function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
if (!osc_users_enabled()) {
osc_add_flash_error_message(_m('Users are not enabled'));
$this->redirectTo(osc_base_url());
}
osc_csrf_check();
osc_run_hook('before_validating_login');
// e-mail or/and password is/are empty or incorrect
$wrongCredentials = false;
$email = Params::getParam('email');
$password = Params::getParam('password', false, false);
if ($email == '') {
osc_add_flash_error_message(_m('Please provide an email address'));
$wrongCredentials = true;
}
if ($password == '') {
osc_add_flash_error_message(_m('Empty passwords are not allowed. Please provide a password'));
$wrongCredentials = true;
}
if ($wrongCredentials) {
$this->redirectTo(osc_user_login_url());
}
if (osc_validate_email($email)) {
$user = User::newInstance()->findByEmail($email);
}
if (empty($user)) {
$user = User::newInstance()->findByUsername($email);
}
if (empty($user)) {
osc_add_flash_error_message(_m("The user doesn't exist"));
$this->redirectTo(osc_user_login_url());
}
if (!osc_verify_password($password, isset($user['s_password']) ? $user['s_password'] : '')) {
osc_add_flash_error_message(_m('The password is incorrect'));
$this->redirectTo(osc_user_login_url());
// @TODO if valid user, send email parameter back to the login form
} else {
if (@$user['s_password'] != '') {
if (preg_match('|\\$2y\\$([0-9]{2})\\$|', $user['s_password'], $cost)) {
if ($cost[1] != BCRYPT_COST) {
User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
}
} else {
User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
}
}
}
// e-mail or/and IP is/are banned
$banned = osc_is_banned($email);
// int 0: not banned or unknown, 1: email is banned, 2: IP is banned, 3: both email & IP are banned
if ($banned & 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
}
if ($banned & 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
}
if ($banned !== 0) {
$this->redirectTo(osc_user_login_url());
}
osc_run_hook('before_login');
$url_redirect = osc_get_http_referer();
$page_redirect = '';
if (osc_rewrite_enabled()) {
if ($url_redirect != '') {
$request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $url_redirect));
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
$rules = Rewrite::newInstance()->listRules();
foreach ($rules as $match => $uri) {
if (preg_match('#' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
$page_redirect = $match[2];
if ($page_redirect == '' || $page_redirect == 'login') {
$url_redirect = osc_user_dashboard_url();
}
}
break;
}
}
}
}
require_once LIB_PATH . 'osclass/UserActions.php';
$uActions = new UserActions(false);
$logged = $uActions->bootstrap_login($user['pk_i_id']);
if ($logged == 0) {
osc_add_flash_error_message(_m("The user doesn't exist"));
} else {
if ($logged == 1) {
if (time() - strtotime($user['dt_access_date']) > 1200) {
// EACH 20 MINUTES
osc_add_flash_error_message(sprintf(_m('The user has not been validated yet. Would you like to re-send your <a href="%s">activation?</a>'), osc_user_resend_activation_link($user['pk_i_id'], $user['s_email'])));
} else {
osc_add_flash_error_message(_m('The user has not been validated yet'));
}
} else {
if ($logged == 2) {
osc_add_flash_error_message(_m('The user has been suspended'));
} else {
if ($logged == 3) {
if (Params::getParam('remember') == 1) {
//this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
Cookie::newInstance()->push('oc_userSecret', $secret);
Cookie::newInstance()->set();
}
if ($url_redirect == '') {
$url_redirect = osc_user_dashboard_url();
}
osc_run_hook("after_login", $user, $url_redirect);
$this->redirectTo(osc_apply_filter('correct_login_url_redirect', $url_redirect));
} else {
osc_add_flash_error_message(_m('This should never happen'));
}
}
}
}
if (!$user['b_enabled']) {
$this->redirectTo(osc_user_login_url());
}
$this->redirectTo(osc_user_login_url());
break;
case 'resend':
$id = Params::getParam('id');
$email = Params::getParam('email');
$user = User::newInstance()->findByPrimaryKey($id);
if ($id == '' || $email == '' || !isset($user) || $user['b_active'] == 1 || $email != $user['s_email']) {
osc_add_flash_error_message(_m('Incorrect link'));
$this->redirectTo(osc_user_login_url());
}
if (time() - strtotime($user['dt_access_date']) > 1200) {
// EACH 20 MINUTES
if (osc_notify_new_user()) {
osc_run_hook('hook_email_admin_new_user', $user);
}
if (osc_user_validation_enabled()) {
osc_run_hook('hook_email_user_validation', $user, $user);
}
User::newInstance()->update(array('dt_access_date' => date('Y-m-d H:i:s')), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('Validation email re-sent'));
} else {
osc_add_flash_warning_message(_m('We have just sent you an email to validate your account, you will have to wait a few minutes to resend it again'));
}
$this->redirectTo(osc_user_login_url());
break;
case 'recover':
//form to recover the password (in this case we have the form in /gui/)
$this->doView('user-recover.php');
break;
case 'recover_post':
//post execution to recover the password
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
// e-mail is incorrect
if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
osc_add_flash_error_message(_m('Invalid email address'));
$this->redirectTo(osc_recover_user_password_url());
}
$userActions = new UserActions(false);
$success = $userActions->recover_password();
switch ($success) {
case 0:
// recover ok
osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
$this->redirectTo(osc_base_url());
break;
case 1:
// e-mail does not exist
osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
$this->redirectTo(osc_recover_user_password_url());
break;
case 2:
// recaptcha wrong
osc_add_flash_error_message(_m('The recaptcha code is wrong'));
$this->redirectTo(osc_recover_user_password_url());
break;
}
break;
case 'forgot':
//form to recover the password (in this case we have the form in /gui/)
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
$this->doView('user-forgot_password.php');
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'forgot_post':
osc_csrf_check();
if (Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user['b_enabled'] == 1) {
if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) {
User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => Params::getServerParam('REMOTE_ADDR'), 's_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('The password has been changed'));
$this->redirectTo(osc_user_login_url());
} else {
osc_add_flash_error_message(_m("Error, the password don't match"));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
}
$this->redirectTo(osc_base_url());
break;
default:
//login
Session::newInstance()->_setReferer(osc_get_http_referer());
if (osc_logged_user_id() != '') {
$this->redirectTo(osc_user_dashboard_url());
}
$this->doView('user-login.php');
}
}
function doModel()
{
switch ($this->action) {
case 'advanced':
//calling the advanced settings view
$this->doView('settings/advanced.php');
break;
case 'advanced_post':
// updating advanced settings
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=advanced');
}
osc_csrf_check();
$subdomain_type = Params::getParam('e_type');
if (!in_array($subdomain_type, array('category', 'country', 'region', 'city', 'user'))) {
$subdomain_type = '';
}
$iUpdated = osc_set_preference('subdomain_type', $subdomain_type);
$iUpdated += osc_set_preference('subdomain_host', Params::getParam('s_host'));
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m("Advanced settings have been updated"), 'admin');
}
osc_calculate_location_slug(osc_subdomain_type());
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=advanced');
break;
case 'advanced_cache_flush':
osc_cache_flush();
osc_add_flash_ok_message(_m("Cache flushed correctly"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=advanced');
break;
}
}
function __construct()
{
parent::__construct();
// check if is moderator and can enter to this page
if ($this->isModerator()) {
if (!in_array($this->page, array('items', 'comments', 'media', 'login', 'admins', 'ajax', 'stats', ''))) {
osc_add_flash_error_message(_m("You don't have enough permissions"), 'admin');
$this->redirectTo(osc_admin_base_url());
}
}
osc_run_hook('init_admin');
// check if exist a new version each day
if (time() - osc_last_version_check() > 24 * 3600) {
$data = osc_file_get_contents('http://osclass.org/latest_version.php?callback=?');
$data = preg_replace('|^\\?\\((.*?)\\);$|', '$01', $data);
$json = json_decode($data);
if ($json->version > osc_version()) {
osc_set_preference('update_core_json', $data);
} else {
osc_set_preference('update_core_json', '');
}
osc_set_preference('last_version_check', time());
osc_reset_preferences();
}
$config_version = str_replace('.', '', OSCLASS_VERSION);
$config_version = preg_replace('|-.*|', '', $config_version);
if ($config_version > Preference::newInstance()->get('version')) {
if (get_class($this) == 'CAdminTools') {
} else {
if (get_class($this) != 'CAdminUpgrade') {
$this->redirectTo(osc_admin_base_url(true) . '?page=upgrade');
}
}
}
// show messages subscribed
$status_subscribe = Params::getParam('subscribe_osclass');
if ($status_subscribe != '') {
switch ($status_subscribe) {
case -1:
osc_add_flash_error_message(_m('Entered an invalid email'), 'admin');
break;
case 0:
osc_add_flash_warning_message(_m("You're already subscribed"), 'admin');
break;
case 1:
osc_add_flash_ok_message(_m('Subscribed correctly'), 'admin');
break;
default:
osc_add_flash_warning_message(_m("Error subscribing"), 'admin');
break;
}
}
// show donation successful
if (Params::getParam('donation') == 'successful') {
osc_add_flash_ok_message(_m('Thank you very much for your donation'), 'admin');
}
}
function doModel()
{
switch ($this->action) {
case 'mailserver':
// calling the mailserver view
$this->doView('settings/mailserver.php');
break;
case 'mailserver_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=mailserver');
}
osc_csrf_check();
// updating mailserver
$iUpdated = 0;
$mailserverAuth = Params::getParam('mailserver_auth');
$mailserverAuth = $mailserverAuth != '' ? true : false;
$mailserverPop = Params::getParam('mailserver_pop');
$mailserverPop = $mailserverPop != '' ? true : false;
$mailserverType = Params::getParam('mailserver_type');
$mailserverHost = Params::getParam('mailserver_host');
$mailserverPort = Params::getParam('mailserver_port');
$mailserverUsername = Params::getParam('mailserver_username');
$mailserverPassword = Params::getParam('mailserver_password', false, false);
$mailserverSsl = Params::getParam('mailserver_ssl');
$mailserverMailFrom = Params::getParam('mailserver_mail_from');
$mailserverNameFrom = Params::getParam('mailserver_name_from');
if (!in_array($mailserverType, array('custom', 'gmail'))) {
osc_add_flash_error_message(_m('Mail server type is incorrect'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=mailserver');
}
$iUpdated += osc_set_preference('mailserver_auth', $mailserverAuth);
$iUpdated += osc_set_preference('mailserver_pop', $mailserverPop);
$iUpdated += osc_set_preference('mailserver_type', $mailserverType);
$iUpdated += osc_set_preference('mailserver_host', $mailserverHost);
$iUpdated += osc_set_preference('mailserver_port', $mailserverPort);
$iUpdated += osc_set_preference('mailserver_username', $mailserverUsername);
$iUpdated += osc_set_preference('mailserver_password', $mailserverPassword);
$iUpdated += osc_set_preference('mailserver_ssl', $mailserverSsl);
$iUpdated += osc_set_preference('mailserver_mail_from', $mailserverMailFrom);
$iUpdated += osc_set_preference('mailserver_name_from', $mailserverNameFrom);
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m('Mail server configuration has changed'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=mailserver');
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'add':
$this->doView("plugins/add.php");
break;
case 'add_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
$package = Params::getFiles("package");
if (isset($package['size']) && $package['size'] != 0) {
$path = osc_plugins_path();
(int) ($status = osc_unzip_file($package['tmp_name'], $path));
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The plugin folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
$msg = _m('The plugin has been uploaded correctly');
osc_add_flash_ok_message($msg, 'admin');
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the plugin');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'install':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
$pn = Params::getParam('plugin');
// set header just in case it's triggered some fatal error
header("Location: " . osc_admin_base_url(true) . "?page=plugins&error=" . $pn, true, '302');
$installed = Plugins::install($pn);
if (is_array($installed)) {
switch ($installed['error_code']) {
case 'error_output':
osc_add_flash_error_message(sprintf(_m('The plugin generated %d characters of <strong>unexpected output</strong> during the installation'), strlen($installed['output'])), 'admin');
break;
case 'error_installed':
osc_add_flash_error_message(_m('Plugin is already installed'), 'admin');
break;
case 'error_file':
osc_add_flash_error_message(_m("Plugin couldn't be installed because their files are missing"), 'admin');
break;
case 'custom_error':
osc_add_flash_error_message(sprintf(_m("Plugin couldn't be installed because of: %s"), $installed['msg']), 'admin');
break;
default:
osc_add_flash_error_message(_m("Plugin couldn't be installed"), 'admin');
break;
}
} else {
osc_add_flash_ok_message(_m('Plugin installed'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'uninstall':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
if (Plugins::uninstall(Params::getParam("plugin"))) {
osc_add_flash_ok_message(_m('Plugin uninstalled'), 'admin');
} else {
osc_add_flash_error_message(_m("Plugin couldn't be uninstalled"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'enable':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
if (Plugins::activate(Params::getParam('plugin'))) {
osc_add_flash_ok_message(_m('Plugin enabled'), 'admin');
} else {
osc_add_flash_error_message(_m('Plugin is already enabled'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'disable':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
if (Plugins::deactivate(Params::getParam('plugin'))) {
osc_add_flash_ok_message(_m('Plugin disabled'), 'admin');
} else {
osc_add_flash_error_message(_m('Plugin is already disabled'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
break;
case 'admin':
$plugin = Params::getParam("plugin");
if ($plugin != "") {
Plugins::runHook($plugin . '_configure');
}
break;
case 'admin_post':
Plugins::runHook('admin_post');
case 'renderplugin':
$file = Params::getParam("file");
if ($file != "") {
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
//$_GET[$get_vars[1][$var_k]] = $get_vars[2][$var_k];
//$_REQUEST[$get_vars[1][$var_k]] = $get_vars[2][$var_k];
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = $_REQUEST['file'];
}
$this->_exportVariableToView("file", osc_plugins_path() . $file);
//osc_renderPluginView($file);
$this->doView("plugins/view.php");
}
break;
case 'render':
$file = Params::getParam("file");
if ($file != "") {
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = $_REQUEST['file'];
}
$this->_exportVariableToView("file", ABS_PATH . $file);
$this->doView("theme/view.php");
}
break;
case 'configure':
$plugin = Params::getParam("plugin");
if ($plugin != '') {
$plugin_data = Plugins::getInfo($plugin);
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->_exportVariableToView("selected", PluginCategory::newInstance()->listSelected($plugin_data['short_name']));
$this->_exportVariableToView("plugin_data", $plugin_data);
$this->doView("plugins/configuration.php");
} else {
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
}
break;
case 'configure_post':
$plugin_short_name = Params::getParam("plugin_short_name");
$categories = Params::getParam("categories");
if ($plugin_short_name != "") {
Plugins::cleanCategoryFromPlugin($plugin_short_name);
if (isset($categories)) {
Plugins::addToCategoryPlugin($categories, $plugin_short_name);
}
} else {
osc_add_flash_error_message(_m('No plugin selected'), 'admin');
$this->doView("plugins/index.php");
}
osc_add_flash_ok_message(_m('Configuration was saved'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'error_plugin':
// force php errors and simulate plugin installation to show the errors in the iframe
if (!OSC_DEBUG) {
error_reporting(E_ALL | E_STRICT);
}
@ini_set('display_errors', 1);
include osc_plugins_path() . Params::getParam('plugin');
Plugins::install(Params::getParam('plugin'));
exit;
break;
default:
$this->_exportVariableToView("plugins", Plugins::listAll());
$this->doView("plugins/index.php");
}
}
function doModel()
{
switch ($this->action) {
case 'dashboard':
//dashboard...
$max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
$aItems = Item::newInstance()->findByUserIDEnabled(osc_logged_user_id(), 0, $max_items);
//calling the view...
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('max_items', $max_items);
$this->doView('user-dashboard.php');
break;
case 'profile':
//profile...
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($user['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
} elseif (count($aCountries) > 0) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
$aCities = array();
if ($user['fk_i_region_id'] != '') {
$aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
}
//calling the view...
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('user', $user);
$this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
$this->doView('user-profile.php');
break;
case 'profile_post':
//profile post...
osc_csrf_check();
$userId = Session::newInstance()->_get('userId');
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->edit($userId);
if ($success == 1 || $success == 2) {
osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
} else {
osc_add_flash_error_message($success);
}
$this->redirectTo(osc_user_profile_url());
break;
case 'alerts':
//alerts
$aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'), false);
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
foreach ($aAlerts as $k => $a) {
$array_conditions = (array) json_decode($a['s_search']);
// $search = Search::newInstance();
$search = new Search();
$search->setJsonAlert($array_conditions);
$search->limit(0, 3);
$aAlerts[$k]['items'] = $search->doSearch();
}
$this->_exportVariableToView('alerts', $aAlerts);
View::newInstance()->_reset('alerts');
$this->_exportVariableToView('user', $user);
$this->doView('user-alerts.php');
break;
case 'change_email':
//change email
$this->doView('user-change_email.php');
break;
case 'change_email_post':
//change email post
osc_csrf_check();
if (!osc_validate_email(Params::getParam('new_email'))) {
osc_add_flash_error_message(_m('The specified e-mail is not valid'));
$this->redirectTo(osc_change_user_email_url());
} else {
$user = User::newInstance()->findByEmail(Params::getParam('new_email'));
if (!isset($user['pk_i_id'])) {
$userEmailTmp = array();
$userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
$userEmailTmp['s_new_email'] = Params::getParam('new_email');
UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
$code = osc_genRandomPassword(30);
$date = date('Y-m-d H:i:s');
$userManager = new User();
$userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
$validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified e-mail is already in use'));
$this->redirectTo(osc_change_user_email_url());
}
}
break;
case 'change_username':
//change username
$this->doView('user-change_username.php');
break;
case 'change_username_post':
//change username
$username = osc_sanitize_username(Params::getParam('s_username'));
osc_run_hook('before_username_change', Session::newInstance()->_get('userId'), $username);
if ($username != '') {
$user = User::newInstance()->findByUsername($username);
if (isset($user['s_username'])) {
osc_add_flash_error_message(_m('The specified username is already in use'));
} else {
if (!osc_is_username_blacklisted($username)) {
User::newInstance()->update(array('s_username' => $username), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('The username was updated'));
osc_run_hook('after_username_change', Session::newInstance()->_get('userId'), Params::getParam('s_username'));
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified username is not valid, it contains some invalid words'));
}
}
} else {
osc_add_flash_error_message(_m('The specified username could not be empty'));
}
$this->redirectTo(osc_change_user_username_url());
break;
case 'change_password':
//change password
$this->doView('user-change_password.php');
break;
case 'change_password_post':
//change password post
osc_csrf_check();
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_change_user_password_url());
}
if (!osc_verify_password(Params::getParam('password', false, false), $user['s_password'])) {
osc_add_flash_error_message(_m("Current password doesn't match"));
$this->redirectTo(osc_change_user_password_url());
}
if (!Params::getParam('new_password', false, false)) {
osc_add_flash_error_message(_m("Passwords can't be empty"));
$this->redirectTo(osc_change_user_password_url());
}
if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) {
osc_add_flash_error_message(_m("Passwords don't match"));
$this->redirectTo(osc_change_user_password_url());
}
User::newInstance()->update(array('s_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('Password has been changed'));
$this->redirectTo(osc_user_profile_url());
break;
case 'items':
// view items user
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10;
$page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0;
$itemType = Params::getParam('itemType');
$total_items = Item::newInstance()->countItemTypesByUserID(osc_logged_user_id(), $itemType);
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findItemTypesByUserID(osc_logged_user_id(), $page * $itemsPerPage, $itemsPerPage, $itemType);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('search_total_pages', $total_pages);
$this->_exportVariableToView('search_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('items_type', $itemType);
$this->_exportVariableToView('search_page', $page);
$this->doView('user-items.php');
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator'));
}
$this->redirectTo(osc_base_url());
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$alert = Alerts::newInstance()->findByPrimaryKey($id);
$result = 0;
if (!empty($alert)) {
if ($email == $alert['s_email'] && $secret == $alert['s_secret']) {
$result = Alerts::newInstance()->unsub($id);
}
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator'));
}
$this->redirectTo(osc_user_alerts_url());
break;
case 'delete':
$id = Params::getParam('id');
$secret = Params::getParam('secret');
if (osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
View::newInstance()->_exportVariableToView('user', $user);
if (!empty($user) && osc_logged_user_id() == $id && $secret == $user['s_secret']) {
User::newInstance()->deleteUser(osc_logged_user_id());
Session::newInstance()->_drop('userId');
Session::newInstance()->_drop('userName');
Session::newInstance()->_drop('userEmail');
Session::newInstance()->_drop('userPhone');
Cookie::newInstance()->pop('oc_userId');
Cookie::newInstance()->pop('oc_userSecret');
Cookie::newInstance()->set();
osc_add_flash_ok_message(_m("Your account have been deleted"));
$this->redirectTo(osc_base_url());
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_user_dashboard_url());
}
} else {
osc_add_flash_error_message(_m("Oops! you can not do that"));
$this->redirectTo(osc_base_url());
}
break;
}
}
function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
if (!osc_users_enabled()) {
osc_add_flash_error_message(_m('Users are not enabled'));
$this->redirectTo(osc_base_url());
}
require_once LIB_PATH . 'osclass/UserActions.php';
$user = User::newInstance()->findByEmail(Params::getParam('email'));
$url_redirect = osc_user_dashboard_url();
$page_redirect = '';
if (osc_rewrite_enabled()) {
if (isset($_SERVER['HTTP_REFERER'])) {
$request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $_SERVER['HTTP_REFERER']));
$tmp_ar = explode("?", $request_uri);
$request_uri = $tmp_ar[0];
$rules = Rewrite::newInstance()->listRules();
foreach ($rules as $match => $uri) {
if (preg_match('#' . $match . '#', $request_uri, $m)) {
$request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
$page_redirect = $match[2];
}
break;
}
}
}
} else {
if (preg_match('|[\\?&]page=([^&]+)|', $_SERVER['HTTP_REFERER'] . '&', $match)) {
$page_redirect = $match[1];
}
}
if (Params::getParam('http_referer') != '') {
Session::newInstance()->_setReferer(Params::getParam('http_referer'));
$url_redirect = Params::getParam('http_referer');
} else {
if (Session::newInstance()->_getReferer() != '') {
Session::newInstance()->_setReferer(Session::newInstance()->_getReferer());
$url_redirect = Session::newInstance()->_getReferer();
} else {
if ($page_redirect != '' && $page_redirect != 'login') {
Session::newInstance()->_setReferer($_SERVER['HTTP_REFERER']);
$url_redirect = $_SERVER['HTTP_REFERER'];
}
}
}
if (!$user) {
osc_add_flash_error_message(_m('The username doesn\'t exist'));
$this->redirectTo(osc_user_login_url());
}
if ($user["s_password"] != sha1(Params::getParam('password'))) {
osc_add_flash_error_message(_m('The password is incorrect'));
$this->redirectTo(osc_user_login_url());
}
$uActions = new UserActions(false);
$logged = $uActions->bootstrap_login($user['pk_i_id']);
if ($logged == 0) {
osc_add_flash_error_message(_m('The username doesn\'t exist'));
} else {
if ($logged == 1) {
osc_add_flash_error_message(_m('The user has not been validated yet'));
} else {
if ($logged == 2) {
osc_add_flash_error_message(_m('The user has been suspended'));
} else {
if ($logged == 3) {
if (Params::getParam('remember') == 1) {
//this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
Cookie::newInstance()->push('oc_userSecret', $secret);
Cookie::newInstance()->set();
}
$this->redirectTo($url_redirect);
} else {
osc_add_flash_error_message(_m('This should never happens'));
}
}
}
}
if (!$user['b_enabled']) {
$this->redirectTo(osc_user_login_url());
}
$this->redirectTo(osc_user_login_url());
break;
case 'recover':
//form to recover the password (in this case we have the form in /gui/)
$this->doView('user-recover.php');
break;
case 'recover_post':
//post execution to recover the password
require_once LIB_PATH . 'osclass/UserActions.php';
// e-mail is incorrect
if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
osc_add_flash_error_message(_m('Invalid email address'));
$this->redirectTo(osc_recover_user_password_url());
}
$userActions = new UserActions(false);
$success = $userActions->recover_password();
switch ($success) {
case 0:
// recover ok
osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
$this->redirectTo(osc_base_url());
break;
case 1:
// e-mail does not exist
osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
$this->redirectTo(osc_recover_user_password_url());
break;
case 2:
// recaptcha wrong
osc_add_flash_error_message(_m('The recaptcha code is wrong'));
$this->redirectTo(osc_recover_user_password_url());
break;
}
break;
case 'forgot':
//form to recover the password (in this case we have the form in /gui/)
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user) {
$this->doView('user-forgot_password.php');
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'forgot_post':
if (Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
$user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
if ($user['b_enabled'] == 1) {
if (Params::getParam('new_password') == Params::getParam('new_password2')) {
User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => $_SERVER['REMOTE_ADDR'], 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $user['pk_i_id']));
osc_add_flash_ok_message(_m('The password has been changed'));
$this->redirectTo(osc_user_login_url());
} else {
osc_add_flash_error_message(_m('Error, the password don\'t match'));
$this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
}
$this->redirectTo(osc_base_url());
break;
default:
//login
if (osc_logged_user_id() != '') {
$this->redirectTo(osc_user_dashboard_url());
}
$this->doView('user-login.php');
}
}
public static function ajaxPayment()
{
$status = self::processPayment();
$data = payment_get_custom(Params::getParam('extra'));
$product_type = explode('x', $data['product']);
if ($status == PAYMENT_COMPLETED) {
osc_add_flash_ok_message(sprintf(__('Success! Please write down this transaction ID in case you have any problem: %s', 'payment'), Params::getParam('stripe_transaction_id')));
if ($product_type[0] == 101) {
$item = Item::newInstance()->findByPrimaryKey($product_type[2]);
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
View::newInstance()->_exportVariableToView('category', $category);
payment_js_redirect_to(osc_search_category_url());
} else {
if ($product_type[0] == 201) {
if (osc_is_web_user_logged_in()) {
payment_js_redirect_to(osc_route_url('payment-user-menu'));
} else {
View::newInstance()->_exportVariableToView('item', Item::newInstance()->findByPrimaryKey($product_type[2]));
payment_js_redirect_to(osc_item_url());
}
} else {
if (osc_is_web_user_logged_in()) {
payment_js_redirect_to(osc_route_url('payment-user-pack'));
} else {
// THIS SHOULD NOT HAPPEN
payment_js_redirect_to(osc_base_path());
}
}
}
} else {
if ($status == PAYMENT_ALREADY_PAID) {
osc_add_flash_warning_message(__('Warning! This payment was already paid', 'payment'));
} else {
osc_add_flash_error_message(_e('There were an error processing your payment', 'payment'));
}
if ($product_type[0] == 301) {
if (osc_is_web_user_logged_in()) {
payment_js_redirect_to(osc_route_url('payment-user-pack'));
} else {
// THIS SHOULD NOT HAPPEN
payment_js_redirect_to(osc_base_path());
}
} else {
if (osc_is_web_user_logged_in()) {
payment_js_redirect_to(osc_route_url('payment-user-menu'));
} else {
View::newInstance()->_exportVariableToView('item', Item::newInstance()->findByPrimaryKey($product_type[2]));
payment_js_redirect_to(osc_item_url());
}
}
}
}
function doModel()
{
switch ($this->action) {
case 'logout':
// unset only the required parameters in Session
osc_run_hook('logout_admin');
$this->logout();
$this->redirectTo(osc_admin_base_url(true));
break;
default:
//default dashboard page (main page at oc-admin)
$this->_exportVariableToView("numItemsPerCategory", osc_get_non_empty_categories());
$this->_exportVariableToView("numUsers", User::newInstance()->count());
$this->_exportVariableToView("numItems", Item::newInstance()->count());
// stats
$items = array();
$stats_items = Stats::newInstance()->new_items_count(date('Y-m-d H:i:s', mktime(0, 0, 0, date("m"), date("d") - 10, date("Y"))), 'day');
for ($k = 10; $k >= 0; $k--) {
$items[date('Y-m-d', mktime(0, 0, 0, date("m"), date("d") - $k, date("Y")))] = 0;
}
foreach ($stats_items as $item) {
$items[$item['d_date']] = $item['num'];
}
$users = array();
$stats_users = Stats::newInstance()->new_users_count(date('Y-m-d H:i:s', mktime(0, 0, 0, date("m"), date("d") - 10, date("Y"))), 'day');
for ($k = 10; $k >= 0; $k--) {
$users[date('Y-m-d', mktime(0, 0, 0, date("m"), date("d") - $k, date("Y")))] = 0;
}
foreach ($stats_users as $user) {
$users[$user['d_date']] = $user['num'];
}
if (function_exists('disk_free_space')) {
$freedisk = @disk_free_space(osc_uploads_path());
if ($freedisk !== false && $freedisk < 52428800) {
//52428800 = 50*1024*1024
osc_add_flash_error_message(_m('You have very few free space left, users will not be able to upload pictures'), 'admin');
}
}
// show messages subscribed
$status_subscribe = Params::getParam('subscribe_osclass');
if ($status_subscribe != '') {
switch ($status_subscribe) {
case -1:
osc_add_flash_error_message(_m('Entered an invalid email'), 'admin');
break;
case 0:
osc_add_flash_warning_message(_m("You're already subscribed"), 'admin');
break;
case 1:
osc_add_flash_ok_message(_m('Subscribed correctly'), 'admin');
break;
default:
osc_add_flash_warning_message(_m("Error subscribing"), 'admin');
break;
}
}
$this->_exportVariableToView("item_stats", $items);
$this->_exportVariableToView("user_stats", $users);
//calling the view...
$this->doView('main/index.php');
}
}
function doModel()
{
parent::doModel();
switch ($this->action) {
case 'import':
// calling import view
$this->doView('tools/import.php');
break;
case 'import_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=import');
}
// calling
$sql = Params::getFiles('sql');
if (isset($sql['size']) && $sql['size'] != 0) {
$content_file = file_get_contents($sql['tmp_name']);
$conn = DBConnectionClass::newInstance();
$c_db = $conn->getOsclassDb();
$comm = new DBCommandClass($c_db);
if ($comm->importSQL($content_file)) {
osc_add_flash_ok_message(_m('Import complete'), 'admin');
} else {
osc_add_flash_error_message(_m('There was a problem importing data to the database'), 'admin');
}
} else {
osc_add_flash_warning_message(_m('No file was uploaded'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=import');
break;
case 'images':
// calling images view
$this->doView('tools/images.php');
break;
case 'images_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=images');
}
$preferences = Preference::newInstance()->toArray();
$wat = new Watermark();
$aResources = ItemResource::newInstance()->getAllResources();
foreach ($aResources as $resource) {
osc_run_hook('regenerate_image', $resource);
$path = osc_content_path() . 'uploads/';
// comprobar que no haya original
$img_original = $path . $resource['pk_i_id'] . "_original*";
$aImages = glob($img_original);
// there is original image
if (count($aImages) == 1) {
$image_tmp = $aImages[0];
} else {
$img_normal = $path . $resource['pk_i_id'] . ".*";
$aImages = glob($img_normal);
if (count($aImages) == 1) {
$image_tmp = $aImages[0];
} else {
$img_thumbnail = $path . $resource['pk_i_id'] . "_thumbnail*";
$aImages = glob($img_thumbnail);
$image_tmp = $aImages[0];
}
}
// extension
preg_match('/\\.(.*)$/', $image_tmp, $matches);
if (isset($matches[1])) {
$extension = $matches[1];
// Create normal size
$path_normal = $path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '.jpg';
$size = explode('x', osc_normal_dimensions());
ImageResizer::fromFile($image_tmp)->resizeTo($size[0], $size[1])->saveToFile($path);
if (osc_is_watermark_text()) {
$wat->doWatermarkText($path, osc_watermark_text_color(), osc_watermark_text(), 'image/jpeg');
} elseif (osc_is_watermark_image()) {
$wat->doWatermarkImage($path, 'image/jpeg');
}
// Create preview
$path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '_preview.jpg';
$size = explode('x', osc_preview_dimensions());
ImageResizer::fromFile($path_normal)->resizeTo($size[0], $size[1])->saveToFile($path);
// Create thumbnail
$path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '_thumbnail.jpg';
$size = explode('x', osc_thumbnail_dimensions());
ImageResizer::fromFile($path_normal)->resizeTo($size[0], $size[1])->saveToFile($path);
// update resource info
ItemResource::newInstance()->update(array('s_path' => 'oc-content/uploads/', 's_name' => osc_genRandomPassword(), 's_extension' => 'jpg', 's_content_type' => 'image/jpeg'), array('pk_i_id' => $resource['pk_i_id']));
osc_run_hook('regenerated_image', ItemResource::newInstance()->findByPrimaryKey($resource['pk_i_id']));
// si extension es direfente a jpg, eliminar las imagenes con $extension si hay
if ($extension != 'jpg') {
$files_to_remove = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . "*" . $extension;
$fs = glob($files_to_remove);
if (is_array($fs)) {
array_map("unlink", $fs);
}
}
// ....
} else {
// no es imagen o imagen sin extesión
}
}
osc_add_flash_ok_message(_m('Re-generation complete'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=images');
break;
case 'category':
$this->doView('tools/category.php');
break;
case 'category_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=category');
}
osc_update_cat_stats();
osc_add_flash_ok_message(_m("Recount category stats has been successful"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=category');
break;
case 'locations':
$this->doView('tools/locations.php');
break;
case 'locations_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=locations');
}
$workToDo = LocationsTmp::newInstance()->count();
if ($workToDo > 0) {
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=locations');
break;
}
// we need populate location tmp table
$aCountry = Country::newInstance()->listAll();
foreach ($aCountry as $country) {
$aRegionsCountry = Region::newInstance()->getByCountry($country['pk_c_code']);
LocationsTmp::newInstance()->insert(array('id_location' => $country['pk_c_code'], 'e_type' => 'COUNTRY'));
foreach ($aRegionsCountry as $region) {
$aCitiesRegion = City::newInstance()->getByRegion($region['pk_i_id']);
LocationsTmp::newInstance()->insert(array('id_location' => $region['pk_i_id'], 'e_type' => 'REGION'));
foreach ($aCitiesRegion as $city) {
LocationsTmp::newInstance()->insert(array('id_location' => $city['pk_i_id'], 'e_type' => 'CITY'));
}
unset($aCitiesRegion);
}
unset($aRegionsCountry);
}
unset($aCountry);
$workToDo = LocationsTmp::newInstance()->count();
Preference::newInstance()->replace('location_todo', $workToDo);
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=locations');
break;
case 'upgrade':
$this->doView('tools/upgrade.php');
break;
case 'backup':
$this->doView('tools/backup.php');
break;
case 'backup-sql':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
}
//databasse dump...
if (Params::getParam('bck_dir') != '') {
$path = trim(Params::getParam('bck_dir'));
if (substr($path, -1, 1) != "/") {
$path .= '/';
}
} else {
$path = osc_base_path();
}
$filename = 'OSClass_mysqlbackup.' . date('YmdHis') . '.sql';
switch (osc_dbdump($path, $filename)) {
case -1:
$msg = _m('Path is empty');
osc_add_flash_error_message($msg, 'admin');
break;
case -2:
$msg = sprintf(_m('Could not connect with the database. Error: %s'), mysql_error());
osc_add_flash_error_message($msg, 'admin');
break;
case -3:
$msg = _m('There are no tables to back up');
osc_add_flash_error_message($msg, 'admin');
break;
case -4:
$msg = _m('The folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
default:
$msg = _m('Backup completed successfully');
osc_add_flash_ok_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
break;
case 'backup-sql_file':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
}
//databasse dump...
$filename = 'OSClass_mysqlbackup.' . date('YmdHis') . '.sql';
$path = sys_get_temp_dir() . "/";
switch (osc_dbdump($path, $filename)) {
case -1:
$msg = _m('Path is empty');
osc_add_flash_error_message($msg, 'admin');
break;
case -2:
$msg = sprintf(_m('Could not connect with the database. Error: %s'), mysql_error());
osc_add_flash_error_message($msg, 'admin');
break;
case -3:
$msg = sprintf(_m('Could not select the database. Error: %s'), mysql_error());
osc_add_flash_error_message($msg, 'admin');
break;
case -4:
$msg = _m('There are no tables to back up');
osc_add_flash_error_message($msg, 'admin');
break;
case -5:
$msg = _m('The folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
default:
$msg = _m('Backup completed successfully');
osc_add_flash_ok_message($msg, 'admin');
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($filename));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($path . $filename));
flush();
readfile($path . $filename);
exit;
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
break;
case 'backup-zip_file':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
}
$filename = "OSClass_backup." . date('YmdHis') . ".zip";
$path = sys_get_temp_dir() . "/";
if (osc_zip_folder(osc_base_path(), $path . $filename)) {
$msg = _m('Archived successfully!');
osc_add_flash_ok_message($msg, 'admin');
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($filename));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($path . $filename));
flush();
readfile($path . $filename);
exit;
} else {
$msg = _m('Error, the zip file was not created in the specified directory');
osc_add_flash_error_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
break;
case 'backup-zip':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
}
//zip of the code just to back it up
if (Params::getParam('bck_dir') != '') {
$archive_name = trim(Params::getParam('bck_dir'));
if (substr(trim($archive_name), -1, 1) != "/") {
$archive_name .= '/';
}
$archive_name = Params::getParam('bck_dir') . '/OSClass_backup.' . date('YmdHis') . '.zip';
} else {
$archive_name = osc_base_path() . "OSClass_backup." . date('YmdHis') . ".zip";
}
$archive_folder = osc_base_path();
if (osc_zip_folder($archive_folder, $archive_name)) {
$msg = _m('Archived successfully!');
osc_add_flash_ok_message($msg, 'admin');
} else {
$msg = _m('Error, the zip file was not created in the specified directory');
osc_add_flash_error_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
break;
case 'backup_post':
$this->doView('tools/backup.php');
break;
case 'maintenance':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because it is a demo site"), 'admin');
$this->doView('tools/maintenance.php');
break;
}
$mode = Params::getParam('mode');
if ($mode == 'on') {
$maintenance_file = osc_base_path() . '.maintenance';
$fileHandler = @fopen($maintenance_file, 'w');
if ($fileHandler) {
osc_add_flash_ok_message(_m('Maintenance mode is ON'), 'admin');
} else {
osc_add_flash_error_message(_m('There was an error creating the .maintenance file, please create it manually at the root folder'), 'admin');
}
fclose($fileHandler);
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=maintenance');
} else {
if ($mode == 'off') {
$deleted = @unlink(osc_base_path() . '.maintenance');
if ($deleted) {
osc_add_flash_ok_message(_m('Maintenance mode is OFF'), 'admin');
} else {
osc_add_flash_error_message(_m('There was an error removing the .maintenance file, please remove it manually from the root folder'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=maintenance');
}
}
$this->doView('tools/maintenance.php');
break;
default:
}
}
function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
if (Params::getParam('user') == '' && Params::getParam('password', false, false) == '') {
$this->redirectTo(osc_admin_base_url());
}
if (Params::getParam('user') == '') {
osc_add_flash_error_message(_m('The username field is empty'), 'admin');
$this->redirectTo(osc_admin_base_url());
}
if (Params::getParam('password') == '') {
osc_add_flash_error_message(_m('The password field is empty'), 'admin');
$this->redirectTo(osc_admin_base_url());
}
// fields are not empty
$admin = Admin::newInstance()->findByUsername(Params::getParam('user'));
if (!$admin) {
osc_add_flash_error_message(sprintf(_m('Sorry, incorrect username. <a href="%s">Have you lost your password?</a>'), osc_admin_base_url(true) . '?page=login&action=recover'), 'admin');
$this->redirectTo(osc_admin_base_url());
}
if ($admin["s_password"] !== sha1(Params::getParam('password', false, false))) {
osc_add_flash_error_message(sprintf(_m('Sorry, incorrect password. <a href="%s">Have you lost your password?</a>'), osc_admin_base_url(true) . '?page=login&action=recover'), 'admin');
$this->redirectTo(osc_admin_base_url());
}
if (Params::getParam('remember')) {
// this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
Admin::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $admin['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_adminId', $admin['pk_i_id']);
Cookie::newInstance()->push('oc_adminSecret', $secret);
Cookie::newInstance()->push('oc_adminLocale', Params::getParam('locale'));
Cookie::newInstance()->set();
}
// we are logged in... let's go!
Session::newInstance()->_set('adminId', $admin['pk_i_id']);
Session::newInstance()->_set('adminUserName', $admin['s_username']);
Session::newInstance()->_set('adminName', $admin['s_name']);
Session::newInstance()->_set('adminEmail', $admin['s_email']);
Session::newInstance()->_set('adminLocale', Params::getParam('locale'));
$this->redirectTo(osc_admin_base_url());
break;
case 'recover':
// form to recover the password (in this case we have the form in /gui/)
$this->doView('gui/recover.php');
break;
case 'recover_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url());
}
// post execution to recover the password
$admin = Admin::newInstance()->findByEmail(Params::getParam('email'));
if ($admin) {
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=login&action=recover');
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$newPassword = osc_genRandomPassword(40);
Admin::newInstance()->update(array('s_secret' => $newPassword), array('pk_i_id' => $admin['pk_i_id']));
$password_url = osc_forgot_admin_password_confirm_url($admin['pk_i_id'], $newPassword);
osc_run_hook('hook_email_user_forgot_password', $admin, $password_url);
}
osc_add_flash_ok_message(_m('A new password has been sent to your e-mail'), 'admin');
$this->redirectTo(osc_admin_base_url());
break;
case 'forgot':
// form to recover the password (in this case we have the form in /gui/)
$admin = Admin::newInstance()->findByIdSecret(Params::getParam('adminId'), Params::getParam('code'));
if (!$admin) {
osc_add_flash_error_message(_m('Sorry, the link is not valid'), 'admin');
$this->redirectTo(osc_admin_base_url());
}
$this->doView('gui/forgot_password.php');
break;
case 'forgot_post':
$admin = Admin::newInstance()->findByIdSecret(Params::getParam('adminId'), Params::getParam('code'));
if (!$admin) {
osc_add_flash_error_message(_m('Sorry, the link is not valid'), 'admin');
$this->redirectTo(osc_admin_base_url());
}
if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) {
Admin::newInstance()->update(array('s_secret' => osc_genRandomPassword(), 's_password' => sha1(Params::getParam('new_password', false, false))), array('pk_i_id' => $admin['pk_i_id']));
osc_add_flash_ok_message(_m('The password has been changed'), 'admin');
$this->redirectTo(osc_admin_base_url());
} else {
osc_add_flash_error_message(_m("Error, the password don't match"), 'admin');
$this->redirectTo(osc_forgot_admin_password_confirm_url(Params::getParam('adminId'), Params::getParam('code')));
}
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'add':
$this->doView("appearance/add.php");
break;
case 'add_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=appearance');
}
$filePackage = Params::getFiles('package');
if (isset($filePackage['size']) && $filePackage['size'] != 0) {
$path = osc_themes_path();
(int) ($status = osc_unzip_file($filePackage['tmp_name'], $path));
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The theme folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
$msg = _m('The theme has been installed correctly');
osc_add_flash_ok_message($msg, 'admin');
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the theme');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
break;
case 'widgets':
$info = WebThemes::newInstance()->loadThemeInfo(osc_theme());
$this->_exportVariableToView("info", $info);
$this->doView('appearance/widgets.php');
break;
case 'add_widget':
$this->doView('appearance/add_widget.php');
break;
case 'edit_widget':
$id = Params::getParam('id');
$widget = Widget::newInstance()->findByPrimaryKey($id);
$this->_exportVariableToView("widget", $widget);
$this->doView('appearance/add_widget.php');
break;
case 'delete_widget':
Widget::newInstance()->delete(array('pk_i_id' => Params::getParam('id')));
osc_add_flash_ok_message(_m('Widget removed correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
break;
case 'edit_widget_post':
if (!osc_validate_text(Params::getParam("description"))) {
osc_add_flash_error_message(_m('Description field is required'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
}
$res = Widget::newInstance()->update(array('s_description' => Params::getParam('description'), 's_content' => Params::getParam('content', false, false)), array('pk_i_id' => Params::getParam('id')));
if ($res) {
osc_add_flash_ok_message(_m('Widget updated correctly'), 'admin');
} else {
osc_add_flash_ok_message(_m('Widget cannot be updated correctly'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
break;
case 'add_widget_post':
if (!osc_validate_text(Params::getParam("description"))) {
osc_add_flash_error_message(_m('Description field is required'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
}
Widget::newInstance()->insert(array('s_location' => Params::getParam('location'), 'e_kind' => 'html', 's_description' => Params::getParam('description'), 's_content' => Params::getParam('content', false, false)));
osc_add_flash_ok_message(_m('Widget added correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
break;
case 'activate':
Preference::newInstance()->update(array('s_value' => Params::getParam('theme')), array('s_section' => 'osclass', 's_name' => 'theme'));
osc_add_flash_ok_message(_m('Theme activated correctly'), 'admin');
osc_run_hook("theme_activate", Params::getParam('theme'));
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
break;
default:
$themes = WebThemes::newInstance()->getListThemes();
$info = WebThemes::newInstance()->loadThemeInfo(osc_theme());
//preparing variables for the view
$this->_exportVariableToView("themes", $themes);
$this->_exportVariableToView("info", $info);
$this->doView('appearance/index.php');
}
}
function doModel()
{
switch ($this->action) {
case 'dashboard':
//dashboard...
$max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
$aItems = Item::newInstance()->findByUserIDEnabled(Session::newInstance()->_get('userId'), 0, $max_items);
//calling the view...
$this->_exportVariableToView('items', $aItems);
$this->_exportVariableToView('max_items', $max_items);
$this->doView('user-dashboard.php');
break;
case 'profile':
//profile...
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($user['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
} elseif (count($aCountries) > 0) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
$aCities = array();
if ($user['fk_i_region_id'] != '') {
$aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
}
//calling the view...
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('user', $user);
$this->doView('user-profile.php');
break;
case 'profile_post':
//profile post...
$userId = Session::newInstance()->_get('userId');
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->edit($userId);
osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
$this->redirectTo(osc_user_profile_url());
break;
case 'alerts':
//alerts
$aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'));
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
foreach ($aAlerts as $k => $a) {
$search = osc_unserialize(base64_decode($a['s_search']));
$search->limit(0, 3);
$aAlerts[$k]['items'] = $search->doSearch();
}
$this->_exportVariableToView('alerts', $aAlerts);
View::newInstance()->_reset('alerts');
$this->_exportVariableToView('user', $user);
$this->doView('user-alerts.php');
break;
case 'change_email':
//change email
$this->doView('user-change_email.php');
break;
case 'change_email_post':
//change email post
if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) {
osc_add_flash_error_message(_m('The specified e-mail is not valid'));
$this->redirectTo(osc_change_user_email_url());
} else {
$user = User::newInstance()->findByEmail(Params::getParam('new_email'));
if (!isset($user['pk_i_id'])) {
$userEmailTmp = array();
$userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
$userEmailTmp['s_new_email'] = Params::getParam('new_email');
UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
$code = osc_genRandomPassword(30);
$date = date('Y-m-d H:i:s');
$userManager = new User();
$userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
$validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('The specified e-mail is already in use'));
$this->redirectTo(osc_change_user_email_url());
}
}
break;
case 'change_password':
//change password
$this->doView('user-change_password.php');
break;
case 'change_password_post':
//change password post
$user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
if (Params::getParam('password') == '' || Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') {
osc_add_flash_warning_message(_m('Password cannot be blank'));
$this->redirectTo(osc_change_user_password_url());
}
if ($user['s_password'] != sha1(Params::getParam('password'))) {
osc_add_flash_error_message(_m('Current password doesn\'t match'));
$this->redirectTo(osc_change_user_password_url());
}
if (!Params::getParam('new_password')) {
osc_add_flash_error_message(_m('Passwords can\'t be empty'));
$this->redirectTo(osc_change_user_password_url());
}
if (Params::getParam('new_password') != Params::getParam('new_password2')) {
osc_add_flash_error_message(_m('Passwords don\'t match'));
$this->redirectTo(osc_change_user_password_url());
}
User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => Session::newInstance()->_get('userId')));
osc_add_flash_ok_message(_m('Password has been changed'));
$this->redirectTo(osc_user_profile_url());
break;
case 'items':
// view items user
$itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5;
$page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0;
$total_items = Item::newInstance()->countByUserIDEnabled($_SESSION['userId']);
$total_pages = ceil($total_items / $itemsPerPage);
$items = Item::newInstance()->findByUserIDEnabled($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage);
$this->_exportVariableToView('items', $items);
$this->_exportVariableToView('list_total_pages', $total_pages);
$this->_exportVariableToView('list_total_items', $total_items);
$this->_exportVariableToView('items_per_page', $itemsPerPage);
$this->_exportVariableToView('list_page', $page);
$this->doView('user-items.php');
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator'));
}
$this->redirectTo(osc_base_url(true));
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
if ($email != '' && $secret != '') {
Alerts::newInstance()->delete(array('s_email' => $email, 's_secret' => $secret));
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator'));
}
$this->redirectTo(osc_user_alerts_url());
break;
case 'deleteResource':
$id = Params::getParam('id');
$name = Params::getParam('name');
$fkid = Params::getParam('fkid');
osc_deleteResource($id);
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name));
$this->redirectTo(osc_base_url(true) . "?page=item&action=item_edit&id=" . $fkid);
break;
}
}
function doModel()
{
switch ($this->action) {
case 'login_post':
//post execution for the login
osc_csrf_check();
osc_run_hook('before_login_admin');
$url_redirect = osc_get_http_referer();
$page_redirect = '';
$password = Params::getParam('password', false, false);
if (preg_match('|[\\?&]page=([^&]+)|', $url_redirect . '&', $match)) {
$page_redirect = $match[1];
}
if ($page_redirect == '' || $page_redirect == 'login' || $url_redirect == '') {
$url_redirect = osc_admin_base_url();
}
if (Params::getParam('user') == '') {
osc_add_flash_error_message(_m('The username field is empty'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=login");
}
if (Params::getParam('password', false, false) == '') {
osc_add_flash_error_message(_m('The password field is empty'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=login");
}
// fields are not empty
$admin = Admin::newInstance()->findByUsername(Params::getParam('user'));
if (!$admin) {
osc_add_flash_error_message(sprintf(_m('Sorry, incorrect username. <a href="%s">Have you lost your password?</a>'), osc_admin_base_url(true) . '?page=login&action=recover'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=login");
}
if (!osc_verify_password($password, $admin['s_password'])) {
osc_add_flash_error_message(sprintf(_m('Sorry, incorrect password. <a href="%s">Have you lost your password?</a>'), osc_admin_base_url(true) . '?page=login&action=recover'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=login");
} else {
if (@$admin['s_password'] != '') {
if (preg_match('|\\$2y\\$([0-9]{2})\\$|', $admin['s_password'], $cost)) {
if ($cost[1] != BCRYPT_COST) {
Admin::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $admin['pk_i_id']));
}
} else {
Admin::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $admin['pk_i_id']));
}
}
}
if (Params::getParam('remember')) {
// this include contains de osc_genRandomPassword function
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$secret = osc_genRandomPassword();
Admin::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $admin['pk_i_id']));
Cookie::newInstance()->set_expires(osc_time_cookie());
Cookie::newInstance()->push('oc_adminId', $admin['pk_i_id']);
Cookie::newInstance()->push('oc_adminSecret', $secret);
Cookie::newInstance()->push('oc_adminLocale', Params::getParam('locale'));
Cookie::newInstance()->set();
}
// we are logged in... let's go!
Session::newInstance()->_set('adminId', $admin['pk_i_id']);
Session::newInstance()->_set('adminUserName', $admin['s_username']);
Session::newInstance()->_set('adminName', $admin['s_name']);
Session::newInstance()->_set('adminEmail', $admin['s_email']);
Session::newInstance()->_set('adminLocale', Params::getParam('locale'));
osc_run_hook('login_admin', $admin);
$this->redirectTo($url_redirect);
break;
case 'recover':
// form to recover the password (in this case we have the form in /gui/)
$this->doView('gui/recover.php');
break;
case 'recover_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url());
}
osc_csrf_check();
// post execution to recover the password
$admin = Admin::newInstance()->findByEmail(Params::getParam('email'));
if ($admin) {
if (osc_recaptcha_private_key() != '') {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The reCAPTCHA code is wrong'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=login&action=recover');
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
$newPassword = osc_genRandomPassword(40);
Admin::newInstance()->update(array('s_secret' => $newPassword), array('pk_i_id' => $admin['pk_i_id']));
$password_url = osc_forgot_admin_password_confirm_url($admin['pk_i_id'], $newPassword);
osc_run_hook('hook_email_user_forgot_password', $admin, $password_url);
}
osc_add_flash_ok_message(_m('A new password has been sent to your e-mail'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=login');
break;
case 'forgot':
// form to recover the password (in this case we have the form in /gui/)
$admin = Admin::newInstance()->findByIdSecret(Params::getParam('adminId'), Params::getParam('code'));
if (!$admin) {
osc_add_flash_error_message(_m('Sorry, the link is not valid'), 'admin');
$this->redirectTo(osc_admin_base_url());
}
$this->doView('gui/forgot_password.php');
break;
case 'forgot_post':
osc_csrf_check();
$admin = Admin::newInstance()->findByIdSecret(Params::getParam('adminId'), Params::getParam('code'));
if (!$admin) {
osc_add_flash_error_message(_m('Sorry, the link is not valid'), 'admin');
$this->redirectTo(osc_admin_base_url());
}
if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) {
Admin::newInstance()->update(array('s_secret' => osc_genRandomPassword(), 's_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => $admin['pk_i_id']));
osc_add_flash_ok_message(_m('The password has been changed'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=login');
} else {
osc_add_flash_error_message(_m("Error, the passwords don't match"), 'admin');
$this->redirectTo(osc_forgot_admin_password_confirm_url(Params::getParam('adminId'), Params::getParam('code')));
}
break;
default:
//osc_run_hook( 'init_admin' );
Session::newInstance()->_setReferer(osc_get_http_referer());
$this->doView('gui/login.php');
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'add':
$this->doView("appearance/add.php");
break;
case 'add_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=appearance');
}
osc_csrf_check();
$filePackage = Params::getFiles('package');
if (isset($filePackage['size']) && $filePackage['size'] != 0) {
$path = osc_themes_path();
(int) ($status = osc_unzip_file($filePackage['tmp_name'], $path));
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The theme folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
$msg = _m('The theme has been installed correctly');
osc_add_flash_ok_message($msg, 'admin');
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the theme');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
break;
case 'delete':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=appearance');
}
osc_csrf_check();
$theme = Params::getParam('webtheme');
if ($theme != '') {
if ($theme != osc_current_web_theme()) {
if (osc_deleteDir(osc_content_path() . "themes/" . $theme . "/")) {
osc_add_flash_ok_message(_m("Theme removed successfully"), "admin");
} else {
osc_add_flash_error_message(_m("There was a problem removing the theme"), "admin");
}
} else {
osc_add_flash_error_message(_m("Current theme can not be deleted"), "admin");
}
} else {
osc_add_flash_error_message(_m("No theme selected"), "admin");
}
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
break;
/* widgets */
/* widgets */
case 'widgets':
$info = WebThemes::newInstance()->loadThemeInfo(osc_theme());
$this->_exportVariableToView("info", $info);
$this->doView('appearance/widgets.php');
break;
case 'add_widget':
$this->doView('appearance/add_widget.php');
break;
case 'edit_widget':
$id = Params::getParam('id');
$widget = Widget::newInstance()->findByPrimaryKey($id);
$this->_exportVariableToView("widget", $widget);
$this->doView('appearance/add_widget.php');
break;
case 'delete_widget':
osc_csrf_check();
Widget::newInstance()->delete(array('pk_i_id' => Params::getParam('id')));
osc_add_flash_ok_message(_m('Widget removed correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
break;
case 'edit_widget_post':
osc_csrf_check();
if (!osc_validate_text(Params::getParam("description"))) {
osc_add_flash_error_message(_m('Description field is required'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
}
$res = Widget::newInstance()->update(array('s_description' => Params::getParam('description'), 's_content' => Params::getParam('content', false, false)), array('pk_i_id' => Params::getParam('id')));
if ($res) {
osc_add_flash_ok_message(_m('Widget updated correctly'), 'admin');
} else {
osc_add_flash_ok_message(_m('Widget cannot be updated correctly'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
break;
case 'add_widget_post':
osc_csrf_check();
if (!osc_validate_text(Params::getParam("description"))) {
osc_add_flash_error_message(_m('Description field is required'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
}
Widget::newInstance()->insert(array('s_location' => Params::getParam('location'), 'e_kind' => 'html', 's_description' => Params::getParam('description'), 's_content' => Params::getParam('content', false, false)));
osc_add_flash_ok_message(_m('Widget added correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
break;
/* /widget */
/* /widget */
case 'activate':
osc_csrf_check();
Preference::newInstance()->update(array('s_value' => Params::getParam('theme')), array('s_section' => 'osclass', 's_name' => 'theme'));
osc_add_flash_ok_message(_m('Theme activated correctly'), 'admin');
osc_run_hook("theme_activate", Params::getParam('theme'));
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
break;
case 'render':
$this->_exportVariableToView('file', osc_base_path() . Params::getParam("file"));
$this->doView('appearance/view.php');
break;
default:
// $marketError = Params::getParam('marketError');
// $slug = Params::getParam('slug');
// if($marketError!='') {
// if($marketError == '0') { // no error installed ok
// $help = '<br/><br/><b>' . __('You only need to activate or preview the theme').'</b>';
// osc_add_flash_ok_message( __('Everything was OK!') . ' ( ' . $slug .' ) ' . $help, 'admin');
// } else {
// osc_add_flash_error_message( __('Error occurred') . ' ( ' . $slug .' ) ', 'admin');
// }
// }
// force the recount of themes that need to be updated
if (Params::getParam('checkUpdated') != '') {
osc_admin_toolbar_update_themes(true);
}
$themes = WebThemes::newInstance()->getListThemes();
//preparing variables for the view
$this->_exportVariableToView("themes", $themes);
$this->doView('appearance/index.php');
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'create':
// calling create view
$aRegions = array();
$aCities = array();
$aCountries = Country::newInstance()->listAll();
if (isset($aCountries[0]['pk_c_code'])) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
if (isset($aRegions[0]['pk_i_id'])) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
$this->_exportVariableToView('user', null);
$this->_exportVariableToView('countries', $aCountries);
$this->_exportVariableToView('regions', $aRegions);
$this->_exportVariableToView('cities', $aCities);
$this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
$this->doView("users/frm.php");
break;
case 'create_post':
// creating the user...
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(true);
$success = $userActions->add();
switch ($success) {
case 1:
osc_add_flash_ok_message(_m("The user has been created. We've sent an activation e-mail"), 'admin');
break;
case 2:
osc_add_flash_ok_message(_m('The user has been created successfully'), 'admin');
break;
default:
osc_add_flash_error_message($success, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'edit':
// calling the edit view
$aUser = $this->userManager->findByPrimaryKey(Params::getParam("id"));
$aCountries = Country::newInstance()->listAll();
$aRegions = array();
if ($aUser['fk_c_country_code'] != '') {
$aRegions = Region::newInstance()->findByCountry($aUser['fk_c_country_code']);
} else {
if (count($aCountries) > 0) {
$aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
}
}
$aCities = array();
if ($aUser['fk_i_region_id'] != '') {
$aCities = City::newInstance()->findByRegion($aUser['fk_i_region_id']);
} else {
if (count($aRegions) > 0) {
$aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
}
}
$csrf_token = osc_csrf_token_url();
if ($aUser['b_active']) {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=users&action=deactivate&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=INACTIVE">' . __('Deactivate') . '</a>';
} else {
$actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=users&action=activate&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=ACTIVE">' . __('Activate') . '</a>';
}
if ($aUser['b_enabled']) {
$actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=users&action=disable&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=DISABLE">' . __('Block') . '</a>';
} else {
$actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=users&action=enable&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=ENABLE">' . __('Unblock') . '</a>';
}
$this->_exportVariableToView("actions", $actions);
$this->_exportVariableToView("user", $aUser);
$this->_exportVariableToView("countries", $aCountries);
$this->_exportVariableToView("regions", $aRegions);
$this->_exportVariableToView("cities", $aCities);
$this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
$this->doView("users/frm.php");
break;
case 'edit_post':
// edit post
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(true);
$success = $userActions->edit(Params::getParam("id"));
if ($success == 1) {
osc_add_flash_ok_message(_m('The user has been updated'), 'admin');
} else {
if ($success == 2) {
osc_add_flash_ok_message(_m('The user has been updated and activated'), 'admin');
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('id'));
}
}
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'resend_activation':
//activate
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
$userActions = new UserActions(true);
foreach ($userId as $id) {
$iUpdated += $userActions->resend_activation($id);
}
if ($iUpdated == 0) {
osc_add_flash_error_message(_m('No users have been selected'), 'admin');
} else {
osc_add_flash_ok_message(sprintf(_mn('Activation email sent to one user', 'Activation email sent to %s users', $iUpdated), $iUpdated), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'activate':
//activate
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
$userActions = new UserActions(true);
foreach ($userId as $id) {
$iUpdated += $userActions->activate($id);
}
if ($iUpdated == 0) {
$msg = _m('No users have been activated');
} else {
$msg = sprintf(_mn('One user has been activated', '%s users have been activated', $iUpdated), $iUpdated);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo($_SERVER['HTTP_REFERER']);
break;
case 'deactivate':
//deactivate
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
$userActions = new UserActions(true);
foreach ($userId as $id) {
$iUpdated += $userActions->deactivate($id);
}
if ($iUpdated == 0) {
$msg = _m('No users have been deactivated');
} else {
$msg = sprintf(_mn('One user has been deactivated', '%s users have been deactivated', $iUpdated), $iUpdated);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo($_SERVER['HTTP_REFERER']);
break;
case 'enable':
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
$userActions = new UserActions(true);
foreach ($userId as $id) {
$iUpdated += $userActions->enable($id);
}
if ($iUpdated == 0) {
$msg = _m('No users have been enabled');
} else {
$msg = sprintf(_mn('One user has been unblocked', '%s users have been unblocked', $iUpdated), $iUpdated);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo($_SERVER['HTTP_REFERER']);
break;
case 'disable':
osc_csrf_check();
require_once LIB_PATH . 'osclass/UserActions.php';
$iUpdated = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
$userActions = new UserActions(true);
foreach ($userId as $id) {
$iUpdated += $userActions->disable($id);
}
if ($iUpdated == 0) {
$msg = _m('No users have been disabled');
} else {
$msg = sprintf(_mn('One user has been blocked', '%s users have been blocked', $iUpdated), $iUpdated);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo($_SERVER['HTTP_REFERER']);
break;
case 'delete':
//delete
osc_csrf_check();
$iDeleted = 0;
$userId = Params::getParam('id');
if (!is_array($userId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
}
foreach ($userId as $id) {
$user = $this->userManager->findByPrimaryKey($id);
Log::newInstance()->insertLog('user', 'delete', $id, $user['s_email'], 'admin', osc_logged_admin_id());
if ($this->userManager->deleteUser($id)) {
$iDeleted++;
}
}
if ($iDeleted == 0) {
$msg = _m('No users have been deleted');
} else {
$msg = sprintf(_mn('One user has been deleted', '%s users have been deleted', $iDeleted), $iDeleted);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users');
break;
case 'delete_alerts':
//delete
$iDeleted = 0;
$alertId = Params::getParam('alert_id');
if (!is_array($alertId)) {
osc_add_flash_error_message(_m("Alert id isn't in the correct format"), 'admin');
if (Params::getParam('user_id') == '') {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
} else {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
}
}
$mAlerts = new Alerts();
foreach ($alertId as $id) {
Log::newInstance()->insertLog('user', 'delete_alerts', $id, $id, 'admin', osc_logged_admin_id());
$iDeleted += $mAlerts->delete(array('pk_i_id' => $id));
}
if ($iDeleted == 0) {
$msg = _m('No alerts have been deleted');
} else {
$msg = sprintf(_mn('One alert has been deleted', '%s alerts have been deleted', $iDeleted), $iDeleted);
}
osc_add_flash_ok_message($msg, 'admin');
if (Params::getParam('user_id') == '') {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
} else {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
}
break;
case 'status_alerts':
//delete
$status = Params::getParam("status");
$iUpdated = 0;
$alertId = Params::getParam('alert_id');
if (!is_array($alertId)) {
osc_add_flash_error_message(_m("Alert id isn't in the correct format"), 'admin');
if (Params::getParam('user_id') == '') {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
} else {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
}
}
$mAlerts = new Alerts();
foreach ($alertId as $id) {
if ($status == 1) {
$iUpdated += $mAlerts->activate($id);
} else {
$iUpdated += $mAlerts->deactivate($id);
}
}
if ($status == 1) {
if ($iUpdated == 0) {
$msg = _m('No alerts have been activated');
} else {
$msg = sprintf(_mn('One alert has been activated', '%s alerts have been activated', $iUpdated), $iUpdated);
}
} else {
if ($iUpdated == 0) {
$msg = _m('No alerts have been deactivated');
} else {
$msg = sprintf(_mn('One alert has been deactivated', '%s alerts have been deactivated', $iUpdated), $iUpdated);
}
}
osc_add_flash_ok_message($msg, 'admin');
if (Params::getParam('user_id') == '') {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
} else {
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
}
break;
case 'settings':
// calling the users settings view
$this->doView('users/settings.php');
break;
case 'settings_post':
// updating users
osc_csrf_check();
$iUpdated = 0;
$enabledUserValidation = Params::getParam('enabled_user_validation');
$enabledUserValidation = $enabledUserValidation != '' ? true : false;
$enabledUserRegistration = Params::getParam('enabled_user_registration');
$enabledUserRegistration = $enabledUserRegistration != '' ? true : false;
$enabledUsers = Params::getParam('enabled_users');
$enabledUsers = $enabledUsers != '' ? true : false;
$notifyNewUser = Params::getParam('notify_new_user');
$notifyNewUser = $notifyNewUser != '' ? true : false;
$usernameBlacklistTmp = explode(",", Params::getParam('username_blacklist'));
foreach ($usernameBlacklistTmp as $k => $v) {
$usernameBlacklistTmp[$k] = strtolower(trim($v));
}
$usernameBlacklist = implode(",", $usernameBlacklistTmp);
$iUpdated += osc_set_preference('enabled_user_validation', $enabledUserValidation);
$iUpdated += osc_set_preference('enabled_user_registration', $enabledUserRegistration);
$iUpdated += osc_set_preference('enabled_users', $enabledUsers);
$iUpdated += osc_set_preference('notify_new_user', $notifyNewUser);
$iUpdated += osc_set_preference('username_blacklist', $usernameBlacklist);
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m("User settings have been updated"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=settings');
break;
case 'alerts':
// manage alerts view
require_once osc_lib_path() . "osclass/classes/datatables/AlertsDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$alertsDataTable = new AlertsDataTable();
$alertsDataTable->table($params);
$aData = $alertsDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $alertsDataTable->rawRows());
$this->doView("users/alerts.php");
break;
case 'ban':
// manage ban rules view
if (Params::getParam("action") != "") {
osc_run_hook("ban_rules_bulk_" . Params::getParam("action"), Params::getParam('id'));
}
require_once osc_lib_path() . "osclass/classes/datatables/BanRulesDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$banRulesDataTable = new BanRulesDataTable();
$banRulesDataTable->table($params);
$aData = $banRulesDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('aRawRows', $banRulesDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_ban_rule', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected ban rules?'), strtolower(__('Delete'))), 'label' => __('Delete')));
$bulk_options = osc_apply_filter("ban_rule_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
//calling the view...
$this->doView('users/ban.php');
break;
case 'edit_ban_rule':
$this->_exportVariableToView('rule', BanRule::newInstance()->findByPrimaryKey(Params::getParam('id')));
$this->doView('users/ban_frm.php');
break;
case 'edit_ban_rule_post':
osc_csrf_check();
if (Params::getParam('s_ip') == '' && Params::getParam('s_email') == '') {
osc_add_flash_warning_message(_m("Both rules can not be empty"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
}
BanRule::newInstance()->update(array('s_name' => Params::getParam('s_name'), 's_ip' => Params::getParam('s_ip'), 's_email' => strtolower(Params::getParam('s_email'))), array('pk_i_id' => Params::getParam('id')));
osc_add_flash_ok_message(_m('Rule updated correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
break;
case 'create_ban_rule':
$this->_exportVariableToView('rule', null);
$this->doView('users/ban_frm.php');
break;
case 'create_ban_rule_post':
osc_csrf_check();
if (Params::getParam('s_ip') == '' && Params::getParam('s_email') == '') {
osc_add_flash_warning_message(_m("Both rules can not be empty"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
}
BanRule::newInstance()->insert(array('s_name' => Params::getParam('s_name'), 's_ip' => Params::getParam('s_ip'), 's_email' => strtolower(Params::getParam('s_email'))));
osc_add_flash_ok_message(_m('Rule saved correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
break;
case 'delete_ban_rule':
//delete ban rules
osc_csrf_check();
$iDeleted = 0;
$ruleId = Params::getParam('id');
if (!is_array($ruleId)) {
osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
}
$ruleMgr = BanRule::newInstance();
foreach ($ruleId as $id) {
if ($ruleMgr->deleteByPrimaryKey($id)) {
$iDeleted++;
}
}
if ($iDeleted == 0) {
$msg = _m('No rules have been deleted');
} else {
$msg = sprintf(_mn('One ban rule has been deleted', '%s ban rules have been deleted', $iDeleted), $iDeleted);
}
osc_add_flash_ok_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
break;
default:
// manage users view
if (Params::getParam("action") != "") {
osc_run_hook("user_bulk_" . Params::getParam("action"), Params::getParam('id'));
}
require_once osc_lib_path() . "osclass/classes/datatables/UsersDataTable.php";
// set default iDisplayLength
if (Params::getParam('iDisplayLength') != '') {
Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
Cookie::newInstance()->set();
} else {
// set a default value if it's set in the cookie
if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
} else {
Params::setParam('iDisplayLength', 10);
}
}
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
// Table header order by related
if (Params::getParam('sort') == '') {
Params::setParam('sort', 'date');
}
if (Params::getParam('direction') == '') {
Params::setParam('direction', 'desc');
}
$page = (int) Params::getParam('iPage');
if ($page == 0) {
$page = 1;
}
Params::setParam('iPage', $page);
$params = Params::getParamsAsArray();
$usersDataTable = new UsersDataTable();
$usersDataTable->table($params);
$aData = $usersDataTable->getData();
if (count($aData['aRows']) == 0 && $page != 1) {
$total = (int) $aData['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $aData['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aData', $aData);
$this->_exportVariableToView('withFilters', $usersDataTable->withFilters());
$this->_exportVariableToView('aRawRows', $usersDataTable->rawRows());
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'activate', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'enable', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Unblock'))), 'label' => __('Unblock')), array('value' => 'disable', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Delete'))), 'label' => __('Delete')));
if (osc_user_validation_enabled()) {
$bulk_options[] = array('value' => 'resend_activation', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Resend the activation to'))), 'label' => __('Resend activation'));
}
$bulk_options = osc_apply_filter("user_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
//calling the view...
$this->doView('users/index.php');
break;
}
}
function doModel()
{
switch ($this->action) {
case 'permalinks':
// calling the permalinks view
$htaccess = Params::getParam('htaccess_status');
$file = Params::getParam('file_status');
$this->_exportVariableToView('htaccess', $htaccess);
$this->_exportVariableToView('file', $file);
$this->doView('settings/permalinks.php');
break;
case 'permalinks_post':
// updating permalinks option
osc_csrf_check();
$htaccess_file = osc_base_path() . '.htaccess';
$rewriteEnabled = Params::getParam('rewrite_enabled') ? true : false;
$rewrite_base = REL_WEB_URL;
$htaccess = <<<HTACCESS
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase {$rewrite_base}
RewriteRule ^index\\.php\$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . {$rewrite_base}index.php [L]
</IfModule>
HTACCESS;
if ($rewriteEnabled) {
osc_set_preference('rewriteEnabled', '1');
// 1. OK (ok)
// 2. OK no apache module detected (warning)
// 3. No se puede crear + apache
// 4. No se puede crear + no apache
// 5. .htaccess exists, no overwrite
$status = 3;
if (file_exists($htaccess_file)) {
$status = 5;
} else {
if (is_writable(osc_base_path()) && file_put_contents($htaccess_file, $htaccess)) {
$status = 1;
}
}
if (!@apache_mod_loaded('mod_rewrite')) {
$status++;
}
$errors = 0;
$item_url = substr(str_replace('//', '/', Params::getParam('rewrite_item_url') . '/'), 0, -1);
if (!osc_validate_text($item_url)) {
$errors += 1;
} else {
osc_set_preference('rewrite_item_url', $item_url);
}
$page_url = substr(str_replace('//', '/', Params::getParam('rewrite_page_url') . '/'), 0, -1);
if (!osc_validate_text($page_url)) {
$errors += 1;
} else {
osc_set_preference('rewrite_page_url', $page_url);
}
$cat_url = substr(str_replace('//', '/', Params::getParam('rewrite_cat_url') . '/'), 0, -1);
// DEPRECATED: backward compatibility, remove in 3.4
$cat_url = str_replace('{CATEGORY_SLUG}', '{CATEGORY_NAME}', $cat_url);
if (!osc_validate_text($cat_url)) {
$errors += 1;
} else {
osc_set_preference('rewrite_cat_url', $cat_url);
}
$search_url = substr(str_replace('//', '/', Params::getParam('rewrite_search_url') . '/'), 0, -1);
if (!osc_validate_text($search_url)) {
$errors += 1;
} else {
osc_set_preference('rewrite_search_url', $search_url);
}
if (!osc_validate_text(Params::getParam('rewrite_search_country'))) {
$errors += 1;
} else {
osc_set_preference('rewrite_search_country', Params::getParam('rewrite_search_country'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_region'))) {
$errors += 1;
} else {
osc_set_preference('rewrite_search_region', Params::getParam('rewrite_search_region'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_city'))) {
$errors += 1;
} else {
osc_set_preference('rewrite_search_city', Params::getParam('rewrite_search_city'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_city_area'))) {
$errors += 1;
} else {
osc_set_preference('rewrite_search_city_area', Params::getParam('rewrite_search_city_area'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_category'))) {
$errors += 1;
} else {
osc_set_preference('rewrite_search_category', Params::getParam('rewrite_search_category'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_user'))) {
$errors += 1;
} else {
osc_set_preference('rewrite_search_user', Params::getParam('rewrite_search_user'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_pattern'))) {
$errors += 1;
} else {
osc_set_preference('rewrite_search_pattern', Params::getParam('rewrite_search_pattern'));
}
$rewrite_contact = substr(str_replace('//', '/', Params::getParam('rewrite_contact') . '/'), 0, -1);
if (!osc_validate_text($rewrite_contact)) {
$errors += 1;
} else {
osc_set_preference('rewrite_contact', $rewrite_contact);
}
$rewrite_feed = substr(str_replace('//', '/', Params::getParam('rewrite_feed') . '/'), 0, -1);
if (!osc_validate_text($rewrite_feed)) {
$errors += 1;
} else {
osc_set_preference('rewrite_feed', $rewrite_feed);
}
$rewrite_language = substr(str_replace('//', '/', Params::getParam('rewrite_language') . '/'), 0, -1);
if (!osc_validate_text($rewrite_language)) {
$errors += 1;
} else {
osc_set_preference('rewrite_language', $rewrite_language);
}
$rewrite_item_mark = substr(str_replace('//', '/', Params::getParam('rewrite_item_mark') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_mark)) {
$errors += 1;
} else {
osc_set_preference('rewrite_item_mark', $rewrite_item_mark);
}
$rewrite_item_send_friend = substr(str_replace('//', '/', Params::getParam('rewrite_item_send_friend') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_send_friend)) {
$errors += 1;
} else {
osc_set_preference('rewrite_item_send_friend', $rewrite_item_send_friend);
}
$rewrite_item_contact = substr(str_replace('//', '/', Params::getParam('rewrite_item_contact') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_contact)) {
$errors += 1;
} else {
osc_set_preference('rewrite_item_contact', $rewrite_item_contact);
}
$rewrite_item_new = substr(str_replace('//', '/', Params::getParam('rewrite_item_new') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_new)) {
$errors += 1;
} else {
osc_set_preference('rewrite_item_new', $rewrite_item_new);
}
$rewrite_item_activate = substr(str_replace('//', '/', Params::getParam('rewrite_item_activate') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_activate)) {
$errors += 1;
} else {
osc_set_preference('rewrite_item_activate', $rewrite_item_activate);
}
$rewrite_item_edit = substr(str_replace('//', '/', Params::getParam('rewrite_item_edit') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_edit)) {
$errors += 1;
} else {
osc_set_preference('rewrite_item_edit', $rewrite_item_edit);
}
$rewrite_item_delete = substr(str_replace('//', '/', Params::getParam('rewrite_item_delete') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_delete)) {
$errors += 1;
} else {
osc_set_preference('rewrite_item_delete', $rewrite_item_delete);
}
$rewrite_item_resource_delete = substr(str_replace('//', '/', Params::getParam('rewrite_item_resource_delete') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_resource_delete)) {
$errors += 1;
} else {
osc_set_preference('rewrite_item_resource_delete', $rewrite_item_resource_delete);
}
$rewrite_user_login = substr(str_replace('//', '/', Params::getParam('rewrite_user_login') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_login)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_login', $rewrite_user_login);
}
$rewrite_user_dashboard = substr(str_replace('//', '/', Params::getParam('rewrite_user_dashboard') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_dashboard)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_dashboard', $rewrite_user_dashboard);
}
$rewrite_user_logout = substr(str_replace('//', '/', Params::getParam('rewrite_user_logout') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_logout)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_logout', $rewrite_user_logout);
}
$rewrite_user_register = substr(str_replace('//', '/', Params::getParam('rewrite_user_register') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_register)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_register', $rewrite_user_register);
}
$rewrite_user_activate = substr(str_replace('//', '/', Params::getParam('rewrite_user_activate') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_activate)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_activate', $rewrite_user_activate);
}
$rewrite_user_activate_alert = substr(str_replace('//', '/', Params::getParam('rewrite_user_activate_alert') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_activate_alert)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_activate_alert', $rewrite_user_activate_alert);
}
$rewrite_user_profile = substr(str_replace('//', '/', Params::getParam('rewrite_user_profile') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_profile)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_profile', $rewrite_user_profile);
}
$rewrite_user_items = substr(str_replace('//', '/', Params::getParam('rewrite_user_items') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_items)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_items', $rewrite_user_items);
}
$rewrite_user_alerts = substr(str_replace('//', '/', Params::getParam('rewrite_user_alerts') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_alerts)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_alerts', $rewrite_user_alerts);
}
$rewrite_user_recover = substr(str_replace('//', '/', Params::getParam('rewrite_user_recover') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_recover)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_recover', $rewrite_user_recover);
}
$rewrite_user_forgot = substr(str_replace('//', '/', Params::getParam('rewrite_user_forgot') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_forgot)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_forgot', $rewrite_user_forgot);
}
$rewrite_user_change_password = substr(str_replace('//', '/', Params::getParam('rewrite_user_change_password') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_change_password)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_change_password', $rewrite_user_change_password);
}
$rewrite_user_change_email = substr(str_replace('//', '/', Params::getParam('rewrite_user_change_email') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_change_email)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_change_email', $rewrite_user_change_email);
}
$rewrite_user_change_username = substr(str_replace('//', '/', Params::getParam('rewrite_user_change_username') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_change_username)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_change_username', $rewrite_user_change_username);
}
$rewrite_user_change_email_confirm = substr(str_replace('//', '/', Params::getParam('rewrite_user_change_email_confirm') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_change_email_confirm)) {
$errors += 1;
} else {
osc_set_preference('rewrite_user_change_email_confirm', $rewrite_user_change_email_confirm);
}
osc_reset_preferences();
$rewrite = Rewrite::newInstance();
osc_run_hook("before_rewrite_rules", array(&$rewrite));
$rewrite->clearRules();
/*****************************
********* Add rules *********
*****************************/
// Contact rules
$rewrite->addRule('^' . osc_get_preference('rewrite_contact') . '/?$', 'index.php?page=contact');
// Feed rules
$rewrite->addRule('^' . osc_get_preference('rewrite_feed') . '/?$', 'index.php?page=search&sFeed=rss');
$rewrite->addRule('^' . osc_get_preference('rewrite_feed') . '/(.+)/?$', 'index.php?page=search&sFeed=$1');
// Language rules
$rewrite->addRule('^' . osc_get_preference('rewrite_language') . '/(.*?)/?$', 'index.php?page=language&locale=$1');
// Search rules
$rewrite->addRule('^' . $search_url . '$', 'index.php?page=search');
$rewrite->addRule('^' . $search_url . '/(.*)$', 'index.php?page=search&sParams=$1');
// Item rules
$rewrite->addRule('^' . osc_get_preference('rewrite_item_mark') . '/(.*?)/([0-9]+)/?$', 'index.php?page=item&action=mark&as=$1&id=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_send_friend') . '/([0-9]+)/?$', 'index.php?page=item&action=send_friend&id=$1');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_contact') . '/([0-9]+)/?$', 'index.php?page=item&action=contact&id=$1');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_new') . '/?$', 'index.php?page=item&action=item_add');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_new') . '/([0-9]+)/?$', 'index.php?page=item&action=item_add&catId=$1');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_activate') . '/([0-9]+)/(.*?)/?$', 'index.php?page=item&action=activate&id=$1&secret=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_edit') . '/([0-9]+)/(.*?)/?$', 'index.php?page=item&action=item_edit&id=$1&secret=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_delete') . '/([0-9]+)/(.*?)/?$', 'index.php?page=item&action=item_delete&id=$1&secret=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_resource_delete') . '/([0-9]+)/([0-9]+)/([0-9A-Za-z]+)/?(.*?)/?$', 'index.php?page=item&action=deleteResource&id=$1&item=$2&code=$3&secret=$4');
// Item rules
$id_pos = stripos($item_url, '{ITEM_ID}');
$title_pos = stripos($item_url, '{ITEM_TITLE}');
$cat_pos = stripos($item_url, '{CATEGORIES');
$param_pos = 1;
if ($title_pos !== false && $id_pos > $title_pos) {
$param_pos++;
}
if ($cat_pos !== false && $id_pos > $cat_pos) {
$param_pos++;
}
$comments_pos = 1;
if ($id_pos !== false) {
$comments_pos++;
}
if ($title_pos !== false) {
$comments_pos++;
}
if ($cat_pos !== false) {
$comments_pos++;
}
$rewrite->addRule('^([a-z]{2})_([A-Z]{2})/' . str_replace('{ITEM_CITY}', '.*', str_replace('{CATEGORIES}', '.*', str_replace('{ITEM_TITLE}', '.*', str_replace('{ITEM_ID}', '([0-9]+)', $item_url . '\\?comments-page=([0-9al]*)')))) . '$', 'index.php?page=item&id=$3&lang=$1_$2&comments-page=$4');
$rewrite->addRule('^' . str_replace('{ITEM_CITY}', '.*', str_replace('{CATEGORIES}', '.*', str_replace('{ITEM_TITLE}', '.*', str_replace('{ITEM_ID}', '([0-9]+)', $item_url . '\\?comments-page=([0-9al]*)')))) . '$', 'index.php?page=item&id=$1&comments-page=$2');
$rewrite->addRule('^([a-z]{2})_([A-Z]{2})/' . str_replace('{ITEM_CITY}', '.*', str_replace('{CATEGORIES}', '.*', str_replace('{ITEM_TITLE}', '.*', str_replace('{ITEM_ID}', '([0-9]+)', $item_url)))) . '$', 'index.php?page=item&id=$3&lang=$1_$2');
$rewrite->addRule('^' . str_replace('{ITEM_CITY}', '.*', str_replace('{CATEGORIES}', '.*', str_replace('{ITEM_TITLE}', '.*', str_replace('{ITEM_ID}', '([0-9]+)', $item_url)))) . '$', 'index.php?page=item&id=$1');
// User rules
$rewrite->addRule('^' . osc_get_preference('rewrite_user_login') . '/?$', 'index.php?page=login');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_dashboard') . '/?$', 'index.php?page=user&action=dashboard');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_logout') . '/?$', 'index.php?page=main&action=logout');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_register') . '/?$', 'index.php?page=register&action=register');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_activate') . '/([0-9]+)/(.*?)/?$', 'index.php?page=register&action=validate&id=$1&code=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_activate_alert') . '/([0-9]+)/([a-zA-Z0-9]+)/(.+)$', 'index.php?page=user&action=activate_alert&id=$1&email=$3&secret=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_profile') . '/?$', 'index.php?page=user&action=profile');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_profile') . '/([0-9]+)/?$', 'index.php?page=user&action=pub_profile&id=$1');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_profile') . '/(.+)/?$', 'index.php?page=user&action=pub_profile&username=$1');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_items') . '/?$', 'index.php?page=user&action=items');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_alerts') . '/?$', 'index.php?page=user&action=alerts');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_recover') . '/?$', 'index.php?page=login&action=recover');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_forgot') . '/([0-9]+)/(.*)/?$', 'index.php?page=login&action=forgot&userId=$1&code=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_change_password') . '/?$', 'index.php?page=user&action=change_password');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_change_email') . '/?$', 'index.php?page=user&action=change_email');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_change_username') . '/?$', 'index.php?page=user&action=change_username');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_change_email_confirm') . '/([0-9]+)/(.*?)/?$', 'index.php?page=user&action=change_email_confirm&userId=$1&code=$2');
// Page rules
$pos_pID = stripos($page_url, '{PAGE_ID}');
$pos_pSlug = stripos($page_url, '{PAGE_SLUG}');
$pID_pos = 1;
$pSlug_pos = 1;
if (is_numeric($pos_pID) && is_numeric($pos_pSlug)) {
// set the order of the parameters
if ($pos_pID > $pos_pSlug) {
$pID_pos++;
} else {
$pSlug_pos++;
}
$rewrite->addRule('^' . str_replace('{PAGE_SLUG}', '([\\p{L}\\p{N}_\\-,]+)', str_replace('{PAGE_ID}', '([0-9]+)', $page_url)) . '/?$', 'index.php?page=page&id=$' . $pID_pos . "&slug=\$" . $pSlug_pos);
$rewrite->addRule('^([a-z]{2})_([A-Z]{2})/' . str_replace('{PAGE_SLUG}', '([\\p{L}\\p{N}_\\-,]+)', str_replace('{PAGE_ID}', '([0-9]+)', $page_url)) . '/?$', 'index.php?page=page&lang=$1_$2&id=$' . ($pID_pos + 2) . '&slug=$' . ($pSlug_pos + 2));
} else {
if (is_numeric($pos_pID)) {
$rewrite->addRule('^' . str_replace('{PAGE_ID}', '([0-9]+)', $page_url) . '/?$', 'index.php?page=page&id=$1');
$rewrite->addRule('^([a-z]{2})_([A-Z]{2})/' . str_replace('{PAGE_ID}', '([0-9]+)', $page_url) . '/?$', 'index.php?page=page&lang=$1_$2&id=$3');
} else {
$rewrite->addRule('^' . str_replace('{PAGE_SLUG}', '([\\p{L}\\p{N}_\\-,]+)', $page_url) . '/?$', 'index.php?page=page&slug=$1');
$rewrite->addRule('^([a-z]{2})_([A-Z]{2})/' . str_replace('{PAGE_SLUG}', '([\\p{L}\\p{N}_\\-,]+)', $page_url) . '/?$', 'index.php?page=page&lang=$1_$2&slug=$3');
}
}
// Clean archive files
$rewrite->addRule('^(.+?)\\.php(.*)$', '$1.php$2');
// Category rules
$id_pos = stripos($item_url, '{CATEGORY_ID}');
$title_pos = stripos($item_url, '{CATEGORY_NAME}');
$cat_pos = stripos($item_url, '{CATEGORIES');
$param_pos = 1;
if ($title_pos !== false && $id_pos > $title_pos) {
$param_pos++;
}
if ($cat_pos !== false && $id_pos > $cat_pos) {
$param_pos++;
}
$rewrite->addRule('^' . str_replace('{CATEGORIES}', '(.+)', str_replace('{CATEGORY_NAME}', '([^/]+)', str_replace('{CATEGORY_ID}', '([0-9]+)', $cat_url))) . '/([0-9]+)$', 'index.php?page=search&sCategory=$' . $param_pos . '&iPage=$' . ($param_pos + 1));
$rewrite->addRule('^' . str_replace('{CATEGORIES}', '(.+)', str_replace('{CATEGORY_NAME}', '([^/]+)', str_replace('{CATEGORY_ID}', '([0-9]+)', $cat_url))) . '/?$', 'index.php?page=search&sCategory=$' . $param_pos);
$rewrite->addRule('^(.+)/([0-9]+)$', 'index.php?page=search&iPage=$2');
$rewrite->addRule('^(.+)$', 'index.php?page=search');
osc_run_hook("after_rewrite_rules", array(&$rewrite));
//Write rule to DB
$rewrite->setRules();
osc_set_preference('seo_url_search_prefix', rtrim(Params::getParam('seo_url_search_prefix'), '/'));
$msg_error = '<br/>' . _m('All fields are required.') . " " . sprintf(_mn('One field was not updated', '%s fields were not updated', $errors), $errors);
switch ($status) {
case 1:
$msg = _m("Permalinks structure updated");
if ($errors > 0) {
$msg .= $msg_error;
osc_add_flash_warning_message($msg, 'admin');
} else {
osc_add_flash_ok_message($msg, 'admin');
}
break;
case 2:
$msg = _m("Permalinks structure updated.");
$msg .= " ";
$msg .= _m("However, we can't check if Apache module <b>mod_rewrite</b> is loaded. If you experience some problems with the URLs, you should deactivate <em>Friendly URLs</em>");
if ($errors > 0) {
$msg .= $msg_error;
}
osc_add_flash_warning_message($msg, 'admin');
break;
case 3:
$msg = _m("File <b>.htaccess</b> couldn't be filled out with the right content.");
$msg .= " ";
$msg .= _m("Here's the content you have to add to the <b>.htaccess</b> file. If you can't create the file, please deactivate the <em>Friendly URLs</em> option.");
$msg .= "</p><pre>" . htmlentities($htaccess, ENT_COMPAT, "UTF-8") . '</pre><p>';
if ($errors > 0) {
$msg .= $msg_error;
}
osc_add_flash_error_message($msg, 'admin');
break;
case 4:
$msg = _m("File <b>.htaccess</b> couldn't be filled out with the right content.");
$msg .= " ";
$msg .= _m("Here's the content you have to add to the <b>.htaccess</b> file. If you can't create the file or experience some problems with the URLs, please deactivate the <em>Friendly URLs</em> option.");
$msg .= "</p><pre>" . htmlentities($htaccess, ENT_COMPAT, "UTF-8") . '</pre><p>';
if ($errors > 0) {
$msg .= $msg_error;
}
osc_add_flash_error_message($msg, 'admin');
break;
case 5:
$warning = false;
if (file_exists($htaccess_file)) {
$htaccess_content = file_get_contents($htaccess_file);
if ($htaccess_content != $htaccess) {
$msg = _m("File <b>.htaccess</b> already exists and was not modified.");
$msg .= " ";
$msg .= _m("Here's the content you have to add to the <b>.htaccess</b> file. If you can't modify the file or experience some problems with the URLs, please deactivate the <em>Friendly URLs</em> option.");
$msg .= "</p><pre>" . htmlentities($htaccess, ENT_COMPAT, "UTF-8") . '</pre><p>';
$warning = true;
} else {
$msg = _m("Permalinks structure updated");
}
}
if ($errors > 0) {
$msg .= $msg_error;
}
if ($errors > 0 || $warning) {
osc_add_flash_warning_message($msg, 'admin');
} else {
osc_add_flash_ok_message($msg, 'admin');
}
break;
}
} else {
osc_set_preference('rewriteEnabled', 0);
osc_set_preference('mod_rewrite_loaded', 0);
$deleted = true;
if (file_exists($htaccess_file)) {
$htaccess_content = file_get_contents($htaccess_file);
if ($htaccess_content == $htaccess) {
$deleted = @unlink($htaccess_file);
$same_content = true;
} else {
$deleted = false;
$same_content = false;
}
}
if ($deleted) {
osc_add_flash_ok_message(_m('Friendly URLs successfully deactivated'), 'admin');
} else {
if ($same_content) {
osc_add_flash_warning_message(_m('Friendly URLs deactivated, but .htaccess file could not be deleted. Please, remove it manually'), 'admin');
} else {
osc_add_flash_warning_message(_m('Friendly URLs deactivated, but .htaccess file was modified outside Osclass and was not deleted'), 'admin');
}
}
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=permalinks');
break;
}
}
function doModel()
{
switch ($this->action) {
case 'add':
// caliing add view
$this->doView('languages/add.php');
break;
case 'add_post':
// adding a new language
$filePackage = Params::getFiles('package');
if (isset($filePackage['size']) && $filePackage['size'] != 0) {
$path = osc_translations_path();
(int) ($status = osc_unzip_file($filePackage['tmp_name'], $path));
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The translation folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
if (osc_checkLocales()) {
$msg = _m('The language has been installed correctly');
osc_add_flash_ok_message($msg, 'admin');
} else {
$msg = _m('There was a problem adding the language');
osc_add_flash_error_message($msg, 'admin');
}
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_warning_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=languages&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the language');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'edit':
// editing a language
$sLocale = Params::getParam('id');
if (!preg_match('/.{2}_.{2}/', $sLocale)) {
osc_add_flash_error_message(_m('Language id isn\'t in the correct format'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$aLocale = $this->localeManager->findByPrimaryKey($sLocale);
if (count($aLocale) == 0) {
osc_add_flash_error_message(_m('Language id doesn\'t exist'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$this->_exportVariableToView("aLocale", $aLocale);
$this->doView('languages/frm.php');
break;
case 'edit_post':
// edit language post
$iUpdated = 0;
$languageCode = Params::getParam('pk_c_code');
$enabledWebstie = Params::getParam('b_enabled');
$enabledBackoffice = Params::getParam('b_enabled_bo');
$languageName = Params::getParam('s_name');
$languageShortName = Params::getParam('s_short_name');
$languageDescription = Params::getParam('s_description');
$languageCurrencyFormat = Params::getParam('s_currency_format');
$languageDecPoint = Params::getParam('s_dec_point');
$languageNumDec = Params::getParam('i_num_dec');
$languageThousandsSep = Params::getParam('s_thousands_sep');
$languageDateFormat = Params::getParam('s_date_format');
$languageStopWords = Params::getParam('s_stop_words');
// formatting variables
if (!preg_match('/.{2}_.{2}/', $languageCode)) {
osc_add_flash_error_message(_m('Language id isn\'t in the correct format'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$enabledWebstie = $enabledWebstie != '' ? true : false;
$enabledBackoffice = $enabledBackoffice != '' ? true : false;
$languageName = strip_tags($languageName);
$languageName = trim($languageName);
if ($languageName == '') {
osc_add_flash_error_message(_m('Language name can\'t be empty'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$languageShortName = strip_tags($languageShortName);
$languageShortName = trim($languageShortName);
if ($languageShortName == '') {
osc_add_flash_error_message(_m('Language short name can\'t be empty'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$languageDescription = strip_tags($languageDescription);
$languageDescription = trim($languageDescription);
if ($languageDescription == '') {
osc_add_flash_error_message(_m('Language description can\'t be empty'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$languageCurrencyFormat = strip_tags($languageCurrencyFormat);
$languageCurrencyFormat = trim($languageCurrencyFormat);
$languageDateFormat = strip_tags($languageDateFormat);
$languageDateFormat = trim($languageDateFormat);
$languageStopWords = strip_tags($languageStopWords);
$languageStopWords = trim($languageStopWords);
$array = array('b_enabled' => $enabledWebstie, 'b_enabled_bo' => $enabledBackoffice, 's_name' => $languageName, 's_short_name' => $languageShortName, 's_description' => $languageDescription, 's_currency_format' => $languageCurrencyFormat, 's_dec_point' => $languageDecPoint, 'i_num_dec' => $languageNumDec, 's_thousands_sep' => $languageThousandsSep, 's_date_format' => $languageDateFormat, 's_stop_words' => $languageStopWords);
$iUpdated = $this->localeManager->update($array, array('pk_c_code' => $languageCode));
if ($iUpdated > 0) {
osc_add_flash_ok_message(sprintf(_m('%s has been updated'), $languageShortName), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'enable':
case 'enable_bo':
$default_lang = osc_language();
$id = Params::getParam('id');
$enabled = Params::getParam('enabled');
if ($id) {
if ($action == 'enable' && $default_lang == $id && $enabled == 0) {
osc_add_flash_error_message(sprintf(_m('The language can\'t be disabled because it\'s the default language. You can change modify it in General Settings'), $i), 'admin');
} else {
$msg = $enabled == 1 ? _m('The language has been enabled for the public website') : _m('The language has been disabled for the public website');
$aValues = array('b_enabled' => $enabled);
$this->localeManager->update($aValues, array('pk_c_code' => $id));
}
if ($action == 'enable_bo') {
$msg = $enabled == 1 ? _m('The language has been enabled for the backoffice (oc-admin)') : _m('The language has been disabled for the backoffice (oc-admin)');
$aValues = array('b_enabled_bo' => $enabled);
$this->localeManager->update($aValues, array('pk_c_code' => $id));
}
osc_add_flash_ok_message($msg, 'admin');
} else {
osc_add_flash_error_message(_m('There was a problem updating the language. The language id was lost'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'enable_selected':
$msg = _m('Selected languages have been enabled for the website');
$aValues = array('b_enabled' => 1);
$id = Params::getParam('id');
if ($id != '') {
foreach ($id as $i) {
$this->localeManager->update($aValues, array('pk_c_code' => $i));
}
osc_add_flash_ok_message($msg, 'admin');
} else {
osc_add_flash_error_message(_m('There was a problem updating the languages. The language ids were lost'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'disable_selected':
$msg = _m('Selected languages have been disabled for the website');
$aValues = array('b_enabled' => 0);
$id = Params::getParam('id');
if ($id != '') {
$default_lang = osc_language();
foreach ($id as $i) {
if ($default_lang == $i) {
$msg = _m('The language can\'t be disabled because it\'s the default language. You can change the default language under General Settings in order to disable it');
} else {
$this->localeManager->update($aValues, array('pk_c_code' => $i));
}
}
osc_add_flash_ok_message($msg, 'admin');
} else {
osc_add_flash_error_message(_m('There was a problem updating the languages. The language ids were lost'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'enable_bo_selected':
$msg = _m('Selected languages have been enabled for the backoffice (oc-admin)');
$aValues = array('b_enabled_bo' => 1);
$id = Params::getParam('id');
if ($id != '') {
foreach ($id as $i) {
$this->localeManager->update($aValues, array('pk_c_code' => $i));
}
osc_add_flash_ok_message($msg, 'admin');
} else {
osc_add_flash_error_message(_m('There was a problem updating the languages. The language ids were lost'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'disable_bo_selected':
$msg = _m('Selected languages have been disabled for the backoffice (oc-admin)');
$aValues = array('b_enabled_bo' => 0);
$id = Params::getParam('id');
if ($id != '') {
foreach ($id as $i) {
$this->localeManager->update($aValues, array('pk_c_code' => $i));
}
osc_add_flash_ok_message($msg, 'admin');
} else {
osc_add_flash_error_message(_m('There was a problem updating the languages. The language ids were lost'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'delete':
if (is_array(Params::getParam('id'))) {
$default_lang = osc_language();
foreach (Params::getParam('id') as $code) {
if ($default_lang != $code) {
$this->localeManager->deleteLocale($code);
if (!osc_deleteDir(osc_translations_path() . $code)) {
osc_add_flash_error_message(sprintf(_m('Directory "%s" couldn\'t be removed'), $code), 'admin');
} else {
osc_add_flash_ok_message(sprintf(_m('Directory "%s" has been successfully removed'), $code), 'admin');
}
} else {
osc_add_flash_error_message(sprintf(_m('Directory "%s" couldn\'t be removed because it\'s the default language. Set another language as default first and try again'), $code), 'admin');
}
}
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
default:
$locales = OSCLocale::newInstance()->listAll();
$this->_exportVariableToView("locales", $locales);
$this->doView('languages/index.php');
break;
}
}
function doModel()
{
switch ($this->action) {
case 'comments':
//calling the comments settings view
$this->doView('settings/comments.php');
break;
case 'comments_post':
// updating comment
$iUpdated = 0;
$enabledComments = Params::getParam('enabled_comments');
$enabledComments = $enabledComments != '' ? true : false;
$moderateComments = Params::getParam('moderate_comments');
$moderateComments = $moderateComments != '' ? true : false;
$numModerateComments = Params::getParam('num_moderate_comments');
$commentsPerPage = Params::getParam('comments_per_page');
$notifyNewComment = Params::getParam('notify_new_comment');
$notifyNewComment = $notifyNewComment != '' ? true : false;
$notifyNewCommentUser = Params::getParam('notify_new_comment_user');
$notifyNewCommentUser = $notifyNewCommentUser != '' ? true : false;
$regUserPostComments = Params::getParam('reg_user_post_comments');
$regUserPostComments = $regUserPostComments != '' ? true : false;
$msg = '';
if (!osc_validate_int(Params::getParam("num_moderate_comments"))) {
$msg .= _m("Number of moderate comments must only contain numeric characters") . "<br/>";
}
if (!osc_validate_int(Params::getParam("comments_per_page"))) {
$msg .= _m("Comments per page must only contain numeric characters") . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=comments');
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $enabledComments), array('s_name' => 'enabled_comments'));
if ($moderateComments) {
$iUpdated += Preference::newInstance()->update(array('s_value' => $numModerateComments), array('s_name' => 'moderate_comments'));
} else {
$iUpdated += Preference::newInstance()->update(array('s_value' => '-1'), array('s_name' => 'moderate_comments'));
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewComment), array('s_name' => 'notify_new_comment'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewCommentUser), array('s_name' => 'notify_new_comment_user'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $commentsPerPage), array('s_name' => 'comments_per_page'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $regUserPostComments), array('s_name' => 'reg_user_post_comments'));
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m("Comment settings have been updated"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=comments');
break;
case 'locations':
// calling the locations settings view
$location_action = Params::getParam('type');
$mCountries = new Country();
switch ($location_action) {
case 'add_country':
// add country
$countryCode = strtoupper(Params::getParam('c_country'));
$countryName = Params::getParam('country');
$exists = $mCountries->findByCode($countryCode);
if (isset($exists['s_name'])) {
osc_add_flash_error_message(sprintf(_m('%s already was in the database'), $countryName), 'admin');
} else {
$countries_json = osc_file_get_contents('http://geo.osclass.org/geo.download.php?action=country_code&term=' . urlencode($countryCode));
$countries = json_decode($countries_json);
$mCountries->insert(array('pk_c_code' => $countryCode, 's_name' => $countryName));
CountryStats::newInstance()->setNumItems($countryCode, 0);
if (isset($countries->error)) {
// Country is not in our GEO database
// We have no region for user-typed countries
} else {
// Country is in our GEO database, add regions and cities
$manager_region = new Region();
$regions_json = osc_file_get_contents('http://geo.osclass.org/geo.download.php?action=region&country_code=' . urlencode($countryCode) . '&term=all');
$regions = json_decode($regions_json);
if (!isset($regions->error)) {
if (count($regions) > 0) {
foreach ($regions as $r) {
$manager_region->insert(array("fk_c_country_code" => $r->country_code, "s_name" => $r->name));
$id = $manager_region->dao->insertedId();
RegionStats::newInstance()->setNumItems($id, 0);
}
}
unset($regions);
unset($regions_json);
$manager_city = new City();
if (count($countries) > 0) {
foreach ($countries as $c) {
$regions = $manager_region->findByCountry($c->id);
if (!isset($regions->error)) {
if (count($regions) > 0) {
foreach ($regions as $region) {
$cities_json = osc_file_get_contents('http://geo.osclass.org/geo.download.php?action=city&country=' . urlencode($c->name) . '®ion=' . urlencode($region['s_name']) . '&term=all');
$cities = json_decode($cities_json);
if (!isset($cities->error)) {
if (count($cities) > 0) {
foreach ($cities as $ci) {
$manager_city->insert(array("fk_i_region_id" => $region['pk_i_id'], "s_name" => $ci->name, "fk_c_country_code" => $ci->country_code));
$id = $manager_city->dao->insertedId();
CityStats::newInstance()->setNumItems($id, 0);
}
}
}
unset($cities);
unset($cities_json);
}
}
}
}
}
}
}
osc_add_flash_ok_message(sprintf(_m('%s has been added as a new country'), $countryName), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=locations');
break;
case 'edit_country':
// edit country
$ok = $mCountries->update(array('s_name' => Params::getParam('e_country')), array('pk_c_code' => Params::getParam('country_code')));
if ($ok) {
osc_add_flash_ok_message(_m('Country has been edited'), 'admin');
} else {
osc_add_flash_error_message(_m('There were some problems editing the country'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=locations');
break;
case 'delete_country':
// delete country
$countryId = Params::getParam('id');
Item::newInstance()->deleteByRegion($countryId);
$mRegions = new Region();
$mCities = new City();
$aCountries = $mCountries->findByCode($countryId);
$aRegions = $mRegions->findByCountry($aCountries['pk_c_code']);
foreach ($aRegions as $region) {
// remove city_stats
CityStats::newInstance()->deleteByRegion($region['pk_i_id']);
// remove region_stats
RegionStats::newInstance()->delete(array('fk_i_region_id' => $region['pk_i_id']));
}
//remove country stats
CountryStats::newInstance()->delete(array('fk_c_country_code' => $aCountries['pk_c_code']));
$ok = $mCountries->deleteByPrimaryKey($aCountries['pk_c_code']);
if ($ok) {
osc_add_flash_ok_message(sprintf(_m('%s has been deleted'), $aCountries['s_name']), 'admin');
} else {
osc_add_flash_error_message(sprintf(_m('There was a problem deleting %s'), $aCountries['s_name']), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=locations');
break;
case 'add_region':
// add region
if (!Params::getParam('r_manual')) {
$this->install_location_by_region();
} else {
$mRegions = new Region();
$regionName = Params::getParam('region');
$countryCode = Params::getParam('country_c_parent');
$country = Country::newInstance()->findByCode($countryCode);
$exists = $mRegions->findByName($regionName, $countryCode);
if (!isset($exists['s_name'])) {
$data = array('fk_c_country_code' => $countryCode, 's_name' => $regionName);
$mRegions->insert($data);
$id = $mRegions->dao->insertedId();
RegionStats::newInstance()->setNumItems($id, 0);
osc_add_flash_ok_message(sprintf(_m('%s has been added as a new region'), $regionName), 'admin');
} else {
osc_add_flash_error_message(sprintf(_m('%s already was in the database'), $regionName), 'admin');
}
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=locations&country_code=' . @$countryCode . "&country=" . @$country['s_name']);
break;
case 'edit_region':
// edit region
$mRegions = new Region();
$newRegion = Params::getParam('e_region');
$regionId = Params::getParam('region_id');
$exists = $mRegions->findByName($newRegion);
if (!isset($exists['pk_i_id']) || $exists['pk_i_id'] == $regionId) {
if ($regionId != '') {
$aRegion = $mRegions->findByPrimaryKey($regionId);
$country = Country::newInstance()->findByCode($aRegion['fk_c_country_code']);
$mRegions->update(array('s_name' => $newRegion), array('pk_i_id' => $regionId));
ItemLocation::newInstance()->update(array('s_region' => $newRegion), array('fk_i_region_id' => $regionId));
osc_add_flash_ok_message(sprintf(_m('%s has been edited'), $newRegion), 'admin');
}
} else {
osc_add_flash_error_message(sprintf(_m('%s already was in the database'), $newRegion), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=locations&country_code=' . @$country['pk_c_code'] . "&country=" . @$country['s_name']);
break;
case 'delete_region':
// delete region
$mRegion = new Region();
$mCities = new City();
$regionId = Params::getParam('id');
if ($regionId != '') {
Item::newInstance()->deleteByRegion($regionId);
$aRegion = $mRegion->findByPrimaryKey($regionId);
$country = Country::newInstance()->findByCode($aRegion['fk_c_country_code']);
// remove city_stats
CityStats::newInstance()->deleteByRegion($regionId);
$mCities->delete(array('fk_i_region_id' => $regionId));
// remove region_stats
RegionStats::newInstance()->delete(array('fk_i_region_id' => $regionId));
$mRegion->delete(array('pk_i_id' => $regionId));
osc_add_flash_ok_message(sprintf(_m('%s has been deleted'), $aRegion['s_name']), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=locations&country_code=' . @$country['pk_c_code'] . "&country=" . @$country['s_name']);
break;
case 'add_city':
// add city
$mRegion = new Region();
$mCities = new City();
$regionId = Params::getParam('region_parent');
$countryCode = Params::getParam('country_c_parent');
$newCity = Params::getParam('city');
$exists = $mCities->findByName($newCity, $regionId);
$region = $mRegion->findByPrimaryKey($regionId);
$country = Country::newInstance()->findByCode($region['fk_c_country_code']);
if (!isset($exists['s_name'])) {
$mCities->insert(array('fk_i_region_id' => $regionId, 's_name' => $newCity, 'fk_c_country_code' => $countryCode));
$id = $mCities->dao->insertedId();
CityStats::newInstance()->setNumItems($id, 0);
osc_add_flash_ok_message(sprintf(_m('%s has been added as a new city'), $newCity), 'admin');
} else {
osc_add_flash_error_message(sprintf(_m('%s already was in the database'), $newCity), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=locations&country_code=' . @$country['pk_c_code'] . "&country=" . @$country['s_name'] . "®ion=" . $regionId);
break;
case 'edit_city':
// edit city
$mRegion = new Region();
$mCities = new City();
$newCity = Params::getParam('e_city');
$cityId = Params::getParam('city_id');
$exists = $mCities->findByName($newCity);
if (!isset($exists['pk_i_id']) || $exists['pk_i_id'] == $cityId) {
$city = $mCities->findByPrimaryKey($cityId);
$region = $mRegion->findByPrimaryKey($city['fk_i_region_id']);
$country = Country::newInstance()->findByCode($region['fk_c_country_code']);
$mCities->update(array('s_name' => $newCity), array('pk_i_id' => $cityId));
ItemLocation::newInstance()->update(array('s_city' => $newCity), array('fk_i_city_id' => $cityId));
osc_add_flash_ok_message(sprintf(_m('%s has been edited'), $newCity), 'admin');
} else {
osc_add_flash_error_message(sprintf(_m('%s already was in the database'), $newCity), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=locations&country_code=' . @$country['pk_c_code'] . "&country=" . @$country['s_name'] . "®ion=" . @$region['pk_i_id']);
break;
case 'delete_city':
// delete city
$mRegion = new Region();
$mCities = new City();
$cityId = Params::getParam('id');
Item::newInstance()->deleteByCity($cityId);
$aCity = $mCities->findByPrimaryKey($cityId);
// remove region_stats
$region = $mRegion->findByPrimaryKey($aCity['fk_i_region_id']);
$country = Country::newInstance()->findByCode($region['fk_c_country_code']);
CityStats::newInstance()->delete(array('fk_i_city_id' => $cityId));
$mCities->delete(array('pk_i_id' => $cityId));
osc_add_flash_ok_message(sprintf(_m('%s has been deleted'), $aCity['s_name']), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=locations&country_code=' . @$country['pk_c_code'] . "&country=" . @$country['s_name'] . "®ion=" . @$region['pk_i_id']);
break;
}
$aCountries = $mCountries->listAll();
$this->_exportVariableToView('aCountries', $aCountries);
$this->doView('settings/locations.php');
break;
case 'permalinks':
// calling the permalinks view
$htaccess = Params::getParam('htaccess_status');
$file = Params::getParam('file_status');
$this->_exportVariableToView('htaccess', $htaccess);
$this->_exportVariableToView('file', $file);
$this->doView('settings/permalinks.php');
break;
case 'permalinks_post':
// updating permalinks option
$htaccess_file = osc_base_path() . '.htaccess';
$rewriteEnabled = Params::getParam('rewrite_enabled') ? true : false;
if ($rewriteEnabled) {
Preference::newInstance()->update(array('s_value' => '1'), array('s_name' => 'rewriteEnabled'));
$rewrite_base = REL_WEB_URL;
$htaccess = <<<HTACCESS
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase {$rewrite_base}
RewriteRule ^index\\.php\$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . {$rewrite_base}index.php [L]
</IfModule>
HTACCESS;
// 1. OK (ok)
// 2. OK no apache module detected (warning)
// 3. No se puede crear + apache
// 4. No se puede crear + no apache
$status = 3;
if (file_exists($htaccess_file)) {
if (is_writable($htaccess_file) && file_put_contents($htaccess_file, $htaccess)) {
$status = 1;
}
} else {
if (is_writable(osc_base_path()) && file_put_contents($htaccess_file, $htaccess)) {
$status = 1;
}
}
if (!@apache_mod_loaded('mod_rewrite')) {
$status++;
}
$errors = 0;
$item_url = substr(str_replace('//', '/', Params::getParam('rewrite_item_url') . '/'), 0, -1);
if (!osc_validate_text($item_url)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $item_url), array('s_name' => 'rewrite_item_url'));
}
$page_url = substr(str_replace('//', '/', Params::getParam('rewrite_page_url') . '/'), 0, -1);
if (!osc_validate_text($page_url)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $page_url), array('s_name' => 'rewrite_page_url'));
}
$cat_url = substr(str_replace('//', '/', Params::getParam('rewrite_cat_url') . '/'), 0, -1);
if (!osc_validate_text($cat_url)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $cat_url), array('s_name' => 'rewrite_cat_url'));
}
$search_url = substr(str_replace('//', '/', Params::getParam('rewrite_search_url') . '/'), 0, -1);
if (!osc_validate_text($search_url)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $search_url), array('s_name' => 'rewrite_search_url'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_country'))) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => Params::getParam('rewrite_search_country')), array('s_name' => 'rewrite_search_country'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_region'))) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => Params::getParam('rewrite_search_region')), array('s_name' => 'rewrite_search_region'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_city'))) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => Params::getParam('rewrite_search_city')), array('s_name' => 'rewrite_search_city'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_city_area'))) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => Params::getParam('rewrite_search_city_area')), array('s_name' => 'rewrite_search_city_area'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_category'))) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => Params::getParam('rewrite_search_category')), array('s_name' => 'rewrite_search_category'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_user'))) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => Params::getParam('rewrite_search_user')), array('s_name' => 'rewrite_search_user'));
}
if (!osc_validate_text(Params::getParam('rewrite_search_pattern'))) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => Params::getParam('rewrite_search_pattern')), array('s_name' => 'rewrite_search_pattern'));
}
$rewrite_contact = substr(str_replace('//', '/', Params::getParam('rewrite_contact') . '/'), 0, -1);
if (!osc_validate_text($rewrite_contact)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_contact), array('s_name' => 'rewrite_contact'));
}
$rewrite_feed = substr(str_replace('//', '/', Params::getParam('rewrite_feed') . '/'), 0, -1);
if (!osc_validate_text($rewrite_feed)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_feed), array('s_name' => 'rewrite_feed'));
}
$rewrite_language = substr(str_replace('//', '/', Params::getParam('rewrite_language') . '/'), 0, -1);
if (!osc_validate_text($rewrite_language)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_language), array('s_name' => 'rewrite_language'));
}
$rewrite_item_mark = substr(str_replace('//', '/', Params::getParam('rewrite_item_mark') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_mark)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_item_mark), array('s_name' => 'rewrite_item_mark'));
}
$rewrite_item_send_friend = substr(str_replace('//', '/', Params::getParam('rewrite_item_send_friend') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_send_friend)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_item_send_friend), array('s_name' => 'rewrite_item_send_friend'));
}
$rewrite_item_contact = substr(str_replace('//', '/', Params::getParam('rewrite_item_contact') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_contact)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_item_contact), array('s_name' => 'rewrite_item_contact'));
}
$rewrite_item_new = substr(str_replace('//', '/', Params::getParam('rewrite_item_new') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_new)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_item_new), array('s_name' => 'rewrite_item_new'));
}
$rewrite_item_activate = substr(str_replace('//', '/', Params::getParam('rewrite_item_activate') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_activate)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_item_activate), array('s_name' => 'rewrite_item_activate'));
}
$rewrite_item_edit = substr(str_replace('//', '/', Params::getParam('rewrite_item_edit') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_edit)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_item_edit), array('s_name' => 'rewrite_item_edit'));
}
$rewrite_item_delete = substr(str_replace('//', '/', Params::getParam('rewrite_item_delete') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_delete)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_item_delete), array('s_name' => 'rewrite_item_delete'));
}
$rewrite_item_resource_delete = substr(str_replace('//', '/', Params::getParam('rewrite_item_resource_delete') . '/'), 0, -1);
if (!osc_validate_text($rewrite_item_resource_delete)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_item_resource_delete), array('s_name' => 'rewrite_item_resource_delete'));
}
$rewrite_user_login = substr(str_replace('//', '/', Params::getParam('rewrite_user_login') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_login)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_login), array('s_name' => 'rewrite_user_login'));
}
$rewrite_user_dashboard = substr(str_replace('//', '/', Params::getParam('rewrite_user_dashboard') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_dashboard)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_dashboard), array('s_name' => 'rewrite_user_dashboard'));
}
$rewrite_user_logout = substr(str_replace('//', '/', Params::getParam('rewrite_user_logout') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_logout)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_logout), array('s_name' => 'rewrite_user_logout'));
}
$rewrite_user_register = substr(str_replace('//', '/', Params::getParam('rewrite_user_register') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_register)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_register), array('s_name' => 'rewrite_user_register'));
}
$rewrite_user_activate = substr(str_replace('//', '/', Params::getParam('rewrite_user_activate') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_activate)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_activate), array('s_name' => 'rewrite_user_activate'));
}
$rewrite_user_activate_alert = substr(str_replace('//', '/', Params::getParam('rewrite_user_activate_alert') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_activate_alert)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_activate_alert), array('s_name' => 'rewrite_user_activate_alert'));
}
$rewrite_user_profile = substr(str_replace('//', '/', Params::getParam('rewrite_user_profile') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_profile)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_profile), array('s_name' => 'rewrite_user_profile'));
}
$rewrite_user_items = substr(str_replace('//', '/', Params::getParam('rewrite_user_items') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_items)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_items), array('s_name' => 'rewrite_user_items'));
}
$rewrite_user_alerts = substr(str_replace('//', '/', Params::getParam('rewrite_user_alerts') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_alerts)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_alerts), array('s_name' => 'rewrite_user_alerts'));
}
$rewrite_user_recover = substr(str_replace('//', '/', Params::getParam('rewrite_user_recover') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_recover)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_recover), array('s_name' => 'rewrite_user_recover'));
}
$rewrite_user_forgot = substr(str_replace('//', '/', Params::getParam('rewrite_user_forgot') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_forgot)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_forgot), array('s_name' => 'rewrite_user_forgot'));
}
$rewrite_user_change_password = substr(str_replace('//', '/', Params::getParam('rewrite_user_change_password') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_change_password)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_change_password), array('s_name' => 'rewrite_user_change_password'));
}
$rewrite_user_change_email = substr(str_replace('//', '/', Params::getParam('rewrite_user_change_email') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_change_email)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_change_email), array('s_name' => 'rewrite_user_change_email'));
}
$rewrite_user_change_email_confirm = substr(str_replace('//', '/', Params::getParam('rewrite_user_change_email_confirm') . '/'), 0, -1);
if (!osc_validate_text($rewrite_user_change_email_confirm)) {
$errors += 1;
} else {
Preference::newInstance()->update(array('s_value' => $rewrite_user_change_email_confirm), array('s_name' => 'rewrite_user_change_email_confirm'));
}
osc_reset_preferences();
$rewrite = Rewrite::newInstance();
osc_run_hook("before_rewrite_rules", array(&$rewrite));
$rewrite->clearRules();
/*****************************
********* Add rules *********
*****************************/
// Contact rules
$rewrite->addRule('^' . osc_get_preference('rewrite_contact') . '/?$', 'index.php?page=contact');
// Feed rules
$rewrite->addRule('^' . osc_get_preference('rewrite_feed') . '/?$', 'index.php?page=search&sFeed=rss');
$rewrite->addRule('^' . osc_get_preference('rewrite_feed') . '/(.+)/?$', 'index.php?page=search&sFeed=$1');
// Language rules
$rewrite->addRule('^' . osc_get_preference('rewrite_language') . '/(.*?)/?$', 'index.php?page=language&locale=$1');
// Search rules
$rewrite->addRule('^' . $search_url . '$', 'index.php?page=search');
$rewrite->addRule('^' . $search_url . '/(.*)$', 'index.php?page=search&sParams=$1');
// Item rules
$rewrite->addRule('^' . osc_get_preference('rewrite_item_mark') . '/(.*?)/([0-9]+)/?$', 'index.php?page=item&action=mark&as=$1&id=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_send_friend') . '/([0-9]+)/?$', 'index.php?page=item&action=send_friend&id=$1');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_contact') . '/([0-9]+)/?$', 'index.php?page=item&action=contact&id=$1');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_new') . '/?$', 'index.php?page=item&action=item_add');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_new') . '/([0-9]+)/?$', 'index.php?page=item&action=item_add&catId=$1');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_activate') . '/([0-9]+)/(.*?)/?$', 'index.php?page=item&action=activate&id=$1&secret=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_edit') . '/([0-9]+)/(.*?)/?$', 'index.php?page=item&action=item_edit&id=$1&secret=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_delete') . '/([0-9]+)/(.*?)/?$', 'index.php?page=item&action=item_delete&id=$1&secret=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_item_resource_delete') . '/([0-9]+)/([0-9]+)/([0-9A-Za-z]+)/?(.*?)/?$', 'index.php?page=item&action=deleteResource&id=$1&item=$2&code=$3&secret=$4');
// Item rules
$id_pos = stripos($item_url, '{ITEM_ID}');
$title_pos = stripos($item_url, '{ITEM_TITLE}');
$cat_pos = stripos($item_url, '{CATEGORIES');
$param_pos = 1;
if ($title_pos !== false && $id_pos > $title_pos) {
$param_pos++;
}
if ($cat_pos !== false && $id_pos > $cat_pos) {
$param_pos++;
}
$comments_pos = 1;
if ($id_pos !== false) {
$comments_pos++;
}
if ($title_pos !== false) {
$comments_pos++;
}
if ($cat_pos !== false) {
$comments_pos++;
}
$rewrite->addRule('^' . str_replace('{ITEM_CITY}', '.*', str_replace('{CATEGORIES}', '.*', str_replace('{ITEM_TITLE}', '.*', str_replace('{ITEM_ID}', '([0-9]+)', $item_url . '\\?comments-page=([0-9al]*)')))) . '$', 'index.php?page=item&id=$1&comments-page=$2');
$rewrite->addRule('^([a-z]{2})_([A-Z]{2})/' . str_replace('{ITEM_CITY}', '.*', str_replace('{CATEGORIES}', '.*', str_replace('{ITEM_TITLE}', '.*', str_replace('{ITEM_ID}', '([0-9]+)', $item_url . '\\?comments-page=([0-9al]*)')))) . '$', 'index.php?page=item&id=$3&lang=$1_$2&comments-page=$4');
$rewrite->addRule('^' . str_replace('{ITEM_CITY}', '.*', str_replace('{CATEGORIES}', '.*', str_replace('{ITEM_TITLE}', '.*', str_replace('{ITEM_ID}', '([0-9]+)', $item_url)))) . '$', 'index.php?page=item&id=$1');
$rewrite->addRule('^([a-z]{2})_([A-Z]{2})/' . str_replace('{ITEM_CITY}', '.*', str_replace('{CATEGORIES}', '.*', str_replace('{ITEM_TITLE}', '.*', str_replace('{ITEM_ID}', '([0-9]+)', $item_url)))) . '$', 'index.php?page=item&id=$3&lang=$1_$2');
// User rules
$rewrite->addRule('^' . osc_get_preference('rewrite_user_login') . '/?$', 'index.php?page=login');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_dashboard') . '/?$', 'index.php?page=user&action=dashboard');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_logout') . '/?$', 'index.php?page=main&action=logout');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_register') . '/?$', 'index.php?page=register&action=register');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_activate') . '/([0-9]+)/(.*?)/?$', 'index.php?page=register&action=validate&id=$1&code=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_activate_alert') . '/([a-zA-Z0-9]+)/(.+)$', 'index.php?page=user&action=activate_alert&email=$2&secret=$1');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_profile') . '/?$', 'index.php?page=user&action=profile');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_profile') . '/([0-9]+)/?$', 'index.php?page=user&action=pub_profile&id=$1');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_items') . '/?$', 'index.php?page=user&action=items');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_alerts') . '/?$', 'index.php?page=user&action=alerts');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_recover') . '/?$', 'index.php?page=login&action=recover');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_forgot') . '/([0-9]+)/(.*)/?$', 'index.php?page=login&action=forgot&userId=$1&code=$2');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_change_password') . '/?$', 'index.php?page=user&action=change_password');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_change_email') . '/?$', 'index.php?page=user&action=change_email');
$rewrite->addRule('^' . osc_get_preference('rewrite_user_change_email_confirm') . '/([0-9]+)/(.*?)/?$', 'index.php?page=user&action=change_email_confirm&userId=$1&code=$2');
// Page rules
$pos_pID = stripos($page_url, '{PAGE_ID}');
$pos_pSlug = stripos($page_url, '{PAGE_SLUG}');
$pID_pos = 1;
$pSlug_pos = 1;
if (is_numeric($pos_pID) && is_numeric($pos_pSlug)) {
// set the order of the parameters
if ($pos_pID > $pos_pSlug) {
$pID_pos++;
} else {
$pSlug_pos++;
}
$rewrite->addRule('^' . str_replace('{PAGE_SLUG}', '([\\p{L}\\p{N}_\\-,]+)', str_replace('{PAGE_ID}', '([0-9]+)', $page_url)) . '/?$', 'index.php?page=page&id=$' . $pID_pos . "&slug=\$" . $pSlug_pos);
$rewrite->addRule('^([a-z]{2})_([A-Z]{2})/' . str_replace('{PAGE_SLUG}', '([\\p{L}\\p{N}_\\-,]+)', str_replace('{PAGE_ID}', '([0-9]+)', $page_url)) . '/?$', 'index.php?page=page&lang=$1_$2&id=$' . ($pID_pos + 2) . '&slug=$' . ($pSlug_pos + 2));
} else {
if (is_numeric($pos_pID)) {
$rewrite->addRule('^' . str_replace('{PAGE_ID}', '([0-9]+)', $page_url) . '/?$', 'index.php?page=page&id=$1');
$rewrite->addRule('^([a-z]{2})_([A-Z]{2})/' . str_replace('{PAGE_ID}', '([0-9]+)', $page_url) . '/?$', 'index.php?page=page&lang=$1_$2&id=$3');
} else {
$rewrite->addRule('^' . str_replace('{PAGE_SLUG}', '([\\p{L}\\p{N}_\\-,]+)', $page_url) . '/?$', 'index.php?page=page&slug=$1');
$rewrite->addRule('^([a-z]{2})_([A-Z]{2})/' . str_replace('{PAGE_SLUG}', '([\\p{L}\\p{N}_\\-,]+)', $page_url) . '/?$', 'index.php?page=page&lang=$1_$2&slug=$3');
}
}
// Clean archive files
$rewrite->addRule('^(.+?)\\.php(.*)$', '$1.php$2');
// Category rules
$id_pos = stripos($item_url, '{CATEGORY_ID}');
$title_pos = stripos($item_url, '{CATEGORY_SLUG}');
$cat_pos = stripos($item_url, '{CATEGORIES');
$param_pos = 1;
if ($title_pos !== false && $id_pos > $title_pos) {
$param_pos++;
}
if ($cat_pos !== false && $id_pos > $cat_pos) {
$param_pos++;
}
$rewrite->addRule('^' . str_replace('{CATEGORIES}', '(.+)', str_replace('{CATEGORY_SLUG}', '([^/]+)', str_replace('{CATEGORY_ID}', '([0-9]+)', $cat_url))) . '$', 'index.php?page=search&sCategory=$' . $param_pos);
osc_run_hook("after_rewrite_rules", array(&$rewrite));
//Write rule to DB
$rewrite->setRules();
$msg_error = '<br/>' . _m('All fields are required.') . " " . sprintf(_mn('One field was not updated', '%s fields were not updated', $errors), $errors);
switch ($status) {
case 1:
$msg = _m("Permalinks structure updated");
if ($errors > 0) {
$msg .= $msg_error;
osc_add_flash_warning_message($msg, 'admin');
} else {
osc_add_flash_ok_message($msg, 'admin');
}
break;
case 2:
$msg = _m("Permalinks structure updated.");
$msg .= " ";
$msg .= _m("However, we can't check if Apache module <b>mod_rewrite</b> is loaded. If you experience some problems with the URLs, you should deactivate <em>Friendly URLs</em>");
if ($errors > 0) {
$msg .= $msg_error;
}
osc_add_flash_warning_message($msg, 'admin');
break;
case 3:
$msg = _m("File <b>.htaccess</b> couldn't be filled out with the right content.");
$msg .= " ";
$msg .= _m("Here's the content you have to add to the <b>.htaccess</b> file. If you can't create the file, please deactivate the <em>Friendly URLs</em> option.");
$msg .= "</p><pre>" . htmlentities($htaccess, ENT_COMPAT, "UTF-8") . '</pre><p>';
if ($errors > 0) {
$msg .= $msg_error;
}
osc_add_flash_error_message($msg, 'admin');
break;
case 4:
$msg = _m("File <b>.htaccess</b> couldn't be filled out with the right content.");
$msg .= " ";
$msg .= _m("Here's the content you have to add to the <b>.htaccess</b> file. If you can't create the file or experience some problems with the URLs, please deactivate the <em>Friendly URLs</em> option.");
$msg .= "</p><pre>" . htmlentities($htaccess, ENT_COMPAT, "UTF-8") . '</pre><p>';
if ($errors > 0) {
$msg .= $msg_error;
}
osc_add_flash_error_message($msg, 'admin');
break;
}
} else {
Preference::newInstance()->update(array('s_value' => '0'), array('s_name' => 'rewriteEnabled'));
Preference::newInstance()->update(array('s_value' => '0'), array('s_name' => 'mod_rewrite_loaded'));
osc_add_flash_ok_message(_m('Friendly URLs successfully deactivated'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=permalinks');
break;
case 'spamNbots':
// calling the spam and bots view
$akismet_key = osc_akismet_key();
$akismet_status = 3;
if ($akismet_key != '') {
require_once osc_lib_path() . 'Akismet.class.php';
$akismet_obj = new Akismet(osc_base_url(), $akismet_key);
$akismet_status = 2;
if ($akismet_obj->isKeyValid()) {
$akismet_status = 1;
}
}
View::newInstance()->_exportVariableToView('akismet_status', $akismet_status);
$this->doView('settings/spamNbots.php');
break;
case 'akismet_post':
// updating spam and bots option
$updated = 0;
$akismetKey = Params::getParam('akismetKey');
$akismetKey = trim($akismetKey);
$updated = Preference::newInstance()->update(array('s_value' => $akismetKey), array('s_name' => 'akismetKey'));
if ($akismetKey == '') {
osc_add_flash_info_message(_m('Your Akismet key has been cleared'), 'admin');
} else {
osc_add_flash_ok_message(_m('Your Akismet key has been updated'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=spamNbots');
break;
case 'recaptcha_post':
// updating spam and bots option
$iUpdated = 0;
$recaptchaPrivKey = Params::getParam('recaptchaPrivKey');
$recaptchaPrivKey = trim($recaptchaPrivKey);
$recaptchaPubKey = Params::getParam('recaptchaPubKey');
$recaptchaPubKey = trim($recaptchaPubKey);
$iUpdated += Preference::newInstance()->update(array('s_value' => $recaptchaPrivKey), array('s_name' => 'recaptchaPrivKey'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $recaptchaPubKey), array('s_name' => 'recaptchaPubKey'));
if ($recaptchaPubKey == '') {
osc_add_flash_info_message(_m('Your reCAPTCHA key has been cleared'), 'admin');
} else {
osc_add_flash_ok_message(_m('Your reCAPTCHA key has been updated'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=spamNbots');
break;
case 'currencies':
// currencies settings
$currencies_action = Params::getParam('type');
switch ($currencies_action) {
case 'add':
// calling add currency view
$aCurrency = array('pk_c_code' => '', 's_name' => '', 's_description' => '');
$this->_exportVariableToView('aCurrency', $aCurrency);
$this->_exportVariableToView('typeForm', 'add_post');
$this->doView('settings/currency_form.php');
break;
case 'add_post':
// adding a new currency
$currencyCode = Params::getParam('pk_c_code');
$currencyName = Params::getParam('s_name');
$currencyDescription = Params::getParam('s_description');
// cleaning parameters
$currencyName = strip_tags($currencyName);
$currencyDescription = strip_tags($currencyDescription);
$currencyCode = strip_tags($currencyCode);
$currencyCode = trim($currencyCode);
if (!preg_match('/^.{1,3}$/', $currencyCode)) {
osc_add_flash_error_message(_m('The currency code is not in the correct format'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
}
$fields = array('pk_c_code' => $currencyCode, 's_name' => $currencyName, 's_description' => $currencyDescription);
$isInserted = Currency::newInstance()->insert($fields);
if ($isInserted) {
osc_add_flash_ok_message(_m('Currency added'), 'admin');
} else {
osc_add_flash_error_message(_m("Currency couldn't be added"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
break;
case 'edit':
// calling edit currency view
$currencyCode = Params::getParam('code');
$currencyCode = strip_tags($currencyCode);
$currencyCode = trim($currencyCode);
if ($currencyCode == '') {
osc_add_flash_warning_message(sprintf(_m("The currency code '%s' doesn't exist"), $currencyCode), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
}
$aCurrency = Currency::newInstance()->findByPrimaryKey($currencyCode);
if (!$aCurrency) {
osc_add_flash_warning_message(sprintf(_m("The currency code '%s' doesn't exist"), $currencyCode), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
}
$this->_exportVariableToView('aCurrency', $aCurrency);
$this->_exportVariableToView('typeForm', 'edit_post');
$this->doView('settings/currency_form.php');
break;
case 'edit_post':
// updating currency
$currencyName = Params::getParam('s_name');
$currencyDescription = Params::getParam('s_description');
$currencyCode = Params::getParam('pk_c_code');
// cleaning parameters
$currencyName = strip_tags($currencyName);
$currencyDescription = strip_tags($currencyDescription);
$currencyCode = strip_tags($currencyCode);
$currencyCode = trim($currencyCode);
if (!preg_match('/.{1,3}/', $currencyCode)) {
osc_add_flash_error_message(_m('Error: the currency code is not in the correct format'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
}
$updated = Currency::newInstance()->update(array('s_name' => $currencyName, 's_description' => $currencyDescription), array('pk_c_code' => $currencyCode));
if ($updated == 1) {
osc_add_flash_ok_message(_m('Currency updated'), 'admin');
} else {
osc_add_flash_info_message(_m('No changes were made'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
break;
case 'delete':
// deleting a currency
$rowChanged = 0;
$aCurrencyCode = Params::getParam('code');
if (!is_array($aCurrencyCode)) {
$aCurrencyCode = array($aCurrencyCode);
}
$msg_current = '';
foreach ($aCurrencyCode as $currencyCode) {
if (preg_match('/.{1,3}/', $currencyCode) && $currencyCode != osc_currency()) {
$rowChanged += Currency::newInstance()->delete(array('pk_c_code' => $currencyCode));
}
// foreign key error
if (Currency::newInstance()->getErrorLevel() == '1451') {
$msg_current .= sprintf('</p><p>' . _m("%s couldn't be deleted because it has listings associated to it"), $currencyCode);
} else {
if ($currencyCode == osc_currency()) {
$msg_current .= sprintf('</p><p>' . _m("%s couldn't be deleted because it's the default currency"), $currencyCode);
}
}
}
$msg = '';
$status = '';
switch ($rowChanged) {
case '0':
$msg = _m('No currencies have been deleted');
$status = 'error';
break;
case '1':
$msg = _m('One currency has been deleted');
$status = 'ok';
break;
default:
$msg = sprintf(_m('%s currencies have been deleted'), $rowChanged);
$status = 'ok';
break;
}
if ($status == 'ok' && $msg_current != '') {
$status = 'warning';
}
switch ($status) {
case 'error':
osc_add_flash_error_message($msg . $msg_current, 'admin');
break;
case 'warning':
osc_add_flash_warning_message($msg . $msg_current, 'admin');
break;
case 'ok':
osc_add_flash_ok_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
break;
default:
// calling the currencies view
$aCurrencies = Currency::newInstance()->listAll();
$this->_exportVariableToView('aCurrencies', $aCurrencies);
$this->doView('settings/currencies.php');
break;
}
break;
case 'mailserver':
// calling the mailserver view
$this->doView('settings/mailserver.php');
break;
case 'mailserver_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=mailserver');
}
// updating mailserver
$iUpdated = 0;
$mailserverAuth = Params::getParam('mailserver_auth');
$mailserverAuth = $mailserverAuth != '' ? true : false;
$mailserverPop = Params::getParam('mailserver_pop');
$mailserverPop = $mailserverPop != '' ? true : false;
$mailserverType = Params::getParam('mailserver_type');
$mailserverHost = Params::getParam('mailserver_host');
$mailserverPort = Params::getParam('mailserver_port');
$mailserverUsername = Params::getParam('mailserver_username');
$mailserverPassword = Params::getParam('mailserver_password');
$mailserverSsl = Params::getParam('mailserver_ssl');
if (!in_array($mailserverType, array('custom', 'gmail'))) {
osc_add_flash_error_message(_m('Mail server type is incorrect'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=mailserver');
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $mailserverAuth), array('s_name' => 'mailserver_auth'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $mailserverPop), array('s_name' => 'mailserver_pop'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $mailserverType), array('s_name' => 'mailserver_type'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $mailserverHost), array('s_name' => 'mailserver_host'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $mailserverPort), array('s_name' => 'mailserver_port'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $mailserverUsername), array('s_name' => 'mailserver_username'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $mailserverPassword), array('s_name' => 'mailserver_password'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $mailserverSsl), array('s_name' => 'mailserver_ssl'));
if ($iUpdated > 0) {
osc_add_flash_ok_message(_m('Mail server configuration has changed'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=mailserver');
break;
case 'media':
// calling the media view
$max_upload = (int) ini_get('upload_max_filesize');
$max_post = (int) ini_get('post_max_size');
$memory_limit = (int) ini_get('memory_limit');
$upload_mb = min($max_upload, $max_post, $memory_limit) * 1024;
$this->_exportVariableToView('max_size_upload', $upload_mb);
$this->doView('settings/media.php');
break;
case 'media_post':
// updating the media config
$status = 'ok';
$error = '';
$iUpdated = 0;
$maxSizeKb = Params::getParam('maxSizeKb');
$allowedExt = Params::getParam('allowedExt');
$dimThumbnail = Params::getParam('dimThumbnail');
$dimPreview = Params::getParam('dimPreview');
$dimNormal = Params::getParam('dimNormal');
$keepOriginalImage = Params::getParam('keep_original_image');
$use_imagick = Params::getParam('use_imagick');
$type_watermark = Params::getParam('watermark_type');
$watermark_color = Params::getParam('watermark_text_color');
$watermark_text = Params::getParam('watermark_text');
switch ($type_watermark) {
case 'none':
$iUpdated += Preference::newInstance()->update(array('s_value' => ''), array('s_name' => 'watermark_text_color'));
$iUpdated += Preference::newInstance()->update(array('s_value' => ''), array('s_name' => 'watermark_text'));
$iUpdated += Preference::newInstance()->update(array('s_value' => ''), array('s_name' => 'watermark_image'));
break;
case 'text':
$iUpdated += Preference::newInstance()->update(array('s_value' => $watermark_color), array('s_name' => 'watermark_text_color'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $watermark_text), array('s_name' => 'watermark_text'));
$iUpdated += Preference::newInstance()->update(array('s_value' => ''), array('s_name' => 'watermark_image'));
$iUpdated += Preference::newInstance()->update(array('s_value' => Params::getParam('watermark_text_place')), array('s_name' => 'watermark_place'));
break;
case 'image':
// upload image & move to path
if ($_FILES['watermark_image']['error'] == UPLOAD_ERR_OK) {
if ($_FILES['watermark_image']['type'] == 'image/png') {
$tmpName = $_FILES['watermark_image']['tmp_name'];
$path = osc_content_path() . 'uploads/watermark.png';
if (move_uploaded_file($tmpName, $path)) {
$iUpdated += Preference::newInstance()->update(array('s_value' => $path), array('s_name' => 'watermark_image'));
} else {
$error .= _m('There was a problem uploading the watermark image') . "<br />";
}
} else {
$error .= _m('The watermark image has to be a .PNG file') . "<br />";
}
} else {
$error .= _m('There was a problem uploading the watermark image') . "<br />";
}
$iUpdated += Preference::newInstance()->update(array('s_value' => ''), array('s_name' => 'watermark_text_color'));
$iUpdated += Preference::newInstance()->update(array('s_value' => ''), array('s_name' => 'watermark_text'));
$iUpdated += Preference::newInstance()->update(array('s_value' => Params::getParam('watermark_image_place')), array('s_name' => 'watermark_place'));
break;
default:
break;
}
// format parameters
$maxSizeKb = strip_tags($maxSizeKb);
$allowedExt = strip_tags($allowedExt);
$dimThumbnail = strip_tags($dimThumbnail);
$dimPreview = strip_tags($dimPreview);
$dimNormal = strip_tags($dimNormal);
$keepOriginalImage = $keepOriginalImage != '' ? true : false;
$use_imagick = $use_imagick != '' ? true : false;
// is imagick extension loaded?
if (!@extension_loaded('imagick')) {
$use_imagick = false;
}
// max size allowed by PHP configuration?
$max_upload = (int) ini_get('upload_max_filesize');
$max_post = (int) ini_get('post_max_size');
$memory_limit = (int) ini_get('memory_limit');
$upload_mb = min($max_upload, $max_post, $memory_limit) * 1024;
// set maxSizeKB equals to PHP configuration if it's bigger
if ($maxSizeKb > $upload_mb) {
$status = 'warning';
$maxSizeKb = $upload_mb;
// flash message text warning
$error .= sprintf(_m("You cannot set a maximum file size higher than the one allowed in the PHP configuration: <b>%d KB</b>"), $upload_mb);
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $maxSizeKb), array('s_name' => 'maxSizeKb'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $allowedExt), array('s_name' => 'allowedExt'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $dimThumbnail), array('s_name' => 'dimThumbnail'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $dimPreview), array('s_name' => 'dimPreview'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $dimNormal), array('s_name' => 'dimNormal'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $keepOriginalImage), array('s_name' => 'keep_original_image'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $use_imagick), array('s_name' => 'use_imagick'));
if ($error != '') {
switch ($status) {
case 'error':
osc_add_flash_error_message($error, 'admin');
break;
case 'warning':
osc_add_flash_warning_message($error, 'admin');
break;
default:
osc_add_flash_ok_message($error, 'admin');
break;
}
} else {
osc_add_flash_ok_message(_m('Media config has been updated'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=media');
break;
case 'images_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=media');
}
$wat = new Watermark();
$aResources = ItemResource::newInstance()->getAllResources();
foreach ($aResources as $resource) {
osc_run_hook('regenerate_image', $resource);
$path = osc_content_path() . 'uploads/';
// comprobar que no haya original
$img_original = $path . $resource['pk_i_id'] . "_original*";
$aImages = glob($img_original);
// there is original image
if (count($aImages) == 1) {
$image_tmp = $aImages[0];
} else {
$img_normal = $path . $resource['pk_i_id'] . ".*";
$aImages = glob($img_normal);
if (count($aImages) == 1) {
$image_tmp = $aImages[0];
} else {
$img_thumbnail = $path . $resource['pk_i_id'] . "_thumbnail*";
$aImages = glob($img_thumbnail);
$image_tmp = $aImages[0];
}
}
// extension
preg_match('/\\.(.*)$/', $image_tmp, $matches);
if (isset($matches[1])) {
$extension = $matches[1];
// Create normal size
$path_normal = $path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '.jpg';
$size = explode('x', osc_normal_dimensions());
ImageResizer::fromFile($image_tmp)->resizeTo($size[0], $size[1])->saveToFile($path);
if (osc_is_watermark_text()) {
$wat->doWatermarkText($path, osc_watermark_text_color(), osc_watermark_text(), 'image/jpeg');
} elseif (osc_is_watermark_image()) {
$wat->doWatermarkImage($path, 'image/jpeg');
}
// Create preview
$path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '_preview.jpg';
$size = explode('x', osc_preview_dimensions());
ImageResizer::fromFile($path_normal)->resizeTo($size[0], $size[1])->saveToFile($path);
// Create thumbnail
$path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '_thumbnail.jpg';
$size = explode('x', osc_thumbnail_dimensions());
ImageResizer::fromFile($path_normal)->resizeTo($size[0], $size[1])->saveToFile($path);
// update resource info
ItemResource::newInstance()->update(array('s_path' => 'oc-content/uploads/', 's_name' => osc_genRandomPassword(), 's_extension' => 'jpg', 's_content_type' => 'image/jpeg'), array('pk_i_id' => $resource['pk_i_id']));
osc_run_hook('regenerated_image', ItemResource::newInstance()->findByPrimaryKey($resource['pk_i_id']));
// si extension es direfente a jpg, eliminar las imagenes con $extension si hay
if ($extension != 'jpg') {
@unlink(osc_content_path() . 'uploads/' . $resource['pk_i_id'] . "." . $extension);
@unlink(osc_content_path() . 'uploads/' . $resource['pk_i_id'] . "_original." . $extension);
@unlink(osc_content_path() . 'uploads/' . $resource['pk_i_id'] . "_preview." . $extension);
@unlink(osc_content_path() . 'uploads/' . $resource['pk_i_id'] . "_thumbnail." . $extension);
}
// ....
} else {
// no es imagen o imagen sin extesión
}
}
osc_add_flash_ok_message(_m('Re-generation complete'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=media');
break;
case 'update':
// update index view
$iUpdated = 0;
$sPageTitle = Params::getParam('pageTitle');
$sPageDesc = Params::getParam('pageDesc');
$sContactEmail = Params::getParam('contactEmail');
$sLanguage = Params::getParam('language');
$sDateFormat = Params::getParam('dateFormat');
$sCurrency = Params::getParam('currency');
$sWeekStart = Params::getParam('weekStart');
$sTimeFormat = Params::getParam('timeFormat');
$sTimezone = Params::getParam('timezone');
$sNumRssItems = Params::getParam('num_rss_items');
$maxLatestItems = Params::getParam('max_latest_items_at_home');
$numItemsSearch = Params::getParam('default_results_per_page');
$contactAttachment = Params::getParam('enabled_attachment');
$selectableParent = Params::getParam('selectable_parent_categories');
$bAutoCron = Params::getParam('auto_cron');
$bMarketSources = Params::getParam('market_external_sources') == 1 ? 1 : 0;
// preparing parameters
$sPageTitle = strip_tags($sPageTitle);
$sPageDesc = strip_tags($sPageDesc);
$sContactEmail = strip_tags($sContactEmail);
$sLanguage = strip_tags($sLanguage);
$sDateFormat = strip_tags($sDateFormat);
$sCurrency = strip_tags($sCurrency);
$sWeekStart = strip_tags($sWeekStart);
$sTimeFormat = strip_tags($sTimeFormat);
$sNumRssItems = (int) strip_tags($sNumRssItems);
$maxLatestItems = (int) strip_tags($maxLatestItems);
$numItemsSearch = (int) $numItemsSearch;
$contactAttachment = $contactAttachment != '' ? true : false;
$bAutoCron = $bAutoCron != '' ? true : false;
$error = "";
$msg = '';
if (!osc_validate_text($sPageTitle)) {
$msg .= _m("Page title field is required") . "<br/>";
}
if (!osc_validate_text($sContactEmail)) {
$msg .= _m("Contact email field is required") . "<br/>";
}
if (!osc_validate_int($sNumRssItems)) {
$msg .= _m("Number of listings in the RSS has to be a numeric value") . "<br/>";
}
if (!osc_validate_int($maxLatestItems)) {
$msg .= _m("Max latest listings has to be a numeric value") . "<br/>";
}
if (!osc_validate_int($numItemsSearch)) {
$msg .= _m("Number of listings on search has to be a numeric value") . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings');
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $sPageTitle), array('s_section' => 'osclass', 's_name' => 'pageTitle'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $sPageDesc), array('s_section' => 'osclass', 's_name' => 'pageDesc'));
if (!defined('DEMO')) {
$iUpdated += Preference::newInstance()->update(array('s_value' => $sContactEmail), array('s_section' => 'osclass', 's_name' => 'contactEmail'));
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $sLanguage), array('s_section' => 'osclass', 's_name' => 'language'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $sDateFormat), array('s_section' => 'osclass', 's_name' => 'dateFormat'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $sCurrency), array('s_section' => 'osclass', 's_name' => 'currency'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $sWeekStart), array('s_section' => 'osclass', 's_name' => 'weekStart'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $sTimeFormat), array('s_section' => 'osclass', 's_name' => 'timeFormat'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $sTimezone), array('s_section' => 'osclass', 's_name' => 'timezone'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $bMarketSources), array('s_section' => 'osclass', 's_name' => 'marketAllowExternalSources'));
if (is_int($sNumRssItems)) {
$iUpdated += Preference::newInstance()->update(array('s_value' => $sNumRssItems), array('s_section' => 'osclass', 's_name' => 'num_rss_items'));
} else {
if ($error != '') {
$error .= "</p><p>";
}
$error .= _m('Number of listings in the RSS must be an integer');
}
if (is_int($maxLatestItems)) {
$iUpdated += Preference::newInstance()->update(array('s_value' => $maxLatestItems), array('s_section' => 'osclass', 's_name' => 'maxLatestItems@home'));
} else {
if ($error != '') {
$error .= "</p><p>";
}
$error .= _m('Number of recent listings displayed at home must be an integer');
}
$iUpdated += Preference::newInstance()->update(array('s_value' => $numItemsSearch), array('s_section' => 'osclass', 's_name' => 'defaultResultsPerPage@search'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $contactAttachment), array('s_name' => 'contact_attachment'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $bAutoCron), array('s_name' => 'auto_cron'));
$iUpdated += Preference::newInstance()->update(array('s_value' => $selectableParent), array('s_name' => 'selectable_parent_categories'));
if ($iUpdated > 0) {
if ($error != '') {
osc_add_flash_error_message($error . "</p><p>" . _m('General settings have been updated'), 'admin');
} else {
osc_add_flash_ok_message(_m('General settings have been updated'), 'admin');
}
} else {
if ($error != '') {
osc_add_flash_error_message($error, 'admin');
}
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings');
break;
case 'check_updates':
osc_admin_toolbar_update_themes(true);
osc_admin_toolbar_update_plugins(true);
osc_add_flash_ok_message(_m('Last check') . ': ' . date("Y-m-d H:i"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings');
break;
case 'latestsearches':
//calling the comments settings view
$this->doView('settings/searches.php');
break;
case 'latestsearches_post':
// updating comment
if (Params::getParam('save_latest_searches') == 'on') {
Preference::newInstance()->update(array('s_value' => 1), array('s_name' => 'save_latest_searches'));
} else {
Preference::newInstance()->update(array('s_value' => 0), array('s_name' => 'save_latest_searches'));
}
if (Params::getParam('customPurge') == '') {
osc_add_flash_error_message(_m('Custom number could not be left empty'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=latestsearches');
} else {
Preference::newInstance()->update(array('s_value' => Params::getParam('customPurge')), array('s_name' => 'purge_latest_searches'));
osc_add_flash_ok_message(_m('Last search settings have been updated'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=latestsearches');
}
break;
default:
// calling the view
$aLanguages = OSCLocale::newInstance()->listAllEnabled();
$aCurrencies = Currency::newInstance()->listAll();
$this->_exportVariableToView('aLanguages', $aLanguages);
$this->_exportVariableToView('aCurrencies', $aCurrencies);
$this->doView('settings/index.php');
break;
}
}
function doModel()
{
switch ($this->action) {
case 'import':
// calling import view
$this->doView('tools/import.php');
break;
case 'import_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=import');
}
// calling
$sql = Params::getFiles('sql');
if (isset($sql['size']) && $sql['size'] != 0) {
$content_file = file_get_contents($sql['tmp_name']);
$conn = DBConnectionClass::newInstance();
$c_db = $conn->getOsclassDb();
$comm = new DBCommandClass($c_db);
if ($comm->importSQL($content_file)) {
osc_add_flash_ok_message(_m('Import complete'), 'admin');
} else {
osc_add_flash_error_message(_m('There was a problem importing data to the database'), 'admin');
}
} else {
osc_add_flash_error_message(_m('No file was uploaded'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=import');
break;
case 'images':
// calling images view
$this->doView('tools/images.php');
break;
case 'images_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=images');
}
$preferences = Preference::newInstance()->toArray();
$wat = new Watermark();
$aResources = ItemResource::newInstance()->getAllResources();
foreach ($aResources as $resource) {
osc_run_hook('regenerate_image', $resource);
$path = osc_content_path() . 'uploads/';
// comprobar que no haya original
$img_original = $path . $resource['pk_i_id'] . "_original*";
$aImages = glob($img_original);
// there is original image
if (count($aImages) == 1) {
$image_tmp = $aImages[0];
} else {
$img_normal = $path . $resource['pk_i_id'] . ".*";
$aImages = glob($img_normal);
if (count($aImages) == 1) {
$image_tmp = $aImages[0];
} else {
$img_thumbnail = $path . $resource['pk_i_id'] . "_thumbnail*";
$aImages = glob($img_thumbnail);
$image_tmp = $aImages[0];
}
}
// extension
preg_match('/\\.(.*)$/', $image_tmp, $matches);
if (isset($matches[1])) {
$extension = $matches[1];
// Create normal size
$path_normal = $path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '.jpg';
$size = explode('x', osc_normal_dimensions());
ImageResizer::fromFile($image_tmp)->resizeTo($size[0], $size[1])->saveToFile($path);
if (osc_is_watermark_text()) {
$wat->doWatermarkText($path, osc_watermark_text_color(), osc_watermark_text(), 'image/jpeg');
} elseif (osc_is_watermark_image()) {
$wat->doWatermarkImage($path, 'image/jpeg');
}
// Create preview
$path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '_preview.jpg';
$size = explode('x', osc_preview_dimensions());
ImageResizer::fromFile($path_normal)->resizeTo($size[0], $size[1])->saveToFile($path);
// Create thumbnail
$path = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . '_thumbnail.jpg';
$size = explode('x', osc_thumbnail_dimensions());
ImageResizer::fromFile($path_normal)->resizeTo($size[0], $size[1])->saveToFile($path);
// update resource info
ItemResource::newInstance()->update(array('s_path' => 'oc-content/uploads/', 's_name' => osc_genRandomPassword(), 's_extension' => 'jpg', 's_content_type' => 'image/jpeg'), array('pk_i_id' => $resource['pk_i_id']));
osc_run_hook('regenerated_image', ItemResource::newInstance()->findByPrimaryKey($resource['pk_i_id']));
// si extension es direfente a jpg, eliminar las imagenes con $extension si hay
if ($extension != 'jpg') {
$files_to_remove = osc_content_path() . 'uploads/' . $resource['pk_i_id'] . "*" . $extension;
$fs = glob($files_to_remove);
if (is_array($fs)) {
array_map("unlink", $fs);
}
}
// ....
} else {
// no es imagen o imagen sin extesión
}
}
osc_add_flash_ok_message(_m('Re-generation complete'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=images');
break;
case 'upgrade':
$this->doView('tools/upgrade.php');
break;
case 'backup':
$this->doView('tools/backup.php');
break;
case 'backup-sql':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
}
//databasse dump...
if (Params::getParam('bck_dir') != '') {
$path = trim(Params::getParam('bck_dir'));
if (substr($path, -1, 1) != "/") {
$path .= '/';
}
} else {
$path = osc_base_path();
}
$filename = 'OSClass_mysqlbackup.' . date('YmdHis') . '.sql';
switch (osc_dbdump($path, $filename)) {
case -1:
$msg = _m('Path is empty');
osc_add_flash_error_message($msg, 'admin');
break;
case -2:
$msg = sprintf(_m('Could not connect with the database. Error: %s'), mysql_error());
osc_add_flash_error_message($msg, 'admin');
break;
case -3:
$msg = sprintf(_m('Could not select the database. Error: %s'), mysql_error());
osc_add_flash_error_message($msg, 'admin');
break;
case -4:
$msg = _m('There are no tables to back up');
osc_add_flash_error_message($msg, 'admin');
break;
case -5:
$msg = _m('The folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
default:
$msg = _m('Backup has been done properly');
osc_add_flash_ok_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
break;
case 'backup-zip':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
}
//zip of the code just to back it up
if (Params::getParam('bck_dir') != '') {
$archive_name = trim(Params::getParam('bck_dir'));
if (substr(trim($archive_name), -1, 1) != "/") {
$archive_name .= '/';
}
$archive_name = Params::getParam('bck_dir') . '/OSClass_backup.' . date('YmdHis') . '.zip';
} else {
$archive_name = osc_base_path() . "OSClass_backup." . date('YmdHis') . ".zip";
}
$archive_folder = osc_base_path();
if (osc_zip_folder($archive_folder, $archive_name)) {
$msg = _m('Archiving successful!');
osc_add_flash_ok_message($msg, 'admin');
} else {
$msg = _m('Error, the zip file was not created at the specified directory');
osc_add_flash_error_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=backup');
break;
case 'backup_post':
$this->doView('tools/backup.php');
break;
case 'maintenance':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->doView('tools/maintenance.php');
break;
}
$mode = Params::getParam('mode');
if ($mode == 'on') {
$maintenance_file = ABS_PATH . '.maintenance';
$fileHandler = @fopen($maintenance_file, 'w');
if ($fileHandler) {
osc_add_flash_ok_message(_m('Maintenance mode is ON'), 'admin');
} else {
osc_add_flash_error_message(_m('There was an error creating .maintenance file, please create it manually at the root folder'), 'admin');
}
fclose($fileHandler);
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=maintenance');
} else {
if ($mode == 'off') {
$deleted = @unlink(ABS_PATH . '.maintenance');
if ($deleted) {
osc_add_flash_ok_message(_m('Maintenance mode is OFF'), 'admin');
} else {
osc_add_flash_error_message(_m('There was an error removing .maintenance file, please remove it manually from the root folder'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=tools&action=maintenance');
}
}
$this->doView('tools/maintenance.php');
break;
default:
}
}
function doModel()
{
switch ($this->action) {
case 'register':
//register user
$this->doView('user-register.php');
break;
case 'register_post':
//register user
osc_csrf_check();
if (!osc_users_enabled()) {
osc_add_flash_error_message(_m('Users are not enabled'));
$this->redirectTo(osc_base_url());
}
osc_run_hook('before_user_register');
$banned = osc_is_banned(Params::getParam('s_email'));
if ($banned == 1) {
osc_add_flash_error_message(_m('Your current email is not allowed'));
$this->redirectTo(osc_register_account_url());
} else {
if ($banned == 2) {
osc_add_flash_error_message(_m('Your current IP is not allowed'));
$this->redirectTo(osc_register_account_url());
}
}
require_once LIB_PATH . 'osclass/UserActions.php';
$userActions = new UserActions(false);
$success = $userActions->add();
switch ($success) {
case 1:
osc_add_flash_ok_message(_m('The user has been created. An activation email has been sent'));
$this->redirectTo(osc_base_url());
break;
case 2:
osc_add_flash_ok_message(_m('Your account has been created successfully'));
$this->doView('user-login.php');
break;
case 3:
osc_add_flash_warning_message(_m('The specified e-mail is already in use'));
$this->doView('user-register.php');
break;
case 4:
osc_add_flash_error_message(_m('The reCAPTCHA was not entered correctly'));
$this->doView('user-register.php');
break;
case 5:
osc_add_flash_warning_message(_m('The email is not valid'));
$this->doView('user-register.php');
break;
case 6:
osc_add_flash_warning_message(_m('The password cannot be empty'));
$this->doView('user-register.php');
break;
case 7:
osc_add_flash_warning_message(_m("Passwords don't match"));
$this->doView('user-register.php');
break;
case 8:
osc_add_flash_warning_message(_m("Username is already taken"));
$this->doView('user-register.php');
break;
case 9:
osc_add_flash_warning_message(_m("The specified username is not valid, it contains some invalid words"));
$this->doView('user-register.php');
break;
}
break;
case 'validate':
//validate account
$id = intval(Params::getParam('id'));
$code = Params::getParam('code');
$userManager = new User();
$user = $userManager->findByIdSecret($id, $code);
if (!$user) {
osc_add_flash_error_message(_m('The link is not valid anymore. Sorry for the inconvenience!'));
$this->redirectTo(osc_base_url());
}
if ($user['b_active'] == 1) {
osc_add_flash_error_message(_m('Your account has already been validated'));
$this->redirectTo(osc_base_url());
}
$userManager = new User();
$userManager->update(array('b_active' => '1'), array('pk_i_id' => $id, 's_secret' => $code));
// Auto-login
Session::newInstance()->_set('userId', $user['pk_i_id']);
Session::newInstance()->_set('userName', $user['s_name']);
Session::newInstance()->_set('userEmail', $user['s_email']);
$phone = $user['s_phone_mobile'] ? $user['s_phone_mobile'] : $user['s_phone_land'];
Session::newInstance()->_set('userPhone', $phone);
osc_run_hook('hook_email_user_registration', $user);
osc_run_hook('validate_user', $user);
osc_add_flash_ok_message(_m('Your account has been validated'));
$this->redirectTo(osc_base_url());
break;
}
}
function doModel()
{
switch ($this->action) {
case 'media':
// calling the media view
$max_upload = (int) ini_get('upload_max_filesize');
$max_post = (int) ini_get('post_max_size');
$memory_limit = (int) ini_get('memory_limit');
$upload_mb = min($max_upload, $max_post, $memory_limit) * 1024;
$this->_exportVariableToView('max_size_upload', $upload_mb);
$this->doView('settings/media.php');
break;
case 'media_post':
// updating the media config
osc_csrf_check();
$status = 'ok';
$error = '';
$iUpdated = 0;
$maxSizeKb = Params::getParam('maxSizeKb');
$dimThumbnail = strtolower(Params::getParam('dimThumbnail'));
$dimPreview = strtolower(Params::getParam('dimPreview'));
$dimNormal = strtolower(Params::getParam('dimNormal'));
$keepOriginalImage = Params::getParam('keep_original_image');
$forceAspectImage = Params::getParam('force_aspect_image');
$forceJPEG = Params::getParam('force_jpeg');
$use_imagick = Params::getParam('use_imagick');
$type_watermark = Params::getParam('watermark_type');
$watermark_color = Params::getParam('watermark_text_color');
$watermark_text = Params::getParam('watermark_text');
switch ($type_watermark) {
case 'none':
$iUpdated += osc_set_preference('watermark_text_color', '');
$iUpdated += osc_set_preference('watermark_text', '');
$iUpdated += osc_set_preference('watermark_image', '');
break;
case 'text':
$iUpdated += osc_set_preference('watermark_text_color', $watermark_color);
$iUpdated += osc_set_preference('watermark_text', $watermark_text);
$iUpdated += osc_set_preference('watermark_image', '');
$iUpdated += osc_set_preference('watermark_place', Params::getParam('watermark_text_place'));
break;
case 'image':
// upload image & move to path
$watermark_file = Params::getFiles('watermark_image');
if ($watermark_file['tmp_name'] != '' && $watermark_file['size'] > 0) {
if ($watermark_file['error'] == UPLOAD_ERR_OK) {
if ($watermark_file['type'] == 'image/png') {
$tmpName = $watermark_file['tmp_name'];
$path = osc_content_path() . 'uploads/watermark.png';
if (move_uploaded_file($tmpName, $path)) {
$iUpdated += osc_set_preference('watermark_image', $path);
} else {
$status = 'error';
$error .= _m('There was a problem uploading the watermark image') . "<br />";
}
} else {
$status = 'error';
$error .= _m('The watermark image has to be a .PNG file') . "<br />";
}
} else {
$status = 'error';
$error .= _m('There was a problem uploading the watermark image') . "<br />";
}
}
$iUpdated += osc_set_preference('watermark_text_color', '');
$iUpdated += osc_set_preference('watermark_text', '');
$iUpdated += osc_set_preference('watermark_place', Params::getParam('watermark_image_place'));
break;
default:
break;
}
// format parameters
$maxSizeKb = trim(strip_tags($maxSizeKb));
$dimThumbnail = trim(strip_tags($dimThumbnail));
$dimPreview = trim(strip_tags($dimPreview));
$dimNormal = trim(strip_tags($dimNormal));
$keepOriginalImage = $keepOriginalImage != '' ? true : false;
$forceAspectImage = $forceAspectImage != '' ? true : false;
$forceJPEG = $forceJPEG != '' ? true : false;
$use_imagick = $use_imagick != '' ? true : false;
if (!preg_match('|([0-9]+)x([0-9]+)|', $dimThumbnail, $match)) {
$dimThumbnail = is_numeric($dimThumbnail) ? $dimThumbnail . "x" . $dimThumbnail : "100x100";
}
if (!preg_match('|([0-9]+)x([0-9]+)|', $dimPreview, $match)) {
$dimPreview = is_numeric($dimPreview) ? $dimPreview . "x" . $dimPreview : "100x100";
}
if (!preg_match('|([0-9]+)x([0-9]+)|', $dimNormal, $match)) {
$dimNormal = is_numeric($dimNormal) ? $dimNormal . "x" . $dimNormal : "100x100";
}
// is imagick extension loaded?
if (!@extension_loaded('imagick')) {
$use_imagick = false;
}
// max size allowed by PHP configuration?
$max_upload = (int) ini_get('upload_max_filesize');
$max_post = (int) ini_get('post_max_size');
$memory_limit = (int) ini_get('memory_limit');
$upload_mb = min($max_upload, $max_post, $memory_limit) * 1024;
// set maxSizeKB equals to PHP configuration if it's bigger
if ($maxSizeKb > $upload_mb) {
$status = 'warning';
$maxSizeKb = $upload_mb;
// flash message text warning
$error .= sprintf(_m("You cannot set a maximum file size higher than the one allowed in the PHP configuration: <b>%d KB</b>"), $upload_mb);
}
$iUpdated += osc_set_preference('maxSizeKb', $maxSizeKb);
$iUpdated += osc_set_preference('dimThumbnail', $dimThumbnail);
$iUpdated += osc_set_preference('dimPreview', $dimPreview);
$iUpdated += osc_set_preference('dimNormal', $dimNormal);
$iUpdated += osc_set_preference('keep_original_image', $keepOriginalImage);
$iUpdated += osc_set_preference('force_aspect_image', $forceAspectImage);
$iUpdated += osc_set_preference('force_jpeg', $forceJPEG);
$iUpdated += osc_set_preference('use_imagick', $use_imagick);
if ($error != '') {
switch ($status) {
case 'error':
osc_add_flash_error_message($error, 'admin');
break;
case 'warning':
osc_add_flash_warning_message($error, 'admin');
break;
default:
osc_add_flash_ok_message($error, 'admin');
break;
}
} else {
osc_add_flash_ok_message(_m('Media config has been updated'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=media');
break;
case 'images_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=media');
}
osc_csrf_check();
$aResources = ItemResource::newInstance()->getAllResources();
foreach ($aResources as $resource) {
osc_run_hook('regenerate_image', $resource);
if (strpos($resource['s_content_type'], 'image') !== false) {
if (file_exists(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "_original." . $resource['s_extension'])) {
$image_tmp = osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "_original." . $resource['s_extension'];
$use_original = true;
} else {
if (file_exists(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "." . $resource['s_extension'])) {
$image_tmp = osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "." . $resource['s_extension'];
$use_original = false;
} else {
if (file_exists(osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "_preview." . $resource['s_extension'])) {
$image_tmp = osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . "_preview." . $resource['s_extension'];
$use_original = false;
} else {
$use_original = false;
continue;
}
}
}
// Create normal size
$path_normal = $path = osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . '.' . $resource['s_extension'];
$size = explode('x', osc_normal_dimensions());
$img = ImageResizer::fromFile($image_tmp)->resizeTo($size[0], $size[1]);
if ($use_original) {
if (osc_is_watermark_text()) {
$img->doWatermarkText(osc_watermark_text(), osc_watermark_text_color());
} elseif (osc_is_watermark_image()) {
$img->doWatermarkImage();
}
}
$img->saveToFile($path);
// Create preview
$path = osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . '_preview.' . $resource['s_extension'];
$size = explode('x', osc_preview_dimensions());
ImageResizer::fromFile($path_normal)->resizeTo($size[0], $size[1])->saveToFile($path);
// Create thumbnail
$path = osc_base_path() . $resource['s_path'] . $resource['pk_i_id'] . '_thumbnail.' . $resource['s_extension'];
$size = explode('x', osc_thumbnail_dimensions());
ImageResizer::fromFile($path_normal)->resizeTo($size[0], $size[1])->saveToFile($path);
osc_run_hook('regenerated_image', ItemResource::newInstance()->findByPrimaryKey($resource['pk_i_id']));
} else {
// no es imagen o imagen sin extesión
}
}
osc_add_flash_ok_message(_m('Re-generation complete'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=media');
break;
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'add':
$this->doView("plugins/add.php");
break;
case 'add_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action cannot be done because is a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=plugins');
}
$package = Params::getFiles("package");
if (isset($package['size']) && $package['size'] != 0) {
$path = osc_plugins_path();
(int) ($status = osc_unzip_file($package['tmp_name'], $path));
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The plugin folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
$msg = _m('The plugin has been uploaded correctly');
osc_add_flash_ok_message($msg, 'admin');
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the plugin');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'install':
$pn = Params::getParam("plugin");
// CATCH FATAL ERRORS
$old_value = error_reporting(0);
register_shutdown_function(array($this, 'errorHandler'), $pn);
$installed = Plugins::install($pn);
if ($installed) {
//run this after installing the plugin
Plugins::runHook('install_' . $pn);
osc_add_flash_ok_message(_m('Plugin installed'), 'admin');
} else {
osc_add_flash_error_message(_m('Error: Plugin already installed'), 'admin');
}
error_reporting($old_value);
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'uninstall':
$pn = Params::getParam("plugin");
Plugins::runHook($pn . '_uninstall');
Plugins::uninstall($pn);
osc_add_flash_ok_message(_m('Plugin uninstalled'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'enable':
$pn = Params::getParam("plugin");
// CATCH FATAL ERRORS
$old_value = error_reporting(0);
register_shutdown_function(array($this, 'errorHandler'), $pn);
$enabled = Plugins::activate($pn);
if ($enabled) {
Plugins::runHook($pn . '_enable');
osc_add_flash_ok_message(_m('Plugin enabled'), 'admin');
} else {
osc_add_flash_error_message(_m('Error: Plugin already enabled'), 'admin');
}
error_reporting($old_value);
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'disable':
$pn = Params::getParam("plugin");
Plugins::runHook($pn . '_disable');
Plugins::deactivate($pn);
osc_add_flash_ok_message(_m('Plugin disabled'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
case 'admin':
global $active_plugins;
$plugin = Params::getParam("plugin");
if ($plugin != "") {
Plugins::runHook($plugin . '_configure');
}
break;
case 'admin_post':
Plugins::runHook('admin_post');
case 'renderplugin':
global $active_plugins;
$file = Params::getParam("file");
if ($file != "") {
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
//$_GET[$get_vars[1][$var_k]] = $get_vars[2][$var_k];
//$_REQUEST[$get_vars[1][$var_k]] = $get_vars[2][$var_k];
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = $_REQUEST['file'];
}
$this->_exportVariableToView("file", osc_plugins_path() . $file);
//osc_renderPluginView($file);
$this->doView("plugins/view.php");
}
break;
case 'render':
$file = Params::getParam("file");
if ($file != "") {
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = $_REQUEST['file'];
}
$this->_exportVariableToView("file", ABS_PATH . $file);
$this->doView("theme/view.php");
}
break;
case 'configure':
$plugin = Params::getParam("plugin");
if ($plugin != '') {
$plugin_data = Plugins::getInfo($plugin);
$this->_exportVariableToView("categories", Category::newInstance()->toTreeAll());
$this->_exportVariableToView("selected", PluginCategory::newInstance()->listSelected($plugin_data['short_name']));
$this->_exportVariableToView("plugin_data", $plugin_data);
$this->doView("plugins/configuration.php");
} else {
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
}
break;
case 'configure_post':
$plugin_short_name = Params::getParam("plugin_short_name");
$categories = Params::getParam("categories");
if ($plugin_short_name != "") {
Plugins::cleanCategoryFromPlugin($plugin_short_name);
if (isset($categories)) {
Plugins::addToCategoryPlugin($categories, $plugin_short_name);
}
} else {
osc_add_flash_error_message(_m('No plugin selected'), 'admin');
$this->doView("plugins/index.php");
}
osc_add_flash_ok_message(_m('Configuration was saved'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=plugins");
break;
default:
$this->_exportVariableToView("plugins", Plugins::listAll());
$this->doView("plugins/index.php");
}
}
function doModel()
{
parent::doModel();
//specific things for this class
switch ($this->action) {
case 'add':
$this->doView("appearance/add.php");
break;
case 'add_post':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=appearance');
}
osc_csrf_check();
$filePackage = Params::getFiles('package');
if (isset($filePackage['size']) && $filePackage['size'] != 0) {
$path = osc_themes_path();
(int) ($status = osc_unzip_file($filePackage['tmp_name'], $path));
@unlink($filePackage['tmp_name']);
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The theme folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
$msg = _m('The theme has been installed correctly');
osc_add_flash_ok_message($msg, 'admin');
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the theme');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
break;
case 'delete':
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=appearance');
}
osc_csrf_check();
$theme = Params::getParam('webtheme');
if ($theme != '') {
if ($theme != osc_current_web_theme()) {
if (file_exists(osc_content_path() . "themes/" . $theme . "/functions.php")) {
include osc_content_path() . "themes/" . $theme . "/functions.php";
}
osc_run_hook("theme_delete_" . $theme);
if (osc_deleteDir(osc_content_path() . "themes/" . $theme . "/")) {
osc_add_flash_ok_message(_m("Theme removed successfully"), "admin");
} else {
osc_add_flash_error_message(_m("There was a problem removing the theme"), "admin");
}
} else {
osc_add_flash_error_message(_m("Current theme can not be deleted"), "admin");
}
} else {
osc_add_flash_error_message(_m("No theme selected"), "admin");
}
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
break;
/* widgets */
/* widgets */
case 'widgets':
$info = WebThemes::newInstance()->loadThemeInfo(osc_theme());
$this->_exportVariableToView("info", $info);
$this->doView('appearance/widgets.php');
break;
case 'add_widget':
$this->doView('appearance/add_widget.php');
break;
case 'edit_widget':
$id = Params::getParam('id');
$widget = Widget::newInstance()->findByPrimaryKey($id);
$this->_exportVariableToView("widget", $widget);
$this->doView('appearance/add_widget.php');
break;
case 'delete_widget':
osc_csrf_check();
Widget::newInstance()->delete(array('pk_i_id' => Params::getParam('id')));
osc_add_flash_ok_message(_m('Widget removed correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
break;
case 'edit_widget_post':
osc_csrf_check();
if (!osc_validate_text(Params::getParam("description"))) {
osc_add_flash_error_message(_m('Description field is required'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
}
$res = Widget::newInstance()->update(array('s_description' => Params::getParam('description'), 's_content' => Params::getParam('content', false, false)), array('pk_i_id' => Params::getParam('id')));
if ($res) {
osc_add_flash_ok_message(_m('Widget updated correctly'), 'admin');
} else {
osc_add_flash_error_message(_m('Widget cannot be updated correctly'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
break;
case 'add_widget_post':
osc_csrf_check();
if (!osc_validate_text(Params::getParam("description"))) {
osc_add_flash_error_message(_m('Description field is required'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
}
Widget::newInstance()->insert(array('s_location' => Params::getParam('location'), 'e_kind' => 'html', 's_description' => Params::getParam('description'), 's_content' => Params::getParam('content', false, false)));
osc_add_flash_ok_message(_m('Widget added correctly'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance&action=widgets");
break;
/* /widget */
/* /widget */
case 'activate':
osc_csrf_check();
osc_set_preference('theme', Params::getParam('theme'));
osc_add_flash_ok_message(_m('Theme activated correctly'), 'admin');
osc_run_hook("theme_activate", Params::getParam('theme'));
$this->redirectTo(osc_admin_base_url(true) . "?page=appearance");
break;
case 'render':
if (Params::existParam('route')) {
$routes = Rewrite::newInstance()->getRoutes();
$rid = Params::getParam('route');
$file = '../';
if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
$file = $routes[$rid]['file'];
}
} else {
// DEPRECATED: Disclosed path in URL is deprecated, use routes instead
// This will be REMOVED in 3.6
$file = Params::getParam('file');
// We pass the GET variables (in case we have somes)
if (preg_match('|(.+?)\\?(.*)|', $file, $match)) {
$file = $match[1];
if (preg_match_all('|&([^=]+)=([^&]*)|', urldecode('&' . $match[2] . '&'), $get_vars)) {
for ($var_k = 0; $var_k < count($get_vars[1]); $var_k++) {
Params::setParam($get_vars[1][$var_k], $get_vars[2][$var_k]);
}
}
} else {
$file = Params::getParam('file');
}
}
if (strpos($file, '../') !== false || strpos($file, '..\\') !== false || !file_exists(osc_base_path() . $file)) {
osc_add_flash_warning_message(__('Error loading theme custom file'), 'admin');
}
$this->_exportVariableToView('file', osc_base_path() . $file);
$this->doView('appearance/view.php');
break;
default:
if (Params::getParam('checkUpdated') != '') {
osc_admin_toolbar_update_themes(true);
}
$themes = WebThemes::newInstance()->getListThemes();
//preparing variables for the view
$this->_exportVariableToView("themes", $themes);
$this->doView('appearance/index.php');
break;
}
}
public static function ajaxPayment()
{
$status = AuthorizePayment::processPayment();
if ($status == PAYMENT_PRO_COMPLETED) {
payment_pro_cart_drop();
osc_add_flash_ok_message(sprintf(__('Success! Please write down this transaction ID in case you have any problem: %s', 'payment_pro'), Params::getParam('braintree_transaction_id')));
payment_pro_js_redirect_to(osc_route_url('payment-pro-done', array('tx' => Params::getParam('braintree_transaction_id'))));
} else {
if ($status == PAYMENT_PRO_ALREADY_PAID) {
payment_pro_cart_drop();
osc_add_flash_warning_message(__('Warning! This payment was already paid', 'payment_pro'));
payment_pro_js_redirect_to(osc_route_url('payment-pro-done', array('tx' => Params::getParam('authorize_transaction_id'))));
} else {
printf(__('There were an error processing your payment: %s', 'payment_pro'), Params::getParam('authorize_error'));
}
}
}
function doModel()
{
parent::doModel();
switch($this->action) {
case('add'): // callin add view
$this->_exportVariableToView( 'admin', null );
$this->doView('admins/frm.php');
break;
case('add_post'): if( defined('DEMO') ) {
osc_add_flash_warning_message( _m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
osc_csrf_check();
// adding a new admin
$sPassword = Params::getParam('s_password', false, false);
$sName = Params::getParam('s_name');
$sEmail = Params::getParam('s_email');
$sUserName = Params::getParam('s_username');
$bModerator = Params::getParam('b_moderator')==0?0:1;
// cleaning parameters
$sPassword = strip_tags($sPassword);
$sPassword = trim($sPassword);
$sName = strip_tags($sName);
$sName = trim($sName);
$sEmail = strip_tags($sEmail);
$sEmail = trim($sEmail);
$sUserName = strip_tags($sUserName);
$sUserName = trim($sUserName);
// Checks for legit data
if( !osc_validate_email($sEmail, true) ) {
osc_add_flash_warning_message( _m("Email invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
if( !osc_validate_username($sUserName) ) {
osc_add_flash_warning_message( _m("Username invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
if( $sName == '' ) {
osc_add_flash_warning_message( _m("Name invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true).'?page=admins&action=add');
}
if( $sPassword == '' ) {
osc_add_flash_warning_message( _m("Password invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
$admin = $this->adminManager->findByEmail($sEmail);
if( $admin ) {
osc_add_flash_warning_message( _m("Email already in use"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
$admin = $this->adminManager->findByUsername($sUserName);
if( $admin ) {
osc_add_flash_warning_message( _m("Username already in use"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=add');
}
$array = array(
's_password' => osc_hash_password($sPassword),
's_name' => $sName,
's_email' => $sEmail,
's_username' => $sUserName,
'b_moderator' => $bModerator
);
$isInserted = $this->adminManager->insert($array);
if( $isInserted ) {
// send email
osc_run_hook('hook_email_new_admin', array(
's_name' => $sName,
's_username' => $sUserName,
's_password' => $sPassword,
's_email' => $sEmail
)
);
osc_add_flash_ok_message( _m('The admin has been added'), 'admin');
} else {
osc_add_flash_error_message( _m('There has been an error adding a new admin'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true).'?page=admins');
break;
case('edit'): // calling edit admin view
$adminEdit = null;
$adminId = Params::getParam('id');
if( $adminId != '' ) {
$adminEdit = $this->adminManager->findByPrimaryKey((int) $adminId);
} elseif( Session::newInstance()->_get('adminId') != '') {
$adminEdit = $this->adminManager->findByPrimaryKey( Session::newInstance()->_get('adminId') );
}
if( count($adminEdit) == 0 ) {
osc_add_flash_error_message( _m('There is no admin with this id'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
$this->_exportVariableToView("admin", $adminEdit);
$this->doView('admins/frm.php');
break;
case('edit_post'): if( defined('DEMO') ) {
osc_add_flash_warning_message( _m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
osc_csrf_check();
// updating a new admin
$iUpdated = 0;
$adminId = Params::getParam('id');
$sPassword = Params::getParam('s_password', false, false);
$sPassword2 = Params::getParam('s_password2', false, false);
$sOldPassword = Params::getParam('old_password', false, false);
$sName = Params::getParam('s_name');
$sEmail = Params::getParam('s_email');
$sUserName = Params::getParam('s_username');
$bModerator = Params::getParam('b_moderator')==0?0:1;
// cleaning parameters
$sPassword = strip_tags($sPassword);
$sPassword = trim($sPassword);
$sPassword2 = strip_tags($sPassword2);
$sPassword2 = trim($sPassword2);
$sName = strip_tags($sName);
$sName = trim($sName);
$sEmail = strip_tags($sEmail);
$sEmail = trim($sEmail);
$sUserName = strip_tags($sUserName);
$sUserName = trim($sUserName);
// Checks for legit data
if( !osc_validate_email($sEmail, true) ) {
osc_add_flash_warning_message( _m("Email invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
if( !osc_validate_username($sUserName) ) {
osc_add_flash_warning_message( _m("Username invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
if( $sName == '' ) {
osc_add_flash_warning_message( _m("Name invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
$aAdmin = $this->adminManager->findByPrimaryKey($adminId);
if( count($aAdmin) == 0 ) {
osc_add_flash_error_message( _m("This admin doesn't exist"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
if( $aAdmin['s_email'] != $sEmail ) {
if($this->adminManager->findByEmail( $sEmail ) ) {
osc_add_flash_warning_message( _m('Existing email'), 'admin');
$this->redirectTo(osc_admin_base_url(true).'?page=admins&action=edit&id=' . $adminId);
}
}
if( $aAdmin['s_username'] != $sUserName ) {
if( $this->adminManager->findByUsername( $sUserName ) ) {
osc_add_flash_warning_message( _m('Existing username'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
}
$conditions = array('pk_i_id' => $adminId);
$array = array();
if(osc_logged_admin_id()==$adminId) {
if($sOldPassword != '' ) {
if( $sPassword=='' ) {
osc_add_flash_warning_message( _m("Password invalid"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
} else {
$firstCondition = osc_verify_password($sOldPassword, $aAdmin['s_password']);
$secondCondition = ( $sPassword == $sPassword2 );
if( $firstCondition && $secondCondition ) {
$array['s_password'] = osc_hash_password($sPassword);
} else {
osc_add_flash_warning_message( _m("The password couldn't be updated. Passwords don't match"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
}
}
} else {
if( $sPassword!='') {
if($sPassword == $sPassword2) {
$array['s_password'] = osc_hash_password($sPassword);
} else {
osc_add_flash_warning_message( _m("The password couldn't be updated. Passwords don't match"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $adminId);
}
}
}
if($adminId!=osc_logged_admin_id()) {
$array['b_moderator'] = $bModerator;
}
$array['s_name'] = Params::getParam('s_name');
$array['s_username'] = $sUserName;
$array['s_email'] = $sEmail;
$iUpdated = $this->adminManager->update($array, $conditions);
if( $iUpdated > 0 ) {
osc_add_flash_ok_message( _m('The admin has been updated'), 'admin');
}
if( $this->isModerator() ) {
$this->redirectTo(osc_admin_base_url(true));
} else {
$this->redirectTo(osc_admin_base_url(true).'?page=admins');
}
break;
case('delete'): if( defined('DEMO') ) {
osc_add_flash_warning_message( _m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
osc_csrf_check();
// deleting and admin
$isDeleted = false;
$adminId = Params::getParam('id');
if( !is_array($adminId) ) {
osc_add_flash_error_message( _m("The admin id isn't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
// Verification to avoid an administrator trying to remove to itself
if( in_array(Session::newInstance()->_get('adminId'), $adminId) ) {
osc_add_flash_error_message( _m("The operation hasn't been completed. You're trying to remove yourself!"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
}
$isDeleted = $this->adminManager->deleteBatch( $adminId );
if( $isDeleted ) {
osc_add_flash_ok_message( _m('The admin has been deleted correctly'), 'admin');
} else {
osc_add_flash_error_message( _m('The admin couldn\'t be deleted'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=admins');
break;
default:
if(Params::getParam("action")!="") {
osc_run_hook("admin_bulk_".Params::getParam("action"), Params::getParam('id'));
}
if( Params::getParam('iDisplayLength') == '' ) {
Params::setParam('iDisplayLength', 10 );
}
$p_iPage = 1;
if( is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1 ) {
$p_iPage = Params::getParam('iPage');
}
Params::setParam('iPage', $p_iPage);
$admins = $this->adminManager->listAll();
// pagination
$start = ($p_iPage-1) * Params::getParam('iDisplayLength');
$limit = Params::getParam('iDisplayLength');
$count = count( $admins );
$displayRecords = $limit;
if( ($start+$limit ) > $count ) {
$displayRecords = ($start+$limit) - $count;
}
// ----
$aData = array();
$max = ($start+$limit);
if($max > $count) $max = $count;
for($i = $start; $i < $max; $i++) {
$admin = $admins[$i];
$options = array();
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=admins&action=edit&id=' . $admin['pk_i_id'] . '">' . __('Edit') . '</a>';
$options[] = '<a onclick="return delete_dialog(\'' . $admin['pk_i_id'] . '\');" href="' . osc_admin_base_url(true) . '?page=admins&action=delete&id[]=' . $admin['pk_i_id'] . '">' . __('Delete') . '</a>';
$auxOptions = '<ul>'.PHP_EOL;
foreach( $options as $actual ) {
$auxOptions .= '<li>'.$actual.'</li>'.PHP_EOL;
}
$actions = '<div class="actions">'.$auxOptions.'</div>'.PHP_EOL;
$row = array();
$row[] = '<input type="checkbox" name="id[]" value="' . $admin['pk_i_id'] . '" />';
$row[] = $admin['s_username'] . $actions;
$row[] = $admin['s_name'];
$row[] = $admin['s_email'];
$aData[] = $row;
}
$array['iTotalRecords'] = $displayRecords;
$array['iTotalDisplayRecords'] = count($admins);
$array['iDisplayLength'] = $limit;
$array['aaData'] = $aData;
$page = (int)Params::getParam('iPage');
if(count($array['aaData']) == 0 && $page!=1) {
$total = (int)$array['iTotalDisplayRecords'];
$maxPage = ceil( $total / (int)$array['iDisplayLength'] );
$url = osc_admin_base_url(true).'?'.$_SERVER['QUERY_STRING'];
if($maxPage==0) {
$url = preg_replace('/&iPage=(\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if($page > 1) {
$url = preg_replace('/&iPage=(\d)+/', '&iPage='.$maxPage, $url);
$this->redirectTo($url);
}
}
$bulk_options = array(
array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')),
array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected admins?'), strtolower(__('Delete'))), 'label' => __('Delete'))
);
$bulk_options = osc_apply_filter("admin_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
$this->_exportVariableToView('aAdmins', $array);
// calling manage admins view
$this->doView('admins/index.php');
break;
}
}
function doModel()
{
switch ($this->action) {
case 'add':
// caliing add view
$this->doView('languages/add.php');
break;
case 'add_post':
// adding a new language
if (defined('DEMO')) {
osc_add_flash_warning_message(_m("This action can't be done because it's a demo site"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
osc_csrf_check();
$filePackage = Params::getFiles('package');
if (isset($filePackage['size']) && $filePackage['size'] != 0) {
$path = osc_translations_path();
(int) ($status = osc_unzip_file($filePackage['tmp_name'], $path));
@unlink($filePackage['tmp_name']);
} else {
$status = 3;
}
switch ($status) {
case 0:
$msg = _m('The translation folder is not writable');
osc_add_flash_error_message($msg, 'admin');
break;
case 1:
if (osc_checkLocales()) {
$msg = _m('The language has been installed correctly');
osc_add_flash_ok_message($msg, 'admin');
} else {
$msg = _m('There was a problem adding the language');
osc_add_flash_error_message($msg, 'admin');
}
break;
case 2:
$msg = _m('The zip file is not valid');
osc_add_flash_error_message($msg, 'admin');
break;
case 3:
$msg = _m('No file was uploaded');
osc_add_flash_warning_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . "?page=languages&action=add");
break;
case -1:
default:
$msg = _m('There was a problem adding the language');
osc_add_flash_error_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'edit':
// editing a language
$sLocale = Params::getParam('id');
if (!preg_match('/.{2}_.{2}/', $sLocale)) {
osc_add_flash_error_message(_m('Language id isn\'t in the correct format'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$aLocale = $this->localeManager->findByPrimaryKey($sLocale);
if (count($aLocale) == 0) {
osc_add_flash_error_message(_m('Language id doesn\'t exist'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$this->_exportVariableToView("aLocale", $aLocale);
$this->doView('languages/frm.php');
break;
case 'edit_post':
// edit language post
osc_csrf_check();
$iUpdated = 0;
$languageCode = Params::getParam('pk_c_code');
$enabledWebstie = Params::getParam('b_enabled');
$enabledBackoffice = Params::getParam('b_enabled_bo');
$languageName = Params::getParam('s_name');
$languageShortName = Params::getParam('s_short_name');
$languageDescription = Params::getParam('s_description');
$languageCurrencyFormat = Params::getParam('s_currency_format');
$languageDecPoint = Params::getParam('s_dec_point');
$languageNumDec = Params::getParam('i_num_dec');
$languageThousandsSep = Params::getParam('s_thousands_sep');
$languageDateFormat = Params::getParam('s_date_format');
$languageStopWords = Params::getParam('s_stop_words');
// formatting variables
if (!preg_match('/.{2}_.{2}/', $languageCode)) {
osc_add_flash_error_message(_m('Language id isn\'t in the correct format'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
$enabledWebstie = $enabledWebstie != '' ? true : false;
$enabledBackoffice = $enabledBackoffice != '' ? true : false;
$languageName = strip_tags($languageName);
$languageName = trim($languageName);
$languageShortName = strip_tags($languageShortName);
$languageShortName = trim($languageShortName);
$languageDescription = strip_tags($languageDescription);
$languageDescription = trim($languageDescription);
$languageCurrencyFormat = strip_tags($languageCurrencyFormat);
$languageCurrencyFormat = trim($languageCurrencyFormat);
$languageDateFormat = strip_tags($languageDateFormat);
$languageDateFormat = trim($languageDateFormat);
$languageStopWords = strip_tags($languageStopWords);
$languageStopWords = trim($languageStopWords);
$msg = '';
if (!osc_validate_text($languageName)) {
$msg .= _m("Language name field is required") . "<br/>";
}
if (!osc_validate_text($languageShortName)) {
$msg .= _m("Language short name field is required") . "<br/>";
}
if (!osc_validate_text($languageDescription)) {
$msg .= _m("Language description field is required") . "<br/>";
}
if (!osc_validate_text($languageCurrencyFormat)) {
$msg .= _m("Currency format field is required") . "<br/>";
}
if (!osc_validate_int($languageNumDec)) {
$msg .= _m("Number of decimals must only contain numeric characters") . "<br/>";
}
if ($msg != '') {
osc_add_flash_error_message($msg, 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages&action=edit&id=' . $languageCode);
}
$array = array('b_enabled' => $enabledWebstie, 'b_enabled_bo' => $enabledBackoffice, 's_name' => $languageName, 's_short_name' => $languageShortName, 's_description' => $languageDescription, 's_currency_format' => $languageCurrencyFormat, 's_dec_point' => $languageDecPoint, 'i_num_dec' => $languageNumDec, 's_thousands_sep' => $languageThousandsSep, 's_date_format' => $languageDateFormat, 's_stop_words' => $languageStopWords);
$iUpdated = $this->localeManager->update($array, array('pk_c_code' => $languageCode));
if ($iUpdated > 0) {
osc_add_flash_ok_message(sprintf(_m('%s has been updated'), $languageShortName), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'enable_selected':
osc_csrf_check();
$msg = _m('Selected languages have been enabled for the website');
$iUpdated = 0;
$aValues = array('b_enabled' => 1);
$id = Params::getParam('id');
if (!is_array($id)) {
osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
foreach ($id as $i) {
osc_translate_categories($i);
$iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
}
if ($iUpdated > 0) {
osc_add_flash_ok_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'disable_selected':
osc_csrf_check();
$msg = _m('Selected languages have been disabled for the website');
$msg_warning = '';
$iUpdated = 0;
$aValues = array('b_enabled' => 0);
$id = Params::getParam('id');
if (!is_array($id)) {
osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
foreach ($id as $i) {
if (osc_language() == $i) {
$msg_warning = sprintf(_m("%s can't be disabled because it's the default language"), osc_language());
continue;
}
$iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
}
if ($msg_warning != '') {
if ($iUpdated > 0) {
osc_add_flash_warning_message($msg . '</p><p>' . $msg_warning, 'admin');
} else {
osc_add_flash_warning_message($msg_warning, 'admin');
}
} else {
osc_add_flash_ok_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'enable_bo_selected':
osc_csrf_check();
$msg = _m('Selected languages have been enabled for the backoffice (oc-admin)');
$iUpdated = 0;
$aValues = array('b_enabled_bo' => 1);
$id = Params::getParam('id');
if (!is_array($id)) {
osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
foreach ($id as $i) {
osc_translate_categories($i);
$iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
}
if ($iUpdated > 0) {
osc_add_flash_ok_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'disable_bo_selected':
osc_csrf_check();
$msg = _m('Selected languages have been disabled for the backoffice (oc-admin)');
$msg_warning = '';
$iUpdated = 0;
$aValues = array('b_enabled_bo' => 0);
$id = Params::getParam('id');
if (!is_array($id)) {
osc_add_flash_warning_message(_m("The language ids aren't in the correct format"), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
}
foreach ($id as $i) {
if (osc_language() == $i) {
$msg_warning = sprintf(_m("%s can't be disabled because it's the default language"), osc_language());
continue;
}
$iUpdated += $this->localeManager->update($aValues, array('pk_c_code' => $i));
}
if ($msg_warning != '') {
if ($iUpdated > 0) {
osc_add_flash_warning_message($msg . '</p><p>' . $msg_warning, 'admin');
} else {
osc_add_flash_warning_message($msg_warning, 'admin');
}
} else {
osc_add_flash_ok_message($msg, 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
case 'delete':
osc_csrf_check();
if (is_array(Params::getParam('id'))) {
$default_lang = osc_language();
foreach (Params::getParam('id') as $code) {
if ($default_lang != $code) {
if ($this->localeManager->deleteLocale($code)) {
if (!osc_deleteDir(osc_translations_path() . $code)) {
osc_add_flash_error_message(sprintf(_m("Directory '%s' couldn't be removed"), $code), 'admin');
} else {
osc_add_flash_ok_message(sprintf(_m('Directory "%s" has been successfully removed'), $code), 'admin');
}
} else {
osc_add_flash_error_message(sprintf(_m("Directory '%s' couldn't be removed;)"), $code), 'admin');
}
} else {
osc_add_flash_error_message(sprintf(_m("Directory '%s' couldn't be removed because it's the default language. Set another language as default first and try again"), $code), 'admin');
}
}
}
$this->redirectTo(osc_admin_base_url(true) . '?page=languages');
break;
default:
if (Params::getParam('checkUpdated') != '') {
osc_admin_toolbar_update_languages(true);
}
if (Params::getParam("action") != "") {
osc_run_hook("language_bulk_" . Params::getParam("action"), Params::getParam('id'));
}
// -----
if (Params::getParam('iDisplayLength') == '') {
Params::setParam('iDisplayLength', 10);
}
// ?
$this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
$p_iPage = 1;
if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
$p_iPage = Params::getParam('iPage');
}
Params::setParam('iPage', $p_iPage);
$aLanguages = OSCLocale::newInstance()->listAll();
// pagination
$start = ($p_iPage - 1) * Params::getParam('iDisplayLength');
$limit = Params::getParam('iDisplayLength');
$count = count($aLanguages);
$displayRecords = $limit;
if ($start + $limit > $count) {
$displayRecords = $start + $limit - $count;
}
// ----
$aLanguagesToUpdate = json_decode(osc_get_preference('languages_to_update'));
$bLanguagesToUpdate = is_array($aLanguagesToUpdate) ? true : false;
// ----
$aData = array();
$max = $start + $limit;
if ($max > $count) {
$max = $count;
}
for ($i = $start; $i < $max; $i++) {
$l = $aLanguages[$i];
$row = array();
$row[] = '<input type="checkbox" name="id[]" value="' . $l['pk_c_code'] . '" />';
$options = array();
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=languages&action=edit&id=' . $l['pk_c_code'] . '">' . __('Edit') . '</a>';
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=languages&action=' . ($l['b_enabled'] == 1 ? 'disable_selected' : 'enable_selected') . '&id[]=' . $l['pk_c_code'] . '&' . osc_csrf_token_url() . '">' . ($l['b_enabled'] == 1 ? __('Disable (website)') : __('Enable (website)')) . '</a> ';
$options[] = '<a href="' . osc_admin_base_url(true) . '?page=languages&action=' . ($l['b_enabled_bo'] == 1 ? 'disable_bo_selected' : 'enable_bo_selected') . '&id[]=' . $l['pk_c_code'] . '&' . osc_csrf_token_url() . '">' . ($l['b_enabled_bo'] == 1 ? __('Disable (oc-admin)') : __('Enable (oc-admin)')) . '</a>';
$options[] = '<a onclick="return delete_dialog(\'' . $l['pk_c_code'] . '\');" href="' . osc_admin_base_url(true) . '?page=languages&action=delete&id[]=' . $l['pk_c_code'] . '&' . osc_csrf_token_url() . '">' . __('Delete') . '</a>';
$auxOptions = '<ul>' . PHP_EOL;
foreach ($options as $actual) {
$auxOptions .= '<li>' . $actual . '</li>' . PHP_EOL;
}
$actions = '<div class="actions">' . $auxOptions . '</div>' . PHP_EOL;
$sUpdate = '';
// get languages to update from t_preference
if ($bLanguagesToUpdate) {
if (in_array($l['pk_c_code'], $aLanguagesToUpdate)) {
$sUpdate = '<a class="btn-market-update btn-market-popup" href="#' . htmlentities($l['pk_c_code']) . '">' . __("Update here") . '</a>';
}
}
$row[] = $l['s_name'] . $sUpdate . $actions;
$row[] = $l['s_short_name'];
$row[] = $l['s_description'];
$row[] = $l['b_enabled'] ? __('Yes') : __('No');
$row[] = $l['b_enabled_bo'] ? __('Yes') : __('No');
$aData[] = $row;
}
// ----
$array['iTotalRecords'] = $displayRecords;
$array['iTotalDisplayRecords'] = count($aLanguages);
$array['iDisplayLength'] = $limit;
$array['aaData'] = $aData;
$page = (int) Params::getParam('iPage');
if (count($array['aaData']) == 0 && $page != 1) {
$total = (int) $array['iTotalDisplayRecords'];
$maxPage = ceil($total / (int) $array['iDisplayLength']);
$url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
if ($maxPage == 0) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
$this->redirectTo($url);
}
if ($page > 1) {
$url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
$this->redirectTo($url);
}
}
$this->_exportVariableToView('aLanguages', $array);
$bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'enable_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Enable (Website)'))), 'label' => __('Enable (Website)')), array('value' => 'disable_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Disable (Website)'))), 'label' => __('Disable (Website)')), array('value' => 'enable_bo_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Enable (oc-admin)'))), 'label' => __('Enable (oc-admin)')), array('value' => 'disable_bo_selected', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Disable (oc-admin)'))), 'label' => __('Disable (oc-admin)')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected languages?'), strtolower(__('Delete'))), 'label' => __('Delete')));
$bulk_options = osc_apply_filter("language_bulk_filter", $bulk_options);
$this->_exportVariableToView('bulk_options', $bulk_options);
$this->doView('languages/index.php');
break;
}
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
if (Session::newInstance()->_getForm('countryId') != "") {
$countryId = Session::newInstance()->_getForm('countryId');
$regions = Region::newInstance()->findByCountry($countryId);
$this->_exportVariableToView('regions', $regions);
if (Session::newInstance()->_getForm('regionId') != "") {
$regionId = Session::newInstance()->_getForm('regionId');
$cities = City::newInstance()->findByRegion($regionId);
$this->_exportVariableToView('cities', $cities);
}
}
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post items'));
$this->redirectTo(osc_base_url(true));
}
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(true);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
// POST ITEM ( ADD ITEM )
$success = $mItems->add();
if ($success != 1 && $success != 2) {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_post_url());
} else {
Session::newInstance()->_dropkeepForm('meta_' . $key);
if ($success == 1) {
osc_add_flash_ok_message(_m('Check your inbox to verify your email address'));
} else {
osc_add_flash_ok_message(_m('Your item has been published'));
}
$itemId = Params::getParam('itemId');
$item = $this->itemManager->findByPrimaryKey($itemId);
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
}
break;
case 'item_edit':
// edit item
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView('item', $item);
osc_run_hook("before_item_edit", $item);
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
osc_add_flash_error_message(_m('Sorry, we don\'t have any items with that ID'));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$success = $mItems->edit();
osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id));
if ($success == 1) {
osc_add_flash_ok_message(_m('Great! We\'ve just updated your item'));
$this->redirectTo(osc_base_url(true) . "?page=item&id={$id}");
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['b_active'] == 0) {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_ok_message(_m('The item has been validated'));
} else {
osc_add_flash_error_message(_m('The item can\'t be validated'));
}
} else {
osc_add_flash_error_message(_m('The item has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", $id, $secret, $this->userId);
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_ok_message(_m('Your item has been deleted'));
} else {
osc_add_flash_error_message(_m('The item you are trying to delete couldn\'t be deleted'));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m('The item you are trying to delete couldn\'t be deleted'));
$this->redirectTo(osc_base_url());
}
break;
case 'mark':
$mItem = new ItemActions(false);
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
$mItem->mark($id, $as);
osc_add_flash_ok_message(_m('Thanks! That\'s very helpful'));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_send_friend_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$mItem = new ItemActions(false);
$success = $mItem->send_friend();
if ($success) {
Session::newInstance()->_clearVariables();
$this->redirectTo(osc_item_url());
} else {
$this->redirectTo(osc_item_send_friend_url());
}
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
if (empty($item)) {
osc_add_flash_error_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
$this->_exportVariableToView('item', $item);
if (osc_item_is_expired()) {
osc_add_flash_error_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
$this->doView('item-contact.php');
} else {
osc_add_flash_error_message(_m('You can\'t contact the seller, only registered users can'));
$this->redirectTo(osc_item_url());
}
}
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$category = Category::newInstance()->findByPrimaryKey($item['fk_i_category_id']);
if ($category['i_expiration_days'] > 0) {
$item_date = strtotime($item['dt_pub_date']) + $category['i_expiration_days'] * (24 * 3600);
$date = time();
if ($item_date < $date && $item['b_premium'] != 1) {
// The item is expired, we can not contact the seller
osc_add_flash_error_message(_m('We\'re sorry, but the item has expired. You can\'t contact the seller'));
$this->redirectTo(osc_item_url());
}
}
$mItem = new ItemActions(false);
$result = $mItem->contact();
if (is_string($result)) {
osc_add_flash_error_message($result);
} else {
osc_add_flash_ok_message(_m('We\'ve just sent an e-mail to the seller'));
}
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
osc_add_flash_error_message($msg);
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
osc_add_flash_info_message($msg);
break;
case 2:
$msg = _m('Your comment has been approved');
osc_add_flash_ok_message($msg);
break;
case 3:
$msg = _m('Please fill the required fields (name, email)');
osc_add_flash_warning_message($msg);
break;
case 4:
$msg = _m('Please type a comment');
osc_add_flash_warning_message($msg);
break;
case 5:
$msg = _m('Your comment has been marked as spam');
osc_add_flash_error_message($msg);
break;
}
$this->redirectTo(osc_item_url());
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_error_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_error_message(_m('The comment doesn\'t exist'));
$this->redirectTo(osc_item_url());
}
if ($aComment['b_active'] != 1) {
osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_ok_message(_m('The comment has been deleted'));
$this->redirectTo(osc_item_url());
break;
default:
if (Params::getParam('id') == '') {
$this->redirectTo(osc_base_url());
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist redirect to base url
if (count($item) == 0) {
osc_add_flash_error_message(_m('This item doesn\'t exist'));
$this->redirectTo(osc_base_url(true));
} else {
if ($item['b_active'] != 1) {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_error_message(_m('The item hasn\'t been validated. Please validate it in order to show it to the rest of users'));
} else {
osc_add_flash_error_message(_m('This item hasn\'t been validated'));
$this->redirectTo(osc_base_url(true));
}
} else {
if ($item['b_enabled'] == 0) {
osc_add_flash_error_message(_m('The item has been suspended'));
$this->redirectTo(osc_base_url(true));
}
}
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
$this->_exportVariableToView('items', array($item));
osc_run_hook('show_item', $item);
$this->doView('item.php');
}
break;
case 'dashboard':
//dashboard...
break;
}
}
function doModel()
{
//calling the view...
$locales = OSCLocale::newInstance()->listAllEnabled();
$this->_exportVariableToView('locales', $locales);
switch ($this->action) {
case 'item_add':
// post
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
$this->redirectTo(osc_user_login_url());
}
$countries = Country::newInstance()->listAll();
$regions = array();
if (isset($this->user['fk_c_country_code']) && $this->user['fk_c_country_code'] != '') {
$regions = Region::newInstance()->findByCountry($this->user['fk_c_country_code']);
} else {
if (count($countries) > 0) {
$regions = Region::newInstance()->findByCountry($countries[0]['pk_c_code']);
}
}
$cities = array();
if (isset($this->user['fk_i_region_id']) && $this->user['fk_i_region_id'] != '') {
$cities = City::newInstance()->findByRegion($this->user['fk_i_region_id']);
} else {
if (count($regions) > 0) {
$cities = City::newInstance()->findByRegion($regions[0]['pk_i_id']);
}
}
$this->_exportVariableToView('countries', $countries);
$this->_exportVariableToView('regions', $regions);
$this->_exportVariableToView('cities', $cities);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
if (Session::newInstance()->_getForm('countryId') != "") {
$countryId = Session::newInstance()->_getForm('countryId');
$regions = Region::newInstance()->findByCountry($countryId);
$this->_exportVariableToView('regions', $regions);
if (Session::newInstance()->_getForm('regionId') != "") {
$regionId = Session::newInstance()->_getForm('regionId');
$cities = City::newInstance()->findByRegion($regionId);
$this->_exportVariableToView('cities', $cities);
}
}
$this->_exportVariableToView('user', $this->user);
osc_run_hook('post_item');
$this->doView('item-post.php');
break;
case 'item_add_post':
//post_item
if (osc_reg_user_post() && $this->user == null) {
osc_add_flash_warning_message(_m('Only registered users are allowed to post listings'));
$this->redirectTo(osc_base_url(true));
}
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(true);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_post_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (!osc_is_web_user_logged_in()) {
$user = User::newInstance()->findByEmail($mItems->data['contactEmail']);
// The user exists but it's not logged
if (isset($user['pk_i_id'])) {
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_keepForm($key);
}
osc_add_flash_error_message(_m('A user with that email address already exists, if it is you, please log in'));
$this->redirectTo(osc_user_login_url());
}
}
// POST ITEM ( ADD ITEM )
$success = $mItems->add();
if ($success != 1 && $success != 2) {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_post_url());
} else {
Session::newInstance()->_dropkeepForm('meta_' . $key);
if ($success == 1) {
osc_add_flash_ok_message(_m('Check your inbox to validate your listing'));
} else {
osc_add_flash_ok_message(_m('Your listing has been published'));
}
$itemId = Params::getParam('itemId');
$item = $this->itemManager->findByPrimaryKey($itemId);
osc_run_hook('posted_item', $item);
$category = Category::newInstance()->findByPrimaryKey(Params::getParam('catId'));
View::newInstance()->_exportVariableToView('category', $category);
$this->redirectTo(osc_search_category_url());
}
break;
case 'item_edit':
// edit item
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$item = Item::newInstance()->findByPrimaryKey($id);
$form = count(Session::newInstance()->_getForm());
$keepForm = count(Session::newInstance()->_getKeepForm());
if ($form == 0 || $form == $keepForm) {
Session::newInstance()->_dropKeepForm();
}
$this->_exportVariableToView('item', $item);
osc_run_hook("before_item_edit", $item);
$this->doView('item-edit.php');
} else {
// add a flash message [ITEM NO EXISTE]
osc_add_flash_error_message(_m("Sorry, we don't have any listings with that ID"));
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
}
break;
case 'item_edit_post':
// recoger el secret y el
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s' AND i.fk_i_user_id IS NULL) OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$this->_exportVariableToView('item', $item[0]);
$mItems = new ItemActions(false);
// prepare data for ADD ITEM
$mItems->prepareData(false);
// set all parameters into session
foreach ($mItems->data as $key => $value) {
Session::newInstance()->_setForm($key, $value);
}
$meta = Params::getParam('meta');
if (is_array($meta)) {
foreach ($meta as $key => $value) {
Session::newInstance()->_setForm('meta_' . $key, $value);
Session::newInstance()->_keepForm('meta_' . $key);
}
}
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_edit_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$success = $mItems->edit();
osc_run_hook('edited_item', Item::newInstance()->findByPrimaryKey($id));
if ($success == 1) {
osc_add_flash_ok_message(_m("Great! We've just updated your listing"));
View::newInstance()->_exportVariableToView("item", Item::newInstance()->findByPrimaryKey($id));
$this->redirectTo(osc_item_url());
} else {
osc_add_flash_error_message($success);
$this->redirectTo(osc_item_edit_url($secret));
}
}
break;
case 'activate':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
// item doesn't exist
if (count($item) == 0) {
$this->do404();
return;
}
View::newInstance()->_exportVariableToView('item', $item[0]);
if ($item[0]['b_active'] == 0) {
// ACTIVETE ITEM
$mItems = new ItemActions(false);
$success = $mItems->activate($item[0]['pk_i_id'], $item[0]['s_secret']);
if ($success) {
osc_add_flash_ok_message(_m('The listing has been validated'));
} else {
osc_add_flash_error_message(_m("The listing can't be validated"));
}
} else {
osc_add_flash_warning_message(_m('The listing has already been validated'));
}
$this->redirectTo(osc_item_url());
break;
case 'item_delete':
$secret = Params::getParam('secret');
$id = Params::getParam('id');
$item = $this->itemManager->listWhere("i.pk_i_id = '%s' AND ((i.s_secret = '%s') OR (i.fk_i_user_id = '%d'))", addslashes($id), addslashes($secret), addslashes($this->userId));
if (count($item) == 1) {
$mItems = new ItemActions(false);
$success = $mItems->delete($item[0]['s_secret'], $item[0]['pk_i_id']);
if ($success) {
osc_add_flash_ok_message(_m('Your listing has been deleted'));
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
}
if ($this->user != null) {
$this->redirectTo(osc_user_list_items_url());
} else {
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m("The listing you are trying to delete couldn't be deleted"));
$this->redirectTo(osc_base_url());
}
break;
case 'mark':
$id = Params::getParam('id');
$as = Params::getParam('as');
$item = Item::newInstance()->findByPrimaryKey($id);
View::newInstance()->_exportVariableToView('item', $item);
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) {
// mark item if it's not a bot
$mItem = new ItemActions(false);
$mItem->mark($id, $as);
break;
}
}
osc_add_flash_ok_message(_m("Thanks! That's very helpful"));
$this->redirectTo(osc_item_url());
break;
case 'send_friend':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
$this->doView('item-send-friend.php');
break;
case 'send_friend_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("friendName", Params::getParam('friendName'));
Session::newInstance()->_setForm("friendEmail", Params::getParam('friendEmail'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
$this->redirectTo(osc_item_send_friend_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
$mItem = new ItemActions(false);
$success = $mItem->send_friend();
if ($success) {
Session::newInstance()->_clearVariables();
$this->redirectTo(osc_item_url());
} else {
$this->redirectTo(osc_item_send_friend_url());
}
break;
case 'contact':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
if (empty($item)) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
} else {
$this->_exportVariableToView('item', $item);
if (osc_item_is_expired()) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
if (osc_reg_user_can_contact() && osc_is_web_user_logged_in() || !osc_reg_user_can_contact()) {
$this->doView('item-contact.php');
} else {
osc_add_flash_error_message(_m("You can't contact the seller, only registered users can"));
$this->redirectTo(osc_item_url());
}
}
break;
case 'contact_post':
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
$this->_exportVariableToView('item', $item);
if (osc_recaptcha_private_key() != '' && Params::existParam("recaptcha_challenge_field")) {
if (!osc_check_recaptcha()) {
osc_add_flash_error_message(_m('The Recaptcha code is wrong'));
Session::newInstance()->_setForm("yourEmail", Params::getParam('yourEmail'));
Session::newInstance()->_setForm("yourName", Params::getParam('yourName'));
Session::newInstance()->_setForm("phoneNumber", Params::getParam('phoneNumber'));
Session::newInstance()->_setForm("message_body", Params::getParam('message'));
$this->redirectTo(osc_item_url());
return false;
// BREAK THE PROCESS, THE RECAPTCHA IS WRONG
}
}
if (osc_isExpired($item['dt_expiration'])) {
osc_add_flash_error_message(_m("We're sorry, but the listing has expired. You can't contact the seller"));
$this->redirectTo(osc_item_url());
}
$mItem = new ItemActions(false);
$result = $mItem->contact();
if (is_string($result)) {
osc_add_flash_error_message($result);
} else {
osc_add_flash_ok_message(_m("We've just sent an e-mail to the seller"));
}
$this->redirectTo(osc_item_url());
break;
case 'add_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
switch ($status) {
case -1:
$msg = _m('Sorry, we could not save your comment. Try again later');
osc_add_flash_error_message($msg);
break;
case 1:
$msg = _m('Your comment is awaiting moderation');
osc_add_flash_info_message($msg);
break;
case 2:
$msg = _m('Your comment has been approved');
osc_add_flash_ok_message($msg);
break;
case 3:
$msg = _m('Please fill the required field (email)');
osc_add_flash_warning_message($msg);
break;
case 4:
$msg = _m('Please type a comment');
osc_add_flash_warning_message($msg);
break;
case 5:
$msg = _m('Your comment has been marked as spam');
osc_add_flash_error_message($msg);
break;
}
$this->redirectTo(osc_item_url());
break;
case 'delete_comment':
$mItem = new ItemActions(false);
$status = $mItem->add_comment();
$itemId = Params::getParam('id');
$commentId = Params::getParam('comment');
$item = Item::newInstance()->findByPrimaryKey($itemId);
if (count($item) == 0) {
osc_add_flash_error_message(_m("This listing doesn't exist"));
$this->redirectTo(osc_base_url(true));
}
View::newInstance()->_exportVariableToView('item', $item);
if ($this->userId == null) {
osc_add_flash_error_message(_m('You must be logged in to delete a comment'));
$this->redirectTo(osc_item_url());
}
$commentManager = ItemComment::newInstance();
$aComment = $commentManager->findByPrimaryKey($commentId);
if (count($aComment) == 0) {
osc_add_flash_error_message(_m("The comment doesn't exist"));
$this->redirectTo(osc_item_url());
}
if ($aComment['b_active'] != 1) {
osc_add_flash_error_message(_m('The comment is not active, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
if ($aComment['fk_i_user_id'] != $this->userId) {
osc_add_flash_error_message(_m('The comment was not added by you, you cannot delete it'));
$this->redirectTo(osc_item_url());
}
$commentManager->deleteByPrimaryKey($commentId);
osc_add_flash_ok_message(_m('The comment has been deleted'));
$this->redirectTo(osc_item_url());
break;
default:
// if there isn't ID, show an error 404
if (Params::getParam('id') == '') {
$this->do404();
return;
}
if (Params::getParam('lang') != '') {
Session::newInstance()->_set('userLocale', Params::getParam('lang'));
}
$item = $this->itemManager->findByPrimaryKey(Params::getParam('id'));
// if item doesn't exist show an error 404
if (count($item) == 0) {
$this->do404();
return;
}
if ($item['b_active'] != 1) {
if ($this->userId == $item['fk_i_user_id']) {
osc_add_flash_warning_message(_m("The listing hasn't been validated. Please validate it in order to make it public"));
} else {
osc_add_flash_warning_message(_m("This listing hasn't been validated"));
$this->redirectTo(osc_base_url(true));
}
} else {
if ($item['b_enabled'] == 0) {
osc_add_flash_warning_message(_m('The listing has been suspended'));
$this->redirectTo(osc_base_url(true));
}
}
if (!osc_is_admin_user_logged_in()) {
require_once osc_lib_path() . 'osclass/user-agents.php';
foreach ($user_agents as $ua) {
if (preg_match('|' . $ua . '|', @$_SERVER['HTTP_USER_AGENT'])) {
$mStats = new ItemStats();
$mStats->increase('i_num_views', $item['pk_i_id']);
break;
}
}
}
foreach ($item['locale'] as $k => $v) {
$item['locale'][$k]['s_title'] = osc_apply_filter('item_title', $v['s_title']);
$item['locale'][$k]['s_description'] = nl2br(osc_apply_filter('item_description', $v['s_description']));
}
if ($item['fk_i_user_id'] != '') {
$user = User::newInstance()->findByPrimaryKey($item['fk_i_user_id']);
$this->_exportVariableToView('user', $user);
}
$this->_exportVariableToView('item', $item);
osc_run_hook('show_item', $item);
// redirect to the correct url just in case it has changed
$itemURI = str_replace(osc_base_url(), '', osc_item_url());
$URI = preg_replace('|^' . REL_WEB_URL . '|', '', $_SERVER['REQUEST_URI']);
// do not clean QUERY_STRING if permalink is not enabled
if (osc_rewrite_enabled()) {
$URI = str_replace('?' . $_SERVER['QUERY_STRING'], '', $URI);
} else {
$params_keep = array('page', 'id');
$params = array();
foreach (Params::getParamsAsArray('get') as $k => $v) {
if (in_array($k, $params_keep)) {
$params[] = "{$k}={$v}";
}
}
$URI = 'index.php?' . implode('&', $params);
}
// redirect to the correct url
if ($itemURI != $URI) {
$this->redirectTo(osc_base_url() . $itemURI);
}
$this->doView('item.php');
break;
}
}
function doModel()
{
switch (Params::getParam('type')) {
case 'add':
// calling add currency view
$aCurrency = array('pk_c_code' => '', 's_name' => '', 's_description' => '');
$this->_exportVariableToView('aCurrency', $aCurrency);
$this->_exportVariableToView('typeForm', 'add_post');
$this->doView('settings/currency_form.php');
break;
case 'add_post':
// adding a new currency
osc_csrf_check();
$currencyCode = Params::getParam('pk_c_code');
$currencyName = Params::getParam('s_name');
$currencyDescription = Params::getParam('s_description');
// cleaning parameters
$currencyName = trim(strip_tags($currencyName));
$currencyDescription = trim(strip_tags($currencyDescription));
$currencyCode = trim(strip_tags($currencyCode));
if (!preg_match('/^.{1,3}$/', $currencyCode)) {
osc_add_flash_error_message(_m('The currency code is not in the correct format'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
}
$fields = array('pk_c_code' => $currencyCode, 's_name' => $currencyName, 's_description' => $currencyDescription);
$isInserted = Currency::newInstance()->insert($fields);
if ($isInserted) {
osc_add_flash_ok_message(_m('Currency added'), 'admin');
} else {
osc_add_flash_error_message(_m("Currency couldn't be added"), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
break;
case 'edit':
// calling edit currency view
$currencyCode = Params::getParam('code');
$currencyCode = trim(strip_tags($currencyCode));
if ($currencyCode == '') {
osc_add_flash_warning_message(sprintf(_m("The currency code '%s' doesn't exist"), $currencyCode), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
}
$aCurrency = Currency::newInstance()->findByPrimaryKey($currencyCode);
if (!$aCurrency) {
osc_add_flash_warning_message(sprintf(_m("The currency code '%s' doesn't exist"), $currencyCode), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
}
$this->_exportVariableToView('aCurrency', $aCurrency);
$this->_exportVariableToView('typeForm', 'edit_post');
$this->doView('settings/currency_form.php');
break;
case 'edit_post':
// updating currency
osc_csrf_check();
$currencyName = Params::getParam('s_name');
$currencyDescription = Params::getParam('s_description');
$currencyCode = Params::getParam('pk_c_code');
// cleaning parameters
$currencyName = trim(strip_tags($currencyName));
$currencyDescription = trim(strip_tags($currencyDescription));
$currencyCode = trim(strip_tags($currencyCode));
if (!preg_match('/.{1,3}/', $currencyCode)) {
osc_add_flash_error_message(_m('Error: the currency code is not in the correct format'), 'admin');
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
}
$updated = Currency::newInstance()->update(array('s_name' => $currencyName, 's_description' => $currencyDescription), array('pk_c_code' => $currencyCode));
if ($updated == 1) {
osc_add_flash_ok_message(_m('Currency updated'), 'admin');
} else {
osc_add_flash_info_message(_m('No changes were made'), 'admin');
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
break;
case 'delete':
// deleting a currency
osc_csrf_check();
$rowChanged = 0;
$aCurrencyCode = Params::getParam('code');
if (!is_array($aCurrencyCode)) {
$aCurrencyCode = array($aCurrencyCode);
}
$msg_current = '';
foreach ($aCurrencyCode as $currencyCode) {
if (preg_match('/.{1,3}/', $currencyCode) && $currencyCode != osc_currency()) {
$rowChanged += Currency::newInstance()->delete(array('pk_c_code' => $currencyCode));
}
// foreign key error
if (Currency::newInstance()->getErrorLevel() == '1451') {
$msg_current .= sprintf('</p><p>' . _m("%s couldn't be deleted because it has listings associated to it"), $currencyCode);
} else {
if ($currencyCode == osc_currency()) {
$msg_current .= sprintf('</p><p>' . _m("%s couldn't be deleted because it's the default currency"), $currencyCode);
}
}
}
$msg = '';
$status = '';
switch ($rowChanged) {
case '0':
$msg = _m('No currencies have been deleted');
$status = 'error';
break;
case '1':
$msg = _m('One currency has been deleted');
$status = 'ok';
break;
default:
$msg = sprintf(_m('%s currencies have been deleted'), $rowChanged);
$status = 'ok';
break;
}
if ($status == 'ok' && $msg_current != '') {
$status = 'warning';
}
switch ($status) {
case 'error':
osc_add_flash_error_message($msg . $msg_current, 'admin');
break;
case 'warning':
osc_add_flash_warning_message($msg . $msg_current, 'admin');
break;
case 'ok':
osc_add_flash_ok_message($msg, 'admin');
break;
}
$this->redirectTo(osc_admin_base_url(true) . '?page=settings&action=currencies');
break;
default:
// calling the currencies view
$aCurrencies = Currency::newInstance()->listAll();
$this->_exportVariableToView('aCurrencies', $aCurrencies);
$this->doView('settings/currencies.php');
break;
}
}
