public function indexAction()
{
global $structure;
if (!cot_module_active('rss')) {
cot_die_message(404, TRUE);
}
$c = cot_import('c', 'G', 'TXT');
if (!empty($c)) {
if (!isset($structure['advboard'][$c])) {
cot_die_message(404, TRUE);
}
list(cot::$usr['auth_read'], cot::$usr['auth_write'], cot::$usr['isadmin']) = cot_auth('advboard', $c);
cot_block(cot::$usr['auth_read']);
}
$rss_title = cot::$L['advboard_rss_feed'] . cot::$cfg['maintitle'];
$rss_link = cot::$cfg['mainurl'];
$rss_description = cot::$cfg['subtitle'];
$domain = cot::$sys['domain'];
$condition = array(array('state', advboard_model_Advert::PUBLISHED), array('begin', cot::$sys['now'], '<='), array('SQL', "expire = 0 OR expire > " . cot::$sys['now']));
if (!empty($c)) {
$rss_title = cot::$L['advboard_rss_feed'] . $structure['advboard'][$c]['title'] . ' - ' . cot::$cfg['maintitle'];
$condition[] = array('category', $c);
}
$advertisement = advboard_model_Advert::find($condition, cot::$cfg['rss']['rss_maxitems'], 0, array(array('sort', 'desc')));
$t = new XTemplate(cot_tplfile('rss'));
$now = cot::$sys['now'];
$now += cot::$usr['timezone'] * 3600;
$t->assign(array('RSS_ENCODING' => cot::$cfg['rss']['rss_charset'], 'RSS_TITLE' => htmlspecialchars($rss_title), 'RSS_LINK' => $rss_link, 'RSS_LANG' => cot::$cfg['defaultlang'], 'RSS_DESCRIPTION' => htmlspecialchars($rss_description), 'RSS_DATE' => $this->fixPubDate(date("r", $now))));
if (!empty($advertisement)) {
foreach ($advertisement as $advert) {
$url = $advert->url;
if (!cot_url_check($url)) {
$url = COT_ABSOLUTE_URL . $url;
}
$date = '';
if (!empty($advert->created)) {
$date = strtotime($advert->created);
$date += cot::$usr['timezone'] * 3600;
$date = date('r', $date);
$date = $this->fixPubDate($date);
}
$text = $advert->text;
$textlength = intval(cot::$cfg['rss']['rss_pagemaxsymbols']);
if ($textlength > 0 && mb_strlen($text) > $textlength) {
$text = cot_string_truncate($text, $textlength, true, false, cot::$R['advboard_cuttext']);
}
$t->assign(array('RSS_ROW_TITLE' => htmlspecialchars($advert->title), 'RSS_ROW_DESCRIPTION' => $this->convertRelativeUrls($text), 'RSS_ROW_DATE' => $date, 'RSS_ROW_LINK' => $url));
$t->parse('MAIN.ITEM_ROW');
}
}
$t->parse('MAIN');
// ob_clean();
header('Content-type: text/xml; charset=UTF-8');
echo $t->text('MAIN');
exit;
}
case 1:
$r_url = cot_url('message', 'msg=300', '', true);
break;
case 2:
cot_message($L['page_savedasdraft']);
$r_url = cot_url('page', 'm=edit&id=' . $id, '', true);
break;
}
cot_redirect($r_url);
} else {
cot_redirect(cot_url('page', "m=edit&id={$id}", '', true));
}
}
$pag = $row_page;
$pag['page_status'] = cot_page_status($pag['page_state'], $pag['page_begin'], $pag['page_expire']);
cot_block($usr['isadmin'] || $usr['auth_write'] && $usr['id'] == $pag['page_ownerid']);
$out['subtitle'] = $L['page_edittitle'];
$out['head'] .= $R['code_noindex'];
$sys['sublocation'] = $structure['page'][$pag['page_cat']]['title'];
$mskin = cot_tplfile(array('page', 'edit', $structure['page'][$pag['page_cat']]['tpl']));
/* === Hook === */
foreach (cot_getextplugins('page.edit.main') as $pl) {
include $pl;
}
/* ===== */
require_once $cfg['system_dir'] . '/header.php';
$t = new XTemplate($mskin);
$pageedit_array = array('PAGEEDIT_PAGETITLE' => $L['page_edittitle'], 'PAGEEDIT_SUBTITLE' => $L['page_editsubtitle'], 'PAGEEDIT_FORM_SEND' => cot_url('page', "m=edit&a=update&id=" . $pag['page_id']), 'PAGEEDIT_FORM_ID' => $pag['page_id'], 'PAGEEDIT_FORM_STATE' => $pag['page_state'], 'PAGEEDIT_FORM_STATUS' => $pag['page_status'], 'PAGEEDIT_FORM_LOCALSTATUS' => $L['page_status_' . $pag['page_status']], 'PAGEEDIT_FORM_CAT' => cot_selectbox_structure('page', $pag['page_cat'], 'rpagecat'), 'PAGEEDIT_FORM_CAT_SHORT' => cot_selectbox_structure('page', $pag['page_cat'], 'rpagecat', $c), 'PAGEEDIT_FORM_KEYWORDS' => cot_inputbox('text', 'rpagekeywords', $pag['page_keywords'], array('size' => '32', 'maxlength' => '255')), 'PAGEEDIT_FORM_METATITLE' => cot_inputbox('text', 'rpagemetatitle', $pag['page_metatitle'], array('size' => '64', 'maxlength' => '255')), 'PAGEEDIT_FORM_METADESC' => cot_textarea('rpagemetadesc', $pag['page_metadesc'], 2, 64, array('maxlength' => '255')), 'PAGEEDIT_FORM_ALIAS' => cot_inputbox('text', 'rpagealias', $pag['page_alias'], array('size' => '32', 'maxlength' => '255')), 'PAGEEDIT_FORM_TITLE' => cot_inputbox('text', 'rpagetitle', $pag['page_title'], array('size' => '64', 'maxlength' => '255')), 'PAGEEDIT_FORM_DESC' => cot_textarea('rpagedesc', $pag['page_desc'], 2, 64, array('maxlength' => '255')), 'PAGEEDIT_FORM_AUTHOR' => cot_inputbox('text', 'rpageauthor', $pag['page_author'], array('size' => '24', 'maxlength' => '100')), 'PAGEEDIT_FORM_DATE' => cot_selectbox_date($pag['page_date'], 'long', 'rpagedate') . ' ' . $usr['timetext'], 'PAGEEDIT_FORM_DATENOW' => cot_checkbox(0, 'rpagedatenow'), 'PAGEEDIT_FORM_BEGIN' => cot_selectbox_date($pag['page_begin'], 'long', 'rpagebegin') . ' ' . $usr['timetext'], 'PAGEEDIT_FORM_EXPIRE' => cot_selectbox_date($pag['page_expire'], 'long', 'rpageexpire') . ' ' . $usr['timetext'], 'PAGEEDIT_FORM_UPDATED' => cot_date('datetime_full', $pag['page_updated']) . ' ' . $usr['timetext'], 'PAGEEDIT_FORM_FILE' => cot_selectbox($pag['page_file'], 'rpagefile', range(0, 2), array($L['No'], $L['Yes'], $L['Members_only']), false), 'PAGEEDIT_FORM_URL' => cot_inputbox('text', 'rpageurl', $pag['page_url'], array('size' => '56', 'maxlength' => '255')), 'PAGEEDIT_FORM_SIZE' => cot_inputbox('text', 'rpagesize', $pag['page_size'], array('size' => '56', 'maxlength' => '255')), 'PAGEEDIT_FORM_TEXT' => cot_textarea('rpagetext', $pag['page_text'], 24, 120, '', 'input_textarea_editor'), 'PAGEEDIT_FORM_DELETE' => cot_radiobox(0, 'rpagedelete', array(1, 0), array($L['Yes'], $L['No'])), 'PAGEEDIT_FORM_PARSER' => cot_selectbox($pag['page_parser'], 'rpageparser', cot_get_parsers(), cot_get_parsers(), false));
if ($usr['isadmin']) {
$pageedit_array += array('PAGEEDIT_FORM_OWNERID' => cot_inputbox('text', 'rpageownerid', $pag['page_ownerid'], array('size' => '24', 'maxlength' => '24')), 'PAGEEDIT_FORM_PAGECOUNT' => cot_inputbox('text', 'rpagecount', $pag['page_count'], array('size' => '8', 'maxlength' => '8')), 'PAGEEDIT_FORM_FILECOUNT' => cot_inputbox('text', 'rpagefilecount', $pag['page_filecount'], array('size' => '8', 'maxlength' => '8')));
}
/* ====================
[BEGIN_COT_EXT]
Hooks=tools
[END_COT_EXT]
==================== */
/**
* Trashcan interface
*
* @package TrashCan
* @copyright (c) Cotonti Team
* @license https://github.com/Cotonti/Cotonti/blob/master/License.txt
*/
defined('COT_CODE') && defined('COT_ADMIN') or die('Wrong URL.');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('plug', 'trashcan');
cot_block($usr['isadmin']);
require_once cot_incfile('users', 'module');
cot_module_active('page') && (require_once cot_incfile('page', 'module'));
cot_module_active('forums') && (require_once cot_incfile('forums', 'module'));
$cfg['comments'] && (require_once cot_incfile('comments', 'plug'));
require_once cot_incfile('trashcan', 'plug');
require_once cot_langfile('trashcan', 'plug');
$adminhelp = $L['adm_help_trashcan'];
$adminsubtitle = $L['Trashcan'];
$id = cot_import('id', 'G', 'INT');
$maxperpage = $cfg['maxrowsperpage'] && is_numeric($cfg['maxrowsperpage']) && $cfg['maxrowsperpage'] > 0 ? $cfg['maxrowsperpage'] : 15;
list($pg, $d, $durl) = cot_import_pagenav('d', $maxperpage);
$info = $a == 'info' ? 1 : 0;
/* === Hook === */
foreach (cot_getextplugins('trashcan.admin.first') as $pl) {
include $pl;
* @version 2.5.2
* @author CMSWorks Team
* @copyright Copyright (c) CMSWorks.ru, littledev.ru
* @license BSD
*/
defined('COT_CODE') or die('Wrong URL');
$id = cot_import('id', 'G', 'INT');
$r = cot_import('r', 'G', 'ALP');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('projects', 'any', 'RWA');
cot_block($usr['auth_write']);
$item = $db->query("SELECT p.*, u.* FROM {$db_projects} AS p LEFT JOIN {$db_users} AS u ON u.user_id=p.item_userid WHERE item_id=" . (int) $id)->fetch();
if ($item['item_id'] != (int) $id) {
cot_die_message(404, TRUE);
}
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('projects', $item['item_cat']);
cot_block($usr['isadmin'] || $usr['auth_write'] && $usr['id'] == $item['item_userid']);
/* === Hook === */
foreach (cot_getextplugins('projects.preview.first') as $pl) {
include $pl;
}
/* ===== */
if ($a == 'save') {
cot_check_xg();
/* === Hook === */
foreach (cot_getextplugins('projects.preview.save.first') as $pl) {
include $pl;
}
/* ===== */
$prj = array();
if ($cfg['projects']['prevalidate'] && !$usr['isadmin']) {
$prj['item_state'] = 2;
*/
defined('COT_CODE') or die('Wrong URL');
require_once cot_incfile('auth');
$v = cot_import('v', 'G', 'ALP');
$y = cot_import('y', 'G', 'INT');
$token = cot_import('token', 'G', 'ALP');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('users', 'a');
if ($cfg['users']['disablereg'] && !$usr['isadmin']) {
cot_die_message(117, TRUE);
}
/* === Hook === */
foreach (cot_getextplugins('users.register.first') as $pl) {
include $pl;
}
/* ===== */
cot_block($usr['id'] == 0 || $usr['isadmin']);
if ($a == 'add') {
cot_shield_protect();
$ruser = array();
/* === Hook for the plugins === */
foreach (cot_getextplugins('users.register.add.first') as $pl) {
include $pl;
}
/* ===== */
$ruser['user_name'] = cot_import('rusername', 'P', 'TXT', 100, TRUE);
$ruser['user_email'] = cot_import('ruseremail', 'P', 'TXT', 64, TRUE);
$rpassword1 = cot_import('rpassword1', 'P', 'HTM', 32);
$rpassword2 = cot_import('rpassword2', 'P', 'HTM', 32);
$ruser['user_country'] = cot_import('rcountry', 'P', 'TXT');
$ruser['user_timezone'] = cot_import('rusertimezone', 'P', 'TXT');
$ruser['user_timezone'] = !$ruser['user_timezone'] ? $cfg['defaulttimezone'] : $ruser['user_timezone'];
defined('COT_CODE') or die('Wrong URL');
$id = cot_import('id', 'G', 'INT');
$key = cot_import('key', 'G', 'TXT');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('plug', 'marketorders');
cot_block($usr['auth_read']);
if ($id > 0) {
$sql = $db->query("SELECT * FROM {$db_market_orders} AS o\n\t\tLEFT JOIN {$db_market} AS m ON m.item_id=o.order_pid\n\t\tWHERE order_status!='new' AND order_id=" . $id . " LIMIT 1");
}
if (!$id || !$sql || $sql->rowCount() == 0) {
cot_die_message(404, TRUE);
}
$marketorder = $sql->fetch();
cot_block($usr['isadmin'] || $usr['id'] == $marketorder['order_userid'] || $usr['id'] == $marketorder['order_seller'] || !empty($key) && $usr['id'] == 0);
if ($usr['id'] == 0) {
$hash = sha1($marketorder['order_email'] . '&' . $marketorder['order_id']);
cot_block($key == $hash);
}
/* === Hook === */
$extp = cot_getextplugins('marketorders.order.first');
foreach ($extp as $pl) {
include $pl;
}
/* ===== */
$out['subtitle'] = $L['marketorders_title'];
$out['head'] .= $R['code_noindex'];
$mskin = cot_tplfile(array('marketorders', 'order', $structure['market'][$marketorder['item_cat']]['tpl']), 'plug');
/* === Hook === */
foreach (cot_getextplugins('marketorders.order.main') as $pl) {
include $pl;
}
/* ===== */
public function deleteAction()
{
$id = cot_import('id', 'G', 'INT');
// id Объявления
$b = cot_import('b', 'G', 'HTM');
// Куда вернуться
/* === Hook === */
foreach (cot_getextplugins('advboard.delete.first') as $pl) {
include $pl;
}
/* ===== */
// Права на любую категорию доски объявлений
list(cot::$usr['auth_read'], cot::$usr['auth_write'], cot::$usr['isadmin']) = cot_auth('advboard', 'any');
cot_block(cot::$usr['auth_write']);
$advert = advboard_model_Advert::getById($id);
if (!$advert) {
cot_die_message(404, TRUE);
}
if (!cot::$usr['isadmin']) {
if ($advert->user != cot::$usr['id']) {
cot_die_message(404, TRUE);
}
}
$title = $advert->title;
$userId = $advert->user;
$advert->delete();
/* === Hook === */
foreach (cot_getextplugins('advboard.delete.done') as $pl) {
include $pl;
}
/* ===== */
if (!empty($b)) {
$b = unserialize(base64_decode($b));
} elseif (!empty($_SESSION['cot_com_back']) && !empty($_SESSION['cot_com_back']['advboard'])) {
$b = $_SESSION['cot_com_back']['advboard'];
unset($_SESSION['cot_com_back']['advboard']);
}
if (empty($b)) {
$b = array('m' => 'user');
if ($userId != cot::$usr['id']) {
$b['uid'] = $userId;
}
}
cot_message(sprintf(cot::$L['advboard_deleted'], $title));
cot_redirect(cot_url('advboard', $b, '', true));
}
* @author CMSWorks Team
* @copyright Copyright (c) CMSWorks.ru
* @license BSD
*/
defined('COT_CODE') or die('Wrong URL');
$id = cot_import('id', 'G', 'INT');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('plug', 'marketorders');
cot_block($usr['auth_read']);
if ($id > 0) {
$sql = $db->query("SELECT * FROM {$db_market_orders} AS o\n\t\tLEFT JOIN {$db_market} AS m ON m.item_id=o.order_pid\n\t\tWHERE order_id=" . $id . " LIMIT 1");
}
if (!$id || !$sql || $sql->rowCount() == 0) {
cot_die_message(404, TRUE);
}
$marketorder = $sql->fetch();
cot_block($marketorder['order_status'] == 'paid' && $marketorder['order_userid'] == $usr['id']);
/* === Hook === */
$extp = cot_getextplugins('marketorders.addclaim.first');
foreach ($extp as $pl) {
include $pl;
}
/* ===== */
if ($a == 'add') {
cot_shield_protect();
/* === Hook === */
foreach (cot_getextplugins('marketorders.addclaim.add.first') as $pl) {
include $pl;
}
/* ===== */
$rorder['order_claimtext'] = cot_import('rclaimtext', 'P', 'TXT');
/* === Hook === */
}
/* ===== */
$t = new XTemplate(cot_tplfile('payments.billing', 'module'));
/* === Hook === */
foreach (cot_getextplugins('payments.billing.main') as $pl) {
include $pl;
}
/* ===== */
$pid = cot_import('pid', 'G', 'INT');
if (empty($pid)) {
cot_redirect(cot_url('payments', 'm=error&msg=2', '', true));
}
// Получаем информацию о заказе
if ($pinfo = cot_payments_payinfo($pid)) {
// Блокируем доступ к несобственным платежкам
cot_block($usr['id'] == $pinfo['pay_userid']);
// Если счета пользователей включены, то проверяем баланс
if ($cfg['payments']['balance_enabled'] && $pinfo['pay_area'] != 'balance' && $usr['id'] > 0) {
$ubalance = cot_payments_getuserbalance($usr['id']);
if ($ubalance >= $pinfo['pay_summ']) {
if (cot_payments_updatestatus($pid, 'paid')) {
cot_payments_updateuserbalance($usr['id'], -$pinfo['pay_summ'], $pid);
/* === Hook === */
foreach (cot_getextplugins('payments.billing.paid.done') as $pl) {
include $pl;
}
/* ===== */
if (!empty($pinfo['pay_redirect'])) {
$pinfo['pay_redirect'] = $pinfo['pay_redirect'] . '&' . cot_xg();
cot_redirect($pinfo['pay_redirect']);
} else {
<?php
/**
* Structure translation tool
*
* @package I18n
* @copyright (c) Cotonti Team
* @license https://github.com/Cotonti/Cotonti/blob/master/License.txt
*/
defined('COT_CODE') or die('Wrong URL.');
cot_block($i18n_admin);
$maxperpage = $cfg['maxrowsperpage'] && is_numeric($cfg['maxrowsperpage']) && $cfg['maxrowsperpage'] > 0 ? $cfg['maxrowsperpage'] : 15;
list($pg, $d, $durl) = cot_import_pagenav('d', $maxperpage);
$out['subtitle'] = $L['i18n_structure'];
/* === Hook === */
foreach (cot_getextplugins('i18n.structure.first') as $pl) {
include $pl;
}
/* =============*/
// Refresh i18n struct data
cot_i18n_load_structure();
$cache && $cache->db->store('structure', $i18n_structure, 'i18n');
if (empty($i18n_locale) || $i18n_locale == $cfg['defaultlang']) {
// Locale selection
$t = new XTemplate(cot_tplfile('i18n.locales', 'plug'));
foreach ($i18n_locales as $lc => $title) {
if ($lc != $cfg['defaultlang']) {
$t->assign(array('I18N_LOCALE_ROW_URL' => cot_url('plug', "e=i18n&m=structure&l={$lc}", false, true), 'I18N_LOCALE_ROW_TITLE' => $title));
$t->parse('MAIN.I18N_LOCALE_ROW');
}
}
<?php
/**
* Location Selector for Cotonti
*
* @package locationselector
* @version 2.0.0
* @author CMSWorks Team
* @copyright Copyright (c) CMSWorks.ru, littledev.ru
* @license BSD
*/
defined('COT_CODE') or die('Wrong URL');
list($pn, $d, $d_url) = cot_import_pagenav('d', $cfg['maxrowsperpage']);
$id = cot_import('id', 'G', 'INT');
cot_block($id);
if ($a == 'del') {
$cid = cot_import('cid', 'G', 'INT');
$db->delete($db_ls_cities, "city_id=" . (int) $cid);
$cache && $cache->clear();
cot_redirect(cot_url('admin', 'm=other&p=locationselector&n=city&id=' . $id, '', true));
exit;
}
if ($a == 'add') {
$rnames = cot_import('rname', 'P', 'TXT');
$rnames = str_replace("\r\n", "\n", $rnames);
$rnames = explode("\n", $rnames);
if (count($rnames) > 0) {
$region = $db->query("SELECT * FROM {$db_ls_regions} WHERE region_id=" . $id . "")->fetch();
foreach ($rnames as $rname) {
if (!empty($rname)) {
$rinput = array();
<?php
/**
* projects module
*
* @package projects
* @version 2.5.2
* @author CMSWorks Team
* @copyright Copyright (c) CMSWorks.ru, littledev.ru
* @license BSD
*/
defined('COT_CODE') or die('Wrong URL.');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin'], $usr['auth_offers']) = cot_auth('projects', 'any', 'RWA1');
cot_block($usr['auth_offers']);
$choise = cot_import('choise', 'G', 'ALP');
if ($cfg['projects']['offersperpage'] > 0) {
list($pn, $d, $d_url) = cot_import_pagenav('d', $cfg['projects']['offersperpage']);
}
/* === Hook === */
foreach (cot_getextplugins('projects.useroffers.first') as $pl) {
include $pl;
}
/* ===== */
$t = new XTemplate(cot_tplfile(array('projects', 'useroffers')));
$out['subtitle'] = $L['offers_useroffers'];
$where['userid'] = "o.offer_userid=" . $usr['id'];
switch ($choise) {
case 'none':
$where['offer_choise'] = "o.offer_choise=''";
break;
case 'performer':
<?php
/* ====================
[BEGIN_COT_EXT]
Hooks=standalone
[END_COT_EXT]
==================== */
/**
* Standalone item translation tool
*
* @package I18n
* @copyright (c) Cotonti Team
* @license https://github.com/Cotonti/Cotonti/blob/master/License.txt
*/
defined('COT_CODE') or die('Wrong URL');
cot_block($i18n_write);
require_once cot_incfile('forms');
if ($m == 'structure') {
include cot_incfile('i18n', 'plug', 'structure');
} elseif ($m == 'page') {
include cot_incfile('i18n', 'plug', 'page');
} else {
/* === Hook === */
foreach (cot_getextplugins('i18n.standalone') as $pl) {
include $pl;
}
/* =============*/
}
$t->assign(array('POST_FORM_ACTION' => cot_url('sbr', 'id=' . $id . '&num=' . $num . '&a=addpost'), 'POST_FORM_TO' => cot_selectbox($to, 'to', $R['sbr_posts_to_values'], $R['sbr_posts_to_titles'])));
cot_display_messages($t, 'MAIN.SBR.POSTS.POSTFORM');
$t->parse('MAIN.SBR.POSTS.POSTFORM');
$t->parse('MAIN.SBR.POSTS');
/* === Hook === */
foreach (cot_getextplugins('sbr.tags') as $pl) {
include $pl;
}
/* ===== */
$t->parse('MAIN.SBR');
}
if ($action == 'done') {
// Действие доступно только для заказчика
cot_block($role == 'employer');
$t->assign(array('STAGEDONE_FORM_ACTION' => cot_url('sbr', 'id=' . $id . '&num=' . $num . '&a=done'), 'STAGEDONE_FORM_TEXT' => cot_textarea('rtext', $rtext, 5, 80)));
cot_display_messages($t, 'MAIN.STAGEDONE');
$t->parse('MAIN.STAGEDONE');
}
if ($action == 'claim') {
$stage = $db->query("SELECT * FROM {$db_sbr_stages} WHERE stage_sid=" . $id . " AND stage_num=" . $num)->fetch();
cot_block(!empty($role) && $sbr['sbr_status'] == 'process' && $stage['stage_status'] == 'process');
$t->assign(array('CLAIM_FORM_ACTION' => cot_url('sbr', 'id=' . $id . '&num=' . $num . '&a=claim'), 'CLAIM_FORM_TEXT' => cot_textarea('rtext', $rtext, 5, 80)));
cot_display_messages($t, 'MAIN.CLAIM');
$t->parse('MAIN.CLAIM');
}
if ($action == 'decision') {
cot_block($usr['isadmin'] && $sbr['sbr_status'] == 'claim');
$t->assign(array('DECISION_FORM_ACTION' => cot_url('sbr', 'id=' . $id . '&num=' . $num . '&a=decision'), 'DECISION_FORM_TEXT' => cot_textarea('rdecisiontext', $rtext, 5, 80), 'DECISION_FORM_PAYPERFORMER' => cot_inputbox('text', 'payperformer', $payperformer), 'DECISION_FORM_PAYEMPLOYER' => cot_inputbox('text', 'payemployer', $payemployer)));
cot_display_messages($t, 'MAIN.DECISION');
$t->parse('MAIN.DECISION');
}
<?php
/**
* marketorders plugin
*
* @package marketorders
* @version 1.0.0
* @author CMSWorks Team
* @copyright Copyright (c) CMSWorks.ru
* @license BSD
*/
defined('COT_CODE') or die('Wrong URL');
$id = cot_import('id', 'G', 'INT');
$status = cot_import('status', 'G', 'ALP');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('plug', 'marketorders');
cot_block($usr['id'] > 0 && $usr['auth_read']);
if ($cfg['plugin']['marketorders']['ordersperpage'] > 0) {
list($pn, $d, $d_url) = cot_import_pagenav('d', $cfg['plugin']['marketorders']['ordersperpage']);
}
/* === Hook === */
$extp = cot_getextplugins('marketorders.purchases.first');
foreach ($extp as $pl) {
include $pl;
}
/* ===== */
$out['subtitle'] = $L['market_purchases_title'];
$out['head'] .= $R['code_noindex'];
$mskin = cot_tplfile(array('marketorders', 'purchases'), 'plug');
/* === Hook === */
foreach (cot_getextplugins('marketorders.purchases.main') as $pl) {
include $pl;
$payouts = $db->query("SELECT * FROM {$db_payments_outs} AS o\n\t\t\tLEFT JOIN {$db_payments} AS p ON p.pay_code=o.out_id AND p.pay_area='payout'\n\t\t\tWHERE out_userid=" . $usr['id'] . "\n\t\t\tORDER BY pay_cdate DESC")->fetchAll();
if (count($payouts) > 0) {
foreach ($payouts as $payout) {
$t->assign(array('PAYOUT_ROW_ID' => $payout['out_id'], 'PAYOUT_ROW_SUMM' => $payout['out_summ'], 'PAYOUT_ROW_CDATE' => $payout['pay_cdate'], 'PAYOUT_ROW_DATE' => $payout['out_date']));
$t->parse('MAIN.PAYOUTS.PAYOUT_ROW');
}
}
$t->parse('MAIN.PAYOUTS');
} else {
cot_display_messages($t, 'MAIN.PAYOUTFORM');
$t->assign(array('PAYOUT_FORM_ACTION_URL' => cot_url('payments', 'm=balance&n=payouts&a=send'), 'PAYOUT_FORM_SUMM' => cot_inputbox('text', 'summ', $summ), 'PAYOUT_FORM_TAX' => $summ * $cfg['payments']['payouttax'] / 100, 'PAYOUT_FORM_TOTAL' => !empty($total) ? $total : 0, 'PAYOUT_FORM_DETAILS' => $details));
$t->parse('MAIN.PAYOUTFORM');
}
}
if ($n == 'transfer') {
cot_block($cfg['payments']['transfers_enabled']);
if ($a == 'add') {
$summ = cot_import('summ', 'P', 'NUM');
$username = cot_import('username', 'P', 'TXT', 100, TRUE);
$comment = cot_import('comment', 'P', 'TXT');
$taxsumm = $summ * $cfg['payments']['transfertax'] / 100;
if ($cfg['payments']['transfertaxfromrecipient']) {
$sendersumm = $summ;
$recipientsumm = $summ - $taxsumm;
} else {
$sendersumm = $summ + $taxsumm;
$recipientsumm = $summ;
}
$ubalance = cot_payments_getuserbalance($usr['id']);
$recipient = $db->query("SELECT * FROM {$db_users} WHERE user_name = ? LIMIT 1", array($username))->fetch();
cot_check(empty($recipient), 'payments_balance_transfer_error_username');
/**
* Sends emails to users so they can recovery their passwords
*
* @package Users
* @copyright (c) Cotonti Team
* @license https://github.com/Cotonti/Cotonti/blob/master/License.txt
*/
defined('COT_CODE') or die('Wrong URL');
$v = cot_import('v', 'G', 'TXT');
$email = cot_import('email', 'P', 'TXT');
/* === Hook === */
foreach (cot_getextplugins('users.passrecover.first') as $pl) {
include $pl;
}
/* ===== */
cot_block($usr['id'] == 0);
$msg = '';
if ($a == 'request' && $email != '') {
cot_shield_protect();
$sql = $db->query("SELECT user_id, user_name, user_lostpass FROM {$db_users} WHERE user_email='" . $db->prep($email) . "' ORDER BY user_id ASC");
$email_found = FALSE;
while ($row = $sql->fetch()) {
$rusername = $row['user_name'];
$ruserid = $row['user_id'];
$validationkey = $row['user_lostpass'];
if (empty($validationkey) || $validationkey == "0") {
$validationkey = md5(microtime());
$sql = $db->update($db_users, array('user_lostpass' => $validationkey, 'user_lastip' => $usr['ip']), "user_id={$ruserid}");
}
$rsubject = $L['pasrec_title'];
$ractivate = $cfg['mainurl'] . '/' . cot_url('users', 'm=passrecover&a=auth&v=' . $validationkey, '', true);
/* ====================
[BEGIN_COT_EXT]
* Hooks=standalone
[END_COT_EXT]
==================== */
defined('COT_CODE') && defined('COT_PLUG') or die('Wrong URL');
require_once cot_incfile('paytop', 'plug');
$pt_cfg = cot_cfg_paytop();
if (empty($m)) {
$area = cot_import('area', 'G', 'ALP');
if (empty($pt_cfg[$area]) || empty($pt_cfg[$area]['cost'])) {
cot_block();
}
list($auth_read, $auth_write, $auth_admin) = cot_auth('plug', 'paytop');
cot_block($auth_write);
if ($a == 'buy') {
if (!cot_error_found()) {
$options['desc'] = $L['paytop_buytop_paydesc'] . ' (' . $pt_cfg[$area]['name'] . ')';
$options['time'] = !empty($pt_cfg[$area]['period']) ? $pt_cfg[$area]['period'] : 2592000;
if ($db->fieldExists($db_payments, "pay_redirect")) {
$options['redirect'] = $cfg['mainurl'] . '/' . cot_url('payments', 'm=balance', '', true);
}
cot_payments_create_order('paytop.' . $area, $pt_cfg[$area]['cost'], $options);
}
}
$t = new XTemplate(cot_tplfile(array('paytop', $area), 'plug'));
cot_display_messages($t);
$t->assign(array('TOP_FORM_ACTION' => cot_url('plug', 'e=paytop&a=buy&area=' . $area), 'TOP_FORM_COST' => $pt_cfg[$area]['cost'], 'TOP_FORM_AREA_NAME' => $pt_cfg[$area]['name']));
} elseif ($m == 'my') {
$t = new XTemplate(cot_tplfile(array('paytop', 'my'), 'plug'));
}
/* ===== */
$com_grp = $usr['isadmin'] ? 'adm' : 'usr';
cot_log('Edited comment #' . $id, $com_grp);
cot_redirect(cot_url($url_area, $url_params, '#c' . $id, true));
}
}
$t->assign(array('COMMENTS_TITLE' => $plugin_title, 'COMMENTS_TITLE_URL' => cot_url('plug', 'e=comments')));
$t->parse('MAIN.COMMENTS_TITLE');
$sql = $db->query("SELECT * FROM {$db_com} WHERE com_id=? AND com_code=? AND com_area=?", array($id, $item, $area));
cot_die($sql->rowCount() != 1);
$com = $sql->fetch();
$com_limit = $sys['now'] < $com['com_date'] + $cfg['plugin']['comments']['time'] * 60 ? TRUE : FALSE;
$usr['isowner'] = $com_limit && ($usr['id'] > 0 && $com['com_authorid'] == $usr['id'] || $usr['id'] == 0 && isset($_SESSION['cot_comments_edit'][$id]));
$usr['allow_write'] = $usr['isadmin'] || $usr['isowner'];
cot_block($usr['allow_write']);
$editor = $cfg['plugin']['comments']['markup'] ? 'input_textarea_minieditor' : '';
$t->assign(array('COMMENTS_FORM_POST' => cot_url('plug', 'e=comments&m=edit&a=update&area=' . $area . '&cat=' . $cat . '&item=' . $com['com_code'] . '&id=' . $com['com_id']), 'COMMENTS_POSTER_TITLE' => $L['Poster'], 'COMMENTS_POSTER' => $com['com_author'], 'COMMENTS_IP_TITLE' => $L['Ip'], 'COMMENTS_IP' => $com['com_authorip'], 'COMMENTS_DATE_TITLE' => $L['Date'], 'COMMENTS_DATE' => cot_date('datetime_medium', $com['com_date']), 'COMMENTS_DATE_STAMP' => $com['com_date'], 'COMMENTS_FORM_UPDATE_BUTTON' => $L['Update'], 'COMMENTS_FORM_TEXT' => cot_textarea('comtext', $com['com_text'], 8, 64, '', $editor)));
// Extra fields
foreach ($cot_extrafields[$db_com] as $exfld) {
$uname = strtoupper($exfld['field_name']);
$exfld_val = cot_build_extrafields('rcomments' . $exfld['field_name'], $exfld, $com[$exfld['field_name']]);
$exfld_title = isset($L['comments_' . $exfld['field_name'] . '_title']) ? $L['comments_' . $exfld['field_name'] . '_title'] : $exfld['field_description'];
$t->assign(array('COMMENTS_FORM_' . $uname => $exfld_val, 'COMMENTS_FORM_' . $uname . '_TITLE' => $exfld_title, 'COMMENTS_FORM_EXTRAFLD' => $exfld_val, 'COMMENTS_FORM_EXTRAFLD_TITLE' => $exfld_title));
$t->parse('COMMENTS.COMMENTS_FORM_EDIT.EXTRAFLD');
}
/* == Hook == */
foreach (cot_getextplugins('comments.edit.tags') as $pl) {
include $pl;
}
/* ===== */
cot_die($sql->rowCount() == 0);
$item = $sql->fetch();
cot_block($usr['isadmin'] || $usr['id'] == $item['item_userid']);
$delete = cot_import('rdelete', 'P', 'BOL');
$ritem['item_text'] = cot_import('rtext', 'P', 'TXT');
$ritem['item_score'] = (int) cot_import('rscore', 'P', 'INT');
cot_check(empty($ritem['item_text']), 'reviews_error_emptytext');
cot_check(empty($ritem['item_score']), 'review_error_emptyscore');
if (!cot_error_found()) {
$db->update($db_reviews, $ritem, "item_id='" . (int) $itemid . "'");
/* === Hook === */
foreach (cot_getextplugins('reviews.edit.update.done') as $pl) {
include $pl;
}
/* ===== */
}
} elseif ($a == 'delete') {
$sql = $db->query("SELECT * FROM {$db_reviews} as r\n\t\tLEFT JOIN {$db_users} as u ON u.user_id=r.item_touserid WHERE item_id='{$itemid}' LIMIT 1");
cot_die($sql->rowCount() == 0);
$item = $sql->fetch();
cot_block($usr['id'] == $item['item_userid'] || $usr['isadmin']);
$db->delete($db_reviews, "item_id='{$itemid}'");
/* === Hook === */
foreach (cot_getextplugins('reviews.edit.delete.done') as $pl) {
include $pl;
}
/* ===== */
}
$redirect = empty($redirect) ? base64_decode($sys['uri_redir']) : base64_decode($redirect);
cot_redirect($redirect);
exit;
if ($paction == $L['Validate'] && is_array($s)) {
cot_check_xp();
$perelik = '';
$notfoundet = '';
foreach ($s as $i => $k) {
if ($s[$i] == '1' || $s[$i] == 'on') {
/* === Hook === */
foreach (cot_getextplugins('page.admin.checked_validate') as $pl) {
include $pl;
}
/* ===== */
$sql_page = $db->query("SELECT * FROM {$db_pages} WHERE page_id=" . (int) $i);
if ($row = $sql_page->fetch()) {
$id = $row['page_id'];
$usr['isadmin_local'] = cot_auth('page', $row['page_cat'], 'A');
cot_block($usr['isadmin_local']);
$sql_page = $db->update($db_pages, array('page_state' => 0), "page_id={$id}");
$sql_page = $db->query("UPDATE {$db_structure} SET structure_count=structure_count+1 WHERE structure_code=" . $db->quote($row['page_cat']));
cot_log($L['Page'] . ' #' . $id . ' - ' . $L['adm_queue_validated'], 'adm');
if ($cache && $cfg['cache_page']) {
$cache->page->clear('page/' . str_replace('.', '/', $structure['page'][$row['page_cat']]['path']));
}
$perelik .= '#' . $id . ', ';
} else {
$notfoundet .= '#' . $id . ' - ' . $L['Error'] . '<br />';
}
}
}
$cache && $cache->db->remove('structure', 'system');
if ($cache && $cfg['cache_index']) {
$cache->page->clear('index');
* @copyright Copyright (c) CMSWorks.ru, littledev.ru
* @license BSD
*/
defined('COT_CODE') or die('Wrong URL.');
$userid = cot_import('userid', 'G', 'INT');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin'], $usr['auth_offers']) = cot_auth('projects', $item['item_cat'], 'RWA1');
if ($cfg['projects']['offersperpage'] > 0) {
list($pn, $d, $d_url) = cot_import_pagenav('d', $cfg['projects']['offersperpage']);
}
/* @var $db CotDB */
/* @var $cache Cache */
/* @var $t Xtemplate */
if ($a == 'addoffer') {
cot_shield_protect();
$sql = $db->query("SELECT * FROM {$db_projects_offers} WHERE offer_pid=" . $id . " AND offer_userid=" . $usr['id'] . "");
cot_block($usr['auth_offers'] && $sql->fetchColumn() == 0 && $usr['id'] != $item['item_userid']);
/* === Hook === */
foreach (cot_getextplugins('projects.offers.add.first') as $pl) {
include $pl;
}
/* ===== */
$roffer['offer_cost_min'] = (int) cot_import('costmin', 'P', 'NUM');
$roffer['offer_cost_max'] = (int) cot_import('costmax', 'P', 'NUM');
$roffer['offer_time_min'] = (int) cot_import('timemin', 'P', 'INT');
$roffer['offer_time_max'] = (int) cot_import('timemax', 'P', 'INT');
$roffer['offer_time_type'] = (int) cot_import('timetype', 'P', 'INT');
$roffer['offer_hidden'] = (int) cot_import('hidden', 'P', 'BOL');
$roffer['offer_text'] = cot_import('offertext', 'P', 'HTM');
$roffer['offer_pid'] = (int) $id;
$roffer['offer_userid'] = (int) $usr['id'];
$roffer['offer_date'] = (int) $sys['now'];
<?php
/**
* [BEGIN_COT_EXT]
* Hooks=projects.add.first
* [END_COT_EXT]
*/
defined('COT_CODE') or die('Wrong URL.');
require_once cot_incfile('paypro', 'plug');
if (!cot_getuserpro() && $cfg['plugin']['paypro']['projectslimit'] > 0 && $cfg['plugin']['paypro']['projectslimit'] <= cot_getcountprjofuser($usr['id'])) {
cot_block();
}
include $pl;
}
/* ===== */
$sys['parser'] = $cfg['projects']['parser'];
$parser_list = cot_get_parsers();
if ($a == 'add') {
cot_shield_protect();
$ritem = array();
/* === Hook === */
foreach (cot_getextplugins('projects.add.add.first') as $pl) {
include $pl;
}
/* ===== */
$ritem = cot_projects_import('POST', array(), $usr);
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('projects', $ritem['item_cat']);
cot_block($usr['auth_write']);
/* === Hook === */
foreach (cot_getextplugins('projects.add.add.import') as $pl) {
include $pl;
}
/* ===== */
cot_projects_validate($ritem);
/* === Hook === */
foreach (cot_getextplugins('projects.add.add.error') as $pl) {
include $pl;
}
/* ===== */
if (!cot_error_found()) {
$id = cot_projects_add($ritem, $usr);
switch ($ritem['item_state']) {
case 0:
cot_blockguests();
cot_check_xg();
isset(cot::$structure['forums'][$s]) || cot_die();
$sql_forums = cot::$db->query("SELECT * FROM {$db_forum_posts} WHERE fp_id = ? and fp_topicid = ? and fp_cat = ?", array($p, $q, $s));
if ($rowpost = $sql_forums->fetch()) {
list(cot::$usr['auth_read'], cot::$usr['auth_write'], cot::$usr['isadmin']) = cot_auth('forums', $s);
/* === Hook === */
foreach (cot_getextplugins('forums.editpost.rights') as $pl) {
include $pl;
}
/* ===== */
if (!cot::$usr['isadmin'] && ($rowpost['fp_posterid'] != cot::$usr['id'] || cot::$cfg['forums']['edittimeout'] != '0' && cot::$sys['now'] - $rowpost['fp_creation'] > cot::$cfg['forums']['edittimeout'] * 3600)) {
cot_log('Attempt to edit a post without rights', 'sec');
cot_die();
}
cot_block(cot::$usr['auth_read']);
} else {
cot_die();
}
$is_first_post = $p == cot::$db->query("SELECT fp_id FROM {$db_forum_posts} WHERE fp_topicid = ? ORDER BY fp_id ASC LIMIT 1", array($q))->fetchColumn();
$sql_forums = cot::$db->query("SELECT ft_state, ft_mode, ft_title, ft_desc FROM {$db_forum_topics} WHERE ft_id = {$q} LIMIT 1");
if ($rowt = $sql_forums->fetch()) {
if ($rowt['ft_state'] && !cot::$usr['isadmin']) {
cot_die_message(603, true);
}
} else {
cot_die(true, true);
}
if ($a == 'update') {
/* === Hook === */
foreach (cot_getextplugins('forums.editpost.update.first') as $pl) {
*
* @package roboxbilling
* @version 1.0
* @author CMSWorks Team
* @copyright Copyright (c) CMSWorks.ru
* @license BSD
*/
defined('COT_CODE') && defined('COT_PLUG') or die('Wrong URL');
require_once cot_incfile('roboxbilling', 'plug');
require_once cot_incfile('payments', 'module');
$m = cot_import('m', 'G', 'ALP');
$pid = cot_import('pid', 'G', 'INT');
if (empty($m)) {
// Получаем информацию о заказе
if (!empty($pid) && ($pinfo = cot_payments_payinfo($pid))) {
cot_block($pinfo['pay_status'] == 'new' || $pinfo['pay_status'] == 'process');
$url = $cfg['plugin']['roboxbilling']['testmode'] ? 'http://test.robokassa.ru/Index.aspx' : 'https://merchant.roboxchange.com/Index.aspx';
$mrh_login = $cfg['plugin']['roboxbilling']['mrh_login'];
$mrh_pass1 = $cfg['plugin']['roboxbilling']['mrh_pass1'];
$inv_id = $pid;
$shp_item = !empty($pinfo['pay_code']) ? $pinfo['pay_area'] . '_' . $pinfo['pay_code'] : $pinfo['pay_area'];
$inv_desc = $pinfo['pay_desc'];
$in_curr = '';
$culture = "ru";
$out_summ = $pinfo['pay_summ'] * $cfg['plugin']['roboxbilling']['rate'];
if ($cfg['plugin']['roboxbilling']['testmode']) {
$test_string = "&IsTest=1";
}
$crc = md5("{$mrh_login}:{$out_summ}:{$inv_id}:{$mrh_pass1}:Shp_item={$shp_item}");
$post_opt = "MrchLogin="******"&OutSum=" . $out_summ . "&InvId=" . $inv_id . "&Desc=" . $inv_desc . "&SignatureValue=" . $crc . "&Shp_item=" . $shp_item . "&IncCurrLabel=" . $in_curr . "&Culture=" . $culture . $test_string;
cot_payments_updatestatus($pid, 'process');
/**
* mavatars for Cotonti CMF
*
* @version 1.00
* @author esclkm
* @copyright (c) 2013 esclkm
*/
defined('COT_CODE') or die('Wrong URL');
/* @var $db CotDB */
/* @var $cache Cache */
/* @var $t Xtemplate */
$id = cot_import('id', 'G', 'INT');
$h = cot_import('h', 'G', 'INT');
$w = cot_import('w', 'G', 'INT');
$method = cot_import('method', 'G', 'TXT');
cot_block((int) $id > 0);
$h = empty($h) ? (int) $cfg['plugin']['mavatars']['height'] : (int) $h;
$w = empty($w) ? (int) $cfg['plugin']['mavatars']['width'] : (int) $w;
$method = empty($method) ? $cfg['plugin']['mavatars']['method'] : $method;
$h = empty($h) ? 640 : (int) $h;
$w = empty($w) ? 640 : (int) $w;
$method = empty($method) ? 'width' : $method;
$sql = $db->query("SELECT * FROM {$db_mavatars} WHERE mav_id=" . (int) $id . " LIMIT 1");
$t = new XTemplate(cot_tplfile(array('mavatars', 'show'), 'plug'));
if ($mav_row = $sql->fetch()) {
$i++;
$mavatar = array();
foreach ($mav_row as $key => $val) {
$keyx = str_replace('mav_', '', $key);
if ($keyx == 'filepath' || $keyx == 'thumbpath') {
$val .= substr($val, -1) == '/' ? '' : '/';
<?php
/**
* Administration panel - PHP Infos
*
* @package Cotonti
* @copyright (c) Cotonti Team
* @license https://github.com/Cotonti/Cotonti/blob/master/License.txt
*/
defined('COT_CODE') && defined('COT_ADMIN') or die('Wrong URL.');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('admin', 'a');
cot_block($usr['auth_read']);
$t = new XTemplate(cot_tplfile('admin.infos', 'core'));
$adminpath[] = array(cot_url('admin', 'm=other'), $L['Other']);
$adminpath[] = array(cot_url('admin', 'm=infos'), $L['adm_infos']);
$adminhelp = $L['adm_help_versions'];
$adminsubtitle = $L['adm_infos'];
/* === Hook === */
foreach (cot_getextplugins('admin.infos.first') as $pl) {
include $pl;
}
/* ===== */
@error_reporting(0);
$t->assign(array('ADMIN_INFOS_PHPVER' => function_exists('phpversion') ? phpversion() : $L['adm_help_config'], 'ADMIN_INFOS_ZENDVER' => function_exists('zend_version') ? zend_version() : $L['adm_help_config'], 'ADMIN_INFOS_INTERFACE' => function_exists('php_sapi_name') ? php_sapi_name() : $L['adm_help_config'], 'ADMIN_INFOS_CACHEDRIVERS' => is_array($cot_cache_drivers) ? implode(', ', $cot_cache_drivers) : '', 'ADMIN_INFOS_OS' => function_exists('php_uname') ? php_uname() : $L['adm_help_config'], 'ADMIN_INFOS_DATE' => cot_date('datetime_medium', $sys['now'], false), 'ADMIN_INFOS_GMDATE' => gmdate('Y-m-d H:i'), 'ADMIN_INFOS_GMTTIME' => $usr['gmttime'], 'ADMIN_INFOS_USRTIME' => $usr['localtime'], 'ADMIN_INFOS_TIMETEXT' => $usr['timetext']));
/* === Hook === */
foreach (cot_getextplugins('admin.infos.tags') as $pl) {
include $pl;
}
/* ===== */
$t->parse('MAIN');
$adminmain = $t->text('MAIN');
* @author CMSWorks Team
* @copyright Copyright (c) CMSWorks.ru
* @license BSD
*/
defined('COT_CODE') or die('Wrong URL');
$pid = cot_import('pid', 'G', 'INT');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = cot_auth('plug', 'marketorders');
cot_block($usr['auth_read']);
if ($pid > 0) {
$sql = $db->query("SELECT m.*, u.* FROM {$db_market} AS m LEFT JOIN {$db_users} AS u ON u.user_id=m.item_userid WHERE item_id=" . $pid . " LIMIT 1");
}
if (!$pid || !$sql || $sql->rowCount() == 0) {
cot_die_message(404, TRUE);
}
$item = $sql->fetch();
cot_block($item['item_cost'] > 0 && $item['item_state'] == 0);
/* === Hook === */
$extp = cot_getextplugins('marketorders.neworder.first');
foreach ($extp as $pl) {
include $pl;
}
/* ===== */
if ($a == 'add') {
cot_shield_protect();
/* === Hook === */
foreach (cot_getextplugins('marketorders.neworder.add.first') as $pl) {
include $pl;
}
/* ===== */
$rorder['order_count'] = cot_import('rcount', 'P', 'INT');
$rorder['order_text'] = cot_import('rtext', 'P', 'TXT');