function getUsersArray($result, $cfg, $inDB)
{
$users = array();
while ($usr = $inDB->fetch_assoc($result)) {
if ($cfg['admin_editor']) {
if (cmsUser::userIsAdmin($usr['id'])) {
$usr['genderlink'] = cmsUser::getGenderLink($usr['id'], $usr['nickname'], $usr['gender'], $usr['login'], "color:{$cfg['color_admin']}");
} elseif (cmsUser::userIsEditor($usr['id'])) {
$usr['genderlink'] = cmsUser::getGenderLink($usr['id'], $usr['nickname'], $usr['gender'], $usr['login'], "color:{$cfg['color_editor']}");
} else {
$usr['genderlink'] = cmsUser::getGenderLink($usr['id'], $usr['nickname'], $usr['gender'], $usr['login']);
}
} else {
$usr['genderlink'] = cmsUser::getGenderLink($usr['id'], $usr['nickname'], $usr['gender'], $usr['login']);
}
$users[] = $usr['genderlink'];
}
return $users;
}
function applet_userbanlist()
{
$inCore = cmsCore::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/users', $adminAccess)) {
cpAccessDenied();
}
$GLOBALS['cp_page_title'] = $_LANG['AD_BANLIST'];
cpAddPathway($_LANG['AD_USERS'], 'index.php?view=users');
cpAddPathway($_LANG['AD_BANLIST'], 'index.php?view=userbanlist');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
$to = cmsCore::request('to', 'int', 0);
// для редиректа обратно в профиль на сайт
if ($to) {
cmsUser::sessionPut('back_url', cmsCore::getBackURL());
}
if ($do == 'list') {
$toolmenu[] = array('icon' => 'useradd.gif', 'title' => $_LANG['AD_TO_BANLIST_ADD'], 'link' => '?view=userbanlist&do=add');
$toolmenu[] = array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=userbanlist&do=edit&multiple=1');");
$toolmenu[] = array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=userbanlist&do=delete&multiple=1');");
cpToolMenu($toolmenu);
$fields[] = array('title' => 'id', 'field' => 'id', 'width' => '30');
$fields[] = array('title' => $_LANG['AD_IS_ACTIVE'], 'field' => 'status', 'width' => '55', 'prc' => 'cpYesNo');
$fields[] = array('title' => $_LANG['AD_BANLIST_USER'], 'field' => 'user_id', 'width' => '120', 'filter' => '12', 'prc' => 'cpUserNick');
$fields[] = array('title' => $_LANG['AD_BANLIST_IP'], 'field' => 'ip', 'width' => '100', 'link' => '?view=userbanlist&do=edit&id=%id%', 'filter' => '12');
$fields[] = array('title' => $_LANG['DATE'], 'field' => 'bandate', 'width' => '', 'fdate' => '%d/%m/%Y %H:%i:%s', 'filter' => '12');
$fields[] = array('title' => $_LANG['AD_BANLIST_TIME'], 'field' => 'int_num', 'width' => '55');
$fields[] = array('title' => '', 'field' => 'int_period', 'width' => '70');
$fields[] = array('title' => $_LANG['AD_AUTOREMOVE'], 'field' => 'autodelete', 'width' => '90', 'prc' => 'cpYesNo');
$actions[] = array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=userbanlist&do=edit&id=%id%');
$actions[] = array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_REMOVE_RULE'], 'link' => '?view=userbanlist&do=delete&id=%id%');
cpListTable('cms_banlist', $fields, $actions, '1=1', 'ip DESC');
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbDelete('cms_banlist', $id);
}
} else {
dbDeleteList('cms_banlist', cmsCore::request('item', 'array_int', array()));
}
cmsCore::redirect('?view=userbanlist');
}
if ($do == 'submit' || $do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$types = array('user_id' => array('user_id', 'int', 0), 'ip' => array('ip', 'str', ''), 'cause' => array('cause', 'str', ''), 'autodelete' => array('autodelete', 'int', 0), 'int_num' => array('int_num', 'int', 0), 'int_period' => array('int_period', 'str', '', create_function('$p', 'if(!in_array($p, array("MONTH","DAY","HOUR","MINUTE"))){ $p = "MINUTE"; } return $p;')));
$items = cmsCore::getArrayFromRequest($types);
$error = false;
if (!$items['ip']) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_NEED_IP'], 'error');
}
if ($items['ip'] == $_SERVER['REMOTE_ADDR'] || $items['user_id'] == $inUser->id) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_ITS_YOUR_IP'], 'error');
}
if (cmsUser::userIsAdmin($items['user_id'])) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_ITS_ADMIN'], 'error');
}
if ($error) {
cmsCore::redirectBack();
}
if ($do == 'update') {
$inDB->update('cms_banlist', $items, $id);
if (empty($_SESSION['editlist'])) {
cmsCore::redirect('?view=userbanlist');
} else {
cmsCore::redirect('?view=userbanlist&do=edit');
}
}
$inDB->insert('cms_banlist', $items);
$back_url = cmsUser::sessionGet('back_url');
cmsUser::sessionDel('back_url');
cmsCore::redirect($back_url ? $back_url : '?view=userbanlist');
}
if ($do == 'add' || $do == 'edit') {
$GLOBALS['cp_page_head'][] = '<script language="JavaScript" type="text/javascript" src="/admin/js/banlist.js"></script>';
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);');
cpToolMenu($toolmenu);
if ($do == 'add') {
echo '<h3>' . $_LANG['AD_TO_BANLIST_ADD'] . '</h3>';
cpAddPathway($_LANG['AD_TO_BANLIST_ADD']);
} else {
if (isset($_REQUEST['multiple'])) {
if (isset($_REQUEST['item'])) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (sizeof($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . sizeof($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = $inDB->get_fields('cms_banlist', "id = '{$item_id}'", '*');
if (!$mod) {
cmsCore::error404();
}
echo '<h3>' . $_LANG['AD_EDIT_RULE'] . ' ' . $ostatok . '</h3>';
cpAddPathway($_LANG['AD_EDIT_RULE']);
}
?>
<div style="margin-top:2px;padding:10px;border:dotted 1px silver; width:508px;background:#FFFFCC">
<div style="font-weight:bold"><?php
echo $_LANG['ATTENTION'];
?>
!</div>
<div><?php
echo $_LANG['AD_CAUTION_INFO_0'];
?>
</div>
<div><?php
echo $_LANG['AD_CAUTION_INFO_1'];
?>
</div>
</div>
<form id="addform" name="addform" method="post" action="index.php?view=userbanlist">
<input type="hidden" name="csrf_token" value="<?php
echo cmsUser::getCsrfToken();
?>
" />
<table width="530" border="0" cellspacing="5" class="proptable">
<tr>
<td width="150" valign="top"><div><strong><?php
echo $_LANG['AD_BANLIST_USER'];
?>
: </strong></div></td>
<?php
if ($do == 'add' && $to) {
$mod['user_id'] = $to;
$mod['ip'] = $inDB->get_field('cms_users', 'id=' . $to, 'last_ip');
}
?>
<td valign="top">
<select name="user_id" id="user_id" onchange="loadUserIp()" style="width: 250px;">
<option value="0" <?php
if (@(!$mod['user_id'])) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['AD_WHITHOUT_USER'];
?>
</option>
<?php
if (isset($mod['user_id'])) {
echo $inCore->getListItems('cms_users', $mod['user_id'], 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
} else {
echo $inCore->getListItems('cms_users', 0, 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
}
?>
</select>
</td>
</tr>
<tr>
<td valign="top"><strong><?php
echo $_LANG['AD_BANLIST_IP'];
?>
:</strong></td>
<td valign="top"><input name="ip" type="text" id="ip" style="width: 244px;" value="<?php
echo @$mod['ip'];
?>
"/></td>
</tr>
<tr>
<td valign="top"><strong><?php
echo $_LANG['AD_BANLIST_CAUSE'];
?>
:</strong></td>
<td valign="top">
<textarea name="cause" style="width:240px" rows="5"><?php
echo @$mod['cause'];
?>
</textarea>
</td>
</tr>
<?php
$forever = false;
if (!@$mod['int_num']) {
$forever = true;
}
?>
<tr>
<td valign="top"><strong><?php
echo $_LANG['AD_BAN_FOREVER'];
?>
</strong></td>
<td valign="top"><input type="checkbox" name="forever" value="1" <?php
if ($forever) {
echo 'checked="checked"';
}
?>
onclick="$('tr.bantime').toggle();"/></td>
</tr>
<tr class="bantime">
<td valign="top"><strong><?php
echo $_LANG['AD_BAN_FOR_TIME'];
?>
</strong> </td>
<td valign="top"><p>
<input name="int_num" type="text" id="int_num" size="5" value="<?php
echo @(int) $mod['int_num'];
?>
"/>
<select name="int_period" id="int_period">
<option value="MINUTE" <?php
if (@mb_strstr($mod['int_period'], 'MINUTE')) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['MINUTE10'];
?>
</option>]
<option value="HOUR" <?php
if (@mb_strstr($mod['int_period'], 'HOUR')) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['HOUR10'];
?>
</option>
<option value="DAY" <?php
if (@mb_strstr($mod['int_period'], 'DAY')) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['DAY10'];
?>
</option>
<option value="MONTH" <?php
if (@mb_strstr($mod['int_period'], 'MONTH')) {
echo 'selected="selected"';
}
?>
><?php
echo $_LANG['MONTH10'];
?>
</option>
</select>
</p>
<p><label><input name="autodelete" type="checkbox" id="autodelete" value="1" <?php
if ($mod['autodelete']) {
echo 'checked="checked"';
}
?>
/> <?php
echo $_LANG['AD_REMOVE_BAN'];
?>
</label></p>
</td>
</tr>
<?php
if ($forever) {
?>
<script type="text/javascript">$('tr.bantime').hide();</script><?php
}
?>
</table>
<p>
<label>
<input name="add_mod" type="submit" id="add_mod" <?php
if ($do == 'add') {
echo 'value="' . $_LANG['AD_TO_BANLIST_ADD'] . '"';
} else {
echo 'value="' . $_LANG['SAVE'] . '"';
}
?>
/>
</label>
<label><span style="margin-top:15px">
<input name="back" type="button" id="back" value="<?php
echo $_LANG['CANCEL'];
?>
" onclick="window.history.back();"/>
</span></label>
<input name="do" type="hidden" id="do" <?php
if ($do == 'add') {
echo 'value="submit"';
} else {
echo 'value="update"';
}
?>
/>
<?php
if ($do == 'edit') {
echo '<input name="id" type="hidden" value="' . $mod['id'] . '" />';
}
?>
</p>
</form>
<?php
}
}
function registration()
{
header('X-Frame-Options: DENY');
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$inConf = cmsConfig::getInstance();
$model = new cms_model_registration();
cmsCore::loadModel('users');
$users_model = new cms_model_users();
global $_LANG;
$do = $inCore->do;
//============================================================================//
if ($do == 'sendremind') {
if ($inUser->id) {
cmsCore::error404();
}
$inPage->setTitle($_LANG['REMINDER_PASS']);
$inPage->addPathway($_LANG['REMINDER_PASS']);
if (!cmsCore::inRequest('goremind')) {
cmsPage::initTemplate('components', 'com_registration_sendremind')->display('com_registration_sendremind.tpl');
} else {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$email = cmsCore::request('email', 'email', '');
if (!$email) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
cmsCore::redirectBack();
}
$usr = cmsUser::getShortUserData($email);
if (!$usr || $usr['is_locked'] || $usr['is_deleted']) {
cmsCore::addSessionMessage($_LANG['ADRESS'] . ' "' . $email . '" ' . $_LANG['NOT_IN_OUR_BASE'], 'error');
cmsCore::redirectBack();
}
if (cmsUser::userIsAdmin($usr['id'])) {
cmsCore::addSessionMessage($_LANG['NOT_ADMIN_SENDREMIND'], 'error');
cmsCore::redirectBack();
}
$usercode = md5($usr['id'] . '-' . uniqid() . '-' . microtime() . '-' . PATH);
$sql = "INSERT cms_users_activate (pubdate, user_id, code)\n VALUES (NOW(), '{$usr['id']}', '{$usercode}')";
$inDB->query($sql);
$newpass_link = HOST . '/registration/remind/' . $usercode;
$mail_message = $_LANG['HELLO'] . ', ' . $usr['nickname'] . '!' . "\n\n";
$mail_message .= $_LANG['REMINDER_TEXT'] . ' "' . $inConf->sitename . '".' . "\n\n";
$mail_message .= $_LANG['YOUR_LOGIN'] . ': ' . $usr['login'] . "\n\n";
$mail_message .= $_LANG['NEW_PASS_LINK'] . ":\n" . $newpass_link . "\n\n";
$mail_message .= $_LANG['LINK_EXPIRES'] . "\n\n";
$mail_message .= $_LANG['SIGNATURE'] . ', ' . $inConf->sitename . ' (' . HOST . ').' . "\n";
$mail_message .= date('d-m-Y (H:i)');
$inCore->mailText($email, $inConf->sitename . ' - ' . $_LANG['REMINDER_PASS'], $mail_message);
cmsCore::addSessionMessage($_LANG['NEW_PAS_SENDED'], 'info');
cmsCore::redirect('/login');
}
}
//============================================================================//
if ($do == 'remind') {
if ($inUser->id) {
cmsCore::error404();
}
$usercode = cmsCore::request('code', 'str', '');
//проверяем формат кода
if (!preg_match('/^[0-9a-f]{32}$/i', $usercode)) {
cmsCore::error404();
}
// проверяем код
$user_id = $inDB->get_field('cms_users_activate', "code = '{$usercode}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
//получаем пользователя
$user = $inDB->get_fields('cms_users', "id = '{$user_id}'", '*');
if (!$user) {
cmsCore::error404();
}
if (cmsUser::userIsAdmin($user['id'])) {
cmsCore::error404();
}
if (cmsCore::inRequest('submit')) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$errors = false;
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
if ($errors) {
cmsCore::redirectBack();
}
$md5_pass = md5($pass);
$inDB->query("UPDATE cms_users SET password = '******', logdate = NOW() WHERE id = '{$user['id']}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$usercode}'");
cmsCore::addSessionMessage($_LANG['CHANGE_PASS_COMPLETED'], 'info');
$inUser->signInUser($user['login'], $pass, true);
cmsCore::redirect(cmsUser::getProfileURL($user['login']));
}
$inPage->setTitle($_LANG['RECOVER_PASS']);
$inPage->addPathway($_LANG['RECOVER_PASS']);
cmsPage::initTemplate('components', 'com_registration_remind')->assign('cfg', $model->config)->assign('user', $user)->display('com_registration_remind.tpl');
}
//============================================================================//
if ($do == 'register') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::error404();
}
}
// регистрация закрыта
if (!$model->config['is_on']) {
cmsCore::error404();
}
// регистрация по инвайтам
if ($model->config['reg_type'] == 'invite') {
if (!$users_model->checkInvite(cmsUser::sessionGet('invite_code'))) {
cmsCore::error404();
}
}
$errors = false;
// получаем данные
$item['login'] = cmsCore::request('login', 'str', '');
$item['email'] = cmsCore::request('email', 'email');
$item['icq'] = cmsCore::request('icq', 'str', '');
$item['city'] = cmsCore::request('city', 'str', '');
$item['nickname'] = cmsCore::request('nickname', 'str', '');
$item['realname1'] = cmsCore::request('realname1', 'str', '');
$item['realname2'] = cmsCore::request('realname2', 'str', '');
$pass = cmsCore::request('pass', 'str', '');
$pass2 = cmsCore::request('pass2', 'str', '');
// проверяем логин
if (mb_strlen($item['login']) < 2 || mb_strlen($item['login']) > 15 || is_numeric($item['login']) || !preg_match("/^([a-z0-9])+\$/ui", $item['login'])) {
cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error');
$errors = true;
}
// проверяем пароль
if (!$pass) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
if ($pass && !$pass2) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS_TWICE'], 'error');
$errors = true;
}
if ($pass && $pass2 && mb_strlen($pass) < 6) {
cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error');
$errors = true;
}
if ($pass && $pass2 && $pass != $pass2) {
cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error');
$errors = true;
}
// Проверяем nickname или имя и фамилию
if ($model->config['name_mode'] == 'nickname') {
if (!$item['nickname']) {
cmsCore::addSessionMessage($_LANG['TYPE_NICKNAME'], 'error');
$errors = true;
}
} else {
if (!$item['realname1']) {
cmsCore::addSessionMessage($_LANG['TYPE_NAME'], 'error');
$errors = true;
}
if (!$item['realname2']) {
cmsCore::addSessionMessage($_LANG['TYPE_SONAME'], 'error');
$errors = true;
}
$item['nickname'] = trim($item['realname1']) . ' ' . trim($item['realname2']);
}
if (mb_strlen($item['nickname']) < 2) {
cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error');
$errors = true;
}
if ($model->getBadNickname($item['nickname'])) {
cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error');
$errors = true;
}
// Проверяем email
if (!$item['email']) {
cmsCore::addSessionMessage($_LANG['ERR_EMAIL'], 'error');
$errors = true;
}
// День рождения
list($item['bday'], $item['bmonth'], $item['byear']) = array_values(cmsCore::request('birthdate', 'array_int', array()));
$item['birthdate'] = sprintf('%04d-%02d-%02d', $item['byear'], $item['bmonth'], $item['bday']);
// получаем данные конструктора форм
$item['formsdata'] = '';
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$form_input = cmsForm::getFieldsInputValues($form_id);
$item['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values']));
// Проверяем значения формы
foreach ($form_input['errors'] as $field_error) {
if ($field_error) {
cmsCore::addSessionMessage($field_error, 'error');
$errors = true;
}
}
}
}
}
// Проверяем каптчу
if (!cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
$errors = true;
}
// проверяем есть ли такой пользователь
$user_exist = $inDB->get_fields('cms_users', "(login LIKE '{$item['login']}' OR email LIKE '{$item['email']}') AND is_deleted = 0", 'id, login, email');
if ($user_exist) {
if ($user_exist['login'] == $item['login']) {
cmsCore::addSessionMessage($_LANG['LOGIN'] . ' "' . $item['login'] . '" ' . $_LANG['IS_BUSY'], 'error');
$errors = true;
} else {
cmsCore::addSessionMessage($_LANG['EMAIL_IS_BUSY'], 'error');
$errors = true;
}
}
// В случае ошибок, возвращаемся в форму
if ($errors) {
cmsUser::sessionPut('item', $item);
cmsCore::redirect('/registration');
}
//////////////////////////////////////////////
//////////// РЕГИСТРАЦИЯ /////////////////////
//////////////////////////////////////////////
$item['is_locked'] = $model->config['act'];
$item['password'] = md5($pass);
$item['orig_password'] = $pass;
$item['group_id'] = $model->config['default_gid'];
$item['regdate'] = date('Y-m-d H:i:s');
$item['logdate'] = date('Y-m-d H:i:s');
if (cmsUser::sessionGet('invite_code')) {
$invite_code = cmsUser::sessionGet('invite_code');
$item['invited_by'] = (int) $users_model->getInviteOwner($invite_code);
if ($item['invited_by']) {
$users_model->closeInvite($invite_code);
}
cmsUser::sessionDel('invite_code');
} else {
$item['invited_by'] = 0;
}
$item = cmsCore::callEvent('USER_BEFORE_REGISTER', $item);
$item['id'] = $item['user_id'] = $inDB->insert('cms_users', $item);
if (!$item['id']) {
cmsCore::error404();
}
$inDB->insert('cms_user_profiles', $item);
cmsCore::callEvent('USER_REGISTER', $item);
if ($item['is_locked']) {
$model->sendActivationNotice($pass, $item['id']);
cmsPage::includeTemplateFile('special/regactivate.php');
cmsCore::halt();
} else {
cmsActions::log('add_user', array('object' => '', 'user_id' => $item['id'], 'object_url' => '', 'object_id' => $item['id'], 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($item['id']);
}
$model->sendRegistrationNotice($pass, $item['id']);
$back_url = $inUser->signInUser($item['login'], $pass, true);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'view') {
$pagetitle = $inCore->getComponentTitle();
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$inPage->addHeadJsLang(array('WRONG_PASS'));
// Если пользователь авторизован, то не показываем форму регистрации, редирект в профиль.
if ($inUser->id && !$inUser->is_admin) {
if ($inCore->menuId() == 1) {
return;
} else {
cmsCore::redirect(cmsUser::getProfileURL($inUser->login));
}
}
$correct_invite = cmsUser::sessionGet('invite_code') ? true : false;
if ($model->config['reg_type'] == 'invite' && cmsCore::inRequest('invite_code')) {
$invite_code = cmsCore::request('invite_code', 'str', '');
$correct_invite = $users_model->checkInvite($invite_code);
if ($correct_invite) {
cmsUser::sessionPut('invite_code', $invite_code);
} else {
cmsCore::addSessionMessage($_LANG['INCORRECT_INVITE'], 'error');
}
}
$item = cmsUser::sessionGet('item');
if ($item) {
cmsUser::sessionDel('item');
}
if (empty($item['birthdate'])) {
$item['birthdate'] = date('Y-m-d');
}
$private_forms = array();
if (isset($users_model->config['privforms'])) {
if (is_array($users_model->config['privforms'])) {
foreach ($users_model->config['privforms'] as $form_id) {
$private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, array(), true));
}
}
}
cmsPage::initTemplate('components', 'com_registration')->assign('cfg', $model->config)->assign('item', $item)->assign('pagetitle', $pagetitle)->assign('correct_invite', $correct_invite)->assign('private_forms', $private_forms)->display('com_registration.tpl');
}
//============================================================================//
if ($do == 'activate') {
$code = cmsCore::request('code', 'str', '');
if (!$code) {
cmsCore::error404();
}
$user_id = $inDB->get_field('cms_users_activate', "code = '{$code}'", 'user_id');
if (!$user_id) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_users SET is_locked = 0 WHERE id = '{$user_id}'");
$inDB->query("DELETE FROM cms_users_activate WHERE code = '{$code}'");
cmsCore::callEvent('USER_ACTIVATED', $user_id);
if ($model->config['send_greetmsg']) {
$model->sendGreetsMessage($user_id);
}
// Регистрируем событие
cmsActions::log('add_user', array('object' => '', 'user_id' => $user_id, 'object_url' => '', 'object_id' => $user_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => ''));
cmsCore::addSessionMessage($_LANG['ACTIVATION_COMPLETE'], 'info');
cmsUser::goToLogin();
}
//============================================================================//
if ($do == 'auth') {
//====================//
//== разлогивание ==//
if (cmsCore::inRequest('logout')) {
$inUser->logout();
cmsCore::redirect('/');
}
//====================//
//== авторизация ==//
if (!cmsCore::inRequest('logout')) {
// флаг неуспешных авторизаций
$anti_brute_force = cmsUser::sessionGet('anti_brute_force');
$login = cmsCore::request('login', 'str', '');
$passw = cmsCore::request('pass', 'str', '');
$remember_pass = cmsCore::inRequest('remember');
// если нет логина или пароля, показываем форму входа
if (!$login || !$passw) {
if ($inUser->id && !$inUser->is_admin) {
cmsCore::redirect('/');
}
$inPage->setTitle($_LANG['SITE_LOGIN']);
$inPage->addPathway($_LANG['SITE_LOGIN']);
cmsPage::initTemplate('components', 'com_registration_login')->assign('cfg', $model->config)->assign('anti_brute_force', $anti_brute_force)->assign('is_sess_back', cmsUser::sessionGet('auth_back_url'))->display('com_registration_login.tpl');
if (!mb_strstr(cmsCore::getBackURL(), 'login')) {
cmsUser::sessionPut('auth_back_url', cmsCore::getBackURL());
}
return;
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// Проверяем каптчу
if ($anti_brute_force && !cmsPage::checkCaptchaCode()) {
cmsCore::addSessionMessage($_LANG['ERR_CAPTCHA'], 'error');
cmsCore::redirect('/login');
}
cmsUser::sessionDel('anti_brute_force');
$back_url = $inUser->signInUser($login, $passw, $remember_pass);
cmsCore::redirect($back_url);
}
}
//============================================================================//
if ($do == 'autherror') {
cmsUser::sessionPut('anti_brute_force', 1);
cmsPage::includeTemplateFile('special/autherror.php');
cmsCore::halt();
}
//============================================================================//
}
$inPage->addPathway($_LANG['PHOTOALBUMS'], '/users/' . $usr['id'] . '/photoalbum.html');
$inPage->addPathway($photo['album'], '/users/' . $usr['login'] . '/photos/private' . $photo['album_id'] . '.html');
$inPage->addPathway($photo['title']);
$photo['pubdate'] = cmsCore::dateFormat($photo['pubdate'], true, false, false);
$photo['genderlink'] = cmsUser::getGenderLink($usr['id'], $usr['nickname'], $photo['gender'], $usr['login']);
$photo['filesize'] = round(filesize(PATH . '/images/users/photos/medium/' . $photo['imageurl']) / 1024, 2);
//ссылки на предыдущую и следующую фотографии
$previd = $inDB->get_fields('cms_user_photos', "id>'{$photo['id']}' AND user_id = '{$usr['id']}' AND album_id='{$photo['album_id']}'", 'id, title, pubdate', 'id ASC');
$nextid = $inDB->get_fields('cms_user_photos', "id<'{$photo['id']}' AND user_id = '{$usr['id']}' AND album_id='{$photo['album_id']}'", 'id, title, pubdate', 'id DESC');
// Проверяем права доступа
$is_allow = cmsUser::checkUserContentAccess($photo['allow_who'], $id);
// Если видим фото, обновляем просмотры
if ($is_allow) {
$inDB->query("UPDATE cms_user_photos SET hits = hits + 1 WHERE id = " . $photo['id']);
}
cmsPage::initTemplate('components', 'com_users_photos_view')->assign('photo', $photo)->assign('bbcode', '[IMG]' . HOST . '/images/users/photos/medium/' . $photo['imageurl'] . '[/IMG]')->assign('previd', $previd)->assign('nextid', $nextid)->assign('usr', $usr)->assign('myprofile', $myprofile)->assign('is_admin', cmsUser::userIsAdmin($inUser->id))->assign('is_allow', $is_allow)->assign('tagbar', $is_allow ? cmsTagBar('userphoto', $photo['id']) : '')->display('com_users_photos_view.tpl');
if ($inCore->isComponentInstalled('comments') && $is_allow) {
cmsCore::includeComments();
comments('userphoto', $photo['id']);
}
}
//============================================================================//
//============================ Один фотоальбом ===============================//
//============================================================================//
if ($pdo == 'viewalbum') {
if (!$inUser->id && !$model->config['sw_guest']) {
cmsUser::goToLogin();
}
$usr = cmsUser::getShortUserData($login);
if (!$usr) {
cmsCore::error404();
function applet_userbanlist()
{
$inCore = cmsCore::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/users', $adminAccess)) {
cpAccessDenied();
}
cmsCore::c('page')->setTitle($_LANG['AD_BANLIST']);
cpAddPathway($_LANG['AD_USERS'], 'index.php?view=users');
cpAddPathway($_LANG['AD_BANLIST'], 'index.php?view=userbanlist');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
$to = cmsCore::request('to', 'int', 0);
// для редиректа обратно в профиль на сайт
if ($to) {
cmsUser::sessionPut('back_url', cmsCore::getBackURL());
}
if ($do == 'list') {
$toolmenu = array(array('icon' => 'useradd.gif', 'title' => $_LANG['AD_TO_BANLIST_ADD'], 'link' => '?view=userbanlist&do=add'), array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=userbanlist&do=edit&multiple=1');"), array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=userbanlist&do=delete&multiple=1');"));
cpToolMenu($toolmenu);
$fields = array(array('title' => 'id', 'field' => 'id', 'width' => '40'), array('title' => $_LANG['AD_IS_ACTIVE'], 'field' => 'status', 'width' => '65', 'prc' => 'cpYesNo'), array('title' => $_LANG['AD_BANLIST_USER'], 'field' => 'user_id', 'width' => '120', 'filter' => '12', 'prc' => 'cpUserNick'), array('title' => $_LANG['AD_BANLIST_IP'], 'field' => 'ip', 'width' => '100', 'link' => '?view=userbanlist&do=edit&id=%id%', 'filter' => '12'), array('title' => $_LANG['DATE'], 'field' => 'bandate', 'width' => '', 'fdate' => '%d/%m/%Y %H:%i:%s', 'filter' => '12'), array('title' => $_LANG['AD_BANLIST_TIME'], 'field' => 'int_num', 'width' => '55'), array('title' => '', 'field' => 'int_period', 'width' => '70'), array('title' => $_LANG['AD_AUTOREMOVE'], 'field' => 'autodelete', 'width' => '100', 'prc' => 'cpYesNo'));
$actions = array(array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=userbanlist&do=edit&id=%id%'), array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_REMOVE_RULE'], 'link' => '?view=userbanlist&do=delete&id=%id%'));
cpListTable('cms_banlist', $fields, $actions, '1=1', 'ip DESC');
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) {
dbDelete('cms_banlist', $id);
}
} else {
dbDeleteList('cms_banlist', cmsCore::request('item', 'array_int', array()));
}
cmsCore::redirect('?view=userbanlist');
}
if ($do == 'submit' || $do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$types = array('user_id' => array('user_id', 'int', 0), 'ip' => array('ip', 'str', ''), 'cause' => array('cause', 'str', ''), 'autodelete' => array('autodelete', 'int', 0), 'int_num' => array('int_num', 'int', 0), 'int_period' => array('int_period', 'str', '', create_function('$p', 'if(!in_array($p, array("MONTH","DAY","HOUR","MINUTE"))){ $p = "MINUTE"; } return $p;')));
$items = cmsCore::getArrayFromRequest($types);
$error = false;
if (!$items['ip']) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_NEED_IP'], 'error');
}
if ($items['ip'] == $_SERVER['REMOTE_ADDR'] || $items['user_id'] == cmsCore::c('user')->id) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_ITS_YOUR_IP'], 'error');
}
if (cmsUser::userIsAdmin($items['user_id'])) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_ITS_ADMIN'], 'error');
}
if ($error) {
cmsCore::redirectBack();
}
if ($do == 'update') {
cmsCore::c('db')->update('cms_banlist', $items, $id);
if (empty($_SESSION['editlist'])) {
cmsCore::redirect('?view=userbanlist');
} else {
cmsCore::redirect('?view=userbanlist&do=edit');
}
}
cmsCore::c('db')->insert('cms_banlist', $items);
$back_url = cmsUser::sessionGet('back_url');
cmsUser::sessionDel('back_url');
cmsCore::redirect($back_url ? $back_url : '?view=userbanlist');
}
if ($do == 'add' || $do == 'edit') {
cmsCore::c('page')->addHeadJS('admin/js/banlist.js');
$toolmenu = array(array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();'), array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);'));
cpToolMenu($toolmenu);
if ($do == 'add') {
echo '<h3>' . $_LANG['AD_TO_BANLIST_ADD'] . '</h3>';
cpAddPathway($_LANG['AD_TO_BANLIST_ADD']);
} else {
if (cmsCore::inRequest('multiple')) {
if (cmsCore::inRequest('item')) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (count($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '(' . $_LANG['AD_NEXT_IN'] . count($_SESSION['editlist']) . ')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = cmsCore::c('db')->get_fields('cms_banlist', "id = '" . $item_id . "'", '*');
if (!$mod) {
cmsCore::error404();
}
echo '<h3>' . $_LANG['AD_EDIT_RULE'] . ' ' . $ostatok . '</h3>';
cpAddPathway($_LANG['AD_EDIT_RULE']);
}
if ($do == 'add' && $to) {
$mod['user_id'] = $to;
$mod['ip'] = cmsCore::c('db')->get_field('cms_users', 'id=' . $to, 'last_ip');
}
cmsCore::c('page')->initTemplate('applets', 'userbanlist_add')->assign('do', $do)->assign('mod', $mod)->assign('users_opt', $inCore->getListItems('cms_users', cmsCore::getArrVal($mod, 'user_id', 0), 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname'))->display();
}
}
function faq(){
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_faq();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) { $inCore->loadClass('billing'); }
global $_LANG;
$pagetitle = $inCore->getComponentTitle();
$inPage->addPathway($pagetitle, '/faq');
$inPage->setTitle($pagetitle);
$inPage->setDescription($pagetitle);
$inPage->addHeadJsLang(array('ERR_QUESTION'));
$cfg = $inCore->loadComponentConfig('faq');
if(!isset($cfg['guest_enabled'])) { $cfg['guest_enabled'] = 1; }
if(!isset($cfg['user_link'])) { $cfg['user_link'] = 1; }
if(!isset($cfg['publish'])) { $cfg['publish'] = 0; }
if(!isset($cfg['is_comment'])) { $cfg['is_comment'] = 1; }
$id = $inCore->request('id', 'int', 0);
$do = $inCore->do;
///////////////////////////////////// VIEW CATEGORY ////////////////////////////////////////////////////////////////////////////////
if ($do=='view'){
if($id>0){
//CURRENT CATEGORY
$sql = "SELECT *
FROM cms_faq_cats
WHERE id = '$id'
ORDER BY title ASC LIMIT 1
";
$result = $inDB->query($sql) ;
if (!$inDB->num_rows($result)) { cmsCore::error404(); }
$cat = $inDB->fetch_assoc($result);
//PAGE HEADING
$pagetitle = $cat['title'];
$inPage->setTitle($cat['title']);
$inPage->addPathway($cat['title']);
$inPage->setDescription($cat['title']);
}
//LIST OF SUBCATEGORIES
$sql = "SELECT *
FROM cms_faq_cats
WHERE parent_id = $id AND id > 0 AND published = 1
ORDER BY title ASC
";
$result = $inDB->query($sql) ;
if ($inDB->num_rows($result)){
$subcats = array();
while($subcat = $inDB->fetch_assoc($result)){
$subcats[] = $subcat;
}
$is_subcats = true;
} else {
$is_subcats = false;
}
//CURRENT CATEGORY CONTENT
$perpage = 15;
$page = $inCore->request('page', 'int', 1);
$records = 0;
if ($id > 0){
$sql = "SELECT q.*, u.login, u.nickname
FROM cms_faq_quests q
LEFT JOIN cms_users u ON u.id = q.user_id
WHERE q.category_id = $id AND q.published = 1
ORDER BY q.pubdate DESC
LIMIT ".(($page-1)*$perpage).", $perpage";
$result_total = $inDB->query("SELECT id FROM cms_faq_quests WHERE category_id = $id AND published = 1") ;
$records = $inDB->num_rows($result_total);
} else {
$sql = "SELECT q.*, c.title cat_title, c.id cid, u.login, u.nickname
FROM cms_faq_quests q
LEFT JOIN cms_faq_cats c ON c.id = q.category_id
LEFT JOIN cms_users u ON u.id = q.user_id
WHERE q.published = 1
ORDER BY q.pubdate DESC
LIMIT 15";
}
$result = $inDB->query($sql) ;
if ($inDB->num_rows($result)){
$quests = array();
while($con = $inDB->fetch_assoc($result)){
$con['pubdate'] = $inCore->dateFormat($con['pubdate'], true, false, false);
$con['quest'] = nl2br($con['quest']);
$quests[] = $con;
}
$is_quests = true;
} else {
$is_quests = false;
}
cmsPage::initTemplate('components', 'com_faq_view')->
assign('pagetitle', $pagetitle)->
assign('id', $id)->
assign('subcats', $subcats)->
assign('is_subcats', $is_subcats)->
assign('quests', $quests)->
assign('cfg', $cfg)->
assign('is_quests', $is_quests)->
assign('is_user', $inUser->id)->
assign('pagebar', cmsPage::getPagebar($records, $page, $perpage, '/faq/%id%-%page%', array('id'=>$id)))->
display();
}
///////////////////////////////////// READ QUESTION ////////////////////////////////////////////////////////////////////////////////
if ($do=='read'){
$sql = "SELECT con.*,
cat.title cat_title, cat.id cat_id, u.login, u.nickname
FROM cms_faq_quests con
LEFT JOIN cms_faq_cats cat ON cat.id = con.category_id
LEFT JOIN cms_users u ON u.id = con.user_id
WHERE con.id = $id LIMIT 1";
$result = $inDB->query($sql);
if ($inDB->num_rows($result)){
$inDB->query("UPDATE cms_faq_quests SET hits = hits + 1 WHERE id = $id") ;
$quest = $inDB->fetch_assoc($result);
$quest['pubdate'] = $inCore->dateFormat($quest['pubdate'], true, false, false);
$quest['answerdate'] = $inCore->dateFormat($quest['answerdate'], true, false, false);
if (mb_strlen($quest['quest'])>40) { $shortquest = mb_substr($quest['quest'], 0, 40).'...'; }
else { $shortquest = $quest['quest']; }
$quest['quest'] = nl2br($quest['quest']);
$inPage->setTitle($shortquest);
$inPage->setDescription($shortquest);
$inPage->addPathway($quest['cat_title'], '/faq/'.$quest['cat_id']);
$inPage->addPathway($shortquest);
cmsPage::initTemplate('components', 'com_faq_read')->
assign('quest', $quest)->
assign('cfg', $cfg)->
assign('labels', array('comments' => $_LANG['ANSWERS'], 'add' => $_LANG['REPLY'], 'rss' => $_LANG['RSS_FEED'], 'not_comments' => $_LANG['NOT_ANSWERS']))->
assign('is_admin', $inUser->is_admin)->
display();
} else { cmsCore::error404(); }
}
///////////////////////////////////// SEND QUEST ////////////////////////////////////////////////////////////////////////////////
if ($do=='sendquest'){
if (!$inUser->id && !$cfg['guest_enabled']){ cmsCore::error404(); }
$inPage->setTitle($_LANG['SET_QUESTION']);
$inPage->addPathway($_LANG['SET_QUESTION']);
$inPage->addHeadJS('components/faq/js/common.js');
$error = '';
$captha_code = $inCore->request('code', 'str', '');
$message = $inCore->request('message', 'str', '');
$category_id = $inCore->request('category_id', 'int', '');
$published = ($inUser->is_admin || $cfg['publish']) ? 1 : 0;
$is_submit = $inCore->inRequest('message');
if ($is_submit && !$inUser->id && !cmsCore::checkCaptchaCode()) { $error = $_LANG['ERR_CAPTCHA']; }
if (!$is_submit || $error){
if (IS_BILLING && $inUser->id){ cmsBilling::checkBalance('faq', 'add_quest'); }
cmsPage::initTemplate('components', 'com_faq_add')->
assign('catslist', $inCore->getListItems('cms_faq_cats', $category_id))->
assign('user_id', $inUser->id)->
assign('message', htmlspecialchars($inCore->request('message', 'html', '')))->
assign('error', $error)->
display();
} else {
//SAVE QUESTION
$sql = "INSERT INTO cms_faq_quests (category_id, pubdate, published, quest, answer, user_id, answeruser_id, answerdate, hits)
VALUES ('$category_id', NOW(), '$published', '$message', '', '{$inUser->id}', 0, NOW(), 0)";
$inDB->query($sql);
$quest_id = $inDB->get_last_id('cms_faq_quests');
if (IS_BILLING && $inUser->id){ cmsBilling::process('faq', 'add_quest'); }
$inPage->setTitle($_LANG['QUESTION_SEND']);
$inPage->addPathway($_LANG['QUESTION_SEND']);
if (!$published){
echo '<div class="con_heading">'.$_LANG['QUESTION_SEND'].'</div>';
echo '<div style="margin-top:10px">'.$_LANG['QUESTION_PREMODER'].'</div>';
echo '<div style="margin-top:10px"><a href="/faq">'.$_LANG['CONTINUE'].'</a></div>';
} elseif ($published) {
$category = $inDB->get_field('cms_faq_cats', "id={$category_id}", 'title');
//регистрируем событие
cmsActions::log('add_quest', array(
'object' => $_LANG['QUESTION'],
'object_url' => '/faq/quest'.$quest_id.'.html',
'object_id' => $quest_id,
'target' => $category,
'target_url' => '/faq/'.$category_id,
'target_id' => $category_id,
'description' => strip_tags( mb_strlen(strip_tags($message))>100 ? mb_substr($message, 0, 100) : $message )
));
$inCore->redirect('/faq/quest'.$quest_id.'.html');
} else { $inCore->redirect('/faq/quest'.$quest_id.'.html'); }
}
}
///////////////////////////////////// DELETE QUEST ////////////////////////////////////////////////////////////////////////////////
if ($do=='delquest'){
$quest_id = $inCore->request('quest_id', 'int', 0);
$user_id = $inUser->id;
$sql = "SELECT con.id, con.quest, con.category_id
FROM cms_faq_quests con
WHERE con.id = '$quest_id' LIMIT 1";
$result = $inDB->query($sql);
$quest = $inDB->fetch_assoc($result);
if (!$user_id || !$quest_id || !$quest) { $inCore->redirectBack(); }
if ( !$inCore->inRequest('confirm') ) {
if (cmsUser::userIsAdmin($user_id)){
$inPage->setTitle($_LANG['DEL_QUES']);
$inPage->addPathway($_LANG['DEL_QUES']);
$confirm['title'] = $_LANG['DELETE_QUES'];
$confirm['text'] = $_LANG['YOU_REALY_DELETE_QUES'].':<br> "<a href="/faq/quest'.$quest['id'].'.html">'.$quest['quest'].'</a>"<br><br>';
$confirm['action'] = $_SERVER['REQUEST_URI'];
$confirm['yes_button'] = array();
$confirm['yes_button']['type'] = 'submit';
$confirm['yes_button']['name'] = 'confirm';
cmsPage::initTemplate('components', 'action_confirm')->
assign('confirm', $confirm)->
display();
} else {
$inCore->redirectBack();
}
}
if ( $inCore->inRequest('confirm') ){
if (cmsUser::userIsAdmin($user_id)){
$model->deleteQuest($quest_id);
}
$inCore->redirect('/faq/'.$quest['category_id']);
}
}
} //function
//ссылки на предыдущую и следующую фотографии
$previd = $inDB->get_fields('cms_user_photos', "id>'{$photo['id']}' AND user_id = '{$usr['id']}' AND album_id='{$photo['album_id']}'", 'id, title, pubdate', 'id ASC');
$nextid = $inDB->get_fields('cms_user_photos', "id<'{$photo['id']}' AND user_id = '{$usr['id']}' AND album_id='{$photo['album_id']}'", 'id, title, pubdate', 'id DESC');
// Проверяем права доступа
$is_allow = cmsUser::checkUserContentAccess($photo['allow_who'], $id);
// Если видим фото, обновляем просмотры
if ($is_allow) { $inDB->query("UPDATE cms_user_photos SET hits = hits + 1 WHERE id = ".$photo['id']) ; }
cmsPage::initTemplate('components', 'com_users_photos_view')->
assign('photo', $photo)->
assign('bbcode', '[IMG]'.HOST.'/images/users/photos/medium/'.$photo['imageurl'].'[/IMG]')->
assign('previd', $previd)->
assign('nextid', $nextid)->
assign('usr', $usr)->
assign('myprofile', $myprofile)->
assign('is_admin', cmsUser::userIsAdmin($inUser->id))->
assign('is_allow', $is_allow)->
assign('tagbar', ($is_allow ? cmsTagBar('userphoto', $photo['id']) : ''))->
display();
if ($inCore->isComponentEnable('comments') && $is_allow){
cmsCore::includeComments();
comments('userphoto', $photo['id'], array(), $myprofile);
}
}
//============================================================================//
//============================ Один фотоальбом ===============================//
//============================================================================//
if ($pdo=='viewalbum'){
function forum()
{
$inCore = cmsCore::getInstance();
$inPage = cmsPage::getInstance();
$inDB = cmsDatabase::getInstance();
$inUser = cmsUser::getInstance();
$model = new cms_model_forum();
define('IS_BILLING', $inCore->isComponentInstalled('billing'));
if (IS_BILLING) {
cmsCore::loadClass('billing');
}
global $_LANG;
$pagetitle = $inCore->getComponentTitle();
$inPage->addPathway($pagetitle, '/forum');
$inPage->setTitle($pagetitle);
$inPage->setDescription($model->config['meta_desc'] ? $model->config['meta_desc'] : $pagetitle);
$inPage->setKeywords($model->config['meta_keys'] ? $model->config['meta_keys'] : $pagetitle);
$id = cmsCore::request('id', 'int', 0);
$do = $inCore->do;
$page = cmsCore::request('page', 'int', 1);
$inPage->addHeadJS('components/forum/js/common.js');
$inPage->addHeadJsLang(array('CONFIRM_DELETE_POLL', 'CONFIRM_DEL_POST', 'CONFIRM_DEL_THREAD', 'MOVE_THREAD', 'MOVE_POST', 'RENAME_THREAD', 'CONFIRM_DELETE_FILE', 'SELECT_NEW_FILE_UPLOAD', 'SELECT_TEXT_QUOTE', 'CONFIRM_DELETE_ALL_USER_POSTS'));
//============================================================================//
//=============================== Список Форумов ============================//
//============================================================================//
if ($do == 'view') {
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . $_LANG['FORUMS'] . '" href="' . HOST . '/rss/forum/all/feed.rss">');
$forums = $model->getForums();
cmsPage::initTemplate('components', 'com_forum_list')->assign('pagetitle', $pagetitle)->assign('forums', $forums)->assign('forum', array())->assign('user_id', $inUser->id)->assign('cfg', $model->config)->display('com_forum_list.tpl');
}
//============================================================================//
//================ Список тем форума + список подфорумов ====================//
//============================================================================//
if ($do == 'forum') {
$forum = $model->getForum($id);
if (!$forum) {
cmsCore::error404();
}
$forum = translations::process(cmsConfig::getConfig('lang'), 'forum_forums', $forum);
$moderators = $model->getForumModerators($forum['moder_list']);
// опции просмотра
$order_by = cmsCore::getSearchVar('order_by', 'pubdate');
$order_to = cmsCore::getSearchVar('order_to', 'desc');
if (!in_array($order_by, array('pubdate', 'title', 'post_count', 'hits'))) {
$order_by = 'pubdate';
}
if (!in_array($order_to, array('asc', 'desc'))) {
$order_to = 'desc';
}
$daysprune = (int) cmsCore::getSearchVar('daysprune');
if (!cmsCore::checkContentAccess($forum['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars($forum['title']) . '" href="' . HOST . '/rss/forum/' . $forum['id'] . '/feed.rss">');
$inPage->setTitle($forum['pagetitle'] ? $forum['pagetitle'] : $forum['title']);
$inPage->setDescription($forum['meta_desc'] ? $forum['meta_desc'] : crop($forum['description'] ? $forum['description'] : $forum['title']));
$inPage->setKeywords($forum['meta_keys'] ? $forum['meta_keys'] : $forum['title']);
// Получаем дерево форумов
$path_list = $inDB->getNsCategoryPath('cms_forums', $forum['NSLeft'], $forum['NSRight'], 'id, title, access_list, moder_list');
// Строим глубиномер
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'forum_forums', $path_list);
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
}
// Получим подфорумы
$model->whereNestedForum($forum['NSLeft'], $forum['NSRight']);
$sub_forums = $model->getForums();
cmsPage::initTemplate('components', 'com_forum_list')->assign('pagetitle', $forum['title'])->assign('forums', $sub_forums)->assign('forum', $forum)->assign('cfg', $model->config)->assign('user_id', $inUser->id)->display('com_forum_list.tpl');
// Получим темы
if ($daysprune) {
$model->whereDayIntervalIs($daysprune);
}
$model->whereForumIs($forum['id']);
$inDB->orderBy('t.pinned', 'DESC, t.' . $order_by . ' ' . $order_to);
$inDB->limitPage($page, $model->config['pp_forum']);
$threads = $model->getThreads();
if (!$threads && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_forum_view')->assign('threads', $threads)->assign('show_panel', true)->assign('order_by', $order_by)->assign('order_to', $order_to)->assign('daysprune', $daysprune)->assign('moderators', $moderators)->assign('pagination', cmsPage::getPagebar($forum['thread_count'], $page, $model->config['pp_forum'], '/forum/' . $forum['id'] . '-%page%'))->display('com_forum_view.tpl');
}
//============================================================================//
//======================== Просмотр темы форума =============================//
//============================================================================//
if ($do == 'thread') {
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::error404();
}
// Строим глубиномер
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
$path_list = translations::process(cmsConfig::getConfig('lang'), 'forum_forums', $path_list);
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
// Для последнего форума проверяем
// не модератор ли текущий пользователь
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$inPage->addPathway($thread['title'], '/forum/thread' . $thread['id'] . '.html');
if (!$thread['is_mythread']) {
$inDB->setFlag('cms_forum_threads', $thread['id'], 'hits', $thread['hits'] + 1);
}
// получаем посты
$model->whereThreadIs($thread['id']);
$inDB->orderBy('p.pinned', 'DESC, p.pubdate ASC');
$inDB->limitPage($page, $model->config['pp_thread']);
$posts = $model->getPosts();
if (!$posts) {
cmsCore::error404();
}
// SEO
$inPage->setTitle($thread['title']);
// meta description
if (!$thread['description']) {
$first_post = current($posts);
$first_post_content = strip_tags($first_post['content_html']);
if (mb_strlen($first_post_content) >= 100) {
$inPage->setDescription(crop($first_post_content));
} else {
$inPage->setDescription($thread['title']);
}
} else {
$inPage->setDescription(crop($thread['description']));
}
// meta keywords
$all_post_content = '';
foreach ($posts as $p) {
$all_post_content .= ' ' . strip_tags($p['content_html']);
}
$meta_keys = cmsCore::getKeywords($all_post_content);
$inPage->setKeywords($meta_keys ? $meta_keys : $thread['title']);
cmsCore::initAutoGrowText('#message');
cmsPage::initTemplate('components', 'com_forum_view_thread')->assign('forum', $pcat)->assign('forums', $model->getForums())->assign('is_subscribed', cmsUser::isSubscribed($inUser->id, 'forum', $thread['id']))->assign('thread', $thread)->assign('prev_thread', $inDB->get_fields('cms_forum_threads', "id < '{$thread['id']}' AND forum_id = '{$thread['forum_id']}'", 'id, title', 'id DESC'))->assign('next_thread', $inDB->get_fields('cms_forum_threads', "id > '{$thread['id']}' AND forum_id = '{$thread['forum_id']}'", 'id, title', 'id ASC'))->assign('posts', $posts)->assign('thread_poll', $model->getThreadPoll($thread['id']))->assign('page', $page)->assign('num', ($page - 1) * $model->config['pp_thread'] + 1)->assign('lastpage', ceil($thread['post_count'] / $model->config['pp_thread']))->assign('pagebar', cmsPage::getPagebar($thread['post_count'], $page, $model->config['pp_thread'], '/forum/thread' . $thread['id'] . '-%page%.html'))->assign('user_id', $inUser->id)->assign('do', $do)->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->assign('is_can_add_post', cmsUser::isUserCan('forum/add_post'))->assign('cfg', $model->config)->assign('bb_toolbar', $inUser->id && $model->config['fast_on'] && $model->config['fast_bb'] ? cmsPage::getBBCodeToolbar('message', $model->config['img_on']) : '')->assign('smilies', $inUser->id && $model->config['fast_on'] && $model->config['fast_bb'] ? cmsPage::getSmilesPanel('message') : '')->display('com_forum_view_thread.tpl');
}
//============================================================================//
//================ Новая тема, написать/редактировать пост ===================//
//============================================================================//
if (in_array($do, array('newthread', 'newpost', 'editpost'))) {
if (!$inUser->id) {
cmsUser::goToLogin();
}
// id первого поста в теме
$first_post_id = false;
// опросов по умолчанию нет
$thread_poll = array();
// применяется при редактировании поста
$is_allow_attach = true;
// ограничение по карме
if (in_array($do, array('newthread', 'newpost'))) {
if ($inUser->karma < $model->config['min_karma_add'] && !$inUser->is_admin) {
cmsCore::addSessionMessage(sprintf($_LANG['ADD_KARMA_LIMIT'], cmsCore::spellCount($model->config['min_karma_add'], $_LANG['KPOINT1'], $_LANG['KPOINT2'], $_LANG['KPOINT10']), $inUser->karma), 'error');
cmsCore::redirectBack();
}
}
// новая тема
if ($do == 'newthread') {
// права доступа
if (!cmsUser::isUserCan('forum/add_thread') && !$inUser->is_admin) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$forum = $model->getForum($id);
if (!$forum) {
cmsCore::error404();
}
if (!cmsCore::checkContentAccess($forum['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $forum['NSLeft'], $forum['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
if (IS_BILLING && $forum['topic_cost']) {
cmsBilling::checkBalance('forum', 'add_thread', false, $forum['topic_cost']);
}
$pagetitle = $_LANG['NEW_THREAD'];
$thread = cmsUser::sessionGet('thread');
if ($thread) {
cmsUser::sessionDel('thread');
}
$last_post['content'] = cmsUser::sessionGet('post_content');
if ($last_post['content']) {
cmsUser::sessionDel('post_content');
}
}
// новый пост
if ($do == 'newpost') {
// права доступа
if (!cmsUser::isUserCan('forum/add_post') && !$inUser->is_admin) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$thread = $model->getThread($id);
if (!$thread || $thread['closed']) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$inPage->addPathway($thread['title'], '/forum/thread' . $thread['id'] . '.html');
$pagetitle = $_LANG['NEW_POST'];
$last_post = $model->getPost(cmsCore::request('replyid', 'int', 0));
if ($last_post) {
$last_post['content'] = preg_replace('/\\[hide(.*?)\\](.*?)\\[\\/hide\\]/sui', '', $last_post['content']);
$last_post['content'] = preg_replace('/\\[hide(.*?)\\](.*?)$/sui', '', $last_post['content']);
$quote_nickname = $inDB->get_field('cms_users', "id = '{$last_post['user_id']}'", 'nickname');
$last_post['content'] = '[quote=' . $quote_nickname . ']' . "\r\n" . $last_post['content'] . "\r\n" . '[/quote]' . "\r\n\r\n";
$pagetitle = $_LANG['REPLY_FULL_QUOTE'];
}
}
// редактирование поста
if ($do == 'editpost') {
$last_post = $model->getPost($id);
if (!$last_post) {
cmsCore::error404();
}
$is_allow_attach = $last_post['attach_count'] < $model->config['fa_max'];
// уменьшаем значение настроек согласно загруженных файлов
$model->config['fa_max'] = $model->config['fa_max'] - $last_post['attach_count'];
$thread = $model->getThread($last_post['thread_id']);
if (!$thread || $thread['closed']) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsPage::includeTemplateFile('special/accessdenied.php');
return;
}
$inPage->addPathway($pcat['title'], '/forum/' . $pcat['id']);
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$inPage->addPathway($thread['title'], '/forum/thread' . $thread['id'] . '.html');
$end_min = $model->checkEditTime($last_post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $last_post['user_id'] == $inUser->id;
// редактировать могут только администраторы, модераторы или авторы, если время есть
if (!$inUser->is_admin && !$is_forum_moder && !$is_author_can_edit) {
cmsCore::error404();
}
if (!$inUser->is_admin && !$is_forum_moder && $model->config['edit_minutes']) {
$msg_minute = str_replace('{min}', cmsCore::spellCount($end_min, $_LANG['MINUTE1'], $_LANG['MINUTE2'], $_LANG['MINUTE10']), $_LANG['EDIT_INFO']);
cmsCore::addSessionMessage($msg_minute, 'info');
}
$first_post_id = $inDB->get_field('cms_forum_posts', "thread_id = '{$thread['id']}' ORDER BY pubdate ASC", 'id');
$thread_poll = $model->getThreadPoll($thread['id']);
$pagetitle = $_LANG['EDIT_POST'];
}
/////////////////////////
/// Показываем форму ///
/////////////////////////
if (!cmsCore::inRequest('gosend')) {
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$inPage->addHeadJsLang(array('FILE_SELECTED', 'FILE_DENIED', 'FILE_DUPLICATE'));
cmsCore::initAutoGrowText('#message');
cmsPage::initTemplate('components', 'com_forum_add')->assign('pagetitle', $pagetitle)->assign('is_first_post', isset($last_post['id']) ? $first_post_id == $last_post['id'] : true)->assign('thread_poll', $thread_poll)->assign('cfg', $model->config)->assign('do', $do)->assign('forum', isset($forum) ? $forum : $pcat)->assign('is_subscribed', cmsUser::isSubscribed($inUser->id, 'forum', @$thread['id']))->assign('thread', $thread)->assign('post_content', htmlspecialchars($last_post['content']))->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->assign('is_allow_attach', cmsCore::checkContentAccess($model->config['group_access']) && $is_allow_attach)->assign('bb_toolbar', cmsPage::getBBCodeToolbar('message', $model->config['img_on'], 'forum', 'post', @$last_post['id']))->assign('smilies', cmsPage::getSmilesPanel('message'))->display('com_forum_add.tpl');
} else {
/////////////////////////
// Выполняем действия ///
/////////////////////////
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$message_bb = $inDB->escape_string(cmsCore::request('message', 'html', ''));
$message_html = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true));
if (!$message_html) {
cmsCore::addSessionMessage($_LANG['NEED_TEXT_POST'], 'error');
cmsCore::redirectBack();
}
$message_post = strip_tags($message_html);
$message_post = mb_strlen($message_post) > 200 ? mb_substr($message_post, 0, 200) : $message_post;
$post_pinned = 0;
if (in_array($do, array('newthread', 'newpost'))) {
if ($do == 'newthread') {
$thread['title'] = cmsCore::request('title', 'str', '');
$thread['description'] = cmsCore::request('description', 'str', '');
$post_pinned = 1;
if (!$thread['title']) {
cmsCore::addSessionMessage($_LANG['NEED_TITLE_THREAD_YOUR_POST'], 'error');
cmsUser::sessionPut('thread', $thread);
cmsUser::sessionPut('post_content', stripcslashes($message_bb));
cmsCore::redirectBack();
}
$thread['is_hidden'] = cmsCore::yamlToArray($forum['access_list']) ? 1 : 0;
$thread['forum_id'] = $forum['id'];
$thread['user_id'] = $inUser->id;
$thread['pubdate'] = date("Y-m-d H:i:s");
$thread['hits'] = 0;
$thread['id'] = $model->addThread($thread);
$thread['NSLeft'] = $forum['NSLeft'];
$thread['NSRight'] = $forum['NSRight'];
$thread['post_count'] = 0;
if (IS_BILLING && $forum['topic_cost']) {
cmsBilling::process('forum', 'add_thread', $forum['topic_cost']);
}
}
$post_id = $model->addPost(array('thread_id' => $thread['id'], 'user_id' => $inUser->id, 'pinned' => $post_pinned, 'content' => $message_bb, 'content_html' => $message_html, 'pubdate' => date("Y-m-d H:i:s"), 'editdate' => date("Y-m-d H:i:s")));
// Обновляем количество постов в теме
$thread_post_count = $model->updateThreadPostCount($thread['id']);
// Закрываем тему если нужно
$is_fixed = cmsCore::request('fixed', 'int', 0);
if ($is_fixed && ($is_forum_moder || $inUser->is_admin || $thread['is_mythread'])) {
$model->closeThread($thread['id']);
}
// Загружаем аттачи
if ($model->config['fa_on'] && cmsCore::checkContentAccess($model->config['group_access'])) {
$file_error = $model->addUpdatePostAttachments($post_id);
if ($file_error === false) {
cmsCore::addSessionMessage($_LANG['CHECK_SIZE_TYPE_FILE'] . $model->config['fa_max'], 'error');
}
}
// Обновляем кеши
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
$total_pages = ceil($thread_post_count / $model->config['pp_thread']);
// Проверяем награды
cmsUser::checkAwards($inUser->id);
// Рассылаем уведомления тем, кто подписан
if ($do == 'newpost') {
cmsUser::sendUpdateNotify('forum', $thread['id'], array('link' => '/forum/thread' . $thread['id'] . '-' . $total_pages . '.html#' . $post_id, 'title' => stripslashes($thread['title']), 'letter_file' => 'newforumpost', 'author' => $inUser->nickname));
}
// Подписываемся сами если нужно
if (cmsCore::inRequest('subscribe')) {
cmsUser::subscribe($inUser->id, 'forum', $thread['id']);
}
// Если пост не в скрытый форум и не в объедненный с предыдущим, добавляем в ленту
if (!$thread['is_hidden'] && $thread_post_count > $thread['post_count']) {
if ($do == 'newthread') {
cmsActions::log('add_thread', array('object' => $thread['title'], 'object_url' => '/forum/thread' . $thread['id'] . '-1.html', 'object_id' => $thread['id'], 'target' => $forum['title'], 'target_url' => '/forum/' . $forum['id'], 'target_id' => $forum['id'], 'description' => $message_post));
} else {
cmsActions::log('add_fpost', array('object' => $_LANG['MESSAGE'], 'object_url' => '/forum/thread' . $thread['id'] . '-' . $total_pages . '.html#' . $post_id, 'object_id' => $post_id, 'target' => $thread['title'], 'target_url' => '/forum/thread' . $thread['id'] . '.html', 'target_id' => $thread['id'], 'description' => $message_post));
}
}
// Для новой темы прикрепляем опрос если нужно
if ($do == 'newthread') {
$model->addPoll(cmsCore::request('poll', 'array', array()), $thread['id']);
$last_poll_error = $model->getLastAddPollError();
if ($last_poll_error) {
cmsCore::addSessionMessage($last_poll_error, 'error');
cmsCore::redirect('/forum/editpost' . $post_id . '-1.html');
}
}
cmsCore::redirect('/forum/thread' . $thread['id'] . '-' . $total_pages . '.html#' . $post_id);
} elseif ($do == 'editpost') {
$model->updatePost(array('content' => $message_bb, 'content_html' => $message_html, 'edittimes' => $last_post['edittimes'] + 1, 'editdate' => date("Y-m-d H:i:s")), $last_post['id']);
if ($model->config['fa_on'] && cmsCore::checkContentAccess($model->config['group_access'])) {
$file_error = $model->addUpdatePostAttachments($last_post['id']);
if ($file_error === false) {
cmsCore::addSessionMessage($_LANG['CHECK_SIZE_TYPE_FILE'] . $model->config['fa_max'], 'error');
}
}
if ($first_post_id == $last_post['id']) {
cmsActions::updateLog('add_thread', array('description' => $message_post), $thread['id']);
if ($thread_poll) {
$model->updatePoll(cmsCore::request('poll', 'array', array()), $thread_poll);
} else {
$model->addPoll(cmsCore::request('poll', 'array', array()), $thread['id']);
}
$last_poll_error = $model->getLastAddPollError();
if ($last_poll_error) {
cmsUser::sessionPut('thread', $thread);
cmsUser::sessionPut('post_content', stripcslashes($message_bb));
cmsCore::addSessionMessage($last_poll_error, 'error');
cmsCore::redirectBack();
}
} else {
cmsActions::updateLog('add_fpost', array('description' => $message_post), $last_post['id']);
}
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
cmsCore::redirect('/forum/thread' . $thread['id'] . '-' . $page . '.html#' . $last_post['id']);
}
}
}
///////////////////////////// DELETE POST /////////////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'deletepost') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if (!$inUser->id) {
cmsCore::error404();
}
$post = $model->getPost($id);
if (!$post) {
cmsCore::error404();
}
$thread = $model->getThread($post['thread_id']);
if (!$thread) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list, NSLeft, NSRight');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::error404();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$end_min = $model->checkEditTime($post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $post['user_id'] == $inUser->id;
if (!$inUser->is_admin && !($is_forum_moder && !cmsUser::userIsAdmin($post['user_id'])) && !$is_author_can_edit) {
cmsCore::error404();
}
$model->deletePost($post['id']);
$model->updateThreadPostCount($post['thread_id']);
$model->cacheThreadLastPost($post['thread_id']);
if ($path_list) {
$path_list = array_reverse($path_list);
foreach ($path_list as $pcat) {
$model->updateForumCache($pcat['NSLeft'], $pcat['NSRight']);
}
}
cmsCore::addSessionMessage($_LANG['MSG_IS_DELETED'], 'info');
$total_pages = ceil(($thread['post_count'] - 1) / $model->config['pp_thread']);
if ($page > $total_pages) {
$page = $total_pages;
}
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/forum/thread' . $thread['id'] . '-' . $page . '.html'));
}
//============================================================================//
//========================== Операции с темами ===============================//
//============================================================================//
if (in_array($do, array('movethread', 'renamethread', 'deletethread', 'close', 'pin', 'pin_post', 'move_post'))) {
if (!$inUser->id) {
cmsCore::error404();
}
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::halt();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list, NSLeft, NSRight');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
//======================= Перемещение темы ===============================//
if ($do == 'movethread') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gomove')) {
cmsPage::initTemplate('components', 'com_forum_move_thread')->assign('thread', $thread)->assign('forums', $model->getForums())->display('com_forum_move_thread.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$new_forum = $model->getForum(cmsCore::request('forum_id', 'int', 0));
if (!$new_forum) {
cmsCore::error404();
}
$is_hidden = 0;
$path_list = $inDB->getNsCategoryPath('cms_forums', $new_forum['NSLeft'], $new_forum['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
if (cmsCore::yamlToArray($pcat['access_list'])) {
$is_hidden = 1;
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
if (!$is_forum_moder && !$inUser->is_admin) {
cmsCore::addSessionMessage($_LANG['YOU_NO_THIS_FORUM_MODER'], 'error');
cmsCore::redirect('/forum/thread' . $thread['id'] . '.html');
}
$inDB->query("UPDATE cms_forum_threads SET forum_id = '{$new_forum['id']}', is_hidden = '{$is_hidden}' WHERE id = '{$thread['id']}'");
cmsActions::updateLog('add_thread', array('target' => $new_forum['title'], 'target_url' => '/forum/' . $new_forum['id'], 'target_id' => $new_forum['id']), $thread['id']);
// Обновляем кешированные значения
// для старого форума
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
// для нового форума
$model->updateForumCache($new_forum['NSLeft'], $new_forum['NSRight'], true);
cmsCore::addSessionMessage($_LANG['THREAD_IS_MOVE'] . '"' . $new_forum['title'] . '"', 'success');
cmsCore::redirect('/forum/thread' . $thread['id'] . '.html');
}
}
//===================== Переименование темы ==============================//
if ($do == 'renamethread') {
if (!$inUser->is_admin && !$is_forum_moder && !$thread['is_mythread']) {
cmsCore::halt();
}
if (!cmsCore::inRequest('gorename')) {
cmsPage::initTemplate('components', 'com_forum_rename_thread')->assign('thread', $thread)->display('com_forum_rename_thread.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$new_thread['title'] = cmsCore::request('title', 'str', $thread['title']);
$new_thread['description'] = cmsCore::request('description', 'str', '');
$model->updateThread($new_thread, $thread['id']);
cmsActions::updateLog('add_fpost', array('target' => $new_thread['title']), 0, $thread['id']);
cmsActions::updateLog('add_thread', array('object' => $new_thread['title']), $thread['id']);
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
cmsCore::jsonOutput(array('error' => false, 'title' => stripslashes($new_thread['title']), 'description' => stripslashes($new_thread['description'])));
}
}
//======================= Удаление темы ==================================//
if ($do == 'deletethread') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if (!$inUser->is_admin && !($is_forum_moder && !cmsUser::userIsAdmin($thread['user_id'])) && !$thread['is_mythread']) {
cmsCore::halt();
}
$model->deleteThread($thread['id']);
// Обновляем кешированные значения
$model->updateForumCache($thread['NSLeft'], $thread['NSRight'], true);
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/forum/' . $thread['forum_id']));
}
//=============== Прикрепление/открепление темы ==========================//
if ($do == 'pin') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
$pinned = cmsCore::request('pinned', 'int', 0);
$inDB->query("UPDATE cms_forum_threads SET pinned = '{$pinned}' WHERE id = '{$thread['id']}'");
cmsCore::halt($pinned);
}
//========== Прикрепление/открепление сообщения темы =====================//
if ($do == 'pin_post') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
$pinned = cmsCore::request('pinned', 'int', 0);
$post_id = cmsCore::request('post_id', 'int', 0);
// Проверяем, принадлежит ли сообщение теме
if (!$model->isBelongsToPostTopic($post_id, $thread['id'])) {
cmsCore::halt();
}
$inDB->query("UPDATE cms_forum_posts SET pinned = '{$pinned}' WHERE id = '{$post_id}' AND thread_id = '{$thread['id']}'");
// Ниже строки для тех, кто обновлялся с 1.9, если чистая установка, их можно удалить
// Ставим принудительно для первого поста темы флаг pinned
if ($pinned) {
$first_post_id = $inDB->get_field('cms_forum_posts', "thread_id = '{$thread['id']}' ORDER BY pubdate ASC", 'id');
$inDB->query("UPDATE cms_forum_posts SET pinned = 1 WHERE id = '{$first_post_id}' AND thread_id = '{$thread['id']}'");
}
cmsCore::redirect('/forum/thread' . $thread['id'] . '-1.html#' . $post_id);
}
//=========================== Перенос сообщения темы =====================//
if ($do == 'move_post') {
if (!$inUser->is_admin && !$is_forum_moder) {
cmsCore::halt();
}
$post_id = cmsCore::request('post_id', 'int', 0);
// Проверяем, принадлежит ли сообщение теме
if (!$model->isBelongsToPostTopic($post_id, $thread['id'])) {
cmsCore::halt();
}
cmsCore::callEvent('MOVE_FORUM_POST', array('thread' => $thread, 'post_id' => $post_id));
if (!cmsCore::inRequest('gomove')) {
cmsPage::initTemplate('components', 'com_forum_move_post')->assign('thread', $thread)->assign('post_id', $post_id)->assign('threads', cmsCore::getListItems('cms_forum_threads', $thread['id'], 'title', 'ASC', "forum_id = '{$thread['forum_id']}'"))->display('com_forum_move_post.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$new_thread = $model->getThread(cmsCore::request('new_thread_id', 'int', 0));
if (!$new_thread) {
cmsCore::error404();
}
$n_path_list = $inDB->getNsCategoryPath('cms_forums', $new_thread['NSLeft'], $new_thread['NSRight'], 'id, title, access_list, moder_list, NSLeft, NSRight');
if ($n_path_list) {
foreach ($n_path_list as $n_pcat) {
if (!cmsCore::checkContentAccess($n_pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($n_pcat['moder_list']);
}
if (!$is_forum_moder && !$inUser->is_admin) {
cmsCore::error404();
}
$model->updatePost(array('thread_id' => $new_thread['id'], 'pubdate' => date("Y-m-d H:i:s")), $post_id);
$model->updateThreadPostCount($thread['id']);
$thread_post_count = $model->updateThreadPostCount($new_thread['id']);
$total_pages = ceil($thread_post_count / $model->config['pp_thread']);
cmsActions::updateLog('add_fpost', array('target' => $new_thread['title'], 'target_url' => '/forum/thread' . $new_thread['id'] . '.html', 'target_id' => $new_thread['id'], 'object_url' => '/forum/thread' . $new_thread['id'] . '-' . $total_pages . '.html#' . $post_id, 'pubdate' => date("Y-m-d H:i:s")), $post_id);
$model->cacheThreadLastPost($thread['id']);
if ($path_list) {
$path_list = array_reverse($path_list);
foreach ($path_list as $pcat) {
$model->cacheLastPost($pcat['NSLeft'], $pcat['NSRight']);
}
}
if ($n_path_list) {
$n_path_list = array_reverse($n_path_list);
foreach ($n_path_list as $pcat) {
$model->cacheLastPost($pcat['NSLeft'], $pcat['NSRight']);
}
}
cmsCore::addSessionMessage($_LANG['POST_IS_MOVE'] . '"' . $new_thread['title'] . '"', 'success');
cmsCore::redirect('/forum/thread' . $new_thread['id'] . '-' . $total_pages . '.html#' . $post_id);
}
}
//==================== Открытие/закрытие темы ============================//
if ($do == 'close') {
if (!$inUser->is_admin && !$is_forum_moder && !$thread['is_mythread']) {
cmsCore::halt();
}
$closed = cmsCore::request('closed', 'int', 0);
if ($closed) {
$model->closeThread($thread['id']);
} else {
$model->openThread($thread['id']);
}
cmsCore::halt($closed);
}
cmsCore::halt();
}
//============================================================================//
//========================== Операции с файлами ==============================//
//============================================================================//
if (in_array($do, array('download', 'delfile', 'reloadfile'))) {
if (!$model->config['fa_on']) {
cmsCore::error404();
}
$file = $model->getPostAttachment($id);
if (!$file) {
cmsCore::error404();
}
$post = $model->getPost($file['post_id']);
if (!$post) {
cmsCore::error404();
}
$thread = $model->getThread($post['thread_id']);
if (!$thread) {
cmsCore::error404();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::error404();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
//================= Скачивание прикрепленного файла ======================//
if ($do == 'download') {
$location = PATH . '/upload/forum/post' . $file['post_id'] . '/' . $file['filename'];
if (!file_exists($location)) {
cmsCore::error404();
}
$inDB->query("UPDATE cms_forum_files SET hits = hits + 1 WHERE id = '{$file['id']}'");
ob_clean();
header('Content-Disposition: attachment; filename=' . htmlspecialchars($file['filename']));
header('Content-Type: application/x-force-download; name="' . htmlspecialchars($file['filename']) . '"');
header('Content-Length: ' . $file['filesize']);
header('Accept-Ranges: bytes');
cmsCore::halt(file_get_contents($location));
}
//=================== Удаление прикрепленного файла ======================//
if ($do == 'delfile') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$end_min = $model->checkEditTime($post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $post['user_id'] == $inUser->id && cmsCore::checkContentAccess($model->config['group_access']);
if (!$inUser->is_admin && !$is_forum_moder && !$is_author_can_edit) {
cmsCore::halt();
}
$model->deletePostAttachment($file);
cmsCore::halt(1);
}
//================== Перезакачка прикрепленного файла ====================//
if ($do == 'reloadfile') {
$end_min = $model->checkEditTime($post['pubdate']);
$is_author_can_edit = (is_bool($end_min) ? $end_min : $end_min > 0) && $post['user_id'] == $inUser->id && cmsCore::checkContentAccess($model->config['group_access']);
if (!$inUser->is_admin && !$is_forum_moder && !$is_author_can_edit) {
cmsCore::error404();
}
if (!cmsCore::inRequest('goreload')) {
cmsPage::initTemplate('components', 'com_forum_file_reload')->assign('file', $file)->assign('cfg', $model->config)->display('com_forum_file_reload.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$success = $model->addUpdatePostAttachments($post['id'], $file);
if ($success) {
$post['attached_files'] = $model->getPostAttachments($post['id']);
$post['is_author_can_edit'] = $is_author_can_edit;
cmsPage::initTemplate('components', 'com_forum_attached_files')->assign('post', $post)->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->assign('cfg', $model->config)->display('com_forum_attached_files.tpl');
cmsCore::jsonOutput(array('error' => false, 'post_id' => $post['id'], 'html' => ob_get_clean()));
} else {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['CHECK_SIZE_TYPE_FILE'] . $model->config['fa_max']));
}
}
}
cmsCore::halt();
}
//============================================================================//
//========================= Операции с опросами ==============================//
//============================================================================//
if ($do == 'view_poll') {
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::halt();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$thread_poll = $model->getThreadPoll($thread['id']);
if (!$thread_poll) {
cmsCore::halt();
}
if ($inUser->id && $thread_poll['is_user_vote'] && $thread_poll['options']['change'] && cmsCore::request('revote', 'int')) {
$model->deleteVote($thread_poll);
$thread_poll['is_user_vote'] = 0;
$thread_poll['vote_count'] -= 1;
}
if (!$thread_poll['is_user_vote'] && !$thread_poll['options']['result']) {
$thread_poll['show_result'] = cmsCore::request('show_result', 'int');
}
cmsPage::initTemplate('components', 'com_forum_thread_poll')->assign('thread', $thread)->assign('thread_poll', $thread_poll)->assign('user_id', $inUser->id)->assign('do', $thread_poll['show_result'] ? $do : 'thread')->assign('is_moder', $is_forum_moder)->assign('is_admin', $inUser->is_admin)->display('com_forum_thread_poll.tpl');
cmsCore::halt(ob_get_clean());
}
if ($do == 'delete_poll') {
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$thread = $model->getThread($id);
if (!$thread) {
cmsCore::halt();
}
$path_list = $inDB->getNsCategoryPath('cms_forums', $thread['NSLeft'], $thread['NSRight'], 'id, title, access_list, moder_list');
if ($path_list) {
foreach ($path_list as $pcat) {
if (!cmsCore::checkContentAccess($pcat['access_list'])) {
cmsCore::halt();
}
}
$is_forum_moder = $model->isForumModerator($pcat['moder_list']);
}
$thread_poll = $model->getThreadPoll($thread['id']);
if (!$thread_poll) {
cmsCore::halt();
}
if (!$is_forum_moder && !$inUser->is_admin) {
cmsCore::halt();
}
$model->deletePoll($thread_poll['id']);
cmsCore::halt(1);
}
if ($do == 'vote_poll') {
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$answer = cmsCore::request('answer', 'str', '');
$poll = $model->getPollById(cmsCore::request('poll_id', 'int'));
if (!$answer || !$poll) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['SELECT_THE_OPTION']));
}
if ($model->isUserVoted($poll['id'])) {
cmsCore::jsonOutput(array('error' => true, 'text' => ''));
}
$model->votePoll($poll, $answer);
cmsCore::jsonOutput(array('error' => false, 'text' => ''));
}
//============================================================================//
//========================= Последние сообщения ==============================//
//============================================================================//
if ($do == 'latest_posts') {
$inActions = cmsActions::getInstance();
$inPage->setTitle($_LANG['LATEST_POSTS_ON_FORUM']);
$inPage->addPathway($_LANG['FORUMS'], '/forum');
$inPage->addPathway($_LANG['LATEST_POSTS_ON_FORUM']);
$inActions->showTargets(true);
$action = $inActions->getAction('add_fpost');
$inActions->onlySelectedTypes(array($action['id']));
$total = $inActions->getCountActions();
$inDB->limitPage($page, 15);
$actions = $inActions->getActionsLog();
if (!$actions && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_forum_actions')->assign('actions', $actions)->assign('total', $total)->assign('do', $do)->assign('user_id', $inUser->id)->assign('pagetitle', $_LANG['LATEST_POSTS_ON_FORUM'])->assign('pagebar', cmsPage::getPagebar($total, $page, 15, '/forum/latest_posts/page-%page%'))->display('com_forum_actions.tpl');
}
//============================================================================//
//============================= Последние темы ===============================//
//============================================================================//
if ($do == 'latest_thread') {
$inActions = cmsActions::getInstance();
$inPage->setTitle($_LANG['NEW_THREADS_ON_FORUM']);
$inPage->addPathway($_LANG['FORUMS'], '/forum');
$inPage->addPathway($_LANG['NEW_THREADS_ON_FORUM']);
$inActions->showTargets(true);
$action = $inActions->getAction('add_thread');
$inActions->onlySelectedTypes(array($action['id']));
$total = $inActions->getCountActions();
$inDB->limitPage($page, 15);
$actions = $inActions->getActionsLog();
if (!$actions && $page > 1) {
cmsCore::error404();
}
cmsPage::initTemplate('components', 'com_forum_actions')->assign('actions', $actions)->assign('total', $total)->assign('do', $do)->assign('user_id', $inUser->id)->assign('pagetitle', $_LANG['NEW_THREADS_ON_FORUM'])->assign('pagebar', cmsPage::getPagebar($total, $page, 15, '/forum/latest_thread/page-%page%'))->display('com_forum_actions.tpl');
}
//============================================================================//
//========================== Просмотр категории ==============================//
//============================================================================//
if ($do == 'view_cat') {
$cat = $model->getForumCat(cmsCore::request('seolink', 'str', ''));
if (!$cat) {
cmsCore::error404();
}
$cat = translations::process(cmsConfig::getConfig('lang'), 'forum_forum_cats', $cat);
$inPage->setTitle($cat['pagetitle'] ? $cat['pagetitle'] : $cat['title']);
$inPage->setDescription($cat['meta_desc'] ? $cat['meta_desc'] : $cat['title']);
$inPage->setKeywords($cat['meta_keys'] ? $cat['meta_keys'] : $cat['title']);
$inPage->addPathway($cat['title']);
$model->whereForumCatIs($cat['id']);
$sub_forums = $model->getForums();
cmsPage::initTemplate('components', 'com_forum_list')->assign('pagetitle', $cat['title'])->assign('forums', $sub_forums)->assign('forum', array())->assign('cfg', $model->config)->assign('user_id', false)->display('com_forum_list.tpl');
$inDB->addJoin('INNER JOIN cms_forums f ON f.id = t.forum_id');
$inDB->where("t.is_hidden = 0");
$model->whereForumCatIs($cat['id']);
$inDB->orderBy('t.pubdate', 'DESC, t.hits DESC');
$inDB->limit(15);
$threads = $model->getThreads();
cmsPage::initTemplate('components', 'com_forum_view')->assign('threads', $threads)->display('com_forum_view.tpl');
}
//============================================================================//
//===================== Активность пользователя ==============================//
//============================================================================//
if ($do == 'user_activity') {
$login = cmsCore::request('login', 'str', $inUser->login);
$sub_do = cmsCore::request('sub_do', 'str', 'threads');
$user = cmsUser::getShortUserData($login);
if (!$user) {
cmsCore::error404();
}
$my_profile = $inUser->login == $login;
$pagetitle = $my_profile ? $_LANG['MY_ACTIVITY'] : $user['nickname'] . ' - ' . $_LANG['ACTIVITY_ON_FORUM'];
$inPage->setTitle($pagetitle);
$inPage->addPathway($pagetitle);
$threads = array();
$posts = array();
if (!$my_profile && !$inUser->is_admin) {
$model->wherePublicThreads();
}
$model->whereThreadUserIs($user['id']);
$thread_count = $model->getThreadsCount();
if ($sub_do == 'threads' && $thread_count) {
$inDB->orderBy('t.pubdate', 'DESC, t.hits DESC');
$inDB->limitPage($page, 15);
$threads = $model->getThreads();
$pagination = cmsPage::getPagebar($thread_count, $page, 15, "javascript:forum.getUserActivity('threads','/forum/{$user['login']}_activity.html','%page%');");
}
$inDB->resetConditions();
// Если тем у пользователя нет, показываем вкладку сообщений
if (!$thread_count) {
$sub_do = 'posts';
}
$inDB->addSelect('t.title as thread_title');
$inDB->addJoin('INNER JOIN cms_forum_threads t ON t.id = p.thread_id');
$model->wherePostUserIs($user['id']);
if (!$my_profile && !$inUser->is_admin) {
$model->wherePublicThreads();
}
$post_count = $model->getPostsCount();
// Если сообщений нет, 404
if (!$post_count && !$my_profile) {
cmsCore::error404();
}
if ($sub_do == 'posts' && $post_count) {
$inDB->orderBy('p.thread_id', 'DESC, p.pubdate DESC');
$inDB->limitPage($page, 10);
$posts = $model->getPosts();
$pagination = cmsPage::getPagebar($post_count, $page, 10, "javascript:forum.getUserActivity('posts','/forum/{$user['login']}_activity.html','%page%');");
}
$inDB->resetConditions();
cmsPage::initTemplate('components', 'com_forum_user_activity')->assign('threads', $threads)->assign('posts', $posts)->assign('post_count', $post_count)->assign('thread_count', $thread_count)->assign('pagetitle', $pagetitle)->assign('sub_do', $sub_do)->assign('page', $page)->assign('user_id', $user['id'])->assign('my_profile', $my_profile)->assign('is_admin', $inUser->is_admin)->assign('is_moderator', cmsUser::isUserCan('forum/moderate'))->assign('pagination', $pagination)->assign('link', '/forum/' . $user['login'] . '_activity.html')->display('com_forum_user_activity.tpl');
}
////////////////////////////////////////////////////////////////////////////////
if ($do == 'delete_all_user_posts') {
if (!$inUser->id) {
cmsCore::error404();
}
if (!$inUser->is_admin && !cmsUser::isUserCan('forum/moderate')) {
cmsCore::error404();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$user = cmsUser::getShortUserData(cmsCore::request('user_id', 'int', 0));
if (!$user || $user['id'] == $inUser->id) {
cmsCore::error404();
}
$model->deleteAllUserPosts($user['id']);
cmsCore::addSessionMessage($_LANG['ALL_USERPOSTS_ISDELETED'], 'success');
cmsCore::halt();
}
}
/**
* Получаем комментарии по заданным параметрам
* @return array
*/
public function getComments($only_published = true, $is_tree = false, $from_module = false)
{
$inUser = cmsUser::getInstance();
$comments = array();
global $_LANG;
$published = $only_published ? 'c.published = 1' : '1=1';
$sql = "SELECT c.*,\r\n\t\t\t\t\t IFNULL(u.nickname, 0) as nickname,\r\n\t\t\t\t\t IFNULL(u.login, 0) as login,\r\n\t\t\t\t\t IFNULL(u.is_deleted, 0) as is_deleted,\r\n\t\t\t\t\t IFNULL(p.imageurl, 0) as imageurl,\r\n\t\t\t\t\t IFNULL(p.gender, 0) as gender\r\n FROM cms_comments c\r\n\t\t\t\tLEFT JOIN cms_users u ON u.id = c.user_id\r\n\t\t\t\tLEFT JOIN cms_user_profiles p ON p.user_id = u.id\r\n WHERE {$published}\r\n\t\t\t\t\t{$this->inDB->where}\r\n\r\n {$this->inDB->group_by}\r\n\r\n {$this->inDB->order_by}\n";
if ($this->inDB->limit) {
$sql .= "LIMIT {$this->inDB->limit}";
}
$result = $this->inDB->query($sql);
$this->inDB->resetConditions();
if (!$this->inDB->num_rows($result)) {
return array();
}
while ($comment = $this->inDB->fetch_assoc($result)) {
$comment['level'] = 0;
$comment['is_editable'] = $this->isEditable($comment['pubdate']);
$comment['fpubdate'] = cmsCore::dateFormat($comment['pubdate'], true, true);
if ($comment['guestname']) {
$comment['author'] = $comment['guestname'];
$comment['is_profile'] = false;
$comment['ip'] = in_array($this->config['cmm_ip'], array(1, 2)) ? $comment['ip'] : '';
} else {
$comment['author']['nickname'] = $comment['nickname'];
$comment['author']['login'] = $comment['login'];
$comment['is_profile'] = true;
$comment['user_image'] = cmsUser::getUserAvatarUrl($comment['user_id'], 'small', $comment['imageurl'], $comment['is_deleted']);
$comment['ip'] = $this->config['cmm_ip'] == 2 && $comment['ip'] ? $comment['ip'] : '';
}
switch ($comment['gender']) {
case 'm':
$comment['gender'] = $_LANG['COMMENTS_MALE'];
break;
case 'f':
$comment['gender'] = $_LANG['COMMENTS_FEMALE'];
break;
default:
$comment['gender'] = $_LANG['COMMENTS_GENDER'];
}
$comment['show'] = !$this->config['min_karma'] || $comment['rating'] >= $this->config['min_karma_show'] || cmsUser::userIsAdmin($comment['user_id']);
$comment['is_my'] = $inUser->id == $comment['user_id'];
if ($inUser->id) {
$comment['is_voted'] = $comment['is_my'] ? true : cmsUser::isRateUser('comment', $inUser->id, $comment['id']);
} else {
$comment['is_voted'] = true;
}
$comments[] = $comment;
}
if ($is_tree) {
$comments = $this->buildTree(0, 0, $comments);
}
return $from_module ? cmsCore::callEvent('GET_COMMENTS_MODULE', $comments) : cmsCore::callEvent('GET_COMMENTS', $comments);
}
function applet_userbanlist() {
$inCore = cmsCore::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/users', $adminAccess)) { cpAccessDenied(); }
cmsCore::c('page')->setTitle($_LANG['AD_BANLIST']);
cpAddPathway($_LANG['AD_USERS'], 'index.php?view=users');
cpAddPathway($_LANG['AD_BANLIST'], 'index.php?view=userbanlist');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
$to = cmsCore::request('to', 'int', 0);
// для редиректа обратно в профиль на сайт
if ($to) {
cmsUser::sessionPut('back_url', cmsCore::getBackURL());
}
if ($do == 'list') {
$toolmenu = array(
array( 'icon' => 'useradd.gif', 'title' => $_LANG['AD_TO_BANLIST_ADD'], 'link' => '?view=userbanlist&do=add' ),
array( 'icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=userbanlist&do=edit&multiple=1');" ),
array( 'icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=userbanlist&do=delete&multiple=1');" )
);
cpToolMenu($toolmenu);
$fields = array(
array( 'title' => 'id', 'field' => 'id', 'width' => '40' ),
array( 'title' => $_LANG['AD_IS_ACTIVE'], 'field' => 'status', 'width' => '65', 'prc' => 'cpYesNo' ),
array( 'title' => $_LANG['AD_BANLIST_USER'], 'field' => 'user_id', 'width' => '120', 'filter' => '12', 'prc' => 'cpUserNick' ),
array( 'title' => $_LANG['AD_BANLIST_IP'], 'field' => 'ip', 'width' => '100', 'link' => '?view=userbanlist&do=edit&id=%id%', 'filter' => '12' ),
array( 'title' => $_LANG['DATE'], 'field' => 'bandate', 'width' => '', 'fdate' => '%d/%m/%Y %H:%i:%s', 'filter' => '12' ),
array( 'title' => $_LANG['AD_BANLIST_TIME'], 'field' => 'int_num', 'width' => '55' ),
array( 'title' => '', 'field' => 'int_period', 'width' => '70' ),
array( 'title' => $_LANG['AD_AUTOREMOVE'], 'field' => 'autodelete', 'width' => '100', 'prc' => 'cpYesNo' )
);
$actions = array(
array( 'title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=userbanlist&do=edit&id=%id%' ),
array( 'title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_REMOVE_RULE'], 'link' => '?view=userbanlist&do=delete&id=%id%' )
);
cpListTable('cms_banlist', $fields, $actions, '1=1', 'ip DESC');
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) { dbDelete('cms_banlist', $id); }
} else {
dbDeleteList('cms_banlist', cmsCore::request('item', 'array_int', array()));
}
cmsCore::redirect('?view=userbanlist');
}
if ($do == 'submit' || $do == 'update') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$types = array(
'user_id' => array( 'user_id', 'int', 0 ),
'ip' => array( 'ip', 'str', '' ),
'cause' => array( 'cause', 'str', '' ),
'autodelete' => array( 'autodelete', 'int', 0 ),
'int_num' => array( 'int_num', 'int', 0 ),
'int_period' => array( 'int_period', 'str', '', create_function('$p', 'if(!in_array($p, array("MONTH","DAY","HOUR","MINUTE"))){ $p = "MINUTE"; } return $p;') )
);
$items = cmsCore::getArrayFromRequest($types);
$error = false;
if (!$items['ip']) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_NEED_IP'], 'error');
}
if ($items['ip'] == $_SERVER['REMOTE_ADDR'] ||
$items['user_id'] == cmsCore::c('user')->id) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_ITS_YOUR_IP'], 'error');
}
if (cmsUser::userIsAdmin($items['user_id'])) {
$error = true;
cmsCore::addSessionMessage($_LANG['AD_ITS_ADMIN'], 'error');
}
if ($error) {
cmsCore::redirectBack();
}
if ($do == 'update') {
cmsCore::c('db')->update('cms_banlist', $items, $id);
if (empty($_SESSION['editlist'])) {
cmsCore::redirect('?view=userbanlist');
} else {
cmsCore::redirect('?view=userbanlist&do=edit');
}
}
cmsCore::c('db')->insert('cms_banlist', $items);
$back_url = cmsUser::sessionGet('back_url');
cmsUser::sessionDel('back_url');
cmsCore::redirect($back_url ? $back_url : '?view=userbanlist');
}
if ($do == 'add' || $do == 'edit') {
cmsCore::c('page')->addHeadJS('admin/js/banlist.js');
$toolmenu = array(
array( 'icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();' ),
array( 'icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'javascript:history.go(-1);' )
);
cpToolMenu($toolmenu);
if ($do == 'add') {
echo '<h3>'. $_LANG['AD_TO_BANLIST_ADD'] .'</h3>';
cpAddPathway($_LANG['AD_TO_BANLIST_ADD']);
} else {
if (cmsCore::inRequest('multiple')) {
if (cmsCore::inRequest('item')) {
$_SESSION['editlist'] = cmsCore::request('item', 'array_int', array());
} else {
cmsCore::addSessionMessage($_LANG['AD_NO_SELECT_OBJECTS'], 'error');
cmsCore::redirectBack();
}
}
$ostatok = '';
if (isset($_SESSION['editlist'])) {
$item_id = array_shift($_SESSION['editlist']);
if (count($_SESSION['editlist']) == 0) {
unset($_SESSION['editlist']);
} else {
$ostatok = '('. $_LANG['AD_NEXT_IN'] . count($_SESSION['editlist']) .')';
}
} else {
$item_id = cmsCore::request('id', 'int', 0);
}
$mod = cmsCore::c('db')->get_fields('cms_banlist', "id = '". $item_id ."'", '*');
if (!$mod) { cmsCore::error404(); }
echo '<h3>'. $_LANG['AD_EDIT_RULE'] .' '. $ostatok .'</h3>';
cpAddPathway($_LANG['AD_EDIT_RULE']);
}
?>
<form id="addform" name="addform" method="post" action="index.php?view=userbanlist">
<input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" />
<div style="width:500px;">
<div class="alert alert-warning">
<strong><?php echo $_LANG['ATTENTION'];?>!</strong>
<div><?php echo $_LANG['AD_CAUTION_INFO_0'];?></div>
<div><?php echo $_LANG['AD_CAUTION_INFO_1'];?></div>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_BANLIST_USER'];?>:</label>
<?php if ($do == 'add' && $to) { $mod['user_id'] = $to; $mod['ip'] = cmsCore::c('db')->get_field('cms_users', 'id='. $to, 'last_ip'); } ?>
<select id="user_id" class="form-control" name="user_id" onchange="loadUserIp()">
<option value="0" <?php if (!cmsCore::getArrVal($mod, 'user_id')){ echo 'selected="selected"'; } ?>><?php echo $_LANG['AD_WHITHOUT_USER']; ?></option>
<?php
echo $inCore->getListItems('cms_users', cmsCore::getArrVal($mod, 'user_id', 0), 'nickname', 'ASC', 'is_deleted=0 AND is_locked=0', 'id', 'nickname');
?>
</select>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_BANLIST_IP'];?>:</label>
<input type="text" id="ip" class="form-control" name="ip" value="<?php echo cmsCore::getArrVal($mod, 'ip', ''); ?>"/>
</div>
<div class="form-group">
<label><?php echo $_LANG['AD_BANLIST_CAUSE'];?>:</label>
<textarea class="form-control" name="cause" rows="5"><?php echo cmsCore::getArrVal($mod, 'cause', ''); ?></textarea>
</div>
<?php $forever = false; if (!cmsCore::getArrVal($mod, 'int_num')) { $forever = true; } ?>
<div class="form-group">
<label>
<?php echo $_LANG['AD_BAN_FOREVER'];?>
<input type="checkbox" name="forever" value="1" <?php if ($forever){ echo 'checked="checked"'; } ?> onclick="$('#bantime').toggle();" />
</label>
</div>
<div id="bantime" class="form-group">
<label><?php echo $_LANG['AD_BAN_FOR_TIME'];?></label>
<input type="number" id="int_num" class="form-control" name="int_num" min="0" value="<?php echo cmsCore::getArrVal($mod, 'int_num', 0); ?>" />
<select id="int_period" class="form-control" name="int_period">
<option value="MINUTE" <?php if (mb_strstr(cmsCore::getArrVal($mod, 'int_period', ''), 'MINUTE')) { echo 'selected="selected"'; } ?>><?php echo $_LANG['MINUTE10']; ?></option>]
<option value="HOUR" <?php if (mb_strstr(cmsCore::getArrVal($mod, 'int_period', ''), 'HOUR')) { echo 'selected="selected"'; } ?>><?php echo $_LANG['HOUR10']; ?></option>
<option value="DAY" <?php if (mb_strstr(cmsCore::getArrVal($mod, 'int_period', ''), 'DAY')) { echo 'selected="selected"'; } ?>><?php echo $_LANG['DAY10']; ?></option>
<option value="MONTH" <?php if (mb_strstr(cmsCore::getArrVal($mod, 'int_period', ''), 'MONTH')) { echo 'selected="selected"'; } ?>><?php echo $_LANG['MONTH10']; ?></option>
</select>
<div class="checkbox">
<label><input type="checkbox" id="autodelete" name="autodelete" value="1" <?php if($mod['autodelete']) { echo 'checked="checked"'; } ?> /> <?php echo $_LANG['AD_REMOVE_BAN'];?></label>
</div>
<?php if ($forever) { ?><script type="text/javascript">$('#bantime').hide();</script><?php } ?>
</div>
</div>
<div>
<input type="submit" class="btn btn-primary" name="add_mod" value="<?php if ($do == 'add') { echo $_LANG['AD_TO_BANLIST_ADD']; } else { echo $_LANG['SAVE']; } ?>" />
<input type="button" class="btn btn-default" name="back" value="<?php echo $_LANG['CANCEL']; ?>" onclick="window.history.back();"/>
<input name="do" type="hidden" value="<?php if ($do == 'add') { echo 'submit'; } else { echo 'update'; } ?>" />
<?php
if ($do == 'edit') {
echo '<input type="hidden" name="id" value="'. $mod['id'] .'" />';
}
?>
</div>
</form>
<?php
}
}
