function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
if (!osc_users_enabled()) {
osc_add_flash_error_message(_m('Users are not enabled'));
$this->redirectTo(osc_base_url());
}
osc_csrf_check();
osc_run_hook('before_validating_login');
// e-mail or/and password is/are empty or incorrect
$wrongCredentials = false;
$email = Params::getParam('email');
$password = Params::getParam('password', false, false);
if ($email == '') {
osc_add_flash_error_message(_m('Please provide an email address'));
$wrongCredentials = true;
}
if ($password == '') {
osc_add_flash_error_message(_m('Empty passwords are not allowed. Please provide a password'));
$wrongCredentials = true;
}
if ($wrongCredentials) {
$this->redirectTo(osc_user_login_url());
}
if (osc_validate_email($email)) {
$user = User::newInstance()->findByEmail($email);
}
if (empty($user)) {
$user = User::newInstance()->findByUsername($email);
}
if (empty($user)) {
osc_add_flash_error_message(_m("The user doesn't exist"));
$this->redirectTo(osc_user_login_url());
}
if (!osc_verify_password($password, isset($user['s_password']) ? $user['s_password'] : '')) {
osc_add_flash_error_message(_m('The password is incorrect'));
$this->redirectTo(osc_user_login_url());
// @TODO if valid user, send email parameter back to the login form
} else {
if (@$user['s_password'] != '') {
if (preg_match('|\\$2y\\$([0-9]{2})\\$|', $user['s_password'], $cost)) {
if ($cost[1] != BCRYPT_COST) {
User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
}
} else {
User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
}
}
}
// e-mail or/and IP is/are banned
$banned = osc_is_banned($email);
// int 0: not banned or unknown, 1: email is banned, 2: IP is banned, 3: both email & IP are banned
if ($banned & 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
}
if ($banned & 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
}
if ($banned !== 0) {
$this->redirectTo(osc_user_login_url());
}
osc_run_hook('before_login');
$url_redirect = osc_get_http_referer();
$page_redirect = '';
if (osc_rewrite_enabled()) {
if ($url_redirect != '') {
$request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $url_redirect));
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
$rules = Rewrite::newInstance()->listRules();
foreach ($rules as $match => $uri) {
if (preg_match('#' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
$page_redirect = $match[2];
if ($page_redirect == '' || $page_redirect == 'login') {
$url_redirect = osc_user_dashboard_url();
}
}
break;
}
}
}
}
require_once LIB_PATH . 'osclass/UserActions.php';
$uActions = new UserActions(false);
$logged = $uActions->bootstrap_login($user['pk_i_id']);
if ($logged == 0) {
osc_add_flash_error_message(_m("The user doesn't exist"));
} else {
if ($logged == 1) {
if (time() - strtotime($user['dt_access_date']) > 1200) {
// EACH 20 MINUTES
osc_add_flash_error_message(sprintf(_m('The user has not been validated yet. Would you like to re-send your <a href="%s">activation?</a>'), osc_user_resend_activation_link($user['pk_i_id'], $user['s_email'])));
} else {
osc_add_flash_error_message(_m('The user has not been validated yet'));
}
} else {
if ($logged == 2) {
osc_add_flash_error_message(_m('The user has been suspended'));
} else {
if ($logged == 3) {
if (Params::getParam('remember') == 1) {
//this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
Cookie::newInstance()->push('oc_userSecret', $secret);
Cookie::newInstance()->set();
}
if ($url_redirect == '') {
$url_redirect = osc_user_dashboard_url();
}
osc_run_hook("after_login", $user, $url_redirect);
$this->redirectTo(osc_apply_filter('correct_login_url_redirect', $url_redirect));
} else {
osc_add_flash_error_message(_m('This should never happen'));
}
}
}
}
if (!$user['b_enabled']) {
$this->redirectTo(osc_user_login_url());
}
$this->redirectTo(osc_user_login_url());
break;
case 'resend':
$id = Params::getParam('id');
$email = Params::getParam('email');
$user = User::newInstance()->findByPrimaryKey($id);
if ($id == '' || $email == '' || !isset($user) || $user['b_active'] == 1 || $email != $user['s_email']) {
osc_add_flash_error_message(_m('Incorrect link'));
$this->redirectTo(osc_user_login_url());
}
if (time() - strtotime($user['dt_access_date']) > 1200) {
// EACH 20 MINUTES
if (osc_notify_new_user()) {
osc_run_hook('hook_email_admin_new_user', $user);
}
if (osc_user_validation_enabled()) {
osc_run_hook('hook_email_user_validation', $user, $user);
}
User::newInstance()->update(array('dt_access_date' => date('Y-m-d H:i:s')), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('Validation email re-sent'));
} else {
osc_add_flash_warning_message(_m('We have just sent you an email to validate your account, you will have to wait a few minutes to resend it again'));
}
$this->redirectTo(osc_user_login_url());
break;
case 'recover':
//form to recover the password (in this case we have the form in /gui/)
$this->doView('user-recover.php');
break;
case 'recover_post':
//post execution to recover the password
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
// e-mail is incorrect
if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
osc_add_flash_error_message(_m('Invalid email address'));
$this->redirectTo(osc_recover_user_password_url());
}
$userActions = new UserActions(false);
$success = $userActions->recover_password();
switch ($success) {
case 0:
// recover ok
osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
$this->redirectTo(osc_base_url());
break;
case 1:
// e-mail does not exist
osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
$this->redirectTo(osc_recover_user_password_url());
break;
case 2:
// recaptcha wrong
osc_add_flash_error_message(_m('The recaptcha code is wrong'));
$this->redirectTo(osc_recover_user_password_url());
break;
}
break;
case 'forgot':
//form to recover the password (in this case we have the form in /gui/)
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
$this->doView('user-forgot_password.php');
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'forgot_post':
osc_csrf_check();
if (Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user['b_enabled'] == 1) {
if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) {
User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => Params::getServerParam('REMOTE_ADDR'), 's_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('The password has been changed'));
$this->redirectTo(osc_user_login_url());
} else {
osc_add_flash_error_message(_m("Error, the password don't match"));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
}
$this->redirectTo(osc_base_url());
break;
default:
//login
Session::newInstance()->_setReferer(osc_get_http_referer());
if (osc_logged_user_id() != '') {
$this->redirectTo(osc_user_dashboard_url());
}
$this->doView('user-login.php');
}
}
function __construct()
{
// this is necessary because if HTTP_HOST doesn't have the PORT the parse_url is null
$current_host = parse_url(Params::getServerParam('HTTP_HOST'), PHP_URL_HOST);
if ($current_host === null) {
$current_host = Params::getServerParam('HTTP_HOST');
}
if (parse_url(osc_base_url(), PHP_URL_HOST) !== $current_host) {
// first check if it's http or https
$url = 'http://';
if (osc_is_ssl()) {
$url = 'https://';
}
// append the domain
$url .= parse_url(osc_base_url(), PHP_URL_HOST);
// append the port number if it's necessary
$http_port = parse_url(Params::getServerParam('HTTP_HOST'), PHP_URL_PORT);
if ($http_port !== 80) {
$url .= ':' . parse_url(Params::getServerParam('HTTP_HOST'), PHP_URL_PORT);
}
// append the request
$url .= Params::getServerParam('REQUEST_URI', false, false);
$this->redirectTo($url);
}
$this->subdomain_params($current_host);
$this->page = Params::getParam('page');
$this->action = Params::getParam('action');
$this->ajax = false;
$this->time = list($sm, $ss) = explode(' ', microtime());
WebThemes::newInstance();
osc_run_hook('init');
}
function showAuthFailPage()
{
if (Params::getParam('page') == 'ajax') {
echo json_encode(array('error' => 1, 'msg' => __('Session timed out')));
exit;
} else {
//Session::newInstance()->session_start();
Session::newInstance()->_setReferer(osc_base_url() . preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false)));
header("Location: " . osc_admin_base_url(true) . "?page=login");
exit;
}
}
function doModel()
{
$locale = Params::getParam('locale');
if (preg_match('/.{2}_.{2}/', $locale)) {
Session::newinstance()->_set('userLocale', $locale);
}
$redirect_url = '';
if (Params::getServerParam('HTTP_REFERER', false, false) != '') {
$redirect_url = Params::getServerParam('HTTP_REFERER', false, false);
} else {
$redirect_url = osc_base_url(true);
}
$this->redirectTo($redirect_url);
}
function basic_info()
{
require_once LIB_PATH . 'osclass/model/Admin.php';
require_once LIB_PATH . 'osclass/helpers/hSecurity.php';
$admin = Params::getParam('s_name');
if ($admin == '') {
$admin = 'admin';
}
$password = Params::getParam('s_passwd', false, false);
if ($password == '') {
$password = osc_genRandomPassword();
}
Admin::newInstance()->insert(array('s_name' => 'Administrator', 's_username' => $admin, 's_password' => osc_hash_password($password), 's_email' => Params::getParam('email')));
$mPreference = Preference::newInstance();
$mPreference->insert(array('s_section' => 'osclass', 's_name' => 'pageTitle', 's_value' => Params::getParam('webtitle'), 'e_type' => 'STRING'));
$mPreference->insert(array('s_section' => 'osclass', 's_name' => 'contactEmail', 's_value' => Params::getParam('email'), 'e_type' => 'STRING'));
$body = sprintf(__('Hi %s,'), Params::getParam('webtitle')) . "<br/><br/>";
$body .= sprintf(__('Your Osclass installation at %s is up and running. You can access the administration panel with these details:'), WEB_PATH) . '<br/>';
$body .= '<ul>';
$body .= '<li>' . sprintf(__('username: %s'), $admin) . '</li>';
$body .= '<li>' . sprintf(__('password: %s'), $password) . '</li>';
$body .= '</ul>';
$body .= sprintf(__('Remember that for any doubts you might have you can consult our <a href="%1$s">documentation</a>, <a href="%2$s">forum</a> or <a href="%3$s">blog</a>.'), 'http://doc.osclass.org/', 'http://forums.osclass.org/', 'http://blog.osclass.org/');
$body .= sprintf(' ' . __('Osclass doesn’t run any developments but we can put you in touch with third party developers through a Premium Support. And hey, if you would like to contribute to Osclass - learn how <a href="%1$s">here</a>!'), 'http://blog.osclass.org/2012/11/22/how-to-collaborate-to-osclass/') . '<br/><br/>';
$body .= __('Cheers,') . "<br/>";
$body .= __('The <a href="http://osclass.org/">Osclass</a> team');
$sitename = strtolower(Params::getServerParam('SERVER_NAME'));
if (substr($sitename, 0, 4) == 'www.') {
$sitename = substr($sitename, 4);
}
try {
require_once LIB_PATH . 'phpmailer/class.phpmailer.php';
$mail = new PHPMailer(true);
$mail->CharSet = "utf-8";
$mail->Host = "localhost";
$mail->From = 'osclass@' . $sitename;
$mail->FromName = 'Osclass';
$mail->Subject = 'Osclass successfully installed!';
$mail->AddAddress(Params::getParam('email'), 'Osclass administrator');
$mail->Body = $body;
$mail->AltBody = $body;
if (!$mail->Send()) {
return array('email_status' => Params::getParam('email') . "<br>" . $mail->ErrorInfo, 's_password' => $password);
}
return array('email_status' => '', 's_password' => $password);
} catch (phpmailerException $exception) {
return array('email_status' => Params::getParam('email') . "<br>" . $exception->errorMessage(), 's_password' => $password);
}
}
/**
* @param string $blogURL The URL of your blog.
* @param string $wordPressAPIKey WordPress API key.
*/
public function __construct($blogURL, $wordPressAPIKey)
{
$this->blogURL = $blogURL;
$this->wordPressAPIKey = $wordPressAPIKey;
// Set some default values
$this->apiPort = 80;
$this->akismetServer = 'rest.akismet.com';
$this->akismetVersion = '1.1';
// Start to populate the comment data
$this->comment['blog'] = $blogURL;
$this->comment['user_agent'] = Params::getServerParam('HTTP_USER_AGENT');
if (Params::existServerParam('HTTP_REFERER')) {
$this->comment['referrer'] = Params::getServerParam('HTTP_REFERER', false, false);
}
/*
* This is necessary if the server PHP5 is running on has been set up to run PHP4 and
* PHP5 concurently and is actually running through a separate proxy al a these instructions:
* http://www.schlitt.info/applications/blog/archives/83_How_to_run_PHP4_and_PHP_5_parallel.html
* and http://wiki.coggeshall.org/37.html
* Otherwise the user_ip appears as the IP address of the PHP4 server passing the requests to the
* PHP5 one...
*/
$this->comment['user_ip'] = Params::getServerParam('REMOTE_ADDR') != getenv('SERVER_ADDR') ? Params::getServerParam('REMOTE_ADDR') : getenv('HTTP_X_FORWARDED_FOR');
}
function doModel()
{
parent::doModel();
if (osc_is_moderator() && ($this->action == 'settings' || $this->action == 'settings_post')) {
osc_add_flash_error_message(_m("You don't have enough permissions"), "admin");
$this->redirectTo(osc_admin_base_url());
}
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
osc_csrf_check();
$mItems = new ItemActions(true);
switch (Params::getParam('bulk_actions')) {
case 'enable_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->enable($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been enabled', '%d listings have been enabled', $numSuccess), $numSuccess), 'admin');
}
break;
case 'disable_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->disable((int) $_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been disabled', '%d listings have been disabled', $numSuccess), $numSuccess), 'admin');
}
break;
case 'activate_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->activate($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been activated', '%d listings have been activated', $numSuccess), $numSuccess), 'admin');
}
break;
case 'deactivate_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->deactivate($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_m('%d listing has been deactivated', '%d listings have been deactivated', $numSuccess), $numSuccess), 'admin');
}
break;
case 'premium_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->premium($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been marked as premium', '%d listings have been marked as premium', $numSuccess), $numSuccess), 'admin');
}
break;
case 'depremium_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->premium($_id, false)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin');
}
break;
case 'spam_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->spam($_id)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been marked as spam', '%d listings have been marked as spam', $numSuccess), $numSuccess), 'admin');
}
break;
case 'despam_all':
$id = Params::getParam('id');
if ($id) {
$numSuccess = 0;
foreach ($id as $_id) {
if ($mItems->spam($_id, false)) {
$numSuccess++;
}
}
osc_add_flash_ok_message(sprintf(_mn('%d change has been made', '%d changes have been made', $numSuccess), $numSuccess), 'admin');
}
break;
case 'delete_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$item = $this->itemManager->findByPrimaryKey($i);
$success = $mItems->delete($item['s_secret'], $item['pk_i_id']);
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been deleted', '%d listings have been deleted', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_spam_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'spam');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as spam', '%d listings have been unmarked as spam', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_bad_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'bad');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as missclassified', '%d listings have been unmarked as missclassified', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_dupl_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'duplicated');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as duplicated', '%d listings have been unmarked as duplicated', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_expi_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'expired');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as expired', '%d listings have been unmarked as expired', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_offe_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'offensive');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked as offensive', '%d listings have been unmarked as offensive', $numSuccess), $numSuccess), 'admin');
}
break;
case 'clear_all':
$id = Params::getParam('id');
$success = false;
if ($id) {
$numSuccess = 0;
foreach ($id as $i) {
if ($i) {
$success = $this->itemManager->clearStat($i, 'all');
if ($success) {
$numSuccess++;
}
}
}
osc_add_flash_ok_message(sprintf(_mn('%d listing has been unmarked', '%d listings have been unmarked', $numSuccess), $numSuccess), 'admin');
}
break;
default:
if (Params::getParam("bulk_actions") != "") {
osc_run_hook("item_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id'));
}
break;
}
$this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
break;
case 'delete':
//delete
osc_csrf_check();
$id = Params::getParam('id');
$success = false;
foreach ($id as $i) {
if ($i) {
$aItem = $this->itemManager->findByPrimaryKey($i);
$mItems = new ItemActions(true);
$success = $mItems->delete($aItem['s_secret'], $aItem['pk_i_id']);
}
}
if ($success) {
osc_add_flash_ok_message(_m('The listing has been deleted'), 'admin');
} else {
osc_add_flash_error_message(_m("The listing couldn't be deleted"), 'admin');
}
$this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
break;
case 'status':
//status
osc_csrf_check();
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) {
return false;
}
$item = $this->itemManager->findByPrimaryKey($id);
$mItems = new ItemActions(true);
switch ($value) {
case 'ACTIVE':
$success = $mItems->activate($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The listing has been activated'), 'admin');
} else {
if (!$success) {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
} else {
osc_add_flash_error_message(_m("The listing can't be activated because it's blocked"), 'admin');
}
}
break;
case 'INACTIVE':
$success = $mItems->deactivate($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The listing has been deactivated'), 'admin');
} else {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
}
break;
case 'ENABLE':
$success = $mItems->enable($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The listing has been enabled'), 'admin');
} else {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
}
break;
case 'DISABLE':
$success = $mItems->disable($id);
if ($success && $success > 0) {
osc_add_flash_ok_message(_m('The listing has been disabled'), 'admin');
} else {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
}
break;
}
$this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
break;
case 'status_premium':
//status premium
osc_csrf_check();
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array(0, 1))) {
return false;
}
$mItems = new ItemActions(true);
if ($mItems->premium($id, $value == 1 ? true : false)) {
osc_add_flash_ok_message(_m('Changes have been applied'), 'admin');
} else {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
}
$this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
break;
case 'status_spam':
//status spam
osc_csrf_check();
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array(0, 1))) {
return false;
}
$mItems = new ItemActions(true);
if ($mItems->spam($id, $value == 1 ? true : false)) {
osc_add_flash_ok_message(_m('Changes have been applied'), 'admin');
} else {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
}
$this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
break;
case 'clear_stat':
osc_csrf_check();
$id = Params::getParam('id');
$stat = Params::getParam('stat');
if (!$id) {
return false;
}
if (!$stat) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
$success = $this->itemManager->clearStat($id, $stat);
if ($success) {
osc_add_flash_ok_message(_m('The listing has been unmarked as') . " {$stat}", 'admin');
} else {
osc_add_flash_error_message(_m("The listing hasn't been unmarked as") . " {$stat}", 'admin');
}
$this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
break;
case 'item_edit':
// edit item
$id = Params::getParam('id');
$item = Item::newInstance()->findByPrimaryKey($id);
if (count($item) <= 0) {
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
}
$csrf_token = osc_csrf_token_url();
if ($item['b_active']) {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=INACTIVE">' . __('Deactivate') . '</a>';
} else {
$actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=ACTIVE">' . __('Activate') . '</a>';
}
if ($item['b_enabled']) {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=DISABLE">' . __('Block') . '</a>';
} else {
$actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=ENABLE">' . __('Unblock') . '</a>';
}
if ($item['b_premium']) {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=0">' . __('Unmark as premium') . '</a>';
} else {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_premium&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=1">' . __('Mark as premium') . '</a>';
}
if ($item['b_spam']) {
$actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=0">' . __('Unmark as spam') . '</a>';
} else {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=items&action=status_spam&id=' . $item['pk_i_id'] . '&' . $csrf_token . '&value=1">' . __('Mark as spam') . '</a>';
}
$this->_exportVariableToView("actions", $actions);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
// save referer if belongs to manage items
// redirect only if ManageItems or ReportedListngs
if (Params::existServerParam('HTTP_REFERER')) {
$referer = Params::getServerParam('HTTP_REFERER', false, false);
if (preg_match('/page=items/', $referer)) {
if (preg_match("/action=([\\p{L}|_|-]+)/u", $referer, $matches)) {
if ($matches[1] == 'items_reported') {
Session::newInstance()->_set('osc_admin_referer', $referer);
}
} else {
// no actions - Manage Listings
Session::newInstance()->_set('osc_admin_referer', $referer);
}
}
}
$this->_exportVariableToView("item", $item);
$this->_exportVariableToView("new_item", FALSE);
osc_run_hook("before_item_edit", $item);
$this->doView('items/frm.php');
break;
case 'item_edit_post':
osc_csrf_check();
$mItems = new ItemActions(true);
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
$success = $mItems->edit();
if ($success == 1) {
osc_add_flash_ok_message(_m('Changes saved correctly'), 'admin');
$url = osc_admin_base_url(true) . "?page=items";
// if Referer is saved that means referer is ManageListings or ReportListings
if (Session::newInstance()->_get('osc_admin_referer') != '') {
$url = Session::newInstance()->_get('osc_admin_referer');
}
Session::newInstance()->_clearVariables();
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_dropKeepForm('meta_' . $key);
}
}
$this->redirectTo($url);
} else {
osc_add_flash_error_message($success, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items&action=item_edit&id=" . Params::getParam('id'));
}
break;
case 'deleteResource':
//delete resource
osc_csrf_check();
$id = Params::getParam('id');
$name = Params::getParam('name');
$fkid = Params::getParam('fkid');
// delete files
osc_deleteResource($id, true);
Log::newInstance()->insertLog('items', 'deleteResource', $id, $id, 'admin', osc_logged_admin_id());
$result = ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name));
if ($result === false) {
osc_add_flash_error_message(_m('An error has occurred'), 'admin');
} else {
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=items");
break;
case 'post':
// add item
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView("new_item", TRUE);
osc_run_hook('post_item');
$this->doView('items/frm.php');
break;
case 'post_item':
//post item
osc_csrf_check();
$mItem = new ItemActions(true);
$mItem->prepareData(true);
// set all parameters into session
foreach ($mItem->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
$success = $mItem->add();
if ($success == 1 || $success == 2) {
$url = osc_admin_base_url(true) . "?page=items";
// if Referer is saved that means referer is ManageListings or ReportListings
if (Session::newInstance()->_get('osc_admin_referer') != '') {
$url = Session::newInstance()->_get('osc_admin_referer');
Session::newInstance()->_drop('osc_admin_referer');
}
Session::newInstance()->_clearVariables();
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_dropKeepForm('meta_' . $key);
}
}
osc_add_flash_ok_message(_m('A new listing has been added'), 'admin');
$this->redirectTo($url);
} else {
osc_add_flash_error_message($success, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=items&action=post");
}
break;
case 'settings':
// calling the items settings view
$this->doView('items/settings.php');
break;
case 'settings_post':
// update item settings
osc_csrf_check();
$iUpdated = 0;
$enabledRecaptchaItems = Params::getParam('enabled_recaptcha_items');
$enabledRecaptchaItems = $enabledRecaptchaItems == '1' ? true : false;
$moderateItems = Params::getParam('moderate_items');
$moderateItems = $moderateItems != '' ? true : false;
$numModerateItems = Params::getParam('num_moderate_items');
$itemsWaitTime = Params::getParam('items_wait_time');
$loggedUserItemValidation = Params::getParam('logged_user_item_validation');
$loggedUserItemValidation = $loggedUserItemValidation != '' ? true : false;
$regUserPost = Params::getParam('reg_user_post');
$regUserPost = $regUserPost != '' ? true : false;
$notifyNewItem = Params::getParam('notify_new_item');
$notifyNewItem = $notifyNewItem != '' ? true : false;
$notifyContactItem = Params::getParam('notify_contact_item');
$notifyContactItem = $notifyContactItem != '' ? true : false;
$notifyContactFriends = Params::getParam('notify_contact_friends');
$notifyContactFriends = $notifyContactFriends != '' ? true : false;
$enabledFieldPriceItems = Params::getParam('enableField#f_price@items');
$enabledFieldPriceItems = $enabledFieldPriceItems != '' ? true : false;
$enabledFieldImagesItems = Params::getParam('enableField#images@items');
$enabledFieldImagesItems = $enabledFieldImagesItems != '' ? true : false;
$numImagesItems = Params::getParam('numImages@items');
if ($numImagesItems == '') {
$numImagesItems = 0;
}
$regUserCanContact = Params::getParam('reg_user_can_contact');
$regUserCanContact = $regUserCanContact != '' ? true : false;
$contactItemAttachment = Params::getParam('item_attachment');
$contactItemAttachment = $contactItemAttachment != '' ? true : false;
$warnExpiration = Params::getParam('warn_expiration');
$warnExpiration = (int) $warnExpiration;
$titleLength = Params::getParam('max_chars_per_title');
$descriptionLength = Params::getParam('max_chars_per_description');
$msg = '';
if (!osc_validate_int(Params::getParam("items_wait_time"))) {
$msg .= _m("Wait time must only contain numeric characters") . "<br/>";
}
if (Params::getParam("num_moderate_items") != '' && !osc_validate_int(Params::getParam("num_moderate_items"))) {
$msg .= _m("Number of moderated listings must only contain numeric characters") . "<br/>";
}
if (!osc_validate_int($numImagesItems)) {
$msg .= _m("Images per listing must only contain numeric characters") . "<br/>";
}
if (!osc_validate_int($warnExpiration)) {
$msg .= _m("Number of expiration days has to be a numeric value") . "<br/>";
}
if (!osc_validate_int($titleLength)) {
$msg .= _m("Title Length has to be a numeric value") . "<br/>";
}
if (!osc_validate_int($descriptionLength)) {
$msg .= _m("Description Length has to be a numeric value") . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings');
}
$iUpdated += osc_set_preference('enabled_recaptcha_items', $enabledRecaptchaItems);
if ($moderateItems) {
$iUpdated += osc_set_preference('moderate_items', $numModerateItems);
} else {
$iUpdated += osc_set_preference('moderate_items', '-1');
}
$iUpdated += osc_set_preference('logged_user_item_validation', $loggedUserItemValidation);
$iUpdated += osc_set_preference('reg_user_post', $regUserPost);
$iUpdated += osc_set_preference('notify_new_item', $notifyNewItem);
$iUpdated += osc_set_preference('notify_contact_item', $notifyContactItem);
$iUpdated += osc_set_preference('notify_contact_friends', $notifyContactFriends);
$iUpdated += osc_set_preference('enableField#f_price@items', $enabledFieldPriceItems);
$iUpdated += osc_set_preference('enableField#images@items', $enabledFieldImagesItems);
$iUpdated += osc_set_preference('items_wait_time', $itemsWaitTime);
$iUpdated += osc_set_preference('numImages@items', $numImagesItems);
$iUpdated += osc_set_preference('reg_user_can_contact', $regUserCanContact);
$iUpdated += osc_set_preference('item_attachment', $contactItemAttachment);
$iUpdated += osc_set_preference('warn_expiration', $warnExpiration);
$iUpdated += osc_set_preference('title_character_length', $titleLength);
$iUpdated += osc_set_preference('description_character_length', $descriptionLength);
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m("Listings' settings have been updated"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=items&action=settings');
break;
case 'items_reported':
require_once osc_lib_path() . "osclass/classes/datatables/ItemsDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$itemsDataTable = new ItemsDataTable();
$itemsDataTable->tableReported($params);
$aData = $itemsDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $itemsDataTable->rawRows());
//calling the view...
$this->doView('items/reported.php');
break;
default:
// default
require_once osc_lib_path() . "osclass/classes/datatables/ItemsDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$itemsDataTable = new ItemsDataTable();
$aData = $itemsDataTable->table($params);
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('withFilters', $itemsDataTable->withFilters());
$this->_exportVariableToView('aRawRows', $itemsDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Delete'))), 'label' => __('Delete')), array('value' => 'activate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'disable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'enable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unblock'))), 'label' => __('Unblock')), array('value' => 'premium_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Mark as premium'))), 'label' => __('Mark as premium')), array('value' => 'depremium_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unmark as premium'))), 'label' => __('Unmark as premium')), array('value' => 'spam_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Mark as spam'))), 'label' => __('Mark as spam')), array('value' => 'despam_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected listings?'), strtolower(__('Unmark as spam'))), 'label' => __('Unmark as spam')));
$bulk_options = osc_apply_filter("item_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
//calling the view...
$this->doView('items/index.php');
}
}
public function init()
{
if (Params::existServerParam('REQUEST_URI')) {
if (preg_match('|[\\?&]{1}http_referer=(.*)$|', urldecode(Params::getServerParam('REQUEST_URI', false, false)), $ref_match)) {
$this->http_referer = $ref_match[1];
$_SERVER['REQUEST_URI'] = preg_replace('|[\\?&]{1}http_referer=(.*)$|', "", urldecode(Params::getServerParam('REQUEST_URI', false, false)));
}
$request_uri = preg_replace('@^' . REL_WEB_URL . '@', "", urldecode(Params::getServerParam('REQUEST_URI', false, false)));
$this->raw_request_uri = $request_uri;
$route_used = false;
foreach ($this->routes as $id => $route) {
// UNCOMMENT TO DEBUG
//echo 'Request URI: '.$request_uri." # Match : ".$route['regexp']." # URI to go : ".$route['url']." <br />";
if (preg_match('#^' . $route['regexp'] . '#', $request_uri, $m)) {
if (!preg_match_all('#\\{([^\\}]+)\\}#', $route['url'], $args)) {
$args[1] = array();
}
$l = count($m);
for ($p = 1; $p < $l; $p++) {
if (isset($args[1][$p - 1])) {
Params::setParam($args[1][$p - 1], $m[$p]);
} else {
Params::setParam('route_param_' . $p, $m[$p]);
}
}
Params::setParam('page', 'custom');
Params::setParam('route', $id);
$route_used = true;
$this->location = $route['location'];
$this->section = $route['section'];
$this->title = $route['title'];
break;
}
}
if (!$route_used) {
if (osc_rewrite_enabled()) {
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
// if try to access directly to a php file
if (preg_match('#^(.+?)\\.php(.*)$#', $request_uri)) {
$file = explode("?", $request_uri);
if (!file_exists(ABS_PATH . $file[0])) {
Rewrite::newInstance()->set_location('error');
header('HTTP/1.1 404 Not Found');
osc_current_web_theme_path('404.php');
exit;
}
}
foreach ($this->rules as $match => $uri) {
// UNCOMMENT TO DEBUG
// echo 'Request URI: '.$request_uri." # Match : ".$match." # URI to go : ".$uri." <br />";
if (preg_match('#^' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
break;
}
}
}
$this->extractParams($request_uri);
$this->request_uri = $request_uri;
if (Params::getParam('page') != '') {
$this->location = Params::getParam('page');
}
if (Params::getParam('action') != '') {
$this->section = Params::getParam('action');
}
}
}
}
function osc_show_pagination_admin($aData)
{
$pageActual = isset($aData['iPage']) ? $aData['iPage'] : Params::getParam('iPage');
$urlActual = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
$urlActual = preg_replace('/&iPage=(\\d+)?/', '', $urlActual);
$pageTotal = ceil($aData['iTotalDisplayRecords'] / $aData['iDisplayLength']);
$params = array('total' => $pageTotal, 'selected' => $pageActual - 1, 'url' => $urlActual . '&iPage={PAGE}', 'sides' => 5);
?>
<div class="has-pagination">
<?php
osc_run_hook('before_show_pagination_admin');
?>
<?php
if ($pageTotal > 1) {
?>
<form method="get" action="<?php
echo $urlActual;
?>
" style="display:inline;">
<?php
foreach (Params::getParamsAsArray('get') as $key => $value) {
?>
<?php
if ($key != 'iPage') {
?>
<input type="hidden" name="<?php
echo osc_esc_html($key);
?>
" value="<?php
echo osc_esc_html($value);
?>
" />
<?php
}
}
?>
<ul>
<li>
<span class="list-first"><?php
_e('Page');
?>
</span>
</li>
<li class="pagination-input">
<input id="gotoPage" type="text" name="iPage" value="<?php
echo osc_esc_html($pageActual);
?>
"/><button type="submit"><?php
_e('Go!');
?>
</button>
</li>
</ul>
</form>
<?php
$pagination = new Pagination($params);
$aux = $pagination->doPagination();
echo $aux;
}
osc_run_hook('after_show_pagination_admin');
?>
</div>
<?php
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
osc_csrf_check();
switch (Params::getParam('bulk_actions')) {
case 'delete':
$ids = Params::getParam("id");
if (is_array($ids)) {
foreach ($ids as $id) {
osc_deleteResource($id, true);
}
$log_ids = substr(implode(",", $ids), 0, 250);
Log::newInstance()->insertLog('media', 'delete bulk', $log_ids, $log_ids, 'admin', osc_logged_admin_id());
$this->resourcesManager->deleteResourcesIds($ids);
}
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
break;
default:
if (Params::getParam("bulk_actions") != "") {
osc_run_hook("media_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id'));
}
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=media');
break;
case 'delete':
osc_csrf_check();
$ids = Params::getParam('id');
if (is_array($ids)) {
foreach ($ids as $id) {
osc_deleteResource($id, true);
}
$log_ids = substr(implode(",", $ids), 0, 250);
Log::newInstance()->insertLog('media', 'delete', $log_ids, $log_ids, 'admin', osc_logged_admin_id());
$this->resourcesManager->deleteResourcesIds($ids);
}
osc_add_flash_ok_message(_m('Resource deleted'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=media');
break;
default:
require_once osc_lib_path() . "osclass/classes/datatables/MediaDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$mediaDataTable = new MediaDataTable();
$mediaDataTable->table($params);
$aData = $mediaDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $mediaDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected media files?'), strtolower(__('Delete'))), 'label' => __('Delete')));
$bulk_options = osc_apply_filter("media_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
$this->doView('media/index.php');
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'edit':
if (Params::getParam("id") == '') {
$this->redirectTo(osc_admin_base_url(true) . "?page=emails");
}
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView("email", $this->emailManager->findByPrimaryKey(Params::getParam("id")));
$this->doView("emails/frm.php");
break;
case 'edit_post':
osc_csrf_check();
$id = Params::getParam("id");
$s_internal_name = Params::getParam("s_internal_name");
$aFieldsDescription = array();
$postParams = Params::getParamsAsArray('', false);
$not_empty = false;
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_title' && $v != '') {
$not_empty = true;
}
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
Session::newInstance()->_setForm('s_internal_name', $s_internal_name);
Session::newInstance()->_setForm('aFieldsDescription', $aFieldsDescription);
if ($not_empty) {
foreach ($aFieldsDescription as $k => $_data) {
$this->emailManager->updateDescription($id, $k, $_data['s_title'], $_data['s_text']);
}
if (!$this->emailManager->internalNameExists($id, $s_internal_name)) {
if (!$this->emailManager->isIndelible($id)) {
$this->emailManager->updateInternalName($id, $s_internal_name);
}
Session::newInstance()->_clearVariables();
osc_add_flash_ok_message(_m('The email/alert has been updated'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=emails");
}
osc_add_flash_error_message(_m('You can\'t repeat internal name'), 'admin');
} else {
osc_add_flash_error_message(_m('The email couldn\'t be updated, at least one title should not be empty'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=emails&action=edit&id=" . $id);
break;
default:
//-
if (Params::getParam('iDisplayLength') == '') {
Params::setParam('iDisplayLength', 10);
}
$p_iPage = 1;
if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
$p_iPage = Params::getParam('iPage');
}
Params::setParam('iPage', $p_iPage);
$prefLocale = osc_current_admin_locale();
$emails = $this->emailManager->listAll(1);
// pagination
$start = ($p_iPage - 1) * Params::getParam('iDisplayLength');
$limit = Params::getParam('iDisplayLength');
$count = count($emails);
$displayRecords = $limit;
if ($start + $limit > $count) {
$displayRecords = $start + $limit - $count;
}
// ----
$aData = array();
$max = $start + $limit;
if ($max > $count) {
$max = $count;
}
for ($i = $start; $i < $max; $i++) {
$email = $emails[$i];
if (isset($email['locale'][$prefLocale]) && !empty($email['locale'][$prefLocale]['s_title'])) {
$title = $email['locale'][$prefLocale];
} else {
$title = current($email['locale']);
}
$options = array();
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=emails&action=edit&id=' . $email["pk_i_id"] . '">' . __('Edit') . '</a>';
$auxOptions = '<ul>' . PHP_EOL;
foreach ($options as $actual) {
$auxOptions .= '<li>' . $actual . '</li>' . PHP_EOL;
}
$actions = '<div class="actions">' . $auxOptions . '</div>' . PHP_EOL;
$row = array();
$row[] = $email['s_internal_name'] . $actions;
$row[] = $title['s_title'];
$aData[] = $row;
}
// ----
$array['iTotalRecords'] = $displayRecords;
$array['iTotalDisplayRecords'] = count($emails);
$array['iDisplayLength'] = $limit;
$array['aaData'] = $aData;
$page = (int) Params::getParam('iPage');
if (count($array['aaData']) == 0 && $page != 1) {
$total = (int) $array['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $array['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aEmails', $array);
$this->doView("emails/index.php");
}
}
function recover_password()
{
$user = User::newInstance()->findByEmail(Params::getParam('s_email'));
Session::newInstance()->_set('recover_time', time());
if (osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
return 2;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (!$user || $user['b_enabled'] == 0) {
return 1;
}
$code = osc_genRandomPassword(30);
$date = date('Y-m-d H:i:s');
User::newInstance()->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => Params::getServerParam('REMOTE_ADDR')), array('pk_i_id' => $user['pk_i_id']));
$password_url = osc_forgot_user_password_confirm_url($user['pk_i_id'], $code);
osc_run_hook('hook_email_user_forgot_password', $user, $password_url);
return 0;
}
function get_ip()
{
if (Params::getServerParam('HTTP_CLIENT_IP') != '') {
return Params::getServerParam('HTTP_CLIENT_IP');
}
if (Params::getServerParam('HTTP_X_FORWARDED_FOR') != '') {
$ip_array = explode(',', Params::getServerParam('HTTP_X_FORWARDED_FOR'));
foreach ($ip_array as $ip) {
return trim($ip);
}
}
return Params::getServerParam('REMOTE_ADDR');
}
function doModel()
{
switch ($this->action) {
case 'add':
// caliing add view
$this->doView('languages/add.php');
break;
case 'add_post':
// adding a new language
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
osc_csrf_check();
$filePackage = Params::getFiles('package');
if (isset($filePackage['size']) && $filePackage['size'] != 0) {
$path = osc_translations_path();
(int) ($status = osc_unzip_file($filePackage['tmp_name'], $path));
@unlink($filePackage['tmp_name']);
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The translation folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
if (osc_checkLocales()) {
$msg = _m('The language has been installed correctly');
osc_add_flash_ok_message($msg, 'admin');
} else {
$msg = _m('There was a problem adding the language');
osc_add_flash_error_message($msg, 'admin');
}
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_warning_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=languages&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the language');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'edit':
// editing a language
$sLocale = Params::getParam('id');
if (!preg_match('/.{2}_.{2}/', $sLocale)) {
osc_add_flash_error_message(_m('Language id isn\'t in the correct format'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$aLocale = $this->localeManager->findByPrimaryKey($sLocale);
if (count($aLocale) == 0) {
osc_add_flash_error_message(_m('Language id doesn\'t exist'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$this->_exportVariableToView("aLocale", $aLocale);
$this->doView('languages/frm.php');
break;
case 'edit_post':
// edit language post
osc_csrf_check();
$iUpdated = 0;
$languageCode = Params::getParam('pk_c_code');
$enabledWebstie = Params::getParam('b_enabled');
$enabledBackoffice = Params::getParam('b_enabled_bo');
$languageName = Params::getParam('s_name');
$languageShortName = Params::getParam('s_short_name');
$languageDescription = Params::getParam('s_description');
$languageCurrencyFormat = Params::getParam('s_currency_format');
$languageDecPoint = Params::getParam('s_dec_point');
$languageNumDec = Params::getParam('i_num_dec');
$languageThousandsSep = Params::getParam('s_thousands_sep');
$languageDateFormat = Params::getParam('s_date_format');
$languageStopWords = Params::getParam('s_stop_words');
// formatting variables
if (!preg_match('/.{2}_.{2}/', $languageCode)) {
osc_add_flash_error_message(_m('Language id isn\'t in the correct format'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$enabledWebstie = $enabledWebstie != '' ? true : false;
$enabledBackoffice = $enabledBackoffice != '' ? true : false;
$languageName = strip_tags($languageName);
$languageName = trim($languageName);
$languageShortName = strip_tags($languageShortName);
$languageShortName = trim($languageShortName);
$languageDescription = strip_tags($languageDescription);
$languageDescription = trim($languageDescription);
$languageCurrencyFormat = strip_tags($languageCurrencyFormat);
$languageCurrencyFormat = trim($languageCurrencyFormat);
$languageDateFormat = strip_tags($languageDateFormat);
$languageDateFormat = trim($languageDateFormat);
$languageStopWords = strip_tags($languageStopWords);
$languageStopWords = trim($languageStopWords);
$msg = '';
if (!osc_validate_text($languageName)) {
$msg .= _m("Language name field is required") . "<br/>";
}
if (!osc_validate_text($languageShortName)) {
$msg .= _m("Language short name field is required") . "<br/>";
}
if (!osc_validate_text($languageDescription)) {
$msg .= _m("Language description field is required") . "<br/>";
}
if (!osc_validate_text($languageCurrencyFormat)) {
$msg .= _m("Currency format field is required") . "<br/>";
}
if (!osc_validate_int($languageNumDec)) {
$msg .= _m("Number of decimals must only contain numeric characters") . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages&action=edit&id=' . $languageCode);
}
$array = array('b_enabled' => $enabledWebstie, 'b_enabled_bo' => $enabledBackoffice, 's_name' => $languageName, 's_short_name' => $languageShortName, 's_description' => $languageDescription, 's_currency_format' => $languageCurrencyFormat, 's_dec_point' => $languageDecPoint, 'i_num_dec' => $languageNumDec, 's_thousands_sep' => $languageThousandsSep, 's_date_format' => $languageDateFormat, 's_stop_words' => $languageStopWords);
$iUpdated = $this->localeManager->update($array, array('pk_c_code' => $languageCode));
if ($iUpdated > 0) {
osc_add_flash_ok_message(sprintf(_m('%s has been updated'), $languageShortName), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'enable_selected':
osc_csrf_check();
$msg = _m('Selected languages have been enabled for the website');
$iUpdated = 0;
$aValues = array('b_enabled' => 1);
$id = Params::getParam('id');
if (!is_array($id)) {
osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
foreach ($id as $i) {
osc_translate_categories($i);
$iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
}
if ($iUpdated > 0) {
osc_add_flash_ok_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'disable_selected':
osc_csrf_check();
$msg = _m('Selected languages have been disabled for the website');
$msg_warning = '';
$iUpdated = 0;
$aValues = array('b_enabled' => 0);
$id = Params::getParam('id');
if (!is_array($id)) {
osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
foreach ($id as $i) {
if (osc_language() == $i) {
$msg_warning = sprintf(_m("%s can't be disabled because it's the default language"), osc_language());
continue;
}
$iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
}
if ($msg_warning != '') {
if ($iUpdated > 0) {
osc_add_flash_warning_message($msg . '</p><p>' . $msg_warning, 'admin');
} else {
osc_add_flash_warning_message($msg_warning, 'admin');
}
} else {
osc_add_flash_ok_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'enable_bo_selected':
osc_csrf_check();
$msg = _m('Selected languages have been enabled for the backoffice (oc-admin)');
$iUpdated = 0;
$aValues = array('b_enabled_bo' => 1);
$id = Params::getParam('id');
if (!is_array($id)) {
osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
foreach ($id as $i) {
osc_translate_categories($i);
$iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
}
if ($iUpdated > 0) {
osc_add_flash_ok_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'disable_bo_selected':
osc_csrf_check();
$msg = _m('Selected languages have been disabled for the backoffice (oc-admin)');
$msg_warning = '';
$iUpdated = 0;
$aValues = array('b_enabled_bo' => 0);
$id = Params::getParam('id');
if (!is_array($id)) {
osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
foreach ($id as $i) {
if (osc_language() == $i) {
$msg_warning = sprintf(_m("%s can't be disabled because it's the default language"), osc_language());
continue;
}
$iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
}
if ($msg_warning != '') {
if ($iUpdated > 0) {
osc_add_flash_warning_message($msg . '</p><p>' . $msg_warning, 'admin');
} else {
osc_add_flash_warning_message($msg_warning, 'admin');
}
} else {
osc_add_flash_ok_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'delete':
osc_csrf_check();
if (is_array(Params::getParam('id'))) {
$default_lang = osc_language();
foreach (Params::getParam('id') as $code) {
if ($default_lang != $code) {
if ($this->localeManager->deleteLocale($code)) {
if (!osc_deleteDir(osc_translations_path() . $code)) {
osc_add_flash_error_message(sprintf(_m("Directory '%s' couldn't be removed"), $code), 'admin');
} else {
osc_add_flash_ok_message(sprintf(_m('Directory "%s" has been successfully removed'), $code), 'admin');
}
} else {
osc_add_flash_error_message(sprintf(_m("Directory '%s' couldn't be removed;)"), $code), 'admin');
}
} else {
osc_add_flash_error_message(sprintf(_m("Directory '%s' couldn't be removed because it's the default language. Set another language as default first and try again"), $code), 'admin');
}
}
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
default:
if (Params::getParam('checkUpdated') != '') {
osc_admin_toolbar_update_languages(true);
}
if (Params::getParam("action") != "") {
osc_run_hook("language_bulk_" . Params::getParam("action"), Params::getParam('id'));
}
// -----
if (Params::getParam('iDisplayLength') == '') {
Params::setParam('iDisplayLength', 10);
}
// ?
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
$p_iPage = 1;
if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
$p_iPage = Params::getParam('iPage');
}
Params::setParam('iPage', $p_iPage);
$aLanguages = OSCLocale::newInstance()->listAll();
// pagination
$start = ($p_iPage - 1) * Params::getParam('iDisplayLength');
$limit = Params::getParam('iDisplayLength');
$count = count($aLanguages);
$displayRecords = $limit;
if ($start + $limit > $count) {
$displayRecords = $start + $limit - $count;
}
// ----
$aLanguagesToUpdate = json_decode(osc_get_preference('languages_to_update'));
$bLanguagesToUpdate = is_array($aLanguagesToUpdate) ? true : false;
// ----
$aData = array();
$max = $start + $limit;
if ($max > $count) {
$max = $count;
}
for ($i = $start; $i < $max; $i++) {
$l = $aLanguages[$i];
$row = array();
$row[] = '<input type="checkbox" name="id[]" value="' . $l['pk_c_code'] . '" />';
$options = array();
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=languages&action=edit&id=' . $l['pk_c_code'] . '">' . __('Edit') . '</a>';
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=languages&action=' . ($l['b_enabled'] == 1 ? 'disable_selected' : 'enable_selected') . '&id[]=' . $l['pk_c_code'] . '&' . osc_csrf_token_url() . '">' . ($l['b_enabled'] == 1 ? __('Disable (website)') : __('Enable (website)')) . '</a> ';
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=languages&action=' . ($l['b_enabled_bo'] == 1 ? 'disable_bo_selected' : 'enable_bo_selected') . '&id[]=' . $l['pk_c_code'] . '&' . osc_csrf_token_url() . '">' . ($l['b_enabled_bo'] == 1 ? __('Disable (oc-admin)') : __('Enable (oc-admin)')) . '</a>';
$options[] = '<a onclick="return delete_dialog(\'' . $l['pk_c_code'] . '\');" href="' . osc_admin_base_url(true) . '?page=languages&action=delete&id[]=' . $l['pk_c_code'] . '&' . osc_csrf_token_url() . '">' . __('Delete') . '</a>';
$auxOptions = '<ul>' . PHP_EOL;
foreach ($options as $actual) {
$auxOptions .= '<li>' . $actual . '</li>' . PHP_EOL;
}
$actions = '<div class="actions">' . $auxOptions . '</div>' . PHP_EOL;
$sUpdate = '';
// get languages to update from t_preference
if ($bLanguagesToUpdate) {
if (in_array($l['pk_c_code'], $aLanguagesToUpdate)) {
$sUpdate = '<a class="btn-market-update btn-market-popup" href="#' . htmlentities($l['pk_c_code']) . '">' . __("Update here") . '</a>';
}
}
$row[] = $l['s_name'] . $sUpdate . $actions;
$row[] = $l['s_short_name'];
$row[] = $l['s_description'];
$row[] = $l['b_enabled'] ? __('Yes') : __('No');
$row[] = $l['b_enabled_bo'] ? __('Yes') : __('No');
$aData[] = $row;
}
// ----
$array['iTotalRecords'] = $displayRecords;
$array['iTotalDisplayRecords'] = count($aLanguages);
$array['iDisplayLength'] = $limit;
$array['aaData'] = $aData;
$page = (int) Params::getParam('iPage');
if (count($array['aaData']) == 0 && $page != 1) {
$total = (int) $array['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $array['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aLanguages', $array);
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'enable_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Enable (Website)'))), 'label' => __('Enable (Website)')), array('value' => 'disable_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Disable (Website)'))), 'label' => __('Disable (Website)')), array('value' => 'enable_bo_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Enable (oc-admin)'))), 'label' => __('Enable (oc-admin)')), array('value' => 'disable_bo_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Disable (oc-admin)'))), 'label' => __('Disable (oc-admin)')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Delete'))), 'label' => __('Delete')));
$bulk_options = osc_apply_filter("language_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
$this->doView('languages/index.php');
break;
}
}
/**
* Check is an email and IP are banned
*
* @param string $email
* @param string $ip
* @since 3.1
* @return int 0: not banned, 1: email is banned, 2: IP is banned
*/
function osc_is_banned($email = '', $ip = null)
{
if ($ip == null) {
$ip = Params::getServerParam('REMOTE_ADDR');
}
$rules = BanRule::newInstance()->listAll();
if (!osc_is_ip_banned($ip, $rules)) {
if ($email != '') {
return osc_is_email_banned($email, $rules) ? 1 : 0;
// 1:Email is banned, 0:not banned
}
return 0;
}
return 2;
//IP is banned
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'create':
// calling create view
$aRegions = array();
$aCities = array();
$aCountries = Country::newInstance()->listAll();
if (isset($aCountries[0]['pk_c_code'])) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
if (isset($aRegions[0]['pk_i_id'])) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
$this->_exportVariableToView('user', null);
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
$this->doView("users/frm.php");
break;
case 'create_post':
// creating the user...
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(true);
$success = $userActions->add();
switch ($success) {
case 1:
osc_add_flash_ok_message(_m("The user has been created. We've sent an activation e-mail"), 'admin');
break;
case 2:
osc_add_flash_ok_message(_m('The user has been created successfully'), 'admin');
break;
default:
osc_add_flash_error_message($success, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'edit':
// calling the edit view
$aUser = $this->userManager->findByPrimaryKey(Params::getParam("id"));
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($aUser['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->findByCountry($aUser['fk_c_country_code']);
} else {
if (count($aCountries) > 0) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
}
$aCities = array();
if ($aUser['fk_i_region_id'] != '') {
$aCities = City::newInstance()->findByRegion($aUser['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
}
$csrf_token = osc_csrf_token_url();
if ($aUser['b_active']) {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=users&action=deactivate&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=INACTIVE">' . __('Deactivate') . '</a>';
} else {
$actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=users&action=activate&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=ACTIVE">' . __('Activate') . '</a>';
}
if ($aUser['b_enabled']) {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=users&action=disable&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=DISABLE">' . __('Block') . '</a>';
} else {
$actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=users&action=enable&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=ENABLE">' . __('Unblock') . '</a>';
}
$this->_exportVariableToView("actions", $actions);
$this->_exportVariableToView("user", $aUser);
$this->_exportVariableToView("countries", $aCountries);
$this->_exportVariableToView("regions", $aRegions);
$this->_exportVariableToView("cities", $aCities);
$this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
$this->doView("users/frm.php");
break;
case 'edit_post':
// edit post
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(true);
$success = $userActions->edit(Params::getParam("id"));
if ($success == 1) {
osc_add_flash_ok_message(_m('The user has been updated'), 'admin');
} else {
if ($success == 2) {
osc_add_flash_ok_message(_m('The user has been updated and activated'), 'admin');
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('id'));
}
}
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'resend_activation':
//activate
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
$userActions = new UserActions(true);
foreach ($userId as $id) {
$iUpdated += $userActions->resend_activation($id);
}
if ($iUpdated == 0) {
osc_add_flash_error_message(_m('No users have been selected'), 'admin');
} else {
osc_add_flash_ok_message(sprintf(_mn('Activation email sent to one user', 'Activation email sent to %s users', $iUpdated), $iUpdated), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'activate':
//activate
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
$userActions = new UserActions(true);
foreach ($userId as $id) {
$iUpdated += $userActions->activate($id);
}
if ($iUpdated == 0) {
$msg = _m('No users have been activated');
} else {
$msg = sprintf(_mn('One user has been activated', '%s users have been activated', $iUpdated), $iUpdated);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
break;
case 'deactivate':
//deactivate
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
$userActions = new UserActions(true);
foreach ($userId as $id) {
$iUpdated += $userActions->deactivate($id);
}
if ($iUpdated == 0) {
$msg = _m('No users have been deactivated');
} else {
$msg = sprintf(_mn('One user has been deactivated', '%s users have been deactivated', $iUpdated), $iUpdated);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
break;
case 'enable':
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
$userActions = new UserActions(true);
foreach ($userId as $id) {
$iUpdated += $userActions->enable($id);
}
if ($iUpdated == 0) {
$msg = _m('No users have been enabled');
} else {
$msg = sprintf(_mn('One user has been unblocked', '%s users have been unblocked', $iUpdated), $iUpdated);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
break;
case 'disable':
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
$userActions = new UserActions(true);
foreach ($userId as $id) {
$iUpdated += $userActions->disable($id);
}
if ($iUpdated == 0) {
$msg = _m('No users have been disabled');
} else {
$msg = sprintf(_mn('One user has been blocked', '%s users have been blocked', $iUpdated), $iUpdated);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo(Params::getServerParam('HTTP_REFERER', false, false));
break;
case 'delete':
//delete
osc_csrf_check();
$iDeleted = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
foreach ($userId as $id) {
$user = $this->userManager->findByPrimaryKey($id);
Log::newInstance()->insertLog('user', 'delete', $id, $user['s_email'], 'admin', osc_logged_admin_id());
if ($this->userManager->deleteUser($id)) {
$iDeleted++;
}
}
if ($iDeleted == 0) {
$msg = _m('No users have been deleted');
} else {
$msg = sprintf(_mn('One user has been deleted', '%s users have been deleted', $iDeleted), $iDeleted);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'delete_alerts':
//delete
$iDeleted = 0;
$alertId = Params::getParam('alert_id');
if (!is_array($alertId)) {
osc_add_flash_error_message(_m("Alert id isn't in the correct format"), 'admin');
if (Params::getParam('user_id') == '') {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
} else {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
}
}
$mAlerts = new Alerts();
foreach ($alertId as $id) {
Log::newInstance()->insertLog('user', 'delete_alerts', $id, $id, 'admin', osc_logged_admin_id());
$iDeleted += $mAlerts->delete(array('pk_i_id' => $id));
}
if ($iDeleted == 0) {
$msg = _m('No alerts have been deleted');
} else {
$msg = sprintf(_mn('One alert has been deleted', '%s alerts have been deleted', $iDeleted), $iDeleted);
}
osc_add_flash_ok_message($msg, 'admin');
if (Params::getParam('user_id') == '') {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
} else {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
}
break;
case 'status_alerts':
//delete
$status = Params::getParam("status");
$iUpdated = 0;
$alertId = Params::getParam('alert_id');
if (!is_array($alertId)) {
osc_add_flash_error_message(_m("Alert id isn't in the correct format"), 'admin');
if (Params::getParam('user_id') == '') {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
} else {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
}
}
$mAlerts = new Alerts();
foreach ($alertId as $id) {
if ($status == 1) {
$iUpdated += $mAlerts->activate($id);
} else {
$iUpdated += $mAlerts->deactivate($id);
}
}
if ($status == 1) {
if ($iUpdated == 0) {
$msg = _m('No alerts have been activated');
} else {
$msg = sprintf(_mn('One alert has been activated', '%s alerts have been activated', $iUpdated), $iUpdated);
}
} else {
if ($iUpdated == 0) {
$msg = _m('No alerts have been deactivated');
} else {
$msg = sprintf(_mn('One alert has been deactivated', '%s alerts have been deactivated', $iUpdated), $iUpdated);
}
}
osc_add_flash_ok_message($msg, 'admin');
if (Params::getParam('user_id') == '') {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
} else {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
}
break;
case 'settings':
// calling the users settings view
$this->doView('users/settings.php');
break;
case 'settings_post':
// updating users
osc_csrf_check();
$iUpdated = 0;
$enabledUserValidation = Params::getParam('enabled_user_validation');
$enabledUserValidation = $enabledUserValidation != '' ? true : false;
$enabledUserRegistration = Params::getParam('enabled_user_registration');
$enabledUserRegistration = $enabledUserRegistration != '' ? true : false;
$enabledUsers = Params::getParam('enabled_users');
$enabledUsers = $enabledUsers != '' ? true : false;
$notifyNewUser = Params::getParam('notify_new_user');
$notifyNewUser = $notifyNewUser != '' ? true : false;
$usernameBlacklistTmp = explode(",", Params::getParam('username_blacklist'));
foreach ($usernameBlacklistTmp as $k => $v) {
$usernameBlacklistTmp[$k] = strtolower(trim($v));
}
$usernameBlacklist = implode(",", $usernameBlacklistTmp);
$iUpdated += osc_set_preference('enabled_user_validation', $enabledUserValidation);
$iUpdated += osc_set_preference('enabled_user_registration', $enabledUserRegistration);
$iUpdated += osc_set_preference('enabled_users', $enabledUsers);
$iUpdated += osc_set_preference('notify_new_user', $notifyNewUser);
$iUpdated += osc_set_preference('username_blacklist', $usernameBlacklist);
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m("User settings have been updated"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=settings');
break;
case 'alerts':
// manage alerts view
require_once osc_lib_path() . "osclass/classes/datatables/AlertsDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$alertsDataTable = new AlertsDataTable();
$alertsDataTable->table($params);
$aData = $alertsDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $alertsDataTable->rawRows());
$this->doView("users/alerts.php");
break;
case 'ban':
// manage ban rules view
if (Params::getParam("action") != "") {
osc_run_hook("ban_rules_bulk_" . Params::getParam("action"), Params::getParam('id'));
}
require_once osc_lib_path() . "osclass/classes/datatables/BanRulesDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$banRulesDataTable = new BanRulesDataTable();
$banRulesDataTable->table($params);
$aData = $banRulesDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $banRulesDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_ban_rule', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected ban rules?'), strtolower(__('Delete'))), 'label' => __('Delete')));
$bulk_options = osc_apply_filter("ban_rule_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
//calling the view...
$this->doView('users/ban.php');
break;
case 'edit_ban_rule':
$this->_exportVariableToView('rule', BanRule::newInstance()->findByPrimaryKey(Params::getParam('id')));
$this->doView('users/ban_frm.php');
break;
case 'edit_ban_rule_post':
osc_csrf_check();
if (Params::getParam('s_ip') == '' && Params::getParam('s_email') == '') {
osc_add_flash_warning_message(_m("Both rules can not be empty"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
}
BanRule::newInstance()->update(array('s_name' => Params::getParam('s_name'), 's_ip' => Params::getParam('s_ip'), 's_email' => strtolower(Params::getParam('s_email'))), array('pk_i_id' => Params::getParam('id')));
osc_add_flash_ok_message(_m('Rule updated correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
break;
case 'create_ban_rule':
$this->_exportVariableToView('rule', null);
$this->doView('users/ban_frm.php');
break;
case 'create_ban_rule_post':
osc_csrf_check();
if (Params::getParam('s_ip') == '' && Params::getParam('s_email') == '') {
osc_add_flash_warning_message(_m("Both rules can not be empty"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
}
BanRule::newInstance()->insert(array('s_name' => Params::getParam('s_name'), 's_ip' => Params::getParam('s_ip'), 's_email' => strtolower(Params::getParam('s_email'))));
osc_add_flash_ok_message(_m('Rule saved correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
break;
case 'delete_ban_rule':
//delete ban rules
osc_csrf_check();
$iDeleted = 0;
$ruleId = Params::getParam('id');
if (!is_array($ruleId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
}
$ruleMgr = BanRule::newInstance();
foreach ($ruleId as $id) {
if ($ruleMgr->deleteByPrimaryKey($id)) {
$iDeleted++;
}
}
if ($iDeleted == 0) {
$msg = _m('No rules have been deleted');
} else {
$msg = sprintf(_mn('One ban rule has been deleted', '%s ban rules have been deleted', $iDeleted), $iDeleted);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
break;
default:
// manage users view
if (Params::getParam("action") != "") {
osc_run_hook("user_bulk_" . Params::getParam("action"), Params::getParam('id'));
}
require_once osc_lib_path() . "osclass/classes/datatables/UsersDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$usersDataTable = new UsersDataTable();
$usersDataTable->table($params);
$aData = $usersDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('withFilters', $usersDataTable->withFilters());
$this->_exportVariableToView('aRawRows', $usersDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'activate', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'enable', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Unblock'))), 'label' => __('Unblock')), array('value' => 'disable', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Delete'))), 'label' => __('Delete')));
if (osc_user_validation_enabled()) {
$bulk_options[] = array('value' => 'resend_activation', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Resend the activation to'))), 'label' => __('Resend activation'));
}
$bulk_options = osc_apply_filter("user_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
//calling the view...
$this->doView('users/index.php');
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'edit':
if (Params::getParam("id") == '') {
$this->redirectTo(osc_admin_base_url(true) . "?page=pages");
}
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$templates = osc_apply_filter('page_templates', WebThemes::newInstance()->getAvailableTemplates());
$this->_exportVariableToView('templates', $templates);
$this->_exportVariableToView("page", $this->pageManager->findByPrimaryKey(Params::getParam("id")));
$this->doView("pages/frm.php");
break;
case 'edit_post':
osc_csrf_check();
$id = Params::getParam("id");
$b_link = Params::getParam("b_link") != '' ? 1 : 0;
$s_internal_name = Params::getParam("s_internal_name");
$s_internal_name = osc_sanitizeString($s_internal_name);
$meta = Params::getParam('meta');
$this->pageManager->updateMeta($id, json_encode($meta));
$aFieldsDescription = array();
$postParams = Params::getParamsAsArray('', false);
$not_empty = false;
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_title' && $v != '') {
$not_empty = true;
}
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
Session::newInstance()->_setForm('aFieldsDescription', $aFieldsDescription);
if ($s_internal_name == '') {
osc_add_flash_error_message(_m('You have to set an internal name'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=edit&id=" . $id);
}
if (!WebThemes::newInstance()->isValidPage($s_internal_name)) {
osc_add_flash_error_message(_m('You have to set a different internal name'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=edit&id=" . $id);
}
Session::newInstance()->_setForm('s_internal_name', $s_internal_name);
if ($not_empty) {
foreach ($aFieldsDescription as $k => $_data) {
$this->pageManager->updateDescription($id, $k, $_data['s_title'], $_data['s_text']);
}
if (!$this->pageManager->internalNameExists($id, $s_internal_name)) {
if (!$this->pageManager->isIndelible($id)) {
$this->pageManager->updateInternalName($id, $s_internal_name);
$this->pageManager->updateLink($id, $b_link);
}
osc_run_hook('edit_page', $id);
Session::newInstance()->_clearVariables();
osc_add_flash_ok_message(_m('The page has been updated'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=pages");
}
osc_add_flash_error_message(_m("You can't repeat internal name"), 'admin');
} else {
osc_add_flash_error_message(_m("The page couldn't be updated, at least one title should not be empty"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=edit&id=" . $id);
break;
case 'add':
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$templates = osc_apply_filter('page_templates', WebThemes::newInstance()->getAvailableTemplates());
$this->_exportVariableToView('templates', $templates);
$this->_exportVariableToView("page", array());
$this->doView("pages/frm.php");
break;
case 'add_post':
osc_csrf_check();
$s_internal_name = Params::getParam("s_internal_name");
$b_link = Params::getParam("b_link") != '' ? 1 : 0;
$s_internal_name = osc_sanitizeString($s_internal_name);
$meta = Params::getParam('meta');
$aFieldsDescription = array();
$postParams = Params::getParamsAsArray('', false);
$not_empty = false;
foreach ($postParams as $k => $v) {
if (preg_match('|(.+?)#(.+)|', $k, $m)) {
if ($m[2] == 's_title' && $v != '') {
$not_empty = true;
}
$aFieldsDescription[$m[1]][$m[2]] = $v;
}
}
Session::newInstance()->_setForm('aFieldsDescription', $aFieldsDescription);
if ($s_internal_name == '') {
osc_add_flash_error_message(_m('You have to set an internal name'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=add");
}
if (!WebThemes::newInstance()->isValidPage($s_internal_name)) {
osc_add_flash_error_message(_m('You have to set a different internal name'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=add");
}
$aFields = array('s_internal_name' => $s_internal_name, 'b_indelible' => '0', 's_meta' => json_encode($meta), 'b_link' => $b_link);
Session::newInstance()->_setForm('s_internal_name', $s_internal_name);
$page = $this->pageManager->findByInternalName($s_internal_name);
if (!isset($page['pk_i_id'])) {
if ($not_empty) {
$result = $this->pageManager->insert($aFields, $aFieldsDescription);
Session::newInstance()->_clearVariables();
osc_add_flash_ok_message(_m('The page has been added'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=pages");
} else {
osc_add_flash_error_message(_m("The page couldn't be added, at least one title should not be empty"), 'admin');
}
} else {
osc_add_flash_error_message(_m("Oops! That internal name is already in use. We can't make the changes"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=pages&action=add");
break;
case 'delete':
osc_csrf_check();
$id = Params::getParam("id");
$page_deleted_correcty = 0;
$page_deleted_error = 0;
$page_indelible = 0;
if (!is_array($id)) {
$id = array($id);
}
foreach ($id as $_id) {
$result = (int) $this->pageManager->deleteByPrimaryKey($_id);
switch ($result) {
case -1:
$page_indelible++;
break;
case 0:
$page_deleted_error++;
break;
case 1:
$page_deleted_correcty++;
}
}
if ($page_indelible > 0) {
if ($page_indelible == 1) {
osc_add_flash_error_message(_m("One page can't be deleted because it is indelible"), 'admin');
} else {
osc_add_flash_error_message(sprintf(_m("%s pages couldn't be deleted because they are indelible"), $page_indelible), 'admin');
}
}
if ($page_deleted_error > 0) {
if ($page_deleted_error == 1) {
osc_add_flash_error_message(_m("One page couldn't be deleted"), 'admin');
} else {
osc_add_flash_error_message(sprintf(_m("%s pages couldn't be deleted"), $page_deleted_error), 'admin');
}
}
if ($page_deleted_correcty > 0) {
if ($page_deleted_correcty == 1) {
osc_add_flash_ok_message(_m('One page has been deleted correctly'), 'admin');
} else {
osc_add_flash_ok_message(sprintf(_m('%s pages have been deleted correctly'), $page_deleted_correcty), 'admin');
}
}
$this->redirectTo(osc_admin_base_url(true) . "?page=pages");
break;
default:
if (Params::getParam("action") != "") {
osc_run_hook("page_bulk_" . Params::getParam("action"), Params::getParam('id'));
}
require_once osc_lib_path() . "osclass/classes/datatables/PagesDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
$listing_iDisplayLength = (int) Cookie::newInstance()->get_value('listing_iDisplayLength');
if ($listing_iDisplayLength == 0) {
$listing_iDisplayLength = 10;
}
Params::setParam('iDisplayLength', $listing_iDisplayLength);
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$pagesDataTable = new PagesDataTable();
$pagesDataTable->table($params);
$aData = $pagesDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $pagesDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected pages?'), strtolower(__('Delete'))), 'label' => __('Delete')));
$bulk_options = osc_apply_filter("page_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
$this->doView("pages/index.php");
break;
}
}
public function getSize()
{
if (Params::existServerParam("CONTENT_LENGTH")) {
return (int) Params::getServerParam("CONTENT_LENGTH");
} else {
throw new Exception(__('Getting content length is not supported.'));
}
}
*
* This program is free software: you can redistribute it and/or
* modify it under the terms of the GNU Affero General Public License
* as published by the Free Software Foundation, either version 3 of
* the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
// meta tag robots
if (osc_count_items() == 0 || stripos(Params::getServerParam('REQUEST_URI', false, false), 'search')) {
osc_add_hook('header', 'bender_nofollow_construct');
} else {
osc_add_hook('header', 'bender_follow_construct');
}
bender_add_body_class('search');
$listClass = '';
$buttonClass = '';
if (osc_search_show_as() == 'gallery') {
$listClass = 'listing-grid';
$buttonClass = 'active';
}
osc_add_hook('before-main', 'sidebar');
function sidebar()
{
osc_current_web_theme_path('search-sidebar.php');
/**
*
*/
function osc_get_http_referer()
{
$ref = Rewrite::newInstance()->get_http_referer();
if ($ref != '') {
return $ref;
} else {
if (Session::newInstance()->_getReferer() != '') {
return Session::newInstance()->_getReferer();
} else {
if (Params::existServerParam('HTTP_REFERER')) {
if (filter_var(Params::getServerParam('HTTP_REFERER', false, false), FILTER_VALIDATE_URL)) {
return Params::getServerParam('HTTP_REFERER', false, false);
}
}
}
}
return '';
}
function display_target()
{
$country_list = osc_file_get_contents('http://geo.osclass.org/newgeo.services.php?action=countries');
$country_list = json_decode(substr($country_list, 1, strlen($country_list) - 2), true);
$region_list = array();
$country_ip = '';
if (preg_match('|([a-z]{2})-([A-Z]{2})|', Params::getServerParam('HTTP_ACCEPT_LANGUAGE'), $match)) {
$country_ip = $match[2];
$region_list = osc_file_get_contents('http://geo.osclass.org/newgeo.services.php?action=regions&country=' . $match[2]);
$region_list = json_decode(substr($region_list, 1, strlen($region_list) - 2), true);
}
if (!isset($country_list[0]) || !isset($country_list[0]['s_name'])) {
$internet_error = true;
}
?>
<form id="target_form" name="target_form" action="#" method="post" onsubmit="return false;">
<h2 class="target"><?php
_e('Information needed');
?>
</h2>
<div class="form-table">
<h2 class="title"><?php
_e('Admin user');
?>
</h2>
<table class="admin-user">
<tbody>
<tr>
<th><label for="admin_user"><?php
_e('Username');
?>
</label></th>
<td>
<input size="25" id="admin_user" name="s_name" type="text" value="admin" />
</td>
<td>
<span id="admin-user-error" class="error" aria-hidden="true" style="display:none;"><?php
_e('Admin user is required');
?>
</span>
</td>
</tr>
<tr>
<th><label for="s_passwd"><?php
_e('Password');
?>
</label></th>
<td>
<input size="25" class="password_test" name="s_passwd" id="s_passwd" type="password" value="" autocomplete="off" />
</td>
<td></td>
</tr>
</tbody>
</table>
<div class="admin-user">
<?php
_e('A password will be automatically generated for you if you leave this blank.');
?>
<img src="<?php
echo get_absolute_url();
?>
oc-includes/images/question.png" class="question-skip vtip" title="<?php
echo osc_esc_html(__('You can modify username and password if you like, just change the input value.'));
?>
" alt="" />
</div>
<h2 class="title"><?php
_e('Contact information');
?>
</h2>
<table class="contact-info">
<tbody>
<tr>
<th><label for="webtitle"><?php
_e('Web title');
?>
</label></th>
<td><input type="text" id="webtitle" name="webtitle" size="25" /></td>
<td></td>
</tr>
<tr>
<th><label for="email"><?php
_e('Contact e-mail');
?>
</label></th>
<td><input type="text" id="email" name="email" size="25" /></td>
<td><span id="email-error" class="error" style="display:none;"><?php
_e('Put your e-mail here');
?>
</span></td>
</tr>
</tbody>
</table>
<h2 class="title"><?php
_e('Location');
?>
</h2>
<p class="space-left-25 left no-bottom"><?php
_e('Choose countries/cities where your target users are located');
?>
</p>
<div id="location-question" class="left question">
<img class="vtip" src="<?php
echo get_absolute_url();
?>
oc-includes/images/question.png" title="<?php
echo osc_esc_html(__("Once you type a country, you'll be able to choose region and city as well. Therefore, the installation will be more specific."));
?>
" alt="" />
</div>
<div class="clear"></div>
<div id="location">
<?php
if (!$internet_error) {
?>
<input type="hidden" id="skip-location-input" name="skip-location-input" value="0" />
<input type="hidden" id="country-input" name="country-input" value="" />
<input type="hidden" id="region-input" name="region-input" value="" />
<input type="hidden" id="city-input" name="city-input" value="" />
<div id="country-box">
<select name="country_select" id="country_select" >
<option value="skip"><?php
_e("Skip location");
?>
</option>
<!-- <option value="all"><?php
_e("International");
?>
</option> -->
<?php
foreach ($country_list as $c) {
?>
<option value="<?php
echo $c['code'];
?>
" <?php
if ($c['code'] == $country_ip) {
echo 'selected="selected"';
}
?>
><?php
echo $c['s_name'];
?>
</option>
<?php
}
?>
</select>
<select name="region_select" id="region_select" style="display: none;">
<option value="all"><?php
_e("All regions");
?>
</option>
</select>
<select name="city_select" id="city_select" style="display: none;">
<option value="all"><?php
_e("All cities");
?>
</option>
</select>
<div id="no_region_text" aria-hidden="true" style="display: none;"><?php
_e("There are no regions available for this country");
?>
</div>
<div id="no_city_text" aria-hidden="true" style="display: none;"><?php
_e("There are no cities available for this region");
?>
</div>
</div>
<?php
} else {
?>
<div id="location-error">
<?php
_e('No internet connection. You can continue the installation and insert countries later.');
?>
<input type="hidden" id="skip-location-input" name="skip-location-input" value="1" />
</div>
<?php
}
?>
</div>
</div>
<div class="clear"></div>
<p class="margin20">
<a href="#" class="button" onclick="validate_form();">Next</a>
</p>
<div class="clear"></div>
</form>
<div id="lightbox" style="display:none;">
<div class="center">
<img src="<?php
echo get_absolute_url();
?>
oc-includes/images/loading.gif" alt="<?php
echo osc_esc_html(__("Loading..."));
?>
" title="" />
</div>
</div>
<?php
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
Session::newInstance()->_setReferer(osc_item_post_url());
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
if (Session::newInstance()->_getForm('countryId') != "") {
$countryId = Session::newInstance()->_getForm('countryId');
$regions = Region::newInstance()->findByCountry($countryId);
$this->_exportVariableToView('regions', $regions);
if (Session::newInstance()->_getForm('regionId') != "") {
$regionId = Session::newInstance()->_getForm('regionId');
$cities = City::newInstance()->findByRegion($regionId);
$this->_exportVariableToView('cities', $cities);
}
}
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
osc_csrf_check();
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
$this->redirectTo(osc_base_url(true));
}
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(true);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (!osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByEmail($mItems->data['contactEmail']);
// The user exists but it's not logged
if (isset($user['pk_i_id'])) {
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_keepForm($key);
}
osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in'));
$this->redirectTo(osc_user_login_url());
}
}
$banned = osc_is_banned($mItems->data['contactEmail']);
if ($banned == 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
$this->redirectTo(osc_item_post_url());
} else {
if ($banned == 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
$this->redirectTo(osc_item_post_url());
}
}
// POST ITEM ( ADD ITEM )
$success = $mItems->add();
if ($success != 1 && $success != 2) {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_post_url());
} else {
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_dropKeepForm('meta_' . $key);
}
}
Session::newInstance()->_clearVariables();
if ($success == 1) {
osc_add_flash_ok_message(_m('Check your inbox to validate your listing'));
} else {
osc_add_flash_ok_message(_m('Your listing has been published'));
}
$itemId = Params::getParam('itemId');
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
}
break;
case 'item_edit':
// edit item
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView('item', $item);
osc_run_hook("before_item_edit", $item);
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID"));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
osc_csrf_check();
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_items_enabled() && osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_edit_url($secret, $id));
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$success = $mItems->edit();
if ($success == 1) {
osc_add_flash_ok_message(_m("Great! We've just updated your listing"));
View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id));
$this->redirectTo(osc_item_url());
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_edit_url($secret, $id));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
// item doesn't exist
if (count($item) == 0) {
$this->do404();
return;
}
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['b_active'] == 0) {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_ok_message(_m('The listing has been validated'));
} else {
osc_add_flash_error_message(_m("The listing can't be validated"));
}
} else {
osc_add_flash_warning_message(_m('The listing has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = %d AND ((i.s_secret = %s) OR (i.fk_i_user_id = %d))", (int) $id, $secret, (int) $this->userId);
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_ok_message(_m('Your listing has been deleted'));
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
$this->redirectTo(osc_base_url());
}
break;
case 'deleteResources':
// Delete images via AJAX
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
if (Session::newInstance()->_get('userId') != '') {
$userId = Session::newInstance()->_get('userId');
$user = User::newInstance()->findByPrimaryKey($userId);
} else {
$userId = null;
$user = null;
}
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
osc_add_flash_error_message(_m("The selected photo couldn't be deleted, the url doesn't exist"));
$this->redirectTo(osc_item_edit_url($secret, $item));
}
$aItem = Item::newInstance()->findByPrimaryKey($item);
if (count($aItem) == 0) {
osc_add_flash_error_message(_m("The listing doesn't exist"));
$this->redirectTo(osc_item_edit_url($secret, $item));
}
if (!osc_is_admin_user_logged_in()) {
if ($userId != null && $userId != $aItem['fk_i_user_id']) {
osc_add_flash_error_message(_m("The listing doesn't belong to you"));
$this->redirectTo(osc_item_edit_url($secret, $item));
}
if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
osc_add_flash_error_message(_m("The listing doesn't belong to you"));
$this->redirectTo(osc_item_edit_url($secret, $item));
}
}
$result = ItemResource::newInstance()->existResource($id, $code);
if ($result > 0) {
$resource = ItemResource::newInstance()->findByPrimaryKey($id);
if ($resource['fk_i_item_id'] == $item) {
osc_deleteResource($id, false);
Log::newInstance()->insertLog('item', 'deleteResource', $id, $id, 'user', osc_logged_user_id());
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
osc_add_flash_ok_message(_m('The selected photo has been successfully deleted'));
} else {
osc_add_flash_error_message(_m("The selected photo does not belong to you"));
}
} else {
osc_add_flash_error_message(_m("The selected photo couldn't be deleted"));
}
$this->redirectTo(osc_item_edit_url($secret, $item));
break;
case 'mark':
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) {
// mark item if it's not a bot
$mItem = new ItemActions(false);
$mItem->mark($id, $as);
break;
}
}
osc_add_flash_ok_message(_m("Thanks! That's very helpful"));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
osc_csrf_check();
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
if (osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_send_friend_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
osc_run_hook('pre_item_send_friend_post', $item);
$mItem = new ItemActions(false);
$success = $mItem->send_friend();
osc_run_hook('post_item_send_friend_post', $item);
if ($success) {
Session::newInstance()->_clearVariables();
$this->redirectTo(osc_item_url());
} else {
$this->redirectTo(osc_item_send_friend_url());
}
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
if (empty($item)) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
} else {
$this->_exportVariableToView('item', $item);
if (osc_item_is_expired()) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
$this->doView('item-contact.php');
} else {
osc_add_flash_error_message(_m("You can't contact the seller, only registered users can"));
$this->redirectTo(osc_item_url());
}
}
break;
case 'contact_post':
osc_csrf_check();
if (osc_reg_user_can_contact() && !osc_is_web_user_logged_in()) {
osc_add_flash_warning_message(_m("You can't contact the seller, only registered users can"));
$this->redirectTo(osc_base_url(true));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$banned = osc_is_banned(Params::getParam('yourEmail'));
if ($banned == 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
$this->redirectTo(osc_item_url());
} else {
if ($banned == 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
$this->redirectTo(osc_item_url());
}
}
if (osc_isExpired($item['dt_expiration'])) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
osc_run_hook('pre_item_contact_post', $item);
$mItem = new ItemActions(false);
$result = $mItem->contact();
osc_run_hook('post_item_contact_post', $item);
if (is_string($result)) {
osc_add_flash_error_message($result);
} else {
osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller"));
}
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
osc_csrf_check();
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
osc_add_flash_error_message($msg);
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
osc_add_flash_info_message($msg);
break;
case 2:
$msg = _m('Your comment has been approved');
osc_add_flash_ok_message($msg);
break;
case 3:
$msg = _m('Please fill the required field (email)');
osc_add_flash_warning_message($msg);
break;
case 4:
$msg = _m('Please type a comment');
osc_add_flash_warning_message($msg);
break;
case 5:
$msg = _m('Your comment has been marked as spam');
osc_add_flash_error_message($msg);
break;
case 6:
$msg = _m('You need to be logged to comment');
osc_add_flash_error_message($msg);
break;
case 7:
$msg = _m('Sorry, comments are disabled');
osc_add_flash_error_message($msg);
break;
}
//View::newInstance()->_exportVariableToView('item', Item::newInstance()->findByPrimaryKey(Params::getParam('id')));
$this->redirectTo(osc_item_url());
break;
case 'delete_comment':
osc_csrf_check();
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
// @TOFIX @FIXME $status never used + ?? need to add_comment() before deleting it??
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_error_message(_m("The comment doesn't exist"));
$this->redirectTo(osc_item_url());
}
if ($aComment['b_active'] != 1) {
osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_ok_message(_m('The comment has been deleted'));
$this->redirectTo(osc_item_url());
break;
default:
// if there isn't ID, show an error 404
if (Params::getParam('id') == '') {
$this->do404();
return;
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = osc_apply_filter('pre_show_item', $this->itemManager->findByPrimaryKey(Params::getParam('id')));
// if item doesn't exist show an error 410
if (count($item) == 0) {
$this->do410();
return;
}
if ($item['b_active'] != 1) {
if ($this->userId == $item['fk_i_user_id'] && $this->userId != '' || osc_is_admin_user_logged_in()) {
osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public"));
} else {
$this->do400();
return;
}
} else {
if ($item['b_enabled'] == 0) {
if (osc_is_admin_user_logged_in()) {
osc_add_flash_warning_message(_m("The listing hasn't been enabled. Please enable it in order to make it public"));
} else {
if (osc_is_web_user_logged_in() && osc_logged_user_id() == $item['fk_i_user_id']) {
osc_add_flash_warning_message(_m("The listing has been blocked or is awaiting moderation from the admin"));
} else {
$this->do400();
return;
}
}
}
}
if (!osc_is_admin_user_logged_in() && !($item['fk_i_user_id'] != '' && $item['fk_i_user_id'] == osc_logged_user_id())) {
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', Params::getServerParam('HTTP_USER_AGENT'))) {
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
break;
}
}
}
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
if ($item['fk_i_user_id'] != '') {
$user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
$this->_exportVariableToView('user', $user);
}
$this->_exportVariableToView('item', $item);
osc_run_hook('show_item', $item);
// redirect to the correct url just in case it has changed
$itemURI = str_replace(osc_base_url(), '', osc_item_url());
$URI = preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false));
// do not clean QUERY_STRING if permalink is not enabled
if (osc_rewrite_enabled()) {
$URI = str_replace('?' . Params::getServerParam('QUERY_STRING', false, false), '', $URI);
} else {
$params_keep = array('page', 'id');
$params = array();
foreach (Params::getParamsAsArray('get') as $k => $v) {
if (in_array($k, $params_keep)) {
$params[] = "{$k}={$v}";
}
}
$URI = 'index.php?' . implode('&', $params);
}
// redirect to the correct url
if ($itemURI != $URI) {
$this->redirectTo(osc_base_url() . $itemURI, 301);
}
$this->doView('item.php');
break;
}
}
function doModel()
{
parent::doModel();
switch ($this->action) {
case 'add':
// callin add view
$this->_exportVariableToView('admin', null);
$this->doView('admins/frm.php');
break;
case 'add_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
osc_csrf_check();
// adding a new admin
$sPassword = Params::getParam('s_password', false, false);
$sName = Params::getParam('s_name');
$sEmail = Params::getParam('s_email');
$sUserName = Params::getParam('s_username');
$bModerator = Params::getParam('b_moderator') == 0 ? 0 : 1;
// cleaning parameters
$sPassword = strip_tags($sPassword);
$sPassword = trim($sPassword);
$sName = strip_tags($sName);
$sName = trim($sName);
$sEmail = strip_tags($sEmail);
$sEmail = trim($sEmail);
$sUserName = strip_tags($sUserName);
$sUserName = trim($sUserName);
// Checks for legit data
if (!osc_validate_email($sEmail, true)) {
osc_add_flash_warning_message(_m("Email invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
if (!osc_validate_username($sUserName)) {
osc_add_flash_warning_message(_m("Username invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
if ($sName == '') {
osc_add_flash_warning_message(_m("Name invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
if ($sPassword == '') {
osc_add_flash_warning_message(_m("Password invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
$admin = $this->adminManager->findByEmail($sEmail);
if ($admin) {
osc_add_flash_warning_message(_m("Email already in use"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
$admin = $this->adminManager->findByUsername($sUserName);
if ($admin) {
osc_add_flash_warning_message(_m("Username already in use"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
$array = array('s_password' => osc_hash_password($sPassword), 's_name' => $sName, 's_email' => $sEmail, 's_username' => $sUserName, 'b_moderator' => $bModerator);
$isInserted = $this->adminManager->insert($array);
if ($isInserted) {
// send email
osc_run_hook('hook_email_new_admin', array('s_name' => $sName, 's_username' => $sUserName, 's_password' => $sPassword, 's_email' => $sEmail));
osc_add_flash_ok_message(_m('The admin has been added'), 'admin');
} else {
osc_add_flash_error_message(_m('There has been an error adding a new admin'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
break;
case 'edit':
// calling edit admin view
$adminEdit = null;
$adminId = Params::getParam('id');
if ($adminId != '') {
$adminEdit = $this->adminManager->findByPrimaryKey((int) $adminId);
} elseif (Session::newInstance()->_get('adminId') != '') {
$adminEdit = $this->adminManager->findByPrimaryKey(Session::newInstance()->_get('adminId'));
}
if (count($adminEdit) == 0) {
osc_add_flash_error_message(_m('There is no admin with this id'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
$this->_exportVariableToView("admin", $adminEdit);
$this->doView('admins/frm.php');
break;
case 'edit_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
osc_csrf_check();
// updating a new admin
$iUpdated = 0;
$adminId = Params::getParam('id');
$sPassword = Params::getParam('s_password', false, false);
$sPassword2 = Params::getParam('s_password2', false, false);
$sOldPassword = Params::getParam('old_password', false, false);
$sName = Params::getParam('s_name');
$sEmail = Params::getParam('s_email');
$sUserName = Params::getParam('s_username');
$bModerator = Params::getParam('b_moderator') == 0 ? 0 : 1;
// cleaning parameters
$sPassword = strip_tags($sPassword);
$sPassword = trim($sPassword);
$sPassword2 = strip_tags($sPassword2);
$sPassword2 = trim($sPassword2);
$sName = strip_tags($sName);
$sName = trim($sName);
$sEmail = strip_tags($sEmail);
$sEmail = trim($sEmail);
$sUserName = strip_tags($sUserName);
$sUserName = trim($sUserName);
// Checks for legit data
if (!osc_validate_email($sEmail, true)) {
osc_add_flash_warning_message(_m("Email invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
if (!osc_validate_username($sUserName)) {
osc_add_flash_warning_message(_m("Username invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
if ($sName == '') {
osc_add_flash_warning_message(_m("Name invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
$aAdmin = $this->adminManager->findByPrimaryKey($adminId);
if (count($aAdmin) == 0) {
osc_add_flash_error_message(_m("This admin doesn't exist"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
if ($aAdmin['s_email'] != $sEmail) {
if ($this->adminManager->findByEmail($sEmail)) {
osc_add_flash_warning_message(_m('Existing email'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
}
if ($aAdmin['s_username'] != $sUserName) {
if ($this->adminManager->findByUsername($sUserName)) {
osc_add_flash_warning_message(_m('Existing username'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
}
$conditions = array('pk_i_id' => $adminId);
$array = array();
if (osc_logged_admin_id() == $adminId) {
if ($sOldPassword != '') {
if ($sPassword == '') {
osc_add_flash_warning_message(_m("Password invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
} else {
$firstCondition = osc_verify_password($sOldPassword, $aAdmin['s_password']);
$secondCondition = $sPassword == $sPassword2;
if ($firstCondition && $secondCondition) {
$array['s_password'] = osc_hash_password($sPassword);
} else {
osc_add_flash_warning_message(_m("The password couldn't be updated. Passwords don't match"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
}
}
} else {
if ($sPassword != '') {
if ($sPassword == $sPassword2) {
$array['s_password'] = osc_hash_password($sPassword);
} else {
osc_add_flash_warning_message(_m("The password couldn't be updated. Passwords don't match"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
}
}
if ($adminId != osc_logged_admin_id()) {
$array['b_moderator'] = $bModerator;
}
$array['s_name'] = Params::getParam('s_name');
$array['s_username'] = $sUserName;
$array['s_email'] = $sEmail;
$iUpdated = $this->adminManager->update($array, $conditions);
osc_run_hook('admin_edit_completed', $adminId, $iUpdated);
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m('The admin has been updated'), 'admin');
}
if ($this->isModerator()) {
$this->redirectTo(osc_admin_base_url(true));
} else {
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
break;
case 'delete':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
osc_csrf_check();
// deleting and admin
$isDeleted = false;
$adminId = Params::getParam('id');
if (!is_array($adminId)) {
osc_add_flash_error_message(_m("The admin id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
// Verification to avoid an administrator trying to remove to itself
if (in_array(Session::newInstance()->_get('adminId'), $adminId)) {
osc_add_flash_error_message(_m("The operation hasn't been completed. You're trying to remove yourself!"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
$isDeleted = $this->adminManager->deleteBatch($adminId);
if ($isDeleted) {
osc_add_flash_ok_message(_m('The admin has been deleted correctly'), 'admin');
} else {
osc_add_flash_error_message(_m('The admin couldn\'t be deleted'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
break;
default:
if (Params::getParam("action") != "") {
osc_run_hook("admin_bulk_" . Params::getParam("action"), Params::getParam('id'));
}
if (Params::getParam('iDisplayLength') == '') {
Params::setParam('iDisplayLength', 10);
}
$p_iPage = 1;
if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
$p_iPage = Params::getParam('iPage');
}
Params::setParam('iPage', $p_iPage);
$admins = $this->adminManager->listAll();
// pagination
$start = ($p_iPage - 1) * Params::getParam('iDisplayLength');
$limit = Params::getParam('iDisplayLength');
$count = count($admins);
$displayRecords = $limit;
if ($start + $limit > $count) {
$displayRecords = $start + $limit - $count;
}
// ----
$aData = array();
$max = $start + $limit;
if ($max > $count) {
$max = $count;
}
for ($i = $start; $i < $max; $i++) {
$admin = $admins[$i];
$options = array();
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $admin['pk_i_id'] . '">' . __('Edit') . '</a>';
$options[] = '<a onclick="return delete_dialog(\'' . $admin['pk_i_id'] . '\');" href="' . osc_admin_base_url(true) . '?page=admins&action=delete&id[]=' . $admin['pk_i_id'] . '">' . __('Delete') . '</a>';
$auxOptions = '<ul>' . PHP_EOL;
foreach ($options as $actual) {
$auxOptions .= '<li>' . $actual . '</li>' . PHP_EOL;
}
$actions = '<div class="actions">' . $auxOptions . '</div>' . PHP_EOL;
$row = array();
$row[] = '<input type="checkbox" name="id[]" value="' . $admin['pk_i_id'] . '" />';
$row[] = $admin['s_username'] . $actions;
$row[] = $admin['s_name'];
$row[] = $admin['s_email'];
$aData[] = $row;
}
$array['iTotalRecords'] = $displayRecords;
$array['iTotalDisplayRecords'] = count($admins);
$array['iDisplayLength'] = $limit;
$array['aaData'] = $aData;
$page = (int) Params::getParam('iPage');
if (count($array['aaData']) == 0 && $page != 1) {
$total = (int) $array['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $array['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected admins?'), strtolower(__('Delete'))), 'label' => __('Delete')));
$bulk_options = osc_apply_filter("admin_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
$this->_exportVariableToView('aAdmins', $array);
// calling manage admins view
$this->doView('admins/index.php');
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'add':
$this->doView("plugins/add.php");
break;
case 'add_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
osc_csrf_check();
$package = Params::getFiles("package");
if (isset($package['size']) && $package['size'] != 0) {
$path = osc_plugins_path();
(int) ($status = osc_unzip_file($package['tmp_name'], $path));
@unlink($package['tmp_name']);
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The plugin folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
$msg = _m('The plugin has been uploaded correctly');
osc_add_flash_ok_message($msg, 'admin');
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the plugin');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'install':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
osc_csrf_check();
$pn = Params::getParam('plugin');
// set header just in case it's triggered some fatal error
header("Location: " . osc_admin_base_url(true) . "?page=plugins&error=" . $pn, true, '302');
$installed = Plugins::install($pn);
if (is_array($installed)) {
switch ($installed['error_code']) {
case 'error_output':
osc_add_flash_error_message(sprintf(_m('The plugin generated %d characters of <strong>unexpected output</strong> during the installation. Output: "%s"'), strlen($installed['output']), $installed['output']), 'admin');
break;
case 'error_installed':
osc_add_flash_error_message(_m('Plugin is already installed'), 'admin');
break;
case 'error_file':
osc_add_flash_error_message(_m("Plugin couldn't be installed because their files are missing"), 'admin');
break;
case 'custom_error':
osc_add_flash_error_message(sprintf(_m("Plugin couldn't be installed because of: %s"), $installed['msg']), 'admin');
break;
default:
osc_add_flash_error_message(_m("Plugin couldn't be installed"), 'admin');
break;
}
} else {
osc_add_flash_ok_message(_m('Plugin installed'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'uninstall':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
osc_csrf_check();
if (Plugins::uninstall(Params::getParam("plugin"))) {
osc_add_flash_ok_message(_m('Plugin uninstalled'), 'admin');
} else {
osc_add_flash_error_message(_m("Plugin couldn't be uninstalled"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'enable':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
osc_csrf_check();
if (Plugins::activate(Params::getParam('plugin'))) {
osc_add_flash_ok_message(_m('Plugin enabled'), 'admin');
} else {
osc_add_flash_error_message(_m('Plugin is already enabled'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'disable':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
osc_csrf_check();
if (Plugins::deactivate(Params::getParam('plugin'))) {
osc_add_flash_ok_message(_m('Plugin disabled'), 'admin');
} else {
osc_add_flash_error_message(_m('Plugin is already disabled'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'admin':
$plugin = Params::getParam("plugin");
if ($plugin != "") {
osc_run_hook($plugin . '_configure');
}
break;
case 'admin_post':
osc_run_hook('admin_post');
break;
case 'renderplugin':
if (Params::existParam('route')) {
$routes = Rewrite::newInstance()->getRoutes();
$rid = Params::getParam('route');
$file = '../';
if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
$file = $routes[$rid]['file'];
}
} else {
// DEPRECATED: Disclosed path in URL is deprecated, use routes instead
// This will be REMOVED in 3.4
$file = Params::getParam('file');
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = Params::getParam('file');
}
}
osc_run_hook('renderplugin_controller');
if (stripos($file, '../') === false && stripos($file, '..\\') === false && $file != "") {
$this->_exportVariableToView("file", osc_plugins_path() . $file);
$this->doView("plugins/view.php");
}
break;
case 'configure':
$plugin = Params::getParam("plugin");
if ($plugin != '') {
$plugin_data = Plugins::getInfo($plugin);
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->_exportVariableToView("selected", PluginCategory::newInstance()->listSelected($plugin_data['short_name']));
$this->_exportVariableToView("plugin_data", $plugin_data);
$this->doView("plugins/configuration.php");
} else {
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
}
break;
case 'configure_post':
osc_csrf_check();
$plugin_short_name = Params::getParam("plugin_short_name");
$categories = Params::getParam("categories");
if ($plugin_short_name != "") {
Plugins::cleanCategoryFromPlugin($plugin_short_name);
if (isset($categories)) {
Plugins::addToCategoryPlugin($categories, $plugin_short_name);
}
osc_run_hook('plugin_categories_' . Params::getParam('plugin'), $categories);
osc_add_flash_ok_message(_m('Configuration was saved'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
}
osc_add_flash_error_message(_m('No plugin selected'), 'admin');
$this->doView('plugins/index.php');
break;
case 'delete':
osc_csrf_check();
$plugin = str_replace('/index.php', '', Params::getParam("plugin"));
$path = preg_replace('([\\/]+)', '/', CONTENT_PATH . 'plugins/' . $plugin);
if ($plugin != "" && strpos($plugin, '../') === false && strpos($plugin, '..\\') === false && $path != CONTENT_PATH . 'plugins/') {
if (osc_deleteDir($path)) {
osc_add_flash_ok_message(_m('The files were deleted'), 'admin');
} else {
osc_add_flash_error_message(sprintf(_m('There were an error deleting the files, please check the permissions of the files in %s'), $path . "/"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
}
osc_add_flash_error_message(_m('No plugin selected'), 'admin');
$this->doView('plugins/index.php');
break;
case 'error_plugin':
// force php errors and simulate plugin installation to show the errors in the iframe
if (!OSC_DEBUG) {
error_reporting(E_ALL | E_STRICT);
}
@ini_set('display_errors', 1);
include osc_plugins_path() . Params::getParam('plugin');
Plugins::install(Params::getParam('plugin'));
exit;
break;
default:
if (Params::getParam('checkUpdated') != '') {
osc_admin_toolbar_update_plugins(true);
}
if (Params::getParam('iDisplayLength') == '') {
Params::setParam('iDisplayLength', 25);
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
$p_iPage = 1;
if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
$p_iPage = Params::getParam('iPage');
}
Params::setParam('iPage', $p_iPage);
$aPlugin = Plugins::listAll();
$active_plugins = osc_get_plugins();
// pagination
$start = ($p_iPage - 1) * Params::getParam('iDisplayLength');
$limit = Params::getParam('iDisplayLength');
$count = count($aPlugin);
$displayRecords = $limit;
if ($start + $limit > $count) {
$displayRecords = $start + $limit - $count;
}
// --------------------------------------------------------
$aData = array();
$aInfo = array();
$max = $start + $limit;
if ($max > $count) {
$max = $count;
}
$aPluginsToUpdate = json_decode(osc_get_preference('plugins_to_update'));
$bPluginsToUpdate = is_array($aPluginsToUpdate) ? true : false;
for ($i = $start; $i < $max; $i++) {
$plugin = $aPlugin[$i];
$row = array();
$pInfo = osc_plugin_get_info($plugin);
// prepare row 1
$installed = 0;
if (osc_plugin_is_installed($plugin)) {
$installed = 1;
}
$enabled = 0;
if (osc_plugin_is_enabled($plugin)) {
$enabled = 1;
}
// prepare row 2
$sUpdate = '';
// get plugins to update from t_preference
if ($bPluginsToUpdate) {
if (in_array(@$pInfo['plugin_update_uri'], $aPluginsToUpdate)) {
$sUpdate = '<a class="market_update market-popup" href="#' . htmlentities($pInfo['plugin_update_uri']) . '">' . __("There's a new update available") . '</a>';
}
}
// prepare row 4
$sConfigure = '';
if (isset($active_plugins[$plugin . '_configure'])) {
$sConfigure = '<a href="' . osc_admin_base_url(true) . '?page=plugins&action=admin&plugin=' . $pInfo['filename'] . "&" . osc_csrf_token_url() . '">' . __('Configure') . '</a>';
}
// prepare row 5
$sEnable = '';
if ($installed) {
if ($enabled) {
$sEnable = '<a href="' . osc_admin_base_url(true) . '?page=plugins&action=disable&plugin=' . $pInfo['filename'] . "&" . osc_csrf_token_url() . '">' . __('Disable') . '</a>';
} else {
$sEnable = '<a href="' . osc_admin_base_url(true) . '?page=plugins&action=enable&plugin=' . $pInfo['filename'] . "&" . osc_csrf_token_url() . '">' . __('Enable') . '</a>';
}
}
// prepare row 6
if ($installed) {
$sInstall = '<a onclick="javascript:return uninstall_dialog(\'' . $pInfo['filename'] . '\', \'' . $pInfo['plugin_name'] . '\');" href="' . osc_admin_base_url(true) . '?page=plugins&action=uninstall&plugin=' . $pInfo['filename'] . "&" . osc_csrf_token_url() . '">' . __('Uninstall') . '</a>';
} else {
$sInstall = '<a href="' . osc_admin_base_url(true) . '?page=plugins&action=install&plugin=' . $pInfo['filename'] . "&" . osc_csrf_token_url() . '">' . __('Install') . '</a>';
}
$sDelete = '';
if (!$installed) {
$sDelete = '<a href="javascript:delete_plugin(\'' . $pInfo['filename'] . '\');" >' . __('Delete') . '</a>';
}
$sHelp = '';
if ($pInfo['support_uri'] != '') {
$sHelp = '<span class="plugin-support-icon plugin-tooltip" ><a target="_blank" href="' . osc_sanitize_url($pInfo['support_uri']) . '" ><img src="' . osc_current_admin_theme_url('images/question.png') . '" alt="' . osc_esc_html(__('Problems with this plugin? Ask for support.')) . '" ></a></span>';
}
$sSiteUrl = '';
if ($pInfo['plugin_uri'] != '') {
$sSiteUrl = ' | <a target="_blank" href="' . $pInfo['plugin_uri'] . '">' . __('Plugins Site') . '</a>';
}
if ($pInfo['author_uri'] != '') {
$sAuthor = __('By') . ' <a target="_blank" href="' . $pInfo['author_uri'] . '">' . $pInfo['author'] . '</a>';
} else {
$sAuthor = __('By') . ' ' . $pInfo['author'];
}
$row[] = '<input type="hidden" name="installed" value="' . $installed . '" enabled="' . $enabled . '" />' . $pInfo['plugin_name'] . $sHelp . '<div>' . $sUpdate . '</div>';
$row[] = $pInfo['description'] . '<br />' . __('Version:') . $pInfo['version'] . ' | ' . $sAuthor . $sSiteUrl;
$row[] = $sUpdate != '' ? $sUpdate : ' ';
$row[] = $sConfigure != '' ? $sConfigure : ' ';
$row[] = $sEnable != '' ? $sEnable : ' ';
$row[] = $sInstall != '' ? $sInstall : ' ';
$row[] = $sDelete != '' ? $sDelete : ' ';
$aData[] = $row;
if (@$pInfo['plugin_update_uri'] != '') {
$aInfo[@$pInfo['plugin_update_uri']] = $pInfo;
} else {
$aInfo[$i] = $pInfo;
}
}
$array['iTotalRecords'] = $displayRecords;
$array['iTotalDisplayRecords'] = count($aPlugin);
$array['iDisplayLength'] = $limit;
$array['aaData'] = $aData;
$array['aaInfo'] = $aInfo;
// --------------------------------------------------------
$page = (int) Params::getParam('iPage');
if (count($array['aaData']) == 0 && $page != 1) {
$total = (int) $array['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $array['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aPlugins', $array);
$this->doView("plugins/index.php");
break;
}
}
/**
*
*/
public function toArray()
{
$domain = 'http://' . Params::getServerParam('HTTP_HOST') . '/';
$this->siteInfo = $this->findByPrimaryKey($domain);
}
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
osc_enqueue_script('jquery-validate');
$current_host = parse_url(Params::getServerParam('HTTP_HOST'), PHP_URL_HOST);
if ($current_host === null) {
$current_host = Params::getServerParam('HTTP_HOST');
}
//customize Head
function customHead()
{
}
osc_add_hook('admin_header', 'customHead', 10);
function render_offset()
{
return 'row-offset';
}
function addHelp()
{
echo '<p>' . __("Change advanced configuration of your Osclass. <strong>Be careful</strong> when modifying default values if you're not sure what you're doing!") . '</p>';
}
osc_add_hook('help_box', 'addHelp');
function __construct()
{
parent::__construct();
$this->mSearch = Search::newInstance();
$this->uri = preg_replace('|^' . REL_WEB_URL . '|', '', Params::getServerParam('REQUEST_URI', false, false));
if (preg_match('/^index\\.php/', $this->uri) > 0) {
// search url without permalinks params
} else {
$this->uri = preg_replace('|/$|', '', $this->uri);
// redirect if it ends with a slash NOT NEEDED ANYMORE, SINCE WE CHECK WITH osc_search_url
if ($this->uri != osc_get_preference('rewrite_search_url') && stripos($this->uri, osc_get_preference('rewrite_search_url') . '/') === false && osc_rewrite_enabled() && !Params::existParam('sFeed')) {
// clean GET html params
$this->uri = preg_replace('/(\\/?)\\?.*$/', '', $this->uri);
$search_uri = preg_replace('|/[0-9]+$|', '', $this->uri);
$this->_exportVariableToView('search_uri', $search_uri);
// get page if it's set in the url
$iPage = preg_replace('|.*/([0-9]+)$|', '$01', $this->uri);
if (is_numeric($iPage) && $iPage > 0) {
Params::setParam('iPage', $iPage);
// redirect without number of pages
if ($iPage == 1) {
$this->redirectTo(osc_base_url() . $search_uri);
}
}
if (Params::getParam('iPage') > 1) {
$this->_exportVariableToView('canonical', osc_base_url() . $search_uri);
}
// get only the last segment
$search_uri = preg_replace('|.*?/|', '', $search_uri);
if (preg_match('|-r([0-9]+)$|', $search_uri, $r)) {
$region = Region::newInstance()->findByPrimaryKey($r[1]);
if (!$region) {
$this->do404();
}
Params::setParam('sRegion', $region['pk_i_id']);
Params::unsetParam('sCategory');
if (preg_match('|(.*?)_.*?-r[0-9]+|', $search_uri, $match)) {
Params::setParam('sCategory', $match[1]);
}
} else {
if (preg_match('|-c([0-9]+)$|', $search_uri, $c)) {
$city = City::newInstance()->findByPrimaryKey($c[1]);
if (!$city) {
$this->do404();
}
Params::setParam('sCity', $city['pk_i_id']);
Params::unsetParam('sCategory');
if (preg_match('|(.*?)_.*?-c[0-9]+|', $search_uri, $match)) {
Params::setParam('sCategory', $match[1]);
}
} else {
if (!Params::existParam('sCategory')) {
$category = Category::newInstance()->findBySlug($search_uri);
if (count($category) === 0) {
$this->do404();
}
Params::setParam('sCategory', $search_uri);
} else {
if (stripos(Params::getParam('sCategory'), '/') !== false) {
$tmp = explode("/", preg_replace('|/$|', '', Params::getParam('sCategory')));
$category = Category::newInstance()->findBySlug($tmp[count($tmp) - 1]);
Params::setParam('sCategory', $tmp[count($tmp) - 1]);
} else {
$category = Category::newInstance()->findBySlug(Params::getParam('sCategory'));
Params::setParam('sCategory', Params::getParam('sCategory'));
}
if (count($category) === 0) {
$this->do404();
}
}
}
}
}
}
}
/**
* Insert a log row.
*
* @access public
* @since unknown
* @param string $section
* @param string $action
* @param integer $id
* @param string $data
* @param string $who
* @param integer $who_id
* @return boolean
*/
public function insertLog($section, $action, $id, $data, $who, $whoId)
{
$array_set = array('dt_date' => date('Y-m-d H:i:s'), 's_section' => $section, 's_action' => $action, 'fk_i_id' => $id, 's_data' => $data, 's_ip' => Params::getServerParam('REMOTE_ADDR'), 's_who' => $who, 'fk_i_who_id' => $whoId);
return $this->dao->insert($this->getTableName(), $array_set);
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
osc_csrf_check();
$id = Params::getParam('id');
if ($id) {
switch (Params::getParam('bulk_actions')) {
case 'delete_all':
$this->itemCommentManager->delete(array(DB_CUSTOM_COND => 'pk_i_id IN (' . implode(', ', $id) . ')'));
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->delete(array('pk_i_id' => $_id));
osc_add_hook("delete_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been deleted'), 'admin');
break;
case 'activate_all':
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $_id));
if ($iUpdated) {
$this->sendCommentActivated($_id);
}
osc_add_hook("activate_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been approved'), 'admin');
break;
case 'deactivate_all':
foreach ($id as $_id) {
$this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $_id));
osc_add_hook("deactivate_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been disapproved'), 'admin');
break;
case 'enable_all':
foreach ($id as $_id) {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $_id));
if ($iUpdated) {
$this->sendCommentActivated($_id);
}
osc_add_hook("enable_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been unblocked'), 'admin');
break;
case 'disable_all':
foreach ($id as $_id) {
$this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $_id));
osc_add_hook("disable_comment", $_id);
}
osc_add_flash_ok_message(_m('The comments have been blocked'), 'admin');
break;
default:
if (Params::getParam("bulk_actions") != "") {
osc_run_hook("item_bulk_" . Params::getParam("bulk_actions"), Params::getParam('id'));
}
break;
}
}
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'status':
osc_csrf_check();
$id = Params::getParam('id');
$value = Params::getParam('value');
if (!$id) {
return false;
}
$id = (int) $id;
if (!is_numeric($id)) {
return false;
}
if (!in_array($value, array('ACTIVE', 'INACTIVE', 'ENABLE', 'DISABLE'))) {
return false;
}
if ($value == 'ACTIVE') {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 1), array('pk_i_id' => $id));
if ($iUpdated) {
$this->sendCommentActivated($id);
}
osc_add_hook("activate_comment", $id);
osc_add_flash_ok_message(_m('The comment has been approved'), 'admin');
} else {
if ($value == 'INACTIVE') {
$iUpdated = $this->itemCommentManager->update(array('b_active' => 0), array('pk_i_id' => $id));
osc_add_hook("deactivate_comment", $id);
osc_add_flash_ok_message(_m('The comment has been disapproved'), 'admin');
} else {
if ($value == 'ENABLE') {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 1), array('pk_i_id' => $id));
osc_add_hook("enable_comment", $id);
osc_add_flash_ok_message(_m('The comment has been enabled'), 'admin');
} else {
if ($value == 'DISABLE') {
$iUpdated = $this->itemCommentManager->update(array('b_enabled' => 0), array('pk_i_id' => $id));
osc_add_hook("disable_comment", $id);
osc_add_flash_ok_message(_m('The comment has been disabled'), 'admin');
}
}
}
}
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'comment_edit':
$comment = ItemComment::newInstance()->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('comment', $comment);
$this->doView('comments/frm.php');
break;
case 'comment_edit_post':
osc_csrf_check();
$msg = '';
if (!osc_validate_email(Params::getParam('authorEmail'), true)) {
$msg .= _m('Email is not correct') . "<br/>";
}
if (!osc_validate_text(Params::getParam('body'), 1, true)) {
$msg .= _m('Comment is required') . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=comments&action=comment_edit&id=" . Params::getParam('id'));
}
$this->itemCommentManager->update(array('s_title' => Params::getParam('title'), 's_body' => Params::getParam('body'), 's_author_name' => Params::getParam('authorName'), 's_author_email' => Params::getParam('authorEmail')), array('pk_i_id' => Params::getParam('id')));
osc_run_hook('edit_comment', Params::getParam('id'));
osc_add_flash_ok_message(_m('Great! We just updated your comment'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
case 'delete':
osc_csrf_check();
$this->itemCommentManager->deleteByPrimaryKey(Params::getParam('id'));
osc_add_flash_ok_message(_m('The comment has been deleted'), 'admin');
osc_run_hook('delete_comment', Params::getParam('id'));
$this->redirectTo(osc_admin_base_url(true) . "?page=comments");
break;
default:
require_once osc_lib_path() . "osclass/classes/datatables/CommentsDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$commentsDataTable = new CommentsDataTable();
$commentsDataTable->table($params);
$aData = $commentsDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . Params::getServerParam('QUERY_STRING', false, false);
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $commentsDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Delete'))), 'label' => __('Delete')), array('value' => 'activate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'disable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'enable_all', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected comments?'), strtolower(__('Unblock'))), 'label' => __('Unblock')));
$bulk_options = osc_apply_filter("comment_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
$this->doView('comments/index.php');
break;
}
}
function doModel()
{
switch ($this->action) {
case 'dashboard':
//dashboard...
$max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
$aItems = Item::newInstance()->findByUserIDEnabled(osc_logged_user_id(), 0, $max_items);
//calling the view...
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('max_items', $max_items);
$this->doView('user-dashboard.php');
break;
case 'profile':
//profile...
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($user['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
} elseif (count($aCountries) > 0) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
$aCities = array();
if ($user['fk_i_region_id'] != '') {
$aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
}
//calling the view...
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('user', $user);
$this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
$this->doView('user-profile.php');
break;
case 'profile_post':
//profile post...
osc_csrf_check();
$userId = Session::newInstance()->_get('userId');
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->edit($userId);
if ($success == 1 || $success == 2) {
osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
} else {
osc_add_flash_error_message($success);
}
$this->redirectTo(osc_user_profile_url());
break;
case 'alerts':
//alerts
$aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'), false);
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
foreach ($aAlerts as $k => $a) {
$array_conditions = (array) json_decode($a['s_search']);
// $search = Search::newInstance();
$search = new Search();
$search->setJsonAlert($array_conditions);
$search->limit(0, 3);
$aAlerts[$k]['items'] = $search->doSearch();
}
$this->_exportVariableToView('alerts', $aAlerts);
View::newInstance()->_reset('alerts');
$this->_exportVariableToView('user', $user);
$this->doView('user-alerts.php');
break;
case 'change_email':
//change email
$this->doView('user-change_email.php');
break;
case 'change_email_post':
//change email post
osc_csrf_check();
if (!osc_validate_email(Params::getParam('new_email'))) {
osc_add_flash_error_message(_m('The specified e-mail is not valid'));
$this->redirectTo(osc_change_user_email_url());
} else {
$user = User::newInstance()->findByEmail(Params::getParam('new_email'));
if (!isset($user['pk_i_id'])) {
$userEmailTmp = array();
$userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
$userEmailTmp['s_new_email'] = Params::getParam('new_email');
UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
$code = osc_genRandomPassword(30);
$date = date('Y-m-d H:i:s');
$userManager = new User();
$userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => Params::getServerParam('REMOTE_ADDR')), array('pk_i_id' => Session::newInstance()->_get('userId')));
$validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified e-mail is already in use'));
$this->redirectTo(osc_change_user_email_url());
}
}
break;
case 'change_username':
//change username
$this->doView('user-change_username.php');
break;
case 'change_username_post':
//change username
$username = osc_sanitize_username(Params::getParam('s_username'));
osc_run_hook('before_username_change', Session::newInstance()->_get('userId'), $username);
if ($username != '') {
$user = User::newInstance()->findByUsername($username);
if (isset($user['s_username'])) {
osc_add_flash_error_message(_m('The specified username is already in use'));
} else {
if (!osc_is_username_blacklisted($username)) {
User::newInstance()->update(array('s_username' => $username), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('The username was updated'));
osc_run_hook('after_username_change', Session::newInstance()->_get('userId'), Params::getParam('s_username'));
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified username is not valid, it contains some invalid words'));
}
}
} else {
osc_add_flash_error_message(_m('The specified username could not be empty'));
}
$this->redirectTo(osc_change_user_username_url());
break;
case 'change_password':
//change password
$this->doView('user-change_password.php');
break;
case 'change_password_post':
//change password post
osc_csrf_check();
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_change_user_password_url());
}
if (!osc_verify_password(Params::getParam('password', false, false), $user['s_password'])) {
osc_add_flash_error_message(_m("Current password doesn't match"));
$this->redirectTo(osc_change_user_password_url());
}
if (!Params::getParam('new_password', false, false)) {
osc_add_flash_error_message(_m("Passwords can't be empty"));
$this->redirectTo(osc_change_user_password_url());
}
if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) {
osc_add_flash_error_message(_m("Passwords don't match"));
$this->redirectTo(osc_change_user_password_url());
}
User::newInstance()->update(array('s_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('Password has been changed'));
$this->redirectTo(osc_user_profile_url());
break;
case 'items':
// view items user
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10;
$page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0;
$itemType = Params::getParam('itemType');
$total_items = Item::newInstance()->countItemTypesByUserID(osc_logged_user_id(), $itemType);
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findItemTypesByUserID(osc_logged_user_id(), $page * $itemsPerPage, $itemsPerPage, $itemType);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('search_total_pages', $total_pages);
$this->_exportVariableToView('search_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('items_type', $itemType);
$this->_exportVariableToView('search_page', $page);
$this->doView('user-items.php');
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator'));
}
$this->redirectTo(osc_base_url());
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$alert = Alerts::newInstance()->findByPrimaryKey($id);
$result = 0;
if (!empty($alert)) {
if ($email == $alert['s_email'] && $secret == $alert['s_secret']) {
$result = Alerts::newInstance()->unsub($id);
}
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator'));
}
$this->redirectTo(osc_user_alerts_url());
break;
case 'delete':
$id = Params::getParam('id');
$secret = Params::getParam('secret');
if (osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
View::newInstance()->_exportVariableToView('user', $user);
if (!empty($user) && osc_logged_user_id() == $id && $secret == $user['s_secret']) {
User::newInstance()->deleteUser(osc_logged_user_id());
Session::newInstance()->_drop('userId');
Session::newInstance()->_drop('userName');
Session::newInstance()->_drop('userEmail');
Session::newInstance()->_drop('userPhone');
Cookie::newInstance()->pop('oc_userId');
Cookie::newInstance()->pop('oc_userSecret');
Cookie::newInstance()->set();
osc_add_flash_ok_message(_m("Your account have been deleted"));
$this->redirectTo(osc_base_url());
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_user_dashboard_url());
}
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_base_url());
}
break;
}
}
