()->deleteByPrimaryKey(Params::getParam('id'));
if ($res > 0) {
$result = array('ok' => __('The custom field has been deleted'));
} else {
$result = array('error' => __('An error occurred while deleting'));
}
echo json_encode($result);
break;
case 'add_field':
osc_csrf_check(false);
$s_name = __('NEW custom field');
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($s_name)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
$fieldManager = Field::newInstance();
$result = $fieldManager->insertField($s_name, 'TEXT', $slug, 0, '', array());
if ($result) {
echo json_encode(array('error' => 0, 'field_id' => $fieldManager->dao->insertedId(), 'field_name' => $s_name));
} else {
echo json_encode(array('error' => 1));
}
break;
case 'enable_category':
osc_csrf_check(false);
$id = strip_tags(Params::getParam('id'));
$enabled = Params::getParam('enabled') != '' ? Params::getParam('enabled') : 0;
$error = 0;
$result = array();
$aUpdated = array();
$mCategory = Category::newInstance();
$aCategory = $mCategory->findByPrimaryKey($id);
if ($aCategory == false) {
$result = array('error' => sprintf(__("No category with id %d exists"), $id));
echo json_encode($result);
break;
}
// root category
if ($aCategory['fk_i_parent_id'] == '') {
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
$mCategory->update(array('b_enabled' => $enabled), array('fk_i_parent_id' => $id));
$subCategories = $mCategory->findSubcategories($id);
$aIds = array($id);
$aUpdated[] = array('id' => $id);
foreach ($subCategories as $subcategory) {
$aIds[] = $subcategory['pk_i_id'];
$aUpdated[] = array('id' => $subcategory['pk_i_id']);
}
Item::newInstance()->enableByCategory($enabled, $aIds);
if ($enabled) {
$result = array('ok' => __('The category as well as its subcategories have been enabled'));
} else {
$result = array('ok' => __('The category as well as its subcategories have been disabled'));
}
$result['affectedIds'] = $aUpdated;
echo json_encode($result);
break;
}
// subcategory
$parentCategory = $mCategory->findRootCategory($id);
if (!$parentCategory['b_enabled']) {
$result = array('error' => __('Parent category is disabled, you can not enable that category'));
echo json_encode($result);
break;
}
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
if ($enabled) {
$result = array('ok' => __('The subcategory has been enabled'));
} else {
$result = array('ok' => __('The subcategory has been disabled'));
}
$result['affectedIds'] = array(array('id' => $id));
echo json_encode($result);
break;
case 'delete_category':
osc_csrf_check(false);
$id = Params::getParam("id");
$error = 0;
$categoryManager = Category::newInstance();
$res = $categoryManager->deleteByPrimaryKey($id);
if ($res > 0) {
$message = __('The categories have been deleted');
} else {
$error = 1;
$message = __('An error occurred while deleting');
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"));
}
echo json_encode($result);
break;
case 'edit_category_post':
osc_csrf_check(false);
$id = Params::getParam("id");
$fields['i_expiration_days'] = Params::getParam("i_expiration_days") != '' ? Params::getParam("i_expiration_days") : 0;
$fields['b_price_enabled'] = Params::getParam('b_price_enabled') != '' ? 1 : 0;
$apply_changes_to_subcategories = Params::getParam('apply_changes_to_subcategories') == 1 ? true : false;
$error = 0;
$has_one_title = 0;
$postParams = Params::getParamsAsArray();
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_name') {
if ($v != "") {
$has_one_title = 1;
$aFieldsDescription[$m[1]][$m[2]] = $v;
$s_text = $v;
} else {
$aFieldsDescription[$m[1]][$m[2]] = NULL;
$error = 1;
}
} else {
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
}
$l = osc_language();
if ($error == 0 || $error == 1 && $has_one_title == 1) {
$categoryManager = Category::newInstance();
$res = $categoryManager->updateByPrimaryKey(array('fields' => $fields, 'aFieldsDescription' => $aFieldsDescription), $id);
$categoryManager->updateExpiration($id, $fields['i_expiration_days'], $apply_changes_to_subcategories);
$categoryManager->updatePriceEnabled($id, $fields['b_price_enabled'], $apply_changes_to_subcategories);
if (is_bool($res)) {
$error = 2;
}
}
if ($error == 0) {
$msg = __("Category updated correctly");
} else {
if ($error == 1) {
if ($has_one_title == 1) {
$error = 4;
$msg = __('Category updated correctly, but some titles are empty');
} else {
$msg = __('Sorry, including at least a title is mandatory');
}
} else {
if ($error == 2) {
$msg = __('An error occurred while updating');
}
}
}
echo json_encode(array('error' => $error, 'msg' => $msg, 'text' => $aFieldsDescription[$l]['s_name']));
break;
case 'custom':
// Execute via AJAX custom file
if (Params::existParam('route')) {
$routes = Rewrite::newInstance()->getRoutes();
$rid = Params::getParam('route');
$file = '../';
if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
$file = $routes[$rid]['file'];
}
} else {
$file = Params::getParam("ajaxfile");
}
if ($file == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (stripos($file, '../') !== false || stripos($file, '..\\') !== false) {
echo json_encode(array('error' => 'no valid file'));
break;
}
if (!file_exists(osc_plugins_path() . $file)) {
echo json_encode(array('error' => "file doesn't exist"));
break;
}
require_once osc_plugins_path() . $file;
break;
case 'test_mail':
$title = sprintf(__('Test email, %s'), osc_page_title());
$body = __("Test email") . "<br><br>" . osc_page_title();
$emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error occurred while sending email'));
}
echo json_encode($array);
break;
case 'test_mail_template':
// replace por valores por defecto
$email = Params::getParam("email");
$title = Params::getParam("title");
$body = Params::getParam("body", false, false);
$emailParams = array('subject' => $title, 'to' => $email, 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error occurred while sending email'));
}
echo json_encode($array);
break;
case 'order_pages':
osc_csrf_check(false);
$order = Params::getParam("order");
$id = Params::getParam("id");
if ($order != '' && $id != '') {
$mPages = Page::newInstance();
$actual_page = $mPages->findByPrimaryKey($id);
$actual_order = $actual_page['i_order'];
$array = array();
$condition = array();
$new_order = $actual_order;
if ($order == 'up') {
$page = $mPages->findPrevPage($actual_order);
} else {
if ($order == 'down') {
$page = $mPages->findNextPage($actual_order);
}
}
if (isset($page['i_order'])) {
$mPages->update(array('i_order' => $page['i_order']), array('pk_i_id' => $id));
$mPages->update(array('i_order' => $actual_order), array('pk_i_id' => $page['pk_i_id']));
}
}
break;
case 'check_version':
$data = osc_file_get_contents('http://osclass.org/latest_version_v1.php?callback=?');
$data = preg_replace('|^\\?\\((.*?)\\);$|', '$01', $data);
$json = json_decode($data);
if (isset($json->version)) {
if ($json->version > osc_version()) {
osc_set_preference('update_core_json', $data);
echo json_encode(array('error' => 0, 'msg' => __('Update available')));
} else {
osc_set_preference('update_core_json', '');
echo json_encode(array('error' => 0, 'msg' => __('No update available')));
}
osc_set_preference('last_version_check', time());
} else {
// Latest version couldn't be checked (site down?)
osc_set_preference('last_version_check', time() - 82800);
// 82800 = 23 hours, so repeat check in one hour
echo json_encode(array('error' => 1, 'msg' => __('Version could not be checked')));
}
break;
case 'check_languages':
$total = _osc_check_languages_update();
echo json_encode(array('msg' => __('Checked updates'), 'total' => $total));
break;
case 'check_themes':
$total = _osc_check_themes_update();
echo json_encode(array('msg' => __('Checked updates'), 'total' => $total));
break;
case 'check_plugins':
$total = _osc_check_plugins_update();
echo json_encode(array('msg' => __('Checked updates'), 'total' => $total));
break;
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
case 'upgrade':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
osc_csrf_check();
$result = osc_do_upgrade();
if (!defined('__FROM_CRON__') || !__FROM_CRON__) {
if ($result['error'] == 0) {
osc_add_flash_ok_message($result['message'], 'admin');
} else {
if ($result['error'] == 6) {
osc_add_flash_warning_message($result['message'], 'admin');
}
}
}
echo json_encode($result);
break;
/*******************************
** COMPLETE MARKET PROCESS **
*******************************/
/*******************************
** COMPLETE MARKET PROCESS **
*******************************/
case 'market':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
osc_csrf_check(false);
$result = osc_market(Params::getParam('section'), Params::getParam('code'));
echo json_encode($result);
break;
case 'check_market':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
$section = Params::getParam('section');
$code = Params::getParam('code');
$data = array();
/************************
*** CHECK VALID CODE ***
************************/
if ($code != '' && $section != '') {
if (stripos($code, "http://") === FALSE) {
// OSCLASS OFFICIAL REPOSITORY
$data = json_decode(osc_file_get_contents(osc_market_url($section, $code), array('api_key' => osc_market_api_connect())), true);
} else {
// THIRD PARTY REPOSITORY
if (osc_market_external_sources()) {
$data = json_decode(osc_file_get_contents($code), true);
} else {
echo json_encode(array('error' => 3, 'error_msg' => __('No external sources are allowed')));
break;
}
}
if (!isset($data['s_source_file']) || !isset($data['s_update_url'])) {
//$data = array('error' => 2, 'error_msg' => __('Invalid code'));
}
} else {
$data = array('error' => 1, 'error_msg' => __('No code was submitted'));
}
echo json_encode($data);
break;
case 'market_data':
$section = Params::getParam('section');
$page = Params::getParam("mPage");
$featured = Params::getParam("featured");
$sort = Params::getParam("sort");
$order = Params::getParam("order");
// for the moment this value is static
$length = 9;
if ($page >= 1) {
$page--;
}
$url = osc_market_url($section) . "page/" . $page . '/';
if ($length != '' && is_numeric($length)) {
$url .= 'length/' . $length . '/';
}
if ($sort != '') {
$url .= 'order/' . $sort;
if ($order != '') {
$url .= '/' . $order;
}
}
if ($featured != '') {
$url = osc_market_featured_url($section);
}
$data = array();
$data = json_decode(osc_file_get_contents($url, array('api_key' => osc_market_api_connect())), true);
if (!isset($data[$section])) {
$data = array('error' => 1, 'error_msg' => __('No market data'));
}
echo 'var market_data = window.market_data || {}; market_data.' . $section . ' = ' . json_encode($data) . ';';
break;
case 'local_market':
// AVOID CROSS DOMAIN PROBLEMS OF AJAX REQUEST
$marketPage = Params::getParam("mPage");
if ($marketPage >= 1) {
$marketPage--;
}
$out = osc_file_get_contents(osc_market_url(Params::getParam("section")) . "page/" . $marketPage, array('api_key' => osc_market_api_connect()));
$array = json_decode($out, true);
// do pagination
$pageActual = $array['page'];
$totalPages = ceil($array['total'] / $array['sizePage']);
$params = array('total' => $totalPages, 'selected' => $pageActual, 'url' => '#{PAGE}', 'sides' => 5);
// set pagination
$pagination = new Pagination($params);
$aux = $pagination->doPagination();
$array['pagination_content'] = $aux;
// encode to json
echo json_encode($array);
break;
case 'market_connect':
$json = osc_file_get_contents(osc_market_url() . 'connect/', array('s_email' => Params::getParam('s_email'), 's_password' => Params::getParam('s_password')));
$data = json_decode($json, true);
if ($data['error'] == 0) {
osc_set_preference('marketAPIConnect', $data['api_key']);
unset($data['api_key']);
$json = json_encode($data);
}
echo $json;
break;
case 'dashboardbox_market':
$error = 0;
// make market call
$url = osc_get_preference('marketURL') . 'dashboardbox/';
$content = '';
if (false === ($json = @osc_file_get_contents($url))) {
$error = 1;
} else {
$content = $json;
}
if ($error == 1) {
echo json_encode(array('error' => 1));
} else {
// replace content with correct urls
$content = str_replace('{URL_MARKET_THEMES}', osc_admin_base_url(true) . '?page=market&action=themes', $content);
$content = str_replace('{URL_MARKET_PLUGINS}', osc_admin_base_url(true) . '?page=market&action=plugins', $content);
echo json_encode(array('html' => $content));
}
break;
case 'market_header':
$error = 0;
// make market call
$url = osc_get_preference('marketURL') . 'market_header/';
$content = '';
if (false === ($json = @osc_file_get_contents($url))) {
$error = 1;
} else {
$content = $json;
}
if ($error == 1) {
echo json_encode(array('error' => 1));
} else {
echo json_encode(array('html' => $content));
}
break;
case 'location_stats':
osc_csrf_check(false);
$workToDo = osc_update_location_stats();
if ($workToDo > 0) {
$array['status'] = 'more';
$array['pending'] = $workToDo;
echo json_encode($array);
} else {
$array['status'] = 'done';
echo json_encode($array);
}
break;
case 'country_slug':
$exists = Country::newInstance()->findBySlug(Params::getParam('slug'));
if (isset($exists['s_slug'])) {
echo json_encode(array('error' => 1, 'country' => $exists));
} else {
echo json_encode(array('error' => 0));
}
break;
case 'region_slug':
$exists = Region::newInstance()->findBySlug(Params::getParam('slug'));
if (isset($exists['s_slug'])) {
echo json_encode(array('error' => 1, 'region' => $exists));
} else {
echo json_encode(array('error' => 0));
}
break;
case 'city_slug':
$exists = City::newInstance()->findBySlug(Params::getParam('slug'));
if (isset($exists['s_slug'])) {
echo json_encode(array('error' => 1, 'city' => $exists));
} else {
echo json_encode(array('error' => 0));
}
break;
case 'error_permissions':
echo json_encode(array('error' => __("You don't have the necessary permissions")));
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->getByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->getByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$alert = Params::getParam("alert");
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if ($alert != '' && $email != '') {
Alerts::newInstance()->insert(array('fk_i_user_id' => $userid, 's_email' => $email, 's_search' => $alert, 'e_type' => 'DAILY'));
echo "1";
return true;
}
echo '0';
break;
case 'runhook':
//Run hooks
$hook = Params::getParam("hook");
switch ($hook) {
case 'item_form':
$catId = Params::getParam("catId");
if ($catId != '') {
osc_run_hook("item_form", $catId);
} else {
osc_run_hook("item_form");
}
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
if ($hook == '') {
return false;
} else {
osc_run_hook($hook);
}
break;
}
break;
case 'items':
// Return items (use external file oc-admin/ajax/item_processing.php)
require_once osc_admin_base_path() . 'ajax/items_processing.php';
$items_processing = new items_processing_ajax(Params::getParamsAsArray("get"));
break;
case 'media':
// Return items (use external file oc-admin/ajax/media_processing.php)
require_once osc_admin_base_path() . 'ajax/media_processing.php';
$media_processing = new media_processing_ajax(Params::getParamsAsArray("get"));
break;
case 'categories_order':
// Save the order of the categories
$aIds = Params::getParam('list');
$orderParent = 0;
$orderSub = 0;
$catParent = 0;
$catManager = Category::newInstance();
foreach ($aIds as $id => $parent) {
if ($parent == 'root') {
if (!$catManager->update_order($id, $orderParent)) {
$error = 1;
}
// set parent category
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = DB_CONST_NULL;
if (!$catManager->update($array, $conditions) > 0) {
$error = 1;
}
$orderParent++;
} else {
if ($parent != $catParent) {
$catParent = $parent;
$orderSub = 0;
}
if (!$catManager->update_order($id, $orderSub)) {
$error = 1;
}
// set parent category
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = $catParent;
if (!$catManager->update($array, $conditions) > 0) {
$error = 1;
}
$orderSub++;
}
}
$result = "{";
$error = 0;
if ($error) {
$result .= '"error" : "' . __("Some error ocurred") . '"';
} else {
$result .= '"ok" : "' . __("Order saved") . '"';
}
$result .= "}";
echo $result;
break;
case 'category_edit_iframe':
$this->_exportVariableToView("category", Category::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView("languages", OSCLocale::newInstance()->listAllEnabled());
$this->doView("categories/iframe.php");
break;
case 'field_categories_iframe':
$selected = Field::newInstance()->categories(Params::getParam("id"));
if ($selected == null) {
$selected = array();
}
$this->_exportVariableToView("selected", $selected);
$this->_exportVariableToView("field", Field::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->doView("fields/iframe.php");
break;
case 'field_categories_post':
$error = 0;
if (!$error) {
try {
$field = Field::newInstance()->findByName(Params::getParam("s_name"));
if (!isset($field['pk_i_id']) || isset($field['pk_i_id']) && $field['pk_i_id'] == Params::getParam("id")) {
Field::newInstance()->cleanCategoriesFromField(Params::getParam("id"));
$slug = Params::getParam("field_slug") != '' ? Params::getParam("field_slug") : Params::getParam("id");
$slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($slug)));
Field::newInstance()->update(array('s_name' => Params::getParam("s_name"), 'e_type' => Params::getParam("field_type"), 's_slug' => $slug, 'b_required' => Params::getParam("field_required") == "1" ? 1 : 0, 's_options' => Params::getParam('s_options')), array('pk_i_id' => Params::getParam("id")));
Field::newInstance()->insertCategories(Params::getParam("id"), Params::getParam("categories"));
} else {
$error = 1;
$message = __("Sorry, you already have one field with that name");
}
} catch (Exception $e) {
$error = 1;
$message = __("Error while updating.");
}
}
$result = "{";
if ($error) {
$result .= '"error" : "';
$result .= $message;
$result .= '"';
} else {
$result .= '"ok" : "' . __("Saved") . '", "text" : "' . Params::getParam("s_name") . '"';
}
$result .= "}";
echo $result;
break;
case 'delete_field':
$id = Params::getParam("id");
$error = 0;
try {
$fieldManager = Field::newInstance();
$fieldManager->deleteByPrimaryKey($id);
$message = __('The custom field have been deleted');
} catch (Exception $e) {
$error = 1;
$message = __('Error while deleting');
}
$result = "{";
if ($error) {
$result .= '"error" : "';
$result .= $message;
$result .= '"';
} else {
$result .= '"ok" : "Saved." ';
}
$result .= "}";
echo $result;
break;
case 'enable_category':
$id = Params::getParam("id");
$enabled = Params::getParam("enabled") != '' ? Params::getParam("enabled") : 0;
$error = 0;
$aUpdated = "";
try {
if ($id != '') {
$categoryManager = Category::newInstance();
$categoryManager->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
if ($enabled == 1) {
$msg = __('The category has been enabled');
} else {
$msg = __('The category has been disabled');
}
$categoryManager->update(array('b_enabled' => $enabled), array('fk_i_parent_id' => $id));
$aUpdated = $categoryManager->listWhere("fk_i_parent_id = {$id}");
if ($enabled == 1) {
$msg .= "<br>" . __('The subcategories has been enabled');
} else {
$msg .= "<br>" . __('The subcategories has been disabled');
}
} else {
$error = 1;
$msg = __('There was a problem with this page. The ID for the category hasn\'t been set');
}
$message = $msg;
} catch (Exception $e) {
$error = 1;
$message = __('Error: %s') . " " . $e->getMessage();
}
$result = "{";
$error = 0;
if ($error) {
$result .= '"error" : "' . $message . '"';
} else {
$result .= '"ok" : "' . $message . '"';
if (count($aUpdated) > 0) {
$result .= ', "afectedIds": [';
foreach ($aUpdated as $category) {
$result .= '{ "id" : "' . $category['pk_i_id'] . '" },';
}
$result = substr($result, 0, -1);
$result .= ']';
} else {
$result .= ', "afectedIds": []';
}
}
$result .= "}";
echo $result;
break;
case 'delete_category':
$id = Params::getParam("id");
$error = 0;
try {
$categoryManager = Category::newInstance();
$categoryManager->deleteByPrimaryKey($id);
$message = __('The categories have been deleted');
} catch (Exception $e) {
$error = 1;
$message = __('Error while deleting');
}
$result = "{";
if ($error) {
$result .= '"error" : "';
$result .= $message;
$result .= '"';
} else {
$result .= '"ok" : "Saved." ';
}
$result .= "}";
echo $result;
break;
case 'edit_category_post':
$id = Params::getParam("id");
$fields['i_expiration_days'] = Params::getParam("i_expiration_days") != '' ? Params::getParam("i_expiration_days") : 0;
$error = 0;
$postParams = Params::getParamsAsArray();
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_name') {
if ($v != "") {
$aFieldsDescription[$m[1]][$m[2]] = $v;
} else {
$error = 1;
$message = __("All titles are required");
}
} else {
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
}
$l = osc_language();
if (!$error) {
try {
$categoryManager = Category::newInstance();
$categoryManager->updateByPrimaryKey($fields, $aFieldsDescription, $id);
} catch (Exception $e) {
$error = 1;
$message = __("Error while updating.");
}
}
$result = "{";
if ($error) {
$result .= '"error" : "';
$result .= $message;
$result .= '"';
} else {
$result .= '"ok" : "' . __("Saved") . '", "text" : "' . $aFieldsDescription[$l]['s_name'] . '"';
}
$result .= "}";
echo $result;
break;
case 'custom':
// Execute via AJAX custom file
$ajaxfile = Params::getParam("ajaxfile");
if ($ajaxfile != '') {
require_once osc_admin_base_path() . $ajaxfile;
} else {
echo json_encode(array('error' => __('no action defined')));
}
break;
case 'test_mail':
$title = __('Test email') . ", " . osc_page_title();
$body = __("Test email") . "<br><br>" . osc_page_title();
$emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error has occurred while sending email'));
}
echo json_encode($array);
break;
case 'order_pages':
$order = Params::getParam("order");
$id = Params::getParam("id");
$count = osc_count_static_pages();
if ($order != '' && $id != '') {
$mPages = Page::newInstance();
$actual_page = $mPages->findByPrimaryKey($id);
$actual_order = $actual_page['i_order'];
$array = array();
$condition = array();
$new_order = $actual_order;
if ($order == 'up') {
if ($actual_order > 0) {
$new_order = $actual_order - 1;
}
} else {
if ($order == 'down') {
if ($actual_order != $count - 1) {
$new_order = $actual_order + 1;
}
}
}
if ($new_order != $actual_order) {
$auxpage = $mPages->findByOrder($new_order);
$array = array('i_order' => $actual_order);
$conditions = array('pk_i_id' => $auxpage['pk_i_id']);
$mPages->update($array, $conditions);
$array = array('i_order' => $new_order);
$conditions = array('pk_i_id' => $id);
$mPages->update($array, $conditions);
} else {
}
// json for datatables
$prefLocale = osc_current_admin_locale();
$aPages = $mPages->listAll(0);
$json = "[";
foreach ($aPages as $key => $page) {
$body = array();
if (isset($page['locale'][$prefLocale]) && !empty($page['locale'][$prefLocale]['s_title'])) {
$body = $page['locale'][$prefLocale];
} else {
$body = current($page['locale']);
}
$p_body = str_replace("'", "\\'", trim(strip_tags($body['s_title']), "\"'"));
$json .= "[\"<input type='checkbox' name='id[]' value='" . $page['pk_i_id'] . "' />\",";
$json .= "\"" . $page['s_internal_name'] . "<div id='datatables_quick_edit'>";
$json .= "<a href='" . osc_static_page_url() . "'>" . __('View page') . "</a> | ";
$json .= "<a href='" . osc_admin_base_url(true) . "?page=pages&action=edit&id=" . $page['pk_i_id'] . "'>";
$json .= __('Edit') . "</a>";
if (!$page['b_indelible']) {
$json .= " | ";
$json .= "<a onclick=\\\"javascript:return confirm('";
$json .= __('This action can\\\\\'t be undone. Are you sure you want to continue?') . "')\\\" ";
$json .= " href='" . osc_admin_base_url(true) . "?page=pages&action=delete&id=" . $page['pk_i_id'] . "'>";
$json .= __('Delete') . "</a>";
}
$json .= "</div>\",";
$json .= "\"" . $p_body . "\",";
$json .= "\"<img id='up' onclick='order_up(" . $page['pk_i_id'] . ");' style='cursor:pointer;width:15;height:15px;' src='" . osc_current_admin_theme_url('images/arrow_up.png') . "'/> <br/> <img id='down' onclick='order_down(" . $page['pk_i_id'] . ");' style='cursor:pointer;width:15;height:15px;' src='" . osc_current_admin_theme_url('images/arrow_down.png') . "'/>\"]";
if ($key != count($aPages) - 1) {
$json .= ',';
} else {
$json .= '';
}
}
$json .= "]";
echo $json;
}
break;
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
case 'upgrade':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
$message = "";
$error = 0;
$remove_error_msg = "";
$sql_error_msg = "";
$rm_errors = 0;
$perms = osc_save_permissions();
osc_change_permissions();
$maintenance_file = ABS_PATH . '.maintenance';
$fileHandler = @fopen($maintenance_file, 'w');
fclose($fileHandler);
/***********************
**** DOWNLOAD FILE ****
***********************/
if (Params::getParam('file') != '') {
$tmp = explode("/", Params::getParam('file'));
$filename = end($tmp);
$result = osc_downloadFile(Params::getParam('file'), $filename);
if ($result) {
// Everything is OK, continue
/**********************
***** UNZIP FILE *****
**********************/
@mkdir(ABS_PATH . 'oc-temp', 0777);
$res = osc_unzip_file(osc_content_path() . 'downloads/' . $filename, ABS_PATH . 'oc-temp/');
if ($res == 1) {
// Everything is OK, continue
/**********************
***** COPY FILES *****
**********************/
$fail = -1;
if ($handle = opendir(ABS_PATH . 'oc-temp')) {
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..' && $_file != 'remove.list' && $_file != 'upgrade.sql' && $_file != 'customs.actions') {
$data = osc_copy(ABS_PATH . "oc-temp/" . $_file, ABS_PATH . $_file);
if ($data == false) {
$fail = 1;
}
}
}
closedir($handle);
if ($fail == 0) {
// Everything is OK, continue
/**********************
**** REMOVE FILES ****
**********************/
if (file_exists(ABS_PATH . 'oc-temp/remove.list')) {
$lines = file(ABS_PATH . 'oc-temp/remove.list', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($lines as $line_num => $r_file) {
$unlink = @unlink(ABS_PATH . $r_file);
if (!$unlink) {
$remove_error_msg .= sprintf(__('Error removing file: %s'), $r_file) . "<br/>";
}
}
}
// Removing files is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
/************************
*** UPGRADE DATABASE ***
************************/
$error_queries = array();
if (file_exists(osc_lib_path() . 'osclass/installer/struct.sql')) {
$sql = file_get_contents(osc_lib_path() . 'osclass/installer/struct.sql');
$conn = getConnection();
$error_queries = $conn->osc_updateDB(str_replace('/*TABLE_PREFIX*/', DB_TABLE_PREFIX, $sql));
}
if ($error_queries[0]) {
// Everything is OK, continue
/**********************************
** EXECUTING ADDITIONAL ACTIONS **
**********************************/
if (file_exists(osc_lib_path() . 'osclass/upgrade-funcs.php')) {
// There should be no errors here
define('AUTO_UPGRADE', true);
require_once osc_lib_path() . 'osclass/upgrade-funcs.php';
}
// Additional actions is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
/****************************
** REMOVE TEMPORARY FILES **
****************************/
$path = ABS_PATH . 'oc-temp';
$rm_errors = 0;
$dir = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::CHILD_FIRST);
for ($dir->rewind(); $dir->valid(); $dir->next()) {
if ($dir->isDir()) {
if ($dir->getFilename() != '.' && $dir->getFilename() != '..') {
if (!rmdir($dir->getPathname())) {
$rm_errors++;
}
}
} else {
if (!unlink($dir->getPathname())) {
$rm_errors++;
}
}
}
if (!rmdir($path)) {
$rm_errors++;
}
$deleted = @unlink(ABS_PATH . '.maintenance');
if ($rm_errors == 0) {
$message = __('Everything was OK! Your OSClass installation is updated');
} else {
$message = __('Almost everything was OK! Your OSClass installation is updated, but there were some errors removing temporary files. Please, remove manually the "oc-temp" folder');
$error = 6;
// Some errors removing files
}
} else {
$sql_error_msg = $error_queries[2];
$message = __('Problems upgrading the database');
$error = 5;
// Problems upgrading the database
}
} else {
$message = __('Problems copying files. Maybe permissions are not correct');
$error = 4;
// Problems copying files. Maybe permissions are not correct
}
} else {
$message = __('Nothing to copy');
$error = 99;
// Nothing to copy. THIS SHOULD NEVER HAPPENS, means we dont update any file!
}
} else {
$message = __('Unzip failed');
$error = 3;
// Unzip failed
}
} else {
$message = __('Download failed');
$error = 2;
// Download failed
}
} else {
$message = __('Missing download URL');
$error = 1;
// Missing download URL
}
if ($remove_error_msg != '') {
if ($error == 0) {
$message .= "<br /><br />" . __('We had some errors removing files, those are not super-sensitive errors, so we continued upgrading your installation. Please remove the following files (you already have OSClass upgraded, but to ensure maximun performance)');
}
}
if ($error == 5) {
$message .= "<br /><br />" . __('We had some errors upgrading your database. The follwing queries failed') . implode("<br />", $sql_error_msg);
}
echo $message;
foreach ($perms as $k => $v) {
@chmod($k, $v);
}
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
/**
* Send email to un-registered users with payment options
*
* @param integer $item
* @param float $category_fee
*/
function payment_send_email($item, $category_fee)
{
if (osc_is_web_user_logged_in()) {
return false;
}
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_payment');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item_url = osc_item_url();
$item_url = '<a href="' . $item_url . '" >' . $item_url . '</a>';
$publish_url = osc_route_url('payment-publish', array('itemId' => $item['pk_i_id']));
$premium_url = osc_route_url('payment-premium', array('itemId' => $item['pk_i_id']));
$words = array();
$words[] = array('{ITEM_ID}', '{CONTACT_NAME}', '{CONTACT_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{PUBLISH_LINK}', '{PUBLISH_URL}', '{PREMIUM_LINK}', '{PREMIUM_URL}', '{START_PUBLISH_FEE}', '{END_PUBLISH_FEE}', '{START_PREMIUM_FEE}', '{END_PREMIUM_FEE}');
$words[] = array($item['pk_i_id'], $item['s_contact_name'], $item['s_contact_email'], osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $publish_url . '">' . $publish_url . '</a>', $publish_url, '<a href="' . $premium_url . '">' . $premium_url . '</a>', $premium_url, '', '', '', '');
if ($category_fee == 0) {
$content['s_text'] = preg_replace('|{START_PUBLISH_FEE}(.*){END_PUBLISH_FEE}|', '', $content['s_text']);
}
$premium_fee = ModelPayment::newInstance()->getPremiumPrice($item['fk_i_category_id']);
if ($premium_fee == 0) {
$content['s_text'] = preg_replace('|{START_PREMIUM_FEE}(.*){END_PREMIUM_FEE}|', '', $content['s_text']);
}
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $item['s_contact_email'], 'to_name' => $item['s_contact_name'], 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
function doModel()
{
switch ($this->action) {
case 'register':
//register user
$this->doView('user-register.php');
break;
case 'register_post':
//register user
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->add();
switch ($success) {
case 1:
osc_add_flash_message(_m('The user has been created. An activation email has been sent'));
$this->redirectTo(osc_base_url());
break;
case 2:
osc_add_flash_message(_m('Your account has been created successfully'));
$this->doView('user-login.php');
break;
case 3:
osc_add_flash_message(_m('The specified e-mail is already in use'));
$this->doView('user-register.php');
break;
case 4:
osc_add_flash_message(_m('The reCAPTCHA was not introduced correctly'));
$this->doView('user-register.php');
break;
}
break;
case 'validate':
//validate account
$id = intval(Params::getParam('id'));
$code = Params::getParam('code');
$userManager = new User();
$user = $userManager->findByIdSecret($id, $code);
if ($user) {
if (!$user['b_enabled']) {
$userManager = new User();
$userManager->update(array('b_enabled' => '1'), array('pk_i_id' => $id, 's_secret' => $code));
$pageManager = new Page();
$locale = osc_current_user_locale();
$aPage = $pageManager->findByInternalName('email_user_registration');
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
if (!is_null($content)) {
$words = array();
$words[] = array('{USER_NAME}', '{USER_EMAIL}', '{WEB_TITLE}', '{WEB_URL}');
$words[] = array($user['s_name'], $user['s_email'], osc_page_title(), osc_base_url());
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $user['s_email'], 'to_name' => $user['s_name'], 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
osc_run_hook('validate_user', $user);
osc_add_flash_message(_m('Your account has been validated'));
// Auto-login
Session::newInstance()->_set('userId', $user['pk_i_id']);
Session::newInstance()->_set('userName', $user['s_name']);
Session::newInstance()->_set('userEmail', $user['s_email']);
$phone = $user['s_phone_mobile'] ? $user['s_phone_mobile'] : $user['s_phone_land'];
Session::newInstance()->_set('userPhone', $phone);
} else {
osc_add_flash_message(_m('Your account has already been activated'));
}
} else {
osc_add_flash_message(_m('The link is not valid anymore. Sorry for the inconvenience!'));
}
$this->redirectTo(osc_base_url());
break;
}
}
function fn_email_auto_upgrade($result) {
$body = __('<p>Dear {WEB_TITLE} admin,</p>');
if($result['error']==0 || $result['error']==6) {
$title = __('{WEB_TITLE} - Your site has upgraded to Osclass {VERSION}');
$body .= __('<p>Your site at {WEB_LINK} has been updated automatically to Osclass {VERSION}</p>');
if($result['error']==6) {
$body .= __('<p>There were some minor errors removing temporary files. Please manually remove the "oc-content/downloads/oc-temp" folder</p>');
}
} else {
$title = __('{WEB_TITLE} - We failed trying to upgrade your site to Osclass {VERSION}');
$body .= '<p>We failed trying to upgrade your site to Osclass {VERSION}. Heres is the error message: {MESSAGE}</p>';
}
$body .= '<p>If you experience any issues or need support, we will be happy to help you at the Osclass support forums</p>';
$body .= '<p><a href="http://forums.osclass.org/">http://forums.osclass.org/</a></p>';
$body .= '<p>The Osclass team</p>';
$words = array();
$words[] = array(
'{MESSAGE}',
'{VERSION}'
);
$words[] = array(
$result['message'],
$result['version']
);
$title = osc_apply_filter('email_after_auto_upgrade_title_after', osc_mailBeauty(osc_apply_filter('email_title', osc_apply_filter('email_after_auto_upgrade_title', $title, $result)), $words), $result);
$body = osc_apply_filter('email_after_auto_upgrade_description_after', osc_mailBeauty(osc_apply_filter('email_description', osc_apply_filter('email_after_auto_upgrade_description', $body, $result)), $words), $result);
$emailParams = array(
'subject' => $title,
'from' => _osc_from_email_aux(),
'to' => osc_contact_email(),
'to_name' => osc_page_title(),
'body' => $body,
'alt_body' => $body,
);
osc_sendMail($emailParams);
}
function payment_pro_send_email($email)
{
$item = Item::newInstance()->findByPrimaryKey($email['fk_i_item_id']);
$mPages = new Page();
$aPage = $mPages->findByInternalName('payment_pro_email_payment');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item_url = osc_item_url();
$item_url = '<a href="' . $item_url . '" >' . $item_url . '</a>';
$publish_url = osc_route_url('payment-pro-addcart', array('item' => 'PUB' . $item['fk_i_category_id'] . '-' . $item['pk_i_id']));
$premium_url = osc_route_url('payment-pro-addcart', array('item' => 'PRM' . $item['fk_i_category_id'] . '-' . $item['pk_i_id']));
$words = array();
$words[] = array('{ITEM_ID}', '{CONTACT_NAME}', '{CONTACT_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{PUBLISH_LINK}', '{PUBLISH_URL}', '{PREMIUM_LINK}', '{PREMIUM_URL}', '{START_PUBLISH_FEE}', '{END_PUBLISH_FEE}', '{START_PREMIUM_FEE}', '{END_PREMIUM_FEE}');
$words[] = array($item['pk_i_id'], $item['s_contact_name'], $item['s_contact_email'], osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $publish_url . '">' . $publish_url . '</a>', $publish_url, '<a href="' . $premium_url . '">' . $premium_url . '</a>', $premium_url, '', '', '', '');
if ($email['b_publish'] == 0) {
$content['s_text'] = preg_replace('|{START_PUBLISH_FEE}(.*){END_PUBLISH_FEE}|', '', $content['s_text']);
}
if ($email['b_premium'] == 0) {
$content['s_text'] = preg_replace('|{START_PREMIUM_FEE}(.*){END_PREMIUM_FEE}|', '', $content['s_text']);
}
$title = osc_apply_filter('alert_email_payment_pro_title_after', osc_mailBeauty(osc_apply_filter('email_payment_pro_title', osc_apply_filter('alert_email_payment_pro_title', $content['s_title'], $email, $item)), $words), $email, $item);
$body = osc_apply_filter('alert_email_payment_pro_description_after', osc_mailBeauty(osc_apply_filter('email_payment_pro_description', osc_apply_filter('alert_email_payment_pro_description', $content['s_text'], $email, $item)), $words), $email, $item);
$emailParams = array('subject' => $title, 'to' => $item['s_contact_email'], 'to_name' => $item['s_contact_name'], 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
function doModel()
{
switch ($this->action) {
case 'dashboard':
//dashboard...
$max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
$aItems = Item::newInstance()->findByUserID(Session::newInstance()->_get('userId'), 0, $max_items);
//Item::newInstance()->listWhere("fk_i_user_id = ".Session::newInstance()->_get('userId'));
//calling the view...
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('max_items', $max_items);
$this->doView('user-dashboard.php');
break;
case 'profile':
//profile...
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($user['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->getByCountry($user['fk_c_country_code']);
} elseif (count($aCountries) > 0) {
$aRegions = Region::newInstance()->getByCountry($aCountries[0]['pk_c_code']);
}
$aCities = array();
if ($user['fk_i_region_id'] != '') {
$aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $user['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $aRegions[0]['pk_i_id']);
}
}
//calling the view...
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('user', $user);
$this->doView('user-profile.php');
break;
case 'profile_post':
//profile post...
$userId = Session::newInstance()->_get('userId');
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->edit($userId);
// This has been moved to special area (only password changes)
/*if( $success == 1 ) {
osc_add_flash_message( _m('Passwords don\'t match') ) ;
} else {*/
osc_add_flash_message(_m('Your profile has been updated successfully'));
//}
$this->redirectTo(osc_user_profile_url());
break;
case 'alerts':
//alerts
$aAlerts = Alerts::newInstance()->getAlertsFromUser(Session::newInstance()->_get('userId'));
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
foreach ($aAlerts as $k => $a) {
$search = osc_unserialize(base64_decode($a['s_search']));
$search->limit(0, 3);
$aAlerts[$k]['items'] = $search->doSearch();
}
$this->_exportVariableToView('alerts', $aAlerts);
View::newInstance()->_reset('alerts');
$this->_exportVariableToView('user', $user);
$this->doView('user-alerts.php');
break;
case 'change_email':
//change email
$this->doView('user-change_email.php');
break;
case 'change_email_post':
//change email post
if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) {
osc_add_flash_message(_m('The specified e-mail is not valid'));
$this->redirectTo(osc_change_user_email_url());
} else {
$user = User::newInstance()->findByEmail(Params::getParam('new_email'));
if (!isset($user['pk_i_id'])) {
if (osc_user_validation_enabled()) {
$userEmailTmp = array();
$userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
$userEmailTmp['s_new_email'] = Params::getParam('new_email');
UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
$code = osc_genRandomPassword(30);
$date = date('Y-m-d H:i:s');
$userManager = new User();
$userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
$locale = osc_current_user_locale();
$aPage = Page::newInstance()->findByInternalName('email_new_email');
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
if (!is_null($content)) {
$validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
$words = array();
$words[] = array('{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{WEB_TITLE}', '{VALIDATION_LINK}', '{VALIDATION_URL}');
$words[] = array(Session::newInstance()->_get('userName'), Params::getParam('new_email'), osc_base_url(), osc_page_title(), '<a href="' . $validation_url . '" >' . $validation_url . '</a>', $validation_url);
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$params = array('subject' => $title, 'to' => Params::getParam('new_email'), 'to_name' => Session::newInstance()->_get('userName'), 'body' => $body, 'alt_body' => $body);
osc_sendMail($params);
osc_add_flash_message(_m('We have sent you an e-mail. Follow the instructions to validate the changes'));
} else {
osc_add_flash_message(_m('We tried to sent you an e-mail, but it failed. Please, contact the administrator'));
}
$this->redirectTo(osc_user_profile_url());
} else {
User::newInstance()->update(array('s_email' => Params::getParam('new_email')), array('pk_i_id' => Params::getParam('userId')));
osc_add_flash_message(_m('Your email has been changed successfully'));
$this->redirectTo(osc_user_profile_url());
}
} else {
osc_add_flash_message(_m('The specified e-mail is already in use'));
$this->redirectTo(osc_change_user_email_url());
}
}
break;
case 'change_password':
//change password
$this->doView('user-change_password.php');
break;
case 'change_password_post':
//change password post
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
if ($user['s_password'] != sha1(Params::getParam('password'))) {
osc_add_flash_message(_m('Current password doesn\'t match'));
$this->redirectTo(osc_change_user_password_url());
} elseif (!Params::getParam('new_password')) {
osc_add_flash_message(_m('Passwords can\'t be empty'));
$this->redirectTo(osc_change_user_password_url());
} elseif (Params::getParam('new_password') != Params::getParam('new_password2')) {
osc_add_flash_message(_m('Passwords don\'t match'));
$this->redirectTo(osc_change_user_password_url());
}
User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_message(_m('Password has been changed'));
$this->redirectTo(osc_user_profile_url());
break;
case 'items':
// view items user
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5;
$page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0;
$total_items = Item::newInstance()->countByUserID($_SESSION['userId']);
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findByUserID($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('list_total_pages', $total_pages);
$this->_exportVariableToView('list_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('list_page', $page);
$this->doView('user-items.php');
break;
case 'unsub_alert':
$email = Params::getParam('email');
$alert = Params::getParam('alert');
if ($email != '' && $alert != '') {
Alerts::newInstance()->delete(array('s_email' => $email, 's_search' => $alert));
osc_add_flash_message(__('Unsubscribed correctly.'));
} else {
osc_add_flash_message(__('Ops! There was a problem trying to unsubscribe you. Please contact the administrator.'));
}
$this->redirectTo(osc_user_alerts_url());
break;
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'userajax':
// This is the autocomplete AJAX
$users = User::newInstance()->ajax(Params::getParam("term"));
if (count($users) == 0) {
echo json_encode(array(0 => array('id' => '', 'label' => __('No results'), 'value' => __('No results'))));
} else {
echo json_encode($users);
}
break;
case 'date_format':
echo json_encode(array('format' => Params::getParam('format'), 'str_formatted' => osc_format_date(date('Y-m-d H:i:s'), Params::getParam('format'))));
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_admin_' . $hook);
break;
}
break;
case 'categories_order':
// Save the order of the categories
osc_csrf_check(false);
$aIds = Params::getParam('list');
$orderParent = 0;
$orderSub = 0;
$catParent = 0;
$error = 0;
$catManager = Category::newInstance();
$aRecountCat = array();
foreach ($aIds as $id => $parent) {
if ($parent == 'root') {
$res = $catManager->updateOrder($id, $orderParent);
if (is_bool($res) && !$res) {
$error = 1;
}
// find category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
// set parent category
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = NULL;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
$parentId = $auxCategory['fk_i_parent_id'];
if ($parentId) {
// update parent category stats
array_push($aRecountCat, $id);
array_push($aRecountCat, $parentId);
}
}
}
$orderParent++;
} else {
if ($parent != $catParent) {
$catParent = $parent;
$orderSub = 0;
}
$res = $catManager->updateOrder($id, $orderSub);
if (is_bool($res) && !$res) {
$error = 1;
}
// set parent category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
$auxCategoryP = Category::newInstance()->findByPrimaryKey($catParent);
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = $catParent;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
// update category parent
$prevParentId = $auxCategory['fk_i_parent_id'];
$parentId = $auxCategoryP['pk_i_id'];
array_push($aRecountCat, $prevParentId);
array_push($aRecountCat, $parentId);
}
}
$orderSub++;
}
}
// update category stats
foreach ($aRecountCat as $rId) {
osc_update_cat_stats_id($rId);
}
if ($error) {
$result = array('error' => __("An error occurred"));
} else {
$result = array('ok' => __("Order saved"));
}
echo json_encode($result);
break;
case 'category_edit_iframe':
$this->_exportVariableToView('category', Category::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView('languages', OSCLocale::newInstance()->listAllEnabled());
$this->doView("categories/iframe.php");
break;
case 'field_categories_iframe':
$selected = Field::newInstance()->categories(Params::getParam("id"));
if ($selected == null) {
$selected = array();
}
$this->_exportVariableToView("selected", $selected);
$this->_exportVariableToView("field", Field::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->doView("fields/iframe.php");
break;
case 'field_categories_post':
osc_csrf_check(false);
$error = 0;
$field = Field::newInstance()->findByName(Params::getParam("s_name"));
if (!isset($field['pk_i_id']) || isset($field['pk_i_id']) && $field['pk_i_id'] == Params::getParam("id")) {
// remove categories from a field
Field::newInstance()->cleanCategoriesFromField(Params::getParam("id"));
// no error... continue updating fields
if ($error == 0) {
$slug = Params::getParam("field_slug") != '' ? Params::getParam("field_slug") : Params::getParam("s_name");
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($slug)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
// trim options
$s_options = '';
$aux = Params::getParam('s_options');
$aAux = explode(',', $aux);
foreach ($aAux as &$option) {
$option = trim($option);
}
$s_options = implode(',', $aAux);
$res = Field::newInstance()->update(array('s_name' => Params::getParam("s_name"), 'e_type' => Params::getParam("field_type"), 's_slug' => $slug, 'b_required' => Params::getParam("field_required") == "1" ? 1 : 0, 's_options' => $s_options), array('pk_i_id' => Params::getParam("id")));
if (is_bool($res) && !$res) {
$error = 1;
}
}
// no error... continue inserting categories-field
if ($error == 0) {
$aCategories = Params::getParam("categories");
if (is_array($aCategories) && count($aCategories) > 0) {
$res = Field::newInstance()->insertCategories(Params::getParam("id"), $aCategories);
if (!$res) {
$error = 1;
}
}
}
// error while updating?
if ($error == 1) {
$message = __("An error occurred while updating.");
}
} else {
$error = 1;
$message = __("Sorry, you already have a field with that name");
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"), 'text' => Params::getParam("s_name"), 'field_id' => Params::getParam("id"));
}
echo json_encode($result);
break;
case 'delete_field':
osc_csrf_check(false);
$res = Field::newInstance()->deleteByPrimaryKey(Params::getParam('id'));
if ($res > 0) {
$result = array('ok' => __('The custom field has been deleted'));
} else {
$result = array('error' => __('An error occurred while deleting'));
}
echo json_encode($result);
break;
case 'add_field':
osc_csrf_check(false);
$s_name = __('NEW custom field');
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($s_name)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
$fieldManager = Field::newInstance();
$result = $fieldManager->insertField($s_name, 'TEXT', $slug, 0, '', array());
if ($result) {
echo json_encode(array('error' => 0, 'field_id' => $fieldManager->dao->insertedId(), 'field_name' => $s_name));
} else {
echo json_encode(array('error' => 1));
}
break;
case 'enable_category':
osc_csrf_check(false);
$id = strip_tags(Params::getParam('id'));
$enabled = Params::getParam('enabled') != '' ? Params::getParam('enabled') : 0;
$error = 0;
$result = array();
$aUpdated = array();
$mCategory = Category::newInstance();
$aCategory = $mCategory->findByPrimaryKey($id);
if ($aCategory == false) {
$result = array('error' => sprintf(__("No category with id %d exists"), $id));
echo json_encode($result);
break;
}
// root category
if ($aCategory['fk_i_parent_id'] == '') {
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
$mCategory->update(array('b_enabled' => $enabled), array('fk_i_parent_id' => $id));
$subCategories = $mCategory->findSubcategories($id);
$aIds = array($id);
$aUpdated[] = array('id' => $id);
foreach ($subCategories as $subcategory) {
$aIds[] = $subcategory['pk_i_id'];
$aUpdated[] = array('id' => $subcategory['pk_i_id']);
}
Item::newInstance()->enableByCategory($enabled, $aIds);
if ($enabled) {
$result = array('ok' => __('The category as well as its subcategories have been enabled'));
} else {
$result = array('ok' => __('The category as well as its subcategories have been disabled'));
}
$result['affectedIds'] = $aUpdated;
echo json_encode($result);
break;
}
// subcategory
$parentCategory = $mCategory->findRootCategory($id);
if (!$parentCategory['b_enabled']) {
$result = array('error' => __('Parent category is disabled, you can not enable that category'));
echo json_encode($result);
break;
}
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
if ($enabled) {
$result = array('ok' => __('The subcategory has been enabled'));
} else {
$result = array('ok' => __('The subcategory has been disabled'));
}
$result['affectedIds'] = array(array('id' => $id));
echo json_encode($result);
break;
case 'delete_category':
osc_csrf_check(false);
$id = Params::getParam("id");
$error = 0;
$categoryManager = Category::newInstance();
$res = $categoryManager->deleteByPrimaryKey($id);
if ($res > 0) {
$message = __('The categories have been deleted');
} else {
$error = 1;
$message = __('An error occurred while deleting');
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"));
}
echo json_encode($result);
break;
case 'edit_category_post':
osc_csrf_check(false);
$id = Params::getParam("id");
$fields['i_expiration_days'] = Params::getParam("i_expiration_days") != '' ? Params::getParam("i_expiration_days") : 0;
$error = 0;
$has_one_title = 0;
$postParams = Params::getParamsAsArray();
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_name') {
if ($v != "") {
$has_one_title = 1;
$aFieldsDescription[$m[1]][$m[2]] = $v;
$s_text = $v;
} else {
$aFieldsDescription[$m[1]][$m[2]] = NULL;
$error = 1;
}
} else {
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
}
$l = osc_language();
if ($error == 0 || $error == 1 && $has_one_title == 1) {
$categoryManager = Category::newInstance();
$res = $categoryManager->updateByPrimaryKey(array('fields' => $fields, 'aFieldsDescription' => $aFieldsDescription), $id);
$categoryManager->updateExpiration($id, $fields['i_expiration_days']);
if (is_bool($res)) {
$error = 2;
}
}
if (Params::getParam('apply_changes_to_subcategories') == 1) {
$subcategories = $categoryManager->findSubcategories($id);
foreach ($subcategories as $subc) {
$categoryManager->updateExpiration($subc['pk_i_id'], $fields['i_expiration_days']);
}
}
if ($error == 0) {
$msg = __("Category updated correctly");
} else {
if ($error == 1) {
if ($has_one_title == 1) {
$error = 4;
$msg = __('Category updated correctly, but some titles are empty');
} else {
$msg = __('Sorry, including at least a title is mandatory');
}
} else {
if ($error == 2) {
$msg = __('An error occurred while updating');
}
}
}
echo json_encode(array('error' => $error, 'msg' => $msg, 'text' => $aFieldsDescription[$l]['s_name']));
break;
case 'custom':
// Execute via AJAX custom file
$ajaxFile = Params::getParam("ajaxfile");
if ($ajaxFile == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (stripos($ajaxFile, '../') !== false) {
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $ajaxFile)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $ajaxFile;
break;
case 'test_mail':
$title = sprintf(__('Test email, %s'), osc_page_title());
$body = __("Test email") . "<br><br>" . osc_page_title();
$emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error occurred while sending email'));
}
echo json_encode($array);
break;
case 'test_mail_template':
// replace por valores por defecto
$email = Params::getParam("email");
$title = Params::getParam("title");
$body = urldecode(Params::getParam("body"));
$emailParams = array('subject' => $title, 'to' => $email, 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error occurred while sending email'));
}
echo json_encode($array);
break;
case 'order_pages':
osc_csrf_check(false);
$order = Params::getParam("order");
$id = Params::getParam("id");
if ($order != '' && $id != '') {
$mPages = Page::newInstance();
$actual_page = $mPages->findByPrimaryKey($id);
$actual_order = $actual_page['i_order'];
$array = array();
$condition = array();
$new_order = $actual_order;
if ($order == 'up') {
$page = $mPages->findPrevPage($actual_order);
} else {
if ($order == 'down') {
$page = $mPages->findNextPage($actual_order);
}
}
if (isset($page['i_order'])) {
$mPages->update(array('i_order' => $page['i_order']), array('pk_i_id' => $id));
$mPages->update(array('i_order' => $actual_order), array('pk_i_id' => $page['pk_i_id']));
}
}
break;
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
case 'upgrade':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
osc_csrf_check(false);
$message = "";
$error = 0;
$sql_error_msg = "";
$rm_errors = 0;
$perms = osc_save_permissions();
osc_change_permissions();
$maintenance_file = ABS_PATH . '.maintenance';
$fileHandler = @fopen($maintenance_file, 'w');
fclose($fileHandler);
/***********************
**** DOWNLOAD FILE ****
***********************/
$data = osc_file_get_contents("http://osclass.org/latest_version.php");
$data = json_decode(substr($data, 1, strlen($data) - 3), true);
$source_file = $data['url'];
if ($source_file != '') {
$tmp = explode("/", $source_file);
$filename = end($tmp);
$result = osc_downloadFile($source_file, $filename);
if ($result) {
// Everything is OK, continue
/**********************
***** UNZIP FILE *****
**********************/
@mkdir(ABS_PATH . 'oc-temp', 0777);
$res = osc_unzip_file(osc_content_path() . 'downloads/' . $filename, ABS_PATH . 'oc-temp/');
if ($res == 1) {
// Everything is OK, continue
/**********************
***** COPY FILES *****
**********************/
$fail = -1;
if ($handle = opendir(ABS_PATH . 'oc-temp')) {
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..' && $_file != 'remove.list' && $_file != 'upgrade.sql' && $_file != 'customs.actions') {
$data = osc_copy(ABS_PATH . "oc-temp/" . $_file, ABS_PATH . $_file);
if ($data == false) {
$fail = 1;
}
}
}
closedir($handle);
//TRY TO REMOVE THE ZIP PACKAGE
@unlink(osc_content_path() . 'downloads/' . $filename);
if ($fail == 0) {
// Everything is OK, continue
/************************
*** UPGRADE DATABASE ***
************************/
$error_queries = array();
if (file_exists(osc_lib_path() . 'osclass/installer/struct.sql')) {
$sql = file_get_contents(osc_lib_path() . 'osclass/installer/struct.sql');
$conn = DBConnectionClass::newInstance();
$c_db = $conn->getOsclassDb();
$comm = new DBCommandClass($c_db);
$error_queries = $comm->updateDB(str_replace('/*TABLE_PREFIX*/', DB_TABLE_PREFIX, $sql));
}
if ($error_queries[0]) {
// Everything is OK, continue
/**********************************
** EXECUTING ADDITIONAL ACTIONS **
**********************************/
if (file_exists(osc_lib_path() . 'osclass/upgrade-funcs.php')) {
// There should be no errors here
define('AUTO_UPGRADE', true);
require_once osc_lib_path() . 'osclass/upgrade-funcs.php';
}
// Additional actions is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
/****************************
** REMOVE TEMPORARY FILES **
****************************/
$path = ABS_PATH . 'oc-temp';
$rm_errors = 0;
$dir = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::CHILD_FIRST);
for ($dir->rewind(); $dir->valid(); $dir->next()) {
if ($dir->isDir()) {
if ($dir->getFilename() != '.' && $dir->getFilename() != '..') {
if (!rmdir($dir->getPathname())) {
$rm_errors++;
}
}
} else {
if (!unlink($dir->getPathname())) {
$rm_errors++;
}
}
}
if (!rmdir($path)) {
$rm_errors++;
}
$deleted = @unlink(ABS_PATH . '.maintenance');
if ($rm_errors == 0) {
$message = __('Everything looks good! Your Osclass installation is up-to-date');
} else {
$message = __('Nearly everything looks good! Your Osclass installation is up-to-date, but there were some errors removing temporary files. Please manually remove the "oc-temp" folder');
$error = 6;
// Some errors removing files
}
} else {
$sql_error_msg = $error_queries[2];
$message = __('Problems when upgrading the database');
$error = 5;
// Problems upgrading the database
}
} else {
$message = __('Problems when copying files. Please check your permissions. ');
$error = 4;
// Problems copying files. Maybe permissions are not correct
}
} else {
$message = __('Nothing to copy');
$error = 99;
// Nothing to copy. THIS SHOULD NEVER HAPPEN, means we don't update any file!
}
} else {
$message = __('Unzip failed');
$error = 3;
// Unzip failed
}
} else {
$message = __('Download failed');
$error = 2;
// Download failed
}
} else {
$message = __('Missing download URL');
$error = 1;
// Missing download URL
}
if ($error == 5) {
$message .= "<br /><br />" . __('We had some errors upgrading your database. The follwing queries failed:') . implode("<br />", $sql_error_msg);
}
echo $message;
foreach ($perms as $k => $v) {
@chmod($k, $v);
}
break;
/*******************************
** COMPLETE MARKET PROCESS **
*******************************/
/*******************************
** COMPLETE MARKET PROCESS **
*******************************/
case 'market':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
osc_csrf_check(false);
$section = Params::getParam('section');
$code = Params::getParam('code');
$plugin = false;
$re_enable = false;
$message = "";
$error = 0;
$data = array();
/************************
*** CHECK VALID CODE ***
************************/
if ($code != '' && $section != '') {
if (stripos($code, "http://") === FALSE) {
// OSCLASS OFFICIAL REPOSITORY
$url = osc_market_url($section, $code);
$data = json_decode(osc_file_get_contents($url), true);
} else {
// THIRD PARTY REPOSITORY
if (osc_market_external_sources()) {
$data = json_decode(osc_file_get_contents($code), true);
} else {
echo json_encode(array('error' => 8, 'error_msg' => __('No external sources are allowed')));
break;
}
}
/***********************
**** DOWNLOAD FILE ****
***********************/
if (isset($data['s_update_url']) && isset($data['s_source_file']) && isset($data['e_type'])) {
if ($data['e_type'] == 'THEME') {
$folder = 'themes/';
} else {
if ($data['e_type'] == 'LANGUAGE') {
$folder = 'languages/';
} else {
// PLUGINS
$folder = 'plugins/';
$plugin = Plugins::findByUpdateURI($data['s_update_url']);
if ($plugin != false) {
if (Plugins::isEnabled($plugin)) {
Plugins::runHook($plugin . '_disable');
Plugins::deactivate($plugin);
$re_enable = true;
}
}
}
}
$filename = $data['s_update_url'] . "_" . $data['s_version'] . ".zip";
$url_source_file = $data['s_source_file'];
// error_log('Source file: ' . $url_source_file);
// error_log('Filename: ' . $filename);
$result = osc_downloadFile($url_source_file, $filename);
if ($result) {
// Everything is OK, continue
/**********************
***** UNZIP FILE *****
**********************/
@mkdir(ABS_PATH . 'oc-temp', 0777);
$res = osc_unzip_file(osc_content_path() . 'downloads/' . $filename, osc_content_path() . 'downloads/oc-temp/');
if ($res == 1) {
// Everything is OK, continue
/**********************
***** COPY FILES *****
**********************/
$fail = -1;
if ($handle = opendir(osc_content_path() . 'downloads/oc-temp')) {
$folder_dest = ABS_PATH . "oc-content/" . $folder;
if (function_exists('posix_getpwuid')) {
$current_user = posix_getpwuid(posix_geteuid());
$ownerFolder = posix_getpwuid(fileowner($folder_dest));
}
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..') {
$copyprocess = osc_copy(osc_content_path() . "downloads/oc-temp/" . $_file, $folder_dest . $_file);
if ($copyprocess == false) {
$fail = 1;
}
}
}
closedir($handle);
// Additional actions is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
// Also remove the zip package
/****************************
** REMOVE TEMPORARY FILES **
****************************/
@unlink(osc_content_path() . 'downloads/' . $filename);
$path = osc_content_path() . 'downloads/oc-temp';
$rm_errors = 0;
$dir = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::CHILD_FIRST);
for ($dir->rewind(); $dir->valid(); $dir->next()) {
if ($dir->isDir()) {
if ($dir->getFilename() != '.' && $dir->getFilename() != '..') {
if (!rmdir($dir->getPathname())) {
$rm_errors++;
}
}
} else {
if (!unlink($dir->getPathname())) {
$rm_errors++;
}
}
}
if (!rmdir($path)) {
$rm_errors++;
}
if ($fail == 0) {
// Everything is OK, continue
if ($data['e_type'] != 'THEME' && $data['e_type'] != 'LANGUAGE') {
if ($plugin != false && $re_enable) {
$enabled = Plugins::activate($plugin);
if ($enabled) {
Plugins::runHook($plugin . '_enable');
}
}
}
// recount plugins&themes for update
if ($section == 'plugins') {
osc_check_plugins_update(true);
} else {
if ($section == 'themes') {
osc_check_themes_update(true);
} else {
if ($section == 'languages') {
// load oc-content/
if (osc_checkLocales()) {
$message .= __('The language has been installed correctly');
} else {
$message .= __('There was a problem adding the language');
$error = 8;
}
osc_check_languages_update(true);
}
}
}
if ($rm_errors == 0) {
$message = __('Everything looks good!');
$error = 0;
} else {
$message = __('Nearly everything looks good! but there were some errors removing temporary files. Please manually remove the \\"oc-temp\\" folder');
$error = 6;
// Some errors removing files
}
} else {
$message = __('Problems when copying files. Please check your permissions. ');
if ($current_user['uid'] != $ownerFolder['uid']) {
if (function_exists('posix_getgrgid')) {
$current_group = posix_getgrgid($current_user['gid']);
$message .= '<p><strong>' . sprintf(__('NOTE: Web user and destination folder user is not the same, you might have an issue there. <br/>Do this in your console:<br/>chown -R %s:%s %s'), $current_user['name'], $current_group['name'], $folder_dest) . '</strong></p>';
}
}
$error = 4;
// Problems copying files. Maybe permissions are not correct
}
} else {
$message = __('Nothing to copy');
$error = 99;
// Nothing to copy. THIS SHOULD NEVER HAPPEN, means we don't update any file!
}
} else {
$message = __('Unzip failed');
$error = 3;
// Unzip failed
}
} else {
$message = __('Download failed');
$error = 2;
// Download failed
}
} else {
$message = __('Input code not valid');
$error = 7;
// Input code not valid
}
} else {
$message = __('Missing download URL');
$error = 1;
// Missing download URL
}
echo json_encode(array('error' => $error, 'message' => $message, 'data' => $data));
break;
case 'check_market':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
$section = Params::getParam('section');
$code = Params::getParam('code');
$data = array();
/************************
*** CHECK VALID CODE ***
************************/
if ($code != '' && $section != '') {
if (stripos($code, "http://") === FALSE) {
// OSCLASS OFFICIAL REPOSITORY
$data = json_decode(osc_file_get_contents(osc_market_url($section, $code)), true);
} else {
// THIRD PARTY REPOSITORY
if (osc_market_external_sources()) {
$data = json_decode(osc_file_get_contents($code), true);
} else {
echo json_encode(array('error' => 3, 'error_msg' => __('No external sources are allowed')));
break;
}
}
if (!isset($data['s_source_file']) || !isset($data['s_update_url'])) {
$data = array('error' => 2, 'error_msg' => __('Invalid code'));
}
} else {
$data = array('error' => 1, 'error_msg' => __('No code was submitted'));
}
echo json_encode($data);
break;
case 'market_data':
$section = Params::getParam('section');
$page = Params::getParam("mPage");
$featured = Params::getParam("featured");
$sort = Params::getParam("sort");
$order = Params::getParam("order");
// for the moment this value is static
$length = 9;
if ($page >= 1) {
$page--;
}
$url = osc_market_url($section) . "page/" . $page . '/';
if ($length != '' && is_numeric($length)) {
$url .= 'length/' . $length . '/';
}
if ($sort != '') {
$url .= 'order/' . $sort;
if ($order != '') {
$url .= '/' . $order;
}
}
if ($featured != '') {
$url = osc_market_featured_url($section);
}
$data = array();
$data = json_decode(osc_file_get_contents($url), true);
if (!isset($data[$section])) {
$data = array('error' => 1, 'error_msg' => __('No market data'));
}
echo 'var market_data = window.market_data || {}; market_data.' . $section . ' = ' . json_encode($data) . ';';
break;
case 'local_market':
// AVOID CROSS DOMAIN PROBLEMS OF AJAX REQUEST
$marketPage = Params::getParam("mPage");
if ($marketPage >= 1) {
$marketPage--;
}
$out = osc_file_get_contents(osc_market_url(Params::getParam("section")) . "page/" . $marketPage);
$array = json_decode($out, true);
// do pagination
$pageActual = $array['page'];
$totalPages = ceil($array['total'] / $array['sizePage']);
$params = array('total' => $totalPages, 'selected' => $pageActual, 'url' => '#{PAGE}', 'sides' => 5);
// set pagination
$pagination = new Pagination($params);
$aux = $pagination->doPagination();
$array['pagination_content'] = $aux;
// encode to json
echo json_encode($array);
break;
case 'dashboardbox_market':
$error = 0;
// make market call
$url = getPreference('marketURL') . 'dashboardbox/';
$content = '';
if (false === ($json = @osc_file_get_contents($url))) {
$error = 1;
} else {
$content = $json;
}
if ($error == 1) {
echo json_encode(array('error' => 1));
} else {
// replace content with correct urls
$content = str_replace('{URL_MARKET_THEMES}', osc_admin_base_url(true) . '?page=market&action=themes', $content);
$content = str_replace('{URL_MARKET_PLUGINS}', osc_admin_base_url(true) . '?page=market&action=plugins', $content);
echo json_encode(array('html' => $content));
}
break;
case 'location_stats':
osc_csrf_check(false);
$workToDo = osc_update_location_stats();
if ($workToDo > 0) {
$array['status'] = 'more';
$array['pending'] = $workToDo;
echo json_encode($array);
} else {
$array['status'] = 'done';
echo json_encode($array);
}
break;
case 'error_permissions':
echo json_encode(array('error' => __("You don't have the necessary permissions")));
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
function osc_runAlert($type = null)
{
if ($type == null) {
return;
}
$internal_name = 'alert_email_hourly';
switch ($type) {
case 'HOURLY':
$internal_name = 'alert_email_hourly';
break;
case 'DAILY':
$internal_name = 'alert_email_daily';
break;
case 'WEEKLY':
$internal_name = 'alert_email_weekly';
break;
case 'INSTANT':
$internal_name = 'alert_email_instant';
break;
}
$searches = Alerts::newInstance()->getAlertsByTypeGroup($type);
foreach ($searches as $s_search) {
$a_search = Search::newInstance();
// Get if there're new ads on this search
$a_search = osc_unserialize(base64_decode($s_search['s_search']));
$crons = Cron::newInstance()->getCronByType($type);
if (isset($crons[0])) {
$last_exec = $crons[0]['d_last_exec'];
} else {
$last_exec = '0000-00-00 00:00:00';
}
$a_search->addConditions(sprintf(" %st_item.dt_pub_date > '%s' ", DB_TABLE_PREFIX, $last_exec));
$totalItems = $a_search->count();
$items = $a_search->doSearch();
if (count($items) > 0) {
//If we have new items from last check
//Catch the user subscribed to this search
$users = Alerts::newInstance()->getUsersBySearchAndType($s_search['s_search'], $type);
if (count($users) > 0) {
$prefLocale = osc_language();
$page = Page::newInstance()->findByInternalName($internal_name);
$page = Page::newInstance()->findByInternalName($internal_name);
$page_description = $page['locale'];
$_title = $page_description[$prefLocale]['s_title'];
$_body = $page_description[$prefLocale]['s_text'];
$ads = "";
foreach ($items as $item) {
$ads .= '<a href="' . osc_item_url_ns($item['pk_i_id']) . '">' . $item['s_title'] . '</a><br/>';
}
foreach ($users as $user) {
if ($user['fk_i_user_id'] != 0) {
$user = User::newInstance()->findByPrimaryKey($user['fk_i_user_id']);
} else {
$user['s_name'] = $user['s_email'];
}
$unsub_link = osc_user_unsubscribe_alert_url($user['s_email'], $s_search['s_search']);
//osc_create_url(array('file' => 'user', 'action' => 'unsub_alert', 'email' => $user['s_email'], 'alert' => $s_search['s_search'])) ;
$unsub_link = '<a href="' . $unsub_link . '">unsubscribe alert</a>';
$words = array();
$words[] = array('{USER_NAME}', '{USER_EMAIL}', '{ADS}', '{UNSUB_LINK}');
$words[] = array($user['s_name'], $user['s_email'], $ads, $unsub_link);
$title = osc_mailBeauty($_title, $words);
$body = osc_mailBeauty($_body, $words);
$params = array('subject' => $title, 'to' => $user['s_email'], 'to_name' => $user['s_name'], 'body' => $body, 'alt_body' => $body);
osc_sendMail($params);
}
}
}
}
}
function doModel()
{
switch ($this->action) {
case 'contact_post':
//contact_post
osc_csrf_check();
$yourName = Params::getParam('yourName');
$yourEmail = Params::getParam('yourEmail');
$subject = Params::getParam('subject');
$message = Params::getParam('message');
if (osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm('yourName', $yourName);
Session::newInstance()->_setForm('yourEmail', $yourEmail);
Session::newInstance()->_setForm('subject', $subject);
Session::newInstance()->_setForm('message_body', $message);
$this->redirectTo(osc_contact_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$banned = osc_is_banned($yourEmail);
if ($banned == 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
$this->redirectTo(osc_contact_url());
} else {
if ($banned == 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
$this->redirectTo(osc_contact_url());
}
}
$user = User::newInstance()->newInstance()->findByEmail($yourEmail);
if (isset($user['b_active']) && ($user['b_active'] == 0 || $user['b_enabled'] == 0)) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
$this->redirectTo(osc_contact_url());
}
if (!preg_match('|.*?@.{2,}\\..{2,}|', $yourEmail)) {
osc_add_flash_error_message(_m('Please enter a correct email'));
Session::newInstance()->_setForm('yourName', $yourName);
Session::newInstance()->_setForm('subject', $subject);
Session::newInstance()->_setForm('message_body', $message);
$this->redirectTo(osc_contact_url());
}
$message_name = sprintf(__('Name: %s'), $yourName);
$message_email = sprintf(__('Email: %s'), $yourEmail);
$message_subject = sprintf(__('Subject: %s'), $subject);
$message_body = sprintf(__('Message: %s'), $message);
$message_date = sprintf(__('Date: %s at %s'), date('l F d, Y'), date('g:i a'));
$message_IP = sprintf(__('IP Address: %s'), get_ip());
$message = <<<MESSAGE
{$message_name}
{$message_email}
{$message_subject}
{$message_body}
{$message_date}
{$message_IP}
MESSAGE;
$params = array('from' => osc_contact_email(), 'to' => osc_contact_email(), 'to_name' => osc_page_title(), 'reply_to' => $yourEmail, 'subject' => '[' . osc_page_title() . '] ' . __('Contact'), 'body' => nl2br($message));
$error = false;
if (osc_contact_attachment()) {
$attachment = Params::getFiles('attachment');
if (isset($attachment['error']) && $attachment['error'] == UPLOAD_ERR_OK) {
$mime_array = array('text/php', 'text/x-php', 'application/php', 'application/x-php', 'application/x-httpd-php', 'application/x-httpd-php-source', 'application/x-javascript');
$resourceName = $attachment['name'];
$tmpName = $attachment['tmp_name'];
$resourceType = $attachment['type'];
if (function_exists('mime_content_type')) {
$resourceType = mime_content_type($tmpName);
}
if (function_exists('finfo_open')) {
$finfo = finfo_open(FILEINFO_MIME);
$output = finfo_file($finfo, $tmpName);
finfo_close($finfo);
$output = explode("; ", $output);
if (is_array($output)) {
$output = $output[0];
}
$resourceType = $output;
}
// check mime file
if (!in_array($resourceType, $mime_array)) {
$emailAttachment = array('path' => $tmpName, 'name' => $resourceName);
$error = false;
} else {
$error = true;
}
// --- check mime file
} else {
$error = true;
}
}
if (!$error) {
if (isset($emailAttachment)) {
$params['attachment'] = $emailAttachment;
}
osc_run_hook('pre_contact_post', $params);
osc_sendMail(osc_apply_filter('contact_params', $params));
if (isset($tmpName)) {
@unlink($tmpName);
}
osc_add_flash_ok_message(_m('Your email has been sent properly. Thank you for contacting us!'));
} else {
osc_add_flash_error_message(_m('The file you tried to upload does not have a valid extension'));
}
$this->redirectTo(osc_contact_url());
break;
default:
//contact
$this->doView('contact.php');
}
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (!osc_users_enabled()) {
osc_add_flash_message(_m('Users not enabled'));
$this->redirectTo(osc_base_url(true));
}
if (osc_reg_user_post() && $this->user == null) {
// CHANGEME: This text
osc_add_flash_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (!osc_users_enabled()) {
osc_add_flash_message(_m('Users not allowed'));
$this->redirectTo(osc_base_url(true));
}
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_base_url(true));
}
// POST ITEM ( ADD ITEM )
$mItems = new ItemActions(false);
$success = $mItems->add();
if ($success) {
$PcontactName = Params::getParam('contactName');
$PcontactEmail = Params::getParam('contactEmail');
$itemId = Params::getParam('itemId');
$item = array();
if (Session::newInstance()->_get('userId') == '') {
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_new_item_non_register_user');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item = $this->itemManager->findByPrimaryKey($itemId);
$item_url = osc_item_url();
// before page = user , action = item_edit
$edit_url = osc_item_edit_url($item['s_secret'], $itemId);
// before page = user , action = item_delete
$delete_url = osc_item_delete_url($item['s_secret'], $itemId);
$words = array();
$words[] = array('{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{EDIT_LINK}', '{EDIT_URL}', '{DELETE_LINK}', '{DELETE_URL}');
$words[] = array($itemId, $PcontactName, $PcontactEmail, osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $edit_url . '">' . $edit_url . '</a>', $edit_url, '<a href="' . $delete_url . '">' . $delete_url . '</a>', $delete_url);
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $PcontactEmail, 'to_name' => $PcontactName, 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
} else {
$this->redirectTo(osc_item_post_url());
}
break;
case 'item_edit':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$categories = Category::newInstance()->toTree();
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$currencies = Currency::newInstance()->listAll();
$this->_exportVariableToView('item', $item);
//$this->_exportVariableToView('user', $this->user) ;
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
//$this->redirectTo(osc_base_url(true));
osc_add_flash_message(_m('Sorry, we don\'t have any items with that ID'));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
$success = $mItems->edit();
if ($success) {
osc_add_flash_message(_m('Great! We\'ve just updated your item'));
$this->redirectTo(osc_base_url(true) . "?page=item&id={$id}");
} else {
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['e_status'] == 'INACTIVE') {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_message(_m('The item has been validated'));
} else {
osc_add_flash_message(_m('The item can\'t be validated'));
}
} else {
osc_add_flash_message(_m('The item has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_message(_m('Your item has been deleted'));
} else {
osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
$this->redirectTo(osc_base_url());
}
break;
case 'deleteResource':
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
osc_add_flash_message(_m("The selected photo couldn't be deleted, the url doesn't exist"));
if ($this->userId == null) {
$this->redirectTo(osc_base_url());
} else {
$this->redirectTo(osc_user_dashboard_url());
}
}
$aItem = $this->itemManager->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
osc_add_flash_message(_m('The item doesn\'t exist'));
$this->redirectTo(osc_base_url());
}
// Check if the item belong to the user
if ($this->userId != null && $this->userId != $aItem['fk_i_user_id']) {
osc_add_flash_message(_m('The item doesn\'t belong to you'));
$this->redirectTo(osc_item_url_ns($item));
}
// Check if the secret passphrase match with the item
if ($this->userId == null && $secret != $aItem['s_secret']) {
osc_add_flash_message(_m('The item doesn\'t belong to you'));
$this->redirectTo(osc_item_url_ns($item));
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->getResourceSecure($id, $code);
if ($result > 0) {
// Delete: file, db table entry
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
osc_add_flash_message(_m('The selected photo has been successfully deleted'));
} else {
osc_add_flash_message(_m("The selected photo couldn't be deleted"));
}
// Redirect to item_edit. If unregistered user, include $secret.
$this->redirectTo(osc_item_edit_url($secret, $item));
break;
case 'mark':
$mItem = new ItemActions(false);
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
$mItem->mark($id, $as);
osc_add_flash_message(_m('Thanks! That\'s very helpful'));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$mItem = new ItemActions(false);
$mItem->send_friend();
$item_url = Params::getParam('item_url');
$this->redirectTo($item_url);
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date) {
// The item is expired, we can not contact the seller
osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_create_item_url($item));
}
}
$this->_exportVariableToView('item', $item);
$this->doView('item-contact.php');
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date) {
// The item is expired, we can not contact the seller
osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
}
$mItem = new ItemActions(false);
$mItem->contact();
osc_add_flash_message(_m('We\'ve just sent an e-mail to the seller'));
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
break;
case 2:
$msg = _m('Your comment has been approved');
break;
case 3:
$msg = _m('Please fill the required fields (name, email)');
break;
case 4:
$msg = _m('Please type a comment');
break;
case 5:
$msg = _m('Your comment has been marked as spam');
break;
}
osc_add_flash_message($msg);
$this->redirectTo(Params::getParam('itemURL'));
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_message(_m('You have to be logged to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_message(_m('The comment doesn\'t exist'));
$this->redirectTo(osc_item_url());
}
if ($aComment['e_status'] != 'ACTIVE') {
osc_add_flash_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_message(_m('You cannot delete the comment'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_message(_m('The comment has been deleted correctly'));
$this->redirectTo(osc_item_url());
break;
default:
if (Params::getParam('id') == '') {
$this->redirectTo(osc_base_url());
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist redirect to base url
if (count($item) == 0) {
osc_add_flash_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
if ($item['e_status'] != 'ACTIVE') {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users'));
} else {
osc_add_flash_message(_m('This item hasn\'t been validated'));
$this->redirectTo(osc_base_url(true));
}
}
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
$this->_exportVariableToView('items', array($item));
osc_run_hook('show_item', $item);
$this->doView('item.php');
}
break;
case 'dashboard':
//dashboard...
break;
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'userajax':
// This is the autocomplete AJAX
$users = User::newInstance()->ajax(Params::getParam("term"));
if (count($users) == 0) {
echo json_encode(array(0 => array('id' => '', 'label' => __('No results'), 'value' => __('No results'))));
} else {
echo json_encode($users);
}
break;
case 'date_format':
echo json_encode(array('format' => Params::getParam('format'), 'str_formatted' => osc_format_date(date(Params::getParam('format')))));
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_admin_' . $hook);
break;
}
break;
case 'items':
// Return items (use external file oc-admin/ajax/item_processing.php)
require_once osc_admin_base_path() . 'ajax/items_processing.php';
$items_processing = new ItemsProcessingAjax(Params::getParamsAsArray("get"));
break;
case 'users':
// Return items (use external file oc-admin/ajax/item_processing.php)
require_once osc_admin_base_path() . 'ajax/users_processing.php';
$users_processing = new UsersProcessingAjax(Params::getParamsAsArray("get"));
break;
case 'media':
// Return items (use external file oc-admin/ajax/media_processing.php)
require_once osc_admin_base_path() . 'ajax/media_processing.php';
$media_processing = new MediaProcessingAjax(Params::getParamsAsArray("get"));
break;
case 'categories_order':
// Save the order of the categories
$aIds = Params::getParam('list');
$orderParent = 0;
$orderSub = 0;
$catParent = 0;
$error = 0;
$catManager = Category::newInstance();
$aRecountCat = array();
foreach ($aIds as $id => $parent) {
if ($parent == 'root') {
$res = $catManager->updateOrder($id, $orderParent);
if (is_bool($res) && !$res) {
$error = 1;
}
// find category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
// set parent category
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = NULL;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
$parentId = $auxCategory['fk_i_parent_id'];
if ($parentId) {
// update parent category stats
array_push($aRecountCat, $id);
array_push($aRecountCat, $parentId);
}
}
}
$orderParent++;
} else {
if ($parent != $catParent) {
$catParent = $parent;
$orderSub = 0;
}
$res = $catManager->updateOrder($id, $orderSub);
if (is_bool($res) && !$res) {
$error = 1;
}
// set parent category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
$auxCategoryP = Category::newInstance()->findByPrimaryKey($catParent);
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = $catParent;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
// update category parent
$prevParentId = $auxCategory['fk_i_parent_id'];
$parentId = $auxCategoryP['pk_i_id'];
array_push($aRecountCat, $prevParentId);
array_push($aRecountCat, $parentId);
}
}
$orderSub++;
}
}
// update category stats
foreach ($aRecountCat as $rId) {
osc_update_cat_stats_id($rId);
}
if ($error) {
$result = array('error' => __("Some error ocurred"));
} else {
$result = array('ok' => __("Order saved"));
}
echo json_encode($result);
break;
case 'category_edit_iframe':
$this->_exportVariableToView('category', Category::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView('languages', OSCLocale::newInstance()->listAllEnabled());
$this->doView("categories/iframe.php");
break;
case 'field_categories_iframe':
$selected = Field::newInstance()->categories(Params::getParam("id"));
if ($selected == null) {
$selected = array();
}
$this->_exportVariableToView("selected", $selected);
$this->_exportVariableToView("field", Field::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->doView("fields/iframe.php");
break;
case 'field_categories_post':
$error = 0;
$field = Field::newInstance()->findByName(Params::getParam("s_name"));
if (!isset($field['pk_i_id']) || isset($field['pk_i_id']) && $field['pk_i_id'] == Params::getParam("id")) {
// remove categories from a field
Field::newInstance()->cleanCategoriesFromField(Params::getParam("id"));
// no error... continue updating fields
if ($error == 0) {
$slug = Params::getParam("field_slug") != '' ? Params::getParam("field_slug") : Params::getParam("s_name");
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($slug)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
$res = Field::newInstance()->update(array('s_name' => Params::getParam("s_name"), 'e_type' => Params::getParam("field_type"), 's_slug' => $slug, 'b_required' => Params::getParam("field_required") == "1" ? 1 : 0, 's_options' => Params::getParam('s_options')), array('pk_i_id' => Params::getParam("id")));
if (is_bool($res) && !$res) {
$error = 1;
}
}
// no error... continue inserting categories-field
if ($error == 0) {
$aCategories = Params::getParam("categories");
if (is_array($aCategories) && count($aCategories) > 0) {
$res = Field::newInstance()->insertCategories(Params::getParam("id"), $aCategories);
if (!$res) {
$error = 1;
}
}
}
// error while updating?
if ($error == 1) {
$message = __("Error while updating.");
}
} else {
$error = 1;
$message = __("Sorry, you already have one field with that name");
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"), 'text' => Params::getParam("s_name"), 'field_id' => $field['pk_i_id']);
}
echo json_encode($result);
break;
case 'delete_field':
$id = Params::getParam("id");
$error = 0;
$fieldManager = Field::newInstance();
$res = $fieldManager->deleteByPrimaryKey($id);
if ($res > 0) {
$message = __('The custom field have been deleted');
} else {
$error = 1;
$message = __('Error while deleting');
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"));
}
echo json_encode($result);
break;
case 'add_field':
$s_name = __('NEW custom field');
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($s_name)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
$fieldManager = Field::newInstance();
$result = $fieldManager->insertField($s_name, 'TEXT', $slug, 0, '', array());
if ($result) {
echo json_encode(array('error' => 0, 'field_id' => $fieldManager->dao->insertedId(), 'field_name' => $s_name));
} else {
echo json_encode(array('error' => 1));
}
break;
case 'enable_category':
$id = strip_tags(Params::getParam('id'));
$enabled = Params::getParam('enabled') != '' ? Params::getParam('enabled') : 0;
$error = 0;
$result = array();
$aUpdated = array();
$mCategory = Category::newInstance();
$aCategory = $mCategory->findByPrimaryKey($id);
if ($aCategory == false) {
$result = array('error' => sprintf(__("It doesn't exist a category with this id: %d"), $id));
echo json_encode($result);
break;
}
// root category
if ($aCategory['fk_i_parent_id'] == '') {
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
$mCategory->update(array('b_enabled' => $enabled), array('fk_i_parent_id' => $id));
$subCategories = $mCategory->findSubcategories($id);
$aIds = array($id);
$aUpdated[] = array('id' => $id);
foreach ($subCategories as $subcategory) {
$aIds[] = $subcategory['pk_i_id'];
$aUpdated[] = array('id' => $subcategory['pk_i_id']);
}
Item::newInstance()->enableByCategory($enabled, $aIds);
if ($enabled) {
$result = array('ok' => __('The category and its subcategories have been enabled'));
} else {
$result = array('ok' => __('The category and its subcategories have been disabled'));
}
$result['affectedIds'] = $aUpdated;
echo json_encode($result);
break;
}
// subcategory
$parentCategory = $mCategory->findRootCategory($id);
if (!$parentCategory['b_enabled']) {
$result = array('error' => __('Parent category is disabled, you can not enable that category'));
echo json_encode($result);
break;
}
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
if ($enabled) {
$result = array('ok' => __('The subcategory has been enabled'));
} else {
$result = array('ok' => __('The subcategory has been disabled'));
}
$result['affectedIds'] = array(array('id' => $id));
echo json_encode($result);
break;
case 'delete_category':
$id = Params::getParam("id");
$error = 0;
$categoryManager = Category::newInstance();
$res = $categoryManager->deleteByPrimaryKey($id);
if ($res > 0) {
$message = __('The categories have been deleted');
} else {
$error = 1;
$message = __('Error while deleting');
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"));
}
echo json_encode($result);
break;
case 'edit_category_post':
$id = Params::getParam("id");
$fields['i_expiration_days'] = Params::getParam("i_expiration_days") != '' ? Params::getParam("i_expiration_days") : 0;
$error = 0;
$has_one_title = 0;
$postParams = Params::getParamsAsArray();
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_name') {
if ($v != "") {
$has_one_title = 1;
$aFieldsDescription[$m[1]][$m[2]] = $v;
$s_text = $v;
} else {
$aFieldsDescription[$m[1]][$m[2]] = ' ';
$error = 1;
}
} else {
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
}
$l = osc_language();
if ($error == 0 || $error == 1 && $has_one_title == 1) {
$categoryManager = Category::newInstance();
$res = $categoryManager->updateByPrimaryKey(array('fields' => $fields, 'aFieldsDescription' => $aFieldsDescription), $id);
if (is_bool($res)) {
$error = 2;
}
}
if ($error == 0) {
$msg = __("Category updated correctly");
} else {
if ($error == 1) {
if ($has_one_title == 1) {
$error = 4;
$msg = __('Category updated correctly, but some titles were empty');
} else {
$msg = __('Sorry, at least a title is needed');
}
} else {
if ($error == 2) {
$msg = __('Error while updating');
}
}
}
echo json_encode(array('error' => $error, 'msg' => $msg, 'text' => $aFieldsDescription[$l]['s_name']));
break;
case 'custom':
// Execute via AJAX custom file
$ajaxFile = Params::getParam("ajaxfile");
if ($ajaxFile == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (stripos($ajaxFile, '../') !== false) {
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $ajaxFile)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $ajaxFile;
break;
case 'test_mail':
$title = sprintf(__('Test email, %s'), osc_page_title());
$body = __("Test email") . "<br><br>" . osc_page_title();
$emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error has occurred while sending email'));
}
echo json_encode($array);
break;
case 'order_pages':
$order = Params::getParam("order");
$id = Params::getParam("id");
if ($order != '' && $id != '') {
$mPages = Page::newInstance();
$actual_page = $mPages->findByPrimaryKey($id);
$actual_order = $actual_page['i_order'];
$array = array();
$condition = array();
$new_order = $actual_order;
if ($order == 'up') {
$page = $mPages->findPrevPage($actual_order);
} else {
if ($order == 'down') {
$page = $mPages->findNextPage($actual_order);
}
}
if (isset($page['i_order'])) {
$mPages->update(array('i_order' => $page['i_order']), array('pk_i_id' => $id));
$mPages->update(array('i_order' => $actual_order), array('pk_i_id' => $page['pk_i_id']));
}
// TO BE IMPROVED
// json for datatables
$prefLocale = osc_current_user_locale();
$this->_exportVariableToView('pages', $mPages->listAll(0));
$o_json = array();
while (osc_has_static_pages()) {
$row = array();
$page = osc_static_page();
$content = array();
if (isset($page['locale'][$prefLocale]) && !empty($page['locale'][$prefLocale]['s_title'])) {
$content = $page['locale'][$prefLocale];
} else {
$content = current($page['locale']);
}
$options = array();
$options[] = '<a href="' . osc_static_page_url() . '">' . __('View page') . '</a>';
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=pages&action=edit&id=' . osc_static_page_id() . '">' . __('Edit') . '</a>';
if (!$page['b_indelible']) {
$options[] = '<a onclick="javascript:return confirm(\'' . osc_esc_js("This action can't be undone. Are you sure you want to continue?") . '\')" href="' . osc_admin_base_url(true) . '?page=pages&action=delete&id=' . osc_static_page_id() . '">' . __('Delete') . '</a>';
}
$row[] = '<input type="checkbox" name="id[]"" value="' . osc_static_page_id() . '"" />';
$row[] = $page['s_internal_name'] . '<div id="datatables_quick_edit" style="display: none;">' . implode(' · ', $options) . '</div>';
$row[] = $content['s_title'];
$row[] = osc_static_page_order() . ' <img id="up" onclick="order_up(' . osc_static_page_id() . ');" style="cursor:pointer; width:15px; height:15px;" src="' . osc_current_admin_theme_url('images/arrow_up.png') . '"/> <br/><img id="down" onclick="order_down(' . osc_static_page_id() . ');" style="cursor:pointer; width:15px; height:15px; margin-left: 10px;" src="' . osc_current_admin_theme_url('images/arrow_down.png') . '"/>';
$o_json[] = $row;
}
echo json_encode($o_json);
}
break;
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
case 'upgrade':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
$message = "";
$error = 0;
$sql_error_msg = "";
$rm_errors = 0;
$perms = osc_save_permissions();
osc_change_permissions();
$maintenance_file = ABS_PATH . '.maintenance';
$fileHandler = @fopen($maintenance_file, 'w');
fclose($fileHandler);
/***********************
**** DOWNLOAD FILE ****
***********************/
$data = osc_file_get_contents("http://osclass.org/latest_version.php");
$data = json_decode(substr($data, 1, strlen($data) - 3), true);
$source_file = $data['url'];
if ($source_file != '') {
$tmp = explode("/", $source_file);
$filename = end($tmp);
$result = osc_downloadFile($source_file, $filename);
if ($result) {
// Everything is OK, continue
/**********************
***** UNZIP FILE *****
**********************/
@mkdir(ABS_PATH . 'oc-temp', 0777);
$res = osc_unzip_file(osc_content_path() . 'downloads/' . $filename, ABS_PATH . 'oc-temp/');
if ($res == 1) {
// Everything is OK, continue
/**********************
***** COPY FILES *****
**********************/
$fail = -1;
if ($handle = opendir(ABS_PATH . 'oc-temp')) {
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..' && $_file != 'remove.list' && $_file != 'upgrade.sql' && $_file != 'customs.actions') {
$data = osc_copy(ABS_PATH . "oc-temp/" . $_file, ABS_PATH . $_file);
if ($data == false) {
$fail = 1;
}
}
}
closedir($handle);
if ($fail == 0) {
// Everything is OK, continue
/************************
*** UPGRADE DATABASE ***
************************/
$error_queries = array();
if (file_exists(osc_lib_path() . 'osclass/installer/struct.sql')) {
$sql = file_get_contents(osc_lib_path() . 'osclass/installer/struct.sql');
$conn = DBConnectionClass::newInstance();
$c_db = $conn->getOsclassDb();
$comm = new DBCommandClass($c_db);
$error_queries = $comm->updateDB(str_replace('/*TABLE_PREFIX*/', DB_TABLE_PREFIX, $sql));
}
if ($error_queries[0]) {
// Everything is OK, continue
/**********************************
** EXECUTING ADDITIONAL ACTIONS **
**********************************/
if (file_exists(osc_lib_path() . 'osclass/upgrade-funcs.php')) {
// There should be no errors here
define('AUTO_UPGRADE', true);
require_once osc_lib_path() . 'osclass/upgrade-funcs.php';
}
// Additional actions is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
/****************************
** REMOVE TEMPORARY FILES **
****************************/
$path = ABS_PATH . 'oc-temp';
$rm_errors = 0;
$dir = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::CHILD_FIRST);
for ($dir->rewind(); $dir->valid(); $dir->next()) {
if ($dir->isDir()) {
if ($dir->getFilename() != '.' && $dir->getFilename() != '..') {
if (!rmdir($dir->getPathname())) {
$rm_errors++;
}
}
} else {
if (!unlink($dir->getPathname())) {
$rm_errors++;
}
}
}
if (!rmdir($path)) {
$rm_errors++;
}
$deleted = @unlink(ABS_PATH . '.maintenance');
if ($rm_errors == 0) {
$message = __('Everything was OK! Your OSClass installation is updated');
} else {
$message = __('Almost everything was OK! Your OSClass installation is updated, but there were some errors removing temporary files. Please, remove manually the "oc-temp" folder');
$error = 6;
// Some errors removing files
}
} else {
$sql_error_msg = $error_queries[2];
$message = __('Problems upgrading the database');
$error = 5;
// Problems upgrading the database
}
} else {
$message = __('Problems copying files. Maybe permissions are not correct');
$error = 4;
// Problems copying files. Maybe permissions are not correct
}
} else {
$message = __('Nothing to copy');
$error = 99;
// Nothing to copy. THIS SHOULD NEVER HAPPENS, means we dont update any file!
}
} else {
$message = __('Unzip failed');
$error = 3;
// Unzip failed
}
} else {
$message = __('Download failed');
$error = 2;
// Download failed
}
} else {
$message = __('Missing download URL');
$error = 1;
// Missing download URL
}
if ($error == 5) {
$message .= "<br /><br />" . __('We had some errors upgrading your database. The follwing queries failed') . implode("<br />", $sql_error_msg);
}
echo $message;
foreach ($perms as $k => $v) {
@chmod($k, $v);
}
break;
case 'location_stats':
$workToDo = LocationsTmp::newInstance()->count();
if ($workToDo > 0) {
// there are wotk to do
$aLocations = LocationsTmp::newInstance()->getLocations(1000);
foreach ($aLocations as $location) {
$id = $location['id_location'];
$type = $location['e_type'];
$data = 0;
// update locations stats
switch ($type) {
case 'COUNTRY':
$numItems = CountryStats::newInstance()->calculateNumItems($id);
$data = CountryStats::newInstance()->setNumItems($id, $numItems);
unset($numItems);
break;
case 'REGION':
$numItems = RegionStats::newInstance()->calculateNumItems($id);
$data = RegionStats::newInstance()->setNumItems($id, $numItems);
unset($numItems);
break;
case 'CITY':
$numItems = CityStats::newInstance()->calculateNumItems($id);
$data = CityStats::newInstance()->setNumItems($id, $numItems);
unset($numItems);
break;
default:
break;
}
if ($data >= 0) {
LocationsTmp::newInstance()->delete(array('e_type' => $location['e_type'], 'id_location' => $location['id_location']));
}
}
$array['status'] = 'more';
$array['pending'] = $workToDo = LocationsTmp::newInstance()->count();
echo json_encode($array);
} else {
$array['status'] = 'done';
echo json_encode($array);
}
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
public function sendEmails($aItem)
{
$item = $aItem['item'];
$title = $aItem['title'];
$contactEmail = $aItem['contactEmail'];
$contactName = $aItem['contactName'];
View::newInstance()->_exportVariableToView('item', $item);
$mPages = new Page();
$locale = osc_current_user_locale();
/**
* Send email to user requesting item activation
*/
if (osc_item_validation_enabled() && (!osc_logged_user_item_validation() || !osc_is_web_user_logged_in())) {
$aPage = $mPages->findByInternalName('email_item_validation');
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item_url = osc_item_url();
$all = '';
if (isset($item['locale'])) {
foreach ($item['locale'] as $locale => $data) {
$locale_name = OSCLocale::newInstance()->listWhere("pk_c_code = '" . $locale . "'");
$all .= '<br/>';
if (isset($locale_name[0]) && isset($locale_name[0]['s_name'])) {
$all .= __('Language') . ': ' . $locale_name[0]['s_name'] . '<br/>';
} else {
$all .= __('Language') . ': ' . $locale . '<br/>';
}
$all .= __('Title') . ': ' . $data['s_title'] . '<br/>';
$all .= __('Description') . ': ' . $data['s_description'] . '<br/>';
$all .= '<br/>';
}
} else {
$all .= __('Title') . ': ' . $item['s_title'] . '<br/>';
$all .= __('Description') . ': ' . $item['s_description'] . '<br/>';
}
// Format activation URL
$validation_url = osc_item_activate_url($item['s_secret'], $item['pk_i_id']);
$words = array();
$words[] = array('{ITEM_DESCRIPTION_ALL_LANGUAGES}', '{ITEM_DESCRIPTION}', '{ITEM_COUNTRY}', '{ITEM_PRICE}', '{ITEM_REGION}', '{ITEM_CITY}', '{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{VALIDATION_LINK}', '{VALIDATION_URL}');
$words[] = array($all, $item['s_description'], $item['s_country'], $item['f_price'], $item['s_region'], $item['s_city'], $item['pk_i_id'], $item['s_contact_name'], $item['s_contact_email'], osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $validation_url . '" >' . $validation_url . '</a>', $validation_url);
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $contactEmail, 'to_name' => $contactName, 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
/**
* Send email to admin about the new item
*/
if (osc_notify_new_item()) {
$aPage = $mPages->findByInternalName('email_admin_new_item');
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item_url = osc_item_url();
$all = '';
if (isset($item['locale'])) {
foreach ($item['locale'] as $locale => $data) {
$locale_name = OSCLocale::newInstance()->listWhere("pk_c_code = '" . $locale . "'");
$all .= '<br/>';
if (isset($locale_name[0]) && isset($locale_name[0]['s_name'])) {
$all .= __('Language') . ': ' . $locale_name[0]['s_name'] . '<br/>';
} else {
$all .= __('Language') . ': ' . $locale . '<br/>';
}
$all .= __('Title') . ': ' . $data['s_title'] . '<br/>';
$all .= __('Description') . ': ' . $data['s_description'] . '<br/>';
$all .= '<br/>';
}
} else {
$all .= __('Title') . ': ' . $item['s_title'] . '<br/>';
$all .= __('Description') . ': ' . $item['s_description'] . '<br/>';
}
// Format activation URL
$validation_url = osc_item_activate_url($item['s_secret'], $item['pk_i_id']);
// Format admin edit URL
$admin_edit_url = osc_item_admin_edit_url($item['pk_i_id']);
$words = array();
$words[] = array('{EDIT_LINK}', '{EDIT_URL}', '{ITEM_DESCRIPTION_ALL_LANGUAGES}', '{ITEM_DESCRIPTION}', '{ITEM_COUNTRY}', '{ITEM_PRICE}', '{ITEM_REGION}', '{ITEM_CITY}', '{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{VALIDATION_LINK}', '{VALIDATION_URL}');
$words[] = array('<a href="' . $admin_edit_url . '" >' . $admin_edit_url . '</a>', $admin_edit_url, $all, $item['s_description'], $item['s_country'], $item['f_price'], $item['s_region'], $item['s_city'], $item['pk_i_id'], $item['s_contact_name'], $item['s_contact_email'], osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $validation_url . '" >' . $validation_url . '</a>', $validation_url);
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
}