Exemplo n.º 1
0
 public function getWidget($title, $target, $permissions = array())
 {
     $user = cmsUser::getInstance();
     extract($target);
     $page = $this->request->get('page', 1);
     $show_id = $this->request->get('wid');
     $go_reply = $this->request->get('reply', 0);
     $show_reply_id = 0;
     if ($show_id) {
         $entry = $this->model->getEntry($show_id);
         if ($entry) {
             if ($entry['parent_id'] > 0) {
                 $show_id = $entry['parent_id'];
                 $show_reply_id = $entry['id'];
             }
             $page = $this->model->getEntryPageNumber($show_id, $target, self::$perpage);
         }
     }
     $total = $this->model->getEntriesCount($profile_type, $profile_id);
     $entries = $this->model->getEntries($profile_type, $profile_id, $page);
     $entries = cmsEventsManager::hook('wall_before_list', $entries);
     $csrf_token_seed = implode('/', array($profile_type, $profile_id));
     $template = cmsTemplate::getInstance();
     return $template->renderInternal($this, 'list', array('title' => $title, 'user' => $user, 'controller' => $controller, 'profile_type' => $profile_type, 'profile_id' => $profile_id, 'user' => $user, 'entries' => $entries, 'permissions' => $permissions, 'page' => $page, 'perpage' => wall::$perpage, 'total' => $total, 'max_entries' => $show_id ? 0 : 5, 'csrf_token_seed' => $csrf_token_seed, 'show_id' => $show_id, 'show_reply_id' => $show_reply_id, 'go_reply' => $go_reply));
 }
Exemplo n.º 2
0
 public function run()
 {
     if (!$this->request->isAjax()) {
         cmsCore::error404();
     }
     $template = cmsTemplate::getInstance();
     $entry_id = $this->request->get('id');
     // Проверяем валидность
     $is_valid = is_numeric($entry_id);
     if (!$is_valid) {
         $result = array('error' => true, 'message' => LANG_ERROR);
         $template->renderJSON($result);
     }
     $user = cmsUser::getInstance();
     $entry = $this->model->getEntry($entry_id);
     $replies = $this->model->getReplies($entry_id);
     if (!$replies) {
         $result = array('error' => true, 'message' => LANG_ERROR);
         $template->renderJSON($result);
     }
     $replies = cmsEventsManager::hook('wall_before_list', $replies);
     $permissions = array('add' => $user->is_logged, 'delete' => $user->is_admin || $user->id == $entry['profile_id']);
     $html = $template->renderInternal($this, 'entry', array('entries' => $replies, 'user' => $user, 'permissions' => $permissions));
     // Формируем и возвращаем результат
     $result = array('error' => false, 'html' => $html);
     $template->renderJSON($result);
 }
Exemplo n.º 3
0
 public function run()
 {
     $template = cmsTemplate::getInstance();
     $config = cmsConfig::getInstance();
     $user = cmsUser::getInstance();
     $contact_id = $this->request->get('contact_id') or cmsCore::error404();
     $content = $this->request->get('content') or cmsCore::error404();
     $csrf_token = $this->request->get('csrf_token');
     // Проверяем валидность
     $is_valid = is_numeric($contact_id) && cmsForm::validateCSRFToken($csrf_token, false);
     if (!$is_valid) {
         $result = array('error' => true, 'message' => '');
         $template->renderJSON($result);
     }
     $contact = $this->model->getContact($user->id, $contact_id);
     // Контакт существует?
     if (!$contact) {
         $result = array('error' => true, 'message' => '');
         $template->renderJSON($result);
     }
     // Контакт не в игноре у отправителя?
     if ($contact['is_ignored']) {
         $result = array('error' => true, 'message' => LANG_PM_CONTACT_IS_IGNORED);
         $template->renderJSON($result);
     }
     // Отправитель не в игноре у контакта?
     if ($this->model->isContactIgnored($contact_id, $user->id)) {
         $result = array('error' => true, 'message' => LANG_PM_YOU_ARE_IGNORED);
         $template->renderJSON($result);
     }
     // Контакт принимает сообщения от этого пользователя?
     if (!$user->isPrivacyAllowed($contact, 'messages_pm')) {
         $result = array('error' => true, 'message' => LANG_PM_CONTACT_IS_PRIVATE);
         $template->renderJSON($result);
     }
     //
     // Отправляем сообщение
     //
     $content_html = cmsEventsManager::hook('html_filter', $content);
     if (!$content_html) {
         $template->renderJSON(array('error' => false, 'date' => false, 'message' => false));
     }
     $this->setSender($user->id);
     $this->addRecipient($contact_id);
     $message_id = $this->sendMessage($content_html);
     //
     // Отправляем уведомление на почту
     //
     $user_to = cmsCore::getModel('users')->getUser($contact_id);
     if (!$user_to['is_online']) {
         $this->sendNoticeEmail('messages_new');
     }
     //
     // Получаем и рендерим добавленное сообщение
     //
     $message = $this->model->getMessage($message_id);
     $message_html = $template->render('message', array('messages' => array($message), 'user' => $user), new cmsRequest(array(), cmsRequest::CTX_INTERNAL));
     // Результат
     $template->renderJSON(array('error' => false, 'date' => date($config->date_format, time()), 'message' => $message_html));
 }
Exemplo n.º 4
0
 public function actionOptions()
 {
     if (empty($this->useDefaultOptionsAction)) {
         cmsCore::error404();
     }
     $form = $this->getForm('options');
     if (!$form) {
         cmsCore::error404();
     }
     $form = cmsEventsManager::hook("form_options_{this->name}", $form);
     $is_submitted = $this->request->has('submit');
     $options = cmsController::loadOptions($this->name);
     if ($is_submitted) {
         $options = $form->parse($this->request, $is_submitted);
         $errors = $form->validate($this, $options);
         if (!$errors) {
             cmsUser::addSessionMessage(LANG_CP_SAVE_SUCCESS, 'success');
             cmsController::saveOptions($this->name, $options);
             $this->redirectToAction('options');
         }
         if ($errors) {
             cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
         }
     }
     return cmsTemplate::getInstance()->render('backend/options', array('options' => $options, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
 }
Exemplo n.º 5
0
 public function run($pass_token)
 {
     if (!$pass_token) {
         cmsCore::error404();
     }
     if (cmsUser::isLogged()) {
         $this->redirectToHome();
     }
     $users_model = cmsCore::getModel('users');
     $user = $users_model->getUserByPassToken($pass_token);
     if (!$user) {
         cmsCore::error404();
     }
     $users_model->unlockUser($user['id']);
     $users_model->clearUserPassToken($user['id']);
     cmsEventsManager::hook('user_registered', $user);
     cmsUser::addSessionMessage($this->options['reg_auto_auth'] ? LANG_REG_SUCCESS_VERIFIED_AND_AUTH : LANG_REG_SUCCESS_VERIFIED, 'success');
     // авторизуем пользователя автоматически
     if ($this->options['reg_auto_auth']) {
         $user = cmsEventsManager::hook('user_login', $user);
         cmsUser::sessionSet('user', array('id' => $user['id'], 'groups' => $user['groups'], 'time_zone' => $user['time_zone'], 'perms' => cmsUser::getPermissions($user['groups']), 'is_admin' => $user['is_admin']));
         $update_data = array('ip' => cmsUser::getIp());
         $this->model->update('{users}', $user['id'], $update_data, true);
         cmsEventsManager::hook('auth_login', $user['id']);
     }
     $this->redirect($this->getAuthRedirectUrl($this->options['first_auth_redirect']));
 }
Exemplo n.º 6
0
 public function run()
 {
     if (!$this->request->isAjax()) {
         cmsCore::error404();
     }
     if (!cmsUser::isAllowed('comments', 'is_moderator')) {
         return $this->cms_template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR));
     }
     $comment_id = $this->request->get('id', 0);
     if (!$comment_id) {
         return $this->cms_template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR));
     }
     $comment = $this->model->getComment($comment_id);
     if (!$comment) {
         return $this->cms_template->renderJSON(array('error' => true, 'message' => LANG_COMMENT_ERROR));
     }
     $this->model->approveComment($comment['id']);
     // Уведомляем модель целевого контента об изменении количества комментариев
     $comments_count = $this->model->filterCommentTarget($comment['target_controller'], $comment['target_subject'], $comment['target_id'])->getCommentsCount();
     $this->model->resetFilters();
     cmsCore::getModel($comment['target_controller'])->updateCommentsCount($comment['target_subject'], $comment['target_id'], $comments_count);
     $parent_comment = $comment['parent_id'] ? $this->model->getComment($comment['parent_id']) : false;
     // Уведомляем подписчиков
     $this->notifySubscribers($comment, $parent_comment);
     // Уведомляем об ответе на комментарий
     if ($parent_comment) {
         $this->notifyParent($comment, $parent_comment);
     }
     $comment = cmsEventsManager::hook('comment_after_add', $comment);
     return $this->cms_template->renderJSON(array('error' => false, 'message' => '', 'id' => $comment['id'], 'parent_id' => $comment['parent_id'], 'level' => $comment['level'], 'html' => cmsEventsManager::hook('parse_text', $comment['content_html'])));
 }
Exemplo n.º 7
0
 public function run()
 {
     $cat_id = $this->getOption('category_id');
     $ctype_id = $this->getOption('ctype_id');
     $dataset_id = $this->getOption('dataset');
     $image_field = $this->getOption('image_field');
     $big_image_field = $this->getOption('big_image_field');
     $big_image_preset = $this->getOption('big_image_preset');
     $teaser_fields = $this->getOption('teaser_field');
     $limit = $this->getOption('limit', 10);
     $delay = $this->getOption('delay', 5);
     $teaser_len = $this->getOption('teaser_len', 100);
     $model = cmsCore::getModel('content');
     $ctype = $model->getContentType($ctype_id);
     if (!$ctype) {
         return false;
     }
     if ($cat_id) {
         $category = $model->getCategory($ctype['name'], $cat_id);
     } else {
         $category = false;
     }
     if ($dataset_id) {
         $dataset = $model->getContentDataset($dataset_id);
         if ($dataset) {
             $model->applyDatasetFilters($dataset);
         } else {
             $dataset_id = false;
         }
     }
     if ($category) {
         $model->filterCategory($ctype['name'], $category, true);
     }
     // Приватность
     // флаг показа только названий
     $hide_except_title = !empty($ctype['options']['privacy_type']) && $ctype['options']['privacy_type'] == 'show_title';
     // Сначала проверяем настройки типа контента
     if (!empty($ctype['options']['privacy_type']) && in_array($ctype['options']['privacy_type'], array('show_title', 'show_all'), true)) {
         $model->disablePrivacyFilter();
         if ($ctype['options']['privacy_type'] != 'show_title') {
             $hide_except_title = false;
         }
     }
     // А потом, если разрешено правами доступа, отключаем фильтр приватности
     if (cmsUser::isAllowed($ctype['name'], 'view_all')) {
         $model->disablePrivacyFilter();
         $hide_except_title = false;
     }
     // Скрываем записи из скрытых родителей (приватных групп и т.п.)
     $model->filterHiddenParents();
     list($ctype, $model) = cmsEventsManager::hook('content_list_filter', array($ctype, $model));
     list($ctype, $model) = cmsEventsManager::hook("content_{$ctype['name']}_list_filter", array($ctype, $model));
     $items = $model->limit($limit)->getContentItems($ctype['name']);
     if (!$items) {
         return false;
     }
     list($ctype, $items) = cmsEventsManager::hook("content_before_list", array($ctype, $items));
     list($ctype, $items) = cmsEventsManager::hook("content_{$ctype['name']}_before_list", array($ctype, $items));
     return array('ctype' => $ctype, 'teaser_len' => $teaser_len, 'hide_except_title' => $hide_except_title, 'delay' => $delay, 'image_field' => $image_field, 'big_image_field' => $big_image_field, 'big_image_preset' => $big_image_preset, 'teaser_field' => $teaser_fields, 'items' => $items);
 }
Exemplo n.º 8
0
 public function run($group)
 {
     if (!cmsUser::isAllowed('groups', 'delete')) {
         cmsCore::error404();
     }
     if (!cmsUser::isAllowed('groups', 'delete', 'all') && $group['owner_id'] != $this->cms_user->id) {
         cmsCore::error404();
     }
     if ($this->request->has('submit')) {
         // подтвержение получено
         $csrf_token = $this->request->get('csrf_token', '');
         $is_delete_content = $this->request->get('is_delete_content', 0);
         if (!cmsForm::validateCSRFToken($csrf_token)) {
             cmsCore::error404();
         }
         list($group, $is_delete_content) = cmsEventsManager::hook('group_before_delete', array($group, $is_delete_content));
         $this->model->removeContentFromGroup($group['id'], $is_delete_content);
         $this->model->deleteGroup($group);
         cmsUser::addSessionMessage(sprintf(LANG_GROUPS_DELETED, $group['title']));
         $this->redirectToAction('');
     } else {
         // спрашиваем подтверждение
         return $this->cms_template->render('group_delete', array('user' => $this->cms_user, 'group' => $group));
     }
 }
Exemplo n.º 9
0
 public function parse($value)
 {
     if ($this->getOption('is_html_filter')) {
         $value = cmsEventsManager::hook('html_filter', array('text' => $value, 'is_auto_br' => false, 'build_redirect_link' => (bool) $this->getOption('build_redirect_link')));
     }
     return $value;
 }
Exemplo n.º 10
0
 public function run($id)
 {
     if (!$id) {
         cmsCore::error404();
     }
     $content_model = cmsCore::getModel('content');
     $ctype = $content_model->getContentType($id);
     $ctype = cmsEventsManager::hook("ctype_before_delete", $ctype);
     $content_model->deleteContentType($id);
     cmsEventsManager::hook("ctype_after_delete", $ctype);
     cmsCore::getModel('widgets')->deletePagesByName('content', "{$ctype['name']}.*");
     $binded_widgets = $content_model->get('widgets_bind', function ($item, $model) {
         $item['options'] = cmsModel::yamlToArray($item['options']);
         return $item;
     });
     if ($binded_widgets) {
         foreach ($binded_widgets as $widget) {
             if (isset($widget['options']['ctype_id']) && $ctype['id'] == $widget['options']['ctype_id']) {
                 $content_model->delete('widgets_bind', $widget['id']);
             }
         }
     }
     cmsCore::getController('activity')->deleteType('content', "add.{$ctype['name']}");
     $this->redirectToAction('ctypes');
 }
Exemplo n.º 11
0
 public function run()
 {
     if (!$this->request->isAjax()) {
         cmsCore::error404();
     }
     if (!cmsUser::isAllowed('comments', 'delete')) {
         cmsCore::error404();
     }
     $comment = $this->model->getComment((int) $this->request->get('id'));
     // Проверяем
     if (!$comment) {
         cmsTemplate::getInstance()->renderJSON($result = array('error' => true, 'message' => LANG_ERROR));
     }
     $user = cmsUser::getInstance();
     if (!cmsUser::isAllowed('comments', 'delete', 'all') && !cmsUser::isAllowed('comments', 'delete', 'full_delete')) {
         if (cmsUser::isAllowed('comments', 'delete', 'own') && $comment['user']['id'] != $user->id) {
             cmsTemplate::getInstance()->renderJSON(array('error' => true, 'message' => LANG_ERROR));
         }
     }
     // проверяем, есть ли дети комментария
     $is_comment_child = $this->model->getItemByField('comments', 'parent_id', $comment['id']);
     $this->model->deleteComment($comment['id'], !$is_comment_child && cmsUser::isAllowed('comments', 'delete', 'full_delete', true));
     if (cmsUser::isAllowed('comments', 'delete', 'full_delete')) {
         cmsEventsManager::hook('comments_after_delete', $comment['id']);
     } else {
         cmsEventsManager::hook('comments_after_hide', $comment['id']);
     }
     cmsTemplate::getInstance()->renderJSON(array('error' => false, 'message' => LANG_COMMENT_DELETED));
 }
Exemplo n.º 12
0
 public function run($feed_id)
 {
     $feed = $this->model->getFeed($feed_id);
     if (!$feed) {
         cmsCore::error404();
     }
     $form = $this->getForm('feed');
     // выясняем контроллер ленты
     $controller = $feed['ctype_name'];
     if ($this->model->isCtypeFeed($feed['ctype_name'])) {
         $controller = 'content';
     }
     list($form, $feed) = cmsEventsManager::hook('rss_' . $controller . '_controller_form', array($form, $feed));
     list($form, $feed) = cmsEventsManager::hook('rss_edit_form', array($form, $feed));
     list($form, $feed) = cmsEventsManager::hook('rss_' . $feed['ctype_name'] . '_edit_form', array($form, $feed));
     if ($this->request->has('submit')) {
         $feed = array_merge($feed, $form->parse($this->request, true));
         $errors = $form->validate($this, $feed);
         if (!$errors) {
             $this->model->updateFeed($feed_id, $feed);
             cmsEventsManager::hook('rss_' . $controller . '_controller_after_update', $feed);
             $this->redirectToAction();
         }
         if ($errors) {
             cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
         }
     }
     return cmsTemplate::getInstance()->render('backend/edit', array('feed' => $feed, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
 }
Exemplo n.º 13
0
 public function run($ctype_name)
 {
     $values = $this->request->get('value');
     if (!$values || !$ctype_name) {
         cmsCore::error404();
     }
     $content_model = cmsCore::getModel('content');
     $ctype = $content_model->getContentTypeByName($ctype_name);
     if (!$ctype) {
         cmsCore::error404();
     }
     $rules = cmsPermissions::getRulesList('content');
     list($ctype, $rules, $values) = cmsEventsManager::hook('content_perms', array($ctype, $rules, $values));
     list($ctype, $rules, $values) = cmsEventsManager::hook("content_{$ctype['name']}_perms", array($ctype, $rules, $values));
     $users_model = cmsCore::getModel('users');
     $groups = $users_model->getGroups(false);
     // перебираем правила
     foreach ($rules as $rule) {
         // если для этого правила вообще ничего нет,
         // то присваиваем null
         if (empty($values[$rule['id']])) {
             $values[$rule['id']] = null;
             continue;
         }
         // перебираем группы, заменяем на нуллы
         // значения отсутствующих правил
         foreach ($groups as $group) {
             if (empty($values[$rule['id']][$group['id']])) {
                 $values[$rule['id']][$group['id']] = null;
             }
         }
     }
     cmsPermissions::savePermissions($ctype_name, $values);
     $this->redirectBack();
 }
Exemplo n.º 14
0
 public function actionLogout()
 {
     cmsEventsManager::hook('auth_logout', cmsUser::getInstance()->id);
     cmsUser::logout();
     $this->redirectToHome();
     $this->halt();
 }
Exemplo n.º 15
0
 public function run($ctype_name = false)
 {
     if (!$ctype_name) {
         cmsCore::error404();
     }
     $feed = $this->model->getFeedByCtypeName($ctype_name);
     if (!$feed || !$feed['is_enabled']) {
         cmsCore::error404();
     }
     $category_id = $this->request->get('category', false);
     $user_id = $this->request->get('user', false);
     $content_model = cmsCore::getModel('content');
     if ($category_id) {
         $category = $content_model->getCategory($ctype_name, $category_id);
     }
     if ($user_id) {
         $author = cmsCore::getModel('users')->getUser($user_id);
     }
     if (!empty($category)) {
         $content_model->filterCategory($ctype_name, $category, true);
     }
     if (!empty($author)) {
         $content_model->filterEqual('user_id', $user_id);
     }
     $content_model->orderBy('id', 'desc')->limit($feed['limit']);
     $feed['items'] = $content_model->getContentItems($ctype_name);
     $feed = cmsEventsManager::hook('before_render_' . $ctype_name . '_feed_list', $feed);
     header('Content-type: application/rss+xml; charset=utf-8');
     return cmsTemplate::getInstance()->renderPlain('feed', array('feed' => $feed, 'category' => isset($category) ? $category : false, 'author' => isset($author) ? $author : false));
 }
Exemplo n.º 16
0
 public function parse($value)
 {
     if ($this->getOption('is_html_filter')) {
         $value = cmsEventsManager::hook('html_filter', array('text' => $value, 'is_auto_br' => false));
     }
     return $value;
 }
Exemplo n.º 17
0
 public function run($group)
 {
     if ($this->model->getMembership($group['id'], $this->cms_user->id)) {
         $this->redirectToAction($group['id']);
     }
     $invite = $this->model->getInvite($group['id'], $this->cms_user->id);
     if ($group['join_policy'] != groups::JOIN_POLICY_FREE && !$invite) {
         cmsCore::error404();
     }
     $result = cmsEventsManager::hook('group_before_join', array('allow' => true, 'group' => $group, 'invite' => $invite));
     if (!$result['allow']) {
         if (isset($result['access_text'])) {
             cmsUser::addSessionMessage($result['access_text'], 'error');
             if (isset($result['redirect_url'])) {
                 $this->redirect($result['redirect_url']);
             } else {
                 $this->redirectToAction($group['id']);
             }
         }
         cmsCore::error404();
     }
     $group = $result['group'];
     $invite = $result['invite'];
     $this->model->addMembership($group['id'], $this->cms_user->id);
     if ($invite) {
         $this->model->deleteInvite($invite['id']);
     }
     cmsCore::getController('activity')->addEntry($this->name, 'join', array('subject_title' => $group['title'], 'subject_id' => $group['id'], 'subject_url' => href_to_rel($this->name, $group['id']), 'group_id' => $group['id']));
     cmsUser::addSessionMessage(LANG_GROUPS_JOIN_MESSAGE, 'success');
     $this->redirectToAction($group['id']);
 }
Exemplo n.º 18
0
 public function run()
 {
     $form = $this->getForm('ctypes_basic', array('add'));
     $form = cmsEventsManager::hook('ctype_basic_form', $form);
     $is_submitted = $this->request->has('submit');
     $ctype = $form->parse($this->request, $is_submitted);
     if ($is_submitted) {
         $errors = $form->validate($this, $ctype);
         if (!$errors) {
             if (cmsCore::isControllerExists($ctype['name'])) {
                 $errors['name'] = LANG_CP_CTYPE_ERROR_NAME;
             }
         }
         if (!$errors) {
             $content_model = cmsCore::getModel('content');
             $ctype = cmsEventsManager::hook('ctype_before_add', $ctype);
             $ctype = cmsEventsManager::hook("ctype_{$ctype['name']}_before_add", $ctype);
             $ctype_id = $content_model->addContentType($ctype);
             $ctype['id'] = $ctype_id;
             cmsEventsManager::hook('ctype_after_add', $ctype);
             cmsEventsManager::hook("ctype_{$ctype['name']}_after_add", $ctype);
             if ($ctype_id) {
                 cmsCore::getController('content')->addWidgetsPages($ctype);
                 cmsUser::addSessionMessage(sprintf(LANG_CP_CTYPE_CREATED, $ctype['title']), 'success');
             }
             $this->redirectToAction('ctypes', array('labels', $ctype_id), array('wizard_mode' => true));
         }
         if ($errors) {
             cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
         }
     }
     return $this->cms_template->render('ctypes_basic', array('do' => 'add', 'ctype' => $ctype, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
 }
Exemplo n.º 19
0
 public function run()
 {
     if (cmsUser::isLogged()) {
         $this->redirectToHome();
     }
     $email = $this->request->get('login_email');
     $password = $this->request->get('login_password');
     $remember = (bool) $this->request->get('remember');
     $back_url = $this->request->has('back') ? $this->request->get('back') : false;
     $is_site_offline = !cmsConfig::get('is_site_on');
     if ($this->request->has('submit')) {
         $is_captcha_valid = true;
         if (cmsUser::sessionGet('is_auth_captcha') && $this->options['auth_captcha']) {
             $is_captcha_valid = cmsEventsManager::hook('captcha_validate', $this->request);
         }
         if ($is_captcha_valid) {
             cmsUser::sessionUnset('is_auth_captcha');
             $logged_id = cmsUser::login($email, $password, $remember);
             if ($logged_id) {
                 if ($is_site_offline) {
                     $userSession = cmsUser::sessionGet('user');
                     if (!$userSession['is_admin']) {
                         cmsUser::addSessionMessage(LANG_LOGIN_ADMIN_ONLY, 'error');
                         cmsUser::logout();
                         $this->redirectBack();
                     }
                 }
                 cmsEventsManager::hook('auth_login', $logged_id);
                 $is_back = $this->request->get('is_back');
                 if ($is_back) {
                     $this->redirectBack();
                 }
                 if ($back_url) {
                     $this->redirect($back_url);
                 } else {
                     $this->redirectToHome();
                 }
             }
         }
         if ($this->options['auth_captcha'] && !$is_site_offline) {
             cmsUser::sessionSet('is_auth_captcha', true);
         }
         if ($is_captcha_valid) {
             cmsUser::addSessionMessage(LANG_LOGIN_ERROR, 'error');
             if ($is_site_offline) {
                 $this->redirectBack();
             }
         } else {
             cmsUser::addSessionMessage(LANG_CAPTCHA_ERROR, 'error');
         }
     }
     if ($back_url) {
         cmsUser::addSessionMessage(LANG_LOGIN_REQUIRED, 'error');
     }
     if (cmsUser::sessionGet('is_auth_captcha')) {
         $captcha_html = cmsEventsManager::hook('captcha_html');
     }
     return cmsTemplate::getInstance()->render('login', array('back_url' => $back_url, 'captcha_html' => isset($captcha_html) ? $captcha_html : false));
 }
Exemplo n.º 20
0
 public function parse($value)
 {
     if ($this->getOption('is_html_filter')) {
         return cmsEventsManager::hook('html_filter', $value);
     } else {
         return nl2br(htmlspecialchars($value));
     }
 }
Exemplo n.º 21
0
 public function parse($value)
 {
     if ($this->getOption('is_html_filter')) {
         return cmsEventsManager::hook('html_filter', array('text' => $value, 'is_auto_br' => true, 'build_redirect_link' => (bool) $this->getOption('build_redirect_link')));
     } else {
         return nl2br(htmlspecialchars($value));
     }
 }
Exemplo n.º 22
0
 public function getPhotosList($item_type_id = 0, $item_type = '')
 {
     cmsEventsManager::hook('photos_list_filter', $this->model);
     $photos = $this->model->getPhotos($item_type_id, $item_type);
     if (!$photos) {
         return false;
     }
     return cmsEventsManager::hook('photos_before_list', $photos);
 }
Exemplo n.º 23
0
 public function run()
 {
     if (!$this->request->isAjax()) {
         cmsCore::error404();
     }
     // включено ли голосование от гостей?
     if (empty($this->options['allow_guest_vote']) && !$this->cms_user->is_logged) {
         return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_ERROR));
     }
     // Получаем параметры
     $direction = $this->request->get('direction', '');
     $target_controller = $this->request->get('controller', '');
     $target_subject = $this->request->get('subject', '');
     $target_id = $this->request->get('id', 0);
     $is_valid = $this->validate_sysname($target_controller) === true && $this->validate_sysname($target_subject) === true && is_numeric($target_id) && in_array($direction, array('up', 'down'));
     if (!$is_valid) {
         return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_ERROR));
     }
     // Объединяем всю информацию о голосе
     $vote = array('user_id' => $this->cms_user->id ? $this->cms_user->id : null, 'target_controller' => $target_controller, 'target_subject' => $target_subject, 'target_id' => $target_id, 'score' => $direction == 'up' ? 1 : -1, 'ip' => sprintf('%u', ip2long(cmsUser::getIp())));
     $cookie_key = $target_subject . $target_id . $target_controller;
     // Этот голос уже учитывался?
     $is_voted = $this->model->isUserVoted($vote, $this->cms_user->is_logged);
     if ($is_voted) {
         // если куки нет, ставим
         if (!empty($this->options['is_hidden']) && !cmsUser::getCookie($cookie_key)) {
             cmsUser::setCookie($cookie_key, 1, 2628000);
             // год
         }
         return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_RATING_VOTED));
     }
     $target_model = cmsCore::getModel($target_controller);
     $target = $target_model->getRatingTarget($target_subject, $target_id);
     if (!empty($target['user_id'])) {
         if ($this->cms_user->is_logged) {
             if ($target['user_id'] == $this->cms_user->id || !cmsUser::isAllowed($target_subject, 'rate')) {
                 return $this->cms_template->renderJSON(array('success' => false, 'message' => LANG_RATING_DISABLED));
             }
         }
     }
     // Добавляем голос в лог
     $this->model->addVote($vote);
     // Обновляем суммарный рейтинг цели
     $rating = (int) $target['rating'] + $vote['score'];
     $target_model->updateRating($target_subject, $target_id, $rating);
     // Оповещаем всех об изменении рейтинга
     cmsEventsManager::hook('rating_vote', array('subject' => $target_subject, 'id' => $target_id, 'target' => $target, 'vote' => $vote, 'rating' => $rating));
     // Собираем результат
     $result = array('success' => true, 'rating' => html_signed_num($rating), 'css_class' => html_signed_class($rating) . ($this->options['is_show'] ? ' clickable' : ''), 'message' => LANG_RATING_VOTED);
     // запоминаем в куках
     if (!empty($this->options['is_hidden'])) {
         cmsUser::setCookie($cookie_key, 1, 2628000);
         // год
     }
     return $this->cms_template->renderJSON($result);
 }
Exemplo n.º 24
0
 public function run($group_id)
 {
     $content_model = cmsCore::getModel('content')->setTablePrefix('');
     $ctype = $content_model->getContentTypeByName('users');
     $fields = $content_model->getContentFields('users');
     $fields[] = array('title' => LANG_RATING, 'name' => 'rating', 'handler' => new fieldNumber('rating'));
     $fields[] = array('title' => LANG_KARMA, 'name' => 'karma', 'handler' => new fieldNumber('karma'));
     $fields = cmsEventsManager::hook('admin_users_filter', $fields);
     return cmsTemplate::getInstance()->render('users_filter', array('ctype' => $ctype, 'fields' => $fields));
 }
Exemplo n.º 25
0
 public function run()
 {
     $ctype_id = $this->getOption('ctype_id');
     $dataset_id = $this->getOption('dataset');
     $cat_id = $this->getOption('category_id');
     $image_field = $this->getOption('image_field');
     $teaser_field = $this->getOption('teaser_field');
     $is_show_details = $this->getOption('show_details');
     $style = $this->getOption('style', 'basic');
     $limit = $this->getOption('limit', 10);
     $model = cmsCore::getModel('content');
     $ctype = $model->getContentType($ctype_id);
     if (!$ctype) {
         return false;
     }
     if ($cat_id) {
         $category = $model->getCategory($ctype['name'], $cat_id);
     } else {
         $category = false;
     }
     if ($dataset_id) {
         $dataset = $model->getContentDataset($dataset_id);
         if ($dataset) {
             $model->applyDatasetFilters($dataset);
         } else {
             $dataset_id = false;
         }
     }
     if ($category) {
         $model->filterCategory($ctype['name'], $category, true);
         $model->groupBy('i.id');
     }
     if (!$dataset_id) {
         $model->orderBy('date_pub', 'desc');
     }
     // Отключаем фильтр приватности для тех кому это разрешено
     if (cmsUser::isAllowed($ctype['name'], 'view_all')) {
         $model->disablePrivacyFilter();
     }
     // Скрываем записи из скрытых родителей (приватных групп и т.п.)
     $model->filterHiddenParents();
     list($ctype, $model) = cmsEventsManager::hook("content_list_filter", array($ctype, $model));
     list($ctype, $model) = cmsEventsManager::hook("content_{$ctype['name']}_list_filter", array($ctype, $model));
     $items = $model->limit($limit)->getContentItems($ctype['name']);
     if (!$items) {
         return false;
     }
     if ($style) {
         $this->setTemplate('list_' . $style);
     } else {
         $this->setTemplate($this->tpl_body);
     }
     return array('ctype' => $ctype, 'image_field' => $image_field, 'teaser_field' => $teaser_field, 'is_show_details' => $is_show_details, 'style' => $style, 'items' => $items);
 }
Exemplo n.º 26
0
 public function run($group)
 {
     $is_member = $this->model->getMembership($group['id'], $this->cms_user->id);
     $is_owner = $group['owner_id'] == $this->cms_user->id;
     if ($is_member && !$is_owner) {
         $group = cmsEventsManager::hook('group_before_leave', $group);
         $this->model->deleteMembership($group['id'], $this->cms_user->id);
         cmsCore::getController('activity')->addEntry($this->name, 'leave', array('subject_title' => $group['title'], 'subject_id' => $group['id'], 'subject_url' => href_to_rel($this->name, $group['id']), 'group_id' => $group['id']));
     }
     cmsUser::addSessionMessage(LANG_GROUPS_LEAVE_MESSAGE, 'info');
     $this->redirectToAction($group['id']);
 }
Exemplo n.º 27
0
 public function run()
 {
     // Получаем название типа контента и сам тип
     $ctype_name = $this->request->get('ctype_name');
     $ctype = $this->model->getContentTypeByName($ctype_name);
     if (!$ctype) {
         cmsCore::error404();
     }
     $id = $this->request->get('id');
     if (!$id) {
         cmsCore::error404();
     }
     $item = $this->model->getContentItem($ctype_name, $id);
     if (!$item) {
         cmsCore::error404();
     }
     // проверяем наличие доступа
     $user = cmsUser::getInstance();
     if (!cmsUser::isAllowed($ctype['name'], 'delete')) {
         cmsCore::error404();
     }
     if (!cmsUser::isAllowed($ctype['name'], 'delete', 'all') && $item['user_id'] != $user->id) {
         cmsCore::error404();
     }
     $is_moderator = $user->is_admin || $this->model->userIsContentTypeModerator($ctype_name, $user->id);
     if (!$item['is_approved'] && !$is_moderator) {
         cmsCore::error404();
     }
     $back_action = '';
     if ($ctype['is_cats'] && $item['category_id']) {
         $category = $this->model->getCategory($ctype_name, $item['category_id']);
         $back_action = $category['slug'];
     }
     cmsEventsManager::hook("content_before_delete", array('ctype_name' => $ctype_name, 'item' => $item));
     cmsEventsManager::hook("content_{$ctype['name']}_before_delete", $item);
     $this->model->deleteContentItem($ctype_name, $id);
     if (!$item['is_approved']) {
         $this->notifyAuthor($ctype_name, $item);
     }
     cmsEventsManager::hook("content_after_delete", array('ctype_name' => $ctype_name, 'item' => $item));
     cmsEventsManager::hook("content_{$ctype['name']}_after_delete", $item);
     $back_url = $this->request->get('back');
     if ($back_url) {
         $this->redirect($back_url);
     } else {
         if ($ctype['options']['list_on']) {
             $this->redirectTo($ctype_name, $back_action);
         } else {
             $this->redirectToHome();
         }
     }
 }
Exemplo n.º 28
0
 public function run($ctype_id)
 {
     if (!$ctype_id) {
         cmsCore::error404();
     }
     $content_model = cmsCore::getModel('content');
     $ctype = $content_model->getContentType($ctype_id);
     if (!$ctype) {
         cmsCore::error404();
     }
     $form = $this->getForm('ctypes_field', array('add', $ctype['name']));
     $form = cmsEventsManager::hook('ctype_field_form', $form);
     list($form, $ctype) = cmsEventsManager::hook($ctype['name'] . '_ctype_field_form', array($form, $ctype));
     $field = array('ctype_id' => $ctype['id']);
     if ($this->request->has('submit')) {
         // добавляем поля настроек типа поля в общую форму
         // чтобы они были обработаны парсером и валидатором
         // вместе с остальными полями
         $field_type = $this->request->get('type');
         $field_class = "field" . string_to_camel('_', $field_type);
         $field_object = new $field_class(null, null);
         $field_options = $field_object->getOptions();
         foreach ($field_options as $option_field) {
             $option_field->setName("options:{$option_field->name}");
             $form->addField('type', $option_field);
         }
         $field = $form->parse($this->request, true);
         $errors = $form->validate($this, $field);
         $field['ctype_id'] = $ctype['id'];
         if (!$errors) {
             // если не выбрана группа, обнуляем поле группы
             if (!$field['fieldset']) {
                 $field['fieldset'] = null;
             }
             // если создается новая группа, то выбираем ее
             if ($field['new_fieldset']) {
                 $field['fieldset'] = $field['new_fieldset'];
             }
             unset($field['new_fieldset']);
             // сохраняем поле
             $field_id = $content_model->addContentField($ctype['name'], $field);
             if ($field_id) {
                 cmsUser::addSessionMessage(sprintf(LANG_CP_FIELD_CREATED, $field['title']), 'success');
             }
             $this->redirectToAction('ctypes', array('fields', $ctype['id']));
         }
         if ($errors) {
             cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
         }
     }
     return $this->cms_template->render('ctypes_field', array('do' => 'add', 'ctype' => $ctype, 'field' => $field, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
 }
Exemplo n.º 29
0
 public function run($controller_name)
 {
     if (!$controller_name) {
         cmsCore::error404();
     }
     $controller_info = $this->model->getControllerInfo($controller_name);
     if (!$controller_info) {
         // если компонент имеет несколько контроллеров и один из них использует опции другого
         $controller_info = cmsEventsManager::hook("admin_{$controller_name}_controller_info", false);
         if (!$controller_info) {
             cmsCore::error404();
         }
     }
     cmsCore::loadControllerLanguage($controller_info['name']);
     $controller_title = string_lang($controller_info['name'] . '_CONTROLLER', $controller_info['title']);
     if (!$controller_info['is_backend']) {
         return $this->cms_template->render('controllers_edit', array('is_backend' => false, 'ctype' => false, 'controller_name' => $controller_info['name'], 'controller_title' => $controller_title));
     }
     //
     // Загружаем бакенд выбранного контроллера
     //
     $backend_context = $this->request->isAjax() ? cmsRequest::CTX_AJAX : cmsRequest::CTX_INTERNAL;
     $backend_request = new cmsRequest($this->request->getData(), $backend_context);
     $backend_controller = $this->loadControllerBackend($controller_info['name'], $backend_request);
     // Определяем текущий экшен бакенда
     $action_name = sizeof($this->params) > 1 ? $this->params[1] : 'index';
     //
     // Удаляем из массива параметров название контроллера и экшен
     //
     if (sizeof($this->params) <= 2) {
         $params = array();
     } else {
         $params = $this->params;
         unset($params[0]);
         unset($params[1]);
     }
     // Если запрос пришел по AJAX, то выполняем экшен бакенда сразу же
     // иначе он будет выполнен позже, в шаблоне, чтобы тулбары и pathwey бакенда
     // вывелись позже, чем админки
     if ($this->request->isAjax()) {
         $backend_controller->runAction($action_name, $params);
         $this->halt();
     }
     // Подключаем CSS бакенда если он есть
     $css_file = $this->cms_template->getStylesFileName($controller_info['name'], 'backend');
     if ($css_file) {
         $this->cms_template->addCSS($css_file);
     }
     $this->cms_template->setMenuItems('backend', $backend_controller->getBackendMenu());
     return $this->cms_template->render('controllers_edit', array('is_backend' => true, 'ctype' => cmsCore::getModel('content')->getContentTypeByName($backend_controller->maintained_ctype ? $backend_controller->maintained_ctype : $controller_name), 'controller_name' => $controller_info['name'], 'controller_title' => $controller_title, 'params' => $params, 'action_name' => $action_name, 'backend_controller' => $backend_controller));
 }
Exemplo n.º 30
0
 public function run($id = false)
 {
     if (!$id) {
         cmsCore::error404();
     }
     $users_model = cmsCore::getModel('users');
     $user = $users_model->getUser($id);
     $user = cmsEventsManager::hook('user_delete', $user);
     if ($user !== false) {
         $users_model->deleteUser($user);
         cmsUser::addSessionMessage(sprintf(LANG_CP_USER_DELETED, $user['nickname']), 'success');
     }
     $this->redirectBack();
 }