/** * Вывод гостевой книги в публичной части * */ function guestbookShow($type = "") { global $AVE_DB, $AVE_Template, $mod; if ($type == "standalone") { $document = get_current_document_id(); } $_REQUEST['pp'] = !empty($_REQUEST['pp']) && is_numeric($_REQUEST['pp']) ? $_REQUEST['pp'] : '10'; if (empty($_REQUEST['sort'])) { $_REQUEST['sort'] = 'asc'; } if ($_REQUEST['sort'] != 'asc') { $_REQUEST['sort'] = 'desc'; } // Если надо использовать защиту от спама - проверяем наличие библиотеки GD и функции вывода текста на изображение if ($this->_guestbookSettingsGet('guestbook_antispam') == 1 && @extension_loaded('gd') == 1 && function_exists('imagettftext')) { $AVE_Template->assign('use_code', 1); } $AVE_Template->assign('post_max_length', $this->_guestbookSettingsGet('guestbook_post_max_length')); $AVE_Template->assign('dessel', $_REQUEST['sort'] == 'desc' ? 'selected="selected"' : ''); $AVE_Template->assign('ascsel', $_REQUEST['sort'] == 'asc' ? 'selected="selected"' : ''); $AVE_Template->assign('pps_array', $this->_guestbookPostPerSiteGet()); // Если разрешено использовать bbCode, передаем в шаблон разрешение if ($this->_guestbookSettingsGet('guestbook_use_bbcode') == 1) { $AVE_Template->assign('use_bbcode', 1); } // Получаем количество сообщений и формируем постраничную навигацию $inserts = array(); $num = $AVE_DB->Query("\r\n\t\t\tSELECT COUNT(*)\r\n\t\t\tFROM " . PREFIX . "_modul_guestbook_post\r\n\t\t\tWHERE guestbook_post_approve = '1' AND\n\t\t\tguestbook_post_document = '" . $document . "'\r\n\t\t")->GetCell(); if ($num > $_REQUEST['pp']) { if ($document) { $page_nav = " <a class=\"page_navigation\" href=\"index.php?id=" . $document . "&pp=" . $_REQUEST['pp'] . "&sort=" . $_REQUEST['sort'] . "&page={s}\">{t}</a> "; } else { $page_nav = " <a class=\"page_navigation\" href=\"index.php?module=guestbook&pp=" . $_REQUEST['pp'] . "&sort=" . $_REQUEST['sort'] . "&page={s}\">{t}</a> "; } $page_nav = get_pagination(ceil($num / $_REQUEST['pp']), 'page', $page_nav); $AVE_Template->assign('pages', $page_nav); } $start = get_current_page() * $_REQUEST['pp'] - $_REQUEST['pp']; // Получаем список всех сообщений и передаем их в шаблон для вывода $sql = $AVE_DB->Query("\r\n\t\t\tSELECT *\r\n\t\t\tFROM " . PREFIX . "_modul_guestbook_post\r\n\t\t\tWHERE guestbook_post_approve = '1'AND\n\t\t\tguestbook_post_document = '" . $document . "'\r\n\t\t\tORDER BY id " . $_REQUEST['sort'] . "\r\n\t\t\tLIMIT " . $start . "," . $_REQUEST['pp']); while ($row = $sql->FetchRow()) { if ($this->_guestbookSettingsGet('guestbook_use_bbcode') == 1) { $row->guestbook_post_text = $this->_guestbookBbcodeParse($row->guestbook_post_text); } else { $row->guestbook_post_text = htmlspecialchars($row->guestbook_post_text); $row->guestbook_post_text = str_replace("\r", "", $row->guestbook_post_text); $row->guestbook_post_text = "<p>" . preg_replace("/(\n){2,}/", "</p><p>", $row->guestbook_post_text) . "</p>"; $row->guestbook_post_text = nl2br($row->guestbook_post_text); } array_push($inserts, $row); } $AVE_Template->assign('comments_array', $inserts); $AVE_Template->assign('allcomments', $num); if ($type == "standalone") { $AVE_Template->assign('document', $document); $AVE_Template->display($mod['tpl_dir'] . 'guestbook.tpl'); } else { define('MODULE_CONTENT', $AVE_Template->fetch($mod['tpl_dir'] . 'guestbook.tpl')); } }
/** * Обработка тега модуля * * @param int $sysblock_id идентификатор системного блока */ function mod_sysblock($sysblock_id) { global $AVE_DB; if (is_numeric($sysblock_id)) { $cache_file = BASE_DIR . '/cache/module/sysblock-' . $sysblock_id . '.cache'; if (!file_exists(dirname($cache_file))) { mkdir(dirname($cache_file), 0766, true); } if (file_exists($cache_file)) { $return = file_get_contents($cache_file); } else { $return = $AVE_DB->Query("\r\n SELECT sysblock_text\r\n FROM " . PREFIX . "_modul_sysblock\r\n WHERE id = '" . $sysblock_id . "'\r\n LIMIT 1\r\n ")->GetCell(); file_put_contents($cache_file, $return); } // парсим остальные теги основного шаблона $search = array('[tag:mediapath]', '[tag:path]', '[tag:home]', '[tag:docid]', '[tag:breadcrumb]'); $replace = array(ABS_PATH . 'templates/' . THEME_FOLDER . '/', ABS_PATH, get_home_link(), get_current_document_id(), get_breadcrumb()); $return = str_replace($search, $replace, $return); $return = preg_replace_callback('/\\[tag:request:(\\d+)\\]/', 'request_parse', $return); // парсим остальные теги основного шаблона eval('?>' . $return . '<?'); } }
/** * Обработка тега системного блока * * @param int $id идентификатор системного блока */ function parse_sysblock($id) { global $AVE_DB, $AVE_Core; $gen_time = microtime(); if (is_array($id)) { $id = $id[1]; } if (is_numeric($id)) { $eval_sysblock = false; if ($id < 0) { $id = abs($id); $eval_sysblock = true; } $cache_file = BASE_DIR . '/cache/sql/sysblock-' . $id . '.cache'; if (!file_exists(dirname($cache_file))) { mkdir(dirname($cache_file), 0766, true); } if (file_exists($cache_file)) { $return = file_get_contents($cache_file); } else { $return = $AVE_DB->Query("\n SELECT sysblock_text\n FROM " . PREFIX . "_sysblocks\n WHERE id = '" . $id . "'\n LIMIT 1\n ")->GetCell(); file_put_contents($cache_file, $return); } // парсим остальные теги основного шаблона $search = array('[tag:mediapath]', '[tag:path]', '[tag:home]', '[tag:docid]', '[tag:breadcrumb]'); $replace = array(ABS_PATH . 'templates/' . THEME_FOLDER . '/', ABS_PATH, get_home_link(), get_current_document_id(), get_breadcrumb()); $return = str_replace($search, $replace, $return); $return = preg_replace_callback('/\\[tag:request:(\\d+)\\]/', 'request_parse', $return); if ($eval_sysblock) { $return = eval2var('?' . '>' . $return . '<' . '?'); } $gen_time = microtime() - $gen_time; $GLOBALS['block_generate'][] = array('SYSBLOCK_' . $id => $gen_time); return $return; } }
/** * Обработка тега запроса. * Возвращает список документов удовлетворяющих параметрам запроса * оформленный с использованием шаблона * * @param int $id идентификатор запроса * @return string */ function request_parse($id) { global $AVE_Core, $AVE_DB, $request_documents; $return = ''; if (is_array($id)) { $id = $id[1]; } $row_ab = $AVE_DB->Query("\r\n\t\tSELECT *\r\n\t\tFROM " . PREFIX . "_request\r\n\t\tWHERE Id = '" . $id . "'\r\n\t")->FetchRow(); if (is_object($row_ab)) { $ttl = (int) $row_ab->request_cache_lifetime; $limit = $row_ab->request_items_per_page < 1 ? 1 : $row_ab->request_items_per_page; $main_template = $row_ab->request_template_main; $item_template = $row_ab->request_template_item; $request_order_by = $row_ab->request_order_by; $request_asc_desc = $row_ab->request_asc_desc; $request_order = $request_order_by . " " . $request_asc_desc; $request_order_fields = ''; $request_order_tables = ''; if ($row_ab->request_order_by_nat) { $request_order_tables = "LEFT JOIN " . PREFIX . "_document_fields AS s" . $row_ab->request_order_by_nat . "\r\n\t\t\t ON (s" . $row_ab->request_order_by_nat . ".document_id = a.Id and s" . $row_ab->request_order_by_nat . ".rubric_field_id=" . $row_ab->request_order_by_nat . ")"; $request_order_fields = "s" . $row_ab->request_order_by_nat . ".field_value, "; $request_order = "s" . $row_ab->request_order_by_nat . ".field_value " . $row_ab->request_asc_desc; } $doctime = get_settings('use_doctime') ? "AND a.document_published <= UNIX_TIMESTAMP() AND\r\n \t\t \t(a.document_expire = 0 OR a.document_expire >=UNIX_TIMESTAMP())" : ''; $where_cond = empty($_POST['req_' . $id]) && empty($_SESSION['doc_' . $AVE_Core->curentdoc->Id]['req_' . $id]) ? unserialize($row_ab->request_where_cond) : unserialize(request_get_condition_sql_string($row_ab->Id)); $where_cond['from'] = str_replace('%%PREFIX%%', PREFIX, $where_cond['from']); $where_cond['where'] = str_replace('%%PREFIX%%', PREFIX, $where_cond['where']); if ($row_ab->request_show_pagination == 1) { if (!empty($AVE_Core->install_modules['comment']->Status)) { $num = $AVE_DB->Query(eval2var(" ?> \r\n\t\t\t\t\tSELECT COUNT(*)\r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t" . ($where_cond['from'] ? $where_cond['from'] : '') . "\r\n\t\t\t\t\t" . PREFIX . "_documents AS a\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\ta.Id != '1'\r\n\t\t\t\t\tAND a.Id != '" . PAGE_NOT_FOUND_ID . "'\r\n\t\t\t\t\tAND a.Id != '" . get_current_document_id() . "'\r\n\t\t\t\t\tAND a.rubric_id = '" . $row_ab->rubric_id . "'\r\n\t\t\t\t\tAND a.document_deleted != '1'\r\n\t\t\t\t\tAND a.document_status != '0'\r\n\t\t\t\t\t" . $where_cond['where'] . "\r\n\t\t\t\t\t" . $doctime . "\r\n\t\t\t\t<?php "), $ttl, 'rub_' . $row_ab->rubric_id)->GetCell(); } else { $num = $AVE_DB->Query(eval2var(" ?>\r\n\t\t\t\t\tSELECT COUNT(*)\r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t" . ($where_cond['from'] ? $where_cond['from'] : '') . "\r\n\t\t\t\t\t" . PREFIX . "_documents AS a\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\ta.Id != '1'\r\n\t\t\t\t\tAND a.Id != '" . PAGE_NOT_FOUND_ID . "'\r\n\t\t\t\t\tAND a.Id != '" . get_current_document_id() . "'\r\n\t\t\t\t\tAND a.rubric_id = '" . $row_ab->rubric_id . "'\r\n\t\t\t\t\tAND a.document_deleted != '1'\r\n\t\t\t\t\tAND a.document_status != '0'\r\n\t\t\t\t\t" . $where_cond['where'] . "\r\n\t\t\t\t\t" . $doctime . "\r\n\t\t\t\t<?php "), $ttl, 'rub_' . $row_ab->rubric_id)->GetCell(); } $seiten = ceil($num / $limit); if (isset($_REQUEST['apage']) && is_numeric($_REQUEST['apage']) && $_REQUEST['apage'] > $seiten) { $redirect_link = rewrite_link('index.php?id=' . $AVE_Core->curentdoc->Id . '&doc=' . (empty($AVE_Core->curentdoc->document_alias) ? prepare_url($AVE_Core->curentdoc->document_title) : $AVE_Core->curentdoc->document_alias) . (isset($_REQUEST['artpage']) && is_numeric($_REQUEST['artpage']) ? '&artpage=' . $_REQUEST['artpage'] : '') . (isset($_REQUEST['page']) && is_numeric($_REQUEST['page']) ? '&page=' . $_REQUEST['page'] : '')); header('Location:' . $redirect_link); exit; } $start = get_current_page('apage') * $limit - $limit; } else { $start = 0; } if ($row_ab->request_items_per_page != 0) { $filter_limit = "LIMIT " . $start . "," . $limit; } if (!empty($AVE_Core->install_modules['comment']->Status)) { $q = " ?>\r\n\t\t\t\tSELECT\r\n\t\t\t\t\t" . $request_order_fields . "\r\n\t\t\t\t\ta.Id,\r\n\t\t\t\t\ta.document_title,\r\n\t\t\t\t\ta.document_alias,\r\n\t\t\t\t\ta.document_author_id,\r\n\t\t\t\t\ta.document_count_view,\r\n\t\t\t\t\ta.document_published,\r\n\t\t\t\t\tCOUNT(b.document_id) AS nums\r\n\t\t\t\tFROM\r\n\t\t\t\t\t" . ($where_cond['from'] ? $where_cond['from'] : '') . "\r\n\t\t\t\t\t" . PREFIX . "_documents AS a\r\n\t\t\t\tLEFT JOIN\r\n\t\t\t\t\t" . PREFIX . "_modul_comment_info AS b\r\n\t\t\t\t\t\tON b.document_id = a.Id\r\n\t\t\t\t " . ($request_order_tables > '' ? $request_order_tables : '') . "\t\r\n\t\t\t\tWHERE\r\n\t\t\t\t\ta.Id != '1'\r\n\t\t\t\tAND a.Id != '" . PAGE_NOT_FOUND_ID . "'\r\n\t\t\t\tAND a.Id != '" . get_current_document_id() . "'\r\n\t\t\t\tAND a.rubric_id = '" . $row_ab->rubric_id . "'\r\n\t\t\t\tAND a.document_deleted != '1'\r\n\t\t\t\tAND a.document_status != '0'\r\n\t\t\t\t" . $where_cond['where'] . "\r\n\t\t\t\t" . $doctime . "\r\n\t\t\t\tGROUP BY a.Id\r\n\t\t\t\tORDER BY " . $request_order . "\r\n\t\t\t\t" . $filter_limit . " <?php "; } else { $q = " ?>\r\n\t\t\t\tSELECT\r\n\t\t\t\t\t" . $request_order_fields . "\r\n\t\t\t\t\ta.Id,\r\n\t\t\t\t\ta.document_title,\r\n\t\t\t\t\ta.document_alias,\r\n\t\t\t\t\ta.document_author_id,\r\n\t\t\t\t\ta.document_count_view,\r\n\t\t\t\t\ta.document_published\r\n\t\t\t\tFROM\r\n\t\t\t\t\t" . ($where_cond['from'] ? $where_cond['from'] : '') . "\r\n\t\t\t\t\t\r\n\t\t\t\t\t" . PREFIX . "_documents AS a\r\n\t\t\t\t\t" . ($request_order_tables > '' ? $request_order_tables : "") . "\r\n\t\t\t\tWHERE\r\n\t\t\t\t\ta.Id != '1'\r\n\t\t\t\tAND a.Id != '" . PAGE_NOT_FOUND_ID . "'\r\n\t\t\t\tAND a.Id != '" . get_current_document_id() . "'\r\n\t\t\t\tAND a.rubric_id = '" . $row_ab->rubric_id . "'\r\n\t\t\t\tAND a.document_deleted != '1'\r\n\t\t\t\tAND a.document_status != '0'\r\n\t\t\t\t" . $where_cond['where'] . "\r\n\t\t\t\t" . $doctime . "\r\n\t\t\t\tORDER BY " . $request_order . "\r\n\t\t\t\t" . $filter_limit . " <?php "; } $q = eval2var($q); $q = $AVE_DB->Query($q, $ttl, 'rub_' . $row_ab->rubric_id); if ($q->NumRows() > 0) { $main_template = preg_replace('/\\[tag:if_empty](.*?)\\[\\/tag:if_empty]/si', '', $main_template); $main_template = str_replace(array('[tag:if_notempty]', '[/tag:if_notempty]'), '', $main_template); } else { $main_template = preg_replace('/\\[tag:if_notempty](.*?)\\[\\/tag:if_notempty]/si', '', $main_template); $main_template = str_replace(array('[tag:if_empty]', '[/tag:if_empty]'), '', $main_template); } $page_nav = ''; if ($row_ab->request_show_pagination == 1 && $seiten > 1 && $row_ab->request_items_per_page != 0) { $page_nav = ' <a class="pnav" href="index.php?id=' . $AVE_Core->curentdoc->Id . '&doc=' . (empty($AVE_Core->curentdoc->document_alias) ? prepare_url($AVE_Core->curentdoc->document_title) : $AVE_Core->curentdoc->document_alias) . (isset($_REQUEST['artpage']) && is_numeric($_REQUEST['artpage']) ? '&artpage=' . $_REQUEST['artpage'] : '') . '&apage={s}' . (isset($_REQUEST['page']) && is_numeric($_REQUEST['page']) ? '&page=' . $_REQUEST['page'] : '') . '">{t}</a> '; $page_nav = get_pagination($seiten, 'apage', $page_nav, get_settings('navi_box')); $page_nav = rewrite_link($page_nav); } $rows = array(); $request_documents = array(); while ($row = $q->FetchRow()) { array_push($request_documents, $row->Id); array_push($rows, $row); } $items = ''; foreach ($rows as $row) { $cachefile_docid = BASE_DIR . '/cache/sql/doc_' . $row->Id . '/request-' . $id . '.cache'; if (!file_exists($cachefile_docid)) { $item = preg_replace('/\\[tag:rfld:(\\d+)]\\[(more|esc|[0-9-]+)]/e', "request_get_document_field(\"\$1\", {$row->Id}, \"\$2\")", $item_template); //if(!file_exists(dirname($cachefile_docid)))mkdir(dirname($cachefile_docid),0777,true); //file_put_contents($cachefile_docid,$item); } else { $item = file_get_contents($cachefile_docid); } $link = rewrite_link('index.php?id=' . $row->Id . '&doc=' . (empty($row->document_alias) ? prepare_url($row->document_title) : $row->document_alias)); $item = str_replace('[tag:link]', $link, $item); $item = str_replace('[tag:docid]', $row->Id, $item); $item = str_replace('[tag:doctitle]', $row->document_title, $item); $item = str_replace('[tag:docparent]', $row->document_parent, $item); $item = str_replace('[tag:docdate]', pretty_date(strftime(DATE_FORMAT, $row->document_published)), $item); $item = str_replace('[tag:doctime]', pretty_date(strftime(TIME_FORMAT, $row->document_published)), $item); $item = str_replace('[tag:docauthor]', get_username_by_id($row->document_author_id), $item); $item = str_replace('[tag:docviews]', $row->document_count_view, $item); $item = str_replace('[tag:doccomments]', isset($row->nums) ? $row->nums : '', $item); $items .= $item; } $main_template = str_replace('[tag:pages]', $page_nav, $main_template); $main_template = str_replace('[tag:doctotal]', $seiten * $q->NumRows(), $main_template); $main_template = str_replace('[tag:pagetitle]', $AVE_DB->Query("SELECT document_title FROM " . PREFIX . "_documents WHERE Id = '" . $AVE_Core->curentdoc->Id . "' ")->GetCell(), $main_template); $main_template = str_replace('[tag:docid]', $AVE_Core->curentdoc->Id, $main_template); $main_template = str_replace('[tag:docdate]', pretty_date(strftime(DATE_FORMAT, $AVE_Core->curentdoc->document_published)), $main_template); $main_template = str_replace('[tag:doctime]', pretty_date(strftime(TIME_FORMAT, $AVE_Core->curentdoc->document_published)), $main_template); $main_template = str_replace('[tag:docauthor]', get_username_by_id($AVE_Core->curentdoc->document_author_id), $main_template); $main_template = preg_replace('/\\[tag:dropdown:([,0-9]+)\\]/e', "request_get_dropdown(\"\$1\", " . $row_ab->rubric_id . ", " . $row_ab->Id . ");", $main_template); $return = str_replace('[tag:content]', $items, $main_template); $return = str_replace('[tag:path]', ABS_PATH, $return); $return = str_replace('[tag:mediapath]', ABS_PATH . 'templates/' . THEME_FOLDER . '/', $return); $return = $AVE_Core->coreModuleTagParse($return); } return $return; }
/** * Функция получения содержимого поля для обработки в шаблоне рубрики * * @param int $field_id идентификатор поля, для [tag:fld:12] $field_id = 12 * @param int $length необязательный параметр, * количество возвращаемых символов содержимого поля. * если данный параметр указать со знаком минус * содержимое поля будет очищено от HTML-тегов. * @return string */ function document_get_field_value($field_id, $length = 0) { if (!is_numeric($field_id)) { return ''; } $document_fields = get_document_fields(get_current_document_id()); $field_value = trim($document_fields[$field_id]['field_value']); if ($field_value != '') { $field_value = strip_tags($field_value, "<br /><strong><em><p><i>"); if (is_numeric($length) && $length != 0) { if ($length < 0) { $field_value = strip_tags($field_value); $field_value = preg_replace('/ +/', ' ', $field_value); $field_value = trim($field_value); $length = abs($length); } $field_value = truncate_text($field_value, $length, '…', true); } } return $field_value; }
} $AVE_Template = new AVE_Template(BASE_DIR . '/templates/' . DEFAULT_THEME_FOLDER); if (!isset($_REQUEST['sub'])) { $_REQUEST['sub'] = ''; } require BASE_DIR . '/class/class.core.php'; $AVE_Core = new AVE_Core(); if (empty($_REQUEST['module'])) { $AVE_Core->coreUrlParse($_SERVER['REQUEST_URI']); } if (!empty($_REQUEST['revission'])) { $res = $AVE_DB->Query("SELECT doc_data FROM " . PREFIX . "_document_rev WHERE doc_id='" . (int) $_REQUEST['id'] . "' AND doc_revision='" . (int) $_REQUEST['revission'] . "' LIMIT 1")->GetCell(); $res = @unserialize($res); $flds = get_document_fields((int) $_REQUEST['id'], $res); } $AVE_Core->coreSiteFetch(get_current_document_id()); $content = ob_get_clean(); //file_put_contents(BASE_DIR.'/cache/doc-'.$_REQUEST['id'].'.html',$content); ob_start(); eval('?>' . $content . '<?'); $cont = ob_get_clean(); $rubheader = empty($GLOBALS["user_header"]) ? "" : implode(chr(10), $GLOBALS["user_header"]); $cont = str_replace('[tag:rubheader]', $rubheader, $cont); if (isset($_REQUEST['id']) and $_REQUEST['id'] == PAGE_NOT_FOUND_ID) { report404("<strong class=\"code_red\">404 ERROR:</strong> " . "<br />" . "<strong class=\"code\">HTTP_USER_AGENT</strong> - " . $_SERVER['HTTP_USER_AGENT'] . "<br />" . "<strong class=\"code\">HTTP_REFERER</strong> - " . @$_SERVER['HTTP_REFERER'] . "<br />" . "<strong class=\"code\">REQUEST_URI</strong> - " . $_SERVER['REQUEST_URI'], 2, 2); header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found', true); } if (isset($_REQUEST['apage']) && is_numeric($_REQUEST['apage']) && $_REQUEST['apage'] > $GLOBALS['page_id'][$_REQUEST['id']]['apage'] or isset($_REQUEST['page']) && is_numeric($_REQUEST['page']) && $_REQUEST['page'] > $GLOBALS['page_id'][$_REQUEST['id']]['page'] or isset($_REQUEST['artpage']) && is_numeric($_REQUEST['artpage']) && $_REQUEST['artpage'] > $GLOBALS['page_id'][$_REQUEST['id']]['artpage']) { if ($_REQUEST['id'] == 1) { header('Location:' . ABS_PATH); } else {
/** * Ссылка на страницу версии для печати * * @return string ссылка */ function get_print_link() { /* $link = get_redirect_link('print'); $link .= (strpos($link, '?')===false ? '?print=1' : '&print=1'); */ /* Временное решение */ $link = ABS_PATH . "index.php?id=" . get_current_document_id() . "&print=1"; return $link; }