function update_location_stats()
{
$aCountries = Country::newInstance()->listAll();
$aCountryValues = array();
$aRegions = array();
$aRegionValues = array();
$aCities = array();
$aCityValues = array();
foreach ($aCountries as $country) {
$id = $country['pk_c_code'];
$numItems = CountryStats::newInstance()->calculateNumItems($id);
array_push($aCountryValues, "('{$id}', {$numItems})");
unset($numItems);
$aRegions = Region::newInstance()->findByCountry($id);
foreach ($aRegions as $region) {
$id = $region['pk_i_id'];
$numItems = RegionStats::newInstance()->calculateNumItems($id);
array_push($aRegionValues, "({$id}, {$numItems})");
unset($numItems);
$aCities = City::newInstance()->findByRegion($id);
foreach ($aCities as $city) {
$id = $city['pk_i_id'];
$numItems = CityStats::newInstance()->calculateNumItems($id);
array_push($aCityValues, "({$id}, {$numItems})");
unset($numItems);
}
}
}
// insert Country stats
$sql_country = 'REPLACE INTO ' . DB_TABLE_PREFIX . 't_country_stats (fk_c_country_code, i_num_items) VALUES ';
$sql_country .= implode(',', $aCountryValues);
CountryStats::newInstance()->dao->query($sql_country);
// insert Region stats
$sql_region = 'REPLACE INTO ' . DB_TABLE_PREFIX . 't_region_stats (fk_i_region_id, i_num_items) VALUES ';
$sql_region .= implode(',', $aRegionValues);
RegionStats::newInstance()->dao->query($sql_region);
// insert City stats
$sql_city = 'REPLACE INTO ' . DB_TABLE_PREFIX . 't_city_stats (fk_i_city_id, i_num_items) VALUES ';
$sql_city .= implode(',', $aCityValues);
CityStats::newInstance()->dao->query($sql_city);
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (!osc_users_enabled()) {
osc_add_flash_message(_m('Users not enabled'));
$this->redirectTo(osc_base_url(true));
}
if (osc_reg_user_post() && $this->user == null) {
// CHANGEME: This text
osc_add_flash_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (!osc_users_enabled()) {
osc_add_flash_message(_m('Users not allowed'));
$this->redirectTo(osc_base_url(true));
}
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_base_url(true));
}
// POST ITEM ( ADD ITEM )
$mItems = new ItemActions(false);
$success = $mItems->add();
if ($success) {
$PcontactName = Params::getParam('contactName');
$PcontactEmail = Params::getParam('contactEmail');
$itemId = Params::getParam('itemId');
$item = array();
if (Session::newInstance()->_get('userId') == '') {
$mPages = new Page();
$aPage = $mPages->findByInternalName('email_new_item_non_register_user');
$locale = osc_current_user_locale();
$content = array();
if (isset($aPage['locale'][$locale]['s_title'])) {
$content = $aPage['locale'][$locale];
} else {
$content = current($aPage['locale']);
}
$item = $this->itemManager->findByPrimaryKey($itemId);
$item_url = osc_item_url();
// before page = user , action = item_edit
$edit_url = osc_item_edit_url($item['s_secret'], $itemId);
// before page = user , action = item_delete
$delete_url = osc_item_delete_url($item['s_secret'], $itemId);
$words = array();
$words[] = array('{ITEM_ID}', '{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{ITEM_TITLE}', '{ITEM_URL}', '{WEB_TITLE}', '{EDIT_LINK}', '{EDIT_URL}', '{DELETE_LINK}', '{DELETE_URL}');
$words[] = array($itemId, $PcontactName, $PcontactEmail, osc_base_url(), $item['s_title'], $item_url, osc_page_title(), '<a href="' . $edit_url . '">' . $edit_url . '</a>', $edit_url, '<a href="' . $delete_url . '">' . $delete_url . '</a>', $delete_url);
$title = osc_mailBeauty($content['s_title'], $words);
$body = osc_mailBeauty($content['s_text'], $words);
$emailParams = array('subject' => $title, 'to' => $PcontactEmail, 'to_name' => $PcontactName, 'body' => $body, 'alt_body' => $body);
osc_sendMail($emailParams);
}
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
} else {
$this->redirectTo(osc_item_post_url());
}
break;
case 'item_edit':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$categories = Category::newInstance()->toTree();
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$currencies = Currency::newInstance()->listAll();
$this->_exportVariableToView('item', $item);
//$this->_exportVariableToView('user', $this->user) ;
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
//$this->redirectTo(osc_base_url(true));
osc_add_flash_message(_m('Sorry, we don\'t have any items with that ID'));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
$success = $mItems->edit();
if ($success) {
osc_add_flash_message(_m('Great! We\'ve just updated your item'));
$this->redirectTo(osc_base_url(true) . "?page=item&id={$id}");
} else {
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['e_status'] == 'INACTIVE') {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_message(_m('The item has been validated'));
} else {
osc_add_flash_message(_m('The item can\'t be validated'));
}
} else {
osc_add_flash_message(_m('The item has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_message(_m('Your item has been deleted'));
} else {
osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_message(_m('The item you are trying to delete couldn\'t be deleted'));
$this->redirectTo(osc_base_url());
}
break;
case 'deleteResource':
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
osc_add_flash_message(_m("The selected photo couldn't be deleted, the url doesn't exist"));
if ($this->userId == null) {
$this->redirectTo(osc_base_url());
} else {
$this->redirectTo(osc_user_dashboard_url());
}
}
$aItem = $this->itemManager->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
osc_add_flash_message(_m('The item doesn\'t exist'));
$this->redirectTo(osc_base_url());
}
// Check if the item belong to the user
if ($this->userId != null && $this->userId != $aItem['fk_i_user_id']) {
osc_add_flash_message(_m('The item doesn\'t belong to you'));
$this->redirectTo(osc_item_url_ns($item));
}
// Check if the secret passphrase match with the item
if ($this->userId == null && $secret != $aItem['s_secret']) {
osc_add_flash_message(_m('The item doesn\'t belong to you'));
$this->redirectTo(osc_item_url_ns($item));
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->getResourceSecure($id, $code);
if ($result > 0) {
// Delete: file, db table entry
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
osc_add_flash_message(_m('The selected photo has been successfully deleted'));
} else {
osc_add_flash_message(_m("The selected photo couldn't be deleted"));
}
// Redirect to item_edit. If unregistered user, include $secret.
$this->redirectTo(osc_item_edit_url($secret, $item));
break;
case 'mark':
$mItem = new ItemActions(false);
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
$mItem->mark($id, $as);
osc_add_flash_message(_m('Thanks! That\'s very helpful'));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$mItem = new ItemActions(false);
$mItem->send_friend();
$item_url = Params::getParam('item_url');
$this->redirectTo($item_url);
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date) {
// The item is expired, we can not contact the seller
osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_create_item_url($item));
}
}
$this->_exportVariableToView('item', $item);
$this->doView('item-contact.php');
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date) {
// The item is expired, we can not contact the seller
osc_add_flash_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
}
$mItem = new ItemActions(false);
$mItem->contact();
osc_add_flash_message(_m('We\'ve just sent an e-mail to the seller'));
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
break;
case 2:
$msg = _m('Your comment has been approved');
break;
case 3:
$msg = _m('Please fill the required fields (name, email)');
break;
case 4:
$msg = _m('Please type a comment');
break;
case 5:
$msg = _m('Your comment has been marked as spam');
break;
}
osc_add_flash_message($msg);
$this->redirectTo(Params::getParam('itemURL'));
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_message(_m('You have to be logged to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_message(_m('The comment doesn\'t exist'));
$this->redirectTo(osc_item_url());
}
if ($aComment['e_status'] != 'ACTIVE') {
osc_add_flash_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_message(_m('You cannot delete the comment'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_message(_m('The comment has been deleted correctly'));
$this->redirectTo(osc_item_url());
break;
default:
if (Params::getParam('id') == '') {
$this->redirectTo(osc_base_url());
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist redirect to base url
if (count($item) == 0) {
osc_add_flash_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
if ($item['e_status'] != 'ACTIVE') {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users'));
} else {
osc_add_flash_message(_m('This item hasn\'t been validated'));
$this->redirectTo(osc_base_url(true));
}
}
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
$this->_exportVariableToView('items', array($item));
osc_run_hook('show_item', $item);
$this->doView('item.php');
}
break;
case 'dashboard':
//dashboard...
break;
}
}
/**
* Return an array with all data necessary for do the action (ADD OR EDIT)
* @param <type> $is_add
* @return array
*/
public function prepareData( $is_add )
{
$aItem = array();
$data = array();
$userId = null;
if( $this->is_admin ) {
// user
$data = User::newInstance()->findByEmail(Params::getParam('contactEmail'));
if( isset($data['pk_i_id']) && is_numeric($data['pk_i_id']) ) {
$userId = $data['pk_i_id'];
}
} else {
$userId = Session::newInstance()->_get('userId');
if( $userId == '' ) {
$userId = NULL;
} elseif ($userId != NULL) {
$data = User::newInstance()->findByPrimaryKey( $userId );
}
}
if( $userId != null ) {
$aItem['contactName'] = $data['s_name'];
$aItem['contactEmail'] = $data['s_email'];
Params::setParam('contactName', $data['s_name']);
Params::setParam('contactEmail', $data['s_email']);
} else {
$aItem['contactName'] = Params::getParam('contactName');
$aItem['contactEmail'] = Params::getParam('contactEmail');
}
$aItem['userId'] = $userId;
if( $is_add ) { // ADD
if($this->is_admin) {
$active = 'ACTIVE';
} else {
if(osc_moderate_items()>0) { // HAS TO VALIDATE
if(!osc_is_web_user_logged_in()) { // NO USER IS LOGGED, VALIDATE
$active = 'INACTIVE';
} else { // USER IS LOGGED
if(osc_logged_user_item_validation()) { //USER IS LOGGED, BUT NO NEED TO VALIDATE
$active = 'ACTIVE';
} else { // USER IS LOGGED, NEED TO VALIDATE, CHECK NUMBER OF PREVIOUS ITEMS
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
if($user['i_items']<osc_moderate_items()) {
$active = 'INACTIVE';
} else {
$active = 'ACTIVE';
}
}
}
} else if(osc_moderate_items()==0 ){
if(osc_is_web_user_logged_in() && osc_logged_user_item_validation() ) {
$active = 'ACTIVE';
} else {
$active = 'INACTIVE';
}
} else {
$active = 'ACTIVE';
}
}
$aItem['active'] = $active;
} else { // EDIT
$aItem['secret'] = Params::getParam('secret');
$aItem['idItem'] = Params::getParam('id');
}
// get params
$aItem['catId'] = Params::getParam('catId');
$aItem['countryId'] = Params::getParam('countryId');
$aItem['country'] = Params::getParam('country');
$aItem['region'] = Params::getParam('region');
$aItem['regionId'] = Params::getParam('regionId');
$aItem['city'] = Params::getParam('city');
$aItem['cityId'] = Params::getParam('cityId');
$aItem['price'] = (Params::getParam('price') != '') ? Params::getParam('price') : null;
$aItem['cityArea'] = Params::getParam('cityArea');
$aItem['address'] = Params::getParam('address');
$aItem['currency'] = Params::getParam('currency');
$aItem['showEmail'] = (Params::getParam('showEmail') != '') ? 1 : 0;
$aItem['title'] = Params::getParam('title');
$aItem['description'] = Params::getParam('description');
$aItem['photos'] = Params::getFiles('photos');
$ajax_photos = Params::getParam('ajax_photos');
$aItem['s_ip'] = get_ip();
$aItem['d_coord_lat'] = (Params::getParam('d_coord_lat') != '') ? Params::getParam('d_coord_lat') : null;
$aItem['d_coord_long'] = (Params::getParam('d_coord_long') != '') ? Params::getParam('d_coord_long') : null;
$aItem['s_zip'] = (Params::getParam('zip') != '') ? Params::getParam('zip') : null;
// $ajax_photos is an array of filenames of the photos uploaded by ajax to a temporary folder
// fake insert them into the array of the form-uploaded photos
if(is_array($ajax_photos)) {
foreach($ajax_photos as $photo) {
if(file_exists(osc_content_path().'uploads/temp/'.$photo)) {
$aItem['photos']['name'][] = $photo;
$aItem['photos']['type'][] = 'image/*';
$aItem['photos']['tmp_name'][] = osc_content_path().'uploads/temp/'.$photo;
$aItem['photos']['error'][] = UPLOAD_ERR_OK;
$aItem['photos']['size'][] = 0;
}
}
}
if($is_add || $this->is_admin) {
$dt_expiration = Params::getParam('dt_expiration');
if($dt_expiration==-1) {
$aItem['dt_expiration'] = '';
} else if($dt_expiration!='' && (preg_match('|^([0-9]+)$|', $dt_expiration, $match) || preg_match('|([0-9]{4})-([0-9]{2})-([0-9]{2}) ([0-9]{2}):([0-9]{2}):([0-9]{2})|', $dt_expiration, $match))) {
$aItem['dt_expiration'] = $dt_expiration;
} else {
$_category = Category::newInstance()->findByPrimaryKey($aItem['catId']);
$aItem['dt_expiration'] = $_category['i_expiration_days'];
}
unset($dt_expiration);
} else {
$aItem['dt_expiration'] = '';
};
// check params
$country = Country::newInstance()->findByCode($aItem['countryId']);
if( count($country) > 0 ) {
$countryId = $country['pk_c_code'];
$countryName = $country['s_name'];
} else {
$countryId = null;
$countryName = $aItem['country'];
}
$aItem['countryId'] = $countryId;
$aItem['countryName'] = $countryName;
if( $aItem['regionId'] != '' ) {
if( intval($aItem['regionId']) ) {
$region = Region::newInstance()->findByPrimaryKey($aItem['regionId']);
if( count($region) > 0 ) {
$regionId = $region['pk_i_id'];
$regionName = $region['s_name'];
}
}
} else {
$regionId = null;
$regionName = $aItem['region'];
if( $aItem['countryId'] != '' ) {
$auxRegion = Region::newInstance()->findByName($aItem['region'], $aItem['countryId'] );
if($auxRegion){
$regionId = $auxRegion['pk_i_id'];
$regionName = $auxRegion['s_name'];
}
}
}
$aItem['regionId'] = $regionId;
$aItem['regionName'] = $regionName;
if( $aItem['cityId'] != '' ) {
if( intval($aItem['cityId']) ) {
$city = City::newInstance()->findByPrimaryKey($aItem['cityId']);
if( count($city) > 0 ) {
$cityId = $city['pk_i_id'];
$cityName = $city['s_name'];
}
}
} else {
$cityId = null;
$cityName = $aItem['city'];
if( $aItem['countryId'] != '' ) {
$auxCity = City::newInstance()->findByName($aItem['city'], $aItem['regionId'] );
if($auxCity){
$cityId = $auxCity['pk_i_id'];
$cityName = $auxCity['s_name'];
}
}
}
$aItem['cityId'] = $cityId;
$aItem['cityName'] = $cityName;
if( $aItem['cityArea'] == '' ) {
$aItem['cityArea'] = null;
}
if( $aItem['address'] == '' ) {
$aItem['address'] = null;
}
if( !is_null($aItem['price']) ) {
$price = str_replace(osc_locale_thousands_sep(), '', trim($aItem['price']));
$price = str_replace(osc_locale_dec_point(), '.', $price);
$aItem['price'] = $price*1000000;
//$aItem['price'] = (float) $aItem['price'];
}
if( $aItem['catId'] == ''){
$aItem['catId'] = 0;
}
if( $aItem['currency'] == '' ) {
$aItem['currency'] = null;
}
$this->data = $aItem;
}
/**
* Return an array with all data necessary for do the action (ADD OR EDIT)
* @param <type> $is_add
* @return array
*/
public function prepareData($is_add)
{
$aItem = array();
// prepare user
$userId = null;
if ($this->is_admin) {
if (Params::getParam('userId') != '') {
$userId = Params::getParam('userId');
}
} else {
$userId = Session::newInstance()->_get('userId');
if ($userId == '') {
$userId = NULL;
}
}
if ($is_add) {
// ADD
if ($this->is_admin) {
$active = 'ACTIVE';
} else {
if (osc_moderate_items() > 0) {
// HAS TO VALIDATE
if (!osc_is_web_user_logged_in()) {
// NO USER IS LOGGED, VALIDATE
$active = 'INACTIVE';
} else {
// USER IS LOGGED
if (osc_logged_user_item_validation()) {
//USER IS LOGGED, BUT NO NEED TO VALIDATE
$active = 'ACTIVE';
} else {
// USER IS LOGGED, NEED TO VALIDATE, CHECK NUMBER OF PREVIOUS ITEMS
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
if ($user['i_items'] < osc_moderate_items()) {
$active = 'INACTIVE';
} else {
$active = 'ACTIVE';
}
}
}
} else {
if (osc_moderate_items() == 0) {
if (osc_is_web_user_logged_in() && osc_logged_user_item_validation()) {
$active = 'ACTIVE';
} else {
$active = 'INACTIVE';
}
} else {
$active = 'ACTIVE';
}
}
}
if ($userId != null) {
$data = User::newInstance()->findByPrimaryKey($userId);
$aItem['contactName'] = $data['s_name'];
$aItem['contactEmail'] = $data['s_email'];
Params::setParam('contactName', $data['s_name']);
Params::setParam('contactEmail', $data['s_email']);
} else {
$aItem['contactName'] = Params::getParam('contactName');
$aItem['contactEmail'] = Params::getParam('contactEmail');
}
$aItem['active'] = $active;
$aItem['userId'] = $userId;
} else {
// EDIT
$aItem['secret'] = Params::getParam('secret');
$aItem['idItem'] = Params::getParam('id');
if ($userId != null) {
$data = User::newInstance()->findByPrimaryKey($userId);
$aItem['contactName'] = $data['s_name'];
$aItem['contactEmail'] = $data['s_email'];
Params::setParam('contactName', $data['s_name']);
Params::setParam('contactEmail', $data['s_email']);
} else {
$aItem['contactName'] = Params::getParam('contactName');
$aItem['contactEmail'] = Params::getParam('contactEmail');
}
$aItem['userId'] = $userId;
}
// get params
$aItem['catId'] = Params::getParam('catId');
$aItem['countryId'] = Params::getParam('countryId');
$aItem['country'] = Params::getParam('country');
$aItem['region'] = Params::getParam('region');
$aItem['regionId'] = Params::getParam('regionId');
$aItem['city'] = Params::getParam('city');
$aItem['cityId'] = Params::getParam('cityId');
$aItem['price'] = Params::getParam('price') != '' ? Params::getParam('price') : null;
$aItem['cityArea'] = Params::getParam('cityArea');
$aItem['address'] = Params::getParam('address');
$aItem['currency'] = Params::getParam('currency');
$aItem['showEmail'] = Params::getParam('showEmail') != '' ? 1 : 0;
$aItem['title'] = Params::getParam('title');
$aItem['description'] = Params::getParam('description');
$aItem['photos'] = Params::getFiles('photos');
// check params
$country = Country::newInstance()->findByCode($aItem['countryId']);
if (count($country) > 0) {
$countryId = $country['pk_c_code'];
$countryName = $country['s_name'];
} else {
$countryId = null;
$countryName = $aItem['country'];
}
$aItem['countryId'] = $countryId;
$aItem['countryName'] = $countryName;
if ($aItem['regionId'] != '') {
if (intval($aItem['regionId'])) {
$region = Region::newInstance()->findByPrimaryKey($aItem['regionId']);
if (count($region) > 0) {
$regionId = $region['pk_i_id'];
$regionName = $region['s_name'];
}
}
} else {
$regionId = null;
$regionName = $aItem['region'];
if ($aItem['countryId'] != '') {
$auxRegion = Region::newInstance()->findByName($aItem['region'], $aItem['countryId']);
if ($auxRegion) {
$regionId = $auxRegion['pk_i_id'];
$regionName = $auxRegion['s_name'];
}
}
}
$aItem['regionId'] = $regionId;
$aItem['regionName'] = $regionName;
if ($aItem['cityId'] != '') {
if (intval($aItem['cityId'])) {
$city = City::newInstance()->findByPrimaryKey($aItem['cityId']);
if (count($city) > 0) {
$cityId = $city['pk_i_id'];
$cityName = $city['s_name'];
}
}
} else {
$cityId = null;
$cityName = $aItem['city'];
if ($aItem['countryId'] != '') {
$auxCity = City::newInstance()->findByName($aItem['city'], $aItem['regionId']);
if ($auxCity) {
$cityId = $auxCity['pk_i_id'];
$cityName = $auxCity['s_name'];
}
}
}
$aItem['cityId'] = $cityId;
$aItem['cityName'] = $cityName;
if ($aItem['cityArea'] == '') {
$aItem['cityArea'] = null;
}
if ($aItem['address'] == '') {
$aItem['address'] = null;
}
if (!is_null($aItem['price'])) {
$price = str_replace(osc_locale_thousands_sep(), '', trim($aItem['price']));
$price = str_replace(osc_locale_dec_point(), '.', $price);
$aItem['price'] = $price * 1000000;
//$aItem['price'] = (float) $aItem['price'];
}
if ($aItem['catId'] == '') {
$aItem['catId'] = 0;
}
if ($aItem['currency'] == '') {
$aItem['currency'] = null;
}
$this->data = $aItem;
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
if (Session::newInstance()->_getForm('countryId') != "") {
$countryId = Session::newInstance()->_getForm('countryId');
$regions = Region::newInstance()->findByCountry($countryId);
$this->_exportVariableToView('regions', $regions);
if (Session::newInstance()->_getForm('regionId') != "") {
$regionId = Session::newInstance()->_getForm('regionId');
$cities = City::newInstance()->findByRegion($regionId);
$this->_exportVariableToView('cities', $cities);
}
}
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
$this->redirectTo(osc_base_url(true));
}
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(true);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (!osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByEmail($mItems->data['contactEmail']);
// The user exists but it's not logged
if (isset($user['pk_i_id'])) {
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_keepForm($key);
}
osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in'));
$this->redirectTo(osc_user_login_url());
}
}
// POST ITEM ( ADD ITEM )
$success = $mItems->add();
if ($success != 1 && $success != 2) {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_post_url());
} else {
Session::newInstance()->_dropkeepForm('meta_' . $key);
if ($success == 1) {
osc_add_flash_ok_message(_m('Check your inbox to validate your listing'));
} else {
osc_add_flash_ok_message(_m('Your listing has been published'));
}
$itemId = Params::getParam('itemId');
$item = $this->itemManager->findByPrimaryKey($itemId);
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
}
break;
case 'item_edit':
// edit item
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView('item', $item);
osc_run_hook("before_item_edit", $item);
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID"));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_edit_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$success = $mItems->edit();
osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id));
if ($success == 1) {
osc_add_flash_ok_message(_m("Great! We've just updated your listing"));
View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id));
$this->redirectTo(osc_item_url());
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
// item doesn't exist
if (count($item) == 0) {
$this->do404();
return;
}
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['b_active'] == 0) {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_ok_message(_m('The listing has been validated'));
} else {
osc_add_flash_error_message(_m("The listing can't be validated"));
}
} else {
osc_add_flash_warning_message(_m('The listing has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_ok_message(_m('Your listing has been deleted'));
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
$this->redirectTo(osc_base_url());
}
break;
case 'mark':
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) {
// mark item if it's not a bot
$mItem = new ItemActions(false);
$mItem->mark($id, $as);
break;
}
}
osc_add_flash_ok_message(_m("Thanks! That's very helpful"));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_send_friend_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$mItem = new ItemActions(false);
$success = $mItem->send_friend();
if ($success) {
Session::newInstance()->_clearVariables();
$this->redirectTo(osc_item_url());
} else {
$this->redirectTo(osc_item_send_friend_url());
}
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
if (empty($item)) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
} else {
$this->_exportVariableToView('item', $item);
if (osc_item_is_expired()) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
$this->doView('item-contact.php');
} else {
osc_add_flash_error_message(_m("You can't contact the seller, only registered users can"));
$this->redirectTo(osc_item_url());
}
}
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (osc_isExpired($item['dt_expiration'])) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
$mItem = new ItemActions(false);
$result = $mItem->contact();
if (is_string($result)) {
osc_add_flash_error_message($result);
} else {
osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller"));
}
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
osc_add_flash_error_message($msg);
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
osc_add_flash_info_message($msg);
break;
case 2:
$msg = _m('Your comment has been approved');
osc_add_flash_ok_message($msg);
break;
case 3:
$msg = _m('Please fill the required field (email)');
osc_add_flash_warning_message($msg);
break;
case 4:
$msg = _m('Please type a comment');
osc_add_flash_warning_message($msg);
break;
case 5:
$msg = _m('Your comment has been marked as spam');
osc_add_flash_error_message($msg);
break;
}
$this->redirectTo(osc_item_url());
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_error_message(_m("The comment doesn't exist"));
$this->redirectTo(osc_item_url());
}
if ($aComment['b_active'] != 1) {
osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_ok_message(_m('The comment has been deleted'));
$this->redirectTo(osc_item_url());
break;
default:
// if there isn't ID, show an error 404
if (Params::getParam('id') == '') {
$this->do404();
return;
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist show an error 404
if (count($item) == 0) {
$this->do404();
return;
}
if ($item['b_active'] != 1) {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public"));
} else {
osc_add_flash_warning_message(_m("This listing hasn't been validated"));
$this->redirectTo(osc_base_url(true));
}
} else {
if ($item['b_enabled'] == 0) {
osc_add_flash_warning_message(_m('The listing has been suspended'));
$this->redirectTo(osc_base_url(true));
}
}
if (!osc_is_admin_user_logged_in()) {
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) {
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
break;
}
}
}
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
if ($item['fk_i_user_id'] != '') {
$user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
$this->_exportVariableToView('user', $user);
}
$this->_exportVariableToView('item', $item);
osc_run_hook('show_item', $item);
// redirect to the correct url just in case it has changed
$itemURI = str_replace(osc_base_url(), '', osc_item_url());
$URI = preg_replace('|^' . REL_WEB_URL . '|', '', $_SERVER['REQUEST_URI']);
// do not clean QUERY_STRING if permalink is not enabled
if (osc_rewrite_enabled()) {
$URI = str_replace('?' . $_SERVER['QUERY_STRING'], '', $URI);
} else {
$params_keep = array('page', 'id');
$params = array();
foreach (Params::getParamsAsArray('get') as $k => $v) {
if (in_array($k, $params_keep)) {
$params[] = "{$k}={$v}";
}
}
$URI = 'index.php?' . implode('&', $params);
}
// redirect to the correct url
if ($itemURI != $URI) {
$this->redirectTo(osc_base_url() . $itemURI);
}
$this->doView('item.php');
break;
}
}
function doModel()
{
osc_run_hook('before_search');
if (osc_rewrite_enabled()) {
// IF rewrite is not enabled, skip this part, preg_match is always time&resources consuming task
$p_sParams = "/" . Params::getParam('sParams', false, false);
if (preg_match_all('|\\/([^,]+),([^\\/]*)|', $p_sParams, $m)) {
$l = count($m[0]);
for ($k = 0; $k < $l; $k++) {
switch ($m[1][$k]) {
case osc_get_preference('rewrite_search_country'):
$m[1][$k] = 'sCountry';
break;
case osc_get_preference('rewrite_search_region'):
$m[1][$k] = 'sRegion';
break;
case osc_get_preference('rewrite_search_city'):
$m[1][$k] = 'sCity';
break;
case osc_get_preference('rewrite_search_city_area'):
$m[1][$k] = 'sCityArea';
break;
case osc_get_preference('rewrite_search_category'):
$m[1][$k] = 'sCategory';
break;
case osc_get_preference('rewrite_search_user'):
$m[1][$k] = 'sUser';
break;
case osc_get_preference('rewrite_search_pattern'):
$m[1][$k] = 'sPattern';
break;
default:
// custom fields
if (preg_match("/meta(\\d+)-?(.*)?/", $m[1][$k], $results)) {
$meta_key = $m[1][$k];
$meta_value = $m[2][$k];
$array_r = array();
if (Params::existParam('meta')) {
$array_r = Params::getParam('meta');
}
if ($results[2] == '') {
// meta[meta_id] = meta_value
$meta_key = $results[1];
$array_r[$meta_key] = $meta_value;
} else {
// meta[meta_id][meta_key] = meta_value
$meta_key = $results[1];
$meta_key2 = $results[2];
$array_r[$meta_key][$meta_key2] = $meta_value;
}
$m[1][$k] = 'meta';
$m[2][$k] = $array_r;
}
break;
}
Params::setParam($m[1][$k], $m[2][$k]);
}
Params::unsetParam('sParams');
}
}
$uriParams = Params::getParamsAsArray();
$searchUri = osc_search_url($uriParams);
if ($this->uri != 'feed') {
if (str_replace("%20", '+', $searchUri) != str_replace("%20", '+', WEB_PATH . $this->uri)) {
$this->redirectTo($searchUri, 301);
}
}
////////////////////////////////
//GETTING AND FIXING SENT DATA//
////////////////////////////////
$p_sCategory = Params::getParam('sCategory');
if (!is_array($p_sCategory)) {
if ($p_sCategory == '') {
$p_sCategory = array();
} else {
$p_sCategory = explode(",", $p_sCategory);
}
}
$p_sCityArea = Params::getParam('sCityArea');
if (!is_array($p_sCityArea)) {
if ($p_sCityArea == '') {
$p_sCityArea = array();
} else {
$p_sCityArea = explode(",", $p_sCityArea);
}
}
$p_sCity = Params::getParam('sCity');
if (!is_array($p_sCity)) {
if ($p_sCity == '') {
$p_sCity = array();
} else {
$p_sCity = explode(",", $p_sCity);
}
}
$p_sRegion = Params::getParam('sRegion');
if (!is_array($p_sRegion)) {
if ($p_sRegion == '') {
$p_sRegion = array();
} else {
$p_sRegion = explode(",", $p_sRegion);
}
}
$p_sCountry = Params::getParam('sCountry');
if (!is_array($p_sCountry)) {
if ($p_sCountry == '') {
$p_sCountry = array();
} else {
$p_sCountry = explode(",", $p_sCountry);
}
}
$p_sUser = Params::getParam('sUser');
if (!is_array($p_sUser)) {
if ($p_sUser == '') {
$p_sUser = '';
} else {
$p_sUser = explode(",", $p_sUser);
}
}
$p_sLocale = Params::getParam('sLocale');
if (!is_array($p_sLocale)) {
if ($p_sLocale == '') {
$p_sLocale = '';
} else {
$p_sLocale = explode(",", $p_sLocale);
}
}
$p_sPattern = trim(strip_tags(Params::getParam('sPattern')));
// ADD TO THE LIST OF LAST SEARCHES
if (osc_save_latest_searches() && (!Params::existParam('iPage') || Params::getParam('iPage') == 1)) {
$savePattern = osc_apply_filter('save_latest_searches_pattern', $p_sPattern);
if ($savePattern != '') {
LatestSearches::newInstance()->insert(array('s_search' => $savePattern, 'd_date' => date('Y-m-d H:i:s')));
}
}
$p_bPic = Params::getParam('bPic');
$p_bPic = $p_bPic == 1 ? 1 : 0;
$p_bPremium = Params::getParam('bPremium');
$p_bPremium = $p_bPremium == 1 ? 1 : 0;
$p_sPriceMin = Params::getParam('sPriceMin');
$p_sPriceMax = Params::getParam('sPriceMax');
//WE CAN ONLY USE THE FIELDS RETURNED BY Search::getAllowedColumnsForSorting()
$p_sOrder = Params::getParam('sOrder');
if (!in_array($p_sOrder, Search::getAllowedColumnsForSorting())) {
$p_sOrder = osc_default_order_field_at_search();
}
$old_order = $p_sOrder;
//ONLY 0 ( => 'asc' ), 1 ( => 'desc' ) AS ALLOWED VALUES
$p_iOrderType = Params::getParam('iOrderType');
$allowedTypesForSorting = Search::getAllowedTypesForSorting();
$orderType = osc_default_order_type_at_search();
foreach ($allowedTypesForSorting as $k => $v) {
if ($p_iOrderType == $v) {
$orderType = $k;
break;
}
}
$p_iOrderType = $orderType;
$p_sFeed = Params::getParam('sFeed');
$p_iPage = 0;
if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') > 0) {
$p_iPage = intval(Params::getParam('iPage')) - 1;
}
if ($p_sFeed != '') {
$p_sPageSize = 1000;
}
$p_sShowAs = Params::getParam('sShowAs');
$aValidShowAsValues = array('list', 'gallery');
if (!in_array($p_sShowAs, $aValidShowAsValues)) {
$p_sShowAs = osc_default_show_as_at_search();
}
// search results: it's blocked with the maxResultsPerPage@search defined in t_preferences
$p_iPageSize = intval(Params::getParam('iPagesize'));
if ($p_iPageSize > 0) {
if ($p_iPageSize > osc_max_results_per_page_at_search()) {
$p_iPageSize = osc_max_results_per_page_at_search();
}
} else {
$p_iPageSize = osc_default_results_per_page_at_search();
}
//FILTERING CATEGORY
$bAllCategoriesChecked = false;
$successCat = false;
if (count($p_sCategory) > 0) {
foreach ($p_sCategory as $category) {
$successCat = $this->mSearch->addCategory($category) || $successCat;
}
} else {
$bAllCategoriesChecked = true;
}
//FILTERING CITY_AREA
foreach ($p_sCityArea as $city_area) {
$this->mSearch->addCityArea($city_area);
}
$p_sCityArea = implode(", ", $p_sCityArea);
//FILTERING CITY
foreach ($p_sCity as $city) {
$this->mSearch->addCity($city);
}
$p_sCity = implode(", ", $p_sCity);
//FILTERING REGION
foreach ($p_sRegion as $region) {
$this->mSearch->addRegion($region);
}
$p_sRegion = implode(", ", $p_sRegion);
//FILTERING COUNTRY
foreach ($p_sCountry as $country) {
$this->mSearch->addCountry($country);
}
$p_sCountry = implode(", ", $p_sCountry);
// FILTERING PATTERN
if ($p_sPattern != '') {
$this->mSearch->addPattern($p_sPattern);
$osc_request['sPattern'] = $p_sPattern;
} else {
// hardcoded - if there isn't a search pattern, order by dt_pub_date desc
if ($p_sOrder == 'relevance') {
$p_sOrder = 'dt_pub_date';
foreach ($allowedTypesForSorting as $k => $v) {
if ($p_iOrderType == 'desc') {
$orderType = $k;
break;
}
}
$p_iOrderType = $orderType;
}
}
// FILTERING USER
if ($p_sUser != '') {
$this->mSearch->fromUser($p_sUser);
}
// FILTERING LOCALE
$this->mSearch->addLocale($p_sLocale);
// FILTERING IF WE ONLY WANT ITEMS WITH PICS
if ($p_bPic) {
$this->mSearch->withPicture(true);
}
// FILTERING IF WE ONLY WANT PREMIUM ITEMS
if ($p_bPremium) {
$this->mSearch->onlyPremium(true);
}
//FILTERING BY RANGE PRICE
$this->mSearch->priceRange($p_sPriceMin, $p_sPriceMax);
//ORDERING THE SEARCH RESULTS
$this->mSearch->order($p_sOrder, $allowedTypesForSorting[$p_iOrderType]);
//SET PAGE
if ($p_sFeed == 'rss') {
// If param sFeed=rss, just output last 'osc_num_rss_items()'
$this->mSearch->page(0, osc_num_rss_items());
} else {
$this->mSearch->page($p_iPage, $p_iPageSize);
}
// CUSTOM FIELDS
$custom_fields = Params::getParam('meta');
$fields = Field::newInstance()->findIDSearchableByCategories($p_sCategory);
$table = DB_TABLE_PREFIX . 't_item_meta';
if (is_array($custom_fields)) {
foreach ($custom_fields as $key => $aux) {
if (in_array($key, $fields)) {
$field = Field::newInstance()->findByPrimaryKey($key);
switch ($field['e_type']) {
case 'TEXTAREA':
case 'TEXT':
case 'URL':
if ($aux != '') {
$aux = "%{$aux}%";
$sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
$str_escaped = Search::newInstance()->dao->escape($aux);
$sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
$sql .= $table . ".s_value LIKE " . $str_escaped;
$this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
}
break;
case 'DROPDOWN':
case 'RADIO':
if ($aux != '') {
$sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
$str_escaped = Search::newInstance()->dao->escape($aux);
$sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
$sql .= $table . ".s_value = " . $str_escaped;
$this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
}
break;
case 'CHECKBOX':
if ($aux != '') {
$sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
$sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
$sql .= $table . ".s_value = 1";
$this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
}
break;
case 'DATE':
if ($aux != '') {
$y = (int) date('Y', $aux);
$m = (int) date('n', $aux);
$d = (int) date('j', $aux);
$start = mktime('0', '0', '0', $m, $d, $y);
$end = mktime('23', '59', '59', $m, $d, $y);
$sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
$sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
$sql .= $table . ".s_value >= " . $start . " AND ";
$sql .= $table . ".s_value <= " . $end;
$this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql . ')');
}
break;
case 'DATEINTERVAL':
if (is_array($aux) && (!empty($aux['from']) && !empty($aux['to']))) {
$from = $aux['from'];
$to = $aux['to'];
$start = $from;
$end = $to;
$sql = "SELECT fk_i_item_id FROM {$table} WHERE ";
$sql .= $table . '.fk_i_field_id = ' . $key . ' AND ';
$sql .= $start . " >= " . $table . ".s_value AND s_multi = 'from'";
$sql1 = "SELECT fk_i_item_id FROM {$table} WHERE ";
$sql1 .= $table . ".fk_i_field_id = " . $key . " AND ";
$sql1 .= $end . " <= " . $table . ".s_value AND s_multi = 'to'";
$sql_interval = "select a.fk_i_item_id from (" . $sql . ") a where a.fk_i_item_id IN (" . $sql1 . ")";
$this->mSearch->addConditions(DB_TABLE_PREFIX . 't_item.pk_i_id IN (' . $sql_interval . ')');
}
break;
default:
break;
}
}
}
}
osc_run_hook('search_conditions', Params::getParamsAsArray());
// RETRIEVE ITEMS AND TOTAL
$key = md5(osc_base_url() . $this->mSearch->toJson());
$found = null;
$cache = osc_cache_get($key, $found);
$aItems = null;
$iTotalItems = null;
if ($cache) {
$aItems = $cache['aItems'];
$iTotalItems = $cache['iTotalItems'];
} else {
$aItems = $this->mSearch->doSearch();
$iTotalItems = $this->mSearch->count();
$_cache['aItems'] = $aItems;
$_cache['iTotalItems'] = $iTotalItems;
osc_cache_set($key, $_cache, OSC_CACHE_TTL);
}
$iStart = $p_iPage * $p_iPageSize;
$iEnd = min(($p_iPage + 1) * $p_iPageSize, $iTotalItems);
$iNumPages = ceil($iTotalItems / $p_iPageSize);
// works with cache enabled ?
osc_run_hook('search', $this->mSearch);
//preparing variables...
$countryName = $p_sCountry;
if (strlen($p_sCountry) == 2) {
$c = Country::newInstance()->findByCode($p_sCountry);
if ($c) {
$countryName = $c['s_name'];
}
}
$regionName = $p_sRegion;
if (is_numeric($p_sRegion)) {
$r = Region::newInstance()->findByPrimaryKey($p_sRegion);
if ($r) {
$regionName = $r['s_name'];
}
}
$cityName = $p_sCity;
if (is_numeric($p_sCity)) {
$c = City::newInstance()->findByPrimaryKey($p_sCity);
if ($c) {
$cityName = $c['s_name'];
}
}
$this->_exportVariableToView('search_start', $iStart);
$this->_exportVariableToView('search_end', $iEnd);
$this->_exportVariableToView('search_category', $p_sCategory);
// hardcoded - non pattern and order by relevance
$p_sOrder = $old_order;
$this->_exportVariableToView('search_order_type', $p_iOrderType);
$this->_exportVariableToView('search_order', $p_sOrder);
$this->_exportVariableToView('search_pattern', $p_sPattern);
$this->_exportVariableToView('search_from_user', $p_sUser);
$this->_exportVariableToView('search_total_pages', $iNumPages);
$this->_exportVariableToView('search_page', $p_iPage);
$this->_exportVariableToView('search_has_pic', $p_bPic);
$this->_exportVariableToView('search_only_premium', $p_bPremium);
$this->_exportVariableToView('search_country', $countryName);
$this->_exportVariableToView('search_region', $regionName);
$this->_exportVariableToView('search_city', $cityName);
$this->_exportVariableToView('search_price_min', $p_sPriceMin);
$this->_exportVariableToView('search_price_max', $p_sPriceMax);
$this->_exportVariableToView('search_total_items', $iTotalItems);
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('search_show_as', $p_sShowAs);
$this->_exportVariableToView('search', $this->mSearch);
// json
$json = $this->mSearch->toJson();
$encoded_alert = base64_encode(osc_encrypt_alert($json));
// Create the HMAC signature and convert the resulting hex hash into base64
$stringToSign = osc_get_alert_public_key() . $encoded_alert;
$signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign));
$server_signature = Session::newInstance()->_set('alert_signature', $signature);
$this->_exportVariableToView('search_alert', $encoded_alert);
// calling the view...
if (count($aItems) === 0) {
header('HTTP/1.1 404 Not Found');
}
osc_run_hook("after_search");
if (!Params::existParam('sFeed')) {
$this->doView('search.php');
} else {
if ($p_sFeed == '' || $p_sFeed == 'rss') {
// FEED REQUESTED!
header('Content-type: text/xml; charset=utf-8');
$feed = new RSSFeed();
$feed->setTitle(__('Latest listings added') . ' - ' . osc_page_title());
$feed->setLink(osc_base_url());
$feed->setDescription(__('Latest listings added in') . ' ' . osc_page_title());
if (osc_count_items() > 0) {
while (osc_has_items()) {
if (osc_count_item_resources() > 0) {
osc_has_item_resources();
$feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'country' => osc_item_country(), 'region' => osc_item_region(), 'city' => osc_item_city(), 'city_area' => osc_item_city_area(), 'category' => osc_item_category(), 'dt_pub_date' => osc_item_pub_date(), 'image' => array('url' => htmlentities(osc_resource_thumbnail_url(), ENT_COMPAT, "UTF-8"), 'title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"))));
} else {
$feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'country' => osc_item_country(), 'region' => osc_item_region(), 'city' => osc_item_city(), 'city_area' => osc_item_city_area(), 'category' => osc_item_category(), 'dt_pub_date' => osc_item_pub_date()));
}
}
}
osc_run_hook('feed', $feed);
$feed->dumpXML();
} else {
osc_run_hook('feed_' . $p_sFeed, $aItems);
}
}
}
function doModel()
{
parent::doModel();
switch ($this->action) {
case 'import':
// calling import view
$this->doView('tools/import.php');
break;
case 'import_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=import');
}
// calling
$sql = Params::getFiles('sql');
if (isset($sql['size']) && $sql['size'] != 0) {
$content_file = file_get_contents($sql['tmp_name']);
$conn = DBConnectionClass::newInstance();
$c_db = $conn->getOsclassDb();
$comm = new DBCommandClass($c_db);
if ($comm->importSQL($content_file)) {
osc_add_flash_ok_message(_m('Import complete'), 'admin');
} else {
osc_add_flash_error_message(_m('There was a problem importing data to the database'), 'admin');
}
} else {
osc_add_flash_warning_message(_m('No file was uploaded'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=import');
break;
case 'images':
// calling images view
$this->doView('tools/images.php');
break;
case 'images_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=images');
}
$preferences = Preference::newInstance()->toArray();
$wat = new Watermark();
$aResources = ItemResource::newInstance()->getAllResources();
foreach ($aResources as $resource) {
osc_run_hook('regenerate_image', $resource);
$path = osc_content_path() . 'uploads/';
// comprobar que no haya original
$img_original = $path . $resource['pk_i_id'] . "_original*";
$aImages = glob($img_original);
// there is original image
if (count($aImages) == 1) {
$image_tmp = $aImages[0];
} else {
$img_normal = $path . $resource['pk_i_id'] . ".*";
$aImages = glob($img_normal);
if (count($aImages) == 1) {
$image_tmp = $aImages[0];
} else {
$img_thumbnail = $path . $resource['pk_i_id'] . "_thumbnail*";
$aImages = glob($img_thumbnail);
$image_tmp = $aImages[0];
}
}
// extension
preg_match('/\\.(.*)$/', $image_tmp, $matches);
if (isset($matches[1])) {
$extension = $matches[1];
// Create normal size
$path_normal = $path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '.jpg';
$size = explode('x', osc_normal_dimensions());
ImageResizer::fromFile($image_tmp)->resizeTo($size[0], $size[1])->saveToFile($path);
if (osc_is_watermark_text()) {
$wat->doWatermarkText($path, osc_watermark_text_color(), osc_watermark_text(), 'image/jpeg');
} elseif (osc_is_watermark_image()) {
$wat->doWatermarkImage($path, 'image/jpeg');
}
// Create preview
$path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '_preview.jpg';
$size = explode('x', osc_preview_dimensions());
ImageResizer::fromFile($path_normal)->resizeTo($size[0], $size[1])->saveToFile($path);
// Create thumbnail
$path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '_thumbnail.jpg';
$size = explode('x', osc_thumbnail_dimensions());
ImageResizer::fromFile($path_normal)->resizeTo($size[0], $size[1])->saveToFile($path);
// update resource info
ItemResource::newInstance()->update(array('s_path' => 'oc-content/uploads/', 's_name' => osc_genRandomPassword(), 's_extension' => 'jpg', 's_content_type' => 'image/jpeg'), array('pk_i_id' => $resource['pk_i_id']));
osc_run_hook('regenerated_image', ItemResource::newInstance()->findByPrimaryKey($resource['pk_i_id']));
// si extension es direfente a jpg, eliminar las imagenes con $extension si hay
if ($extension != 'jpg') {
$files_to_remove = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . "*" . $extension;
$fs = glob($files_to_remove);
if (is_array($fs)) {
array_map("unlink", $fs);
}
}
// ....
} else {
// no es imagen o imagen sin extesión
}
}
osc_add_flash_ok_message(_m('Re-generation complete'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=images');
break;
case 'category':
$this->doView('tools/category.php');
break;
case 'category_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=category');
}
osc_update_cat_stats();
osc_add_flash_ok_message(_m("Recount category stats has been successful"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=category');
break;
case 'locations':
$this->doView('tools/locations.php');
break;
case 'locations_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=locations');
}
$workToDo = LocationsTmp::newInstance()->count();
if ($workToDo > 0) {
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=locations');
break;
}
// we need populate location tmp table
$aCountry = Country::newInstance()->listAll();
foreach ($aCountry as $country) {
$aRegionsCountry = Region::newInstance()->getByCountry($country['pk_c_code']);
LocationsTmp::newInstance()->insert(array('id_location' => $country['pk_c_code'], 'e_type' => 'COUNTRY'));
foreach ($aRegionsCountry as $region) {
$aCitiesRegion = City::newInstance()->getByRegion($region['pk_i_id']);
LocationsTmp::newInstance()->insert(array('id_location' => $region['pk_i_id'], 'e_type' => 'REGION'));
foreach ($aCitiesRegion as $city) {
LocationsTmp::newInstance()->insert(array('id_location' => $city['pk_i_id'], 'e_type' => 'CITY'));
}
unset($aCitiesRegion);
}
unset($aRegionsCountry);
}
unset($aCountry);
$workToDo = LocationsTmp::newInstance()->count();
Preference::newInstance()->replace('location_todo', $workToDo);
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=locations');
break;
case 'upgrade':
$this->doView('tools/upgrade.php');
break;
case 'backup':
$this->doView('tools/backup.php');
break;
case 'backup-sql':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
}
//databasse dump...
if (Params::getParam('bck_dir') != '') {
$path = trim(Params::getParam('bck_dir'));
if (substr($path, -1, 1) != "/") {
$path .= '/';
}
} else {
$path = osc_base_path();
}
$filename = 'OSClass_mysqlbackup.' . date('YmdHis') . '.sql';
switch (osc_dbdump($path, $filename)) {
case -1:
$msg = _m('Path is empty');
osc_add_flash_error_message($msg, 'admin');
break;
case -2:
$msg = sprintf(_m('Could not connect with the database. Error: %s'), mysql_error());
osc_add_flash_error_message($msg, 'admin');
break;
case -3:
$msg = _m('There are no tables to back up');
osc_add_flash_error_message($msg, 'admin');
break;
case -4:
$msg = _m('The folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
default:
$msg = _m('Backup completed successfully');
osc_add_flash_ok_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
break;
case 'backup-sql_file':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
}
//databasse dump...
$filename = 'OSClass_mysqlbackup.' . date('YmdHis') . '.sql';
$path = sys_get_temp_dir() . "/";
switch (osc_dbdump($path, $filename)) {
case -1:
$msg = _m('Path is empty');
osc_add_flash_error_message($msg, 'admin');
break;
case -2:
$msg = sprintf(_m('Could not connect with the database. Error: %s'), mysql_error());
osc_add_flash_error_message($msg, 'admin');
break;
case -3:
$msg = sprintf(_m('Could not select the database. Error: %s'), mysql_error());
osc_add_flash_error_message($msg, 'admin');
break;
case -4:
$msg = _m('There are no tables to back up');
osc_add_flash_error_message($msg, 'admin');
break;
case -5:
$msg = _m('The folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
default:
$msg = _m('Backup completed successfully');
osc_add_flash_ok_message($msg, 'admin');
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($filename));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($path . $filename));
flush();
readfile($path . $filename);
exit;
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
break;
case 'backup-zip_file':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
}
$filename = "OSClass_backup." . date('YmdHis') . ".zip";
$path = sys_get_temp_dir() . "/";
if (osc_zip_folder(osc_base_path(), $path . $filename)) {
$msg = _m('Archived successfully!');
osc_add_flash_ok_message($msg, 'admin');
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($filename));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($path . $filename));
flush();
readfile($path . $filename);
exit;
} else {
$msg = _m('Error, the zip file was not created in the specified directory');
osc_add_flash_error_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
break;
case 'backup-zip':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
}
//zip of the code just to back it up
if (Params::getParam('bck_dir') != '') {
$archive_name = trim(Params::getParam('bck_dir'));
if (substr(trim($archive_name), -1, 1) != "/") {
$archive_name .= '/';
}
$archive_name = Params::getParam('bck_dir') . '/OSClass_backup.' . date('YmdHis') . '.zip';
} else {
$archive_name = osc_base_path() . "OSClass_backup." . date('YmdHis') . ".zip";
}
$archive_folder = osc_base_path();
if (osc_zip_folder($archive_folder, $archive_name)) {
$msg = _m('Archived successfully!');
osc_add_flash_ok_message($msg, 'admin');
} else {
$msg = _m('Error, the zip file was not created in the specified directory');
osc_add_flash_error_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
break;
case 'backup_post':
$this->doView('tools/backup.php');
break;
case 'maintenance':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->doView('tools/maintenance.php');
break;
}
$mode = Params::getParam('mode');
if ($mode == 'on') {
$maintenance_file = osc_base_path() . '.maintenance';
$fileHandler = @fopen($maintenance_file, 'w');
if ($fileHandler) {
osc_add_flash_ok_message(_m('Maintenance mode is ON'), 'admin');
} else {
osc_add_flash_error_message(_m('There was an error creating the .maintenance file, please create it manually at the root folder'), 'admin');
}
fclose($fileHandler);
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=maintenance');
} else {
if ($mode == 'off') {
$deleted = @unlink(osc_base_path() . '.maintenance');
if ($deleted) {
osc_add_flash_ok_message(_m('Maintenance mode is OFF'), 'admin');
} else {
osc_add_flash_error_message(_m('There was an error removing the .maintenance file, please remove it manually from the root folder'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=maintenance');
}
}
$this->doView('tools/maintenance.php');
break;
default:
}
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (osc_reg_user_post() && $this->user == null) {
// CHANGEME: This text
osc_add_flash_error_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->getByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->getByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
if (Session::newInstance()->_getForm('countryId') != "") {
$countryId = Session::newInstance()->_getForm('countryId');
$regions = Region::newInstance()->getByCountry($countryId);
$this->_exportVariableToView('regions', $regions);
if (Session::newInstance()->_getForm('regionId') != "") {
$regionId = Session::newInstance()->_getForm('regionId');
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", $regionId);
$this->_exportVariableToView('cities', $cities);
}
}
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_error_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_base_url(true));
}
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(true);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
// POST ITEM ( ADD ITEM )
$success = $mItems->add();
if ($success != 1 && $success != 2) {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_post_url());
} else {
Session::newInstance()->_dropkeepForm('meta_' . $key);
if ($success == 1) {
osc_add_flash_ok_message(_m('Check your inbox to verify your email address'));
} else {
osc_add_flash_ok_message(_m('Your item has been published'));
}
$itemId = Params::getParam('itemId');
$item = $this->itemManager->findByPrimaryKey($itemId);
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
}
break;
case 'item_edit':
// edit item
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView('item', $item);
osc_run_hook("before_item_edit", $item);
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
osc_add_flash_error_message(_m('Sorry, we don\'t have any items with that ID'));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$success = $mItems->edit();
osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id));
if ($success == 1) {
osc_add_flash_ok_message(_m('Great! We\'ve just updated your item'));
$this->redirectTo(osc_base_url(true) . "?page=item&id={$id}");
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['b_active'] == 0) {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_ok_message(_m('The item has been validated'));
} else {
osc_add_flash_error_message(_m('The item can\'t be validated'));
}
} else {
osc_add_flash_error_message(_m('The item has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_ok_message(_m('Your item has been deleted'));
} else {
osc_add_flash_error_message(_m('The item you are trying to delete couldn\'t be deleted'));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m('The item you are trying to delete couldn\'t be deleted'));
$this->redirectTo(osc_base_url());
}
break;
case 'mark':
$mItem = new ItemActions(false);
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
$mItem->mark($id, $as);
osc_add_flash_ok_message(_m('Thanks! That\'s very helpful'));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_send_friend_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$mItem = new ItemActions(false);
$success = $mItem->send_friend();
if ($success) {
Session::newInstance()->_clearVariables();
$this->redirectTo(osc_item_url());
} else {
$this->redirectTo(osc_item_send_friend_url());
}
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
if (empty($item)) {
osc_add_flash_error_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
$this->_exportVariableToView('item', $item);
if (osc_item_is_expired()) {
osc_add_flash_error_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
$this->doView('item-contact.php');
} else {
osc_add_flash_error_message(_m('You can\'t contact the seller, only registered users can'));
$this->redirectTo(osc_item_url());
}
}
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date && $item['b_premium'] != 1) {
// The item is expired, we can not contact the seller
osc_add_flash_error_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
}
$mItem = new ItemActions(false);
$result = $mItem->contact();
if (is_string($result)) {
osc_add_flash_error_message($result);
} else {
osc_add_flash_ok_message(_m('We\'ve just sent an e-mail to the seller'));
}
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
osc_add_flash_error_message($msg);
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
osc_add_flash_error_message($msg);
break;
case 2:
$msg = _m('Your comment has been approved');
osc_add_flash_ok_message($msg);
break;
case 3:
$msg = _m('Please fill the required fields (name, email)');
osc_add_flash_error_message($msg);
break;
case 4:
$msg = _m('Please type a comment');
osc_add_flash_error_message($msg);
break;
case 5:
$msg = _m('Your comment has been marked as spam');
osc_add_flash_error_message($msg);
break;
}
$this->redirectTo(osc_item_url());
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_error_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_error_message(_m('The comment doesn\'t exist'));
$this->redirectTo(osc_item_url());
}
if ($aComment['b_active'] != 1) {
osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_ok_message(_m('The comment has been deleted'));
$this->redirectTo(osc_item_url());
break;
default:
if (Params::getParam('id') == '') {
$this->redirectTo(osc_base_url());
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist redirect to base url
if (count($item) == 0) {
osc_add_flash_error_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
if ($item['b_active'] != 1) {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_error_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users'));
} else {
osc_add_flash_error_message(_m('This item hasn\'t been validated'));
$this->redirectTo(osc_base_url(true));
}
} else {
if ($item['b_enabled'] == 0) {
osc_add_flash_error_message(_m('The item has been suspended'));
$this->redirectTo(osc_base_url(true));
}
}
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
$this->_exportVariableToView('items', array($item));
osc_run_hook('show_item', $item);
$this->doView('item.php');
}
break;
case 'dashboard':
//dashboard...
break;
}
}
function prepareData($is_add)
{
$input = array();
if ( $is_add ) {
$input['s_secret'] = osc_genRandomPassword();
$input['dt_reg_date'] = date('Y-m-d H:i:s');
} else {
$input['dt_mod_date'] = date('Y-m-d H:i:s');
}
//only for administration, in the public website this two params are edited separately
if ( $this->is_admin || $is_add ) {
$input['s_email'] = Params::getParam('s_email');
//if we want to change the password
if( Params::getParam('s_password', false, false) != '') {
$input['s_password'] = osc_hash_password(Params::getParam('s_password', false, false));
}
$input['s_username'] = osc_sanitize_username(Params::getParam('s_username'));
}
$input['s_name'] = trim(Params::getParam('s_name'));
$input['s_website'] = trim(Params::getParam('s_website'));
$input['s_phone_land'] = trim(Params::getParam('s_phone_land'));
$input['s_phone_mobile'] = trim(Params::getParam('s_phone_mobile'));
if(strtolower(substr($input['s_website'], 0, 4))!=='http') {
$input['s_website'] = 'http://'.$input['s_website'];
}
$input['s_website'] = osc_sanitize_url($input['s_website']);
if ( ! osc_validate_url($input['s_website'])) $input['s_website'] = '';
//locations...
$country = Country::newInstance()->findByCode( Params::getParam('countryId') );
if(count($country) > 0) {
$countryId = $country['pk_c_code'];
$countryName = $country['s_name'];
} else {
$countryId = null;
$countryName = Params::getParam('country');
}
if( intval( Params::getParam('regionId') ) ) {
$region = Region::newInstance()->findByPrimaryKey( Params::getParam('regionId') );
if( count($region) > 0 ) {
$regionId = $region['pk_i_id'];
$regionName = $region['s_name'];
}
} else {
$regionId = null;
$regionName = Params::getParam('region');
}
if( intval( Params::getParam('cityId') ) ) {
$city = City::newInstance()->findByPrimaryKey( Params::getParam('cityId') );
if( count($city) > 0 ) {
$cityId = $city['pk_i_id'];
$cityName = $city['s_name'];
}
} else {
$cityId = null;
$cityName = Params::getParam('city');
}
$input['fk_c_country_code'] = $countryId;
$input['s_country'] = $countryName;
$input['fk_i_region_id'] = $regionId;
$input['s_region'] = $regionName;
$input['fk_i_city_id'] = $cityId;
$input['s_city'] = $cityName;
$input['s_city_area'] = Params::getParam('cityArea');
$input['s_address'] = Params::getParam('address');
$input['s_zip'] = Params::getParam('zip');
$input['d_coord_lat'] = (Params::getParam('d_coord_lat') != '') ? Params::getParam('d_coord_lat') : null;
$input['d_coord_long'] = (Params::getParam('d_coord_long') != '') ? Params::getParam('d_coord_long') : null;
$input['b_company'] = (Params::getParam('b_company') != '' && Params::getParam('b_company') != 0) ? 1 : 0;
return($input);
}
function prepareData($is_add)
{
$input = array();
if ($is_add) {
$input['s_secret'] = osc_genRandomPassword();
$input['dt_reg_date'] = date('Y-m-d H:i:s');
} else {
$input['dt_mod_date'] = date('Y-m-d H:i:s');
}
//only for administration, in the public website this two params are edited separately
if ($this->is_admin || $is_add) {
$input['s_email'] = Params::getParam('s_email');
if (Params::getParam('s_password', false, false) != Params::getParam('s_password2', false, false)) {
return 1;
}
//if we want to change the password
if (Params::getParam('s_password', false, false) != '') {
$input['s_password'] = sha1(Params::getParam('s_password', false, false));
}
}
$input['s_name'] = Params::getParam('s_name');
$input['s_website'] = Params::getParam('s_website');
$input['s_phone_land'] = Params::getParam('s_phone_land');
$input['s_phone_mobile'] = Params::getParam('s_phone_mobile');
//locations...
$country = Country::newInstance()->findByCode(Params::getParam('countryId'));
if (count($country) > 0) {
$countryId = $country['pk_c_code'];
$countryName = $country['s_name'];
} else {
$countryId = null;
$countryName = null;
}
if (intval(Params::getParam('regionId'))) {
$region = Region::newInstance()->findByPrimaryKey(Params::getParam('regionId'));
if (count($region) > 0) {
$regionId = $region['pk_i_id'];
$regionName = $region['s_name'];
}
} else {
$regionId = null;
$regionName = Params::getParam('region');
}
if (intval(Params::getParam('cityId'))) {
$city = City::newInstance()->findByPrimaryKey(Params::getParam('cityId'));
if (count($city) > 0) {
$cityId = $city['pk_i_id'];
$cityName = $city['s_name'];
}
} else {
$cityId = null;
$cityName = Params::getParam('city');
}
$input['fk_c_country_code'] = $countryId;
$input['s_country'] = $countryName;
$input['fk_i_region_id'] = $regionId;
$input['s_region'] = $regionName;
$input['fk_i_city_id'] = $cityId;
$input['s_city'] = $cityName;
$input['s_city_area'] = Params::getParam('cityArea');
$input['s_address'] = Params::getParam('address');
$input['b_company'] = Params::getParam('b_company') != '' && Params::getParam('b_company') != 0 ? 1 : 0;
return $input;
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
foreach ($cities as $k => $city) {
$cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")";
}
echo json_encode($cities);
break;
case 'location_countries':
// This is the autocomplete AJAX
$countries = Country::newInstance()->ajax(Params::getParam("term"));
echo json_encode($countries);
break;
case 'location_regions':
// This is the autocomplete AJAX
$regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country"));
echo json_encode($regions);
break;
case 'location_cities':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region"));
echo json_encode($cities);
break;
case 'delete_image':
// Delete images via AJAX
$ajax_photo = Params::getParam('ajax_photo');
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
$json = array();
if ($ajax_photo != '') {
$files = Session::newInstance()->_get('ajax_files');
$success = false;
foreach ($files as $uuid => $file) {
if ($file == $ajax_photo) {
$filename = $files[$uuid];
unset($files[$uuid]);
Session::newInstance()->_set('ajax_files', $files);
$success = @unlink(osc_content_path() . 'uploads/temp/' . $filename);
break;
}
}
echo json_encode(array('success' => $success, 'msg' => $success ? _m('The selected photo has been successfully deleted') : _m("The selected photo couldn't be deleted")));
return false;
}
if (Session::newInstance()->_get('userId') != '') {
$userId = Session::newInstance()->_get('userId');
$user = User::newInstance()->findByPrimaryKey($userId);
} else {
$userId = null;
$user = null;
}
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
$json['success'] = false;
$json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist");
echo json_encode($json);
return false;
}
$aItem = Item::newInstance()->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't exist");
echo json_encode($json);
return false;
}
if (!osc_is_admin_user_logged_in()) {
// Check if the item belong to the user
if ($userId != null && $userId != $aItem['fk_i_user_id']) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't belong to you");
echo json_encode($json);
return false;
}
// Check if the secret passphrase match with the item
if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't belong to you");
echo json_encode($json);
return false;
}
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->existResource($id, $code);
if ($result > 0) {
$resource = ItemResource::newInstance()->findByPrimaryKey($id);
if ($resource['fk_i_item_id'] == $item) {
// Delete: file, db table entry
if (defined(OC_ADMIN)) {
osc_deleteResource($id, true);
Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id());
} else {
osc_deleteResource($id, false);
Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id());
}
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
$json['msg'] = _m('The selected photo has been successfully deleted');
$json['success'] = 'true';
} else {
$json['msg'] = _m("The selected photo does not belong to you");
$json['success'] = 'false';
}
} else {
$json['msg'] = _m("The selected photo couldn't be deleted");
$json['success'] = 'false';
}
echo json_encode($json);
return true;
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$encoded_alert = Params::getParam("alert");
$alert = osc_decrypt_alert(base64_decode($encoded_alert));
// check alert integrity / signature
$stringToSign = osc_get_alert_public_key() . $encoded_alert;
$signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign));
$server_signature = Session::newInstance()->_get('alert_signature');
if ($server_signature != $signature) {
echo '-2';
return false;
}
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if (osc_is_web_user_logged_in()) {
$userid = osc_logged_user_id();
$user = User::newInstance()->findByPrimaryKey($userid);
$email = $user['s_email'];
}
if ($alert != '' && $email != '') {
if (osc_validate_email($email)) {
$secret = osc_genRandomPassword();
if ($alertID = Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) {
if ((int) $userid > 0) {
$user = User::newInstance()->findByPrimaryKey($userid);
if ($user['b_active'] == 1 && $user['b_enabled'] == 1) {
Alerts::newInstance()->activate($alertID);
echo '1';
return true;
} else {
echo '-1';
return false;
}
} else {
$aAlert = Alerts::newInstance()->findByPrimaryKey($alertID);
osc_run_hook('hook_email_alert_validation', $aAlert, $email, $secret);
}
echo "1";
} else {
echo "0";
}
return true;
} else {
echo '-1';
return false;
}
}
echo '0';
return false;
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_' . $hook);
break;
}
break;
case 'custom':
// Execute via AJAX custom file
if (Params::existParam('route')) {
$routes = Rewrite::newInstance()->getRoutes();
$rid = Params::getParam('route');
$file = '../';
if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
$file = $routes[$rid]['file'];
}
} else {
// DEPRECATED: Disclosed path in URL is deprecated, use routes instead
// This will be REMOVED in 3.4
$file = Params::getParam('ajaxfile');
}
if ($file == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (strpos($file, '../') !== false || strpos($file, '..\\') !== false || stripos($file, '/admin/') !== false) {
//If the file is inside an "admin" folder, it should NOT be opened in frontend
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $file)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $file;
break;
case 'check_username_availability':
$username = osc_sanitize_username(Params::getParam('s_username'));
if (!osc_is_username_blacklisted($username)) {
$user = User::newInstance()->findByUsername($username);
if (isset($user['s_username'])) {
echo json_encode(array('exists' => 1, 's_username' => $username));
} else {
echo json_encode(array('exists' => 0, 's_username' => $username));
}
} else {
echo json_encode(array('exists' => 1, 's_username' => $username));
}
break;
case 'ajax_upload':
// Include the uploader class
require_once LIB_PATH . "AjaxUploader.php";
$uploader = new AjaxUploader();
$original = pathinfo($uploader->getOriginalName());
$filename = uniqid("qqfile_") . "." . $original['extension'];
$result = $uploader->handleUpload(osc_content_path() . 'uploads/temp/' . $filename);
$result['uploadName'] = $filename;
echo htmlspecialchars(json_encode($result), ENT_NOQUOTES);
break;
case 'ajax_validate':
$id = Params::getParam('id');
if (!is_numeric($id)) {
echo json_encode(array('success' => false));
die;
}
$secret = Params::getParam('secret');
$item = Item::newInstance()->findByPrimaryKey($id);
if ($item['s_secret'] != $secret) {
echo json_encode(array('success' => false));
die;
}
$nResources = ItemResource::newInstance()->countResources($id);
$result = array('success' => $nResources < osc_max_images_per_item(), 'count' => $nResources);
echo json_encode($result);
break;
case 'delete_ajax_upload':
$files = Session::newInstance()->_get('ajax_files');
$success = false;
$filename = '';
if (isset($files[Params::getParam('qquuid')]) && $files[Params::getParam('qquuid')] != '') {
$filename = $files[Params::getParam('qquuid')];
unset($files[Params::getParam('qquuid')]);
Session::newInstance()->_set('ajax_files', $files);
$success = @unlink(osc_content_path() . 'uploads/temp/' . $filename);
}
echo json_encode(array('success' => $success, 'uploadName' => $filename));
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
function doModel()
{
switch ($this->action) {
case 'dashboard':
//dashboard...
$max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
$aItems = Item::newInstance()->findByUserIDEnabled(Session::newInstance()->_get('userId'), 0, $max_items);
//calling the view...
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('max_items', $max_items);
$this->doView('user-dashboard.php');
break;
case 'profile':
//profile...
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($user['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
} elseif (count($aCountries) > 0) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
$aCities = array();
if ($user['fk_i_region_id'] != '') {
$aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
}
//calling the view...
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('user', $user);
$this->doView('user-profile.php');
break;
case 'profile_post':
//profile post...
$userId = Session::newInstance()->_get('userId');
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->edit($userId);
osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
$this->redirectTo(osc_user_profile_url());
break;
case 'alerts':
//alerts
$aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'));
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
foreach ($aAlerts as $k => $a) {
$search = osc_unserialize(base64_decode($a['s_search']));
$search->limit(0, 3);
$aAlerts[$k]['items'] = $search->doSearch();
}
$this->_exportVariableToView('alerts', $aAlerts);
View::newInstance()->_reset('alerts');
$this->_exportVariableToView('user', $user);
$this->doView('user-alerts.php');
break;
case 'change_email':
//change email
$this->doView('user-change_email.php');
break;
case 'change_email_post':
//change email post
if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) {
osc_add_flash_error_message(_m('The specified e-mail is not valid'));
$this->redirectTo(osc_change_user_email_url());
} else {
$user = User::newInstance()->findByEmail(Params::getParam('new_email'));
if (!isset($user['pk_i_id'])) {
$userEmailTmp = array();
$userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
$userEmailTmp['s_new_email'] = Params::getParam('new_email');
UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
$code = osc_genRandomPassword(30);
$date = date('Y-m-d H:i:s');
$userManager = new User();
$userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
$validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified e-mail is already in use'));
$this->redirectTo(osc_change_user_email_url());
}
}
break;
case 'change_password':
//change password
$this->doView('user-change_password.php');
break;
case 'change_password_post':
//change password post
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
if (Params::getParam('password') == '' || Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_change_user_password_url());
}
if ($user['s_password'] != sha1(Params::getParam('password'))) {
osc_add_flash_error_message(_m('Current password doesn\'t match'));
$this->redirectTo(osc_change_user_password_url());
}
if (!Params::getParam('new_password')) {
osc_add_flash_error_message(_m('Passwords can\'t be empty'));
$this->redirectTo(osc_change_user_password_url());
}
if (Params::getParam('new_password') != Params::getParam('new_password2')) {
osc_add_flash_error_message(_m('Passwords don\'t match'));
$this->redirectTo(osc_change_user_password_url());
}
User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('Password has been changed'));
$this->redirectTo(osc_user_profile_url());
break;
case 'items':
// view items user
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5;
$page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0;
$total_items = Item::newInstance()->countByUserIDEnabled($_SESSION['userId']);
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findByUserIDEnabled($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('list_total_pages', $total_pages);
$this->_exportVariableToView('list_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('list_page', $page);
$this->doView('user-items.php');
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator'));
}
$this->redirectTo(osc_base_url(true));
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
if ($email != '' && $secret != '') {
Alerts::newInstance()->delete(array('s_email' => $email, 's_secret' => $secret));
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator'));
}
$this->redirectTo(osc_user_alerts_url());
break;
case 'deleteResource':
$id = Params::getParam('id');
$name = Params::getParam('name');
$fkid = Params::getParam('fkid');
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name));
$this->redirectTo(osc_base_url(true) . "?page=item&action=item_edit&id=" . $fkid);
break;
}
}
function location()
{
$aRegions = Region::newInstance()->listAll();
if (count($aRegions) >= 0) {
?>
<select id="regionId" name="sRegion" class="form-control">
<option value=""><?php
_e("Select a region...");
?>
</option>
<?php
foreach ($aRegions as $region) {
?>
<option id="idregioni" value="<?php
echo $region['pk_i_id'];
?>
"<?php
if (Params::getParam('sRegion') == $region['pk_i_id']) {
?>
selected<?php
}
?>
><?php
echo $region['s_name'];
?>
</option>
<?php
}
?>
</select>
<?php
}
?>
<br />
<?php
$aCities = City::newInstance()->getByRegion($cityId);
if (count($aCities) >= 0) {
?>
<select name="sCity" id="cityId" class="form-control">
<option value=""><?php
_e("Select a city...");
?>
</option>
<?php
foreach ($aCities as $city) {
?>
<option value="<?php
echo $city['pk_i_id'];
?>
"<?php
if (Params::getParam('sCity') == $city['pk_i_id']) {
?>
selected<?php
}
?>
><?php
echo $city['s_name'];
?>
</option>
<?php
}
?>
</select>
<?php
}
?>
<script>
$(document).ready(function(){
$("#countryId").live("change",function(){
var pk_c_code = $(this).val();
<?php
if ($path == "admin") {
?>
var url = '<?php
echo osc_admin_base_url(true) . "?page=ajax&action=regions&countryId=";
?>
' + pk_c_code;
<?php
} else {
?>
var url = '<?php
echo osc_base_url(true) . "?page=ajax&action=regions&countryId=";
?>
' + pk_c_code;
<?php
}
?>
var result = '';
if(pk_c_code != '') {
$("#regionId").attr('disabled',false);
$("#cityId").attr('disabled',true);
$.ajax({
type: "POST",
url: url,
dataType: 'json',
success: function(data){
var length = data.length;
if(length > 0) {
result += '<option value=""><?php
_e("Select a region...");
?>
</option>';
for(key in data) {
result += '<option value="' + data[key].pk_i_id + '">' + data[key].s_name + '</option>';
}
$("#region").before('<select class="form-control" name="regionId" id="regionId" ></select>');
$("#region").remove();
$("#city").before('<select class="form-control" name="cityId" id="cityId" ></select>');
$("#city").remove();
$("#regionId").val("");
} else {
$("#regionId").before('<input class="form-control" placeholder="<?php
_e("Enter region...");
?>
"type="text" name="region" id="region" />');
$("#regionId").remove();
$("#cityId").before('<input class="form-control" placeholder="<?php
_e("Enter city...");
?>
" type="text" name="city" id="city" />');
$("#cityId").remove();
}
$("#regionId").html(result);
$("#cityId").html('<option selected value=""><?php
_e("Select a city...");
?>
</option>');
}
});
} else {
// add empty select
$("#region").before('<select name="regionId" class="form-control" id="regionId" ><option value=""><?php
_e("Select a region...");
?>
</option></select>');
$("#region").remove();
$("#city").before('<select name="cityId" class="form-control" id="cityId" ><option value=""><?php
_e("Select a city...");
?>
</option></select>');
$("#city").remove();
if( $("#regionId").length > 0 ){
$("#regionId").html('<option value=""><?php
_e("Select a region...");
?>
</option>');
} else {
$("#region").before('<select name="regionId" class="form-control" id="regionId" ><option value=""><?php
_e("Select a region...");
?>
</option></select>');
$("#region").remove();
}
if( $("#cityId").length > 0 ){
$("#cityId").html('<option value=""><?php
_e("Select a city...");
?>
</option>');
} else {
$("#city").before('<select name="cityId" class="form-control" id="cityId" ><option value=""><?php
_e("Select a city...");
?>
</option></select>');
$("#city").remove();
}
$("#regionId").attr('disabled',true);
$("#cityId").attr('disabled',true);
}
});
$("#regionId").live("change",function(){
var pk_c_code = $(this).val();
<?php
if ($path == "admin") {
?>
var url = '<?php
echo osc_admin_base_url(true) . "?page=ajax&action=cities®ionId=";
?>
' + pk_c_code;
<?php
} else {
?>
var url = '<?php
echo osc_base_url(true) . "?page=ajax&action=cities®ionId=";
?>
' + pk_c_code;
<?php
}
?>
var result = '';
if(pk_c_code != '') {
$("#cityId").attr('disabled',false);
$.ajax({
type: "POST",
url: url,
dataType: 'json',
success: function(data){
var length = data.length;
if(length > 0) {
result += '<option selected value=""><?php
_e("Select a city...");
?>
</option>';
for(key in data) {
result += '<option value="' + data[key].pk_i_id + '">' + data[key].s_name + '</option>';
}
$("#city").before('<select class="form-control" name="cityId" id="cityId" ></select>');
$("#city").remove();
} else {
result += '<option value=""><?php
_e('No results');
?>
</option>';
$("#cityId").before('<input type="text" name="city" id="city" />');
$("#cityId").remove();
}
$("#cityId").html(result);
}
});
} else {
$("#cityId").attr('disabled',true);
}
});
if( $("#regionId").attr('value') == "") {
$("#cityId").attr('disabled',true);
}
if($("#countryIds").length != 0) {
if( $("#countryIds").attr('type').match(/select-one/) ) {
if( $("#countryIds").attr('value') == "") {
$("#regionId").attr('disabled',true);
}
}
}
});
</script>
<?php
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'userajax':
// This is the autocomplete AJAX
$users = User::newInstance()->ajax(Params::getParam("term"));
if (count($users) == 0) {
echo json_encode(array(0 => array('id' => '', 'label' => __('No results'), 'value' => __('No results'))));
} else {
echo json_encode($users);
}
break;
case 'date_format':
echo json_encode(array('format' => Params::getParam('format'), 'str_formatted' => osc_format_date(date(Params::getParam('format')))));
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_admin_' . $hook);
break;
}
break;
case 'items':
// Return items (use external file oc-admin/ajax/item_processing.php)
require_once osc_admin_base_path() . 'ajax/items_processing.php';
$items_processing = new ItemsProcessingAjax(Params::getParamsAsArray("get"));
break;
case 'users':
// Return items (use external file oc-admin/ajax/item_processing.php)
require_once osc_admin_base_path() . 'ajax/users_processing.php';
$users_processing = new UsersProcessingAjax(Params::getParamsAsArray("get"));
break;
case 'media':
// Return items (use external file oc-admin/ajax/media_processing.php)
require_once osc_admin_base_path() . 'ajax/media_processing.php';
$media_processing = new MediaProcessingAjax(Params::getParamsAsArray("get"));
break;
case 'categories_order':
// Save the order of the categories
$aIds = Params::getParam('list');
$orderParent = 0;
$orderSub = 0;
$catParent = 0;
$error = 0;
$catManager = Category::newInstance();
$aRecountCat = array();
foreach ($aIds as $id => $parent) {
if ($parent == 'root') {
$res = $catManager->updateOrder($id, $orderParent);
if (is_bool($res) && !$res) {
$error = 1;
}
// find category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
// set parent category
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = NULL;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
$parentId = $auxCategory['fk_i_parent_id'];
if ($parentId) {
// update parent category stats
array_push($aRecountCat, $id);
array_push($aRecountCat, $parentId);
}
}
}
$orderParent++;
} else {
if ($parent != $catParent) {
$catParent = $parent;
$orderSub = 0;
}
$res = $catManager->updateOrder($id, $orderSub);
if (is_bool($res) && !$res) {
$error = 1;
}
// set parent category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
$auxCategoryP = Category::newInstance()->findByPrimaryKey($catParent);
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = $catParent;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
// update category parent
$prevParentId = $auxCategory['fk_i_parent_id'];
$parentId = $auxCategoryP['pk_i_id'];
array_push($aRecountCat, $prevParentId);
array_push($aRecountCat, $parentId);
}
}
$orderSub++;
}
}
// update category stats
foreach ($aRecountCat as $rId) {
osc_update_cat_stats_id($rId);
}
if ($error) {
$result = array('error' => __("Some error ocurred"));
} else {
$result = array('ok' => __("Order saved"));
}
echo json_encode($result);
break;
case 'category_edit_iframe':
$this->_exportVariableToView('category', Category::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView('languages', OSCLocale::newInstance()->listAllEnabled());
$this->doView("categories/iframe.php");
break;
case 'field_categories_iframe':
$selected = Field::newInstance()->categories(Params::getParam("id"));
if ($selected == null) {
$selected = array();
}
$this->_exportVariableToView("selected", $selected);
$this->_exportVariableToView("field", Field::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->doView("fields/iframe.php");
break;
case 'field_categories_post':
$error = 0;
$field = Field::newInstance()->findByName(Params::getParam("s_name"));
if (!isset($field['pk_i_id']) || isset($field['pk_i_id']) && $field['pk_i_id'] == Params::getParam("id")) {
// remove categories from a field
Field::newInstance()->cleanCategoriesFromField(Params::getParam("id"));
// no error... continue updating fields
if ($error == 0) {
$slug = Params::getParam("field_slug") != '' ? Params::getParam("field_slug") : Params::getParam("s_name");
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($slug)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
$res = Field::newInstance()->update(array('s_name' => Params::getParam("s_name"), 'e_type' => Params::getParam("field_type"), 's_slug' => $slug, 'b_required' => Params::getParam("field_required") == "1" ? 1 : 0, 's_options' => Params::getParam('s_options')), array('pk_i_id' => Params::getParam("id")));
if (is_bool($res) && !$res) {
$error = 1;
}
}
// no error... continue inserting categories-field
if ($error == 0) {
$aCategories = Params::getParam("categories");
if (is_array($aCategories) && count($aCategories) > 0) {
$res = Field::newInstance()->insertCategories(Params::getParam("id"), $aCategories);
if (!$res) {
$error = 1;
}
}
}
// error while updating?
if ($error == 1) {
$message = __("Error while updating.");
}
} else {
$error = 1;
$message = __("Sorry, you already have one field with that name");
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"), 'text' => Params::getParam("s_name"), 'field_id' => $field['pk_i_id']);
}
echo json_encode($result);
break;
case 'delete_field':
$id = Params::getParam("id");
$error = 0;
$fieldManager = Field::newInstance();
$res = $fieldManager->deleteByPrimaryKey($id);
if ($res > 0) {
$message = __('The custom field have been deleted');
} else {
$error = 1;
$message = __('Error while deleting');
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"));
}
echo json_encode($result);
break;
case 'add_field':
$s_name = __('NEW custom field');
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($s_name)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
$fieldManager = Field::newInstance();
$result = $fieldManager->insertField($s_name, 'TEXT', $slug, 0, '', array());
if ($result) {
echo json_encode(array('error' => 0, 'field_id' => $fieldManager->dao->insertedId(), 'field_name' => $s_name));
} else {
echo json_encode(array('error' => 1));
}
break;
case 'enable_category':
$id = strip_tags(Params::getParam('id'));
$enabled = Params::getParam('enabled') != '' ? Params::getParam('enabled') : 0;
$error = 0;
$result = array();
$aUpdated = array();
$mCategory = Category::newInstance();
$aCategory = $mCategory->findByPrimaryKey($id);
if ($aCategory == false) {
$result = array('error' => sprintf(__("It doesn't exist a category with this id: %d"), $id));
echo json_encode($result);
break;
}
// root category
if ($aCategory['fk_i_parent_id'] == '') {
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
$mCategory->update(array('b_enabled' => $enabled), array('fk_i_parent_id' => $id));
$subCategories = $mCategory->findSubcategories($id);
$aIds = array($id);
$aUpdated[] = array('id' => $id);
foreach ($subCategories as $subcategory) {
$aIds[] = $subcategory['pk_i_id'];
$aUpdated[] = array('id' => $subcategory['pk_i_id']);
}
Item::newInstance()->enableByCategory($enabled, $aIds);
if ($enabled) {
$result = array('ok' => __('The category and its subcategories have been enabled'));
} else {
$result = array('ok' => __('The category and its subcategories have been disabled'));
}
$result['affectedIds'] = $aUpdated;
echo json_encode($result);
break;
}
// subcategory
$parentCategory = $mCategory->findRootCategory($id);
if (!$parentCategory['b_enabled']) {
$result = array('error' => __('Parent category is disabled, you can not enable that category'));
echo json_encode($result);
break;
}
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
if ($enabled) {
$result = array('ok' => __('The subcategory has been enabled'));
} else {
$result = array('ok' => __('The subcategory has been disabled'));
}
$result['affectedIds'] = array(array('id' => $id));
echo json_encode($result);
break;
case 'delete_category':
$id = Params::getParam("id");
$error = 0;
$categoryManager = Category::newInstance();
$res = $categoryManager->deleteByPrimaryKey($id);
if ($res > 0) {
$message = __('The categories have been deleted');
} else {
$error = 1;
$message = __('Error while deleting');
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"));
}
echo json_encode($result);
break;
case 'edit_category_post':
$id = Params::getParam("id");
$fields['i_expiration_days'] = Params::getParam("i_expiration_days") != '' ? Params::getParam("i_expiration_days") : 0;
$error = 0;
$has_one_title = 0;
$postParams = Params::getParamsAsArray();
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_name') {
if ($v != "") {
$has_one_title = 1;
$aFieldsDescription[$m[1]][$m[2]] = $v;
$s_text = $v;
} else {
$aFieldsDescription[$m[1]][$m[2]] = ' ';
$error = 1;
}
} else {
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
}
$l = osc_language();
if ($error == 0 || $error == 1 && $has_one_title == 1) {
$categoryManager = Category::newInstance();
$res = $categoryManager->updateByPrimaryKey(array('fields' => $fields, 'aFieldsDescription' => $aFieldsDescription), $id);
if (is_bool($res)) {
$error = 2;
}
}
if ($error == 0) {
$msg = __("Category updated correctly");
} else {
if ($error == 1) {
if ($has_one_title == 1) {
$error = 4;
$msg = __('Category updated correctly, but some titles were empty');
} else {
$msg = __('Sorry, at least a title is needed');
}
} else {
if ($error == 2) {
$msg = __('Error while updating');
}
}
}
echo json_encode(array('error' => $error, 'msg' => $msg, 'text' => $aFieldsDescription[$l]['s_name']));
break;
case 'custom':
// Execute via AJAX custom file
$ajaxFile = Params::getParam("ajaxfile");
if ($ajaxFile == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (stripos($ajaxFile, '../') !== false) {
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $ajaxFile)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $ajaxFile;
break;
case 'test_mail':
$title = sprintf(__('Test email, %s'), osc_page_title());
$body = __("Test email") . "<br><br>" . osc_page_title();
$emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error has occurred while sending email'));
}
echo json_encode($array);
break;
case 'order_pages':
$order = Params::getParam("order");
$id = Params::getParam("id");
if ($order != '' && $id != '') {
$mPages = Page::newInstance();
$actual_page = $mPages->findByPrimaryKey($id);
$actual_order = $actual_page['i_order'];
$array = array();
$condition = array();
$new_order = $actual_order;
if ($order == 'up') {
$page = $mPages->findPrevPage($actual_order);
} else {
if ($order == 'down') {
$page = $mPages->findNextPage($actual_order);
}
}
if (isset($page['i_order'])) {
$mPages->update(array('i_order' => $page['i_order']), array('pk_i_id' => $id));
$mPages->update(array('i_order' => $actual_order), array('pk_i_id' => $page['pk_i_id']));
}
// TO BE IMPROVED
// json for datatables
$prefLocale = osc_current_user_locale();
$this->_exportVariableToView('pages', $mPages->listAll(0));
$o_json = array();
while (osc_has_static_pages()) {
$row = array();
$page = osc_static_page();
$content = array();
if (isset($page['locale'][$prefLocale]) && !empty($page['locale'][$prefLocale]['s_title'])) {
$content = $page['locale'][$prefLocale];
} else {
$content = current($page['locale']);
}
$options = array();
$options[] = '<a href="' . osc_static_page_url() . '">' . __('View page') . '</a>';
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=pages&action=edit&id=' . osc_static_page_id() . '">' . __('Edit') . '</a>';
if (!$page['b_indelible']) {
$options[] = '<a onclick="javascript:return confirm(\'' . osc_esc_js("This action can't be undone. Are you sure you want to continue?") . '\')" href="' . osc_admin_base_url(true) . '?page=pages&action=delete&id=' . osc_static_page_id() . '">' . __('Delete') . '</a>';
}
$row[] = '<input type="checkbox" name="id[]"" value="' . osc_static_page_id() . '"" />';
$row[] = $page['s_internal_name'] . '<div id="datatables_quick_edit" style="display: none;">' . implode(' · ', $options) . '</div>';
$row[] = $content['s_title'];
$row[] = osc_static_page_order() . ' <img id="up" onclick="order_up(' . osc_static_page_id() . ');" style="cursor:pointer; width:15px; height:15px;" src="' . osc_current_admin_theme_url('images/arrow_up.png') . '"/> <br/><img id="down" onclick="order_down(' . osc_static_page_id() . ');" style="cursor:pointer; width:15px; height:15px; margin-left: 10px;" src="' . osc_current_admin_theme_url('images/arrow_down.png') . '"/>';
$o_json[] = $row;
}
echo json_encode($o_json);
}
break;
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
case 'upgrade':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
$message = "";
$error = 0;
$sql_error_msg = "";
$rm_errors = 0;
$perms = osc_save_permissions();
osc_change_permissions();
$maintenance_file = ABS_PATH . '.maintenance';
$fileHandler = @fopen($maintenance_file, 'w');
fclose($fileHandler);
/***********************
**** DOWNLOAD FILE ****
***********************/
$data = osc_file_get_contents("http://osclass.org/latest_version.php");
$data = json_decode(substr($data, 1, strlen($data) - 3), true);
$source_file = $data['url'];
if ($source_file != '') {
$tmp = explode("/", $source_file);
$filename = end($tmp);
$result = osc_downloadFile($source_file, $filename);
if ($result) {
// Everything is OK, continue
/**********************
***** UNZIP FILE *****
**********************/
@mkdir(ABS_PATH . 'oc-temp', 0777);
$res = osc_unzip_file(osc_content_path() . 'downloads/' . $filename, ABS_PATH . 'oc-temp/');
if ($res == 1) {
// Everything is OK, continue
/**********************
***** COPY FILES *****
**********************/
$fail = -1;
if ($handle = opendir(ABS_PATH . 'oc-temp')) {
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..' && $_file != 'remove.list' && $_file != 'upgrade.sql' && $_file != 'customs.actions') {
$data = osc_copy(ABS_PATH . "oc-temp/" . $_file, ABS_PATH . $_file);
if ($data == false) {
$fail = 1;
}
}
}
closedir($handle);
if ($fail == 0) {
// Everything is OK, continue
/************************
*** UPGRADE DATABASE ***
************************/
$error_queries = array();
if (file_exists(osc_lib_path() . 'osclass/installer/struct.sql')) {
$sql = file_get_contents(osc_lib_path() . 'osclass/installer/struct.sql');
$conn = DBConnectionClass::newInstance();
$c_db = $conn->getOsclassDb();
$comm = new DBCommandClass($c_db);
$error_queries = $comm->updateDB(str_replace('/*TABLE_PREFIX*/', DB_TABLE_PREFIX, $sql));
}
if ($error_queries[0]) {
// Everything is OK, continue
/**********************************
** EXECUTING ADDITIONAL ACTIONS **
**********************************/
if (file_exists(osc_lib_path() . 'osclass/upgrade-funcs.php')) {
// There should be no errors here
define('AUTO_UPGRADE', true);
require_once osc_lib_path() . 'osclass/upgrade-funcs.php';
}
// Additional actions is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
/****************************
** REMOVE TEMPORARY FILES **
****************************/
$path = ABS_PATH . 'oc-temp';
$rm_errors = 0;
$dir = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::CHILD_FIRST);
for ($dir->rewind(); $dir->valid(); $dir->next()) {
if ($dir->isDir()) {
if ($dir->getFilename() != '.' && $dir->getFilename() != '..') {
if (!rmdir($dir->getPathname())) {
$rm_errors++;
}
}
} else {
if (!unlink($dir->getPathname())) {
$rm_errors++;
}
}
}
if (!rmdir($path)) {
$rm_errors++;
}
$deleted = @unlink(ABS_PATH . '.maintenance');
if ($rm_errors == 0) {
$message = __('Everything was OK! Your OSClass installation is updated');
} else {
$message = __('Almost everything was OK! Your OSClass installation is updated, but there were some errors removing temporary files. Please, remove manually the "oc-temp" folder');
$error = 6;
// Some errors removing files
}
} else {
$sql_error_msg = $error_queries[2];
$message = __('Problems upgrading the database');
$error = 5;
// Problems upgrading the database
}
} else {
$message = __('Problems copying files. Maybe permissions are not correct');
$error = 4;
// Problems copying files. Maybe permissions are not correct
}
} else {
$message = __('Nothing to copy');
$error = 99;
// Nothing to copy. THIS SHOULD NEVER HAPPENS, means we dont update any file!
}
} else {
$message = __('Unzip failed');
$error = 3;
// Unzip failed
}
} else {
$message = __('Download failed');
$error = 2;
// Download failed
}
} else {
$message = __('Missing download URL');
$error = 1;
// Missing download URL
}
if ($error == 5) {
$message .= "<br /><br />" . __('We had some errors upgrading your database. The follwing queries failed') . implode("<br />", $sql_error_msg);
}
echo $message;
foreach ($perms as $k => $v) {
@chmod($k, $v);
}
break;
case 'location_stats':
$workToDo = LocationsTmp::newInstance()->count();
if ($workToDo > 0) {
// there are wotk to do
$aLocations = LocationsTmp::newInstance()->getLocations(1000);
foreach ($aLocations as $location) {
$id = $location['id_location'];
$type = $location['e_type'];
$data = 0;
// update locations stats
switch ($type) {
case 'COUNTRY':
$numItems = CountryStats::newInstance()->calculateNumItems($id);
$data = CountryStats::newInstance()->setNumItems($id, $numItems);
unset($numItems);
break;
case 'REGION':
$numItems = RegionStats::newInstance()->calculateNumItems($id);
$data = RegionStats::newInstance()->setNumItems($id, $numItems);
unset($numItems);
break;
case 'CITY':
$numItems = CityStats::newInstance()->calculateNumItems($id);
$data = CityStats::newInstance()->setNumItems($id, $numItems);
unset($numItems);
break;
default:
break;
}
if ($data >= 0) {
LocationsTmp::newInstance()->delete(array('e_type' => $location['e_type'], 'id_location' => $location['id_location']));
}
}
$array['status'] = 'more';
$array['pending'] = $workToDo = LocationsTmp::newInstance()->count();
echo json_encode($array);
} else {
$array['status'] = 'done';
echo json_encode($array);
}
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
function location_by_city()
{
if (!isset($_POST['country'])) {
return false;
}
if (!isset($_POST['city'])) {
return false;
}
$country = $_POST['country'];
$city = $_POST['city'];
$countries_json = osc_file_get_contents('http://geo.osclass.org/geo.download.php?action=country&term=' . urlencode(implode(',', $country)) . "&install=true");
$countries = json_decode($countries_json);
$manager_country = Country::newInstance();
foreach ($countries as $c) {
$manager_country->insert(array("pk_c_code" => $c->id, "fk_c_locale_code" => $c->locale_code, "s_name" => $c->name));
}
$manager_city = City::newInstance();
$manager_region = Region::newInstance();
foreach ($countries as $c) {
$cities_json = osc_file_get_contents('http://geo.osclass.org/geo.download.php?action=city&country=' . urlencode($c->name) . '&term=' . urlencode(implode(',', $city)));
$cities = json_decode($cities_json);
if (!isset($cities->error)) {
foreach ($cities as $ci) {
$regions_json = osc_file_get_contents('http://geo.osclass.org/geo.download.php?action=region&country=&id=' . $ci->region_id);
$regions = json_decode($regions_json);
foreach ($regions as $r) {
$manager_region->insert(array("pk_i_id" => $r->id, "fk_c_country_code" => $r->country_code, "s_name" => $r->name));
}
$manager_city->insert(array("pk_i_id" => $ci->id, "fk_i_region_id" => $ci->region_id, "s_name" => $ci->name, "fk_c_country_code" => $ci->country_code));
}
}
unset($cities);
unset($cities_json);
}
}
/**
* Gets search url given params
*
* @params array $params
* @return string
*/
function osc_search_url($params = null)
{
if (is_array($params)) {
osc_prune_array($params);
}
$countP = count($params);
if ($countP == 0) {
$params['page'] = 'search';
}
$base_url = osc_base_url();
$http_url = osc_is_ssl() ? "https://" : "http://";
if (osc_subdomain_type() == 'category' && isset($params['sCategory'])) {
if ($params['sCategory'] != Params::getParam('sCategory')) {
if (is_array($params['sCategory'])) {
$params['sCategory'] = implode(",", $params['sCategory']);
}
if ($params['sCategory'] != '' && strpos($params['sCategory'], ",") === false) {
if (is_numeric($params['sCategory'])) {
$category = Category::newInstance()->findByPrimaryKey($params['sCategory']);
} else {
$category = Category::newInstance()->findBySlug($params['sCategory']);
}
if (isset($category['s_slug'])) {
$base_url = $http_url . $category['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL;
unset($params['sCategory']);
}
}
} else {
if (osc_is_subdomain()) {
unset($params['sCategory']);
}
}
} else {
if (osc_subdomain_type() == 'country' && isset($params['sCountry'])) {
if ($params['sCountry'] != Params::getParam('sCountry')) {
if (is_array($params['sCountry'])) {
$params['sCountry'] = implode(",", $params['sCountry']);
}
if ($params['sCountry'] != '' && strpos($params['sCountry'], ",") === false) {
if (is_numeric($params['sCountry'])) {
$country = Country::newInstance()->findByPrimaryKey($params['sCountry']);
} else {
$country = Country::newInstance()->findByCode($params['sCountry']);
}
if (isset($country['s_slug'])) {
$base_url = $http_url . $country['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL;
unset($params['sCountry']);
}
}
} else {
if (osc_is_subdomain()) {
unset($params['sCountry']);
}
}
} else {
if (osc_subdomain_type() == 'region' && isset($params['sRegion'])) {
if ($params['sRegion'] != Params::getParam('sRegion')) {
if (is_array($params['sRegion'])) {
$params['sRegion'] = implode(",", $params['sRegion']);
}
if ($params['sRegion'] != '' && strpos($params['sRegion'], ",") === false) {
if (is_numeric($params['sRegion'])) {
$region = Region::newInstance()->findByPrimaryKey($params['sRegion']);
} else {
$region = Region::newInstance()->findByName($params['sRegion']);
}
if (isset($region['s_slug'])) {
$base_url = $http_url . $region['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL;
unset($params['sRegion']);
}
}
} else {
if (osc_is_subdomain()) {
unset($params['sRegion']);
}
}
} else {
if (osc_subdomain_type() == 'city' && isset($params['sCity'])) {
if ($params['sCity'] != Params::getParam('sCity')) {
if (is_array($params['sCity'])) {
$params['sCity'] = implode(",", $params['sCity']);
}
if ($params['sCity'] != '' && strpos($params['sCity'], ",") === false) {
if (is_numeric($params['sCity'])) {
$city = City::newInstance()->findByPrimaryKey($params['sCity']);
} else {
$city = City::newInstance()->findByName($params['sCity']);
}
if (isset($city['s_slug'])) {
$base_url = $http_url . $city['s_slug'] . "." . osc_subdomain_host() . REL_WEB_URL;
unset($params['sCity']);
}
}
} else {
if (osc_is_subdomain()) {
unset($params['sCity']);
}
}
} else {
if (osc_subdomain_type() == 'user' && isset($params['sUser'])) {
if ($params['sUser'] != Params::getParam('sUser')) {
if (is_array($params['sUser'])) {
$params['sUser'] = implode(",", $params['sUser']);
}
if ($params['sUser'] != '' && strpos($params['sUser'], ",") === false) {
if (is_numeric($params['sUser'])) {
$user = User::newInstance()->findByPrimaryKey($params['sUser']);
} else {
$user = User::newInstance()->findByUsername($params['sUser']);
}
if (isset($user['s_username'])) {
$base_url = $http_url . $user['s_username'] . "." . osc_subdomain_host() . REL_WEB_URL;
unset($params['sUser']);
}
}
} else {
if (osc_is_subdomain()) {
unset($params['sUser']);
}
}
}
}
}
}
}
$countP = count($params);
if ($countP == 0) {
return $base_url;
}
unset($params['page']);
$countP = count($params);
if (osc_rewrite_enabled()) {
$url = $base_url . osc_get_preference('rewrite_search_url');
// CANONICAL URLS
if (isset($params['sCategory']) && !is_array($params['sCategory']) && strpos($params['sCategory'], ',') === false && ($countP == 1 || $countP == 2 && isset($params['iPage']))) {
if (osc_category_id() == $params['sCategory']) {
$category['pk_i_id'] = osc_category_id();
$category['s_slug'] = osc_category_slug();
} else {
if (is_numeric($params['sCategory'])) {
$category = Category::newInstance()->findByPrimaryKey($params['sCategory']);
} else {
$category = Category::newInstance()->findBySlug($params['sCategory']);
}
}
if (isset($category['pk_i_id'])) {
$url = osc_get_preference('rewrite_cat_url');
if (preg_match('|{CATEGORIES}|', $url)) {
$categories = Category::newInstance()->hierarchy($category['pk_i_id']);
$sanitized_categories = array();
$mCat = Category::newInstance();
for ($i = count($categories); $i > 0; $i--) {
$tmpcat = $mCat->findByPrimaryKey($categories[$i - 1]['pk_i_id']);
$sanitized_categories[] = $tmpcat['s_slug'];
}
$url = str_replace('{CATEGORIES}', implode("/", $sanitized_categories), $url);
}
$seo_prefix = '';
if (osc_get_preference('seo_url_search_prefix') != '') {
$seo_prefix = osc_get_preference('seo_url_search_prefix') . '/';
}
$url = str_replace('{CATEGORY_NAME}', $category['s_slug'], $url);
// DEPRECATED : CATEGORY_SLUG is going to be removed in 3.4
$url = str_replace('{CATEGORY_SLUG}', $category['s_slug'], $url);
$url = str_replace('{CATEGORY_ID}', $category['pk_i_id'], $url);
} else {
// Search by a category which does not exists (by form)
// TODO CHANGE TO NEW ROUTES!!
return $base_url . 'index.php?page=search&sCategory=' . urlencode($params['sCategory']);
}
if (isset($params['iPage']) && $params['iPage'] != '' && $params['iPage'] != 1) {
$url .= '/' . $params['iPage'];
}
$url = $base_url . $seo_prefix . $url;
} else {
if (isset($params['sRegion']) && is_string($params['sRegion']) && strpos($params['sRegion'], ',') === false && ($countP == 1 || $countP == 2 && (isset($params['iPage']) || isset($params['sCategory'])) || $countP == 3 && isset($params['iPage']) && isset($params['sCategory']))) {
$url = $base_url;
if (osc_get_preference('seo_url_search_prefix') != '') {
$url .= osc_get_preference('seo_url_search_prefix') . '/';
}
if (isset($params['sCategory'])) {
$_auxSlug = _aux_search_category_slug($params['sCategory']);
if ($_auxSlug != '') {
$url .= $_auxSlug . '_';
}
}
if (isset($params['sRegion'])) {
if (osc_list_region_id() == $params['sRegion']) {
$url .= osc_sanitizeString(osc_list_region_slug()) . '-r' . osc_list_region_id();
} else {
if (is_numeric($params['sRegion'])) {
$region = Region::newInstance()->findByPrimaryKey($params['sRegion']);
} else {
$region = Region::newInstance()->findByName($params['sRegion']);
}
if (isset($region['s_slug'])) {
$url .= osc_sanitizeString($region['s_slug']) . '-r' . $region['pk_i_id'];
} else {
// Search by a region which does not exists (by form)
// TODO CHANGE TO NEW ROUTES!!
return $url . 'index.php?page=search&sRegion=' . urlencode($params['sRegion']);
}
}
}
if (isset($params['iPage']) && $params['iPage'] != '' && $params['iPage'] != 1) {
$url .= '/' . $params['iPage'];
}
} else {
if (isset($params['sCity']) && !is_array($params['sCity']) && strpos($params['sCity'], ',') === false && ($countP == 1 || $countP == 2 && (isset($params['iPage']) || isset($params['sCategory'])) || $countP == 3 && isset($params['iPage']) && isset($params['sCategory']))) {
$url = $base_url;
if (osc_get_preference('seo_url_search_prefix') != '') {
$url .= osc_get_preference('seo_url_search_prefix') . '/';
}
if (isset($params['sCategory'])) {
$_auxSlug = _aux_search_category_slug($params['sCategory']);
if ($_auxSlug != '') {
$url .= $_auxSlug . '_';
}
}
if (isset($params['sCity'])) {
if (osc_list_city_id() == $params['sCity']) {
$url .= osc_sanitizeString(osc_list_city_slug()) . '-c' . osc_list_city_id();
} else {
if (is_numeric($params['sCity'])) {
$city = City::newInstance()->findByPrimaryKey($params['sCity']);
} else {
$city = City::newInstance()->findByName($params['sCity']);
}
if (isset($city['s_slug'])) {
$url .= osc_sanitizeString($city['s_slug']) . '-c' . $city['pk_i_id'];
} else {
// Search by a city which does not exists (by form)
// TODO CHANGE TO NEW ROUTES!!
return $url . 'index.php?page=search&sCity=' . urlencode($params['sCity']);
}
}
}
if (isset($params['iPage']) && $params['iPage'] != '' && $params['iPage'] != 1) {
$url .= '/' . $params['iPage'];
}
} else {
if ($params != null && is_array($params)) {
foreach ($params as $k => $v) {
switch ($k) {
case 'sCountry':
$k = osc_get_preference('rewrite_search_country');
break;
case 'sRegion':
$k = osc_get_preference('rewrite_search_region');
break;
case 'sCity':
$k = osc_get_preference('rewrite_search_city');
break;
case 'sCityArea':
$k = osc_get_preference('rewrite_search_city_area');
break;
case 'sCategory':
$k = osc_get_preference('rewrite_search_category');
if (is_array($v)) {
$v = implode(",", $v);
}
break;
case 'sUser':
$k = osc_get_preference('rewrite_search_user');
if (is_array($v)) {
$v = implode(",", $v);
}
break;
case 'sPattern':
$k = osc_get_preference('rewrite_search_pattern');
break;
case 'meta':
// meta(@id),value/meta(@id),value2/...
foreach ($v as $key => $value) {
if (is_array($value)) {
foreach ($value as $_key => $_value) {
if ($value != '') {
$url .= '/meta' . $key . '-' . $_key . ',' . urlencode($_value);
}
}
} else {
if ($value != '') {
$url .= '/meta' . $key . ',' . urlencode($value);
}
}
}
break;
default:
break;
}
if (!is_array($v) && $v != '') {
$url .= "/" . $k . "," . urlencode($v);
}
}
}
}
}
}
} else {
$url = $base_url . 'index.php?page=search';
if ($params != null && is_array($params)) {
foreach ($params as $k => $v) {
if ($k == 'meta') {
if (is_array($v)) {
foreach ($v as $_k => $aux) {
if (is_array($aux)) {
foreach (array_keys($aux) as $aux_k) {
$url .= "&" . $k . "[{$_k}][{$aux_k}]=" . urlencode($aux[$aux_k]);
}
} else {
$url .= "&" . $_k . "[]=" . urlencode($aux);
}
}
}
} else {
if (is_array($v)) {
$v = implode(",", $v);
}
$url .= "&" . $k . "=" . urlencode($v);
}
}
}
}
return str_replace('%2C', ',', $url);
}
/**
* Add cities to the search
*
* @access public
* @since unknown
* @param mixed $city
*/
public function addCity($city = array())
{
if (is_array($city)) {
foreach ($city as $c) {
$c = trim($c);
if ($c != '') {
if (is_numeric($c)) {
$this->cities[] = sprintf("%st_item_location.fk_i_city_id = %d ", DB_TABLE_PREFIX, $c);
} else {
$_city = City::newInstance()->findByName($c);
if (!empty($_city)) {
$this->cities[] = sprintf("%st_item_location.fk_i_city_id = %d ", DB_TABLE_PREFIX, $_city);
} else {
$this->cities[] = sprintf("%st_item_location.s_city LIKE '%%%s%%' ", DB_TABLE_PREFIX, $c);
}
}
}
}
} else {
$city = trim($city);
if ($city != "") {
if (is_numeric($city)) {
$this->cities[] = sprintf("%st_item_location.fk_i_city_id = %d ", DB_TABLE_PREFIX, $city);
} else {
$_city = City::newInstance()->findByName($city);
if (!empty($_city)) {
$this->cities[] = sprintf("%st_item_location.fk_i_city_id = %d ", DB_TABLE_PREFIX, $_city['pk_i_id']);
} else {
$this->cities[] = sprintf("%st_item_location.s_city LIKE '%%%s%%' ", DB_TABLE_PREFIX, $city);
}
}
}
}
}
/**
* Validate if exist $city, $region, $country in db
*
* @param string $city
* @param string $region
* @param string $country
* @return boolean
*/
function osc_validate_location($city, $sCity, $region, $sRegion, $country, $sCountry)
{
if (osc_validate_nozero($city) && osc_validate_nozero($region) && osc_validate_text($country, 2)) {
$data = Country::newInstance()->findByCode($country);
$countryId = $data['pk_c_code'];
if ($countryId) {
$data = Region::newInstance()->findByPrimaryKey($region);
$regionId = $data['pk_i_id'];
if ($data['b_active'] == 1) {
$data = City::newInstance()->findByPrimaryKey($city);
if ($data['b_active'] == 1 && $data['fk_i_region_id'] == $regionId && strtolower($data['fk_c_country_code']) == strtolower($countryId)) {
return true;
}
}
}
} else {
if (osc_validate_nozero($region) && osc_validate_text($country, 2) && $sCity != "") {
return true;
} else {
if ($sRegion != "" && osc_validate_text($country, 2) && $sCity != "") {
return true;
} else {
if ($sRegion != "" && $sCountry != "" && $sCity != "") {
return true;
}
}
}
}
return false;
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'create':
// callign create view
$aCountries = array();
$aRegions = array();
$aCities = array();
$aCountries = Country::newInstance()->listAll();
if (isset($aCountries[0]['pk_c_code'])) {
$aRegions = Region::newInstance()->getByCountry($aCountries[0]['pk_c_code']);
}
if (isset($aRegions[0]['pk_i_id'])) {
$aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $aRegions[0]['pk_i_id']);
}
$this->_exportVariableToView("user", null);
$this->_exportVariableToView("countries", $aCountries);
$this->_exportVariableToView("regions", $aRegions);
$this->_exportVariableToView("cities", $aCities);
$this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
$this->doView("users/frm.php");
break;
case 'create_post':
// creating the user...
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(true);
$success = $userActions->add();
switch ($success) {
case 1:
osc_add_flash_message(_m('The user has been created. We\'ve sent an activation e-mail'), 'admin');
break;
case 2:
osc_add_flash_message(_m('The user has been created and activated'), 'admin');
break;
case 3:
osc_add_flash_message(_m('Sorry, but that e-mail is already in use'), 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'edit':
// calling the edit view
$aUser = array();
$aCountries = array();
$aRegions = array();
$aCities = array();
$aUser = $this->userManager->findByPrimaryKey(Params::getParam("id"));
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($aUser['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->getByCountry($aUser['fk_c_country_code']);
} else {
if (count($aCountries) > 0) {
$aRegions = Region::newInstance()->getByCountry($aCountries[0]['pk_c_code']);
}
}
$aCities = array();
if ($aUser['fk_i_region_id'] != '') {
$aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $aUser['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $aRegions[0]['pk_i_id']);
}
}
$this->_exportVariableToView("user", $aUser);
$this->_exportVariableToView("countries", $aCountries);
$this->_exportVariableToView("regions", $aRegions);
$this->_exportVariableToView("cities", $aCities);
$this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
$this->doView("users/frm.php");
break;
case 'edit_post':
// edit post
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(true);
$success = $userActions->edit(Params::getParam("id"));
switch ($success) {
case 1:
osc_add_flash_message(_m('Passwords don\'t match'), 'admin');
break;
case 2:
osc_add_flash_message(_m('The user has been updated and activated'), 'admin');
break;
default:
osc_add_flash_message(_m('The user has been updated'), 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'activate':
//activate
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_message(_m('User id isn\'t in the correct format'), 'admin');
}
foreach ($userId as $id) {
$conditions = array('pk_i_id' => $id);
$values = array('b_enabled' => 1);
$iUpdated += $this->userManager->update($values, $conditions);
}
switch ($iUpdated) {
case 0:
$msg = _m('No user has been activated');
break;
case 1:
$msg = _m('One user has been activated');
break;
default:
$msg = sprintf(_m('%s users have been activated'), $iUpdated);
break;
}
osc_add_flash_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'deactivate':
//deactivate
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_message(_m('User id isn\'t in the correct format'), 'admin');
}
foreach ($userId as $id) {
$conditions = array('pk_i_id' => $id);
$values = array('b_enabled' => 0);
$iUpdated += $this->userManager->update($values, $conditions);
}
switch ($iUpdated) {
case 0:
$msg = _m('No user has been deactivated');
break;
case 1:
$msg = _m('One user has been deactivated');
break;
default:
$msg = sprintf(_m('%s users have been deactivated'), $iUpdated);
break;
}
osc_add_flash_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'delete':
//delete
$iDeleted = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_message(_m('User id isn\'t in the correct format'), 'admin');
}
foreach ($userId as $id) {
if ($this->userManager->deleteUser($id)) {
$iDeleted++;
}
}
switch ($iDeleted) {
case 0:
$msg = _m('No user has been deleted');
break;
case 1:
$msg = _m('One user has been deleted');
break;
default:
$msg = sprintf(_m('%s users have been deleted'), $iDeleted);
break;
}
osc_add_flash_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
default:
// manage users view
$aUsers = $this->userManager->listAll();
$this->_exportVariableToView("users", $aUsers);
$this->doView("users/index.php");
break;
}
}
public static function city_select($cities = null, $item = null)
{
if (Session::newInstance()->_getForm('city') != '') {
$cities = null;
} else {
if ($cities == null) {
$cities = osc_get_cities();
}
}
if ($item == null) {
$item = osc_item();
}
if (count($cities) >= 1) {
if (Session::newInstance()->_getForm('cityId') != "") {
$item['fk_i_city_id'] = Session::newInstance()->_getForm('cityId');
if (Session::newInstance()->_getForm('regionId') != "") {
$cities = City::newInstance()->listWhere("fk_i_region_id = %d", Session::newInstance()->_getForm('regionId'));
}
}
parent::generic_select('cityId', $cities, 'pk_i_id', 's_name', __('Select a city...'), isset($item['fk_i_city_id']) ? $item['fk_i_city_id'] : null);
return true;
// } else if ( count($cities) == 1 ) {
// if( Session::newInstance()->_getForm('cityId') != "" ) {
// $item['fk_i_city_id'] = Session::newInstance()->_getForm('cityId');
// }
// parent::generic_input_hidden('cityId', (isset($item['fk_i_city_id'])) ? $item['fk_i_city_id'] : $cities[0]['pk_i_id']) ;
// echo '<span>' .$cities[0]['s_name'] . '</span>';
// return false ;
} else {
if (Session::newInstance()->_getForm('city') != "") {
$item['s_city'] = Session::newInstance()->_getForm('city');
}
parent::generic_input_text('city', isset($item['s_city']) ? $item['s_city'] : null);
return true;
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'userajax':
// This is the autocomplete AJAX
$users = User::newInstance()->ajax(Params::getParam("term"));
if (count($users) == 0) {
echo json_encode(array(0 => array('id' => '', 'label' => __('No results'), 'value' => __('No results'))));
} else {
echo json_encode($users);
}
break;
case 'date_format':
echo json_encode(array('format' => Params::getParam('format'), 'str_formatted' => osc_format_date(date('Y-m-d H:i:s'), Params::getParam('format'))));
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_admin_' . $hook);
break;
}
break;
case 'categories_order':
// Save the order of the categories
osc_csrf_check(false);
$aIds = Params::getParam('list');
$orderParent = 0;
$orderSub = 0;
$catParent = 0;
$error = 0;
$catManager = Category::newInstance();
$aRecountCat = array();
foreach ($aIds as $id => $parent) {
if ($parent == 'root') {
$res = $catManager->updateOrder($id, $orderParent);
if (is_bool($res) && !$res) {
$error = 1;
}
// find category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
// set parent category
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = NULL;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
$parentId = $auxCategory['fk_i_parent_id'];
if ($parentId) {
// update parent category stats
array_push($aRecountCat, $id);
array_push($aRecountCat, $parentId);
}
}
}
$orderParent++;
} else {
if ($parent != $catParent) {
$catParent = $parent;
$orderSub = 0;
}
$res = $catManager->updateOrder($id, $orderSub);
if (is_bool($res) && !$res) {
$error = 1;
}
// set parent category
$auxCategory = Category::newInstance()->findByPrimaryKey($id);
$auxCategoryP = Category::newInstance()->findByPrimaryKey($catParent);
$conditions = array('pk_i_id' => $id);
$array['fk_i_parent_id'] = $catParent;
$res = $catManager->update($array, $conditions);
if (is_bool($res) && !$res) {
$error = 1;
} else {
if ($res == 1) {
// updated ok
// update category parent
$prevParentId = $auxCategory['fk_i_parent_id'];
$parentId = $auxCategoryP['pk_i_id'];
array_push($aRecountCat, $prevParentId);
array_push($aRecountCat, $parentId);
}
}
$orderSub++;
}
}
// update category stats
foreach ($aRecountCat as $rId) {
osc_update_cat_stats_id($rId);
}
if ($error) {
$result = array('error' => __("An error occurred"));
} else {
$result = array('ok' => __("Order saved"));
}
echo json_encode($result);
break;
case 'category_edit_iframe':
$this->_exportVariableToView('category', Category::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView('languages', OSCLocale::newInstance()->listAllEnabled());
$this->doView("categories/iframe.php");
break;
case 'field_categories_iframe':
$selected = Field::newInstance()->categories(Params::getParam("id"));
if ($selected == null) {
$selected = array();
}
$this->_exportVariableToView("selected", $selected);
$this->_exportVariableToView("field", Field::newInstance()->findByPrimaryKey(Params::getParam("id")));
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->doView("fields/iframe.php");
break;
case 'field_categories_post':
osc_csrf_check(false);
$error = 0;
$field = Field::newInstance()->findByName(Params::getParam("s_name"));
if (!isset($field['pk_i_id']) || isset($field['pk_i_id']) && $field['pk_i_id'] == Params::getParam("id")) {
// remove categories from a field
Field::newInstance()->cleanCategoriesFromField(Params::getParam("id"));
// no error... continue updating fields
if ($error == 0) {
$slug = Params::getParam("field_slug") != '' ? Params::getParam("field_slug") : Params::getParam("s_name");
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($slug)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
// trim options
$s_options = '';
$aux = Params::getParam('s_options');
$aAux = explode(',', $aux);
foreach ($aAux as &$option) {
$option = trim($option);
}
$s_options = implode(',', $aAux);
$res = Field::newInstance()->update(array('s_name' => Params::getParam("s_name"), 'e_type' => Params::getParam("field_type"), 's_slug' => $slug, 'b_required' => Params::getParam("field_required") == "1" ? 1 : 0, 's_options' => $s_options), array('pk_i_id' => Params::getParam("id")));
if (is_bool($res) && !$res) {
$error = 1;
}
}
// no error... continue inserting categories-field
if ($error == 0) {
$aCategories = Params::getParam("categories");
if (is_array($aCategories) && count($aCategories) > 0) {
$res = Field::newInstance()->insertCategories(Params::getParam("id"), $aCategories);
if (!$res) {
$error = 1;
}
}
}
// error while updating?
if ($error == 1) {
$message = __("An error occurred while updating.");
}
} else {
$error = 1;
$message = __("Sorry, you already have a field with that name");
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"), 'text' => Params::getParam("s_name"), 'field_id' => Params::getParam("id"));
}
echo json_encode($result);
break;
case 'delete_field':
osc_csrf_check(false);
$res = Field::newInstance()->deleteByPrimaryKey(Params::getParam('id'));
if ($res > 0) {
$result = array('ok' => __('The custom field has been deleted'));
} else {
$result = array('error' => __('An error occurred while deleting'));
}
echo json_encode($result);
break;
case 'add_field':
osc_csrf_check(false);
$s_name = __('NEW custom field');
$slug_tmp = $slug = preg_replace('|([-]+)|', '-', preg_replace('|[^a-z0-9_-]|', '-', strtolower($s_name)));
$slug_k = 0;
while (true) {
$field = Field::newInstance()->findBySlug($slug);
if (!$field || $field['pk_i_id'] == Params::getParam("id")) {
break;
} else {
$slug_k++;
$slug = $slug_tmp . "_" . $slug_k;
}
}
$fieldManager = Field::newInstance();
$result = $fieldManager->insertField($s_name, 'TEXT', $slug, 0, '', array());
if ($result) {
echo json_encode(array('error' => 0, 'field_id' => $fieldManager->dao->insertedId(), 'field_name' => $s_name));
} else {
echo json_encode(array('error' => 1));
}
break;
case 'enable_category':
osc_csrf_check(false);
$id = strip_tags(Params::getParam('id'));
$enabled = Params::getParam('enabled') != '' ? Params::getParam('enabled') : 0;
$error = 0;
$result = array();
$aUpdated = array();
$mCategory = Category::newInstance();
$aCategory = $mCategory->findByPrimaryKey($id);
if ($aCategory == false) {
$result = array('error' => sprintf(__("No category with id %d exists"), $id));
echo json_encode($result);
break;
}
// root category
if ($aCategory['fk_i_parent_id'] == '') {
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
$mCategory->update(array('b_enabled' => $enabled), array('fk_i_parent_id' => $id));
$subCategories = $mCategory->findSubcategories($id);
$aIds = array($id);
$aUpdated[] = array('id' => $id);
foreach ($subCategories as $subcategory) {
$aIds[] = $subcategory['pk_i_id'];
$aUpdated[] = array('id' => $subcategory['pk_i_id']);
}
Item::newInstance()->enableByCategory($enabled, $aIds);
if ($enabled) {
$result = array('ok' => __('The category as well as its subcategories have been enabled'));
} else {
$result = array('ok' => __('The category as well as its subcategories have been disabled'));
}
$result['affectedIds'] = $aUpdated;
echo json_encode($result);
break;
}
// subcategory
$parentCategory = $mCategory->findRootCategory($id);
if (!$parentCategory['b_enabled']) {
$result = array('error' => __('Parent category is disabled, you can not enable that category'));
echo json_encode($result);
break;
}
$mCategory->update(array('b_enabled' => $enabled), array('pk_i_id' => $id));
if ($enabled) {
$result = array('ok' => __('The subcategory has been enabled'));
} else {
$result = array('ok' => __('The subcategory has been disabled'));
}
$result['affectedIds'] = array(array('id' => $id));
echo json_encode($result);
break;
case 'delete_category':
osc_csrf_check(false);
$id = Params::getParam("id");
$error = 0;
$categoryManager = Category::newInstance();
$res = $categoryManager->deleteByPrimaryKey($id);
if ($res > 0) {
$message = __('The categories have been deleted');
} else {
$error = 1;
$message = __('An error occurred while deleting');
}
if ($error) {
$result = array('error' => $message);
} else {
$result = array('ok' => __("Saved"));
}
echo json_encode($result);
break;
case 'edit_category_post':
osc_csrf_check(false);
$id = Params::getParam("id");
$fields['i_expiration_days'] = Params::getParam("i_expiration_days") != '' ? Params::getParam("i_expiration_days") : 0;
$error = 0;
$has_one_title = 0;
$postParams = Params::getParamsAsArray();
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_name') {
if ($v != "") {
$has_one_title = 1;
$aFieldsDescription[$m[1]][$m[2]] = $v;
$s_text = $v;
} else {
$aFieldsDescription[$m[1]][$m[2]] = NULL;
$error = 1;
}
} else {
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
}
$l = osc_language();
if ($error == 0 || $error == 1 && $has_one_title == 1) {
$categoryManager = Category::newInstance();
$res = $categoryManager->updateByPrimaryKey(array('fields' => $fields, 'aFieldsDescription' => $aFieldsDescription), $id);
$categoryManager->updateExpiration($id, $fields['i_expiration_days']);
if (is_bool($res)) {
$error = 2;
}
}
if (Params::getParam('apply_changes_to_subcategories') == 1) {
$subcategories = $categoryManager->findSubcategories($id);
foreach ($subcategories as $subc) {
$categoryManager->updateExpiration($subc['pk_i_id'], $fields['i_expiration_days']);
}
}
if ($error == 0) {
$msg = __("Category updated correctly");
} else {
if ($error == 1) {
if ($has_one_title == 1) {
$error = 4;
$msg = __('Category updated correctly, but some titles are empty');
} else {
$msg = __('Sorry, including at least a title is mandatory');
}
} else {
if ($error == 2) {
$msg = __('An error occurred while updating');
}
}
}
echo json_encode(array('error' => $error, 'msg' => $msg, 'text' => $aFieldsDescription[$l]['s_name']));
break;
case 'custom':
// Execute via AJAX custom file
$ajaxFile = Params::getParam("ajaxfile");
if ($ajaxFile == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (stripos($ajaxFile, '../') !== false) {
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $ajaxFile)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $ajaxFile;
break;
case 'test_mail':
$title = sprintf(__('Test email, %s'), osc_page_title());
$body = __("Test email") . "<br><br>" . osc_page_title();
$emailParams = array('subject' => $title, 'to' => osc_contact_email(), 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error occurred while sending email'));
}
echo json_encode($array);
break;
case 'test_mail_template':
// replace por valores por defecto
$email = Params::getParam("email");
$title = Params::getParam("title");
$body = urldecode(Params::getParam("body"));
$emailParams = array('subject' => $title, 'to' => $email, 'to_name' => 'admin', 'body' => $body, 'alt_body' => $body);
$array = array();
if (osc_sendMail($emailParams)) {
$array = array('status' => '1', 'html' => __('Email sent successfully'));
} else {
$array = array('status' => '0', 'html' => __('An error occurred while sending email'));
}
echo json_encode($array);
break;
case 'order_pages':
osc_csrf_check(false);
$order = Params::getParam("order");
$id = Params::getParam("id");
if ($order != '' && $id != '') {
$mPages = Page::newInstance();
$actual_page = $mPages->findByPrimaryKey($id);
$actual_order = $actual_page['i_order'];
$array = array();
$condition = array();
$new_order = $actual_order;
if ($order == 'up') {
$page = $mPages->findPrevPage($actual_order);
} else {
if ($order == 'down') {
$page = $mPages->findNextPage($actual_order);
}
}
if (isset($page['i_order'])) {
$mPages->update(array('i_order' => $page['i_order']), array('pk_i_id' => $id));
$mPages->update(array('i_order' => $actual_order), array('pk_i_id' => $page['pk_i_id']));
}
}
break;
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
/******************************
** COMPLETE UPGRADE PROCESS **
******************************/
case 'upgrade':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
osc_csrf_check(false);
$message = "";
$error = 0;
$sql_error_msg = "";
$rm_errors = 0;
$perms = osc_save_permissions();
osc_change_permissions();
$maintenance_file = ABS_PATH . '.maintenance';
$fileHandler = @fopen($maintenance_file, 'w');
fclose($fileHandler);
/***********************
**** DOWNLOAD FILE ****
***********************/
$data = osc_file_get_contents("http://osclass.org/latest_version.php");
$data = json_decode(substr($data, 1, strlen($data) - 3), true);
$source_file = $data['url'];
if ($source_file != '') {
$tmp = explode("/", $source_file);
$filename = end($tmp);
$result = osc_downloadFile($source_file, $filename);
if ($result) {
// Everything is OK, continue
/**********************
***** UNZIP FILE *****
**********************/
@mkdir(ABS_PATH . 'oc-temp', 0777);
$res = osc_unzip_file(osc_content_path() . 'downloads/' . $filename, ABS_PATH . 'oc-temp/');
if ($res == 1) {
// Everything is OK, continue
/**********************
***** COPY FILES *****
**********************/
$fail = -1;
if ($handle = opendir(ABS_PATH . 'oc-temp')) {
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..' && $_file != 'remove.list' && $_file != 'upgrade.sql' && $_file != 'customs.actions') {
$data = osc_copy(ABS_PATH . "oc-temp/" . $_file, ABS_PATH . $_file);
if ($data == false) {
$fail = 1;
}
}
}
closedir($handle);
//TRY TO REMOVE THE ZIP PACKAGE
@unlink(osc_content_path() . 'downloads/' . $filename);
if ($fail == 0) {
// Everything is OK, continue
/************************
*** UPGRADE DATABASE ***
************************/
$error_queries = array();
if (file_exists(osc_lib_path() . 'osclass/installer/struct.sql')) {
$sql = file_get_contents(osc_lib_path() . 'osclass/installer/struct.sql');
$conn = DBConnectionClass::newInstance();
$c_db = $conn->getOsclassDb();
$comm = new DBCommandClass($c_db);
$error_queries = $comm->updateDB(str_replace('/*TABLE_PREFIX*/', DB_TABLE_PREFIX, $sql));
}
if ($error_queries[0]) {
// Everything is OK, continue
/**********************************
** EXECUTING ADDITIONAL ACTIONS **
**********************************/
if (file_exists(osc_lib_path() . 'osclass/upgrade-funcs.php')) {
// There should be no errors here
define('AUTO_UPGRADE', true);
require_once osc_lib_path() . 'osclass/upgrade-funcs.php';
}
// Additional actions is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
/****************************
** REMOVE TEMPORARY FILES **
****************************/
$path = ABS_PATH . 'oc-temp';
$rm_errors = 0;
$dir = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::CHILD_FIRST);
for ($dir->rewind(); $dir->valid(); $dir->next()) {
if ($dir->isDir()) {
if ($dir->getFilename() != '.' && $dir->getFilename() != '..') {
if (!rmdir($dir->getPathname())) {
$rm_errors++;
}
}
} else {
if (!unlink($dir->getPathname())) {
$rm_errors++;
}
}
}
if (!rmdir($path)) {
$rm_errors++;
}
$deleted = @unlink(ABS_PATH . '.maintenance');
if ($rm_errors == 0) {
$message = __('Everything looks good! Your Osclass installation is up-to-date');
} else {
$message = __('Nearly everything looks good! Your Osclass installation is up-to-date, but there were some errors removing temporary files. Please manually remove the "oc-temp" folder');
$error = 6;
// Some errors removing files
}
} else {
$sql_error_msg = $error_queries[2];
$message = __('Problems when upgrading the database');
$error = 5;
// Problems upgrading the database
}
} else {
$message = __('Problems when copying files. Please check your permissions. ');
$error = 4;
// Problems copying files. Maybe permissions are not correct
}
} else {
$message = __('Nothing to copy');
$error = 99;
// Nothing to copy. THIS SHOULD NEVER HAPPEN, means we don't update any file!
}
} else {
$message = __('Unzip failed');
$error = 3;
// Unzip failed
}
} else {
$message = __('Download failed');
$error = 2;
// Download failed
}
} else {
$message = __('Missing download URL');
$error = 1;
// Missing download URL
}
if ($error == 5) {
$message .= "<br /><br />" . __('We had some errors upgrading your database. The follwing queries failed:') . implode("<br />", $sql_error_msg);
}
echo $message;
foreach ($perms as $k => $v) {
@chmod($k, $v);
}
break;
/*******************************
** COMPLETE MARKET PROCESS **
*******************************/
/*******************************
** COMPLETE MARKET PROCESS **
*******************************/
case 'market':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
osc_csrf_check(false);
$section = Params::getParam('section');
$code = Params::getParam('code');
$plugin = false;
$re_enable = false;
$message = "";
$error = 0;
$data = array();
/************************
*** CHECK VALID CODE ***
************************/
if ($code != '' && $section != '') {
if (stripos($code, "http://") === FALSE) {
// OSCLASS OFFICIAL REPOSITORY
$url = osc_market_url($section, $code);
$data = json_decode(osc_file_get_contents($url), true);
} else {
// THIRD PARTY REPOSITORY
if (osc_market_external_sources()) {
$data = json_decode(osc_file_get_contents($code), true);
} else {
echo json_encode(array('error' => 8, 'error_msg' => __('No external sources are allowed')));
break;
}
}
/***********************
**** DOWNLOAD FILE ****
***********************/
if (isset($data['s_update_url']) && isset($data['s_source_file']) && isset($data['e_type'])) {
if ($data['e_type'] == 'THEME') {
$folder = 'themes/';
} else {
if ($data['e_type'] == 'LANGUAGE') {
$folder = 'languages/';
} else {
// PLUGINS
$folder = 'plugins/';
$plugin = Plugins::findByUpdateURI($data['s_update_url']);
if ($plugin != false) {
if (Plugins::isEnabled($plugin)) {
Plugins::runHook($plugin . '_disable');
Plugins::deactivate($plugin);
$re_enable = true;
}
}
}
}
$filename = $data['s_update_url'] . "_" . $data['s_version'] . ".zip";
$url_source_file = $data['s_source_file'];
// error_log('Source file: ' . $url_source_file);
// error_log('Filename: ' . $filename);
$result = osc_downloadFile($url_source_file, $filename);
if ($result) {
// Everything is OK, continue
/**********************
***** UNZIP FILE *****
**********************/
@mkdir(ABS_PATH . 'oc-temp', 0777);
$res = osc_unzip_file(osc_content_path() . 'downloads/' . $filename, osc_content_path() . 'downloads/oc-temp/');
if ($res == 1) {
// Everything is OK, continue
/**********************
***** COPY FILES *****
**********************/
$fail = -1;
if ($handle = opendir(osc_content_path() . 'downloads/oc-temp')) {
$folder_dest = ABS_PATH . "oc-content/" . $folder;
if (function_exists('posix_getpwuid')) {
$current_user = posix_getpwuid(posix_geteuid());
$ownerFolder = posix_getpwuid(fileowner($folder_dest));
}
$fail = 0;
while (false !== ($_file = readdir($handle))) {
if ($_file != '.' && $_file != '..') {
$copyprocess = osc_copy(osc_content_path() . "downloads/oc-temp/" . $_file, $folder_dest . $_file);
if ($copyprocess == false) {
$fail = 1;
}
}
}
closedir($handle);
// Additional actions is not important for the rest of the proccess
// We will inform the user of the problems but the upgrade could continue
// Also remove the zip package
/****************************
** REMOVE TEMPORARY FILES **
****************************/
@unlink(osc_content_path() . 'downloads/' . $filename);
$path = osc_content_path() . 'downloads/oc-temp';
$rm_errors = 0;
$dir = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::CHILD_FIRST);
for ($dir->rewind(); $dir->valid(); $dir->next()) {
if ($dir->isDir()) {
if ($dir->getFilename() != '.' && $dir->getFilename() != '..') {
if (!rmdir($dir->getPathname())) {
$rm_errors++;
}
}
} else {
if (!unlink($dir->getPathname())) {
$rm_errors++;
}
}
}
if (!rmdir($path)) {
$rm_errors++;
}
if ($fail == 0) {
// Everything is OK, continue
if ($data['e_type'] != 'THEME' && $data['e_type'] != 'LANGUAGE') {
if ($plugin != false && $re_enable) {
$enabled = Plugins::activate($plugin);
if ($enabled) {
Plugins::runHook($plugin . '_enable');
}
}
}
// recount plugins&themes for update
if ($section == 'plugins') {
osc_check_plugins_update(true);
} else {
if ($section == 'themes') {
osc_check_themes_update(true);
} else {
if ($section == 'languages') {
// load oc-content/
if (osc_checkLocales()) {
$message .= __('The language has been installed correctly');
} else {
$message .= __('There was a problem adding the language');
$error = 8;
}
osc_check_languages_update(true);
}
}
}
if ($rm_errors == 0) {
$message = __('Everything looks good!');
$error = 0;
} else {
$message = __('Nearly everything looks good! but there were some errors removing temporary files. Please manually remove the \\"oc-temp\\" folder');
$error = 6;
// Some errors removing files
}
} else {
$message = __('Problems when copying files. Please check your permissions. ');
if ($current_user['uid'] != $ownerFolder['uid']) {
if (function_exists('posix_getgrgid')) {
$current_group = posix_getgrgid($current_user['gid']);
$message .= '<p><strong>' . sprintf(__('NOTE: Web user and destination folder user is not the same, you might have an issue there. <br/>Do this in your console:<br/>chown -R %s:%s %s'), $current_user['name'], $current_group['name'], $folder_dest) . '</strong></p>';
}
}
$error = 4;
// Problems copying files. Maybe permissions are not correct
}
} else {
$message = __('Nothing to copy');
$error = 99;
// Nothing to copy. THIS SHOULD NEVER HAPPEN, means we don't update any file!
}
} else {
$message = __('Unzip failed');
$error = 3;
// Unzip failed
}
} else {
$message = __('Download failed');
$error = 2;
// Download failed
}
} else {
$message = __('Input code not valid');
$error = 7;
// Input code not valid
}
} else {
$message = __('Missing download URL');
$error = 1;
// Missing download URL
}
echo json_encode(array('error' => $error, 'message' => $message, 'data' => $data));
break;
case 'check_market':
// AT THIS POINT WE KNOW IF THERE'S AN UPDATE OR NOT
$section = Params::getParam('section');
$code = Params::getParam('code');
$data = array();
/************************
*** CHECK VALID CODE ***
************************/
if ($code != '' && $section != '') {
if (stripos($code, "http://") === FALSE) {
// OSCLASS OFFICIAL REPOSITORY
$data = json_decode(osc_file_get_contents(osc_market_url($section, $code)), true);
} else {
// THIRD PARTY REPOSITORY
if (osc_market_external_sources()) {
$data = json_decode(osc_file_get_contents($code), true);
} else {
echo json_encode(array('error' => 3, 'error_msg' => __('No external sources are allowed')));
break;
}
}
if (!isset($data['s_source_file']) || !isset($data['s_update_url'])) {
$data = array('error' => 2, 'error_msg' => __('Invalid code'));
}
} else {
$data = array('error' => 1, 'error_msg' => __('No code was submitted'));
}
echo json_encode($data);
break;
case 'market_data':
$section = Params::getParam('section');
$page = Params::getParam("mPage");
$featured = Params::getParam("featured");
$sort = Params::getParam("sort");
$order = Params::getParam("order");
// for the moment this value is static
$length = 9;
if ($page >= 1) {
$page--;
}
$url = osc_market_url($section) . "page/" . $page . '/';
if ($length != '' && is_numeric($length)) {
$url .= 'length/' . $length . '/';
}
if ($sort != '') {
$url .= 'order/' . $sort;
if ($order != '') {
$url .= '/' . $order;
}
}
if ($featured != '') {
$url = osc_market_featured_url($section);
}
$data = array();
$data = json_decode(osc_file_get_contents($url), true);
if (!isset($data[$section])) {
$data = array('error' => 1, 'error_msg' => __('No market data'));
}
echo 'var market_data = window.market_data || {}; market_data.' . $section . ' = ' . json_encode($data) . ';';
break;
case 'local_market':
// AVOID CROSS DOMAIN PROBLEMS OF AJAX REQUEST
$marketPage = Params::getParam("mPage");
if ($marketPage >= 1) {
$marketPage--;
}
$out = osc_file_get_contents(osc_market_url(Params::getParam("section")) . "page/" . $marketPage);
$array = json_decode($out, true);
// do pagination
$pageActual = $array['page'];
$totalPages = ceil($array['total'] / $array['sizePage']);
$params = array('total' => $totalPages, 'selected' => $pageActual, 'url' => '#{PAGE}', 'sides' => 5);
// set pagination
$pagination = new Pagination($params);
$aux = $pagination->doPagination();
$array['pagination_content'] = $aux;
// encode to json
echo json_encode($array);
break;
case 'dashboardbox_market':
$error = 0;
// make market call
$url = getPreference('marketURL') . 'dashboardbox/';
$content = '';
if (false === ($json = @osc_file_get_contents($url))) {
$error = 1;
} else {
$content = $json;
}
if ($error == 1) {
echo json_encode(array('error' => 1));
} else {
// replace content with correct urls
$content = str_replace('{URL_MARKET_THEMES}', osc_admin_base_url(true) . '?page=market&action=themes', $content);
$content = str_replace('{URL_MARKET_PLUGINS}', osc_admin_base_url(true) . '?page=market&action=plugins', $content);
echo json_encode(array('html' => $content));
}
break;
case 'location_stats':
osc_csrf_check(false);
$workToDo = osc_update_location_stats();
if ($workToDo > 0) {
$array['status'] = 'more';
$array['pending'] = $workToDo;
echo json_encode($array);
} else {
$array['status'] = 'done';
echo json_encode($array);
}
break;
case 'error_permissions':
echo json_encode(array('error' => __("You don't have the necessary permissions")));
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
function doModel()
{
switch ($this->action) {
case 'dashboard':
//dashboard...
$max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
$aItems = Item::newInstance()->findByUserIDEnabled(osc_logged_user_id(), 0, $max_items);
//calling the view...
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('max_items', $max_items);
$this->doView('user-dashboard.php');
break;
case 'profile':
//profile...
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($user['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
} elseif (count($aCountries) > 0) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
$aCities = array();
if ($user['fk_i_region_id'] != '') {
$aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
}
//calling the view...
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('user', $user);
$this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
$this->doView('user-profile.php');
break;
case 'profile_post':
//profile post...
osc_csrf_check();
$userId = Session::newInstance()->_get('userId');
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->edit($userId);
if ($success == 1 || $success == 2) {
osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
} else {
osc_add_flash_error_message($success);
}
$this->redirectTo(osc_user_profile_url());
break;
case 'alerts':
//alerts
$aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'), false);
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
foreach ($aAlerts as $k => $a) {
$array_conditions = (array) json_decode($a['s_search']);
// $search = Search::newInstance();
$search = new Search();
$search->setJsonAlert($array_conditions);
$search->limit(0, 3);
$aAlerts[$k]['items'] = $search->doSearch();
}
$this->_exportVariableToView('alerts', $aAlerts);
View::newInstance()->_reset('alerts');
$this->_exportVariableToView('user', $user);
$this->doView('user-alerts.php');
break;
case 'change_email':
//change email
$this->doView('user-change_email.php');
break;
case 'change_email_post':
//change email post
osc_csrf_check();
if (!osc_validate_email(Params::getParam('new_email'))) {
osc_add_flash_error_message(_m('The specified e-mail is not valid'));
$this->redirectTo(osc_change_user_email_url());
} else {
$user = User::newInstance()->findByEmail(Params::getParam('new_email'));
if (!isset($user['pk_i_id'])) {
$userEmailTmp = array();
$userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
$userEmailTmp['s_new_email'] = Params::getParam('new_email');
UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
$code = osc_genRandomPassword(30);
$date = date('Y-m-d H:i:s');
$userManager = new User();
$userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
$validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified e-mail is already in use'));
$this->redirectTo(osc_change_user_email_url());
}
}
break;
case 'change_username':
//change username
$this->doView('user-change_username.php');
break;
case 'change_username_post':
//change username
$username = osc_sanitize_username(Params::getParam('s_username'));
osc_run_hook('before_username_change', Session::newInstance()->_get('userId'), $username);
if ($username != '') {
$user = User::newInstance()->findByUsername($username);
if (isset($user['s_username'])) {
osc_add_flash_error_message(_m('The specified username is already in use'));
} else {
if (!osc_is_username_blacklisted($username)) {
User::newInstance()->update(array('s_username' => $username), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('The username was updated'));
osc_run_hook('after_username_change', Session::newInstance()->_get('userId'), Params::getParam('s_username'));
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified username is not valid, it contains some invalid words'));
}
}
} else {
osc_add_flash_error_message(_m('The specified username could not be empty'));
}
$this->redirectTo(osc_change_user_username_url());
break;
case 'change_password':
//change password
$this->doView('user-change_password.php');
break;
case 'change_password_post':
//change password post
osc_csrf_check();
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_change_user_password_url());
}
if (!osc_verify_password(Params::getParam('password', false, false), $user['s_password'])) {
osc_add_flash_error_message(_m("Current password doesn't match"));
$this->redirectTo(osc_change_user_password_url());
}
if (!Params::getParam('new_password', false, false)) {
osc_add_flash_error_message(_m("Passwords can't be empty"));
$this->redirectTo(osc_change_user_password_url());
}
if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) {
osc_add_flash_error_message(_m("Passwords don't match"));
$this->redirectTo(osc_change_user_password_url());
}
User::newInstance()->update(array('s_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('Password has been changed'));
$this->redirectTo(osc_user_profile_url());
break;
case 'items':
// view items user
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10;
$page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0;
$itemType = Params::getParam('itemType');
$total_items = Item::newInstance()->countItemTypesByUserID(osc_logged_user_id(), $itemType);
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findItemTypesByUserID(osc_logged_user_id(), $page * $itemsPerPage, $itemsPerPage, $itemType);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('search_total_pages', $total_pages);
$this->_exportVariableToView('search_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('items_type', $itemType);
$this->_exportVariableToView('search_page', $page);
$this->doView('user-items.php');
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator'));
}
$this->redirectTo(osc_base_url());
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$alert = Alerts::newInstance()->findByPrimaryKey($id);
$result = 0;
if (!empty($alert)) {
if ($email == $alert['s_email'] && $secret == $alert['s_secret']) {
$result = Alerts::newInstance()->unsub($id);
}
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator'));
}
$this->redirectTo(osc_user_alerts_url());
break;
case 'delete':
$id = Params::getParam('id');
$secret = Params::getParam('secret');
if (osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
View::newInstance()->_exportVariableToView('user', $user);
if (!empty($user) && osc_logged_user_id() == $id && $secret == $user['s_secret']) {
User::newInstance()->deleteUser(osc_logged_user_id());
Session::newInstance()->_drop('userId');
Session::newInstance()->_drop('userName');
Session::newInstance()->_drop('userEmail');
Session::newInstance()->_drop('userPhone');
Cookie::newInstance()->pop('oc_userId');
Cookie::newInstance()->pop('oc_userSecret');
Cookie::newInstance()->set();
osc_add_flash_ok_message(_m("Your account have been deleted"));
$this->redirectTo(osc_base_url());
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_user_dashboard_url());
}
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_base_url());
}
break;
}
}
function twitter_breadcrumb($separator = '/')
{
$breadcrumb = array();
$text = '';
$location = Rewrite::newInstance()->get_location();
$section = Rewrite::newInstance()->get_section();
$separator = '<span class="divider">' . trim($separator) . '</span>';
$page_title = '<li><a href="' . osc_base_url() . '">' . osc_page_title() . '</a>' . $separator . '</li>';
switch ($location) {
case 'item':
switch ($section) {
case 'item_add':
break;
default:
$aCategories = Category::newInstance()->toRootTree((string) osc_item_category_id());
$category = '';
if (count($aCategories) == 0) {
break;
}
foreach ($aCategories as $aCategory) {
$list[] = '<li><a href="' . osc_item_category_url($aCategory['pk_i_id']) . '">' . $aCategory['s_name'] . '</a>' . $separator . '</li>';
}
$category = implode('', $list);
break;
}
switch ($section) {
case 'item_add':
$text = $page_title . '<li>' . __('Publish an item', 'twitter') . '</li>';
break;
case 'item_edit':
$text = $page_title . '<li><a href="' . osc_item_url() . '">' . osc_item_title() . '</a>' . $separator . '</li><li>' . __('Edit your item', 'twitter') . '</li>';
break;
case 'send_friend':
$text = $page_title . $category . '<li><a href="' . osc_item_url() . '">' . osc_item_title() . '</a>' . $separator . '</li><li>' . __('Send to a friend', 'twitter') . '</li>';
break;
case 'contact':
$text = $page_title . $category . '<li><a href="' . osc_item_url() . '">' . osc_item_title() . '</a>' . $separator . '<li><li>' . __('Contact seller', 'twitter') . '</li>';
break;
default:
$text = $page_title . $category . '<li>' . osc_item_title() . '</li>';
break;
}
break;
case 'page':
$text = $page_title . '<li>' . osc_static_page_title() . '</li>';
break;
case 'search':
$region = Params::getParam('sRegion');
$city = Params::getParam('sCity');
$pattern = Params::getParam('sPattern');
$category = osc_search_category_id();
$category = count($category) == 1 ? $category[0] : '';
$b_show_all = $pattern == '' && $category == '' && $region == '' && $city == '';
$b_category = $category != '';
$b_pattern = $pattern != '';
$b_region = $region != '';
$b_city = $city != '';
$b_location = $b_region || $b_city;
if ($b_show_all) {
$text = $page_title . '<li>' . __('Search', 'twitter') . '</li>';
break;
}
// init
$result = $page_title;
if ($b_category) {
$list = array();
$aCategories = Category::newInstance()->toRootTree($category);
if (count($aCategories) > 0) {
$deep = 1;
foreach ($aCategories as $single) {
$list[] = '<li><a href="' . osc_item_category_url($single['pk_i_id']) . '">' . $single['s_name'] . '</a>' . $separator . '</li>';
$deep++;
}
// remove last link
if (!$b_pattern && !$b_location) {
$list[count($list) - 1] = preg_replace('|<li><a href.*?>(.*?)</a>.*?</li>|', '$01', $list[count($list) - 1]);
}
$result .= implode('', $list);
}
}
if ($b_location) {
$list = array();
$params = array();
if ($b_category) {
$params['sCategory'] = $category;
}
if ($b_city) {
$aCity = City::newInstance()->findByName($city);
if (count($aCity) == 0) {
$params['sCity'] = $city;
$list[] = '<li><a href="' . osc_search_url($params) . '">' . $city . '</a>' . $separator . '</li>';
} else {
$aRegion = Region::newInstance()->findByPrimaryKey($aCity['fk_i_region_id']);
$params['sRegion'] = $aRegion['s_name'];
$list[] = '<li><a href="' . osc_search_url($params) . '">' . $aRegion['s_name'] . '</a>' . $separator . '</li>';
$params['sCity'] = $aCity['s_name'];
$list[] = '<li><a href="' . osc_search_url($params) . '">' . $aCity['s_name'] . '</a>' . $separator . '</li>';
}
if (!$b_pattern) {
$list[count($list) - 1] = preg_replace('|<li><a href.*?>(.*?)</a>.*?</li>|', '$01', $list[count($list) - 1]);
}
$result .= implode('', $list);
} else {
if ($b_region) {
$params['sRegion'] = $region;
$list[] = '<li><a href="' . osc_search_url($params) . '">' . $region . '</a>' . $separator . '</li>';
if (!$b_pattern) {
$list[count($list) - 1] = preg_replace('|<li><a href.*?>(.*?)</a>.*?</li>|', '$01', $list[count($list) - 1]);
}
$result .= implode('', $list);
}
}
}
if ($b_pattern) {
$result .= '<li>' . __('Search Results', 'twitter') . ': ' . $pattern . '</li>';
}
// remove last separator
$result = preg_replace('|' . trim($separator) . '\\s*$|', '', $result);
$text = $result;
break;
case 'login':
switch ($section) {
case 'recover':
$text = $page_title . '<li>' . __('Recover your password', 'twitter') . '</li>';
break;
default:
$text = $page_title . '<li>' . __('Login', 'twitter') . '</li>';
}
break;
case 'register':
$text = $page_title . '<li>' . __('Create a new account', 'twitter') . '</li>';
break;
case 'contact':
$text = $page_title . '<li>' . __('Contact', 'twitter') . '</li>';
break;
default:
break;
}
return '<ul class="breadcrumb">' . $text . '</ul>';
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->getByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->getByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$alert = Params::getParam("alert");
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if ($alert != '' && $email != '') {
if (preg_match("/^[_a-z0-9-+]+(\\.[_a-z0-9-+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", $email)) {
Alerts::newInstance()->createAlert($userid, $email, $alert);
echo "1";
} else {
echo '0';
}
return true;
}
echo '0';
return false;
break;
case 'runhook':
//Run hooks
$hook = Params::getParam("hook");
switch ($hook) {
case 'item_form':
$catId = Params::getParam("catId");
if ($catId != '') {
osc_run_hook("item_form", $catId);
} else {
osc_run_hook("item_form");
}
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
if ($hook == '') {
return false;
} else {
osc_run_hook($hook);
}
break;
}
break;
case 'custom':
// Execute via AJAX custom file
$ajaxfile = Params::getParam("ajaxfile");
if ($ajaxfile != '') {
require_once osc_plugins_path() . $ajaxfile;
} else {
echo json_encode(array('error' => __('no action defined')));
}
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
}
function breadcrumbs($separator = '/')
{
$text = '';
$location = Rewrite::newInstance()->get_location();
$section = Rewrite::newInstance()->get_section();
$separator = ' ' . trim($separator) . ' ';
$page_title = '<a href="' . osc_base_url() . '"><span class="bc_root">' . osc_page_title() . '</span></a>';
switch ($location) {
case 'item':
switch ($section) {
case 'item_add':
break;
default:
$aCategories = Category::newInstance()->toRootTree((string) osc_item_category_id());
$category = '';
if (count($aCategories) == 0) {
break;
}
$deep = 1;
foreach ($aCategories as $aCategory) {
$list[] = '<a href="' . breadcrumbs_category_url($aCategory['pk_i_id']) . '"><span class="bc_level_' . $deep . '">' . $aCategory['s_name'] . '</span></a>';
$deep++;
}
$category = implode($separator, $list) . $separator;
$category = preg_replace('|' . trim($separator) . '\\s*$|', '', $category);
break;
}
switch ($section) {
case 'item_add':
$text = $page_title . $separator . '<span class="bc_last">' . __('Publish an item', 'breadcrumbs');
break;
case 'item_edit':
$text = $page_title . $separator . $category . $separator . '<a href="' . osc_item_url() . '"><span class="bc_item">' . osc_item_title() . '</span></a>' . $separator . '<span class="bc_last">' . __('Edit your item', 'breadcrumbs') . '</span>';
break;
case 'send_friend':
$text = $page_title . $separator . $category . $separator . '<a href="' . osc_item_url() . '"><span class="bc_item">' . osc_item_title() . '</span></a>' . $separator . '<span class="bc_last">' . __('Send to a friend', 'breadcrumbs') . '</span>';
break;
case 'contact':
$text = $page_title . $separator . $category . $separator . '<a href="' . osc_item_url() . '"><span class="bc_item">' . osc_item_title() . '</span></a>' . $separator . '<span class="bc_last">' . __('Contact seller', 'breadcrumbs') . '</span>';
break;
default:
$text = $page_title . $separator . $category . $separator . '<span class="bc_last">' . osc_item_title() . '</span>';
break;
}
break;
case 'page':
$text = $page_title . $separator . '<span class="bc_last">' . osc_static_page_title() . '</span>';
break;
case 'search':
$region = osc_search_region();
$city = osc_search_city();
$pattern = osc_search_pattern();
$category = osc_search_category_id();
$category = count($category) == 1 ? $category[0] : '';
$b_show_all = $pattern == '' && $category == '' && $region == '' && $city == '';
$b_category = $category != '';
$b_pattern = $pattern != '';
$b_region = $region != '';
$b_city = $city != '';
$b_location = $b_region || $b_city;
if ($b_show_all) {
$text = $page_title . $separator . '<span class="bc_last">' . __('Search', 'breadcrumbs') . '</span>';
break;
}
// init
$result = $page_title . $separator;
if ($b_category) {
$list = array();
$aCategories = Category::newInstance()->toRootTree($category);
if (count($aCategories) > 0) {
$deep = 1;
foreach ($aCategories as $single) {
$list[] = '<a href="' . breadcrumbs_category_url($single['pk_i_id']) . '"><span class="bc_level_' . $deep . '">' . $single['s_name'] . '</span></a>';
$deep++;
}
// remove last link
if (!$b_pattern && !$b_location) {
$list[count($list) - 1] = preg_replace('|<a href.*?>(.*?)</a>|', '$01', $list[count($list) - 1]);
}
$result .= implode($separator, $list) . $separator;
}
}
if ($b_location) {
$list = array();
$params = array();
if ($b_category) {
$params['sCategory'] = $category;
}
if ($b_city) {
$aCity = City::newInstance()->findByName($city);
if (count($aCity) == 0) {
$params['sCity'] = $city;
$list[] = '<a href="' . osc_search_url($params) . '"><span class="bc_city">' . $city . '</span></a>';
} else {
$aRegion = Region::newInstance()->findByPrimaryKey($aCity['fk_i_region_id']);
$params['sRegion'] = $aRegion['s_name'];
$list[] = '<a href="' . osc_search_url($params) . '"><span class="bc_region">' . $aRegion['s_name'] . '</span></a>';
$params['sCity'] = $aCity['s_name'];
$list[] = '<a href="' . osc_search_url($params) . '"><span class="bc_city">' . $aCity['s_name'] . '</span></a>';
}
if (!$b_pattern) {
$list[count($list) - 1] = preg_replace('|<a href.*?>(.*?)</a>|', '$01', $list[count($list) - 1]);
}
$result .= implode($separator, $list) . $separator;
} else {
if ($b_region) {
$params['sRegion'] = $region;
$list[] = '<a href="' . osc_search_url($params) . '"><span class="bc_region">' . $region . '</span></a>';
if (!$b_pattern) {
$list[count($list) - 1] = preg_replace('|<a href.*?>(.*?)</a>|', '$01', $list[count($list) - 1]);
}
$result .= implode($separator, $list) . $separator;
}
}
}
if ($b_pattern) {
$result .= '<span class="bc_last">' . __('Search Results', 'breadcrumbs') . ': ' . $pattern . '</span>' . $separator;
}
// remove last separator
$result = preg_replace('|' . trim($separator) . '\\s*$|', '', $result);
$text = $result;
break;
case 'login':
switch ($section) {
case 'recover':
$text = $page_title . $separator . '<span class="bc_last">' . __('Recover your password', 'breadcrumbs') . '</span>';
default:
$text = $page_title . $separator . '<span class="bc_last">' . __('Login', 'breadcrumbs') . '</span>';
}
break;
case 'register':
$text = $page_title . $separator . '<span class="bc_last">' . __('Create a new account', 'breadcrumbs') . '</span>';
break;
case 'user':
$user_dashboard = '<a href="' . osc_user_dashboard_url() . '"><span class="bc_user">' . __('My account', 'breadcrumbs') . '</span></a>';
switch ($section) {
case 'dashboard':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Dashboard', 'breadcrumbs') . '</span>';
break;
case 'items':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Manage my items', 'breadcrumbs') . '</span>';
break;
case 'alerts':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Manage my alerts', 'breadcrumbs') . '</span>';
break;
case 'profile':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Update my profile', 'breadcrumbs') . '</span>';
break;
case 'change_email':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Change my email', 'breadcrumbs') . '</span>';
break;
case 'change_password':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Change my password', 'breadcrumbs') . '</span>';
break;
case 'forgot':
$text = $page_title . $separator . $user_dashboard . $separator . '<span class="bc_last">' . __('Recover my password', 'breadcrumbs') . '</span>';
break;
}
break;
case 'contact':
$text = $page_title . $separator . '<span class="bc_last">' . __('Contact', 'breadcrumbs') . '</span>';
break;
default:
break;
}
echo $text;
return true;
}
?>
><?php
echo $region['s_name'];
?>
</option>
<?php
}
?>
</select>
</div>
<?php
}
?>
<?php
$aCities = City::newInstance()->getByRegion($cityId);
if (count($aCities) >= 0) {
?>
<div class="col-md-4 col-sm-4">
<select name="sCity" id="cityId" class="form-control">
<option value=""><?php
_e("Select a city...");
?>
</option>
<?php
foreach ($aCities as $city) {
?>
<option value="<?php
echo $city['pk_i_id'];
?>
public static function city_select($cities = null, $item = null)
{
if (Session::newInstance()->_getForm('city') != '') {
$cities = null;
} else {
if ($cities == null) {
$cities = array();
}
}
if ($item == null) {
$item = osc_item();
}
if (count($cities) >= 1) {
if (Session::newInstance()->_getForm('cityId') != "") {
$item['fk_i_city_id'] = Session::newInstance()->_getForm('cityId');
}
if (Session::newInstance()->_getForm('regionId') != "") {
$cities = City::newInstance()->findByRegion(Session::newInstance()->_getForm('regionId'));
}
parent::generic_select('cityId', $cities, 'pk_i_id', 's_name', __('Select a city...'), isset($item['fk_i_city_id']) ? $item['fk_i_city_id'] : null);
return true;
} else {
if (Session::newInstance()->_getForm('city') != "") {
$item['s_city'] = Session::newInstance()->_getForm('city');
}
parent::generic_input_text('city', isset($item['s_city']) ? $item['s_city'] : null);
return true;
}
}
/**
* Gets list of cities (from a region)
*
* @param int $region
* @return string
*/
function osc_get_cities($region = '')
{
if (View::newInstance()->_exists('cities')) {
return View::newInstance()->_get('cities');
} else {
if ($region == '') {
return City::newInstance()->listAll();
} else {
return City::newInstance()->findByRegion($region);
}
}
}
function doModel()
{
osc_run_hook('before_search');
$mCategories = Category::newInstance();
if (osc_rewrite_enabled()) {
// IF rewrite is not enabled, skip this part, preg_match is always time&resources consuming task
$p_sParams = "/" . Params::getParam('sParams', false, false);
if (preg_match_all('|\\/([^,]+),([^\\/]*)|', $p_sParams, $m)) {
$l = count($m[0]);
for ($k = 0; $k < $l; $k++) {
switch ($m[1][$k]) {
case osc_get_preference('rewrite_search_country'):
$m[1][$k] = 'sCountry';
break;
case osc_get_preference('rewrite_search_region'):
$m[1][$k] = 'sRegion';
break;
case osc_get_preference('rewrite_search_city'):
$m[1][$k] = 'sCity';
break;
case osc_get_preference('rewrite_search_city_area'):
$m[1][$k] = 'sCityArea';
break;
case osc_get_preference('rewrite_search_category'):
$m[1][$k] = 'sCategory';
break;
case osc_get_preference('rewrite_search_user'):
$m[1][$k] = 'sUser';
break;
case osc_get_preference('rewrite_search_pattern'):
$m[1][$k] = 'sPattern';
break;
default:
break;
}
$_REQUEST[$m[1][$k]] = $m[2][$k];
$_GET[$m[1][$k]] = $m[2][$k];
unset($_REQUEST['sParams']);
unset($_GET['sParams']);
unset($_POST['sParams']);
}
}
}
////////////////////////////////
//GETTING AND FIXING SENT DATA//
////////////////////////////////
$p_sCategory = Params::getParam('sCategory');
if (!is_array($p_sCategory)) {
if ($p_sCategory == '') {
$p_sCategory = array();
} else {
$p_sCategory = explode(",", $p_sCategory);
}
}
$p_sCityArea = Params::getParam('sCityArea');
if (!is_array($p_sCityArea)) {
if ($p_sCityArea == '') {
$p_sCityArea = array();
} else {
$p_sCityArea = explode(",", $p_sCityArea);
}
}
$p_sCity = Params::getParam('sCity');
if (!is_array($p_sCity)) {
if ($p_sCity == '') {
$p_sCity = array();
} else {
$p_sCity = explode(",", $p_sCity);
}
}
$p_sRegion = Params::getParam('sRegion');
if (!is_array($p_sRegion)) {
if ($p_sRegion == '') {
$p_sRegion = array();
} else {
$p_sRegion = explode(",", $p_sRegion);
}
}
$p_sCountry = Params::getParam('sCountry');
if (!is_array($p_sCountry)) {
if ($p_sCountry == '') {
$p_sCountry = array();
} else {
$p_sCountry = explode(",", $p_sCountry);
}
}
$p_sUser = Params::getParam('sUser');
if (!is_array($p_sUser)) {
if ($p_sUser == '') {
$p_sUser = '';
} else {
$p_sUser = explode(",", $p_sUser);
}
}
$p_sPattern = strip_tags(Params::getParam('sPattern'));
// ADD TO THE LIST OF LAST SEARCHES
if (osc_save_latest_searches()) {
if (trim($p_sPattern) != '') {
LatestSearches::newInstance()->insert(array('s_search' => trim($p_sPattern), 'd_date' => date('Y-m-d H:i:s')));
}
}
$p_bPic = Params::getParam('bPic');
$p_bPic == 1 ? $p_bPic = 1 : ($p_bPic = 0);
$p_sPriceMin = Params::getParam('sPriceMin');
$p_sPriceMax = Params::getParam('sPriceMax');
//WE CAN ONLY USE THE FIELDS RETURNED BY Search::getAllowedColumnsForSorting()
$p_sOrder = Params::getParam('sOrder');
if (!in_array($p_sOrder, Search::getAllowedColumnsForSorting())) {
$p_sOrder = osc_default_order_field_at_search();
}
$old_order = $p_sOrder;
//ONLY 0 ( => 'asc' ), 1 ( => 'desc' ) AS ALLOWED VALUES
$p_iOrderType = Params::getParam('iOrderType');
$allowedTypesForSorting = Search::getAllowedTypesForSorting();
$orderType = osc_default_order_type_at_search();
foreach ($allowedTypesForSorting as $k => $v) {
if ($p_iOrderType == $v) {
$orderType = $k;
break;
}
}
$p_iOrderType = $orderType;
$p_sFeed = Params::getParam('sFeed');
$p_iPage = 0;
if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') > 0) {
$p_iPage = intval(Params::getParam('iPage')) - 1;
}
if ($p_sFeed != '') {
$p_sPageSize = 1000;
}
$p_sShowAs = Params::getParam('sShowAs');
$aValidShowAsValues = array('list', 'gallery');
if (!in_array($p_sShowAs, $aValidShowAsValues)) {
$p_sShowAs = osc_default_show_as_at_search();
}
// search results: it's blocked with the maxResultsPerPage@search defined in t_preferences
$p_iPageSize = intval(Params::getParam('iPagesize'));
if ($p_iPageSize > 0) {
if ($p_iPageSize > osc_max_results_per_page_at_search()) {
$p_iPageSize = osc_max_results_per_page_at_search();
}
} else {
$p_iPageSize = osc_default_results_per_page_at_search();
}
//FILTERING CATEGORY
$bAllCategoriesChecked = false;
if (count($p_sCategory) > 0) {
foreach ($p_sCategory as $category) {
$this->mSearch->addCategory($category);
}
} else {
$bAllCategoriesChecked = true;
}
//FILTERING CITY_AREA
foreach ($p_sCityArea as $city_area) {
$this->mSearch->addCityArea($city_area);
}
$p_sCityArea = implode(", ", $p_sCityArea);
//FILTERING CITY
foreach ($p_sCity as $city) {
$this->mSearch->addCity($city);
}
$p_sCity = implode(", ", $p_sCity);
//FILTERING REGION
foreach ($p_sRegion as $region) {
$this->mSearch->addRegion($region);
}
$p_sRegion = implode(", ", $p_sRegion);
//FILTERING COUNTRY
foreach ($p_sCountry as $country) {
$this->mSearch->addCountry($country);
}
$p_sCountry = implode(", ", $p_sCountry);
// FILTERING PATTERN
if ($p_sPattern != '') {
$this->mSearch->addPattern($p_sPattern);
$osc_request['sPattern'] = $p_sPattern;
} else {
// hardcoded - if there isn't a search pattern, order by dt_pub_date desc
if ($p_sOrder == 'relevance') {
$p_sOrder = 'dt_pub_date';
foreach ($allowedTypesForSorting as $k => $v) {
if ($p_iOrderType == 'desc') {
$orderType = $k;
break;
}
}
$p_iOrderType = $orderType;
}
}
// FILTERING USER
if ($p_sUser != '') {
$this->mSearch->fromUser($p_sUser);
}
// FILTERING IF WE ONLY WANT ITEMS WITH PICS
if ($p_bPic) {
$this->mSearch->withPicture(true);
}
//FILTERING BY RANGE PRICE
$this->mSearch->priceRange($p_sPriceMin, $p_sPriceMax);
//ORDERING THE SEARCH RESULTS
$this->mSearch->order($p_sOrder, $allowedTypesForSorting[$p_iOrderType]);
//SET PAGE
$this->mSearch->page($p_iPage, $p_iPageSize);
osc_run_hook('search_conditions', Params::getParamsAsArray());
if (!Params::existParam('sFeed')) {
// RETRIEVE ITEMS AND TOTAL
$aItems = $this->mSearch->doSearch();
$iTotalItems = $this->mSearch->count();
$iStart = $p_iPage * $p_iPageSize;
$iEnd = min(($p_iPage + 1) * $p_iPageSize, $iTotalItems);
$iNumPages = ceil($iTotalItems / $p_iPageSize);
osc_run_hook('search', $this->mSearch);
//preparing variables...
$regionName = $p_sRegion;
if (is_numeric($p_sRegion)) {
$r = Region::newInstance()->findByPrimaryKey($p_sRegion);
if ($r) {
$regionName = $r['s_name'];
}
}
$cityName = $p_sCity;
if (is_numeric($p_sCity)) {
$c = City::newInstance()->findByPrimaryKey($p_sCity);
if ($c) {
$cityName = $c['s_name'];
}
}
//$this->_exportVariableToView('non_empty_categories', $aCategories) ;
$this->_exportVariableToView('search_start', $iStart);
$this->_exportVariableToView('search_end', $iEnd);
$this->_exportVariableToView('search_category', $p_sCategory);
// hardcoded - non pattern and order by relevance
$p_sOrder = $old_order;
$this->_exportVariableToView('search_order_type', $p_iOrderType);
$this->_exportVariableToView('search_order', $p_sOrder);
$this->_exportVariableToView('search_pattern', $p_sPattern);
$this->_exportVariableToView('search_from_user', $p_sUser);
$this->_exportVariableToView('search_total_pages', $iNumPages);
$this->_exportVariableToView('search_page', $p_iPage);
$this->_exportVariableToView('search_has_pic', $p_bPic);
$this->_exportVariableToView('search_region', $regionName);
$this->_exportVariableToView('search_city', $cityName);
$this->_exportVariableToView('search_price_min', $p_sPriceMin);
$this->_exportVariableToView('search_price_max', $p_sPriceMax);
$this->_exportVariableToView('search_total_items', $iTotalItems);
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('search_show_as', $p_sShowAs);
$this->_exportVariableToView('search', $this->mSearch);
// json
$json = $this->mSearch->toJson();
$this->_exportVariableToView('search_alert', base64_encode($json));
//calling the view...
$this->doView('search.php');
} else {
$this->mSearch->page(0, osc_num_rss_items());
// RETRIEVE ITEMS AND TOTAL
$iTotalItems = $this->mSearch->count();
$aItems = $this->mSearch->doSearch();
$this->_exportVariableToView('items', $aItems);
if ($p_sFeed == '' || $p_sFeed == 'rss') {
// FEED REQUESTED!
header('Content-type: text/xml; charset=utf-8');
$feed = new RSSFeed();
$feed->setTitle(__('Latest listings added') . ' - ' . osc_page_title());
$feed->setLink(osc_base_url());
$feed->setDescription(__('Latest listings added in') . ' ' . osc_page_title());
if (osc_count_items() > 0) {
while (osc_has_items()) {
if (osc_count_item_resources() > 0) {
osc_has_item_resources();
$feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'dt_pub_date' => osc_item_pub_date(), 'image' => array('url' => htmlentities(osc_resource_thumbnail_url(), ENT_COMPAT, "UTF-8"), 'title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"))));
} else {
$feed->addItem(array('title' => osc_item_title(), 'link' => htmlentities(osc_item_url(), ENT_COMPAT, "UTF-8"), 'description' => osc_item_description(), 'dt_pub_date' => osc_item_pub_date()));
}
}
}
osc_run_hook('feed', $feed);
$feed->dumpXML();
} else {
osc_run_hook('feed_' . $p_sFeed, $aItems);
}
}
}
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
echo json_encode($cities);
break;
case 'location_countries':
// This is the autocomplete AJAX
$countries = Country::newInstance()->ajax(Params::getParam("term"));
echo json_encode($countries);
break;
case 'location_regions':
// This is the autocomplete AJAX
$regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country"));
echo json_encode($regions);
break;
case 'location_cities':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region"));
echo json_encode($cities);
break;
case 'delete_image':
// Delete images via AJAX
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
$json = array();
if (Session::newInstance()->_get('userId') != '') {
$userId = Session::newInstance()->_get('userId');
$user = User::newInstance()->findByPrimaryKey($userId);
} else {
$userId = null;
$user = null;
}
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
$json['success'] = false;
$json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist");
echo json_encode($json);
return false;
}
$aItem = Item::newInstance()->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
$json['success'] = false;
$json['msg'] = _m('The item doesn\'t exist');
echo json_encode($json);
return false;
}
// Check if the item belong to the user
if ($userId != null && $userId != $aItem['fk_i_user_id']) {
$json['success'] = false;
$json['msg'] = _m('The item doesn\'t belong to you');
echo json_encode($json);
return false;
}
// Check if the secret passphrase match with the item
if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
$json['success'] = false;
$json['msg'] = _m('The item doesn\'t belong to you');
echo json_encode($json);
return false;
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->existResource($id, $code);
if ($result > 0) {
// Delete: file, db table entry
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
$json['msg'] = _m('The selected photo has been successfully deleted');
$json['success'] = 'true';
} else {
$json['msg'] = _m("The selected photo couldn't be deleted");
$json['success'] = 'false';
}
echo json_encode($json);
return true;
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$alert = Params::getParam("alert");
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if ($alert != '' && $email != '') {
if (preg_match("/^[_a-z0-9-+]+(\\.[_a-z0-9-+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", $email)) {
$secret = osc_genRandomPassword();
if (Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) {
if ((int) $userid > 0) {
$user = User::newInstance()->findByPrimaryKey($userid);
if ($user['b_active'] == 1 && $user['b_enabled'] == 1) {
Alerts::newInstance()->activate($email, $secret);
echo '1';
return true;
} else {
echo '-1';
return false;
}
} else {
osc_run_hook('hook_email_alert_validation', $alert, $email, $secret);
}
echo "1";
} else {
echo "0";
}
return true;
} else {
echo '-1';
return false;
}
}
echo '0';
return false;
break;
case 'runhook':
//Run hooks
$hook = Params::getParam("hook");
switch ($hook) {
case 'item_form':
$catId = Params::getParam("catId");
if ($catId != '') {
osc_run_hook("item_form", $catId);
} else {
osc_run_hook("item_form");
}
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
if ($hook == '') {
return false;
} else {
osc_run_hook($hook);
}
break;
}
break;
case 'custom':
// Execute via AJAX custom file
$ajaxfile = Params::getParam("ajaxfile");
if ($ajaxfile != '') {
require_once osc_plugins_path() . $ajaxfile;
} else {
echo json_encode(array('error' => __('no action defined')));
}
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
