/**
* @return bool|void
*/
public function autoLogin()
{
$Register = Register::getInstance();
$FpsDB = $Register['DB'];
// Если не установлены cookie, содержащие логин и пароль
if (!isset($_COOKIE['userid']) or !isset($_COOKIE['password'])) {
$path = '/';
if (isset($_COOKIE['userid'])) {
setcookie('userid', '', time() - 1, $path);
}
if (isset($_COOKIE['password'])) {
setcookie('password', '', time() - 1, $path);
}
if (isset($_COOKIE['autologin'])) {
setcookie('autologin', '', time() - 1, $path);
}
return false;
}
// Проверяем переменные cookie на недопустимые символы
$user_id = intval($_COOKIE['userid']);
if ($user_id < 1) {
return false;
}
// Т.к. пароль зашифрован с помощью md5, то он представляет собой
// 32-значное шестнадцатеричное число
$password = substr($_COOKIE['password'], 0, 32);
$password = preg_replace("#[^0-9a-f]#i", '', $password);
$res = $FpsDB->select('users', DB_FIRST, array('cond' => array('id' => $user_id, 'passw' => $password), 'fields' => array('*', 'UNIX_TIMESTAMP(last_visit) as unix_last_visit')));
// Если пользователь с таким логином и паролем не найден -
// значит данные неверные и надо их удалить
if (count($res) < 1) {
//$tmppos = strrpos( $_SERVER['PHP_SELF'], '/' ) + 1;
//$path = substr( $_SERVER['PHP_SELF'], 0, $tmppos );
$path = '/';
setcookie('autologin', '', time() - 1, $path);
setcookie('userid', '', time() - 1, $path);
setcookie('password', '', time() - 1, $path);
return false;
}
$user = $res[0];
if (!empty($user['activation'])) {
//$tmppos = strrpos( $_SERVER['PHP_SELF'], '/' ) + 1;
//$path = substr( $_SERVER['PHP_SELF'], 0, $tmppos );
$path = '/';
setcookie('autologin', '', time() - 1, $path);
setcookie('userid', '', time() - 1, $path);
setcookie('password', '', time() - 1, $path);
return showInfoMessage(__('Your account not activated'), '/');
}
// Если пользователь заблокирован
if ($user['locked']) {
//$tmppos = strrpos( $_SERVER['PHP_SELF'], '/' ) + 1;
//$path = substr( $_SERVER['PHP_SELF'], 0, $tmppos );
$path = '/';
setcookie('autologin', '', time() - 1, $path);
setcookie('userid', '', time() - 1, $path);
setcookie('password', '', time() - 1, $path);
redirect('/users/baned/');
}
$_SESSION['user'] = $user;
// Функция getNewThemes() помещает в массив $_SESSION['newThemes'] ID тем,
// в которых были новые сообщения со времени последнего посещения пользователя
$this->getNewThemes();
return true;
}
/**
* Check user access and if all right
* delete record with geting ID.
*
* @param int $id
*/
public function delete($id = null)
{
$this->cached = false;
$id = (int) $id;
if ($id < 1) {
redirect('/');
}
$target = $this->Model->getById($id);
if (!$target) {
redirect('/');
}
//turn access
if (!$this->ACL->turn(array($this->module, 'delete_materials'), false) && (!empty($_SESSION['user']['id']) && $target->getAuthor_id() == $_SESSION['user']['id'] && $this->ACL->turn(array($this->module, 'delete_mine_materials'), false)) === false) {
return showInfoMessage(__('Permission denied'), '/' . $this->module . '/');
}
//remove cache
$this->Cache->clean(CACHE_MATCHING_TAG, array('module_' . $this->module, 'record_id_' . $id));
$this->DB->cleanSqlCache();
$target->delete();
$user_id = !empty($_SESSION['user']['id']) ? intval($_SESSION['user']['id']) : 0;
if ($this->Log) {
$this->Log->write('delete ' . $this->module, $this->module . ' id(' . $id . ') user id(' . $user_id . ')');
}
return $this->showInfoMessage(__('Operation is successful'), '/' . $this->module . '/');
}
/**
*
* Validate data and update record into
* Data Base. If an errors, redirect user to add form
* and show error message where speaks as not to admit
* errors in the future
*
*/
public function update($id = null)
{
$id = (int) $id;
if (empty($id)) {
redirect('/');
}
$entity = $this->Model->getById($id);
if (!$entity) {
return $this->_view(__('Some error occurred'));
}
if (!$this->ACL->turn(array('foto', 'edit_materials'), false) && (empty($_SESSION['user']['id']) || $entity->getAuthor_id() !== $_SESSION['user']['id'] || !$this->ACL->turn(array('foto', 'edit_mine_materials'), false))) {
return showInfoMessage(__('Permission denied'), '/foto/');
}
$errors = $this->Register['Validate']->check($this->Register['action']);
// Обрезаем переменные до длины, указанной в параметре maxlength тега input
$title = trim(mb_substr($_POST['title'], 0, 128));
$description = trim($_POST['main_text']);
$in_cat = intval($_POST['cats_selector']);
if (empty($in_cat)) {
$in_cat = $entity->getCategory_id();
}
$className = $this->Register['ModManager']->getModelNameFromModule($this->module . 'Categories');
$catModel = new $className();
$cats = $catModel->getById($in_cat);
if (!$cats) {
$errors[] = __('Can not find category');
}
// errors
if (!empty($errors)) {
$data = array('title' => $title, 'description' => $description, 'in_cat' => $in_cat);
$data['errors'] = $errors;
$_SESSION['FpsForm'] = $data;
redirect('/foto/edit_form/' . $id);
}
$description = mb_substr($description, 0, Config::read('description_lenght', 'foto'));
$entity->setTitle($title);
$entity->setDescription($description);
$entity->setCategory_id($in_cat);
$entity->save();
if (!empty($_FILES['foto']['name'])) {
try {
$filename = $this->__saveFile($_FILES['foto'], $id);
if (!$filename) {
throw new Exception('ERROR: FILE_UPL');
}
$entity->setFilename($filename)->save();
} catch (Exception $e) {
$data = array('title' => null, 'description' => null, 'in_cat' => $in_cat);
$data = array_merge($data, $_POST);
$data['errors'] = array(__('Some error occurred'));
$_SESSION['FpsForm'] = $data;
redirect('/foto/edit_form/');
}
}
//clean cache
$this->Cache->clean(CACHE_MATCHING_TAG, array('module_foto', 'record_id_' . $id));
$this->DB->cleanSqlCache();
if ($this->Log) {
$this->Log->write('editing foto', 'foto id(' . $id . ')');
}
return $this->showInfoMessage(__('Operation is successful'), '/foto/');
}
/**
* action view category of loads
*/
public function category($id = null)
{
//turn access
$this->ACL->turn(array($this->module, 'view_list'));
$id = intval($id);
if (empty($id) || $id < 1) {
redirect('/');
}
$SectionsModel = $this->Register['ModManager']->getModelInstance($this->module . 'Categories');
$category = $SectionsModel->getById($id);
if (!$category) {
return showInfoMessage(__('Can not find category'), '/' . $this->module . '/');
}
if (!$this->ACL->checkCategoryAccess($category->getNo_access())) {
return showInfoMessage(__('Permission denied'), '/' . $this->module . '/');
}
//формируем блок со списком разделов
$this->_getCatsTree($id);
if ($this->cached && $this->Cache->check($this->cacheKey)) {
$source = $this->Cache->read($this->cacheKey);
return $this->_view($source);
}
$where = array();
$where[] = $this->_getDeniSectionsCond($id);
if (!$this->ACL->turn(array('other', 'can_see_hidden'), false)) {
$where['available'] = '1';
}
if (!$this->ACL->turn(array('other', 'can_premoder'), false)) {
$where['premoder'] = 'confirmed';
}
$total = $this->Model->getTotal(array('cond' => $where));
list($pages, $page) = pagination($total, $this->Register['Config']->read('per_page', $this->module), '/' . $this->module . '/category/' . $id);
$this->Register['pages'] = $pages;
$this->Register['page'] = $page;
$this->addToPageMetaContext('page', $page);
$this->addToPageMetaContext('category_title', h($category->getTitle()));
$navi = array();
$navi['add_link'] = $this->ACL->turn(array($this->module, 'add_materials'), false) ? get_link(__('Add material'), '/' . $this->module . '/add_form/') : '';
$navi['navigation'] = $this->_buildBreadCrumbs($id);
$navi['pagination'] = $pages;
$navi['meta'] = __('Count material in cat') . $total;
$navi['category_name'] = h($category->getTitle());
$this->_globalize($navi);
if ($total <= 0) {
$html = __('Materials not found');
return $this->_view($html);
}
$this->Model->bindModel('attaches');
$this->Model->bindModel('author');
$this->Model->bindModel('category');
$params = array('page' => $page, 'limit' => Config::read('per_page', $this->module), 'order' => $this->Model->getOrderParam());
$records = $this->Model->getCollection($where, $params);
if (is_object($this->AddFields) && count($records) > 0) {
$records = $this->AddFields->mergeRecords($records);
}
// create markers
foreach ($records as $result) {
$this->Register['current_vars'] = $result;
$markers = array();
$markers['moder_panel'] = $this->_getAdminBar($result);
$entry_url = entryUrl($result, $this->module);
$markers['entry_url'] = $entry_url;
$markers['announce'] = $this->Textarier->getAnnounce($result->getMain(), $result, $this->Register['Config']->read('announce_lenght', $this->module));
$markers['category_url'] = get_url('/' . $this->module . '/category/' . $result->getCategory_id());
$markers['profile_url'] = getProfileUrl($result->getAuthor()->getId());
//set users_id that are on this page
$this->setCacheTag(array('user_id_' . $result->getAuthor()->getId(), 'record_id_' . $result->getId()));
$result->setAdd_markers($markers);
}
$source = $this->render('list.html', array('entities' => $records));
//write int cache
if ($this->cached) {
$this->Cache->write($source, $this->cacheKey, $this->cacheTags);
}
return $this->_view($source);
}
