Exemplos de código com bff em PHP

Exemplo n.º 1

1

Exibir arquivo

Arquivo: bff.base.php Projeto: Sywooch/dobox

 /**
  * @return bffBase object
  */
 function init($isFrontend = true)
 {
     global $oDb, $oSm, $oSecurity;
     self::$isFrontend = $isFrontend;
     self::$isAjax = func::isAjaxRequest();
     self::$isPost = func::isPostMethod();
     if ($isFrontend) {
         define('TPL_PATH', PATH_BASE . 'tpl/main/');
         $oSm->template_dir = TPL_PATH;
     } else {
         define('TPL_PATH', PATH_BASE . 'tpl/main/admin/');
         define('THEME_URL', SITEURL . '/styles/default');
         //default admin theme!
         $oSm->template_dir = TPL_PATH;
     }
     spl_autoload_register(array('bffBase', 'autoload'));
     $oSecurity->checkExpired();
     if (!defined('THEME_URL')) {
         define('THEME_URL', SITEURL . '/styles/' . THEMES_DEFAULTTHEME_KEY);
     }
     $oSm->assign('theme_url', THEME_URL);
     $oSm->assign('class', self::$class = substr(strtolower(func::GETPOST('s')), 0, 30));
     $oSm->assign('event', self::$event = substr(strtolower(func::GETPOST('ev')), 0, 30));
     $oSm->assign_by_ref('tplJSIncludes', self::$includesJS);
     $oSm->assign_by_ref('tplCSSIncludes', self::$includesCSS);
     bff::initApp($isFrontend);
     return $this;
 }

Exemplo n.º 2

1

Exibir arquivo

Arquivo: pages.class.php Projeto: Sywooch/dobox

 function show($nPageID = null)
 {
     $nRecordID = !isset($nPageID) ? func::POSTGET('page') : (int) $nPageID;
     $aData = $this->db->one_array('SELECT title, mkeywords, mdescription, filename 
                               FROM ' . TABLE_PAGES . ' 
                               WHERE filename = ' . $this->db->str2sql($nRecordID) . ' 
                               LIMIT 1');
     if (empty($aData)) {
         Errors::httpError(404);
     }
     //get page content
     $aData['content'] = CDir::getFileContent(PAGES_PATH . $aData['filename'] . PAGES_EXTENSION);
     config::set(array('title' => $aData['title'] . ' | ' . config::get('title', ''), 'mkeywords' => $aData['mkeywords'], 'mdescription' => $aData['mdescription']));
     if ($aData['content'] === false) {
         Errors::httpError(404);
     }
     $aData['menu'] = bff::i()->Sitemap_getmenu('info', 'all-sub');
     // echo '<pre>', print_r($aData['menu'], true), '</pre>'; exit;
     $this->tplAssign('aData', $aData);
     return $this->tplFetch('page.tpl');
 }

Exemplo n.º 3

0

Exibir arquivo

Arquivo: tpl.php Projeto: Sywooch/dobox

 /**
  * Строим ссылку на файл-изображение
  * Формат ссылки: SITEURL.'/files/images/[folder]/[id]_[prefix][postprefix][file]'
  */
 static function imgurl($p)
 {
     $url = bff::buildUrl($p['folder'], 'images');
     if (empty($p['file'])) {
         //если 'file' не указан, возвращаем изображение по-умолчанию
         return $url . (isset($p['prefix']) ? $p['prefix'] . (isset($p['postprefix']) ? $p['postprefix'] : '') . '_' : '') . BFF_DEFAULT_IMG;
     }
     //'file' - является уже сформированнным именем файла
     if (!empty($p['static'])) {
         return $url . $p['file'];
     }
     $url .= $p['id'] !== false ? $p['id'] . '_' : '';
     if (isset($p['prefix'])) {
         $url .= $p['prefix'];
     }
     if (isset($p['postprefix'])) {
         $url .= $p['postprefix'];
     }
     return $url . $p['file'];
 }

Exemplo n.º 4

0

Exibir arquivo

Arquivo: contacts.class.php Projeto: Sywooch/dobox

 function write()
 {
     if (bff::$isAjax) {
         $nUserID = $this->security->getUserID();
         $p = $this->input->postm(array('email' => TYPE_STR, 'phone' => TYPE_NOHTML, 'message' => TYPE_NOHTML, 'captcha' => TYPE_STR));
         if (!$nUserID) {
             if (empty($p['email']) || !Func::IsEmailAddress($p['email'])) {
                 $this->errors->set('wrong_email');
             }
         }
         $p['phone'] = func::cleanComment($p['phone']);
         if (empty($p['phone'])) {
             $this->errors->set('no_phone');
         }
         $p['message'] = func::cleanComment($p['message']);
         if (empty($p['message'])) {
             $this->errors->set('no_message');
         }
         if (!$nUserID) {
             $oProtection = new CCaptchaProtection();
             if (!$oProtection->valid(isset($_SESSION['c2']) ? $_SESSION['c2'] : '', $p['captcha'])) {
                 $this->errors->set('wrong_captcha');
             }
         }
         if ($this->errors->no()) {
             unset($_SESSION['c2']);
             $this->db->execute('INSERT INTO ' . TABLE_CONTACTS . ' (user_id, email, phone, message, created) 
                            VALUES (' . $nUserID . ', ' . $this->db->str2sql($p['email']) . ', 
                                    ' . $this->db->str2sql($p['phone']) . ', ' . $this->db->str2sql(nl2br($p['message'])) . ', 
                                    ' . $this->db->getNOW() . ')');
             $nRecordID = $this->db->insert_id(TABLE_CONTACTS, 'id');
             if ($nRecordID) {
                 config::saveCount('contacts_new', 1);
                 bff::sendMailTemplate(array('user' => !$nUserID ? 'Аноним' : $this->security->getUserEmail(), 'email' => !$nUserID ? $p['email'] : $this->security->getUserEmail(), 'phone' => $p['phone'], 'message' => nl2br($p['message'])), 'admin_contacts', config::get('mail_admin', BFF_EMAIL_SUPPORT));
             }
         }
         $this->ajaxResponse(Errors::SUCCESS);
     }
     config::set('title', 'Связь с редактором - ' . config::get('title', ''));
     return $this->tplFetch('write.tpl');
 }

Exemplo n.º 5

0

Exibir arquivo

Arquivo: bbs.bl.class.php Projeto: Sywooch/dobox

 public function init()
 {
     parent::init();
     $this->items_images_path = bff::buildPath('items', 'images');
     $this->items_images_url = bff::buildUrl('items', 'images');
     # nested sets tree
     $tree = $this->attachComponent('tree', new dbNestedSetsTree(TABLE_BBS_CATEGORIES));
     bff::i()->GetModule('Services');
     if (bff::$isFrontend) {
         return;
     }
     # !
     # проверяем наличие корневого элемента
     if ($tree->checkRootNode($nRootID)) {
         # если только-что создан, создаем категорию
         $this->db->execute('UPDATE ' . TABLE_BBS_CATEGORIES . ' 
                             SET title = ' . $this->db->str2sql('Корневой раздел') . ', created = ' . $this->db->getNOW() . '
                             WHERE id = ' . $nRootID);
     }
     $this->initDynprops();
 }

Exemplo n.º 6

0

Exibir arquivo

Arquivo: sites.adm.class.php Projeto: Sywooch/dobox

 function main()
 {
     $aData['tabs'] = array('stat' => array('t' => 'Сводная информация', 'a' => 0), 'profile' => array('t' => 'Мой профиль', 'a' => 0));
     $sTab = func::GET('tab');
     if (empty($sTab)) {
         $sTab = 'stat';
     }
     switch ($sTab) {
         case 'profile':
             $aData['tabContent'] = bff::i()->Users_profile();
             break;
         case 'stat':
             $aData['subscribers'] = $this->db->one_data('SELECT COUNT(*) FROM ' . TABLE_USERS . ' WHERE subscribed=1');
             break;
     }
     $aData['tabs'][$sTab]['a'] = 1;
     $this->tplAssign('tab', $sTab);
     $this->tplAssignByRef('aData', $aData);
     $this->adminCustomCenterArea();
     return $this->tplFetch('admin.main.tpl');
 }

Exemplo n.º 7

0

Exibir arquivo

Arquivo: banners.bl.class.php Projeto: Sywooch/dobox

 function getBBSCategories($aSelectedID = array(), $bOptions = false)
 {
     if (!is_array($aSelectedID)) {
         $aSelectedID = array($aSelectedID);
     }
     bff::i()->GetModule('bbs');
     $aCats = $this->db->select('SELECT id, title, 0 as disabled FROM ' . TABLE_BBS_CATEGORIES . ' WHERE numlevel=1 ORDER BY numleft');
     if ($bOptions) {
         $sOptions = '';
         array_unshift($aCats, array('id' => 0, 'title' => 'любой', 'disabled' => 0), array('id' => -2, 'title' => '------------------------', 'disabled' => 1), array('id' => 1, 'title' => 'Все разделы сайта', 'disabled' => 0));
         foreach ($aCats as $v) {
             $sOptions .= '<option value="' . $v['id'] . '" class="' . ($v['id'] == 0 || $v['id'] == 1 ? 'bold' : '') . '" ' . ($v['id'] == -2 ? 'disabled' : '') . ' ' . (in_array($v['id'], $aSelectedID) ? ' selected="selected"' : '') . '>' . $v['title'] . '</option>';
         }
     } else {
         array_unshift($aCats, array('id' => 1, 'title' => 'Все разделы сайта'));
         $sCheckbox = '';
         foreach ($aCats as $v) {
             $sCheckbox .= '<label><input type="checkbox" name="cat[]" class="catcheck ' . ($v['id'] == 1 ? 'all bold' : 'cat') . '" value="' . $v['id'] . '"' . (in_array($v['id'], $aSelectedID) ? ' checked="checked"' : '') . '/> ' . $v['title'] . '</label><br/>';
         }
     }
     $aCats = func::array_transparent($aCats, 'id', true);
     return array('cats' => $aCats, 'options' => !empty($sOptions) ? $sOptions : '', 'checks' => !empty($sCheckbox) ? $sCheckbox : '');
 }

Exemplo n.º 8

0

Exibir arquivo

Arquivo: newpage.list.php Projeto: Sywooch/dobox

        if ($item == $currentPage) {
            print 'active';
        }
        ?>
">
                    <?php 
        $get['page'] = $item;
        ?>
                    <a href="<?php 
        print bff::buildUrl('', 'newpage') . '?' . http_build_query($get);
        ?>
"><?php 
        echo $item;
        ?>
</a>
                </li>
            <?php 
    }
    ?>

            <?php 
    $get['page'] = $pages;
    ?>
            <li class=""><a href="<?php 
    print bff::buildUrl('', 'newpage') . '?' . http_build_query($get);
    ?>
">&raquo;</a></li>
        </ul>
    </div>
<?php 
}

Exemplo n.º 9

0

Exibir arquivo

Arquivo: bills.class.php Projeto: Sywooch/dobox

 function success()
 {
     // пополнение и активация услуги
     $nItemID = !empty($_REQUEST['shp_item']) ? $_REQUEST['shp_item'] : '';
     $nSvcID = !empty($_REQUEST['shp_svc']) ? $_REQUEST['shp_svc'] : '';
     if ($nItemID > 0 && $nSvcID > 0) {
         /** @var Services module */
         $oServices = bff::i()->GetModule('Services');
         /** @var Bbs module */
         $oBbs = bff::i()->GetModule('Bbs');
         $sTitle = 'Активация услуги';
         $sDesc = 'Вы успешно активировали услугу';
         switch ($nSvcID) {
             case Services::typePublicate:
                 $sTitle = 'Публикация';
                 $sDesc = 'Вы успешно опубликовали объявление.';
                 if ($oBbs->isEditPassGranted($nItemID)) {
                     $aItemData = $this->db->one_array('SELECT id, ' . $this->security->decodeBBSEditPass('pass') . ' FROM ' . TABLE_BBS_ITEMS . ' WHERE id = ' . $nItemID);
                     $sDesc .= '<br/>Пароль к вашему объявлению: <b>' . $aItemData['pass'] . '</b>';
                 }
                 break;
             case Services::typeUp:
                 $sDesc = 'Вы успешно активировали услугу "Поднять объявление".';
                 break;
             case Services::typeMark:
                 $sDesc = 'Вы успешно активировали услугу "Выделить объявление".';
                 break;
             case Services::typePremium:
                 $sDesc = 'Вы успешно активировали услугу "Премиум".';
                 break;
             case Services::typePress:
                 $sDesc = 'Вы успешно активировали услугу "Публикация в прессе".';
                 break;
         }
         return $this->errors->showSuccess($sTitle, $sDesc . '<br/><a href="' . SITEURL . '/item/' . $nItemID . '">перейти к объявлению № ' . $nItemID . '</a>');
     }
     // только пополнение
     $nBalance = $this->security->getBalance(true);
     // актуализируем информацию о балансе в сессии
     return $this->errors->showSuccess('Пополнение счета', 'Вы успешно пополнили счет<br/>
         На вашем счету: <a href="' . SITEURL . '/bill">' . $nBalance . ' $.</a>');
 }

Exemplo n.º 10

0

Exibir arquivo

Arquivo: item.view.php Projeto: Sywooch/dobox

?>
<br/>
            <?php 
if ($cat_subtype) {
    ?>
<b class="grey f12Up"><?php 
    echo $cat_subtype_title;
    ?>
</b> <?php 
}
echo nl2br($descr);
?>
<br/>
        </p> <?php 
if ($imgcnt) {
    $imgURL = bff::buildUrl('items', 'images');
    $img = explode(',', $img);
    if (!empty($img)) {
        $imgfav = !empty($imgfav) ? $imgfav : current($img);
        ?>
            <div class="picCont">
            <span class="left"><img src="<?php 
        echo $imgURL . ($id . $imgfav);
        ?>
" id="itemMainImg" /></span>
                <div class="smallPics"><?php 
        foreach ($img as $i) {
            echo '<span class="right"><a href="' . $imgURL . ($id . $i) . '" target="_blank" onclick="$(\'#itemMainImg\').attr(\'src\',$(this).attr(\'href\')); return false;"><img src="' . $imgURL . ($id . 's' . $i) . '" /></a></span>';
        }
        ?>
</div>

Exemplo n.º 11

0

Exibir arquivo

Arquivo: services.class.php Projeto: Sywooch/dobox

 function ajax()
 {
     $nUserID = $this->security->getUserID();
     if (!bff::$isAjax) {
         $this->errors->set(Errors::IMPOSSIBLE);
     }
     $aResponse = array();
     switch (func::GET('act')) {
         case 'init':
             $aData =& $aResponse;
             $this->input->postm(array('type' => TYPE_UINT), $aData);
             $aServices = $this->db->select('SELECT id, keyword, settings, description FROM ' . TABLE_SERVICES . ' ORDER BY id');
             $aServicesData = array();
             foreach ($aServices as $v) {
                 $sett = unserialize($v['settings']);
                 $sett['desc'] = $v['description'];
                 $aServicesData[$v['keyword']] = $sett;
             }
             $aData['popup'] = $this->tplFetchPHP($aServicesData, 'items.svc.popup.php');
             break;
         case 'activate':
             $this->input->postm(array('item' => TYPE_UINT, 'svc' => TYPE_UINT), $aResponse);
             $nItemID = $aResponse['item'];
             $nSvcID = $aResponse['svc'];
             if (!$nItemID || !$nSvcID) {
                 $this->errors->set(Errors::IMPOSSIBLE);
                 break;
             }
             if ($nUserID > 0) {
                 $aUserData = $this->db->one_array('SELECT blocked, blocked_reason, balance, login as email FROM ' . TABLE_USERS . ' WHERE user_id = ' . $nUserID);
                 if ($aUserData['blocked']) {
                     $this->errors->set('Ваш аккаунт заблокирован по причине:<br/>' . $aUserData['blocked_reason']);
                     break;
                 }
                 $balance =& $aUserData['balance'];
                 if ($balance <= 0) {
                     $balance = 0;
                 }
             } else {
                 $balance = 0;
             }
             /** @var Bills module */
             $oBills = bff::i()->GetModule('Bills');
             $svc = $this->getServiceSettings($nSvcID);
             if (empty($svc) || !$svc['price']) {
                 $this->errors->set(Errors::IMPOSSIBLE);
                 break;
             }
             $price = $svc['price'];
             $sDescription = $this->buildServiceBillDescription($nSvcID, $nItemID);
             // денег на счету не хватило(или неавторизованный пользователь), выставляем счет, формируем форму оплаты
             if (!$nUserID || $price > $balance) {
                 $fAmount = round($price - $balance);
                 $nPaymentSystem = Bills::psystemRobox;
                 $nBillID = $oBills->createBill_InPay($nUserID, $balance, $fAmount, $fAmount, 'rur', $nPaymentSystem, Bills::typeInPay, Bills::statusWaiting, 'Пополнение счета', $nItemID, $nSvcID);
                 $aResponse['pay'] = true;
                 $aResponse['form'] = $oBills->buildPayForm($fAmount, $nPaymentSystem, $nBillID, $nItemID, $nSvcID);
                 break;
             }
             // создаем счет
             $nBillID = $oBills->createBill_OutService($nItemID, $nSvcID, $nUserID, 0, $price, Bills::statusProcessing, $sDescription);
             if (!$nBillID) {
                 $this->errors->set(Errors::IMPOSSIBLE);
                 break;
             }
             // активируем услугу
             $res = $this->activateItemSvc($nItemID, $nSvcID, 0);
             if (!$res) {
                 break;
             }
             // ^ ошибки выставляются тут
             // списываем с баланса пользователя
             $res = $oBills->updateBalance($nUserID, $price, '-');
             if ($res) {
                 $balance -= $price;
                 $this->security->setBalance($balance);
             }
             $aResponse['balance'] = $balance;
             //актуaлизируем информацию о счете
             $oBills->updateBill($nBillID, $balance, false, Bills::statusCompleted);
             if ($nSvcID == self::typePress) {
                 // уведомляем о скором размещении в прессе
                 bff::sendMailTemplate(array('item_url' => SITEURL . '/item/' . $nItemID, 'email' => $aUserData['email']), 'member_bbs_press_payed', $aUserData['email']);
             }
             break;
         default:
             $this->errors->set(Errors::IMPOSSIBLE);
     }
     $aResponse['res'] = $this->errors->no();
     $this->ajaxResponse($aResponse);
 }

Exemplo n.º 12

0

Exibir arquivo

Arquivo: bbs.adm.class.php Projeto: Sywooch/dobox

 function settings()
 {
     if (!$this->haveAccessTo('settings')) {
         return $this->showAccessDenied();
     }
     $configPrefix = $this->module_name . '_';
     $sCurrentTab = func::POSTGET('tab');
     if (empty($sCurrentTab)) {
         $sCurrentTab = 'general';
     }
     if (bff::$isPost && func::POST('save') == 1) {
         $confTmp = func::POST('config', false);
         $this->input->clean_array($confTmp, array('items_perpage' => TYPE_UINT, 'items_freepubl_category_limit' => TYPE_UINT, 'items_freepubl_category_limit_reg' => TYPE_UINT, 'adtxt_limit' => TYPE_UINT, 'svc_up_price' => TYPE_NUM, 'svc_mark_price' => TYPE_NUM, 'svc_premium_price' => TYPE_NUM, 'svc_press_price' => TYPE_NUM, 'svc_up_desc' => TYPE_STR, 'svc_mark_desc' => TYPE_STR, 'svc_premium_desc' => TYPE_STR, 'svc_press_desc' => TYPE_STR, 'images_limit' => TYPE_UINT, 'images_limit_reg' => TYPE_UINT, 'add_instruct1' => TYPE_STR, 'add_instruct2' => TYPE_STR, 'add_instruct3' => TYPE_STR, 'add_instruct4' => TYPE_STR));
         $conf = array();
         foreach ($confTmp as $k => $v) {
             $conf[$configPrefix . $k] = $v;
         }
         bff::i()->Sites_saveConfig($conf, false);
         //в БД
         $configAll = config::getAll();
         bff::i()->Sites_saveConfig(array_merge($configAll, $conf), true);
         //в файл
         $this->adminRedirect(Errors::SUCCESS, 'settings&tab=' . $sCurrentTab);
     }
     $aConfig = config::getWithPrefix($this->module_name . '_');
     $aConfig = array_map('stripslashes', $aConfig);
     $aConfig['options'] = array();
     $aConfig['options']['limit10'] = array(1 => 1, 2 => 2, 3 => 3, 4 => 4, 5 => 5, 6 => 6, 7 => 7, 8 => 8, 9 => 9, 10 => 10, 11 => 11, 12 => 12, 13 => 13, 14 => 14, 15 => 15);
     $aData = $aConfig;
     $aData['tabs'] = array('general' => array('t' => 'Общие настройки', 'a' => 0), 'files' => array('t' => 'Загрузка файлов', 'a' => 0), 'add_instruction' => array('t' => 'Инструкция при добавлении', 'a' => 0));
     $aData['tabs'][$sCurrentTab]['a'] = 1;
     $this->tplAssign('tab', $sCurrentTab);
     $this->tplAssignByRef('aData', $aData);
     $this->adminCustomCenterArea();
     $this->includeJS('wysiwyg');
     return $this->tplFetch('admin.settings.tpl');
 }

Exemplo n.º 13

0

Exibir arquivo

Arquivo: module.php Projeto: Sywooch/dobox

 function includeCSS($mInclude, $bUseThemePath = true)
 {
     bff::includeCSS($mInclude, $bUseThemePath);
 }

Exemplo n.º 14

0

Exibir arquivo

Arquivo: menu.php Projeto: Sywooch/dobox

<div class="categories" id="indexCategoriesList">
    <?php 
$aCats = bff::i()->Bbs_getIndexCategories();
$k = 0;
?>
    <div class="blockCat" rel="<?php 
echo $v['id'];
?>
">
        <div class="center">
            <a href="/search?c=1"><span class="caption">Все объявления</span></a>
        </div>
    </div>
    <?php 
foreach ($aCats as $v) {
    $k++;
    ?>
        <div class="blockCat" rel="<?php 
    echo $v['id'];
    ?>
">
            <!--            <div class="top"></div>-->
            <div class="center">
                <!--                <div onclick="blockClick(--><?php 
    //= $v['id']
    ?>
<!--)" class="blockClick" >-->
                <div class="blockClick" >
                    <span class="caption"><?php 
    echo $v['title'];
    ?>

Exemplo n.º 15

0

Exibir arquivo

Arquivo: bbs.items.images.class.php Projeto: Sywooch/dobox

 /**
  * @return BBS объект
  */
 function getBBSModule()
 {
     return bff::i()->GetModule('bbs');
 }

Exemplo n.º 16

0

Exibir arquivo

Arquivo: bbs.class.php Projeto: Sywooch/dobox

 function ajax()
 {
     switch (func::GET('act')) {
         case 'item-u-update':
             $this->input->postm(array('id' => TYPE_UINT, 'uid' => TYPE_UINT, 'p' => TYPE_STR), $p);
             $nUserID = $this->security->getUserID();
             $nItemID = $p['id'];
             if (!$nItemID || empty($p['p']) || !$nUserID) {
                 $this->ajaxResponse(Errors::ACCESSDENIED);
             }
             $aItem = $this->db->one_array('SELECT id, cat1_id FROM ' . TABLE_BBS_ITEMS . ' 
                 WHERE id = ' . $nItemID . ' AND status = ' . BBS_STATUS_NEW . ' 
                     AND pass = '******'p']));
             if (!empty($aItem)) {
                 $this->db->execute('UPDATE ' . TABLE_BBS_ITEMS . ' SET user_id = ' . $nUserID . ' WHERE id = ' . $nItemID);
                 // закрепляем за пользователем
                 $this->db->execute('UPDATE ' . TABLE_USERS . ' SET items = items+1 WHERE user_id = ' . $nUserID);
                 // обновляем счетчик объявлений пользователя
             }
             $sUID = $this->security->getUID(false, 'post');
             $bPayPublication = !$this->checkFreePublicationsLimit($aItem['cat1_id'], $nUserID, $sUID);
             $this->ajaxResponse(array('res' => !empty($aItem), 'pp' => $bPayPublication));
             break;
         case 'item-edit-pass':
             $p = $this->input->postm(array('id' => TYPE_UINT, 'pass' => TYPE_STR));
             $aResponse = array();
             do {
                 if (!$p['id']) {
                     $this->errors->set(Errors::IMPOSSIBLE);
                     break;
                 }
                 if (empty($p['pass'])) {
                     $this->errors->set('editpass_empty');
                     break;
                 }
                 if ($this->isEditPassGranted($p['id'])) {
                     $aResponse['result'] = true;
                     break;
                 }
                 $aData = $this->db->one_array('SELECT id, user_id FROM ' . TABLE_BBS_ITEMS . ' 
                           WHERE id = ' . $p['id'] . ' AND pass = '******'pass']));
                 if (empty($aData)) {
                     $this->errors->set(Errors::ACCESSDENIED);
                     break;
                 } else {
                     if ($aData['user_id'] > 0) {
                         $userID = $this->security->getUserID();
                         if ($userID > 0) {
                             if ($aData['user_id'] != $userID) {
                                 $this->errors->set('editpass_not_owner');
                             } else {
                                 $aResponse['result'] = true;
                                 break;
                             }
                         } else {
                             $this->errors->set('editpass_auth');
                         }
                     } else {
                         $this->grantEditPass($p['id']);
                         $aResponse['result'] = true;
                     }
                 }
             } while (false);
             $aResponse['errno'] = $this->errors->no();
             $this->ajaxResponse($aResponse);
             break;
         case 'item-claim':
             $p = $this->input->postm(array('id' => TYPE_UINT, 'reasons' => TYPE_ARRAY_UINT, 'comment' => TYPE_STR, 'captcha' => TYPE_STR));
             $p['comment'] = func::cleanComment($p['comment']);
             $aResponse = array();
             do {
                 if (!$p['id']) {
                     $this->errors->set(Errors::IMPOSSIBLE);
                     break;
                 }
                 if (empty($p['reasons']) && $p['comment'] == '') {
                     $this->errors->set('enter_claim_reason');
                     break;
                 }
                 $nUserID = $this->security->getUserID();
                 if (!$nUserID) {
                     $oProtection = new CCaptchaProtection();
                     if (!$oProtection->valid(isset($_SESSION['c2']) ? $_SESSION['c2'] : '', $p['captcha'])) {
                         $aResponse['captcha_wrong'] = 1;
                         $this->errors->set('claim_wrong_captcha');
                         break;
                     }
                 }
                 unset($_SESSION['c2']);
                 $nReasons = array_sum($p['reasons']);
                 $res = $this->db->execute('INSERT INTO ' . TABLE_BBS_ITEMS_CLAIMS . ' (item_id, user_id, comment, reasons, ip, created)
                     VALUES(' . $p['id'] . ', ' . $nUserID . ', ' . $this->db->str2sql($p['comment']) . ', ' . $nReasons . ', :ip, ' . $this->db->getNOW() . ')
                 ', array(':ip' => func::getRemoteAddress()));
                 if ($res) {
                     config::saveCount('bbs_items_claims', 1);
                     bff::sendMailTemplate(array('user' => !$nUserID ? 'Аноним' : $this->security->getUserEmail(), 'claim' => $this->getItemClaimText($nReasons, nl2br($p['comment'])), 'item_url' => SITEURL . '/item/' . $p['id']), 'admin_bbs_claim', config::get('mail_admin', BFF_EMAIL_SUPPORT));
                 }
             } while (false);
             $aResponse['result'] = $this->errors->no();
             $this->ajaxResponse($aResponse);
             break;
         case 'img-upload':
             $aFailResponse = array('success' => false);
             $nUserID = $this->security->getUserID();
             $nItemID = $this->input->post('id', TYPE_UINT);
             if ($nItemID > 0) {
                 $aData = $this->db->one_array('SELECT user_id, uid, img, imgcnt, status, moderated FROM ' . TABLE_BBS_ITEMS . ' WHERE id = ' . $nItemID);
                 if (empty($aData)) {
                     $aFailResponse['error'] = 'Редактируемое объявление не найдено';
                     $this->ajaxResponse($aFailResponse);
                 }
                 if ($aData['status'] == BBS_STATUS_BLOCKED && $aData['moderated'] == 0) {
                     $aFailResponse['error'] = 'Объявление ожидает проверки модератора';
                     $this->ajaxResponse($aFailResponse);
                 }
                 // доступ к редактированию объявления возможен только по паролю
                 if ($aData['user_id'] == 0) {
                     if (!$this->isEditPassGranted($nItemID)) {
                         $aFailResponse['error'] = 'В доступе отказано';
                         $this->ajaxResponse($aFailResponse);
                     }
                 } else {
                     // автор объявления = загеристрированный пользователь
                     if (!$nUserID || $nUserID > 0 && $aData['user_id'] != $nUserID) {
                         $aFailResponse['error'] = 'Вы не является владельцем данного объявления.';
                         $this->ajaxResponse($aFailResponse);
                     }
                 }
             } else {
                 // грузить новые фотографии(без привязки к объявлению) можно пока без ограничений
                 // вернее с ограничением swfuploader'a, до перезагрузки :)
             }
             $uploadResult = Upload::swfuploadStart(true);
             if (!is_array($uploadResult)) {
                 $sErrorMessage = $uploadResult;
                 $this->ajaxResponse(array('success' => false, 'error' => $uploadResult), 1);
             }
             $sFilename = $this->initImages()->saveImageFileCustom($this->items_images_path, $nItemID, $uploadResult);
             if (!empty($sFilename) && $nItemID > 0) {
                 $aData['img'] .= (!empty($aData['img']) ? ',' : '') . $sFilename;
                 $this->db->execute('UPDATE ' . TABLE_BBS_ITEMS . ' SET imgcnt = imgcnt+1, img = ' . $this->db->str2sql($aData['img']) . '
                                     WHERE id = ' . $nItemID);
             }
             $this->ajaxResponse(array('success' => true, 'filename' => $sFilename, 'id' => $nItemID), 1);
             break;
         case 'img-delete':
             $nUserID = $this->security->getUserID();
             $nItemID = $this->input->id('id', 'p');
             if ($nItemID > 0) {
                 $aData = $this->db->one_array('SELECT user_id, uid, img, imgcnt, status, moderated FROM ' . TABLE_BBS_ITEMS . ' WHERE id = ' . $nItemID);
                 if (empty($aData)) {
                     $aFailResponse['error'] = 'Редактируемое объявление не найдено';
                     $this->ajaxResponse($aFailResponse);
                 }
                 if ($aData['status'] == BBS_STATUS_BLOCKED && $aData['moderated'] == 0) {
                     $aFailResponse['error'] = 'Объявление ожидает проверки модератора';
                     $this->ajaxResponse($aFailResponse);
                 }
                 // доступ к редактированию объявления возможен только по паролю
                 if ($aData['user_id'] == 0) {
                     if (!$this->isEditPassGranted($nItemID)) {
                         $aFailResponse['error'] = 'В доступе отказано';
                         $this->ajaxResponse($aFailResponse);
                     }
                 } else {
                     // автор объявления = загеристрированный пользователь
                     if (!$nUserID || $nUserID > 0 && $aData['user_id'] != $nUserID) {
                         $aFailResponse['error'] = 'Вы не является владельцем данного объявления.';
                         $this->ajaxResponse($aFailResponse);
                     }
                 }
             } else {
                 // удалять фотографии(без привязки к объявлению) можно без ограничений
             }
             if (!($sFilename = func::POST('filename'))) {
                 $this->ajaxResponse(Errors::IMPOSSIBLE);
             }
             $this->initImages()->deleteImageFileCustom($this->items_images_path, $nItemID, $sFilename);
             $this->ajaxResponse(Errors::SUCCESS);
             break;
         case 'regions':
             $p = $this->input->postm(array('pid' => TYPE_UINT, 'form' => TYPE_STR, 'empty' => TYPE_STR));
             if (!$p['pid']) {
                 break;
             }
             $result = false;
             if ($p['form'] == 'options') {
                 $result = $this->regionsOptions(0, $p['pid'], true, !empty($p['empty']) ? $p['empty'] : 'Выбрать...');
             }
             $this->ajaxResponse($result);
             break;
         case 'sub-cats':
             $p = $this->input->postm(array('pid' => TYPE_UINT, 'dp' => TYPE_BOOL, 'dp_form' => TYPE_STR, 'format' => TYPE_STR, 'type' => TYPE_STR));
             if (!$p['pid']) {
                 break;
             }
             $returnTypes = 0;
             $returnSubTypes = 0;
             // Dirty. We get here category for our custom subtype
             if ($p['type'] == 'type') {
                 $type = $this->db->select('SELECT T.cat_id FROM ' . TABLE_BBS_CATEGORIES_TYPES . ' T WHERE T.id = ' . $p['pid'] . ' LIMIT 1');
                 $p['pid'] = $type[0]['cat_id'];
             }
             $aParentInfo = $this->db->one_array('SELECT id, numlevel, numleft, numright, prices, prices_sett, regions FROM ' . TABLE_BBS_CATEGORIES . ' WHERE id = ' . $p['pid']);
             $aDynprops = array();
             $aCats = $this->db->select('SELECT id, title, numlevel FROM ' . TABLE_BBS_CATEGORIES . ' WHERE pid = ' . $p['pid'] . ' AND enabled = 1 ORDER BY numleft');
             if ($p['type'] == 'type') {
                 $aCats = array();
             }
             if (empty($aCats)) {
                 $returnTypes = 1;
                 $tableName = TABLE_BBS_CATEGORIES_TYPES;
                 if ($p['type'] == 'type') {
                     $tableName = TABLE_BBS_CATEGORIES_SUBTYPES;
                     $returnTypes = 0;
                     $returnSubTypes = 1;
                 }
                 //если категории не найдены, пытаемся получить "типы"
                 $aCats = $this->db->select('SELECT T.id, T.title 
                                                 FROM ' . $tableName . ' T,
                                                      ' . TABLE_BBS_CATEGORIES . ' C 
                                                 WHERE ((C.numleft <= ' . $aParentInfo['numleft'] . ' AND C.numright > ' . $aParentInfo['numright'] . ') OR (C.id = ' . $p['pid'] . '))
                                                     AND C.id = T.cat_id AND T.enabled = 1 
                                                 GROUP BY T.id
                                                 ORDER BY C.numleft, T.num');
                 if ($p['dp']) {
                     $sDynpropsForm = '';
                     switch ($p['dp_form']) {
                         case 'add':
                             $sDynpropsForm = 'dynprops.form.add.php';
                             break;
                     }
                     $aDynprops = $this->initDynprops()->form($p['pid'], false, true, array(), 'dp', $sDynpropsForm, $this->module_dir_tpl);
                 }
             }
             if ($aParentInfo['prices']) {
                 $aParentInfo['prices_sett'] = unserialize($aParentInfo['prices_sett']);
                 if (is_array($aParentInfo['prices_sett'])) {
                     unset($aParentInfo['prices_sett']['ranges']);
                 }
             }
             $this->ajaxResponse(array('cats' => $aCats, 'is_types' => $returnTypes, 'is_subtypes' => $returnSubTypes, 'dp' => $aDynprops, 'regions' => $aParentInfo['regions'], 'prices' => $aParentInfo['prices'], 'prices_sett' => $aParentInfo['prices_sett']));
             break;
         case 'dp-child':
             $p = $this->input->postm(array('dp_id' => TYPE_UINT, 'dp_value' => TYPE_UINT));
             if (empty($p['dp_id']) && empty($p['dp_value'])) {
                 $this->ajaxResponse('');
             }
             $aChildDynpropForm = $this->initDynprops()->formChildAdd($p['dp_id'], $p['dp_value'], 'dynprops.form.child.php', $this->module_dir_tpl);
             $this->ajaxResponse($aChildDynpropForm);
             break;
         case 'dp-child-filter':
             $p = $this->input->postm(array('dp_id' => TYPE_UINT, 'dp_value' => TYPE_UINT));
             do {
                 if (!$p['dp_id'] || !$p['dp_value']) {
                     break;
                 }
                 $aPairs = array(array('parent_id' => $p['dp_id'], 'parent_value' => $p['dp_value']));
                 $dp = $this->initDynprops();
                 $aResult = array();
                 $aDynprops = $dp->getByParentIDValuePairs($aPairs, true);
                 if (!empty($aDynprops[$p['dp_id']])) {
                     $aDynprop = current($aDynprops[$p['dp_id']]);
                     $aResult = $dp->formChildEdit($aDynprop, 'search.dp.child.php', $this->module_dir_tpl);
                 } else {
                     $aResult['form'] = '';
                 }
                 $aResult['pid'] = $p['dp_id'];
                 $aResult['vid'] = $p['dp_value'];
                 $this->ajaxResponse(array('form' => $aResult, 'res' => true));
             } while (false);
             $this->ajaxResponse(array('form' => array(), 'res' => false));
             break;
         case 'item-publicate2':
             $bSave = $this->input->post('save', TYPE_BOOL);
             $nItemID = $this->input->post('item', TYPE_UINT);
             $nUserID = $this->security->getUserID();
             if (!$nItemID) {
                 $this->ajaxResponse(Errors::IMPOSSIBLE);
             }
             if (!$nUserID) {
                 $this->ajaxResponse(Errors::ACCESSDENIED);
             }
             $aItem = $this->db->one_array('SELECT id, user_id, status, moderated, publicated, publicated_to,
                          cat_id, cat1_id, cat2_id, cat_type 
                     FROM ' . TABLE_BBS_ITEMS . ' WHERE id = ' . $nItemID . ' AND status != ' . BBS_STATUS_NEW . ' AND user_id = ' . $nUserID);
             if (empty($aItem)) {
                 $this->ajaxResponse(Errors::IMPOSSIBLE);
             }
             if ($aItem['status'] == BBS_STATUS_BLOCKED) {
                 $this->errors->set('Невозможно продлить публикацию, поскольку объявление ' . ($aItem['moderated'] == 0 ? 'ожидает проверки' : 'отклонено'));
                 $this->ajaxResponse(null);
             }
             if ($aItem['status'] == BBS_STATUS_PUBLICATED) {
                 $this->errors->set('Невозможно продлить публикацию, поскольку объявление опубликовано');
                 $this->ajaxResponse(null);
             }
             if (!empty($bSave)) {
                 $nPeriod = $this->input->post('period', TYPE_UINT);
                 //проверяем корректность периода публикации
                 if (!($nPeriod >= 1 && $nPeriod <= 6)) {
                     $this->errors->set('wrong_publicated_period');
                     $this->ajaxResponse(null);
                 }
                 $publicateTo = $this->preparePublicatePeriodTo($nPeriod, $aItem['status'] == BBS_STATUS_PUBLICATED_OUT ? time() : strtotime($aItem['publicated_to']));
                 if ($aItem['status'] == BBS_STATUS_PUBLICATED_OUT) {
                     $toOld = strtotime($aItem['publicated_to']);
                     /* если разница между датой снятия с публикации и текущей датой
                      * более 3 дней, тогда поднимаем объявление вверх.
                      * в противном случае: оставлем дату старта публикации(pulicated) и дату порядка публикации(publicated_order) прежними
                      */
                     $bUpdatePublicatedOrder = time() - $toOld > 259200;
                     //60*60*24*3
                     $sqlNOW = $this->db->getNOW();
                     $res = $this->db->execute('UPDATE ' . TABLE_BBS_ITEMS . ' 
                         SET publicated_to = ' . $this->db->str2sql($publicateTo) . ',
                             ' . ($bUpdatePublicatedOrder ? ' publicated = ' . $sqlNOW . ', publicated_order = ' . $sqlNOW . ',' : '') . '
                             status_prev = status,
                             status = ' . BBS_STATUS_PUBLICATED . ',
                             moderated = 0
                         WHERE id = ' . $nItemID . '
                     ');
                     if (!empty($res)) {
                         # накручиваем счетчики кол-ва опубликованных объявлений:
                         # в категориях и типах:
                         $this->itemsCounterUpdate(array($aItem['cat1_id'], $aItem['cat2_id'], $aItem['cat_id']), !empty($aItem['cat_type']) ? array($aItem['cat_type']) : array(), true, true);
                     }
                 } else {
                     // продление опубликованных пока НЕ делаем
                     //                        $res = $this->db->execute('UPDATE '.TABLE_BBS_ITEMS.'
                     //                            SET publicated_to = '.$this->db->str2sql( $publicateTo ).'
                     //                            WHERE id = '.$nItemID.'
                     //                        ');
                 }
                 $this->ajaxResponse(array('res' => $this->errors->no()));
             }
             $aResponse['res'] = $this->errors->no();
             $aResponse['popup'] = $this->tplFetchPHP($aItem, 'items.publicate2.popup.php');
             $this->ajaxResponse($aResponse);
             break;
     }
     $this->ajaxResponse(Errors::IMPOSSIBLE);
 }

Exemplo n.º 17

0

Exibir arquivo

Arquivo: newpage.view.php Projeto: Sywooch/dobox

<?php

extract($aData);
$get = $_REQUEST;
?>

<div class="row-fluid">
    <div class="span5">

        <?php 
$imgURL = bff::buildUrl('items', 'images');
$imgDefaultURL = bff::buildUrl('default', 'images');
$imgDefault = $imgDefaultURL . 'no-photo-300.png';
$imgArray = explode(',', $img);
?>

        <div class="main-image">
            <?php 
if ($imgfav) {
    ?>
                <img src="<?php 
    echo $imgURL . $id . $imgfav;
    ?>
" class="img-rounded">
            <?php 
} else {
    ?>
                <img src="<?php 
    echo $imgDefault;
    ?>
" class="img-rounded" style="margin: 0 auto;">

Exemplo n.º 18

0

Exibir arquivo

Arquivo: services.bl.class.php Projeto: Sywooch/dobox

 function activateItemSvc($nItemID, $nSvcID, $mSvcExtra = 0)
 {
     /** @var Bbs module */
     $oBbs = bff::i()->GetModule('Bbs');
     $sqlNow = $this->db->getNOW();
     $aItem = $this->db->one_array('SELECT status, press, publicated, publicated_to, DATEDIFF(publicated_to, ' . $sqlNow . ') as days_left, svc
                     FROM ' . TABLE_BBS_ITEMS . '
                     WHERE id = ' . $nItemID . '
                 ');
     if (empty($aItem)) {
         return false;
     }
     if ($nSvcID == self::typePublicate) {
         if ($aItem['status'] != BBS_STATUS_NEW) {
             func::log('Объявление #' . $nItemID . ' уже опубликовано, невозможно выполнить платную публикацию');
             $this->errors->set('Объявление уже опубликовано');
             return false;
         }
     } else {
         if ($aItem['status'] != BBS_STATUS_PUBLICATED) {
             func::log('Объявление #' . $nItemID . ' должно быть опубликовано');
             $this->errors->set('Объявление должно быть опубликовано');
             return false;
         }
     }
     // у объявления уже активирована данная услуга
     if ($aItem['svc'] == $nSvcID) {
         switch ($nSvcID) {
             case self::typeMark:
                 $this->errors->set('Объявление уже выделено');
                 return false;
             case self::typePremium:
                 $this->errors->set('Объявление уже находится в статусе <b>Премиум</b>');
                 return false;
         }
     }
     $sql = '';
     switch ($nSvcID) {
         case self::typePublicate:
             $nPeriod = intval($mSvcExtra);
             if (!($nPeriod >= 1 && $nPeriod <= 4)) {
                 $nPeriod = 1;
             }
             $toStr = $oBbs->preparePublicatePeriodTo($nPeriod, time());
             $sql = 'publicated = ' . $sqlNow . ',
                     publicated_to = ' . $this->db->str2sql($toStr) . ',
                     publicated_order = ' . $sqlNow . ',
                     status_prev = status,
                     status = ' . BBS_STATUS_PUBLICATED . ',
                     moderated = 0';
             break;
         case self::typeUp:
             if ($aItem['svc'] == self::typePremium) {
                 $this->errors->set('Объявление не может быть поднято, поскольку находится в статусе <b>Премиум</b>');
                 return false;
             }
             if ($aItem['svc'] != self::typeMark) {
                 $sql .= ' svc = ' . $nSvcID . ', ';
             }
             $sql .= ' publicated_order = ' . $sqlNow;
             break;
         case self::typeMark:
             if ($aItem['svc'] == self::typePremium) {
                 $this->errors->set('Объявление не может выделено, поскольку находится в статусе <b>Премиум</b>');
                 return false;
             }
             $sql .= ' svc = ' . $nSvcID . ', marked_to = ' . $this->db->str2sql($aItem['publicated_to']);
             $sDescription = 'Выделено до ' . $aItem['publicated_to'];
             break;
         case self::typePremium:
             $sql .= ' svc = ' . $nSvcID;
             if ($aItem['days_left'] < 7) {
                 // в случае если дата публикация объявления завешается менее чем через 7 дней:
                 // продлеваем публикацию, на недостающее кол-во дней
                 $to = strtotime($aItem['publicated_to']);
                 $to += 60 * 60 * 24 * (7 - $aItem['days_left']);
                 //прибавляем недостающие дни
                 $toStr = date('Y-m-d H:i:s', $to);
                 $sDescription = 'Премиум до ' . $toStr;
                 $to = $this->db->str2sql($toStr);
                 $sql .= ', publicated_to = ' . $to;
                 $sql .= ', premium_to = ' . $to;
                 $sql .= ', marked_to = ' . $to;
                 // помечаем дату "выделения", такой же датой как действие "премиум"
             } else {
                 // помечаем срок действия премиум на период: 1 неделя
                 // помечаем срок действия "выделения" на период до окончания публикации,
                 //  т.к. после окончания действия "премиум" объявление переходит в статус "выделено".
                 $to = date('Y-m-d H:i:s', strtotime('+1 week'));
                 $sDescription = 'Премиум до ' . $to;
                 $sql .= ', premium_to = ' . $this->db->str2sql($to) . '
                          , marked_to = ' . $this->db->str2sql($aItem['publicated_to']);
             }
             break;
         case self::typePress:
             if ($aItem['press'] > 0) {
                 switch ($aItem['press']) {
                     case BBS_PRESS_PAYED:
                         $this->errors->set('Объявление будет опубликовано в ближайшее время');
                         return false;
                     case BBS_PRESS_PUBLICATED:
                         $this->errors->set('Объявление уже опубликовано прессе');
                         return false;
                 }
             }
             $sql .= ' press = ' . BBS_PRESS_PAYED;
             break;
     }
     $res = $this->db->execute('UPDATE ' . TABLE_BBS_ITEMS . ' SET ' . $sql . ' WHERE id = ' . $nItemID);
     return !empty($res);
 }

Exemplo n.º 19

0

Exibir arquivo

Arquivo: bbs.items.comments.enotify.php Projeto: Sywooch/dobox

<?php

require dirname(dirname(__FILE__)) . '/general.config.php';
bff::sessionStart('u');
require PATH_CORE . 'init.php';
$oBff = bff::i()->init(true);
error_reporting(E_ALL & ~E_DEPRICATED);
ini_set('display_errors', 1);
set_time_limit(0);
ignore_user_abort(true);
/*
* Период выполнения: каждые 15 минут
*/
$log = new CFileLogger(PATH_BASE . 'files/logs/', 'cron.log');
$log->log('bbs.items.comments.enotify: started...');
$oBff->GetModule('bbs');
//echo "start\r\n";
$oDb->execute('START TRANSACTION');
$aNotify = $oDb->select('SELECT EN.*
    FROM ' . TABLE_BBS_ITEMS_COMMENTS_ENOTIFY . ' EN
    WHERE EN.sended = 0
    ORDER BY EN.created
    LIMIT 100 
    FOR UPDATE');
// <- lock пока не разошлём письма (100)
if (!empty($aNotify)) {
    $mail = new CMail();
    $tpl = $oBff->Sendmail_getMailTemplate('bbs_comments_notify');
    foreach ($aNotify as $v) {
        try {
            $mail->From = BFF_EMAIL_NOREPLY;

Exemplo n.º 20

0

Exibir arquivo

Arquivo: users.class.php Projeto: Sywooch/dobox

 function ajax()
 {
     if (bff::$isAjax) {
         switch (func::GETPOST('act')) {
             case 'subscribe':
                 /*
                  * При подписке:
                  * - email выступает в дальнейшем в качестве логина
                  * - пароль генерируется автоматически
                  */
                 $sName = $this->input->post('name', TYPE_NOHTML);
                 $sEmail = mb_strtolower($this->input->post('email', TYPE_NOHTML));
                 $response = '';
                 do {
                     if (empty($sEmail) || !func::IsEmailAddress($sEmail)) {
                         $response = 0;
                         break;
                         // некорректно указан email
                     }
                     $isSubscribed = $this->db->one_data('SELECT user_id FROM ' . TABLE_USERS . ' WHERE login='******'email' - для рассылки, 'login' - для авторизации
                     $nUserID = $this->userCreate(array('login' => $sEmail, 'email' => $sEmail, 'password' => $sPassword, 'name' => $sName, 'subscribed' => 1, 'ip_reg' => func::getRemoteAddress(true)), self::GROUPID_MEMBER);
                     if ($nUserID) {
                         $response = 1;
                         // успешно подписались
                         # высылаем письмо (ставим в очередь на рассылку)
                         CMail::SendQueue('subscribe', array('user_id' => $nUserID));
                     } else {
                         $response = 4;
                         // системная ошибка
                     }
                 } while (false);
                 $this->ajaxResponse(array('result' => $response));
                 break;
             case 'enter':
                 if ($this->security->isLogined()) {
                     $this->ajaxResponse(array('result' => 'login-ok'));
                 }
                 $aData = $this->input->postm(array('email' => TYPE_STR, 'pass' => TYPE_STR, 'reg' => TYPE_BOOL));
                 if (!func::IsEmailAddress($aData['email'])) {
                     $this->errors->set('wrong:email');
                     break;
                     //email не корректный
                 }
                 if ($this->security->checkBan(false, func::getRemoteAddress(), $aData['email'], true)) {
                     $this->errors->set(Errors::ACCESSDENIED);
                     break;
                     //не прошли бан-фильтр
                 }
                 if ($aData['reg']) {
                     //регистрация
                     if (empty($aData['pass']) || strlen($aData['pass']) < 3) {
                         $this->errors->set('password_short');
                         break;
                         //пароль слишком короткий
                     }
                     $aData['email_hash'] = func::getEmailHash($aData['email']);
                     if ($this->isEmailExists($aData['email_hash'])) {
                         $this->errors->set('email_exist');
                         break;
                         //email уже занят
                     }
                     $this->getActivationInfo($sCode, $sLink);
                     $nUserID = $this->userCreate(array('login' => $aData['email'], 'email' => $aData['email'], 'email_hash' => $aData['email_hash'], 'password' => $aData['pass'], 'ip_reg' => Func::getRemoteAddress(true), 'activatekey' => $sCode, 'activated' => 0), self::GROUPID_MEMBER);
                     if ($nUserID) {
                         //$this->userAUTH($aData['email'], $aData['pass'], null, true);
                         $res = bff::sendMailTemplate(array('password' => $aData['pass'], 'email' => $aData['email'], 'activate_link' => "<a href=\"{$sLink}\">{$sLink}</a>"), 'member_registration', $aData['email']);
                         $this->ajaxResponse(array('result' => 'reg-ok'));
                     } else {
                         $this->ajaxResponse(Errors::IMPOSSIBLE);
                     }
                 } else {
                     //авторизация
                     $nResult = $this->userAUTH($aData['email'], $aData['pass'], null, true);
                     if ($nResult == 1) {
                         //$this->security->setRememberMe('u', $aData['email'], $aData['pass']);
                         bff::i()->Bbs_getFavorites(true);
                         $bReload = false;
                         if (!empty($_SERVER['HTTP_REFERER'])) {
                             if (stripos($_SERVER['HTTP_REFERER'], '/item/') !== FALSE || stripos($_SERVER['HTTP_REFERER'], '/items/fav') !== FALSE) {
                                 $bReload = true;
                             }
                         }
                         $userMenu = $this->tplFetch('user.menu.tpl');
                         $this->ajaxResponse(array('result' => 'login-ok', 'usermenu' => $userMenu, 'reload' => $bReload));
                     } else {
                         $mResponse = null;
                         switch ($nResult) {
                             case 0:
                                 $this->errors->set('email_or_pass_incorrect');
                                 break;
                             case -3:
                                 $this->errors->set('activate_first');
                                 break;
                                 //активируйте ваш аккаунт
                             //активируйте ваш аккаунт
                             case -2:
                                 $this->errors->set(Errors::ACCESSDENIED);
                                 break;
                                 //удален
                         }
                         if (is_array($nResult)) {
                             if ($nResult['res'] == -1) {
                                 $this->errors->set('Аккаунт заблокирован.' . (!empty($nResult['reason']) ? ' <br/><b>Причина:</b>' . nl2br($nResult['reason']) : ''));
                             }
                         }
                     }
                 }
                 break;
         }
     }
     $this->ajaxResponse(null);
 }

Exemplo n.º 21

0

Exibir arquivo

Arquivo: index.php Projeto: Sywooch/dobox

<?php

require '../general.config.php';
bff::sessionStart('a');
if (FORDEV) {
    func::tt_start($tt, $tt_mem);
}
require PATH_CORE . 'init.php';
$oBff = bff::i()->init(false);
if (bff::$class) {
    $htmlCenterArea = $oBff->callModule(bff::$class . '_' . bff::$event, array());
    Errors::i()->assign();
}
if (!$oSecurity->haveAccessToAdminPanel()) {
    func::JSRedirect('index.php?s=users&ev=login');
}
# Формируем меню
require PATH_CORE . 'menu.php';
$oMenu = new CMenu(array('Объявления', 'Пользователи', 'Счета', 'Баннеры', 'Страницы', 'FAQ', 'Работа с почтой', 'Регионы', 'Связь с редактором', 'Меню сайта', 'Настройка сайта'));
$firstUrl = $oMenu->build('declareadminmenu', true);
if (!bff::$class) {
    func::JSRedirect($firstUrl);
}
$oSm->assign('user_login', $oSecurity->getUserLogin());
$oSm->assign_by_ref('center_area', $htmlCenterArea);
$oSm->display('template.tpl', __FILE__, __FILE__);
if (FORDEV) {
    func::tt_finish($tt, $tt_mem);
    echo $oDb->getStatistic();
}
exit;

Exemplo n.º 22

0

Exibir arquivo

Arquivo: internalmail.adm.class.php Projeto: Sywooch/dobox

 function sendspam()
 {
     if (!$this->haveAccessTo('admin-message')) {
         return $this->showAccessDenied();
     }
     //get sender information
     $nUserID = $this->security->getUserID();
     $aSenderInfo = bff::i()->Users_getUserInfo($nUserID, false);
     //получаем список пользователей (members)
     $nCount = bff::i()->Users_getGroupUsersCount(USERS_GROUPS_MEMBER, '');
     //generate pagenation
     $this->generatePagenation($nCount, 20, $this->adminCreateLink('sendspam&{pageId}'), $sqlLimit);
     if (func::isPostMethod()) {
         $aRecipients = func::POST('recipients', false);
         $sMessage = func::POST('message', true);
         $all = func::POST('all', false, true);
         if (!$sMessage) {
             $this->errors->set('no_message');
         }
         if ($aRecipients == false && !$all) {
             $this->errors->set('no_recipient');
         }
         if ($this->errors->no()) {
             if ($all) {
                 $this->sendMessageToUsersGroupFromAdmin($sMessage, USERS_GROUPS_MEMBER);
             } else {
                 $this->sendMessage($aRecipients, $sMessage, false);
             }
             //Сообщение успешно отправлено
             $this->adminRedirect(Errors::SUCCESSFULL, 'sendspam');
         } else {
             $this->tplAssign('message', $sMessage);
         }
     }
     $this->tplAssign('user_info', $aSenderInfo);
     $this->tplAssign('aData', bff::i()->Users_getGroupUsers(USERS_GROUPS_MEMBER, $sqlLimit));
     return $this->tplFetch('admin.sendspam.tpl');
 }

Exemplo n.º 23

0

Exibir arquivo

Arquivo: admin.items.edit.php Projeto: Sywooch/dobox

</a>&nbsp;&nbsp;<a onclick="return iChangeBlocked(2);" class="ajax desc" href="#">отмена</a>
                </div> 
            </div>
        </div> 
        
        <div class="warnblock hidden" id="i_publicate2" style=margin-bottom:10px;">
            <div class="warnblock-content">                                 
                <table class="admtbl tbledit">
                <tr class="row1">
                    <td width="115">Период публикации:</td>
                    <td>
                    <script type="text/javascript"> 
                    <?php 
$week = 60 * 60 * 24 * 7;
$from = time();
$periods = bff::getPublicatePeriods($from);
?>
                        
                    var bbsPublicate2Periods = <?php 
echo func::php2js($periods['data']);
?>
;
                    </script>
                    <select class="inputText2" tabindex="1" name="period" onchange="$('#publicated2-till').html( bbsPublicate2Periods[this.value] );">
                        <?php 
echo $periods['html'];
?>
 
                    </select>
                    </td>
                </tr>

Exemplo n.º 24

0

Exibir arquivo

Arquivo: index.php Projeto: Sywooch/dobox

        <div class="top"><span class="left">&nbsp;</span><div class="clear"></div></div>
        <div class="center">
            <?php 
$total = bff::i()->Bbs_getTotalItemsCount();
?>
            поиск среди <b class="f18 orange"><?php 
echo $total;
?>
</b> <?php 
echo tpl::declension($total, array('объявления', 'объявлений', 'объявлений'), false);
?>
            <div class="padTop">
                <form action="/search" method="get">
                    <input type="hidden" name="quick" value="1" />
                    <span class="left"><input type="text" class="searchInput" name="q" /></span>
                    <span class="left"><select class="inputText" name="p" style="width:160px; :margin-top:3px;"><?php 
echo bff::i()->Bbs_periodSelect();
?>
</select></span>
                    <div class="button left">
                        <span class="left">&nbsp;</span>
                        <input type="button" value="НАЙТИ" onclick="if($.trim(this.form.q.value)=='') this.form.q.focus(); else this.form.submit();" />
                    </div>
                    <div class="clear"></div>
                </form>
            </div>
        </div>
        <div class="bottom"><span class="left">&nbsp;</span><div class="clear"></div></div>
    </div>
</div>

Exemplo n.º 25

0

Exibir arquivo

Arquivo: security.php Projeto: Sywooch/dobox

 function checkRememberMe($cookiePrefix = 'u')
 {
     if (!$this->isLogined() && $this->isRememberMe($cookiePrefix, $sLogin, $sPasswordMD5)) {
         $sPassword = bff::i()->Users_getUserPassword($sLogin);
         if ($sPasswordMD5 === $this->getRememberMePasswordMD5($sPassword)) {
             if (bff::i()->Users_userAUTH($sLogin, $sPassword) != 1) {
                 $this->clearRememberMe($cookiePrefix);
             } else {
                 $this->setRememberMe($cookiePrefix, $sLogin, $sPassword);
             }
         }
     }
 }

Exemplo n.º 26

0

Exibir arquivo

Arquivo: item.add.success.php Projeto: Sywooch/dobox

<?php

extract($aData);
$get = array('item' => $id);
header('Location: ' . bff::buildUrl('', 'newpage') . '?' . http_build_query($get));
?>

<div class="padBlock noBorder">
  <div class="allRight">Ваше объявление успешно опубликовано</div>
  <div class="textPad">
    <div class="advBlock">
      <div class="pic"><img src="<?php 
echo tpl::imgurl(array('folder' => 'items', 'file' => !empty($imgfav) ? $id . 't' . $imgfav : '', 'static' => 1));
?>
" /></div>
      <div class="desc">
        <?php 
if ($cat_type > 0) {
    ?>
<b class="upper"><?php 
    echo $cat_type_title;
    ?>
:</b> <?php 
}
?>
        <?php 
if ($cat_subtype > 0) {
    ?>
<b class="upper"><?php 
    echo $cat_subtype_title;
    ?>

Exemplo n.º 27

0

Exibir arquivo

Arquivo: users.adm.class.php Projeto: Sywooch/dobox

 function login()
 {
     if ($this->security->haveAccessToAdminPanel()) {
         $this->adminRedirect(null, 'profile');
     }
     $sLogin = '';
     if (bff::$isPost) {
         $sLogin = func::POST('login', true);
         if (!$sLogin) {
             $this->errors->set('no_login');
         }
         $sPassword = func::POST('password', true);
         if (!$sPassword) {
             $this->errors->set('no_password');
         }
         if ($this->errors->no()) {
             $sPassword = $this->security->getUserPasswordMD5($sPassword);
             $sQuery = 'SELECT user_id, login, email, name, avatar, admin, cat FROM ' . TABLE_USERS . '
                        WHERE login = '******' AND password = '******'
                        LIMIT 1';
             $aUserData = $this->db->one_array($sQuery);
             if (!$aUserData) {
                 $this->errors->set('login_and_password_unknow', '', false, $sLogin);
             } else {
                 $nUserID = $aUserData['user_id'];
                 if (bff::i()->Ban_checkBan(Func::getRemoteAddress(), false, false, true)) {
                     $this->errors->set(Errors::ACCESSDENIED);
                 } else {
                     if (!$this->security->haveAccessToAdminPanel($nUserID)) {
                         $this->errors->set(Errors::ACCESSDENIED);
                     }
                 }
                 if ($this->errors->no()) {
                     $aUserGroups = $this->getUserGroups($nUserID, true);
                     //стартуем сессию администратора
                     session_set_cookie_params(0, '/admin/');
                     $this->security->sessionStart('a', false);
                     //update login_last_datetime, login_datetime to current time
                     $this->db->execute('UPDATE ' . TABLE_USERS . '
                                SET login_last_ts=login_ts, login_ts=' . $this->db->getNOW() . ', ip_login= '******',
                                     session_id=' . $this->db->str2sql(session_id()) . '
                                WHERE user_id=' . $nUserID);
                     $this->security->setUserInfo($nUserID, $aUserData['login'], $aUserData['email'], $aUserGroups, array('avatar' => $aUserData['avatar'], 'name' => $aUserData['name'], 'surname' => $aUserData['surname'], 'admin' => $aUserData['admin'], 'cat' => explode(',', $aUserData['cat'])));
                     Func::JSRedirect('index.php');
                 }
             }
         }
     }
     $this->errors->assign();
     $this->tplAssign('login', $sLogin);
     $this->tplDisplay('login.tpl', TPL_PATH, '', '');
     exit(0);
 }

Exemplos de bff em PHP